manualshive.com logo in svg

D-Link DXS-3400 SERIES, Web Ui Reference Manual

The D-Link DXS-3400 SERIES is a high-performance switch that allows for efficient network management. To ensure seamless operation, it is essential to refer to the comprehensive Web Ui Reference Manual. Download this manual for free at manualshive.com to explore all the features and optimize your network setup effortlessly.

Share
Download
background image

DXS-3400 Series Lite Layer 3 Stackable 10GbE Managed Switch Web UI Reference Guide 

359 

The additional fields that can be configured in 

Storm Control Port Settings

 are described below: 

Parameter 

Description 

KBPS Rise 

Enter the rise KBPS value used here. This option specifies the rise threshold 
value as a rate of kilobits per second at which traffic is received on the port. This 
value must be between 0 and 2147483647 Kbps.  

KBPS Low 

Enter the low KBPS value used here. This option specifies the low threshold value 
as a rate of kilobits per second at which traffic is received on the port. This value 
must be between 0 and 2147483647 Kbps. If the low KBPS is not specified, the 
default value is 80% of the specified risen KBPS. 

Click the 

Apply

 button to accept the changes made. 

 

After selecting the 

Level

 option as the 

Level Type

, the following parameters are available. 

 

Figure 9-86 Storm Control (Level Type - Level) Window 

 

The additional fields that can be configured in 

Storm Control Port Settings

 are described below: 

Parameter 

Description 

Level Rise 

Enter the rise level value used here. This option specifies the rise threshold value 
as a percentage of the total bandwidth per port at which traffic is received on the 
port. This value must be between 0% and 100%.  

Level Low 

Enter the low level value used here. This option specifies the low threshold value 
as a percentage of the total bandwidth per port at which traffic is received on the 
port. This value must be between 0% and 100%. If the low level is not specified, 
the default value is 80% of the specified risen level. 

Click the 

Apply

 button to accept the changes made. 

 

DoS Attack Prevention Settings 

This window is used to display and configure the Denial-of-Service (DoS) attack prevention settings. The following 
well-known DoS types which can be detected by most Switches: 

 

Land Attack:

 This type of attack involves IP packets where the source and destination address are set to the 

address of the target device. It may cause the target device to reply to itself continuously. 

 

Blat Attack

: This type of attack will send packets with the TCP/UDP source port equal to the destination port of 

the target device. It may cause the target device to respond to itself. 

 

TCP-Null:

 This type of attack involves port scanning by using specific packets which contain a sequence 

number of 0 and no flags. 

 

TCP-Xmas:

 This type of attack involves port scanning by using specific packets which contain a sequence 

number of 0 and the Urgent (URG), Push (PSH), and FIN flags. 

 

TCP SYN-FIN:

 This type of attack involves port scanning by using specific packets which contain SYN and FIN 

flags. 

 

TCP SYN SrcPort Less 1024:

 This type of attack involves port scanning by using specific packets which 

contain source port 0 to 1023 and SYN flag. 

 

Ping of Death Attack:

 A ping of death is a type of attack on a computer that involves sending a malformed or 

otherwise a malicious ping to a computer. A ping is normally 64 bytes in size (many computers cannot handle a 
ping larger than the maximum IP packet size which is 65535 bytes). The sending of a ping of this size can crash 
the target computer. Traditionally, this bug has been relatively easy to exploit. Generally, sending a 65536 byte 

Summary of Contents for DXS-3400 SERIES

Page 1: ......

Page 2: ... are trademarks of the D Link Corporation Microsoft and Windows are registered trademarks of the Microsoft Corporation Other trademarks and trade names may be used in this document to refer to either as the entities claiming the marks and the names or their products D Link Corporation disclaims any proprietary interest in trademarks and trade names other than its own 2016 D Link Corporation All ri...

Page 3: ...Status 10 Port GBIC 10 Port Auto Negotiation 11 Error Disable Settings 12 Jumbo Frame 13 Loopback Test 14 System Log 16 System Log Settings 16 System Log Discriminator Settings 17 System Log Server Settings 18 System Log 19 System Attack Log 19 Time and SNTP 20 Clock Settings 20 Time Zone Settings 20 SNTP Settings 22 Time Range 23 PTP Precise Time Protocol 24 PTP Global Settings 24 USB Console Set...

Page 4: ... Relay 58 DHCPv6 Relay 67 DHCP Auto Configuration 69 DNS 69 DNS Global Settings 70 DNS Name Server Settings 70 DNS Host Settings 71 NTP 71 NTP Global Settings 71 NTP Server Settings 73 NTP Peer Settings 73 NTP Access Group Settings 74 NTP Key Settings 75 NTP Interface Settings 76 NTP Associations 77 NTP Status 78 IP Source Interface 78 File System 80 Stacking 81 Physical Stacking 85 Stacking Bandw...

Page 5: ...ration Identification 140 STP Instance 141 MSTP Port Information 142 ERPS G 8032 143 ERPS 143 ERPS Profile 147 Loopback Detection 148 Link Aggregation 150 L2 Protocol Tunnel 152 L2 Multicast Control 154 IGMP Snooping 154 MLD Snooping 163 Multicast VLAN 172 PIM Snooping 176 Multicast Filtering 178 LLDP 179 LLDP Global Settings 179 LLDP Port Settings 181 LLDP Management Address List 182 LLDP Basic T...

Page 6: ...07 IPv6 General Prefix 207 RIP 208 RIP Settings 208 RIP Distribute List 210 RIP Interface Settings 210 RIP Database 211 RIPng 212 RIPng Settings 212 RIPng Interface Settings 213 RIPng Database 214 IP Multicast Routing Protocol 214 IPMC 214 IPv6MC 216 BFD 217 BFD Settings 217 BFD Neighbor Table 218 IP Route Filter 219 Route Map 219 Policy Route 222 VRRP Settings 222 VRRPv3 Settings 224 7 Quality of...

Page 7: ...erface Settings 256 QCN CNPV Interface Simple 257 QCN CP Interface Settings 258 QCN CP Counters 259 QCN CPID Table 259 iSCSI 260 iSCSI Settings 260 iSCSI Sessions 261 8 Access Control List ACL 262 ACL Configuration Wizard 262 Step 1 Create Update 262 Step 2 Select Packet Type 263 Step 3 Add Rule 263 Step 4 Apply Port 271 ACL Access List 272 Standard IP ACL 274 Extended IP ACL 275 Standard IPv6 ACL...

Page 8: ...rver Settings 317 TACACS Statistic 319 IMPB 319 IPv4 319 IPv6 332 DHCP Server Screening 337 DHCP Server Screening Global Settings 338 DHCP Server Screening Port Settings 339 ARP Spoofing Prevention 339 BPDU Attack Protection 340 NetBIOS Filtering 341 MAC Authentication 342 Web based Access Control 344 Web Authentication 346 WAC Port Settings 346 WAC Customize Page 347 Network Access Authentication...

Page 9: ...ation Settings 386 Ethernet OAM Event Log Table 389 Ethernet OAM Statistics Table 389 Ethernet OAM DULD Settings 390 DDM 391 DDM Settings 392 DDM Temperature Threshold Settings 393 DDM Voltage Threshold Settings 393 DDM Bias Current Threshold Settings 394 DDM TX Power Threshold Settings 394 DDM RX Power Threshold Settings 395 DDM Status Table 396 11 Monitoring 397 VLAN Counter 397 Utilization 398 ...

Page 10: ...ion Restore Backup 423 Configuration Restore from HTTP 423 Configuration Restore from TFTP 424 Configuration Restore from FTP 424 Configuration Restore from RCP 425 Configuration Backup to HTTP 426 Configuration Backup to TFTP 426 Configuration Backup to FTP 427 Configuration Backup to RCP 428 Log Backup 428 Log Backup to HTTP 428 Log Backup to TFTP 429 Log Backup to RCP 429 Ping 430 Trace Route 4...

Page 11: ... bundled with the Switch or from the D Link website Other documents related to the Switch are DXS 3400 Series Hardware Installation Guide DXS 3400 Series CLI Reference Guide Typographical Conventions Convention Description Boldface Font Indicates a button a toolbar icon menu or menu item For example Open the File menu and choose Cancel Used for emphasis May also indicate system messages or prompts...

Page 12: ...e incoming SNMP messages and responds to requests with MIB objects stored in the database The SNMP agent updates the MIB objects to generate statistics and counters Web User Interface Web UI The Web UI can be accessed from any computer running web browsing software from its MGMT port or LAN port when it is connected to any of the RJ45 or SFP SFP ports The Web UI on the Switch can also be accessed ...

Page 13: ...credentials will be required to access the Web UI During the sending and receiving of the login password to and from the Switch this information will be protected using a strong encryption algorithm to prevent attackers from snooping this information to gain unauthorized access to the Switch Web User Interface Web UI The Web UI provides access to various Switch configuration and management windows...

Page 14: ...go to go to the D Link website AREA 2 This area displays a toolbar used to access Save and Tools menus AREA 3 This area displays a file explorer type menu tree with all configurable options Select the folder or window to display Open folders and click the hyperlinked window buttons and subfolders contained within them to display information pertaining to that category AREA 4 In this area the Switc...

Page 15: ...Information section the user can view a list of basic information regarding the Switch It appears automatically when you log on to the Switch To return to the Device Information window after viewing other windows click the DXS 3400 24TC link Figure 3 1 Device Information Window System Information Settings This window is used to display and configure the system information settings and management i...

Page 16: ...s made The fields that can be configured in Management Interface are described below Parameter Description State Select to enable or disable this interface here IPv4 Address Enter the IPv4 address for this interface here Subnet Mask Enter the IPv4 subnet mask for this interface here Gateway Enter the gateway IPv4 address for this interface here Description Enter the description for the management ...

Page 17: ... Temperature Threshold Settings are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here Thermal Select the thermal sensor ID High Threshold Enter the high threshold value of the warning temperature setting The range is from 100 to 200 Celsius degree Tick the Default check box to return to the default value Low Threshold Enter the low thre...

Page 18: ... Type Select the port medium type here Options to choose from are RJ45 and SFP Note Selecting the SFP option includes the use of SFP transceivers for 10G connectivity State Select this option to enable or disabled the physical port here MDIX Select the Medium Dependent Interface Crossover MDIX option here Options to choose from are Auto Normal and Cross Auto Select this option for auto sensing of ...

Page 19: ...ate the speed and flow control with its link partner For fiber ports auto negotiation will start to negotiate the clock and flow control with its link partner 100M Specifies to force the port speed to 100Mbps This option is only available for 100Mbps copper connections 1000M Specifies to force the port speed to 1Gbps This option is only available for 1Gbps fiber connections 1000M Master Specifies ...

Page 20: ...l port status and settings To view the following window click System Port Configuration Port Status as shown below Figure 3 5 Port Status Window The fields that can be configured are described below Parameter Description Unit Select the stacking unit ID of the Switch that will be displayed here Port GBIC This window is used to display active GBIC information found on each applicable physical port ...

Page 21: ...that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this display here Port Auto Negotiation This window is used to display detailed port auto negotiation information To view the following window click System Port Configuration Port Auto Negotiation as shown below ...

Page 22: ...ured are described below Parameter Description Unit Select the stacking unit ID of the Switch that will be displayed here Error Disable Settings This window is used to display and configure the error recovery for causes and to configure the recovery interval To view the following window click System Port Configuration Error Disable Settings as shown below ...

Page 23: ...e enable or disable the error disabled recovery feature here Interval Enter the time in seconds to recover the port from the error state caused by the specified module The range is from 5 to 86400 Click the Apply button to accept the changes made Jumbo Frame This window is used to display and configure the Jumbo Frame size and settings The Switch supports jumbo frames Jumbo frames are Ethernet fra...

Page 24: ...Port Select the appropriate port range used for the configuration here Maximum Receive Frame Size Enter the maximum receive frame size value here This value must be between 64 and 12288 bytes By default this value is 1536 bytes Click the Apply button to accept the changes made Loopback Test This window is used to display and configure the loopback settings of the physical port interfaces and to st...

Page 25: ...ernal loopback mode at the MAC layer Internal PHY Default Specifies the internal loopback mode at the PHY layer to test the default medium Internal PHY Copper Specifies the internal loopback mode at the PHY layer to test the copper medium Internal PHY Fiber Specifies the internal loopback mode at the PHY layer to test the fiber medium External MAC Specifies the external loopback mode at the MAC la...

Page 26: ...ed below Parameter Description Log State Select the enable or disable the system log feature s global state here Click the Apply button to accept the changes made The fields that can be configured for Source Interface Settings are described below Parameter Description Source Interface State Select this option to enable or disable the source interface s global state Type Select the type of interfac...

Page 27: ... that can be configured for Console Log Settings are described below Parameter Description Console Log State Select whether the enable or disable the console log s global state here Severity Select the severity value of the type of information that will be logged Options to choose from are 0 Emergencies 1 Alerts 2 Critical 3 Errors 4 Warnings 5 Notifications 6 Informational and 7 Debugging Discrim...

Page 28: ...e Drops and Includes Severity Select the severity behavior option and the value of the type of information that will be logged Behavior options to choose from are Drops and Includes Severity value options to choose from are 0 Emergencies 1 Alerts 2 Critical 3 Errors 4 Warnings 5 Notifications 6 Informational and 7 Debugging Click the Apply button to accept the changes made Click the Delete button ...

Page 29: ...rmational and 7 Debugging Facility Select the facility value here Options to choose from are 0 to 23 Discriminator Name Enter the discriminator name here This name can be up to 15 characters long Click the Apply button to accept the changes made Click the Delete button to delete the specified entry System Log This window is used to display and clear the system log To view the following window clic...

Page 30: ...me settings for the Switch To view the following window click System Time and SNTP Clock Settings as shown below Figure 3 16 Clock Settings Window The fields that can be configured are described below Parameter Description Time Enter the current time in hours HH minutes MM and seconds SS here For example 18 30 30 Date Enter the current day DD month MM and year YY here For example 30 04 2015 Click ...

Page 31: ...t and end on the specified week day of the specified month Date Setting Select to configure the summer time that should start and end on the specified date of the specified month Time Zone Select to specify your local time zone s offset from Coordinated Universal Time UTC The fields that can be configured in Recurring Settings are described below Parameter Description From Week of the Month Select...

Page 32: ...ill start From Year Enter the year that the summer time will start From Time Select the time of the day that summer time will start To Date of the Month Select date of the month that summer time will end To Month Select the month that summer time will end To Year Enter the year that the summer time will end To Time Select the time of the day that summer time will end Offset Enter the number of min...

Page 33: ...o view the following window click System Time Range as shown below Figure 3 19 Time Range Window The fields that can be configured are described below Parameter Description Range Name Enter the time profile s range name here This name can be up to 32 characters long From Week To Week Select the starting and ending days of the week that will be used for this time profile Tick the Daily option to us...

Page 34: ...add residence time to correct the field When the PTP function is disabled all Switch ports will forward the PTP packets according to the multicast filtering configuration PTP Mode Select the PTP mode here Click the Apply button to accept the changes made USB Console Settings This window is used to display and configure the USB console settings To view the following window click System USB Console ...

Page 35: ... fields that can be configured are described below Parameter Description SRM Prefer Mode Select the SRM prefer mode here Options to choose from are LAN Specifies that the Switch prefers the LAN switch mode IP Specifies that the Switch prefer the IP route mode L2VPN Specifies that the Switch prefer the Layer 2 VPN mode Click the Apply button to accept the changes made SRM Prefer Mode This window is...

Page 36: ...de 26 The fields that can be configured are described below Parameter Description SRM Prefer Mode Select the SRM prefer mode that will be used in the display here Options to choose from are LAN IP and L2VPN Click the Find button to generate the display based on the selections made ...

Page 37: ...the command itself along with information about the user account that entered the command into the system log Commands that do not cause a change in the Switch configuration or operation such as show will not be logged To view the following window click Management Command Logging as shown below Figure 4 1 Command Logging Window The fields that can be configured are described below Parameter Descri...

Page 38: ...re This value must be between 1 and 15 Password Type Select the password type for this user account here Options to choose from are None Plain Text and Encrypted Password After selecting either Plain Text or Encrypted as the password type enter the password for this user account here Click the Apply button to accept the changes made Click the Delete button to delete the specified user account entr...

Page 39: ...r may have the need to update a user s account because the password of the account was forgotten To view the following window click Management Password Recovery as shown below Figure 4 5 Password Recovery Window The fields that can be configured are described below Parameter Description Password Recovery State Select to enable or disable the password recovery feature here Enabling this feature all...

Page 40: ...re In the plain text form the password can be up to 32 characters long is case sensitive and can contain spaces In the encrypted form the password must be 35 bytes long and is case sensitive Click the Apply button to accept the changes made Click the Edit button to re configure the specified entry The fields that can be configured in Login Method are described below Parameter Description Login Met...

Page 41: ...sions 1 2c and 3 The three versions of SNMP vary in the level of security provided between the management station and the network device In SNMPv1 and SNMPv2c user authentication is accomplished using community strings which function like passwords The remote user SNMP application and the Switch SNMP must use the same community string SNMP packets from any station that has not been authenticated a...

Page 42: ...agement can be customized to suit the needs of the networks and the preferences of the network administrator Use the SNMPv3 menus to select the SNMP version used for specific tasks The administrator can specify the SNMP version used to monitor and control the Switch The three versions of SNMP vary in the level of security provided between the management station and the network device SNMP settings...

Page 43: ...rt link up notifications A linkup trap is generated when the device recognizes that one of the communication links has come up Port Link Down Tick this option to control the sending of port link down notifications A linkDown trap is generated when the device recognizes a failure in one of the communication links Coldstart Tick this option to control the sending of SNMP coldStart notifications Warm...

Page 44: ...s as shown below Figure 4 9 SNMP View Table Settings Window The fields that can be configured are described below Parameter Description View Name Type an alphanumeric string of up to 32 characters This is used to identify the new SNMP view being created Subtree OID Type the Object Identifier OID sub tree for the view The OID identifies an object tree MIB tree that will be included or excluded from...

Page 45: ... Select the key type for the SNMP community Options to choose from are Plain Text and Encrypted Community Name Enter an alphanumeric string of up to 32 characters that is used to identify members of an SNMP community This string is used like a password to give remote SNMP managers access to MIB objects in the Switch s SNMP agent View Name Enter an alphanumeric string of up to 32 characters that is...

Page 46: ...p user to use the SNMPv2c security model SNMPv3 Select to allow the group user to use the SNMPv3 security model Write View Name Enter the write view name that the group user can access Security Level When selecting SNMPv3 in the User based Security Model drop down list this option is available NoAuthNoPriv Specify that there will be no authorization and no encryption of packets sent between the Sw...

Page 47: ...ow Parameter Description Engine ID Enter the engine ID string with the maximum of 24 characters Click the Default button to revert the engine ID to the default Click the Apply button to accept the changes made SNMP User Table Settings This window is used to configure and display the SNMP users that are currently configured on the Switch To view the following window click Management SNMP SNMP User ...

Page 48: ...ion is in use based on the CBC DES DES 56 standard This field will require the user to enter a password or a key Password Enter the private protocol password here For none this field will be disabled For DES56 this password must be between 8 and 16 characters long Auth Protocol by Key When selecting v3 in the SNMP Version drop down list and selecting Key in the SNMP V3 Encryption drop down list th...

Page 49: ...NMPv3 Select to allow the group user to use the SNMPv3 security model Security Level When selecting SNMPv3 in the User based Security Model drop down list this option is available NoAuthNoPriv Specify that there will be no authorization and no encryption of packets sent between the Switch and a remote SNMP manager AuthNoPriv Specify that authorization will be required but there will be no encrypti...

Page 50: ...ing Alarm Trap Feature Click the Apply button to accept the changes made RMON Statistics Settings This window is used to configure and display the RMON statistics on the specified port To view the following window click Management RMON RMON Statistics Settings as shown below Figure 4 16 RMON Statistics Settings Window The fields that can be configured are described below Parameter Description Unit...

Page 51: ...Description Unit Select the Switch unit that will be used for this configuration here Port Select the port that will be used here Index Enter the history group table index The value is from 1 to 65535 Bucket Number Enter the number of buckets specified for the RMON collection history group of statistics The range is from 1 to 65535 The default value is 50 Interval Enter the time in seconds in each...

Page 52: ...o be sampled Type Select the monitoring type Options to choose from are Absolute and Delta Rising Threshold Enter the rising threshold value between 0 and 2147483647 Falling Threshold Enter the falling threshold value between 0 and 2147483647 Rising Event Number Enter the index of the event entry that is used to notify the rising threshold crossing event The valid range is from 1 to 65535 If not s...

Page 53: ...ong Type Select the RMON event entry type Options to choose from are None Log Trap and Log and Trap Community Enter the community string The string can be up to 127 characters Owner Enter the owner string The string can be up to 127 characters Click the Add button to add a new entry based on the information entered Click the Delete button to remove the specified entry Click the View Logs button to...

Page 54: ...configured in Source Interface are described below Parameter Description Source Interface State Select to enable or disable the source interface s state here Type Select the type of source interface that will be used here Options to choose from are Loopback Mgmt and VLAN VID Enter the interface s ID here For loopback interfaces the range is from 1 to 8 For the management Mgmt interface this value ...

Page 55: ...ault setting The value is from 0 to 1439 minutes 0 means never timeout The default value is 3 minutes Telnet Session Timeout Enter the time in minutes of the Telnet session timeout Tick the Default check box to return to the default setting The value is from 0 to 1439 minutes 0 means never timeout The default value is 3 minutes SSH Session Timeout Enter the time in minutes of the SSH session timeo...

Page 56: ...nfigure the DHCP class and the DHCP option matching pattern for the DCHP class To view the following window click Management DHCP DHCP Class Settings as shown below Figure 4 26 DHCP Class Settings Window The fields that can be configured are described below Parameter Description Class Name Enter the DHCP class name with a maximum of 32 characters Click the Apply button to accept the changes made C...

Page 57: ... be then utilize the IP address allocated by the DHCP server as its local configuration The user can configure many DHCP related parameters that it will utilize on its locally attached network to control and limit the IP settings of clients desiring an automatic IP configuration such as the lease time of the allotted IP address the range of IP addresses that will be allowed in its DHCP pool the ab...

Page 58: ...ly button to accept the changes made DHCP Server Pool Settings This window is used to display and configure the DHCP server pool settings To view the following window click Management DHCP DHCP Server DHCP Server Pool Settings as shown below Figure 4 29 DHCP Server Pool Settings Window The fields that can be configured are described below Parameter Description Pool Name Enter the DHCP server s poo...

Page 59: ...lete by Address button to remove the DHCP class association by address Click the Back button to return to the previous window After clicking the Edit Option button the following page will appear Figure 4 31 DHCP Server Pool Settings Edit Option Window The fields that can be configured are described below Parameter Description Option Enter the DHCP option number here The range is from 1 to 254 Type...

Page 60: ... Up to 8 IPv4 address can be entered here The IP address of the router should be on the same subnet as the client s subnet Routers are listed in the order of preference If default routers are already configured the default routers configured later will be added to the default interface list DNS Server Enter the IPv4 address to be used by the DHCP client as the DNS server here Up to 8 IPv4 address ...

Page 61: ... the router and the excluded address es specified here are available for allocation Multiple ranges of addresses can be excluded To remove a range of excluded addresses administrators must specify the exact range of addresses previously configured To view the following window click Management DHCP DHCP Server DHCP Server Exclude Address as shown below Figure 4 33 DHCP Server Exclude Address Window...

Page 62: ...the media type and the MAC address Click the Apply button to accept the changes made Click the Delete button to remove the specified entry DHCP Server Dynamic Binding This window is used to display and clear the DHCP server s dynamic binding entries To view the following window click Management DHCP DHCP Server DHCP Server Dynamic Binding as shown below Figure 4 35 DHCP Server Dynamic Binding Wind...

Page 63: ...s that can be configured are described below Parameter Description IP Address Enter the IPv4 address of the conflict entry to be located or cleared Pool Name Enter the DHCP server s pool name here This name can be up to 32 characters long Select the All option to clear the conflict entries for all pools Click the Find button to locate a specific entry based on the information entered Click the Cle...

Page 64: ... settings To view the following window click Management DHCP DHCPv6 Server DHCPv6 Server Pool Settings as shown below Figure 4 38 DHCPv6 Server Pool Settings Window The fields that can be configured are described below Parameter Description Pool Name Enter the DHCPv6 server s pool name here This name can be up to 12 characters long Click the Apply button to accept the changes made Click the Config...

Page 65: ...t valid lifetime will be 2592000 seconds 30 days Preferred Lifetime Enter the preferred lifetime value here The range is from 60 to 4294967295 seconds If this value is not specified then the default preferred lifetime will be 604800 seconds 7 days DNS Server Enter the DNS server s IPv6 address to be assigned to requesting DHCPv6 clients here Domain Name Enter the domain name to be assigned to requ...

Page 66: ... server s pool name here This name can be up to 12 characters long IPv6 Address Prefix Length Enter the IPv6 prefix address and prefix length of the local pool here Assigned Length Enter the prefix length to be delegated to the user from the pool here The value of the assigned length cannot be less than the value of the prefix length Click the Apply button to accept the changes made Click the Find...

Page 67: ... specified entry DHCPv6 Server Binding This window is used to display and clear the DHCPv6 server s binding entries To view the following window click Management DHCP DHCPv6 Server DHCPv6 Server Binding as shown below Figure 4 42 DHCPv6 Server Binding Window The fields that can be configured are described below Parameter Description IPv6 Address Enter the binding entry s IPv6 address to be display...

Page 68: ...s not allowed Preference Enter the preference value here Select the Allow Hint option to allow hints Interface Name Enter the interface s name here Click the Apply button to accept the changes made Click the Find button to locate a specific entry based on the information entered Click the Delete button to remove the specified entry Enter a page number and click the Go button to navigate to a speci...

Page 69: ...nfigure the DHCP relay pool on a DHCP relay agent To view the following window click Management DHCP DHCP Relay DHCP Relay Pool Settings as shown below Figure 4 46 DHCP Relay Pool Settings Window The fields that can be configured are described below Parameter Description Pool Name Enter the address pool name with a maximum of 32 characters Click the Apply button to accept the changes made Click th...

Page 70: ... to remove the specified entry Click the Back button to return to the previous window After clicking the Edit button under Destination the following window will appear Figure 4 48 DHCP Relay Pool Settings Destination Edit Window The fields that can be configured are described below Parameter Description Relay Destination Enter the relay destination DHCP server IP address Click the Apply button to ...

Page 71: ...it button the following window will appear Figure 4 50 DHCP Relay Pool Settings Class Edit Edit Window The fields that can be configured are described below Parameter Description Relay Target Enter the DHCP relay target for relaying packets that matches the value pattern of the option defined in the DHCP class Click the Apply button to accept the changes made Click the Delete button to remove the ...

Page 72: ...equest packet that already has the relay option is left unchanged and directly relayed to the DHCP server Drop Select to discard the packet that already has the relay option Replace Select that the DHCP request packet that already has the relay option will be replaced by a new option Information Option Select this option to enable or disable the insertion of relay agent information Option 82 durin...

Page 73: ...ircuit ID sub option Options to choose from are Default User Define and Vendor1 Default Select to use the default circuit ID sub option User Define Select to use a user defined circuit ID Enter the user defined string with the maximum of 32 characters in the text box Vendor1 Select to use vender 1 as the circuit ID Expert UDF Select to use the expert UDF circuit ID Select the stand alone unit form...

Page 74: ...er defined profile will be formatted as aa bb cc dd ee ff Uppercase Specifies that when using the uppercase format the Option 82 MAC address for the user defined profile username will be formatted as AA BB CC DD EE FF Delimiter Select the delimiter that will be used here Options to choose from are Hyphen Specifies that the format will be AA BB CC DD EE FF Colon Specifies that the format will be AA...

Page 75: ...bytes the translated key string should occupy If the actual length of the translated key string is less than the length specified by this option a fill indicator will be used to fill Otherwise this length option and fill indicator will be ignored and the actual string will be used directly keyword Indicates that the keyword will be translated based on the actual value of the system The following k...

Page 76: ...ted key strings and 0 9 A F a f and space characters The formatted key strings only support keywords that support hexadecimal values Spaces not in the formatted key string will be ignored Click the Apply button to accept the changes made Click the Find button to locate a specific entry based on the information entered Click the Edit button to re configure the specific entry Click the Delete button...

Page 77: ...maximum of 128 characters in the text box HEX Select to enter the hexadecimal string with a maximum of 256 characters in the text box IPv6 DHCP Relay Remote ID Policy Select to choose Option 37 forwarding policy for the DHCPv6 relay agent Options to choose from are Keep and Drop Keep Select that the DHCPv6 request packet that already has the relay agent Remote ID option is left unchanged and direc...

Page 78: ... number and click the Go button to navigate to a specific page when multiple pages exist DHCPv6 Local Relay VLAN This window is used to display and configure the DHCPv6 local relay VLAN settings This window is used to enable DHCPv6 local relay on a VLAN or a group of VLANs To view the following window click Management DHCP DHCPv6 Relay DHCPv6 Local Relay VLAN as shown below Figure 4 57 DHCPv6 Loca...

Page 79: ...Somewhere a database of network devices text names and their corresponding IP addresses must be maintained The Domain Name System DNS is used to map names to IP addresses throughout the Internet and has been adapted for use within intranets For two DNS servers to communicate across different subnets the DNS Relay of the Switch must be used The DNS servers are identified by IP addresses Mapping Dom...

Page 80: ...and configure the DNS global settings To view the following window click Management DNS DNS Global Settings as shown below Figure 4 59 DNS Global Settings Window The fields that can be configured are described below Parameter Description IP DNS Lookup Static State Select to enable or disable the IP DNS lookup static state here IP DNS Lookup Cache State Select to enable or disable the IP DNS lookup...

Page 81: ... Settings as shown below Figure 4 61 DNS Host Settings Window The fields that can be configured are described below Parameter Description Host Name Enter the host name of the equipment IP Address Select and enter the IPv4 address of the equipment IPv6 Address Select and enter the IPv6 address of the equipment Click the Apply button to accept the changes made Click the Clear All button to clear the...

Page 82: ...to accept the changes made The fields that can be configured in NTP Update Calendar are described below Parameter Description NTP Update Calendar Select to enable or disable the NTP update calendar feature here This is used to periodically update the hardware clock from an NTP source Click the Apply button to accept the changes made The fields that can be configured in NTP Settings are described b...

Page 83: ... is calculated as 2 to the power of the minimum poll interval value specified For example if the value specified here is 6 the minimum poll interval that will be used is 64 seconds 26 64 The range is from 3 to 16 Max Poll Enter the maximum poll value here This specifies the maximum poll interval for NTP messages This value is calculated as 2 to the power of the maximum poll interval value specifie...

Page 84: ...ower of the maximum poll interval value specified For example if the value specified here is 6 the maximum poll interval that will be used is 64 seconds 26 64 The range is from 4 to 17 Prefer Select whether or not this entry will be the preferred peer for synchronization Options to choose from are True and False Click the Apply button to accept the changes made Click the Delete button to delete th...

Page 85: ... cryptographically authenticated Version Select this option to deny packets that mismatch the current NTP version No Peer Select this option to deny packets that might mobilize an association unless authenticated The packets include broadcast symmetric active and manycast server packets when a configured association does not exist Note that this flag does not apply to packets that do not attempt t...

Page 86: ...dc utility program The range is from 1 to 255 Select the None option to disable this feature Click the Apply button to accept the changes made The fields that can be configured in NTP Key Settings are described below Parameter Description Key ID Enter the NTP key ID here The range is from 1 to 255 MD5 Enter the MD5 authentication key string here This string must be 32 characters long Trusted Key S...

Page 87: ...specified VLAN interface here Click the Edit button to re configure the specific entry Click the Apply button to accept the changes made Enter a page number and click the Go button to navigate to a specific page when multiple pages exist NTP Associations This window is used to display NTP association information To view the following window click Management NTP NTP Associations as shown below Figu...

Page 88: ...tus This window is used to display NTP status information To view the following window click Management NTP NTP Status as shown below Figure 4 70 NTP Status Window IP Source Interface This window is used to display and configure the IP source interface settings To view the following window click Management IP Source Interface as shown below ...

Page 89: ...Select to enable or disable the IP FTP source interface s state here Interface Type After enabling the Source Interface State option select the interface type here Options to choose from are Loopback Mgmt and VLAN VID Enter the interface s ID here For loopback interfaces this value is from 1 to 8 For the management interface Mgmt this value can only be 0 For VLAN interfaces this value is from 1 to...

Page 90: ... the path entered Click the Copy button to copy a specific file to the Switch Click the c hyperlink to navigate the C drive After clicking the c hyperlink the following window will appear Figure 4 73 File System Drive Window Click the Go button to navigate to the path entered Click the Previous button to return to the previous window Click the Create Directory to create a new directory within the ...

Page 91: ...pace provided Tick the Replace check box to replace the current running configuration with the indicated configuration file Click the Apply button to initiate the copy Click the Cancel button the discard the process Stacking The Switch supports stacking 4 Switches together while being managed by one console connection to any one of the console ports on the master Switch or by an IP address through...

Page 92: ... When the 4 port stacking configuration is used a full duplex speed of up to 80Gbps will be used between two Switches The figure below illustrates how Switches can be stacked in a Duplex Chain formation using Category 6a cables with RJ45 connectors where the 2 port stacking configuration is used Figure 4 75 Duplex Chain stacking topology RJ45 The figure below illustrates how Switches can be stacke...

Page 93: ...d to the same Switch in the stack Splitting logical stacking port pairs between different Switches in the stack might not guarantee a stable stacking connection Within each of these topologies each Switch plays a role in the Switch stack These roles can be set by the user per individual Switch or if desired can be automatically determined by the Switch stack Three possible roles exist when stackin...

Page 94: ...iscover the type of topology used elect a Primary Master and then a Backup Master Synchronization State Once the Primary Master and the Backup Master have been established the Primary Master will assign Stacking Unit IDs to Switches in the stack synchronize configurations for all Switches and then transmit commands to the rest of the Switches based on the users configurations of the Primary Master...

Page 95: ...Users can only get device information configure Box IDs save and reboot All stacking ports will be disabled and an error message will be produced on the local console port of each device in the stack Users must reconfigure Box IDs and reboot the stack Physical Stacking This window is used to display and configure the physical stacking settings To view the following window click Management Physical...

Page 96: ...sed between two Switches using ports 21 to 24 aggregated into two virtual stacking ports Ports 21 and 23 will act as SIO1 and ports 22 and 24 will act as SIO2 SIO1 is a logical stacking port pair and SIO2 is a logical stacking port pair A logical stacking port pair must always be connected to the same Switch in the stack Splitting logical stacking port pairs between different Switches in the stack...

Page 97: ...ize the management VLAN on any Switch SIM allows intermediate devices that do not support SIM This enables the user to manage Switches that are more than one hop away from the CS The SIM group is a group of Switches that are managed as a single entity The Switch may take on three different roles 1 Commander Switch CS This is a Switch that has been manually configured as the controlling device for ...

Page 98: ... and Maintenance packets that previously set SIM members will emit after a reboot Once a MS has had its MAC address and password saved to the CS s database if a reboot occurs in the MS the CS will keep this MS information in its database and when a MS has been rediscovered it will add the MS back into the SIM tree automatically No configuration will be necessary to rediscover these Switches There ...

Page 99: ...oup but is connected to a Commander Switch This is the default setting for the SIM role of the Switch Commander Select to make the Switch a Commander Switch CS The user may join other Switches to this Switch over Ethernet to be part of its SIM group Choosing this option will also enable the Switch to be configured for SIM Group Name Enter a group name This is optional This name is used to segment ...

Page 100: ...roup and requires Java script to function properly on your computer To view the following window click Management Virtual Stacking SIM Topology as shown below Figure 4 82 Topology Window The fields that can be configured are described below Parameter Description Device Name Display the Device Name of the Switches in the SIM group configured by the user If no device is configured by the name it wil...

Page 101: ...onding Switch To view the Topology View window open the View drop down menu in the toolbar and then click Topology which will open the following Topology Map This window will refresh itself periodically 20 seconds by default Figure 4 83 Topology View This window will display how the devices within the Single IP Management Group connect to other groups and devices Possible icons on this window are ...

Page 102: ...opology window tool tip will display the same information about a specific device as the Tree view does See the window below for an example Figure 4 84 Device Information Utilizing the Tool Tip Setting the mouse cursor over a line between two devices will display the connection speed between the two devices as shown below Figure 4 85 Port Speed Utilizing the Tool Tip Right Click Right clicking on ...

Page 103: ...e of the Switches in the SIM group configured by the user If no Device Name is configured by the name it will be given the name default and tagged with the last six digits of the MAC Address to identify it Module Name Display the full module name of the Switch that was right clicked MAC Address Display the MAC Address of the corresponding Switch Remote Port No Display the number of the physical po...

Page 104: ...Member Switch Icon Figure 4 89 Right clicking a Member icon The following options may appear for the user to configure Collapse To collapse the group that will be represented by a single icon Expand To expand the SIM group in detail Remove from group Remove a member from a group Configure Launch the web management to configure the Switch Property To pop up a window to display the device informatio...

Page 105: ...y View File Print Setup Will view the image to be printed Print Topology Will print the topology map Preference Will set display properties such as polling interval and the views to open at SIM startup Group Add to group Add a candidate to a group Clicking this option will reveal the following dialog box for the user to enter a password for authentication from the Candidate Switch before being add...

Page 106: ...lds that can be configured are described below Parameter Description TFTP Server IP Enter the TFTP server IP address Path Filename Enter the path and file name Click the Download button to update the firmware To specify a certain Switch for firmware download tick its corresponding check box Configuration File Backup Restore This window is used to display and upgrade configuration files from the Co...

Page 107: ...rver Upload Log File This window is used to display and upload log files from SIM member Switches to a specified PC To view the following window click Management Virtual Stacking SIM Upload Log File as shown below Figure 4 97 Upload Log File Window The fields that can be configured are described below Parameter Description TFTP Server IP Enter the TFTP server IP address Path Filename Enter the pat...

Page 108: ...erval between two consecutive DDP report messages Options to choose from are 30 60 90 120 seconds or Never Selecting Never specifies to stop sending report messages Click the Apply button to accept the changes made The fields that can be configured in DDP Port Settings are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To P...

Page 109: ...MTP IPv6 Server Address After selecting IPv6 as the SMTP IP type enter the SMTP server s IPv6 address here SMTP IPv4 Server Port After selecting IPv4 as the SMTP IP type enter the SMTP server s port number here The range is from 1 to 65535 By default this value is 25 SMTP IPv6 Server Port After selecting IPv6 as the SMTP IP type enter the SMTP server s port number here The range is from 1 to 65535...

Page 110: ... Unicast mode The client uses a unicast MAC address as the destination MAC address to reach the server Multicast mode The client uses a multicast MAC address as the destination MAC address to reach the server This destination MAC address is called the shared MAC address However the server uses its own MAC address rather than the shared MAC address as the source MAC address in the reply packet In o...

Page 111: ...ified MAC address it will be forwarded to the specified interface Unit Select the Switch s unit ID that will be used here From Port To Port Select the Switch s port range that will be used here Click the Apply button to accept the changes made Click the Delete All button to delete all the entries found in the display table Click the Delete button to delete the specified entry Enter a page number a...

Page 112: ... the port number on which the MAC address entered resides This option could also drop the MAC address from the unicast static FDB When selecting Port select the port number Unit Select the stacking unit ID of the Switch that will be configured here Port Number After selecting the Port option select the port number used here VID Enter the VLAN ID on which the associated unicast MAC address resides ...

Page 113: ... address The format of the destination MAC address is 01 XX XX XX XX XX Click the Apply button to accept the changes made Click the Delete All button to remove all the entries Click the Delete button to remove the specific entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist MAC Address Table Settings This window is used to display and configur...

Page 114: ...ID of the Switch that will be configured here From Port To Port Select the range of ports that will be used for this configuration here Status Select to enable or disable the MAC address learning function on the ports specified here Click the Apply button to accept the changes made After selecting the MAC Address VLAN Learning Settings tab option at the top of the page the following page will be a...

Page 115: ...described below Parameter Description Port Select the stacking unit ID and the port number of the Switch that will be configured here VID Enter the VLAN ID that will be used for this configuration here MAC Address Enter the MAC address that will be used for this configuration here Click the Clear Dynamic by Port button to clear the dynamic MAC address listed on the corresponding port Click the Cle...

Page 116: ...between 0 and 500 By default this value is 1 MAC Notification Trap State Select to enable or disable the MAC notification trap state Unit Select the stacking unit ID of the Switch that will be configured here From Port To Port Select the range of ports that will be used for this configuration here Added Trap Select to enable or disable the added trap for the port s selected Removed Trap Select to ...

Page 117: ... displayed here Click the Find button to locate a specific entry based on the information entered Click the Show All button to locate all the entries Click the Edit button to re configure the specific entry Click the Delete button to remove the specific entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist 802 1v Protocol VLAN Protocol VLAN Prof...

Page 118: ...e type the octet string will have one of the following values For Ethernet 2 this is a 16 bit 2 octet hex value For example IPv4 is 0800 IPv6 is 86DD ARP is 0806 etc For IEEE802 3 SNAP this is a 16 bit 2 octet hex value For IEEE802 3 LLC this is a 2 octet IEEE 802 2 Link Service Access Point LSAP pair The first octet is for Destination Service Access Point DSAP and the second octet is for Source C...

Page 119: ...l This window is used to display and configure the GARP VLAN Registration Protocol GVRP global settings To view the following window click L2 Features VLAN GVRP GVRP Global as shown below Figure 5 12 GVRP Global Window The fields that can be configured are described below Parameter Description Global GVRP State Select to enable or disable the global GVRP state here Dynamic VLAN Creation Select to ...

Page 120: ... is disabled Join Time Enter the Join Time value in centiseconds This value must be between 10 and 10000 centiseconds By default this value is 20 centiseconds Leave Time Enter the Leave Time value in centiseconds This value must be between 10 and 10000 centiseconds By default this value is 60 centiseconds Leave All Time Enter the Leave All Time value in centiseconds This value must be between 10 a...

Page 121: ...n that will be taken here Options to choose from are All Add Remove and Replace When selecting All all the advertised VLANs will be used Advertise VID List Enter the advertised VLAN ID list here Click the Apply button to accept the changes made GVRP Forbidden VLAN This window is used to display and configure the GVRP forbidden VLAN settings To view the following window click L2 Features VLAN GVRP ...

Page 122: ...indow click L2 Features VLAN GVRP GVRP Statistics Table as shown below Figure 5 16 GVRP Statistics Table Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this display here Port Select the port number of which GVRP statistic information will be displayed Click the Find button to locate a specific entry based on the ...

Page 123: ...ll be configured To view the following window click L2 Features VLAN MAC VLAN as shown below Figure 5 18 MAC VLAN Window The fields that can be configured are described below Parameter Description MAC Address Enter the unicast MAC address VID Enter the VLAN ID that will be used Priority Select the priority that is assigned to untagged packets This value is between 0 and 7 Click the Apply button to...

Page 124: ... the specific interface Click the Edit button to re configure the specific entry After clicking the Show Detail button the following page will appear Figure 5 20 VLAN Interface VLAN Detail Window On this page more detailed information about the VLAN of the specific interface is displayed Click the Back button to return to the previous page After click the Edit button the following page will appear...

Page 125: ...e the ingress checking function VLAN ID Enter the VLAN ID used for this configuration here This value must be between 1 and 4094 Clone Select this option to enable the clone feature From Port To Port Select the range of ports that will be used in the clone feature here Click the Apply button to accept the changes made Click the Back button to discard the changes made and return to the previous pag...

Page 126: ...ter the allowed VLAN range information here Clone Select this option to enable the clone feature From Port To Port Select the range of ports that will be used in the clone feature here Click the Apply button to accept the changes made Click the Back button to discard the changes made and return to the previous page When Trunk was selected as the VLAN Mode the following page will appear Figure 5 23...

Page 127: ...l Window The fields that can be configured are described below Parameter Description VLAN Mode Select the VLAN mode option here Options to choose from are Access Hybrid Trunk 802 1Q Tunnel Promiscuous Host Trunk Promiscuous and Trunk Secondary Acceptable Frame Select the acceptable frame behavior option here Options to choose from are Tagged Only Untagged Only and Admit All Ingress Checking Select...

Page 128: ...t All Ingress Checking Select to enable or disable the ingress checking function Clone Select this option to enable the clone feature From Port To Port Select the range of ports that will be used in the clone feature here Click the Apply button to accept the changes made Click the Back button to discard the changes made and return to the previous page When Host was selected as the VLAN Mode the fo...

Page 129: ...om are Tagged Only Untagged Only and Admit All Ingress Checking After selecting Trunk Promiscuous as the VLAN Mode the following parameter will be available Select to enable or disable the ingress checking function Native VLAN Tick this option to enable the native VLAN function Also select if this VLAN supports Untagged or Tagged frames VID After ticking the Native VLAN option the following parame...

Page 130: ...he native VLAN function Also select if this VLAN supports Untagged or Tagged frames VID After ticking the Native VLAN option the following parameter will be available Enter the VLAN ID used for this configuration here This value must be between 1 and 4094 Action Select the action that will be taken here Options to choose from are All Add Remove Except and Replace Allowed VLAN Range Enter the allow...

Page 131: ... specified Layer 2 VLAN Enter a page number and click the Go button to navigate to a specific page when multiple pages exist Subnet VLAN This window is used to display and configure the subnet VLAN settings A subnet VLAN entry is an IP subnet based VLAN classification rule If an untagged or priority tagged IP packet is received on a port its source IP address will be used to match the subnet VLAN ...

Page 132: ...e the auto surveillance VLAN properties To view the following window click L2 Features VLAN Auto Surveillance VLAN Auto Surveillance Properties as shown below Figure 5 31 Auto Surveillance Properties Window The fields that can be configured in Global Settings are described below Parameter Description Surveillance VLAN Select to enable or disable the surveillance VLAN feature here Surveillance VLAN...

Page 133: ...s configuration here State Select to enable or disable the surveillance VLAN feature on the specified port s here When surveillance VLAN is enabled for a port the port will be automatically learned as surveillance VLAN untagged member the received untagged surveillance packets will be forwarded to surveillance VLAN The received packets are determined as surveillance packets if the source MAC addre...

Page 134: ...t Mask Enter the matching bitmask for the OUI MAC address here Click the Apply button to accept the changes made Click the Delete button to delete the specified entry After selecting the Auto Surveillance VLAN Summary tab option at the top of the page the following page will be available Figure 5 33 MAC Settings and Surveillance Device Auto Surveillance VLAN Summary Window The fields that can be c...

Page 135: ...c in quality of service Aging Time Enter the aging time value here This is used to configure the aging time for aging out the voice device and the voice VLAN automatically learned member ports When the last voice device connected to the port stops sending traffic and the MAC address of this voice device is aged out from FDB the voice VLAN aging timer will be started The port will be removed from t...

Page 136: ...UI it will join the voice VLAN as a tagged member automatically When the voice device sends tagged packets the Switch will change its priority When the voice device sends untagged packets it will forward them in port s PVID VLAN When the port is working in auto untagged mode and the port captures a voice device through the device s OUI it will join the voice VLAN as an untagged member automaticall...

Page 137: ...ription for the user defined OUI MAC address here This string can be up to 32 characters long Click the Apply button to accept the changes made Click the Delete button to delete the specified entry Voice VLAN Device This window is used to display the voice VLAN device table To view the following window click L2 Features VLAN Voice VLAN Voice VLAN Device as shown below Figure 5 37 Voice VLAN Device...

Page 138: ... the private VLAN settings To view the following window click L2 Features VLAN Private VLAN as shown below Figure 5 39 Private VLAN Window The fields that can be configured for Private VLAN are described below Parameter Description VID List Enter the private VLAN ID list here State Select to enable or disable the private VLAN state here Type Select the type of private VLAN that will be created her...

Page 139: ... this configuration here From Port To Port Select the range of ports that will be used for this configuration here Select the Trunk option to specify that the trunk port will be associated with the private VLAN map Primary VID Enter the primary private VLAN ID here Action Select Add to add a new entry based in the information entered Select Remove to remove an entry based in the information entere...

Page 140: ...gress packet is C tagged The Inner TPID is per system configurable Unit Select the Switch s unit ID that will be used here From Port To Port Select the Switch s port range that will be used here Outer TPID Enter the outer TPID value here This value is in the hexadecimal form The range is from 0x1 to 0xFFFF Click the Apply button to accept the changes made After clicking the Dot1q Tunnel Port Setti...

Page 141: ... entered Select Remove to remove an entry based in the information entered Click the Apply button to accept the changes made VLAN Mapping This window is used to display and configure the VLAN mapping settings If a profile is applied on an interface the Switch matches the incoming packets according to the rules of the profile If the packets match a rule the action of the rule will be taken The acti...

Page 142: ...o accept the changes made Click the Find button to locate a specific entry based on the information entered Click the Delete button to delete the specified entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist VLAN Mapping Profile This window is used to display and configure the VLAN mapping profile settings To view the following window click L2...

Page 143: ...cremented by 10 for every new rule The range is from 1 to 10000 Src MAC Address Enter the source MAC address here Dst MAC Address Enter the destination MAC address here Priority Select the 802 1p priority value here The range is from 0 to 7 A lower value has a higher priority Inner VID Enter the inner VLAN s ID here The range is from 1 to 4094 Ethernet Type Enter the Ethernet type value here The r...

Page 144: ... 0 to 63 Source Port Enter the source TCP UDP port s number here The range is from 1 to 65535 Destination Port Enter the destination TCP UDP port s number here The range is from 1 to 65535 IP Protocol Enter the Layer 3 IP protocol value here The range is from 0 to 255 Action Select the action that will be taken here Options to choose from are Dot1q Tunnel and Translate Dot1q Tunnel Specifies that ...

Page 145: ...tion that will be taken here Options to choose from are Dot1q Tunnel and Translate Dot1q Tunnel Specifies that the outer VID will be added for matched packets Translate Specifies that the outer VID will replace the outer VID of the matched packets New Outer VID Enter the new outer VLAN s ID here The range is from 1 to 4094 802 1P Priority Select the 802 1p priority value here The range is from 0 t...

Page 146: ...from 0x0 to 0xFFFF Src IP Address Enter the source IPv4 address and subnet mask here Dst IP Address Enter the destination IPv4 address and subnet mask here DSCP Enter the DSCP value here The range is from 0 to 63 Source Port Enter the source TCP UDP port s number here The range is from 1 to 65535 Destination Port Enter the destination TCP UDP port s number here The range is from 1 to 65535 IP Prot...

Page 147: ...nfigure the STP global settings To view the following window click L2 Features STP STP Global Settings as shown below Figure 5 48 STP Global Settings Window The field that can be configured for STP State is described below Parameter Description STP State Select to enable or disable the STP global state here Click the Apply button to accept the changes made The fields that can be configured for STP...

Page 148: ... between two transmissions of BPDU packets sent by the Root Bridge to tell all other Switches that it is indeed the Root Bridge This field will only appear here when STP or RSTP is selected for the STP Version For MSTP the Hello Time must be set on a port per port basis Bridge Forward Time Enter the bridge s forwarding time value here This value must be between 4 and 30 seconds By default this val...

Page 149: ...ort is 2000 The lower the number the greater the probability the port will be chosen to forward packets State Select to enable or disable the STP port state Guard Root Select to enable or disable the guard root function Link Type Select the link type option here Options to choose from are Auto P2P and Shared A full duplex port is considered to have a point to point P2P connection On the opposite a...

Page 150: ...o enable or disable the loop guard feature on the specified port s here The STP loop guard feature provides additional protection against Layer 2 forwarding loops STP loops An STP loop is created when an STP blocking port in a redundant topology erroneously transitions to the forwarding state This usually happens because one of the ports of a physically redundant topology not necessarily the STP b...

Page 151: ... button to accept the changes made In the Private VLAN Synchronize section the user can click the Apply button to synchronize the private VLANs The fields that can be configured for Instance ID Settings are described below Parameter Description Instance ID Enter the instance ID here This value must be between 1 and 64 Action Select the action that will be taken here Options to choose from are Add ...

Page 152: ...ton to accept the changes made Enter a page number and click the Go button to navigate to a specific page when multiple pages exist MSTP Port Information This window is used to display and configure the MSTP port information settings To view the following window click L2 Features STP MSTP Port Information as shown below Figure 5 52 MSTP Port Information Window The fields that can be configured are...

Page 153: ...S Version Select the ERPS version here Options to choose from are G 8032v1 and G 8032v2 Before specifying G 8032v1 for a G 8032v2 device changing the ERPS version will lead to the restart of the running protocol Click the Apply button to accept the changes made The fields that can be configured in Ethernet Ring G 8032 are described below Parameter Description Ring Name Enter the Ethernet Ring Prot...

Page 154: ... button to configure this parameter as per normal Select the None radio button to revert this parameter to the default setting Port1 Select the checkbox and then select the Switch s unit ID and the port number that will be the second ring port of the physical ring Select the None option from the drop down menu specifies that the inter connected node is a local node endpoint of an open ring Select ...

Page 155: ...indow After selecting the ERPS Brief tab option at the top of the page the following page will be available Figure 5 56 ERPS ERPS Brief Window Click the Edit Instance button to configure the ERP instance Enter a page number and click the Go button to navigate to a specific page when multiple pages exist After click the Edit Instance button the following window will appear ...

Page 156: ...rt this parameter to the default setting MEL Select the checkbox and enter the ring MEL value of the ERP instance here This value must be between 0 and 7 The configured MEL value of all ring nodes that participate in the same ERP instance should be identical Select the Specify radio button to configure this parameter as per normal Select the None radio button to revert this parameter to the defaul...

Page 157: ...lures and FS conditions are absent Options to choose from are Port0 and Port1 Click the Back button to discard the changes made and return to the previous window Click the Apply button to accept the changes made ERPS Profile This window is used to display and configure the Ethernet Ring G 8032 profile settings To view the following window click L2 Features ERPS G 8032 ERPS Profile as shown below F...

Page 158: ...n 0 and 10 seconds By default this value is 0 seconds WTR Timer Select the checkbox and enter the WTR timer value here This value must be between 1 and 12 minutes By default this value is 5 minutes Click the Back button to discard the changes made and return to the previous window Click the Apply button to accept the changes made Loopback Detection The Loopback Detection LBD function is used to de...

Page 159: ...to 32767 seconds The default setting is 10 seconds Trap State Select to enable or disable the loopback detection trap state Action Mode Select the action mode here Option to choose from are Shutdown Specifies to shut down the port in the port based mode or block traffic on the specific VLAN in the VLAN based mode when the loop has been detected None Specifies not to shut down the port in the port ...

Page 160: ...the creation of up to 32 link aggregation groups each group consisting of up to 8 links ports Each port can only belong to a single link aggregation group All of the ports in the group must be members of the same VLAN and their STP status static multicast traffic control traffic segmentation and 802 1p default priority configurations must be identical Port locking and 802 1X must not be enabled on...

Page 161: ... Destination MAC Source IP Destination IP Source Destination IP Source L4 Port Destination L4 Port and Source Destination L4 Port By default this option is Source Destination MAC Click the Apply button to accept the changes made The fields that can be configured for Channel Group Information are described below Parameter Description Unit Select the Switch unit that will be used for this configurat...

Page 162: ... be configured are described below Parameter Description Description Enter the description for the port channel here This string can be up to 64 characters long Click the Apply button to accept the changes made Click the Delete Description button to delete the description for the port channel Click the Edit button to re configure the specific entry Click the Back button to return to the previous p...

Page 163: ...Layer 2 protocol packets that can be processed by the system When the maximum number of packets is exceeded the excessive protocol packets are dropped Click the Apply button to accept the changes made After selecting the L2 Protocol Tunnel Port Setting tab option at the top of the page the following page will be available Figure 5 64 L2 Protocol Tunnel L2 Protocol Tunnel Port Setting Window The fi...

Page 164: ...stations or devices and an IGMP host IGMP Snooping Settings In order to use IGMP Snooping it must first be enabled for the entire Switch under IGMP Global Settings at the top of the window You may then fine tune the settings for each VLAN by clicking the corresponding Edit button When enabled for IGMP snooping the Switch can open or close a port to a specific multicast group member based on IGMP m...

Page 165: ...ered Click the Show All button to view all the entries Click the Show Detail button to see the detail information of the specific VLAN Click the Edit button to re configure the specific entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist After clicking the Show Detail button the following window will appear Figure 5 66 IGMP Snooping Settings S...

Page 166: ...r leave message is forwarded The remaining report and leave messages are suppressed Suppression Time Enter the interval of suppressing duplicate IGMP reports or leaves The range is from 1 to 300 Querier State Select this option to enable or disable the querier state Query Version Select the general query packet version sent by the IGMP snooping querier Options to choose from are 1 2 and 3 Query In...

Page 167: ...configuration here From Port To Port Select the range of ports that will be used for this configuration here Authentication Select to enable or disable authentication here This is used to enable or disable the authentication function for IGMP join messages When enabled and the client wants to join a group the system will perform authentication first Accounting Select to enable or disable accountin...

Page 168: ...d for the configuration here VID Click the radio button and enter a VLAN ID of the multicast group The range is from 1 to 4094 Group Address Click the radio button and enter an IP multicast group address Click the Apply button to accept the changes made Click the Delete button to remove the specified entry Click the Find button to locate a specific entry based on the information entered Click the ...

Page 169: ...hat will be used here From Port To Port Select the Switch s port range that will be used here This is only available if the Port option was selected as the action below Limit Number Enter the limit number here This is to configure the rate of IGMP control packets that the Switch can process on a specific interface The range is from 1 to 1000 packets per second Select the No Limit option to remove ...

Page 170: ... configuration VID Enter the Layer 2 VLAN s name on a trunk port here This applies the filter to packets that arrive on that VLAN The range is from 1 to 4094 Click the Apply button to accept the changes made Click the Delete button to delete an entry based on the information entered The fields that can be configured in Access Group Settings are described below Parameter Description Unit Select the...

Page 171: ... router ports on the Switch To view the following window click L2 Features L2 Multicast Control IGMP Snooping IGMP Snooping Mrouter Settings as shown below Figure 5 72 IGMP Snooping Mrouter Settings Window The fields that can be configured in IGMP Snooping Mrouter Settings are described below Parameter Description VID Enter the VLAN ID used here The range is from 1 to 4094 Configuration Select the...

Page 172: ... can be configured in IGMP Snooping Statistics Settings are described below Parameter Description Statistics Select the interface here Options to choose from are All VLAN and Port VID Enter a VLAN ID between 1 and 4094 This is available when VLAN is selected in the Statistics drop down list Unit Select the Switch unit that will be used for this configuration here This is available when Port is sel...

Page 173: ...3 Multicast Listener Query Similar to the IGMPv2 Host Membership Query for IPv4 and labeled as 130 in the ICMPv6 packet header this message is sent by the router to ask if any link is requesting multicast data There are two types of MLD query messages emitted by the router The General Query is used to advertise all multicast addresses that are ready to send multicast data to all listening ports an...

Page 174: ...094 and select to enable or disable MLD snooping on the VLAN Click the Apply button to accept the changes made The fields that can be configured in MLD Snooping Table are described below Parameter Description VID Enter a VLAN ID from 1 to 4094 Click the Find button to locate a specific entry based on the information entered Click the Show All button to view all the entries Click the Show Detail bu...

Page 175: ...indow displays the detail information about MLD snooping VLAN Click the Modify button to edit the information in the following window After clicking the Modify or Edit button in MLD Snooping Settings window the following window will appear Figure 5 76 MLD Snooping Settings Modify Edit Window The fields that can be configured are described below ...

Page 176: ...lect the general query packet version sent by the MLD snooping querier Options to choose from are 1 and 2 Query Interval Enter the interval at which the MLD snooping querier sends MLD general query messages periodically The range is from 1 to 31744 Max Response Time Enter the maximum response time in seconds advertised in MLD snooping queries The range is from 1 to 25 Robustness Value Enter the ro...

Page 177: ...k the Apply button to accept the changes made Click the Delete button to remove the specified entry Click the Find button to locate a specific entry based on the information entered Click the Show All button to view all the entries Enter a page number and click the Go button to navigate to a specific page when multiple pages exist The fields that can be configured in MLD Snooping Groups Table are ...

Page 178: ...umber Enter the limit number here This is to configure the rate of MLD control packets that the Switch can process on a specific interface The range is from 1 to 1000 packets per second Select the No Limit option to remove the limitation Action Select the action that will be taken here Options to choose from are Port and VLAN VID Enter the VLAN s ID here This is the Layer 2 VLAN on a trunk port an...

Page 179: ...ck the Apply button to accept the changes made Click the Delete button to delete an entry based on the information entered The fields that can be configured in Access Group Settings are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here Action Select Add ...

Page 180: ...ure 5 80 MLD Snooping Mrouter Settings Window The fields that can be configured in MLD Snooping Mrouter Settings are described below Parameter Description VID Enter a VLAN ID between 1 and 4094 Configuration Select the port configuration Options to choose from are Port Forbidden Port and Learn PIMv6 Port Select to have the configured ports as being connected to multicast enabled routers Forbidden ...

Page 181: ...ed below Parameter Description Statistics Select the interface here Options to choose from are All VLAN and Port VID Enter a VLAN ID between 1 and 4094 This is available when VLAN is selected in the Statistics drop down list Unit Select the Switch unit that will be used for this configuration here This is available when Port is selected in the Statistics drop down list From Port To Port Select the...

Page 182: ...LAN Settings This window is used to display and configure the multicast VLAN settings To view the following window click L2 Features L2 Multicast Control Multicast VLAN Multicast VLAN Settings as shown below Figure 5 82 Multicast VLAN Settings Window The fields that can be configured in Multicast VLAN Global Settings are described below Parameter Description Multicast VLAN IPv4 State Select to ena...

Page 183: ... range is 2 to 4094 Action Select Add to add a new entry based in the information entered Select Delete to delete an entry based in the information entered Role Select the role here Options to choose from are Receiver and Source Receiver Specifies to configure the port as a subscriber port that can only receive multicast data in the multicast VLAN Source Specifies to configure the port as an uplin...

Page 184: ...e from are Receiver Source and Both Receiver Specifies that the source IPv4 IPv6 address of the IGMP MLD report leave packet received on any multicast VLAN receiver port will be replaced Source Specifies that the source IPv4 IPv6 address of the IGMP MLD report leave packet received on any multicast VLAN source port will be replaced Both Specifies that the source IPv4 IPv6 address of the IGMP MLD r...

Page 185: ...ype Select the address type here Options to choose from are IPv4 and IPv6 IPv4 Specifies to use IPv4 multicast addresses in the range IPv6 Specifies to use IPv6 multicast addresses in the range From IP Address Enter the source IPv4 IPv6 address here To IP Address Enter the destination IPv4 IPv6 address here Click the Apply button to accept the changes made The fields that can be configured in Acce...

Page 186: ... to a specific page when multiple pages exist The fields that can be configured in Access Group Table are described below Parameter Description VID Click the Find button to locate a specific entry based on the information entered Click the Show All button to display all the entries Enter a page number and click the Go button to navigate to a specific page when multiple pages exist PIM Snooping PIM...

Page 187: ...he range is from 1 to 4094 Click the Find button to generate the display based on the information entered PIM Snooping Neighbor Table This window is used to display the PIM snooping neighbor table To view the following window click L2 Features L2 Multicast Control PIM Snooping PIM Snooping Neighbor Table as shown below Figure 5 85 PIM Snooping Neighbor Table Window The fields that can be configure...

Page 188: ...ing PIM Snooping Statistics Table as shown below Figure 5 87 PIM Snooping Statistics Table Window The fields that can be configured are described below Parameter Description VID Select and enter the VLAN ID that will be used here The range is from 1 to 4094 Click the Find button to generate the display based on the information entered Click the Clear button to clear the statistics information rela...

Page 189: ...ed based on the forwarding table and all unregistered multicast packets will be flooded based on the VLAN domain When selecting the Forward All option all multicast packets will be flooded based on the VLAN domain When selecting the Filter Unregistered option registered packets will be forwarded based on the forwarding table and all unregistered multicast packets will be filtered Click the Apply b...

Page 190: ...P Forward Sate is enabled the received LLDPDU packet will be forwarded LLDP Trap State Select this option to enable or disable the LLDP trap state LLDP MED Trap State Select this option to enable or disable the LLDP MED trap state Click the Apply button to accept the changes made The fields that can be configured in LLDP MED Settings are described below Parameter Description Fast Start Repeat Coun...

Page 191: ... This window is used to display and configure the LLDP port settings To view the following window click L2 Features LLDP LLDP Port Settings as shown below Figure 5 90 LLDP Port Settings Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used ...

Page 192: ...4 option enter the IPv4 address in the space provided After selecting the IPv6 option enter the IPv6 address in the space provided Click the Find button to locate a specific entry based on the selection made LLDP Basic TLVs Settings Type length value TLV allows the specific sending information as a TLV element within LLDP packets This window is used to enable the settings for the Basic TLVs Settin...

Page 193: ... Name option System Description Select this option to enable or disable the System Description option System Capabilities Select this option to enable or disable the System Capabilities option Click the Apply button to accept the changes made LLDP Dot1 TLVs Settings LLDP Dot1 TLVs are organizationally specific TLVs which are defined in IEEE 802 1 and used to configure an individual port or group o...

Page 194: ... Settings This window is used to display and configure an individual port or group of ports to exclude one or more IEEE 802 3 organizational specific TLV data type from outbound LLDP advertisements To view the following window click L2 Features LLDP LLDP Dot3 TLVs Settings as shown below Figure 5 94 LLDP Dot3 TLVs Settings Window The fields that can be configured are described below Parameter Desc...

Page 195: ...ields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here Notification Select this option to enable or disable transmitting the LLDP MED notification TLV Capabilities Select this option to enable or disable transmitting the LLDP ...

Page 196: ...e the ETS recommendation TLV feature here This specifies the ETS Recommendation TLV to be sent The Enhanced Transmission Selection Recommendation TLV is an optional TLV that allows a bridge port to advertise the ETS recommendation for the operational state of the remote port Priority based Flow Control Configuration TLV Select to enable or disable the Priority based Flow Control PFC configuration ...

Page 197: ...on for the statistics displayed Click the Clear All button to clear all the counter information displayed LLDP Local Port Information This window is used to display the information on a per port basis currently available for populating outbound LLDP advertisements in the local port brief table shown below To view the following window click L2 Features LLDP LLDP Local Port Information as shown belo...

Page 198: ...view detailed information of the specific port After clicking the Show Detail button the following window will appear Figure 5 99 LLDP Local Port Information Show Detail Window To view more details about for example the MAC PHY Configuration Status click the Show Detail hyperlink Click the Back button to return to the previous window After clicking a hyperlink a new section will appear at the bott...

Page 199: ...l To view the following window click L2 Features LLDP LLDP Neighbor Port Information as shown below Figure 5 101 LLDP Neighbor Port Information Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be displayed Port Select the port number that will be displayed Click the Find button to locate a specific entry based on the informati...

Page 200: ...nfigure the ARP aging time settings To view the following window click L3 Features ARP ARP Aging Time as shown below Figure 6 1 ARP Aging Time Window The fields that can be configured are described below Parameter Description Timeout After click the Edit button enter the ARP aging timeout value here Click the Edit button to re configure the specific entry Click the Apply button to accept the chang...

Page 201: ...stined for another device by faking its identity IP and MAC Address as the original ARP responder Therefore the Switch can then route packets to the intended destination without configuring static routing or a default gateway The host usually a Layer 3 Switch will respond to packets destined for another device To view the following window click L3 Features ARP Proxy ARP as shown below Figure 6 3 P...

Page 202: ...lect this option to display the Management port s information Click the Find button to locate a specific entry based on the information entered Click the Clear All button to clear all the information Click the Delete button to remove the specific entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist Gratuitous ARP This window is used to display ...

Page 203: ...that corresponds to the system s IP address This option used to enable or disable the learning of ARP entries in the ARP cache based on the received gratuitous ARP packet The gratuitous ARP packet is sent by a source IP address that is identical to the IP that the packet is queries for Click the Apply button to accept the changes made Click the Edit button to re configure the specific entry Enter ...

Page 204: ...l button to clear all the dynamic IPv6 neighbor information in this table Click the Delete button to remove the specific entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist Interface IPv4 Interface This window is used to display and configure the IPv4 interface settings To view the following window click L3 Features Interface IPv4 Interface as...

Page 205: ...e IP directed broadcast feature here This parameter is used to enable or disable the conversion of IP directed broadcasts received by the interface to physical broadcasts when the destination network is directly connected to the Switch Description Enter the description for the interface Get IP From Select the get IP from option here Options to choose from are Static and DHCP When the Static option...

Page 206: ... up to 32 characters long Select the Hex option to enter the class ID string in the hexadecimal format This string can be up to 64 characters long This parameter is used to specify the vendor class identifier used as the value of Option 60 for the DHCP discover message Host Name Enter the host name here This string can be up to 64 characters long This parameter is used to specify the value of the ...

Page 207: ...r the IPv6 MTU value here The range is from 1280 to 65534 bytes By default this value is 1500 bytes This parameter is used to configure the MTU to be advertised in RA messages IPv6 State Select to enable or disable the IPv6 interface s global state here Click the Back button to discard the changes made and return to the previous page Click the Apply button to accept the changes made The fields tha...

Page 208: ... reachable time is used by the IPv6 node in determining the reachability of the neighbor nodes Managed Config Flag Turn the managed config flag option On or Off here When the neighbor host receives the RA which has flag turned on the host should use a stateful configuration protocol to obtain IPv6 addresses Other Config Flag Turn the other config flag option On or Off here By setting the other con...

Page 209: ...cept the changes made The fields that can be configured for DHCPv6 Client PD Settings are described below Parameter Description Client PD State Select to enable or disable the DHCPv6 client process to request the prefix delegation through a specified interface Select the Rapid Commit option to proceed with two message exchange for prefix delegation The rapid commit option will be filled in the Sol...

Page 210: ...pecific page when multiple pages exist After clicking the Edit button the following page will appear Figure 6 16 Loopback Interface Edit Window The fields that can be configured are described below Parameter Description State Select to enable or disable the loopback interface here Description Enter the description for the loopback interface here This string can be up to 64 characters long IP Addre...

Page 211: ...an be configured are described below Parameter Description Interface Null Enter the NULL interface s ID here This value can only be 0 Description After clicking the Edit button enter the description for the NULL interface here This string can be up to 64 characters long Click the Apply button to accept the changes made Click the Edit button to modify the description for the NULL interface UDP Help...

Page 212: ...all one broadcast The packets are IPv4 UDP packets The IP TTL value must be greater than or equal to 2 To view the following window click L3 Features UDP Helper IP Helper Address as shown below Figure 6 19 IP Helper Address Window The fields that can be configured are described below Parameter Description Interface VLAN Enter the VLAN interface s ID used here The range is from 1 to 4094 Helper Add...

Page 213: ...n be configured are described below Parameter Description IP Address Enter the IPv4 address for this route here Tick the Default Route option to use the default route as the IPv4 address Mask Enter the IPv4 network mask for this route here Gateway Enter the gateway address for this route here Null Interface Select to enable or disable the NULL interface here Backup State Select the backup state op...

Page 214: ... window is used to display and configure the IPv4 route table settings To view the following window click L3 Features IPv4 Route Table as shown below Figure 6 22 IPv4 Route Table Window The fields that can be configured are described below Parameter Description IP Address Select and enter the single IPv4 address here Network Address Select and enter the IPv4 network address here In the first space...

Page 215: ... will be associated with this route here Next Hop IPv6 Address Enter the next hop IPv6 address here Distance Enter the administrative distance of the static route here This value must be between 1 and 254 A lower value represents a better route If not specified the default administrative distance for a static route is 1 Backup State Select the backup state option here Options to choose from are Pr...

Page 216: ... when multiple pages exist IPv6 Route Table This window is used to display and configure the IPv6 route table To view the following window click L3 Features IPv6 Route Table as shown below Figure 6 25 IPv6 Route Table Window The fields that can be configured are described below Parameter Description IPv6 Address Select and enter the IPv6 address to display here IPv6 Address Prefix Length Select an...

Page 217: ...ult route and static route The distance of the default route and the static route will be compared with other IPv4 routes learned by the dynamic routing protocol if they have the same destination network address The lower distance value is preferred To view the following window click L3 Features Route Preference as shown below Figure 6 26 Route Preference Window The fields that can be configured a...

Page 218: ...to 12 characters long IPv6 Address Enter the IPv6 address and prefix length here Click the Apply button to accept the changes made Click the Find button to locate a specific entry based on the information entered Click the Delete button to delete the specified entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist RIP RIP Settings This window is ...

Page 219: ...tic option means to redistribute IP static routes The Connected option refers to routes that are established automatically by virtue of configuring IP address on an interface Third enter the value to be used as the metric for the redistributed route here The range is from 0 to 16 Fourth enter the route map s name that is used in the filtering of the routes to be redistributed to the current routin...

Page 220: ...ure should use the default configuration By default RIPv1 and RIPv2 packets are received but only RIPv1 packets are sent Distance Enter the administrative distance for RIP here The range is from 1 to 255 A lower value represents a better route Select the Default option to use the default administrative distance for RIP which is 100 Click the Apply button to accept the changes made RIP Distribute L...

Page 221: ... to enable or disable the BFD feature on the specified interface When BFD is enabled on an interface the router creates BFD peers with the current RIP peers of the interface and BFD peers will be created when new RIP peers are added If an RIP peer is removed because RIP is disabled the related BFD peer will be removed When the BFD session goes down the RIP routes learned from the peer will be dele...

Page 222: ...elds that can be configured in RIPng Global Settings are described below Parameter Description Global State Select to globally enable or disable the RIPng feature here Click the Apply button to accept the changes made The fields that can be configured in RIPng Settings are described below Parameter Description Default Metric Enter the default metric value here The range is from 1 to 16 This value ...

Page 223: ...e interface with an unreachable metric Split Horizon Select to enable or disable the split horizon feature here When split horizon is enabled the routes learned from an interface will be not advertised out to the same interface Click the Apply button to accept the changes made The fields that can be configured in Redistribute Settings are described below Parameter Description Protocol Select the p...

Page 224: ... Select to enable or disable the passive interface feature here If this option is enabled the router will not send RIPng packets out through the interface However RIPng packets from other routers received on the interface will continue to be processed Click the Apply button to accept the changes made Enter a page number and click the Go button to navigate to a specific page when multiple pages exi...

Page 225: ...ticast routing forwarding cache database To view the following window click L3 Features IP Multicast Routing Protocol IPMC IP Multicast Forwarding Cache as shown below Figure 6 36 IP Multicast Forwarding Cache Window The fields that can be configured are described below Parameter Description Group Address Enter the multicast group s IP address here Source Address Enter the multicast source s IP ad...

Page 226: ...he CPU will discard Open Shortest Path First OSPF Layer 3 control packets sent to it RIP Specifies that the CPU will discard Routing Information Protocol RIP Layer 3 control packets sent to it VRRP Specifies that the CPU will discard Virtual Router Redundancy Protocol VRRP Layer 3 control packets sent to it Action Select the action that will be taken here Options to choose from are Add Specifies t...

Page 227: ...tton to locate a specific entry based on the information entered Click the Show All button to display all the entries BFD BFD Settings This window is used to display and configure the Bidirectional Forwarding Detection BFD settings To view the following window click L3 Features BFD BFD Settings as shown below Figure 6 39 BFD Settings Window The fields that can be configured in BFD State are descri...

Page 228: ... control packets that this system is capable of supporting here The range is from 50 to 1000 milliseconds Multiplier Enter the BFD detection time multiplier value here The range is from 3 to 99 Slow Time Enter the BFD slow time value here The range is from 1000 to 3000 milliseconds Click the Apply button to accept the changes made BFD Neighbor Table This window is used to display the BFD neighbor ...

Page 229: ...this rule here Options to choose from are Permit and Deny Permit Specifies that routes that match the rule entry are permitted Deny Specifies that routes that match the rule entry are denied Sequence ID Enter the sequence ID for this rule here The range is from 1 to 65535 Click the Apply button to accept the changes made Click the Find button to locate a specific entry based on the information ent...

Page 230: ...tended IP access list Route Source Select and enter the standard or extended IP access list s name here This option is used to define a clause to match the route s source based on the standard or extended IP access list Metric Select and enter the metric value of the route here The range is from 0 to 4294967294 This option is used to define a clause to match the route s metric Route Type Select th...

Page 231: ...es the match clauses of the configured route map sequence Options to choose from are IP Address and Recursive IP Address Specifies the IP addresses of the next hops to route the packet Enter the next hop IP addresses in the spaces provided here Up to 8 next hop IP addresses can be entered Recursive Specifies the IP address of the recursive as the next hop router Enter the recursive next hop IP add...

Page 232: ...he Apply button to accept the changes made VRRP Settings This window is used to display and configure the Virtual Router Redundancy Protocol VRRP feature s settings All routers in the same VRRP group must be configured with the same virtual router ID and IP address A virtual router group is represented by a virtual router ID The IP address of the virtual router is the default router configured on ...

Page 233: ...ot owned but associated with this virtual router Click the Apply button to accept the changes made The fields that can be configured in Virtual Router Settings are described below Parameter Description VLAN Enter the VLAN interface s ID used here The range is from 1 to 4094 VRID Enter the virtual router s ID used here This ID is used to identify the virtual router in the VRRP group The range is fr...

Page 234: ...has a better priority than the current master Priority Enter the priority value here The range is from 1 to 254 BFD Remote IP Enter the VRRP group s BFD peer address here Critical IP Address Enter the critical IPv4 address here If the critical IP is configured on one virtual router the virtual router cannot be activated when the critical IP address is unreachable One VRRP group can only track one ...

Page 235: ...r IPv6 Specifies to create an IPv6 virtual router Interface Name Enter the name of the VLAN interface that will be used in the display here This string can be up to 12 characters long Click the Apply button to accept the changes made Click the Find button to find and display an entry based on the information entered Click the Edit button to configure more detailed settings of the specified entry C...

Page 236: ... of the virtual router here The range is from 1 to 254 The master of a VRRP group is elected based on the priority The virtual router with the highest priority becomes the master and others with lower priorities act as the backup for the VRRP group If there are multiple routers with the same highest priority value the router with the larger IP address will become the Master The router that is the ...

Page 237: ...rt To Port Select the range of ports that will be used for this configuration here Default CoS Select the default CoS option for the port s specified here Options to choose from are 0 to 7 Select the Override option to override the CoS of the packets The default CoS will be applied to all incoming packets tagged or untagged received by the port Select the None option to specify that the CoS of the...

Page 238: ...is subtracted by 1 and the packet in the next lower CoS queue will be serviced When the weight of a CoS queue reaches zero the queue will not be serviced until its weight is replenished When weights of all CoS queues reach 0 the weights get replenished at a time Weighted Deficit Round Robin WDRR operates by serving an accumulated set of backlogged credits in the transmit queue in a round robin ord...

Page 239: ...cription Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the range of ports that will be used for this configuration here Queue ID Enter the queue ID value here This value must be between 0 and 7 WRR Weight Enter the WRR weight value here This value must be between 0 and 127 To satisfy the behavior requirements of Expedited Forwarding EF the highe...

Page 240: ...splay and configure the port rate limiting settings To view the following window click QoS Basic Settings Port Rate Limiting as shown below Figure 7 5 Port Rate Limiting Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the range of ports that will be used for this co...

Page 241: ...mitation Click the Apply button to accept the changes made Queue Rate Limiting This window is used to display and configure the queue rate limiting settings To view the following window click QoS Basic Settings Queue Rate Limiting as shown below Figure 7 6 Queue Rate Limiting Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be...

Page 242: ... This value must be between 1 and 100 percent Also enter the maximum percentage value Max Percent in the space provided This value must be between 1 and 100 percent Click the Apply button to accept the changes made Advanced Settings DSCP Mutation Map This window is used to display and configure the Differentiated Services Code Point DSCP mutation map settings When a packet is received by an interf...

Page 243: ...ding as shown below Figure 7 8 Port Trust State and Mutation Binding Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the range of ports that will be used for this configuration here Trust State Select the port trust state option here Options to choose from are CoS a...

Page 244: ... Select the range of ports that will be used for this configuration here CoS Select the CoS value to map to the DSCP list Options to choose from are 0 to 7 DSCP List Enter the DSCP list value to map to the CoS value here This value must be between 0 and 63 Click the Apply button to accept the changes made CoS Color Mapping This window is used to display and configure the CoS color mapping settings...

Page 245: ...nge of ports that will be used for this configuration here CoS List Enter the CoS value that will be mapped to the color This value must be between 0 and 7 Color Select the color option that will be mapped to the CoS value Options to choose from are Green Yellow and Red Click the Apply button to accept the changes made DSCP Color Mapping This window is used to display and configure the DSCP color ...

Page 246: ... between 0 and 63 Color Select the color option that will be mapped to the DSCP value Options to choose from are Green Yellow and Red Click the Apply button to accept the changes made Class Map This window is used to display and configure the class map settings To view the following window click QoS Advanced Settings Class Map as shown below Figure 7 12 Class Map Window The fields that can be conf...

Page 247: ... Select and enter the DSCP list value that will be matched with this class map here This value must be between 0 and 63 Tick the IPv4 only option to match IPv4 packets only If not specified the match is for both IPv4 and IPv6 packets Precedence List Select and enter the precedence list value that will be matched with this class map here This value must be between 0 and 7 Tick the IPv6 only option ...

Page 248: ...e provided This value sets the IP differentiated services code point DSCP value and transmits the packet with the new IP DSCP value When selecting the Set 1P Transmit option enter the 1P transmit value in the space provided This value sets the 802 1p value and transmits the packet with the new value When selecting the Transmit option packets will be transmitted unaltered When selecting the Set DSC...

Page 249: ...ansmits the packet with the new IP DSCP value When selecting the Set 1P Transmit option enter the 1P transmit value in the space provided This value sets the 802 1p value and transmits the packet with the new value When selecting the Transmit option packets will be transmitted unaltered When selecting the Set DSCP 1P option enter the IP DSCP and 1P transmit values in the spaces provided Color Awar...

Page 250: ... on packets that exceed the rate limit For a two rate policer if the exceed action is not specified the default action is Drop Options to choose from are Drop Set DSCP Transmit Set 1P Transmit Transmit and Set DSCP 1P When selecting the Drop option the packet will be dropped When selecting the Set DSCP Transmit option enter the IP DSCP value in the space provided This value sets the IP differentia...

Page 251: ...his window is used to display and configure the policy map settings To view the following window click QoS Advanced Settings Policy Map as shown below Figure 7 16 Policy Map Window The fields that can be configured for Create Delete Policy Map are described below Parameter Description Policy Map Name Enter the policy map s name here that will be created or deleted This name can be up to 32 charact...

Page 252: ...l be marked only If not selected then both IPv4 and IPv6 precedence will be marked For IPv6 packets the precedence is the most three significant bits of the traffic class of the IPv6 header Setting the precedence will not affect the CoS queue selection New DSCP Select the new DSCP value for the packet here The range is from 0 to 63 Select the IPv4 only option to specify that the IPv4 DSCP will be ...

Page 253: ...ansmit the packet with the new DSCP value Enter the new DSCP value in the space provided Set 1P Transmit Specifies that the conform action is to modify the 802 1p value and then to transmit the packet with the new 802 1p value Enter the new 802 1p value in the space provided Transmit Specifies that the conform action is to transmit the packet unmodified Set DSCP 1P Specifies that the conform actio...

Page 254: ...ded Set 1P Transmit Specifies that the violate action is to modify the 802 1p value and then to transmit the packet with the new 802 1p value Enter the new 802 1p value in the space provided Transmit Specifies that the violate action is to transmit the packet unmodified Set DSCP 1P Specifies that the violate action is to modify the DSCP and 802 1p values and then to transmit the packet with the ne...

Page 255: ...gure the network Quality of Service QoS feature s Priority based Flow Control PFC class map settings To view the following window click QoS QoS PFC Network QoS Class Map as shown below Figure 7 20 Network QoS Class Map Window The fields that can be configured are described below Parameter Description Network QoS Class Map Name Enter the network QoS class map s name to be associated with a traffic ...

Page 256: ...igure 7 22 Network QoS Policy Map Window The fields that can be configured in Create Delete Network QoS Policy Map are described below Parameter Description Network QoS Policy Map name Enter the network QoS policy map s name here This name can be up to 32 characters long Click the Apply button to accept the changes made The fields that can be configured in Traffic Policy are described below Parame...

Page 257: ...to enable or disable the pause feature here This feature is used to enable PFC on a class referenced in a type network QoS policy map Click the Apply button to accept the changes made Network QoS Policy Binding This window is used to display and configure the network QoS policy s binding settings To view the following window click QoS QoS PFC Network QoS Policy Binding as shown below Figure 7 24 N...

Page 258: ...low Figure 7 25 PFC Port Settings Window The fields that can be configured in PFC Port Settings are described below Parameter Description Unit Select the Switch s unit ID that will be used here From Port To Port Select the Switch s port range that will be used here Willing Select to enable or disable the willing feature here This is used to turn on the Data Center Bridging Exchange Protocol DCBX P...

Page 259: ...ngs To view the following window click QoS WRED WRED Profile as shown below Figure 7 26 WRED Profile Window The fields that can be configured are described below Parameter Description Profile Enter the WRED profile s ID here The range is from 1 to 128 Packet Type Select the packet type here Options to choose from are TCP and Non TCP TCP Specifies the WRED drop parameters for the TCP packets to be ...

Page 260: ...sed on the information entered Click the Reset Configuration button to reset the configuration on the specified entry WRED Queue This window is used to display and configure the WRED feature s queue settings WRED drops packets based on the average queue size exceeding a specific threshold to indicate congestion Explicit Congestion Notification ECN is an extension to WRED in that ECN marks packets ...

Page 261: ...d to display and clear the WRED feature s drop counter information To view the following window click QoS WRED WRED Drop Counter as shown below Figure 7 28 WRED Drop Counter Window The fields that can be configured are described below Parameter Description Unit Select the Switch s unit ID that will be used here From Port To Port Select the Switch s port range that will be used here Click the Clear...

Page 262: ...om the remote Switch DCBX is used by DCB devices to exchange configuration information with directly connected peers The protocol may also be used for misconfiguration detection and for configuration of the peer The willing mode indicates that the local port has been administratively configured to accept configurations from the remote device Click the Apply button to accept the changes made Click ...

Page 263: ... range that will be used here Queue 1 Queue 7 Select and enter the recommended bandwidth for traffic classes 0 to 7 here that will be associated with the selected port s It is required to specify 8 values for traffic class 0 to 7 respectively The sum of the bandwidth assigned to a given port is required at all times to be equal to 100 An operation that attempts to change the bandwidth where the su...

Page 264: ... for all interfaces will be created with a default value When a priority is deleted from CNPV the CNPV configuration for all interfaces will be deleted To view the following window click QoS QCN QCN CNPV Status as shown below Figure 7 32 QCN CNPV Status Window The fields that can be configured are described below Parameter Description QCN Status Select to globally enable or disable the QCN feature...

Page 265: ...he Edit button the following page will appear Figure 7 34 QCN CNPV Settings Edit Window The fields that can be configured in the table are described below Parameter Description Defense Mode Choice Select the defense mode choice here Options to choose from are Admin and Auto By default this option is Auto Admin Specifies that the default Congestion Notification Domain CND defense mode and alternate...

Page 266: ...iority value to which this priority value is to be remapped when the receiving frame with an 802 1p priority equal to the specified CNPV at Edge port The range is from 0 to 7 CP Creation Select to enable or disable the CP creation feature here Click the Apply button to accept the changes made QCN CNPV Interface Settings This window is used to display and configure the QCN CNPV interface settings T...

Page 267: ...he priority parameter of frame input is not remapped to or from this priority and the CN TAGs won t be stripped off when transmitting the frames Edge Specifies that the priority parameter of frame input at this priority is remapped to an alternate value Frames at other priorities are not remapped to this priority and the frames are transmitted without a CN TAG Alternate Priority Select the alterna...

Page 268: ...t s Min Header Octets Enter the minimum number of octets to be returned in a CNM from the data frame that triggered transmission of the CNM here The range is from 0 to 64 By default this value is 0 Sample Base Enter the minimum number of octets to queue in the CP s queue between transmissions of CNMs here The range is from 10000 to 4294967295 octets By default this value is 15000 octets Set Point ...

Page 269: ...the Switch s unit ID that will be used here Port Select the port that will be used here CP Select the queue ID same as the outbound queue ID to specify which Congestion Point CP to clear counters Click the Find button to locate a specific entry based on the information entered Click the Clear button to clear the counter information based on the information specified Click the Show All button to di...

Page 270: ...gs To view the following window click QoS iSCSI iSCSI Settings as shown below Figure 7 40 iSCSI Settings Window The fields that can be configured are described below Parameter Description iSCSI State Select to globally enable or disable the iSCSI awareness feature here iSCSI CoS Select the iSCSI CoS that will be configured here Options to choose from are VPT Specifies to use VLAN Priority Tag VPT ...

Page 271: ...t the changes made The fields that can be configured in iSCSI Targets and TCP Ports are described below Parameter Description iSCSI Target Port Enter the iSCSI target port number here The range is from 1 to 65535 IP Address Enter the IP address of the iSCSI target here Target Name Enter the iSCSI target name here This string can be up to 255 characters long The name can be manually configured or o...

Page 272: ...LAN Filter CPU ACL ACL Configuration Wizard This window is used to guide the user to create a new ACL access list or configure an existing ACL access list Step 1 Create Update To view the following window click ACL ACL Configuration Wizard as shown below Figure 8 1 ACL Configuration Wizard Create Window Figure 8 2 ACL Configuration Wizard Update Window The fields that can be configured are describ...

Page 273: ...nter a page number and click the Go button to navigate to a specific page when multiple pages exist Step 2 Select Packet Type After clicking the Next button the following window will appear Figure 8 3 ACL Configuration Wizard Create Packet Type Window The fields that can be configured are described below Parameter Description MAC Select to create update a MAC ACL IPv4 Select to create update an IP...

Page 274: ... the source host s MAC address here When the MAC option is selected the Wildcard option will also be available Enter the source MAC address and wildcard value in the spaces provided Destination Select and enter the destination MAC address information here Options to choose from are Any Host and MAC When the Any option is selected any destination traffic will be evaluated according to the condition...

Page 275: ...lect the inner CoS value that will be used here The range is from 0 to 7 Mask Enter the inner CoS mask value here The range is from 0x0 to 0x7 VID Enter the VLAN ID that will be associated with this ACL rule here The range is from 1 to 4094 Mask Enter the VLAN ID mask value here The range is from 0x0 to 0xFFF Inner VID Enter the inner VLAN ID that will be associated with this ACL rule here The ran...

Page 276: ...ule number for this entry Protocol Type Select the protocol type option here Options to choose from are TCP UDP ICMP EIGRP 88 ESP 50 GRE 47 IGMP 2 OSPF 89 PIM 103 VRRP 112 IP in IP 94 PCP 108 Protocol ID and None Value The protocol ID can also manually be entered here The range is from 0 to 255 Mask After selecting the Protocol ID option manually enter the protocol mask value here The range is fro...

Page 277: ...ll ports greater than the selected port will be used When selecting the option all ports smaller than the selected port will be used When selecting the option all ports excluding the selected port will be used When selecting the Range option the start port number and end port number selected of the range will be used Alternatively the port number s can manually be entered in the space s provided i...

Page 278: ...ntered here The range is from 0 to 7 Mask Enter the IP precedence mask value here The range is from 0x0 to 0x7 ToS Select the Type of Service ToS value that will be used here Options to choose from are normal 0 min monetary cost 1 max reliability 2 max throughput 4 and min delay 8 Value The ToS value can also manually be entered here The range is from 0 to 15 Mask Enter the ToS mask value here The...

Page 279: ...tically generate an ACL rule number for this entry Protocol Type Select the protocol type option here Options to choose from are TCP UDP ICMP Protocol ID ESP 50 PCP 108 SCTP 132 and None Value The protocol ID can also manually be entered here The range is from 0 to 255 Mask After selecting the Protocol ID option manually enter the protocol mask value here The range is from 0x0 to 0xFF Fragments Se...

Page 280: ...ng the option all ports excluding the selected port will be used When selecting the Range option the start port number and end port number selected of the range will be used Alternatively the port number s can manually be entered in the space s provided if the port number s is are not available in the drop down list When selecting the Mask option the specified source port number and mask will be u...

Page 281: ... 46 Value The DSCP value can also manually be entered here The range is from 0 to 63 Mask Enter the DSCP mask value here The range is from 0x0 to 0x3F Traffic Class Select and enter the traffic class value here The range is from 0 to 255 Mask Enter the traffic class mask value here The range is from 0x0 to 0x3F TCP Flag Tick the appropriate TCP flag option to include the flag in this rule Options ...

Page 282: ...ed are described below Parameter Description ACL Type Select the ACL type to find here Options to choose from are All IP ACL IPv6 ACL MAC ACL and Expert ACL ID Select and enter the access list s ID here The range is from 1 to 14999 ACL Name Select and enter the access list s name here This name can be up to 32 characters long Click the Find button to locate a specific entry based on the informatio...

Page 283: ...step here The step range is from 1 to 32 This specifies the number that the sequence numbers step The default value is 10 For example if the increment step value is 5 and the beginning sequence number is 20 the subsequent sequence numbers are 25 30 35 40 and so on Counter State Select to enable or disable the counter state option here Remark Enter an optional remark that will be associated with th...

Page 284: ...d Rule button the following page will appear Figure 8 11 Standard IP ACL Add Rule Window The fields that can be configured are described below Parameter Description Sequence No Enter the sequence number of this ACL rule here The range is from 1 to 65535 If this value is not specified the system will automatically generate an ACL rule number for this entry Action Select the action that this rule wi...

Page 285: ...n IP addresses by using a wildcard bitmap The bit corresponding to the bit value 1 will be ignored The bit corresponding to the bit value 0 will be checked Time Range Enter the name of the time range profile that will be used in this ACL rule here This name can be up to 32 characters long Click the Apply button to accept the changes made Click the Back button to discard the changes made and return...

Page 286: ...estination IP information here Options to choose from are Any Host and IP When the Any option is selected any destination traffic will be evaluated according to the conditions of this rule When the Host option is selected enter the destination host s IP address here When the IP option is selected the Wildcard option will also be available Enter the group of destination IP addresses by using a wild...

Page 287: ... enter the Message Code numerical value used here The range is from 0 to 255 When the ICMP Message Type is selected this numerical value will automatically be entered This parameter is only available in the protocol type ICMP TCP Flag Tick the appropriate TCP flag option to include the flag in this rule Options to choose from are ack fin psh rst syn and urg This parameter is only available in the ...

Page 288: ... Host IPv6 and Prefix Length When the Any option is selected any source traffic will be evaluated according to the conditions of this rule When the Host option is selected enter the source host s IPv6 address here When the IPv6 option is selected the Prefix Length option will also be available Enter the source IPv6 address and prefix length value in the spaces provided Destination Select and enter...

Page 289: ...ly generate an ACL rule number for this entry Action Select the action that this rule will take here Options to choose from are Permit and Deny Protocol Type Select the protocol type option here Options to choose from are TCP UDP ICMP Protocol ID ESP 50 PCP 108 SCTP 132 and None Value The protocol ID can also manually be entered here The range is from 0 to 255 Mask After selecting the Protocol ID ...

Page 290: ...ange will be used Alternatively the port number s can manually be entered in the space s provided if the port number s is are not available in the drop down list When selecting the Mask option the specified source port number and mask will be used Enter the source port mask value in the space provided The range is from 0x0 to 0xFFFF This parameter is only available in the protocol type TCP and UDP...

Page 291: ...rom are default 0 af11 10 af12 12 af13 14 af21 18 af22 20 af23 22 af31 26 af32 28 af33 30 af41 34 af42 36 af43 38 cs1 8 cs2 16 cs3 24 cs4 32 cs5 40 cs6 48 cs7 56 and ef 46 Value The DSCP value can also manually be entered here The range is from 0 to 63 Mask Enter the DSCP mask value here The range is from 0x0 to 0x3F Traffic Class Select and enter the traffic class value here The range is from 0 t...

Page 292: ...ected enter the source host s MAC address here When the MAC option is selected the Wildcard option will also be available Enter the source MAC address and wildcard value in the spaces provided Destination Select and enter the destination MAC address information here Options to choose from are Any Host MAC and Wildcard When the Any option is selected any destination traffic will be evaluated accord...

Page 293: ...here The range is from 0x0 to 0x7 VID Enter the VLAN ID that will be associated with this ACL rule here The range is from 1 to 4094 Mask Enter the VLAN ID mask value here The range is from 0x0 to 0xFFF Inner VID Enter the inner VLAN ID that will be associated with this ACL rule here The range is from 1 to 4094 Mask Enter the inner VLAN ID mask value here The range is from 0x0 to 0xFFF VLAN Range S...

Page 294: ...P EIGRP 88 ESP 50 GRE 47 IGMP 2 OSPF 89 PIM 103 VRRP 112 IP in IP 94 PCP 108 Protocol ID and None Value The protocol ID can also manually be entered here The range is from 0 to 255 Mask After selecting the Protocol ID option manually enter the protocol mask value here The range is from 0x0 to 0xFF Fragments Select this option to include packet fragment filtering Source Select and enter the source ...

Page 295: ...ny Host MAC and Wildcard When the Any option is selected any destination traffic will be evaluated according to the conditions of this rule When the Host option is selected enter the destination host s MAC address here When the MAC option is selected the Wildcard option will also be available Enter the destination MAC address and wildcard value in the spaces provided Source Port Select and enter t...

Page 296: ...will automatically be entered This parameter is only available in the protocol type ICMP IP Precedence Select the IP precedence value used here Options to choose from are routine 0 priority 1 immediate 2 flash 3 flash override 4 critical 5 internet 6 and network 7 Value The IP precedence value can also manually be entered here The range is from 0 to 7 Mask Enter the IP precedence mask value here T...

Page 297: ...ters long Click the Apply button to accept the changes made Click the Back button to discard the changes made and return to the previous page ACL Interface Access Group This window is used to display and configure the ACL interface access group settings To view the following window click ACL ACL Interface Access Group as shown below Figure 8 17 ACL Interface Access Group Window The fields that can...

Page 298: ... map settings To view the following window click ACL ACL VLAN Access Map as shown below Figure 8 19 ACL VLAN Access Map Window The fields that can be configured are described below Parameter Description Access Map Name Enter the access map s name here This name can be up to 32 characters long Sub Map Number Enter the sub map s number here This value must be between 1 and 65535 Action Select the ac...

Page 299: ...rameter Description Match IP Access List Here the IP access list that will be matched will be displayed Match IPv6 Access List Here the IPv6 access list that will be matched will be displayed Match MAC Access List Here the MAC access list that will be matched will be displayed Click the Please Select button navigate to a list of access lists that can be selected to be used in this configuration Cl...

Page 300: ...ID List Enter the VLAN ID list that will be used here Select the All VLANs option to apply this configuration to all the VLANs configured on the Switch Click the Apply button to accept the changes made Click the Delete button to remove the specific entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist CPU ACL This window is used to display and c...

Page 301: ...e higher the priority of the access list ACL Name Enter the standard or extended IP access list s name to be matched here This name can be up to 32 characters long Alternatively click the Please Select button to select an existing ACL from the list Click the Apply button to accept the changes made Click the Delete button to delete the specified entry The fields that can be configured in Match IPv6...

Page 302: ...cess list ACL Name Enter the extended expert access list s name to be matched here This name can be up to 32 characters long Alternatively click the Please Select button to select an existing ACL from the list Click the Apply button to accept the changes made Click the Delete button to delete the specified entry The fields that can be configured in Match Ingress Interface are described below Param...

Page 303: ...L SFTP Server Settings Port Security Port Security Global Settings This window is used to display and configure the port security global settings Port Security is a security feature that prevents unauthorized computers with source MAC addresses unknown to the Switch prior to locking the port or ports from connecting to the Switch s locked ports and gaining access to the network To view the followi...

Page 304: ...id range is from 1 to 6656 Tick the No Limit checkbox to allow the maximum number of secure MAC address Click the Apply button to accept the changes made The fields that can be configured in Port Security VLAN Settings are described below Parameter Description VID List Enter the VLAN ID s here VLAN Max Learning Address Enter the maximum number of allowed MAC addresses that can be learned on the sp...

Page 305: ...ess level and increments the security violation count and record the system log Selecting Shutdown specifies to shut down the port if there is a security violation and record the system log Security Mode Select the security mode option here Options to choose from are Permanent and Delete on Timeout Selecting Permanent specifies that under this mode all learned MAC addresses will not be purged out ...

Page 306: ...ere This value must be between 1 and 4094 Click the Add button to add a new entry based on the information entered Click the Delete button to remove a new entry based on the information entered Click the Clear by Port button to clear the information based on the port selected Click the Clear by MAC button to clear the information based on the MAC address entered Click the Clear All button to clear...

Page 307: ...e roles of Client Authenticator and Authentication Server in greater detail Authentication Server The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator must be running a RADIUS Server program and must be configured properly on the Authenticator Switch Clients connected to a port on the Switch must be authenticated by the Authentication S...

Page 308: ...ck to the Client Figure 9 7 The Authenticator Three steps must be implemented on the Switch to properly configure the Authenticator The 802 1X State must be Enabled Security 802 1X 802 1X Global Settings The 802 1X settings must be implemented by port Security 802 1X 802 1X Port Settings A RADIUS server must be configured on the Switch Security RADIUS RADIUS Server Settings Client The Client is si...

Page 309: ...hrough the port The following figure displays a more detailed explanation of how the authentication process is completed between the three roles stated above Figure 9 9 The 802 1X Authentication Process The D Link implementation of 802 1X allows network administrators to choose between two types of Access Control used on the Switch which are Port based Access Control This method requires only one ...

Page 310: ...riction until an event occurs that causes the Port to become Unauthorized Hence if the Port is actually connected to a shared media LAN segment with more than one attached device successfully authenticating one of the attached devices effectively provides access to the LAN for all devices on the shared segment Clearly the security offered in this situation is open to attack Figure 9 10 Example of ...

Page 311: ...tings as shown below Figure 9 12 802 1X Global Settings Window The fields that can be configured are described below Parameter Description 802 1X State Select to enable or disable the 802 1X global state here 802 1XTrap State Select to enable or disable the 802 1X trap state here Click the Apply button to accept the changes made 802 1X Port Settings This window is used to display and configure the...

Page 312: ...le or disable the forward PDU option here MaxReq Enter the maximum required times value here This value must be between 1 and 10 By default this option is 2 This option configures the maximum number of times that the backend authentication state machine will retransmit an Extensible Authentication Protocol EAP request frame to the supplicant before restarting the authentication process PAE Authent...

Page 313: ... the session information based on the MAC address Enter a page number and click the Go button to navigate to a specific page when multiple pages exist Authenticator Statistics This window is used to display and clear the authenticator statistics To view the following window click Security 802 1X Authenticator Statistics as shown below Figure 9 15 Authenticator Statistics Window The fields that can...

Page 314: ... below Parameter Description Unit Select the Switch unit that will be used for this query here Port Select the appropriate port used for the query here Click the Find button to locate a specific entry based on the information entered Click the Clear Counters button to clear the counter information based on the selections made Click the Clear All button to clear all the information in this table Au...

Page 315: ...e information entered Click the Clear Counters button to clear the counter information based on the selections made Click the Clear All button to clear all the information in this table Enter a page number and click the Go button to navigate to a specific page when multiple pages exist AAA AAA Global Settings This window is used to enable or disable the Authentication Authorization and Accounting ...

Page 316: ...ow Figure 9 19 Application Authentication Settings Window Click the Edit button to re configure the specific entry Figure 9 20 Application Authentication Settings Edit Window The fields that can be configured are described below Parameter Description Login Method List After clicking the Edit button for the specific entry enter the login method list name used here Click the Edit button to re config...

Page 317: ...fic entry enter the EXEC method list name used here Click the Apply button to accept the changes made The fields that can be configured in Application Accounting Commands Method List are described below Parameter Description Application Select the application used here Options to choose from are Console Telnet and SSH Level Select the privilege level used here Options to choose from are levels 1 t...

Page 318: ...ne Normally the method is listed as the last method The user will pass authentication if it is not denied by previous method authentication local Specifies to use the local database for authentication group Specifies to use the server groups defined by the AAA group server Enter the AAA group server name in the space provided This string can be up to 32 characters long radius Specifies to use the ...

Page 319: ...oose from are none Normally the method is listed as the last method The user will pass authentication if it is not denied by previous method authentication local Specifies to use the local database for authentication group Specifies to use the server groups defined by the AAA group server Enter the AAA group server name in the space provided This string can be up to 32 characters long radius Speci...

Page 320: ...ccept the changes made The fields that can be configured in AAA Authentication Login are described below Parameter Description List Name Enter the method list name that will be used with the AAA authentication login option here Method 1 Method 4 Select the method lists that will be used for this configuration here Options to choose from are none Normally the method is listed as the last method The...

Page 321: ...cking the AAA Accounting System tab the following page will appear Figure 9 26 Accounting Settings AAA Accounting System Window The fields that can be configured in AAA Accounting System are described below Parameter Description Default Select to enable or disable the use of the default method list here Method 1 Method 4 Select the method lists that will be used for this configuration here Options...

Page 322: ... The fields that can be configured are described below Parameter Description Level Select the privilege level used here Options to choose from are levels 1 to 15 List Name Enter the method list name that will be used with the AAA accounting commands option here Method 1 Method 4 Select the method lists that will be used for this configuration here Options to choose from are none group and tacacs O...

Page 323: ...server When the system finds a server does not respond it will mark the server as down start a dead time timer and skip them in authentication of the following requests until expiration of the dead time Click the Apply button to accept the changes made The fields that can be configured in RADIUS Global IPv4 Source Interface are described below Parameter Description IPv4 RADIUS Source Interface Nam...

Page 324: ...nter the retransmit value used here This value must be between 0 and 20 By default this value is 3 To disable this option enter the value 0 Timeout Enter the timeout value used here This value must be between 1 and 255 seconds By default this value is 5 seconds Key Type Select the key type that will be used here Options to choose from are Plain Text and Encrypted Key Enter the key used to communic...

Page 325: ...specified entry After clicking the Show Detail button the following page will be available Figure 9 32 RADIUS Group Server Settings Detail Window The fields that can be configured are described below Parameter Description IPv4 RADIUS Source Interface Name Enter the name of the source IPv4 RADIUS interface here IPv6 RADIUS Source Interface Name Enter the name of the source IPv6 RADIUS interface her...

Page 326: ... on the selections made Click the Clear All button to clear all the information in this table Enter a page number and click the Go button to navigate to a specific page when multiple pages exist TACACS TACACS Global Settings This window is used to display and configure the global TACACS server settings To view the following window click Security TACACS TACACS Global Settings as shown below Figure ...

Page 327: ...n below Figure 9 35 TACACS Server Settings Window The fields that can be configured are described below Parameter Description IP Address Enter the TACACS server s IPv4 address here IPv6 Address Enter the TACACS server s IPv6 address here Port Enter the port number used here This value must be between 1 and 65535 By default this value is 49 Timeout Enter the timeout value here This value must be be...

Page 328: ...a new entry based on the information entered Click the Show Detail button to view and configure more detailed settings for the TACACS group server Click the Delete button to remove the specified entry After clicking the Show Detail button the following page will be available Figure 9 37 TACACS Group Server Settings Show Detail Window The fields that can be configured are described below Parameter ...

Page 329: ...ws the transmission of data between the layers The primary purpose of IP MAC Port Binding IMPB is to restrict the access to a Switch to a number of authorized users Authorized clients can access a Switch s port by either checking the pair of IP MAC addresses with the pre configured database or if DHCP snooping has been enabled in which case the Switch will automatically learn the IP MAC pairs by s...

Page 330: ...and MAC address Click the Apply button to accept the changes made DHCP Snooping Port Settings This window is used to display and configure the DHCP snooping port settings To view the following window click Security IMPB IPv4 DHCPv4 Snooping DHCP Snooping Port Settings as shown below Figure 9 40 DHCP Snooping Port Settings Window The fields that can be configured are described below Parameter Descr...

Page 331: ...window click Security IMPB IPv4 DHCPv4 Snooping DHCP Snooping VLAN Settings as shown below Figure 9 41 DHCP Snooping VLAN Settings Window The fields that can be configured are described below Parameter Description VID List Enter the VLAN ID list used here State Select to enable or disable the DHCP snooping VLAN setting here Click the Apply button to accept the changes made DHCP Snooping Database T...

Page 332: ...cription URL Select the location from the drop down list and enter the URL where the DHCP snooping database will be stored to here Locations to choose from are TFTP FTP and Flash An example URL is given Click the Apply button to accept the changes made The fields that can be configured in Load DHCP Snooping Database are described below Parameter Description URL Select the location from the drop do...

Page 333: ...ng binding entry here Unit Select the Switch unit that will be used for this configuration here Port Select the appropriate port used for the configuration here Expiry Enter the expiry time value used here This value must be between 60 and 4294967295 seconds Click the Add button to add a new entry based on the information entered Click the Delete button to remove the specified entry Enter a page n...

Page 334: ...ons to choose from are Any Host and IP with Mask Sender IP After selecting the Host or IP with Mask options as the type of IP enter the sender IP address used here Sender IP Mask After selecting the IP with Mask option as the type of IP enter the sender IP mask used here MAC Select the type of sender MAC address that will be used here Options to choose from are Any Host and MAC with Mask Sender MA...

Page 335: ...ted IP addresses It also specifies to check the validity of IP address in the ARP payload The sender IP in both the ARP request and response and target IP in the ARP response are validated Packets destined for the IP addresses 0 0 0 0 255 255 255 255 and all IP multicast addresses are dropped Sender IP addresses are checked in all ARP requests and responses and target IP addresses are checked only...

Page 336: ...range used for the configuration here Rate Limit Enter the rate limit value here This value must be between 1 and 150 packets per seconds Burst Interval Enter the burst interval value here This value must be between 1 and 15 Tick the None option to disable the option Trust State Select to enable or disable the trust state here Click the Apply button to accept the changes made Click the Set to Defa...

Page 337: ...low Parameter Description VID List Enter the VLAN ID list used here Click the Clear by VLAN button to clear the information based on the VLAN ID s entered Click the Clear All button to clear all the information in this table Enter a page number and click the Go button to navigate to a specific page when multiple pages exist ARP Inspection Log This window is used to display configure and clear the ...

Page 338: ... for this configuration here From Port To Port Select the appropriate port range used for the configuration here State Select to enable or disable the IP source guard s state for the specified port s here Validation Select the validation method used here Options to choose from are IP and IP MAC Selecting IP means that the IP address of the received packets will be checked Selecting IP MAC means th...

Page 339: ...the Switch unit that will be used for this query here From Port To Port Select the appropriate port range used for the query here IP Address Enter the IP address of the binding entry here MAC Address Enter the MAC address of the binding entry here VID Enter the VLAN ID of the binding entry here Type Select the type of binding entry to find here Options to choose from are All DHCP Snooping and Stat...

Page 340: ...for this query here From Port To Port Select the appropriate port range used for the query here Click the Find button to locate a specific entry based on the information entered Enter a page number and click the Go button to navigate to a specific page when multiple pages exist Advanced Settings IP MAC Port Binding Settings This window is used to display and configure the IP MAC Port binding setti...

Page 341: ...ss control a host will be denied to access the port after the host sends ARP or IP packets and the ARP packet or IP packet sent by the host does not pass the binding check To pass the binding check the source IP address source MAC address VLAN ID and arrival port must match any of the entries defined by either the IP source guard static binding entry or the DHCP snooping learned dynamic binding en...

Page 342: ...n Protocol Select the protocol state here Options to choose from are Enabled and Disabled Select DHCP to associate the DHCP protocol with this policy Select NDP to associate the NDP protocol with this policy DHCPv6 Snooping sniffs the DHCPv6 packets sent between the DHCPv6 client and server in the address assigning procedure When a DHCPv6 client successfully got a valid IPv6 address DHCPv6 snoopin...

Page 343: ... against the dynamic binding table learned from the ND protocol or from the DHCP Validate Source MAC Select to enable or disable the validation of the source MAC address option here When the Switch receives an ND message that contains a link layer address the source MAC address is checked against the link layer address The packet will be dropped if the link layer address and the MAC addresses are ...

Page 344: ...Tick this option to specify the target port Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here Click the Apply button to accept the changes made Click the Edit button to re configure the specific entry Click the Delete button to remove the specified entry After clicking the Please Select butt...

Page 345: ... IPv6 access list to match here Click the Please Select button to select an existing ACL from the list Target Port Tick this option to specify the target port Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here Click the Apply button to accept the changes made Click the Edit button to re confi...

Page 346: ...hen all global addresses on a link are assigned by DHCP and the administrator that wants to block hosts with self configured addresses from sending traffic Link Local Traffic Select to permit of deny hardware permitted data traffic send by the link local address Target Port Tick this option to specify the target port Unit Select the Switch unit that will be used for this configuration here From Po...

Page 347: ...are described below Parameter Description Unit Select the Switch unit that will be used for this search here From Port To Port Select the appropriate port range used for the search here IPv6 Address Enter the IPv6 address to find here MAC Address Enter the MAC address to find here VID Enter the VLAN ID to find here Click the Find button to locate a specific entry based on the information entered C...

Page 348: ...gure 9 64 DHCP Server Screening Global Settings Window The fields that can be configured in Trap Settings are described below Parameter Description Trap State Select to enable or disable the DHCP server screening trap here Click the Apply button to accept the changes made The fields that can be configured in Profile Settings are described below Parameter Description Profile Name Enter the DHCP ser...

Page 349: ...e port s specified Server IP Enter the DHCP server s IP address here Profile Name Enter the DHCP server screening profile that will be used for the port s specified here Click the Apply button to accept the changes made Click the Delete button to remove the specified entry ARP Spoofing Prevention This window is used to display and configure the ARP spoofing prevention settings When an entry is cre...

Page 350: ...ormal state and another is under attack state The under attack state has three modes drop block and shutdown A BPDU protection enabled port will enter an under attack state when it receives one STP BPDU packet and it will take action based on the configuration Thus BPDU protection can only be enabled on the STP disabled port BPDU protection has a higher priority than the Forward BPDU FBPDU setting...

Page 351: ...he Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here State Select to enable or disable the BPDU attack protection feature s state on the port s specified Mode Select the BPDU attack protection feature s mode that will be applied to the port s specified Options to choose from are Drop Block and Shutdown Drop...

Page 352: ...tBIOS Filtering State Select to enable or disable the extensive NetBIOS filtering state on the specified port s This is used to permit or deny NetBIOS packets over 802 3 frames on physical ports Click the Apply button to accept the changes made MAC Authentication This window is used to display and configure the MAC authentication settings MAC authentication is a feature designed to authenticate a ...

Page 353: ...nter the username used for MAC authentication here This name can be up to 16 characters long Tick the Default option to restore the username to the client s MAC address here Password Enter the password used for MAC authentication here Tick the Encrypt option save this password in the encrypted form Tick the Default option to restore the password to the client s MAC address here Click the Apply but...

Page 354: ...nt to a virtual IP address but not to the IP address of the Switch s physical interface Virtual IP works like this when a host PC communicates with the WAC Switch through a virtual IP the virtual IP is transformed into the physical IPIF IP interface address of the Switch to make the communication possible The host PC and other servers IP configurations do not depend on the virtual IP of WAC The vi...

Page 355: ...ction so that client may obtain an IP address Certain functions exist on the Switch that will filter HTTP packets such as the ACL function The user needs to be very careful when setting filter functions for the target VLAN so that these HTTP packets are not denied by the Switch If a RADIUS server is to be used for authentication the user must first establish a RADIUS Server with the appropriate pa...

Page 356: ...est So it s not allowed to configure virtual IP in the same subnet as the Switch s IP interface or the same subnet as the host PCs subnet otherwise the Web authentication cannot operate correctly The defined URL only takes effect when the virtual IP address is configured The users get the FQDN URL stored on the DNS server to get the virtual IP address The obtained IP address must match the virtual...

Page 357: ...nfiguration here From Port To Port Select the appropriate port range used for the configuration here State Select to enable or disable the WAC feature on the port s specified Click the Apply button to accept the changes made WAC Customize Page This window is used to display and configure the WAC customized login page To view the following window click Security Web based Access Control WAC Customiz...

Page 358: ...ck the Set to Default button to replace the information with the default information Click the Apply button to accept the changes made Network Access Authentication Guest VLAN This window is used to display and configure the network access authentication guest VLAN settings To view the following window click Security Network Access Authentication Guest VLAN as shown below Figure 9 74 Guest VLAN Wi...

Page 359: ...lect to enable or disable the deny MAC move feature here This option controls whether to allow authenticated hosts to do roaming across different Switch ports and only controls whether a host which is authenticated at a port set to the multi authenticate mode is allowed to move to another port If a station is allowed to move there are two situations It may either need to be re authenticated or dir...

Page 360: ...The fields that can be configured in User Information are described below Parameter Description User Name Enter the user name used here This name can be up to 32 characters long VID Enter the VLAN ID used here Password Type Select the password type option here Options to choose from are Plain Text and Encrypted Password Enter the password used here Click the Apply button to accept the changes made...

Page 361: ...s authentication mode is changed to multi host the previous authentication VLAN s on this port will be cleared CompAuth Mode Select the compound authentication mode option here Options to choose from are Any and MAC WAC Selecting Any specifies that if any of the authentication method 802 1X MAC based Access Control or WAC to passes then pass Selecting MAC WAC specifies to verify MAC based authenti...

Page 362: ...kload of the Switch while the attack is ongoing thus making it capable to forward essential packets over its network in a limited bandwidth If the CPU load rises above the rising threshold value the Safeguard Engine function will be activated and the Switch will enter the exhausted mode In the exhausted mode the Switch will limit the bandwidth available for ARP and broadcast IP packets If the CPU ...

Page 363: ...ol Telnet Manage Telnet TFTP Manage Trivial File Transfer Protocol Web Manage Hypertext Transfer Protocol HTTP and Hypertext Transfer Protocol Secure HTTPS A customized rate limit in packets per second can be assigned to the Safeguard Engine s sub interfaces as a whole or to individual protocols specified by the user in the management interface Be careful when customizing the rate limit for indivi...

Page 364: ... is used to configure the acceptable level of CPU utilization as a percentage where the Switch leaves the Safeguard Engine state and returns to normal mode Click the Apply button to accept the changes made CPU Protect Counters This window is used to display and clear the CPU protection counter information To view the following window click Security Safeguard Engine CPU Protect Counters as shown be...

Page 365: ...in Sub Interface Information are described below Parameter Description Sub Interface Select the sub interface option here Options to choose from are Manage Protocol and Route Click the Find button to locate a specific entry based on the information entered CPU Protect Type This window is used to display and configure the CPU protection type settings To view the following window click Security Safe...

Page 366: ...S Click the Apply button to accept the changes made Click the Delete button to remove the specific entry Traffic Segmentation Settings This window is used to display and configure the traffic segmentation settings When the traffic segmentation forwarding domain is specified packets received by the port will be restricted in Layer 2 packet forwarding to interfaces within the domain When the forward...

Page 367: ...ect the forward Switch unit that will be used for this configuration here From Forward Port To Forward Port Select the forward port range used for the configuration here Click the Add button to add a new entry based on the information entered Click the Delete button to remove an entry based on the information entered Storm Control This window is used to display and configure the storm control sett...

Page 368: ...hoose from are Broadcast Multicast and Unicast When the action is configured as the shutdown mode the unicast refers to both known and unknown unicast packets that is if the known and unknown unicast packets hit the specified threshold the port will be shutdown Otherwise unicast refers to unknown unicast packets Action Select the action that will be taken here Options to choose from are None Shutd...

Page 369: ... is not specified the default value is 80 of the specified risen level Click the Apply button to accept the changes made DoS Attack Prevention Settings This window is used to display and configure the Denial of Service DoS attack prevention settings The following well known DoS types which can be detected by most Switches Land Attack This type of attack involves IP packets where the source and des...

Page 370: ...gs Window The fields that can be configured in SNMP Server Enable Traps DoS Settings are described below Parameter Description Trap State Select to enable or disable the DoS attack prevention trap state here Click the Apply button to accept the changes made The fields that can be configured in DoS Attack Prevention Settings are described below Parameter Description DoS Type Selection Tick the DoS ...

Page 371: ...nfigure the encryption algorithm that SSH will use to encrypt and decrypt messages sent between the SSH client and the SSH server using the SSH Authentication Method and Algorithm Settings window Finally enable SSH on the Switch using the SSH Configuration window After completing the preceding steps a SSH Client on a remote PC can be configured to manage the Switch using a secure in band connectio...

Page 372: ...e button to generate a host key based on the selections made Click the Delete button to remove a host key based on the selections made The fields that can be configured in Host Key are described below Parameter Description Crypto Key Type Select the crypto key type used here Options to choose from are the Rivest Shamir Adleman RSA key type and the Digital Signature Algorithm DSA key type After cli...

Page 373: ...cation Method enter the public key here Host Name After selecting the Host based option as the Authentication Method enter the host name here IPv4 Address After selecting the Host based option as the Authentication Method select and enter the IPv4 address here IPv6 Address After selecting the Host based option as the Authentication Method select and enter the IPv6 address here Click the Apply butt...

Page 374: ...n the Switch to create a three layered encryption code for secure communication between the server and the host The user may implement any one or combination of the cipher suites available yet different cipher suites will affect the security level and the performance of the secured connection The information included in the cipher suites is not included with the Switch and requires downloading fro...

Page 375: ...e Crypto PKI Trustpoint This window is used to display and configure the crypto PKI trust point settings To view the following window click Security SSL Crypto PKI Trustpoint as shown below Figure 9 95 Crypto PKI Trustpoint Window The fields that can be configured are described below Parameter Description Trustpoint Enter the name of the trust point that is associated with the imported certificate...

Page 376: ...gure 9 96 SSL Service Policy Window The fields that can be configured are described below Parameter Description Policy Name Enter the SSL service policy name here This name can be up to 32 characters long Version Select the SSL or TLS version SSL 3 0 Select to use SSL version 3 0 as the SSL service policy TLS 1 0 Select to use TLS version 1 0 as the SSL service policy TLS 1 1 Select to use TLS ver...

Page 377: ...encryption for message encryption and SHA for message digest RSA_WITH_AES_256_CBC_SHA Select to use RSA key exchange with AES 256 bit encryption for message encryption and SHA for message digest RSA_WITH_AES_128_CBC_SHA256 Select to use RSA key exchange with AES 128 bit encryption for message encryption and SHA 256 bit for message digest RSA_WITH_AES_256_CBC_SHA256 Select to use RSA key exchange w...

Page 378: ...ption SFTP Server Select to globally enable or disable the SFTP server feature here Idle Timeout Enter the idle timeout value here If the SFTP server detects no operation after the duration of the idle timer for a specific SFTP session the Switch will close this SFTP session The range is from 30 to 600 seconds By default this value is 120 seconds Click the Apply button to accept the changes made ...

Page 379: ...rs a trap will be sent out LCK Trap State Select to enable or disable the CFM Locked Signal LCK trap feature here If the trap status of LCK is enabled once an ETH LCK event occurs or an ETH LCK event clears a trap will be sent out All MPs Reply LTRs Select to enable or disable the all MPs Linktrace Reply LTR feature here According to IEEE 802 1ag a Bridge replies with one LTR to a Linktrace Messag...

Page 380: ...ated value indicates whether the management entity can create MIP Half Functions MHF for a maintenance domain Options to choose from are None Auto and Explicit None Specifies not to create the MIP for a maintenance domain Auto Specifies that MIPs will be created on any port for the MAs in this maintenance domain when there is no MEP configured on that port for the MAs with the same VID at this MD ...

Page 381: ... Enter the Maintenance Association MA entry s name here This name can be up to 22 characters long Each MA in an MD must have a unique MA name MAs configured in different MDs may have the same MA identifier When the MA entry is deleted the configuration on it is also deleted MA VID Enter the Maintenance Association MA entry s VLAN ID here The range is from 1 to 4094 Click the Apply button to accept...

Page 382: ...e MA with the same VID at the next lower active MD level or there is no MA with the same VID at any lower active MD levels For an intermediate Switch in an MA the setting must be Auto in order for the MIPs to be created on this device Explicit Specifies that MIPs will be created on any port for the MAs in this maintenance domain when there is no MEP configured on that port for the MAs with the sam...

Page 383: ...ed here Direction Select the direction of the MEP here Options to choose from are Up and Down Up Specifies to create an inward facing up MEP Down Specifies to create an outward facing down MEP Click the Apply button to accept the changes made Click the Back button to return to the previous window Click the Show Detail button to view more detailed information about the specified MEP Click the Remov...

Page 384: ...ch Web UI Reference Guide 374 Figure 10 6 CFM Settings Add MA Add MEP MEPID Detail Window Click the Edit button to modify the specified entry Click the Back button to return to the previous window After clicking the Edit button the following page will appear ...

Page 385: ...by the MEP Fault Alarm Select the type of defects whose fault alarms can be sent by this MEP Options to choose from are None All MAC Status Remote CCM Error CCM and XCON CCM None Specifies that no fault alarm will be sent All Specifies that the fault alarms for all types of defects can be sent MAC Status Specifies that the fault alarms for the defects whose priority is equal to or higher than the ...

Page 386: ... MIP and MEPs exist on The range is from 0 to 7 LCK State Select the enable or disable the LCK feature on this interface here LCK Period Select the transmitting interval of the LCK PDU here Options to choose from are 1 Seconds and 1 Minute The default period is 1 second LCK Client Level Select the client level ID to which the MEP sends the LCK PDU here The default client MD level is the MD level t...

Page 387: ...cribed below Parameter Description MAC Address Enter the MAC address for the DM test here Period Interval Select the period interval time here This specifies the transmitting period of the DDM message and diagnostic interval Options to choose from are 100ms 1sec The transmission period is 100 milliseconds and the diagnostic interval is 1 second 1sec 10sec The transmission period is 1 second and th...

Page 388: ...n the selection made Click the Clear All button to clear all the CFM DM statistics information Click the Back button to return to the previous window After clicking the Edit LM button the following page will appear Figure 10 11 CFM Settings Add MA Add MEP Edit LM Window The fields that can be configured in CFM LM Settings are described below Parameter Description State Select to enable or disable ...

Page 389: ...ored LM results Statistics Specifies to clear the stored statistics of ETH LM frames LMM and LMR Click the Clear button to clear the CFM LM statistics information based on the selection made Click the Clear All button to clear all the CFM LM statistics information Click the Back button to return to the previous window CFM Port Settings This window is used to display and configure the CFM feature s...

Page 390: ... and enter the remote MEP s ID here The range is from 1 to 8191 MEPID Enter the MEP s ID that will initiate the loopback test here The range is from 1 to 8191 MA Name Enter the MA s name here This name can be up to 22 characters long Domain Name Enter the MD s name here This name can be up to 22 characters long LBMs Number Enter the number of LBMs to be sent here The range is from 1 to 65535 By de...

Page 391: ...e The range is from 1 to 8191 MA Name Enter the MA s name here The name can be up to 22 characters long Domain Name Enter the MD s name here The name can be up to 22 characters long TTL Enter the link trace message s TTL value here The range is from 2 to 255 The default value is 64 PDU Priority Select the 802 1p priority to be set in the transmitted LBMs here If not specified it uses the same prio...

Page 392: ...view the following window click OAM CFM CFM Packet Counter as shown below Figure 10 17 CFM Packet Counter Window The fields that can be configured are described below Parameter Description Unit Select the Switch s unit ID that will be used here Port Select the Switch s port that will be used here Type Select the type of counter information that will be cleared or displayed here Options to choose f...

Page 393: ...CM Table This window is used to display the MIP CCM database entries To view the following window click OAM CFM CFM MIP CCM Table as shown below Figure 10 19 CFM MIP CCM Table Window CFM MEP Fault Table This window is used to display the MEPs that have faults To view the following window click OAM CFM CFM MEP Fault Table as shown below Figure 10 20 CFM MEP Fault Table Window Cable Diagnostics The ...

Page 394: ...Select the appropriate port range used for the configuration here Click the Test button to test the specific port Click the Clear button to clear all the information for the specific port Click the Clear All button to clear all the information in this table Ethernet OAM Ethernet OAM Settings This window is used to display and configure the Ethernet Operations Administration and Maintenance OAM set...

Page 395: ...owing two actions are allowed by ports in the active mode but disallowed by ports in the passive mode 1 Initiate OAM discovery 2 Start or stop remote loopback Received Remote Loopback Select to configure the behavior of the received remote loopback requirement from the peer on the specified port s here Options to choose from are Ignore and Process Ignore Specifies not to react to remote loopback r...

Page 396: ...al client is already in the remote loopback mode then this feature cannot be applied Click the Apply button to accept the changes made The fields that can be configured in Ethernet OAM Table are described below Parameter Description Unit Select the Switch s unit ID that will be used here From Port To Port Select the Switch s port range that will be used here Click the Find button to locate a speci...

Page 397: ...ent bit set when an unrecoverable local failure condition has occurred Critical Event Select to enable or disable the critical event feature here This feature is used to configure the capability of the critical event If the capability for a critical event is disabled the port will never send out OAM PDUs with critical event bit set when an unspecified critical event has occurred Link Monitor Selec...

Page 398: ...r the amount of time over which the threshold is defined here If threshold symbol errors occur within the period an event notification OAM PDU should be generated with an error symbol period event TLV indicating that the threshold has been crossed in this window The range is from 10 to 600 deciseconds When Error Frame is selected as the link monitor enter the amount of time over which the threshol...

Page 399: ...vent Log Table as shown below Figure 10 24 Ethernet OAM Event Log Table Window The fields that can be configured are described below Parameter Description Unit Select the Switch s unit ID that will be used here Port Select the Switch s port that will be used here Action Select the Find option to find and display the log entries associated with the specified port Select the Clear option to clear th...

Page 400: ...lick the Find button to find and display the statistics information associated with the specified port s Click the Show All button to display all the statistics information Ethernet OAM DULD Settings This window is used to display and configure the Ethernet OAM feature s D Link Unidirectional Link Detection DULD settings DULD is an extension of 802 3ah Ethernet OAM It provides a mechanism to detec...

Page 401: ...n on the specified port s Action Select the action that will be taken here Options to choose from are Normal and Shutdown Discovery Time Enter the discovery time value here The range is from 5 to 65535 seconds By default this value is 5 seconds If the OAM discovery does not successfully negotiate before discovery time expired OAM unidirectional link detection will start Click the Apply button to a...

Page 402: ...toring traps alarm feature here Transceiver Monitoring Traps Warning Select to enable or disable the transceiver monitoring traps warning feature here Click the Apply button to accept the changes made The fields that can be configured in DDM Shutdown Settings are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select...

Page 403: ...ere Port Select the port used for the configuration here Action Select the action that will be taken here Options to choose from are Add and Delete Type Select the type of temperature threshold Options to choose from are Low Alarm Low Warning High Alarm and High Warning Value Enter the threshold value This value must be between 128 and 127 996 C Click the Apply button to accept the changes made DD...

Page 404: ...ch To view the following window click OAM DDM DDM Bias Current Threshold Settings as shown below Figure 10 30 DDM Bias Current Threshold Settings Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here Port Select the port used for the configuration here Action Select the action that will be taken ...

Page 405: ...High Alarm and High Warning Power Unit Select the power unit here Options to choose from are mW and dBm Value Enter the threshold value either in mW or dBm here When selecting mW in the Power Unit drop down list this value must be between 0 and 6 5535 When selecting dBm in the Power Unit drop down list this value must be between 40 and 8 1647 Click the Apply button to accept the changes made DDM R...

Page 406: ...g Power Unit Select the power unit here Options to choose from are mW and dBm Value Enter the threshold value either in mW or dBm here When selecting mW in the Power Unit drop down list this value must be between 0 and 6 5535 When selecting dBm in the Power Unit drop down list this value must be between 40 and 8 1647 Click the Apply button to accept the changes made DDM Status Table This window is...

Page 407: ...face VLAN Enter the VLAN ID that will be used here The range is from 1 to 4094 Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the range of ports that will be used for this configuration here Select the All option to use all the ports in this configuration Frame Type Select the frame type here Options to choose from are Broadcast Specifies to coun...

Page 408: ...raffic count settings TX Specifies to display egress traffic count settings Both Specifies to display ingress and egress traffic count settings Click the Find button to display entries in the table based on the information entered selected Enter a page number and click the Go button to navigate to a specific page when multiple pages exist Utilization Port Utilization This window is used to display...

Page 409: ...3 History Utilization Memory Window After selecting CPU as the Type the following window will appear Figure 11 4 History Utilization CPU Window After selecting Port as the Type the following window will appear Figure 11 5 History Utilization Port Window The fields that can be configured are described below Parameter Description Type Select the history utilization type to display here Options to ch...

Page 410: ...rom 48 hours ago until 24 hours ago Slot Index Select the slot index here Options to choose from are All and 1 to 5 Click the Find button to display entries in the table based on the information selected Statistics Port This window is used to display the port statistics information To view the following window click Monitoring Statistics Port as shown below Figure 11 6 Port Window The fields that ...

Page 411: ...rt Show Detail Window Click the Back button to return to the previous window Click the Refresh button to refresh the information displayed in the table CPU Port This window is used to display the CPU statistics information To view the following window click Monitoring Statistics CPU Port as shown below ...

Page 412: ...are All Layer 2 L2 Layer 3 L3 and Protocol Click the Find button to display entries in the table based on the information selected Click the Refresh button to refresh the information displayed in the table Click the Clear All button clear all the statistics information displayed in the table Interface Counters This window is used to display the interface counter information To view the following w...

Page 413: ...the Switch unit that will be used in this display here From Port To Port Select the range of ports that will be used in this display here Click the Find button to display entries in the table based on the information selected Click the Refresh button to refresh the information displayed in the table Click the Show Errors button to view more detailed error information on the specified port After cl...

Page 414: ...ibed below Parameter Description Type Select the type of information to display here Options to choose from are Port and VLAN Interface VLAN Enter the VLAN ID that will be used in this display here Click the Find button to display entries in the table based on the information selected entered Click the Refresh button to refresh the information displayed in the table Interface History Counters This...

Page 415: ...t value here Options to choose from are 15 Minutes Specifies to display 15 minute based statistics count 1 Day Specifies to display daily based statistics count For 15 minute based statistics slot 1 represents the time from 15 minutes ago until now slot 2 represents the time from 30 minutes ago until 15 minutes ago and so on For 1 day based statistics slot 1 represents the time from 24 hours ago u...

Page 416: ...itch unit that will be used in this display here From Port To Port Select the range of ports that will be used in this display here Click the Find button to display entries in the table based on the information selected Click the Refresh button to refresh the counter information displayed in the table Click the Clear button clear the counter information displayed in the table based on the informat...

Page 417: ...eb UI Reference Guide 407 Figure 11 14 Counters Show Detail Window Click the Back button to return to the previous window Click the Refresh button to refresh the information displayed in the table After selecting VLAN as the Type the following window will appear ...

Page 418: ...isplayed in the table Click the Clear button clear the counter information displayed in the table based on the information selected entered Click the Clear All button clear all the counter information displayed in the table Mirror Settings This window is used to display and configure the mirror feature s settings The Switch allows users to copy frames transmitted and received on a port and redirec...

Page 419: ...n Options to choose from are Port and Remote VLAN Port After selecting this option select the Switch s unit ID and destination port number from the drop down menus Remote VLAN After selecting this option select the Switch s unit ID and destination port number from the drop down menus and enter the VID in the space provided The VID must be between 2 and 4094 Source Tick the checkbox next to the Sou...

Page 420: ...he information entered The fields that can be configured for Mirror Session Table are described below Parameter Description Mirror Session Type Select the mirror session type of information that will be displayed from the drop down menu Options to choose from are All Session Session Number Remote Session and Local Session After selecting the Session Number option select the session number from the...

Page 421: ...e Enter the expiration time for the entry here The parameters of the entry will reset when the timer expired The range is from 0 to 2000000 seconds Selecting Infinite specifies that the entry will not expire Max Datagram Size Enter the maximum number of data bytes of a single sFlow datagram here The range is from 700 to 1400 bytes By default this value is 1400 bytes Collector Address Enter the rem...

Page 422: ...nbound specifies to sample ingress packets This is the default direction of a sampler Selecting Outbound specifies to sample egress packets Sampling Rate Enter packet sampling rate here This value must be between 0 and 65536 Entering 0 will disable this function If not specified the default value is 0 Max Header Size Enter the maximum number of bytes that should be copied from sampled packets This...

Page 423: ...d click the Go button to navigate to a specific page when multiple pages exist Device Environment The device environment feature displays the Switch internal temperature status To view the following window click Monitoring Device Environment as shown below Figure 11 22 Device Environment Window External Alarm Settings This window is used to display and configure the external alarm settings This is...

Page 424: ... The fields that can be configured in External Alarm Settings are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here Channel Select the channel to be configured here The range is from 1 to 4 Message Enter the alarm message associated with the channel here This string can be up to 128 characters long Click the Apply button to accept the c...

Page 425: ...ower saving feature This feature will allow the Switch to automatically detect the cable length connected to the port and increase or reduce the required power to this port accordingly to save power Scheduled Port shutdown Power Saving Select this option to enable or disable applying the power saving by scheduled port shutdown Scheduled Dim LED Power Saving Select this option to enable or disable ...

Page 426: ...eter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here Time Range Enter the name of the time range to associate with the ports Click the Apply button to accept the changes made Click the Delete button to remove the specified entry EEE Energy Efficient Ethernet EEE is defined in I...

Page 427: ...e described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here State Select this option to enable or disable the state of this feature here Click the Apply button to accept the changes made ...

Page 428: ...e Configuration as shown below Figure 13 1 Save Configuration Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here File Path Enter the filename and path in the space provided Click the Apply button to save the configuration Firmware Upgrade Backup Firmware Upgrade from HTTP This window is used t...

Page 429: ...om TFTP as shown below Figure 13 3 Firmware Upgrade from TFTP Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here TFTP Server IP Enter the TFTP server s IP address here When select the IPv4 option enter the IPv4 address of the TFTP server in the space provided When the IPv6 option is selected e...

Page 430: ...e can be up to 32 characters long Password Enter the password used for the FTP connection here This password can be up to 15 characters long Source File Enter the source filename and path of the firmware file located on the FTP server here This field can be up to 64 characters long Destination File Enter the destination path and location where the new firmware should be stored on the Switch This f...

Page 431: ...window is used to initiate a firmware backup to a local PC using HTTP To view the following window click Tools Firmware Upgrade Backup Firmware Backup to HTTP as shown below Figure 13 6 Firmware Backup to HTTP Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here Source File Enter the source file...

Page 432: ...up Firmware Backup to FTP as shown below Figure 13 8 Firmware Backup to FTP Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here FTP Server IP Enter the FTP server s IP address here When select the IPv4 option enter the IPv4 address of the FTP server in the space provided When the IPv6 option is...

Page 433: ...path of the firmware file located on the Switch here This field can be up to 64 characters long Destination File Enter the destination filename and path of the firmware file to be backed up to the RCP server here This field can be up to 64 characters long Click the Backup button to initiate the firmware backup Configuration Restore Backup Configuration Restore from HTTP This window is used to init...

Page 434: ...at can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here TFTP Server IP Enter the TFTP server s IP address here When select the IPv4 option enter the IPv4 address of the TFTP server in the space provided When the IPv6 option is selected enter the IPv6 address of the TFTP server in the space provided Source File Enter t...

Page 435: ...ere This password can be up to 15 characters long Source File Enter the source filename and path of the configuration file located on the FTP server here This field can be up to 64 characters long Destination File Enter the destination path and location where the configuration file should be stored on the Switch This field can be up to 64 characters long Select the running config option to restore...

Page 436: ...e configuration file on the Switch with this one Click the Restore button to initiate the configuration restore Configuration Backup to HTTP This window is used to initiate a configuration file backup to a local PC using HTTP To view the following window click Tools Configuration Restore Backup Configuration Backup to HTTP as shown below Figure 13 14 Configuration Backup to HTTP Window The fields ...

Page 437: ...p configuration file from the Switch Destination File Enter the destination path and location where the configuration file should be stored on the TFTP server This field can be up to 64 characters long Click the Backup button to initiate the configuration file backup Configuration Backup to FTP This window is used to initiate a configuration file backup to an FTP server To view the following windo...

Page 438: ...e backup to an RCP server To view the following window click Tools Configuration Restore Backup Configuration Backup to RCP as shown below Figure 13 17 Configuration Backup to RCP Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here RCP Server IP Enter the RCP server s IP address here User Name ...

Page 439: ...13 19 Log Backup to TFTP Window The fields that can be configured are described below Parameter Description TFTP Server IP Enter the TFTP server s IP address here When select the IPv4 option enter the IPv4 address of the TFTP server in the space provided When the IPv6 option is selected enter the IPv6 address of the TFTP server in the space provided Destination File Enter the destination path and ...

Page 440: ...ed on the RCP server This field can be up to 64 characters long Log Type Select the log type that will be backed up to the RCP server When the System Log option is selected the system log will be backed up When the Attack Log is selected the attack log will be backed up Click the Backup button to initiate the system log backup Ping Ping is a small program that sends ICMP Echo packets to the IP add...

Page 441: ...ct and enter the domain name of the system to discover Ping Times Enter the number of times desired to attempt to Ping the IPv4 address configured in this window Users may enter a number of times between 1 and 255 Tick the Infinite check box to keep sending ICMP Echo packets to the specified IP address until the program is stopped Timeout Select a timeout period between 1 and 99 seconds for this P...

Page 442: ... Ping packet will be dropped Frequency Enter the frequency time for the ping here The range is from 0 to 86400 Source IPv6 Address Enter the source IPv6 address If the current Switch has more than one IPv6 address you can enter one of them to this field When entered this IPv6 address will be used as the packets source IP address sent to the remote host or as primary IP address Click the Start butt...

Page 443: ...n two devices The range for the TTL is 1 to 255 hops Port Enter the port number here The value range is from 1 to 65535 Timeout Enter the timeout period while waiting for a response from the remote device here A value of 1 to 65535 seconds can be specified The default is 5 seconds Frequency Enter the frequency time for the trace route here The range is from 0 to 86400 Probe Number Enter the probe ...

Page 444: ...ng IPv4 Trace Route Result section will appear Figure 13 25 Trace Route Start Window Click the Back button to stop the trace route and return to the IPv4 Trace Route section Reset This window is used to reset the Switch s configuration to the factory default settings To view the following window click Tools Reset as shown below Figure 13 26 Reset Window Select one of the following options The Swit...

Page 445: ...witch License keys are sold in the market It may be printed on a physical package or be displayed in an e mail or a portal The user needs to register the license key on the Global Registration Portal to get the activation code Install the proper activation code rather than license key to activate unlock some features After the activation code was installed successfully reboot the Switch to activat...

Page 446: ...e Switch Power on the Switch After the Starting runtime image message was displayed the Switch will allow 1 second for the user to press the hotkey Shift 6 to enter the Password Recovery Mode Enter the hotkey continuously to ensure that the timing is correct Once the Switch enters the Password Recovery Mode all ports on the Switch will be disabled Boot Procedure V1 00 006 Power On Self Test 100 MA...

Page 447: ...abled Log Message AAA is status Parameters description status The status indicates the AAA enabled or disabled Informational Event description Successful login Log Message Successful login through exec type from client ip authenticated by AAA aaa method server ip Username username Parameters description exec type It indicates the EXEC types e g Console Telnet SSH Web Web SSL client ip It indicates...

Page 448: ...ss if valid through IP protocol aaa method It indicates the authentication method e g none local server server ip It indicates the AAA server IP address if authentication method is remote server username It indicates the username for authentication Warning Event description the remote server does not respond to the enable password authentication request Log Message Enable privilege failed through ...

Page 449: ...ntication interface id It indicates the port number of the client authenticated acl script The assign ACL script that authorized by from RADIUS server Warning Auto Save Config Log Description Severity Event description Record the event when the configure information of DDP is saved automatically Log Message CONFIG 6 DDPSAVECONFIG Unit unitID Configuration automatically saved to flash due to config...

Page 450: ...ents the MAC address of the MEP The value all zeros means unknown MAC address Note In CFM hardware mode remote MEP information mepid and macaddr is unknown Warning Event description Cannot receive the remote MEP s CCM packet Log Message CFM remote down MD Level mdlevel VLAN vlanid Local Interface interface id Direction mepdirection Parameters description vlanid Represents the VLAN identifier of th...

Page 451: ...rameters description vlanid Represents the VLAN identifier of the MEP mdlevel Represents the MD level of the MEP interface id Represents the interface number of the MEP mepdirection Represents the direction of the MEP This can be inward or outward mepid Represents the MEPID of the MEP Notice Event description LCK condition detected Log Message LCK condition detected MD Level mdlevel VLAN vlanid Lo...

Page 452: ...address pathFile Path and file name on server Warning Event description Firmware uploaded successfully Log Message Unit unitID Firmware uploaded by session successfully Username username IP ipaddr MAC macaddr Server IP serverIP File Name pathFile Parameters description unitID The unit ID session The user s session username Represent current login user ipaddr Represent client IP address macaddr Rep...

Page 453: ...it unitID Configuration uploaded by session successfully Username username IP ipaddr MAC macaddr Server IP serverIP File Name pathFile Parameters description unitID The unit ID session The user s session username Represent current login user ipaddr Represent client IP address macaddr Represent client MAC address serverIP Server IP address pathFile Path and file name on server Informational Event d...

Page 454: ...ration DUT will add a log Log Message Duplicate address ipv6address on interface id via receiving Neighbor Advertisement Messages Parameters description ipv6address ipv6 address in Neighbor Advertisement Messages interface id port interface ID Warning DDM Log Description Severity Event description when the any of SFP parameters exceeds from the warning threshold Log Message Optical transceiver int...

Page 455: ... ipv6 address obtained from a DHCPv6 server ipif name Name of the DHCPv6 client interface Informational Event description The ipv6 address obtained from a DHCPv6 server starts renewing Log Message The IPv6 address ipv6address on interface ipif name starts renewing Parameters description ipv6address ipv6 address obtained from a DHCPv6 server ipif name Name of the DHCPv6 client interface Information...

Page 456: ... interface intf name starts renewing Parameters description ipv6networkaddr IPv6 prefix obtained from a delegation router intf name Name of the DHCPv6 client PD interface Informational Event description The IPv6 prefix obtained from a delegation router renews success Log Message The IPv6 prefix ipv6networkaddr on interface intf name renews success Parameters description ipv6anetworkaddr IPv6 prefi...

Page 457: ...onal DLMS Log Description Severity Event Description Input an illegal activation code Log Message Illegal activation code AC string25 Parameters Description string25 Activation Code Informational Event Description License Expired Log Message License expired license license model AC string25 Parameters Description license model License Model Name string25 Activation Code Critical Event Description ...

Page 458: ... Severity Event description A unidirectional link has been detected on this port Log Message DULD INTERFACE ID is detected as unidirectional link Parameters description INTERFACE ID The interface name Warning Dynamic ARP Inspection Log Description Severity Event description Detect illegal ARP packet Log Message Illegal ARP type packets IP ip address MAC mac address VLAN vlan id on interface id Par...

Page 459: ... OAM disable Port shutdown Port link down Packet overload Warning Event description Error Symbol Period Event remote Log Message Error symbol period event received Port interface id Parameters description interface id The interface name Warning Event description Error Frame Event Log Message Error frame event received Port interface id Parameters description interface id The interface name Warning...

Page 460: ...ted Broadcast packet rate is high on subnet IP s Parameters description IP the Broadcast IP destination address Informational Event description IP Directed broadcast rate exceed 100 packets per second Log Message IP Directed Broadcast rate is high Informational IPSG Log Description Severity Event description When there is no hardware rule resource to set DHCP Snooping entry into IPSG table the sys...

Page 461: ...rt unitID portNum VID vlanID LBD recovered Loop detection restarted Parameters Description unitID The unit ID portNum The port number vlanID The VLAN ID number Informational Event Description The number of VLANs that loop back has occurred hit the specified number Log Message Loop VLAN number overflow Parameters Description None Informational LLDP MED Log Description Severity Event description LLD...

Page 462: ...3 portComponent 3 4 macAddress 4 5 networkAddress 5 6 interfaceName 6 7 local 7 chassisID chassis ID portType port ID subtype Value list 1 interfaceAlias 1 2 portComponent 2 3 macAddress 3 4 networkAddress 4 5 interfaceName 5 6 agentCircuitId 6 7 local 7 portID port ID deviceClass LLDP MED device type Notice Event description Incompatible LLDP MED TLV set detected Log Message Incompatible LLDP MED...

Page 463: ...vent description Console session timed out Log Message Unit unitID Console session timed out Username username Parameters description unitID The unit ID username Represent current login user Informational Event description Logout through console Log Message Unit unitID Logout through Console Username username Parameters description unitID The unit ID username Represent current login user Informati...

Page 464: ...ess ipv6addr Represent client IPv6 address Informational Event description Login through SSH unsuccessfully Log Message Login failed through SSH Username username IP ipaddr ipv6address Parameters description username Represent current login user ipaddr Represent client IP address ipv6addr Represent client IPv6 address Critical Event description SSH session timed out Log Message SSH session timed o...

Page 465: ...enters stop learning state Warning Event description the authorized user number on the whole device is below the maximum user limit in a time interval Log Message MAC based Access Control recovers from stop learning state Warning Event description the authorized user number on an interface has reached the maximum user limit Log Message interface id enters MAC based Access Control stop learning sta...

Page 466: ... old_role new_role Parameters description InstanceID Instance ID portNum Port ID old_role Old role new_status New role Informational Event description Spanning Tree instance created Log Message Spanning Tree instance created Instance InstanceID Parameters description InstanceID Instance ID Informational Event description Spanning Tree instance deleted Log Message Spanning Tree instance deleted Ins...

Page 467: ...scription Unit id The unit ID Fan id The FAN ID Critical Event description Temperature sensor enters alarm state Log Message Unit unitID Temperature sensor sensorID enters alarm state current temperature temperature Parameters description unitID The unit ID sensorID The sensor ID temperature The temperature Warning Event description Temperature recovers to normal Log Message Unit unitID Temperatur...

Page 468: ...s the speed and duplex of link Informational Event description port link down Log Message Port port link down Parameters description port Represents the logical port number Informational Port Security Log Description Severity Event description Address full on a port Log Message MAC address mac address causes port security violation on interface id Parameters description macaddr The violation MAC a...

Page 469: ...sage Unit unitID SRM mode is different with master Parameters description unitID the Unit ID of device in the stacking system Alert SSH Log Description Severity Event description SSH server is enabled Log Message SSH server is enabled Informational Event description SSH server is disabled Log Message SSH server is disabled Informational Event description Login failed through SSH Log Message Login ...

Page 470: ...eters description unitID Box ID macaddr The MAC addresses of the conflicting boxes Critical Storm Control Log Description Severity Event description Storm occurrence Log Message Broadcast Multicast Unicast storm is occurring on interface id Parameters description Broadcast Storm is resulted by broadcast packets DA FF FF FF FF FF FF Multicast Storm is resulted by multicast packets including unknown...

Page 471: ...Warning Event description Logout through Telnet Log Message Logout through Telnet Username username IP ipaddr Parameters description ipaddr The IP address of telnet client username the user name that used to login telnet server Informational Event description Telnet session timed out Log Message Telnet session timed out Username username IP ipaddr Parameters description ipaddr The IP address of te...

Page 472: ...ame on which virtual router is based Warning Event description Virtual router ID mismatch of one received VRRP advertisement message Log Message Received ADV msg virtual router ID mismatch VR vr id at interface intf name Parameters description vr id VRRP virtual router ID intf name Interface name on which virtual router is based Warning Event description Advertisement interval mismatch of one rece...

Page 473: ... mac addr VRRP virtual MAC address Error Event description Failed when adding a virtual MAC into switch L3 table The port where the MAC is learned from is invalid Log Message Failed to add virtual IP vrrp ip addr MAC vrrp mac addr into L3 table Port mac port is invalid Parameters description vrrp ip addr VRRP virtual IP address vrrp mac addr VRRP virtual MAC address mac port port number of VRRP vi...

Page 474: ...dress IPv6 address macaddr MAC address unitID The unit ID portNum The port number Warning Event description This log will be triggered when the number of authorized users reaches the maximum user limit on the whole device Log Message Web Authentication enters stop learning state Warning Event description This log will be triggered when the number of authorized users is below the maximum user limit...

Page 475: ...sername IP ipaddr Parameters description username The username that used to login HTTP server ipaddr The IP address of HTTP client Informational Event description Successful login through Web SSL Log Message Successful login through Web SSL Username username IP ipaddr Parameters description username The username that used to login SSL server ipaddr The IP address of SSL client Informational Event ...

Page 476: ...aSessionAuthVlan 4 dnaSessionAuthUserName 5 dDot1xExtNotifyFailReason 1 3 6 1 4 1 171 14 30 0 2 Authentication Fail Trap Name Description OID authenticationFailure An authenticationFailure trap signifies that the SNMPv2 entity acting in an agent role has received a protocol message that is not properly authenticated While all implementations of the SNMPv2 must be capable of generating this trap th...

Page 477: ...jects 1 dCfmEventMdIndex 2 dCfmEventMaIndex 3 dCfmEventMepIdentifier 1 3 6 1 4 1 171 14 86 0 3 dCfmLockCleared This trap is initiated when local MEP exits lock status Binding objects 1 dCfmEventMdIndex 2 dCfmEventMaIndex 3 dCfmEventMepIdentifier 1 3 6 1 4 1 171 14 86 0 4 DDM Trap Name Description OID dDdmAlarmTrap A notification is generated when an abnormal alarm situation occurs or recovers from...

Page 478: ...ck Binding objects 1 dDoSPrevCtrlAttackType 2 dDosPrevNotiInfoDropIpAddr 3 dDosPrevNotiInfoDropPortNumber 1 3 6 1 4 1 171 14 59 0 2 ERPS Trap Name Description OID dErpsFailuredetectedNotif A dErpsFailureNotification is sent when dErpsNotificationEnabled is true and a signal failure is detected 1 3 6 1 4 1 171 14 78 0 1 dErpsFailureClearedNotif A dErpsFailureClearedNotif is sent when dErpsNotificat...

Page 479: ...ress 5 dImpbViolationVlan 1 3 6 1 4 1 171 14 22 0 1 LBD Trap Name Description OID swPortLoopOccurred The trap is sent when a port loop occurs Binding objects 1 swLoopDetectPortIndex 1 3 6 1 4 1 171 14 46 0 1 swPortLoopRestart The trap is sent when a port loop restarts after the interval time Binding objects 1 swLoopDetectPortIndex 1 3 6 1 4 1 171 14 46 0 2 swVlanLoopOccurred The trap is sent when ...

Page 480: ... Control host ages out Binding objects 1 ifIndex 2 dnaSessionClientMacAddress 3 dnaSessionAuthVlan 1 3 6 1 4 1 171 14 153 0 3 MSTP Trap Name Description OID newRoot The newRoot trap indicates that the sending agent has become the new root of the Spanning Tree the trap is sent by a bridge soon after its election as the new root e g upon expiration of the Topology Change Timer immediately subsequent...

Page 481: ...eripheral Trap Name Description OID dEntityExtFanStatusChg The commander Switch will send this notification when a fan fails dEntityExtEnvFanStatus is fault or recovers dEntityExtEnvFanStatus is ok Binding objects 1 dEntityExtEnvFanUnitId 2 dEntityExtEnvFanIndex 3 dEntityExtEnvFanStatus 1 3 6 1 4 1 171 14 5 0 1 dEntityExtThermalStatusChg The commander Switch will send this notification when a ther...

Page 482: ...trigger trap messages to be sent out Binding objects 1 ifIndex 2 dPortSecIfCurrentStatus 3 dPortSecIfLastMacAddress 1 3 6 1 4 1 171 14 8 0 1 RMON Trap Name Description OID risingAlarm The SNMP trap that is generated when an alarm entry crosses its rising threshold and generates an event that is configured for sending SNMP traps Binding objects 1 alarmIndex 2 alarmVariable 3 alarmSampleType 4 alarm...

Page 483: ... 4 1 171 12 8 6 0 12 swSingleIPMSLinkDown The commander Switch will send this notification when its member generates a link down notification Binding objects 1 swSingleIPMSID 2 swSingleIPMSMacAddr 3 ifIndex 1 3 6 1 4 1 171 12 8 6 0 13 swSingleIPMSLinkUp The commander Switch will send this notification when its member generates a link up notification Binding objects 1 swSingleIPMSID 2 swSingleIPMSM...

Page 484: ... 1 ifIndex 2 dStormCtrlNotifyTrafficType 1 3 6 1 4 1 171 14 25 0 2 System File Trap Name Description OID dsfUploadImage The notification is sent when the user uploads image file successfully 1 3 6 1 4 1 171 14 14 0 1 dsfDownloadImage The notification is sent when the user downloads image file successfully 1 3 6 1 4 1 171 14 14 0 2 dsfUploadCfg The notification is sent when the user uploads configu...

Page 485: ...ith this router s authentication key or authentication type Implementation of this trap is optional Binding objects 1 vrrpTrapPacketSrc 2 vrrpTrapAuthErrorType 1 3 6 1 2 1 68 0 2 WAC Trap Name Description OID swWACLoggedSuccess The trap is sent when a WAC client pass the authentication Binding objects 1 swWACAuthStatePort 2 swWACAuthStateOriginalVid 3 swWACAuthStateMACAddr 4 swWACAuthUserName 5 sw...

Page 486: ...re the privilege level attribute and authenticates successfully the device will not assign any privilege level to the access user If the privilege level is configured less than the minimum supported value or greater than the maximum supported value the privilege level will be ignored To assign the Ingress Egress Bandwidth by the RADIUS server the proper parameters should be configured on the RADIU...

Page 487: ...onfigured on the RADIUS server To use VLAN assignment RFC 3580 defines the following tunnel attributes in RADIUS packets The table below shows the parameters for a VLAN RADIUS Tunnel Attribute Description Value Usage Tunnel Type This attribute indicates the tunneling protocol s to be used in the case of a tunnel initiator or the tunneling protocol in use in the case of a tunnel terminator 13 VLAN ...

Page 488: ...c Attribute are RADIUS Tunnel Attribute Description Value Usage Vendor ID Defines the vendor 171 DLINK Required Vendor Type Defines the attribute 14 for ACL script Required Attribute Specific Field Used to assign the ACL script The format is based on Access Control List ACL Commands ACL Script For example ip access list a1 permit host 10 90 90 100 exit mac access list extended m1 permit host 00 00...

Page 489: ... attributes are defined in the RFC 2865 Remote Authentication Dial In User Service RADIUS RFC 2866 RADIUS Accounting RFC 2868 RADIUS Attributes for Tunnel Protocol Support and RFC 2869 RADIUS Extensions The following table lists the IETF RADIUS attributes supported by the D Link Switch RADIUS Authentication Attributes Number IETF Attribute 1 User Name 2 User Password 3 CHAP Password 4 NAS IP Addre...

Page 490: ...Port 6 Service Type 8 Framed IP Address 31 Calling Station ID 32 NAS Identifier 40 Acct Status Type 41 Acct Delay Time 42 Acct Input Octets 43 Acct Output Octets 44 Acct Session ID 45 Acct Authentic 46 Acct Session Time 47 Acct Input Packets 48 Acct Output Packets 49 Acct Terminate Cause 52 Acct Input Gigawords 53 Acct Output Gigawords 61 NAS Port Type 95 NAS IPv6 Address ...

Reviews:

No comments

Related manuals for DXS-3400 SERIES

Cabletron Systems SmartSwitch Router User'S Reference Manual preview
SmartSwitch Router
Brand: Cabletron Systems Pages: 338
IBM E12 Quick Reference Manual preview
E12
Brand: IBM Pages: 4
IBM 11a Quick Start Manual preview
11a
Brand: IBM Pages: 32
Klark Teknik DN9650 Operator'S Manual preview
DN9650
Brand: Klark Teknik Pages: 50
Teknim TWM-1886 Installation & User Manual preview
TWM-1886
Brand: Teknim Pages: 10
Jøtul ERS 01 Operation And Maintenance Manual preview
ERS 01
Brand: Jøtul Pages: 20
B&B Electronics 232CC1A Product Information preview
232CC1A
Brand: B&B Electronics Pages: 2
IBM System Storage DS3200 Overview preview
System Storage DS3200
Brand: IBM Pages: 2
AMX NXA-ENET8POE Installation Manual preview
NXA-ENET8POE
Brand: AMX Pages: 2
3Com EtherLink 3C905C-TX User Manual preview
EtherLink 3C905C-TX
Brand: 3Com Pages: 96
Intercoax IXWB-450 Quick Start Manual preview
IXWB-450
Brand: Intercoax Pages: 2
H3C MSR 930 Installation, Quick Start preview
MSR 930
Brand: H3C Pages: 4
CNC-Step AceroDURO 100/S100 Operating Instructions Manual preview
AceroDURO 100/S100
Brand: CNC-Step Pages: 86
ZyXEL Communications NBG6616 Quick Start Manual preview
NBG6616
Brand: ZyXEL Communications Pages: 4
Vivotek TB5328 SERIES User Manual preview
TB5328 SERIES
Brand: Vivotek Pages: 317
LevelOne GSW-0508 User Manual preview
GSW-0508
Brand: LevelOne Pages: 10
SET 89299 Technical Description preview
89299
Brand: SET Pages: 38
IBM 32R1860 - Nortel Layer 2/3 Copper GbE Switch... User Manual preview
32R1860 - Nortel Layer 2/3 Copper GbE Switch...
Brand: IBM Pages: 14

Brands by name

Popular brands

Load more brands