D-Link xStack DGS-3426 User Manual Download | Manualshive

Page: 222 / 356

background image

xStack DGS-3400 Series Layer 2 Gigabit Ethernet Managed Switch

Figure 10- 7. The Authentication Server

Authenticator

The Authenticator (the Switch) is an intermediary between the Authentication Server and the Client. The Authenticator serves two
purposes when utilizing 802.1x. The first purpose is to request certification information from the Client through EAPOL packets,
which is the only information allowed to pass through the Authenticator before access is granted to the Client. The second purpose
of the Authenticator is to verify the information gathered from the Client with the Authentication Server, and to then relay that
information back to the Client.

Three steps must be implemented on the Switch to properly configure the Authenticator.

1.

The 802.1x State must be

Enabled

. (

DGS-3400 Web Management Tool

)

2.

The 802.1x settings must be implemented by port (

Security

/

802.1x

/

Configure 802.1x Authenticator Parameter

)

3.

A RADIUS server must be configured on the Switch. (

Security

/

802.1x

/

Authentic

RADIUS Server

)

Figure 10- 8. The Authenticator

Client

The Client is simply the endstation that wishes to gain access to the LAN or switch services. All endstations must be running
software that is compliant with the 802.1x protocol. For users running Windows XP, that software is included within the operating
system. All other users are required to attain 802.1x client software from an outside source. The Client will request access to the
LAN and or Switch through EAPOL packets and, in turn will respond to requests from the Switch.

208

«
...
220
221
222
223
224
...
»

Summary of Contents for xStack DGS-3426

Page 1: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch User Manual ProductModel TM DGS 3400 Series Layer 2GigabitEthernetManagedSwitch Release2 35 i...

Page 2: ...ink Computer Corporation is strictly forbidden Trademarks used in this text D Link and the D LINK logo are trademarks of D Link Computer Corporation Microsoft and Windows are registered trademarks of...

Page 3: ...n Guidelines 9 Installing the Switch without the Rack 10 Installing the Switch in a Rack 10 Mounting the Switch in a Standard 19 Rack 11 Power On 11 Power Failure 11 Installing the SFP ports 12 The Op...

Page 4: ...IP Address 39 Setting the Switch s IP Address using the Console Interface 40 Interface Settings 41 IPv4 Interface Settings 41 IPv6 Interface Settings 42 Stacking 46 Stack Switch Swapping 47 Stacking...

Page 5: ...Auto Configuration Settings 82 SNMP Manager 83 SNMP Trap Settings 84 SNMP User Table 84 SNMP View Table 86 SNMP Group Table 87 SNMP Community Table 89 SNMP Host Table 90 SNMP Engine ID 91 IP MAC Port...

Page 6: ...sed VLAN Settings 129 Trunking 130 Understanding Port Trunk Groups 130 Link Aggregation 131 LACP Port Settings 134 IGMP Snooping 137 IGMP Snooping Settings 137 Router Port Settings 138 ISM VLAN 140 Re...

Page 7: ...9 CPU Interface Filtering State Settings 189 CPU Interface Filtering Table 189 Security 202 Authorization Network State Settings 202 Traffic Control 203 Port Security 205 Port Security Entries 206 802...

Page 8: ...nt 245 JWAC Host Information 246 Monitoring 247 Device Status 248 Stacking Information 248 Module Information 249 CPU Utilization 250 Port Utilization 251 Packets 252 Received Rx 252 UMB Cast RX 254 T...

Page 9: ...anges 283 Configuration Information 284 Current Configuration Settings 285 Logout 285 Appendix A 286 Technical Specifications 286 Appendix B 288 Cables and Connectors 288 Appendix C 289 Cable Lengths...

Page 10: ...messages or prompts appearing on screen For example You have mail Bold font is also used to represent filenames program names and commands For example use the copy command Boldface Typewriter Font Ind...

Page 11: ...nd Cautions A NOTE indicates important information that helps make better use of the device A NOTICE indicates either potential damage to hardware or loss of data and tells how to avoid the problem A...

Page 12: ...penings of the system Doing so can cause fire or electric shock by shorting out interior components Use the product only with approved equipment Allow the product to cool before removing covers or tou...

Page 13: ...c caution statements and procedures Systems are considered to be components in a rack Thus component refers to any system as well as to various peripherals or supporting hardware CAUTION Installing sy...

Page 14: ...battery to explode Replace this battery only with the same or equivalent type recommended by the manufacturer Discard used batteries according to the manufacturers instructions Protecting Against Ele...

Page 15: ...ion D Link s next generation xStack DGS 3400 Series switches are high port density stackable switches that combine the ultimate performance with fault tolerance security management functions with flex...

Page 16: ...l Image Firmware Simple Network Time Protocol support MAC Notification support System and Port Utilization support System Log Support High performance switching engine performs forwarding and filterin...

Page 17: ...orts Two slots open for single port 10GE XFP or 10GBASE CX4 modules One RS 232 DB 9 console port DGS 3426P Twenty four PoE Compliant 10 100 1000BASE T Gigabit ports Four Combo SFP Ports Two slots open...

Page 18: ...ront panel includes a seven segment LED indicating the Stack ID number A separate table below describes LED indicators in more detail DGS 3426P also includes a Mode Select button for changing the mode...

Page 19: ...The Switch supports LED indicators for Power Console RPS and Port LEDs including 10GE port LEDs for optional module inserts Figure 2 5 LED Indicators on DGS 3450 Figure 2 6 LED Indicators on DGS 3427...

Page 20: ...king green light indicates activity on the port at 1000Mbps A steady orange light denotes a valid 10 or 100Mbps link on the port while a blinking orange light indicates activity on the port at 100Mbps...

Page 21: ...l module inserts Figure 2 11 Rear panel view of DGS 3427 DGS 3450 The rear panel of the DGS 3450 contains an AC power connector two empty slots for optional module inserts a redundant power supply con...

Page 22: ...Leave at least 6 inches of space at the rear and sides of the Switch for proper ventilation Be reminded that without proper heat dissipation and air circulation system components might overheat which...

Page 23: ...lines Please follow these guidelines for setting up the Switch Install the Switch on a sturdy level surface that can support at least 6 6 lb 3 kg of weight Do not place heavy objects on the Switch The...

Page 24: ...h ventilation space between the Switch and any other objects in the vicinity Figure 2 16 Prepare Switch for installation on a desktop or shelf Installing the Switch in a Rack The Switch can be mounted...

Page 25: ...AC power cord into the power connector of the Switch and the other end into the local power source outlet 2 After powering on the Switch the LED indicators will momentarily blink This blinking of the...

Page 26: ...g in order to uplink various other networking devices for a gigabit link that may span great distances These SFP ports support full duplex transmissions have auto negotiation and can be used with DEM...

Page 27: ...herefore has a transmit length limit up to 1 meter Compliant with the IEEE802 3ak standard this module uses a 4 laned copper connector for data transfer in full duplex mode within a stacking configura...

Page 28: ...ches the back as shown in the following figure Gently but firmly push in on the module to secure it to the Switch The module should fit snugly into the corresponding receptors Figure 2 22 Inserting th...

Page 29: ...edundant power system The diagrams below illustrate a proper RPS power connection to the Switch Please consult the documentation for information on power cabling and connectors and setup procedure Fig...

Page 30: ...Switch Series the DGS 3426P utilizes the DPS 600 as its External Redundant Power Supply The DPS 600 is the ONLY RPS to be used with the DGS 3426P NOTE See the DPS 500 or DPS 600 documentation for more...

Page 31: ...acket activity on that port Switch to Switch There is a great deal of flexibility on how connections are made using the appropriate cabling Connect a 10BASE T hub or switch to the Switch via a twisted...

Page 32: ...e copper ports operate at a speed of 1000 100 or 10Mbps in full or half duplex mode The fiber optic ports can operate at 1000Mbps in full duplex mode only Connections to the Gigabit Ethernet ports are...

Page 33: ...nfigure the Switch monitor the LED panel and display statistics graphically using a web browser such as Netscape Navigator version 6 2 and higher or Microsoft Internet Explorer version 5 0 and higher...

Page 34: ...Service Pack 2 or later is installed Windows 2000 Service Pack 2 allows use of arrow keys in HyperTerminal s VT100 emulation See www microsoft com for information on Windows 2000 service packs After...

Page 35: ...itch supports user based security that can allow prevention of unauthorized users from accessing the Switch or changing its settings This section tells how to log onto the Switch via out if band conso...

Page 36: ...following 1 At the CLI login prompt enter create account admin followed by the user name and press the Enter key 2 The Switch will then prompt the user to provide a password Type the password used fo...

Page 37: ...uthentication process that is separated into two parts The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers The second part describes what each u...

Page 38: ...L status Disabled SSH status Disabled CTRL C ESC q Quit SPACE n Next Page ENTER Next Entry a All Figure 4 4 show switch command The Switch s MAC address also appears in Switch Information menu of the...

Page 39: ...command was executed successfully The Switch can now be configured and managed via Telnet and the CLI or via the Web based management NOTE The DGS 3400 series of switches have the capability to be con...

Page 40: ...s tool and can communicate directly with the Switch using the HTTP protocol The Web based management module and the Console program and Telnet are different ways to access the same internal switching...

Page 41: ...nagement features available in the web based manager are explained below Web based User Interface The user interface provides access to various Switch configuration and management screens allows the u...

Page 42: ...ccessible here Area 3 Presents switch information based on user selection and the entry of configuration data Web Pages When connecting to the management mode of the Switch with a web browser a login...

Page 43: ...entication Control MAC Based Access Control Traffic Segmentation SSL SSH and JWAC Monitoring Contains the following menu pages and sub directories Device Status Stacking Information Module Information...

Page 44: ...s Stacking Port Configuration User Accounts Port Mirroring System Log System Severity Settings SNTP Settings MAC Notification Settings TFTP Services Multiple Image Services Ping Test Safeguard Engine...

Page 45: ...OTE DGS 3426 DGS 3427 DGS 3450 DGS 3426P will display the serial number in the Device Information window for Firmware 2 35 B09 Figure 6 1 Device Information window Device Information menu configurable...

Page 46: ...the Switch The well known TCP port for the Telnet protocol is 80 RMON Status Remote monitoring RMON of the Switch is Enabled or Disabled here Link Aggregation Algorithm The algorithm that the Switch...

Page 47: ...and the method of assigning an IP address to an interface has become cleaner and quicker Unicast and multicast addresses still exist but in a purer form and multicast addresses now have a scope field...

Page 48: ...an identical set of options In this way router can process these packets more efficiently once the flow class has been identified and the rest of the packet header no longer needs to be fully process...

Page 49: ...d to split these packets into fragments in individual packets which will be rebuilt when it reaches its final destination Each of the packets that will be fragmented is given an Identification value b...

Page 50: ...ing prefixes to produce unique IPv6 addresses which will limit global routing table entries The MAC address of the device is used to produce this address in this form Global Routing Prefix Site Level...

Page 51: ...he reachability of routers as well as if changes occur within link layer addresses of nodes on the network or identical unicast addresses are present on the local link The functionality of the Neighbo...

Page 52: ...faces are considered as one interface on the Internet layer multiple unicast addresses may be alloted to multiple physical interfaces which would be beneficial for load sharing on these interfaces Thi...

Page 53: ...ddress and Subnet Mask 3 If accessing the Switch from a different subnet from the one it is installed on enter the IP address of the Default Gateway If managing the Switch from the subnet on which it...

Page 54: ...P addresses are entered in the Security IP Management menu If VLANs have not yet been configured for the Switch the default VLAN contains all of the Switch s ports There are no entries in the Security...

Page 55: ...tings menu link The web manager contains two folders for which to setup IP interfaces on the switch one for IPv4 addresses named IPv4 Interface Settings and one for IPv6 addresses named IPv6 Interface...

Page 56: ...ss to be assigned to this IP interface Subnet Mask This field allows the entry of a subnet mask to be applied to this IP interface VLAN Name This field states the VLAN Name directly associated with th...

Page 57: ...Global Ipv6 addresses this field may be omitted Link local Address This field displays the IPv6 address created automatically by the Switch based on the MAC Address of the Switch This is a site local...

Page 58: ...pull down menu to enable or disable the switch as being capable of accepting solicitation from a neighbor and thus becoming an IPv6 neighbor Once enabled this Switch is now capable of producing Route...

Page 59: ...seconds and no more than 1800 seconds The user may configure a time between 4 and 1800 seconds with a default setting of 600 seconds RA Min Router AdvInterval Used to set the minimum interval time bet...

Page 60: ...n then data transfer will obviously be affected Figure 6 9 Switches stacked in a Duplex Ring Figure 6 10 Switches stacked in a Duplex Chain Within each of these topologies each switch plays a role in...

Page 61: ...ansfer of data between switches in the stack with a few minor provisions When switches are hot inserted into the running stack the new switch may take on the Backup Master or Slave role depending on c...

Page 62: ...r may configure parameters such as box ID box priority and pre assigning model names to switches to be entered into the switch stack To view this window click Administration Stacking Box Information F...

Page 63: ...no automatic adjustment of port settings with any option other than Auto The Switch allows the user to configure two types of gigabit connections 1000M Full_M and 1000M Full_S Gigabit connections onl...

Page 64: ...forwarding table The default setting is Enabled Medium Type If configuring the Combo ports this defines the type of transport medium to be used whether copper or fiber Click Apply to implement the new...

Page 65: ...choose a port or range of ports to describe Users may then enter a description for the chosen port s Click Apply to set the descriptions in the Port Description Table If configuring the Combo ports th...

Page 66: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch Figure 6 16 Cable Diagnostics window 52...

Page 67: ...ounts Add Add a new user by typing in a User Name and New Password and retype the same password in the Confirm New Password Choose the level of privilege Admin or User from the Access Right drop down...

Page 68: ...copied which receives the copies from the source port 2 Select the Source Direction Ingress Egress or Both and change the Status drop down menu to Enabled 3 Click Apply to let the changes take effect...

Page 69: ...rimary master and the backup master will save and synchronize these mirroring configurations in their respecitve databases Therefore if the primary master is removed the backup master will still hold...

Page 70: ...em Log Server In the Administration folder click System Log Settings System Log Host to view the window shown below Figure 6 21 System Log Host list The parameters configured for adding and editing Sy...

Page 71: ...ter subsystem network news subsystem UUCP subsystem clock daemon security authorization messages FTP daemon NTP subsystem log audit log alert clock daemon local use 0 local0 local use 1 local1 local u...

Page 72: ...5 minutes The default setting is one minute On Demand Users who choose this method will only save log files when they manually tell the Switch to do so using the Save Services folder under the Save Ch...

Page 73: ...below Parameter Description System Severity Choose how the alerts are used from the drop down menu Select log to send the alert of the Severity Type configured to the Switch s log for analysis Choose...

Page 74: ...e Current Time Time Source Displays the time source for the system Current Time SNTP Settings SNTP State Use this pull down menu to Enabled or Disabled SNTP SNTP Primary Server The IP address of the p...

Page 75: ...me adjustment Repeating mode requires that the DST beginning and ending date be specified using a formula For example specify to begin DST on Saturday during the second week of April and end DST on Su...

Page 76: ...igabit Ethernet Managed Switch 62 To Day Enter the day of the monthDST will end on each year To Time in HH MM Enter the time of day that DST will end on each year Click Apply to implement changes made...

Page 77: ...Interval sec The time in seconds between notifications The maximum number of entries listed in the history log used for notification Up to 500 entries can be specified History size Port Settings To c...

Page 78: ...dress of the TFTP server and the path and filename for the switch settings on the TFTP server Click Start to record the IP address of the TFTP server and to initiate the file transfer Upload Log Enter...

Page 79: ...h to download firmware The Interface field is used for addresses on the link local network It is recommended that the user enter the specific interface for a link local IPv6 address For Global IPv6 ad...

Page 80: ...Switch s memory The Switch can store 2 firmware images for use Image ID 1 will be the default boot up firmware for the Switch unless otherwise configured by the user Version States the firmware versi...

Page 81: ...memory and either can be configured to be the boot up firmware for the Switch The user may select a boot up firmware image for the Switch in the switch stack by using the Image pull down window to se...

Page 82: ...g Test window This window allows the following parameters to be configured Parameter Description Target IP Address Enter the Target IP Address to be pinged Repeat Pinging for The user may use the Infi...

Page 83: ...e specific interface for a link local IPv6 address For Global IPv6 addresses this field may be omitted Repeat Times Enter the number of times desired to attempt to ping the IPv6 address configured in...

Page 84: ...many packets flooding the Switch it will stop accepting all ARP and IP broadcast packets and packets from untrusted IP addresses for double the time of the previous stop period This doubling of time f...

Page 85: ...uard Engine mechanism is enabled Once the CPU utilization reaches this percentage level the Switch will move into Safeguard Engine state based on the parameters provided in this window Falling Thresho...

Page 86: ...7 Static ARP Settings window To add a new entry click the Add button revealing the following screen to configure Figure 6 38 Static ARP Settings Add window To modify a current entry click the correspo...

Page 87: ...the Switch To view this window click Administration IPv6 Neighbor IPv6 Neighbor Settings Figure 6 40 IPv6 Neighbor Settings window The following fields can be viewed Parameter Description Neighbor Dis...

Page 88: ...nter the specific interface for a link local IPv6 address For Global IPv6 addresses this field may be omitted Neighbor IPv6 Address The IPv6 address of the neighbor entry Specify the address using the...

Page 89: ...down If the primary route is lost the backup route will uplink and its status will become Active IPv4 Static Default Route Settings Entries into the Switch s forwarding table can be made using both MA...

Page 90: ...Backup entries cannot have the same Gateway Click Apply to implement changes made IPv6 Static Default Route Settings A static entry of an IPv6 address can be entered into the Switch s routing table fo...

Page 91: ...ter Description Interface The IP Interface where the static IPv6 route is to be created IPv6 Address Prefix Length Specify the address and mask information using the format as IPv6 address prefix leng...

Page 92: ...between 0 and 65535 seconds and defines the maximum time limit for routing a DHCP BOOTP packet If a value of 0 is entered the Switch will not process the value in the seconds field of the BOOTP or DHC...

Page 93: ...t Information Option 82 Policy This field can be toggled between Replace Drop and Keep by using the pull down menu It is used to set the Switches policy for handling packets when the DHCP Relay Agent...

Page 94: ...t 1 2 3 4 5 6 7 1 6 0 4 VLAN Module Port 1 byte 1 byte 1 byte 1 byte 2 bytes 1 byte 1 byte a Sub option type b Length c Circuit ID type d Length e VLAN the incoming VLAN ID of DHCP client packet f Mod...

Page 95: ...licks the Add button under the Apply heading The user may add up to four server IPs per IP interface on the Switch Entries may be deleted by clicking the corresponding button To enable and configure D...

Page 96: ...d the necessary configuration file stored in its base directory when the request is received from the Switch For more information about loading a configuration file for use by a client see the DHCP se...

Page 97: ...e allowed to view read only information or receive traps using SNMPv1 while assigning a higher level of security to another group granting read write privi leges using SNMPv3 Using SNMPv3 individual u...

Page 98: ...of the SNMP users currently configured on the Switch To view this window click Administration SNMP Manager SNMP User Table Figure 6 51 SNMP User Table window To delete an existing SNMP User Table ent...

Page 99: ...ted can request SNMP messages SNMP Version V1 Specifies that SNMP version 1 will be used V2 Specifies that SNMP version 2 will be used V3 Specifies that SNMP version 3 will be used Auth Protocol MD5 S...

Page 100: ...ure 6 55 SNMP View Table Configuration window The SNMP Group created with this table maps SNMP users identified in the SNMP User Table to the views created in the previous window The following paramet...

Page 101: ...Administration SNMP Manager SNMP Group Table Figure 6 56 SNMP Group Table window To delete an existing SNMP Group Table entry click the corresponding under the Delete heading To display the current se...

Page 102: ...both centralized and distributed network management strategies It includes improvements in the Structure of Management Information SMI and adds some security features SNMPv3 Specifies that the SNMP ve...

Page 103: ...ow Figure 6 59 SNMP Community Table Configuration window The following parameters can set Parameter Description Community Name Type an alphanumeric string of up to 32 characters that is used to identi...

Page 104: ...ndow as shown below Figure 6 61 SNMP IPv4 Host Table Configuration window The following parameters can set Parameter Description Host IPv4 Address Type the IPv4 address of the remote management statio...

Page 105: ...sed with an Auth NoPriv security level V3 Auth Priv To specify that the SNMP version 3 will be used with an Auth Priv security level Community String or SNMP V3 User Name Type in the community string...

Page 106: ...is problem for users When enabled in the IP MAC Binding Port window the Switch will create two entries in the Access Profile Table as shown below The entries may only be created if there are at least...

Page 107: ...inoperable due to the overlapping of settings combined with the ACL entry priority defined by profile ID For more information on ACL settings please see Configuring the Access Profile section mentione...

Page 108: ...or a range of ports with the From and To fields Enable or disable the port with the State field The user must also enable ports in this window to set the ACL Mode for IP MAC Binding as previously sta...

Page 109: ...create two ACL packet content mask entries which will aid the user in processing certain IP MAC binding entries created The ACL entries created when this command is enabled can only be automatically...

Page 110: ...rts window as seen previously IP MAC Binding Blocked To view unauthorized devices that have been blocked by IP MAC binding restrictions open the IP MAC Binding Blocked window show below To view this t...

Page 111: ...classification PSE provides power according to the following classification 97 Class Max power used by PD 0 0 44 to 12 95W 1 0 44 to 3 84W 2 3 84 to 6 49W 3 6 49 to 12 95W Class Max power supplied by...

Page 112: ...imit has been exceeded the next port attempting to power up causes the port with the lowest priority to shut down to allow the high priority and critical priority ports to power up Management Mode Use...

Page 113: ...eries support PoE yet when they are configured in a stack the Primary Master switch will display the PoE settings to be configured for the stack whether or not the Switch is a PoE supported device How...

Page 114: ...Class as described above Once this threshold has been reached on the port the PoE will go into the Power Disconnect Method as described above The user may alternatively set a limit between 1000 and 16...

Page 115: ...mander Switch numbered 0 There is no limit to the number of SIM groups in the same IP subnet broadcast domain however a single switch can only belong to one group If multiple VLANs are configured the...

Page 116: ...the SIM group either through a reboot or web malfunction This feature is accomplished through the use of Discover packets and Maintenance packets that previously set SIM members will emit after a rebo...

Page 117: ...Web Interface All xStack DGS 3400 Series Switches are set as Candidate CaS switches as their factory default configuration and Single IP Management will be disabled To enable SIM for the Switch using...

Page 118: ...t to function properly on your computer The Java Runtime Environment on your server should initiate and lead you to the topology window as seen below Figure 6 75 Single IP Management window Tree View...

Page 119: ...in the toolbar and then Topology which will produce the following screen The Topology View will refresh itself periodically 20 seconds by default Figure 6 76 Topology view This screen will display how...

Page 120: ...3400 Series Layer 2 Gigabit Ethernet Managed Switch Layer 2 member switch Layer 3 member switch Member switch of other group Layer 2 candidate switch Layer 3 candidate switch Unknown device Non SIM d...

Page 121: ...Setting the mouse cursor over a specific device in the topology window tool tip will display the same information about a specific device as the Tree view does See the window below for an example Fig...

Page 122: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch Figure 6 78 Port Speed Utilizing the Tool Tip 108...

Page 123: ...6 80 Property window Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user If no Device Name is configured by the name it wi...

Page 124: ...on Expand to expand the SIM group in detail Property to pop up a window to display the group information Member Switch Icon Figure 6 82 Right Clicking a Member icon The following options may appear fo...

Page 125: ...evice information Menu Bar The Single IP Management window contains a menu bar for device configurations as seen below Figure 6 85 Menu Bar of the Topology View The five menus on the menu bar are as f...

Page 126: ...he Port heading To update the firmware enter the Server IP Address where the firmware resides and enter the Path Filename of the firmware Click Download to initiate the file transfer Figure 6 88 Firmw...

Page 127: ...w is used to upload log files from SIM member switches to a specified PC To view this window click Single IP Management Upload Log File To upload a log file enter the IP address of the SIM member swit...

Page 128: ...u to further tailor how priority tagged data packets are handled on your network Using queues to manage priority tagged data allows you to specify its relative priority to suit the needs of your netwo...

Page 129: ...s them to span the entire network assuming all switches on the network are IEEE 802 1Q compliant VLANs allow a network to be segmented in order to reduce the size of broadcast domains All packets ente...

Page 130: ...g is contained in the following two octets and consists of 3 bits of user priority 1 bit of Canonical Format Identifier CFI used for encapsulating Token Ring packets so they can be carried across Ethe...

Page 131: ...of the port on which they were received Forwarding decisions are based upon this PVID in so far as VLANs are concerned Tagged packets are forwarded according to the VID contained within the tag Tagged...

Page 132: ...idth within the Switch by dropping packets that are not on the same VLAN as the ingress port at the point of reception This eliminates the subsequent processing of packets that will just be dropped by...

Page 133: ...is standard defined by the IEEE 802 1v standard maps packets to protocol defined VLANs by examining the type octet within the packet header to discover the type of protocol associated with it After as...

Page 134: ...to configure the port settings and to assign a unique name and number to the new VLAN See the table below for a description of the parameters in the new window Figure 7 5 Static VLAN window Add To re...

Page 135: ...ward packets to this VLAN if the tag in itch to forward packets to this VLAN if the tag The following parameters allow for the creation of proto 14 pre configured protocol based VLANs plus one user de...

Page 136: ...by the NetBIOS Protocol XNS Using this parameter will instruct the Switch to forward packets to this VLAN if the tag in Switch to forward packets to this VLAN if the tag in ckets to this VLAN if the t...

Page 137: ...See table below for description of parameters The following fields can be set Parameter Description Unit Select the switch in the switch stack to be modified From To included in the Port based VLAN c...

Page 138: ...r VLAN configurations to place customer VLANs within a E 802 1Q VLANs which we will call SPVIDs Service AN TPID 802 1Q CEVLAN Tag Ether Type Payload Double or Q in Q VLANs a larger inclusive VLAN whic...

Page 139: ...regulations apply with the implementation of the Double VLAN procedure 1 All ports must be configured for the SPVID and its corresponding TPID on the Service Provider s edge switch 2 All ports must b...

Page 140: ...le Parameters shown in the previous window are explained below Parameter Description Double VLAN State Use the pull down menu to enable or disable the Double VLAN function on this Switch Enabling the...

Page 141: ...ider VLANs on a remote source Access Ports These are the ports that are set as access ports on the Switch Access ports are for connecting Switch VLANs to customer VLANs Unknown Ports These are the por...

Page 142: ...Protocol ID of the Service Provider VLAN in hex form Port Type Allows the user to choose the type of port being utilized by the Service Provider VLAN The user may choose Access Access ports are for co...

Page 143: ...earch edit and delete existing entries To view this window click L2 Features VLAN MAC based VLAN Settings Figure 7 15 MAC based VLAN Settings window The following fields can be set To configure a Doub...

Page 144: ...ies supports up to 32 port trunk groups with 2 to 8 ports in each group A potential bit rate of 8000 Mbps can be achieved Figure 7 16 Example of Port Trunk Group The Switch treats all ports in a trunk...

Page 145: ...ll duplex The Master Port of the group is to be configured by the user and all configuration options including the VLAN configuration that can be applied to the Master Port are applied to the entire l...

Page 146: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch Figure 7 18 Link Aggregation Settings Add 132...

Page 147: ...kup aggregation group that is not under automatic control Master Port Choose the Master Port for the trunk group using the pull down menu Unit Select the switch in the switch stack to be modified Memb...

Page 148: ...ol and select the Link Aggregation Algorithm located on that web page The description for this function may be found in the explanation for the Device Information window located earlier in this manual...

Page 149: ...ch stack to be modified From To A consecutive group of ports may be configured starting with the selected port Mode Active Active LACP ports are capable of processing and sending LACP control frames T...

Page 150: ...rt LACP Passive LACP ports that are designated as passive cannot initially send LACP control frames In order to allow the linked port group to negotiate adjustments and make changes dynamically one en...

Page 151: ...nooping Settings link in the L2 Features folder When enabled for IGMP snooping the Switch can open or close a port to a specific multicast group member based on IGMP messages sent from the device to t...

Page 152: ...receiving a leave group message from a host and the Switch issuing a group membership query If no response to the membership query is received before the Leave Timer expires the multicast forwarding e...

Page 153: ...the VLAN where the multicast router is attached VLAN Name This is the name of the VLAN where the multicast router is attached Member Ports Ports on the Switch that will have a multicast router attache...

Page 154: ...the receiver ports in a much more timely and reliable fashion Restrictions and Provisos The Multicast VLAN feature of this switch does have some restrictions and limitations such as 1 Multicast VLANs...

Page 155: ...g button which will produce the following window for the user to configure Figure 7 28 IGMP Snooping Multicast VLAN Settings Modify window Parameter Description VLAN Name This is the VLAN Name that al...

Page 156: ...ponding information and click Add to remove previously configured group entries enter the corresponding information and click Remove All To view the IGMP Snooping Muticast VLAN Entries Table click the...

Page 157: ...ter the port for which to begin the Limited IP Multicast Range configuration Enter the lowest multicast IP address of the range To Enter the port for which to begin the Limited IP Multicast Range conf...

Page 158: ...ng multicast data There are two types of MLD query messages emitted by the router The General Query is used to advertise all multicast addresses that are ready to send multicast data to all listening...

Page 159: ...e tuning to allow for expected packet loss on a subnet The user may choose a value between 1 and 255 with a default setting of 2 If a subnet is expected to be lossy the user may wish to increase this...

Page 160: ...nterval Querier Present Interval The amount of time that must pass before a multicast router decides that there are no other querier devices present Calculated as robustness variable query interval 0...

Page 161: ...ne Click this option to not set these ports as router ports Static Click this option to designate a range of ports as being connected to a multicast enabled router This command will ensure that all pa...

Page 162: ...CTP packet and once a CTP packet has returned to the port from where it originated the Loopback Detection function will disable this port until the anomaly has ceased and the loopback occurrence will...

Page 163: ...00000 Enter a time in seconds that a port will have to wait before being recovered from a Loopback Detection shutdown The user may set a time between 60 and 1000000 seconds with a default setting of 6...

Page 164: ...Bridge Global Settings window and 4 A 4096 element table defined here as a VID List in the MST Configuration Identification window which will associate each of the possible 4096 VLANs supported by th...

Page 165: ...col introduces two new variables the edge port and the point to point P2P port Edge Port The edge port is a configurable designation used for a port that is directly connected to a segment where a loo...

Page 166: ...dow click Layer 2 Features Spanning Tree STP Bridge Global Settings link Use the STP Status pull down selector to enable or disable STP globally and choose the STP method used with the STP Version men...

Page 167: ...smissions of BPDU packets sent by the Root Bridge to tell all other switches that it is indeed the Root Bridge This field will only appear here when STP or RSTP is selected for the STP Version For MST...

Page 168: ...count can be specified from 1 to 10 The default is 3 Forwarding BPDU This field can be Enabled or Disabled When Enabled it allows the forwarding of STP BPDU packets from other network devices The def...

Page 169: ...tion Configuration Name A previously configured name set on the Switch to uniquely identify the MSTI Multiple Spanning Tree Instance If a configuration name is not set this field will show the MAC add...

Page 170: ...ure the following parameters to configure the CIST on the Switch Parameter Description MSTI ID The MSTI ID of the CIST is 0 and cannot be altered Type This field allows the user to choose a desired me...

Page 171: ...lement changes made MSTP Port Information This window displays the current MSTP Port Information and can be used to update the port configuration for an MSTI ID If a loop occurs the MSTP function will...

Page 172: ...ng is 0 auto There are two options 0 auto Selecting this parameter for the internalCost will set quickest route automatically and optimally for an interface The default value is derived from the media...

Page 173: ...stance Status Displays the current status of the corresponding MSTI ID Instance Priority Displays the priority of the corresponding MSTI ID The lowest priority will be the root bridge Click Apply to i...

Page 174: ...red starting with the selected port External Cost This defines a metric that indicates the relative cost of forwarding packets to the specified port list Port cost can be set automatically or as a met...

Page 175: ...this status for example if the port is forced to half duplex operation the p2p status changes to operate as if the p2p value were false The default setting for this parameter is true State This drop...

Page 176: ...e switch in the switch stack to be modified Port Allows the selection of the port number on which the MAC address entered above resides Click Add to implement the changes made To delete an entry in th...

Page 177: ...her forbidden from joining dynamically or that can join the multicast group dynamically using GMRP The options are None No restrictions on the port dynamically joining the multicast group When None is...

Page 178: ...specified VLAN Forward All Groups This will instruct the Switch to forward a multicast packet to all multicast groups residing within the range of ports specified above Forward Unregistered Groups Thi...

Page 179: ...E 802 1p standard that allows network administrators a method of reserving bandwidth for important functions that require a large bandwidth or have a high priority such as VoIP voice over Internet Pro...

Page 180: ...s being sent out utilizing the Access Profile commands Then on the receiving end the administrator instructs the Switch to examine packets for this tag acquires the tagged packets and maps them to a c...

Page 181: ...are sent in the following sequence A1 B1 C1 D1 E1 F1 G1 H1 A2 B2 C2 D2 E2 F2 G2 A3 B3 C3 D3 E3 F3 A4 B4 C4 D4 E4 A5 B5 C5 D5 A6 B6 C6 A7 B7 A8 A1 B1 C1 D1 E1 F1 G1 H1 For weighted round robin queuing...

Page 182: ...ngs and Port Bandwidth Table window The following parameters can be set or are displayed Parameter Description Unit Select the switch in the switch stack to be modified From To A consecutive group of...

Page 183: ...ntrol for the selected ports Results of configured Bandwidth Settings will be displayed in the Port Bandwidth Table QoS Scheduling Mechanism This drop down menu allows a selection between a Weight Fai...

Page 184: ...develop if the QoS settings are not suitable Click QoS QoS Output Scheduling to view the screen shown below Figure 8 4 QoS Output Scheduling Configuration window The following values may be assigned...

Page 185: ...ax Packet field this class of service will automatically begin forwarding packets until it is empty Once a priority class of service with a 0 in its Max Packet field is empty the remaining priority cl...

Page 186: ...1p Default Priority to view the screen shown below Figure 8 6 802 1p Default Priority window The user may adjust the following parameters Parameter Description Unit Use the pull down menu to choose th...

Page 187: ...of a class of service to each of the 802 1p priorities Click QoS 802 1p User Priority to view the screen shown below Figure 8 7 802 1p User Priority window Once a priority has been assigned to the por...

Page 188: ...r Time and SNTP Commands To open the Time Range window click ACL Time Range which will display the following window for the user to configure Figure 9 1 Time Range Settings window The user may adjust...

Page 189: ...nding days of the week that this time range is to be enabled Click the Select All Days check box to configure this time range for every day of the week Click Apply to implement changes made Currently...

Page 190: ...he Access Profile Table click the Add Profile button This will open the Access Profile Configuration page as shown below There are three Access Profile Configuration pages one for Ethernet or MAC addr...

Page 191: ...nation MAC Mask Enter a MAC address mask for the destination MAC address 802 1p Selecting this option instructs the Switch to examine the 802 1p priority value of each packet header and use this as th...

Page 192: ...stination IP Mask Enter an IP address mask for the destination IP address DSCP Selecting this option instructs the Switch to examine the DiffServ Code part of each packet header and use this as the or...

Page 193: ...inish Select UDP to use the UDP port number contained in an incoming packet as the forwarding criterion Selecting UDP requires that you specify a source port mask and or a destination port mask src po...

Page 194: ...IPv6 header This class field is a part of the packet header that is similar to the Type of Service ToS or Precedence bits field in IPv4 Flow Label Checking this field will instruct the Switch to exami...

Page 195: ...window Ethernet To set the Access Rule for Ethernet adjust the following parameters and click Apply Parameter Description Profile ID This is the identifier number for this profile set Mode Select Per...

Page 196: ...ccess profile will apply only to packets with this hexadecimal 802 1Q Ethernet type value hex 0x0 0xffff in the packet header The Ethernet type value may be set in the form hex 0x0 0xffff which means...

Page 197: ...ess Profile Table link opening the Access Profile Table Under the heading Access Rule clicking Modify will open the following window Figure 9 12 Access Rule Table window IP To create a new rule set fo...

Page 198: ...Pv6 instructs the Switch to examine the IPv6 address in each frame s header Priority 0 7 This parameter is specified if you want to re write the 802 1p default priority previously set in the Switch wh...

Page 199: ...tch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number of the range also separated by a colon are specified The beginni...

Page 200: ...ded see below Select Deny to specify that packets that match the access profile are not forwarded by the Switch and will be filtered Access ID Type in a unique identifier number for this access rule T...

Page 201: ...ss by and entering the IP address mask in hex form Port The Access Rule may be configured on a per port basis by entering the port number of the switch in the switch stack into this field When a range...

Page 202: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch Figure 9 17 Access Rule Display IPv6 188...

Page 203: ...ibed below CPU Interface Filtering State Settings In the following window the user may globally enable or disable the CPU Interface Filtering mechanism by using the pull down menu to change the runnin...

Page 204: ...to specify a mask to hide the content of the packet header VLAN Selecting this option instructs the Switch to examine the VLAN identifier of each packet header and use this as the full or partial crit...

Page 205: ...gure 9 22 CPU Interface Filtering Configuration window IP The following parameters may be configured for the IP CPU filter Parameter Description Profile ID 1 5 Type in a unique identifier number for t...

Page 206: ...frame s header Select Type to further specify that the access profile will apply an IGMP type value Select TCP to use the TCP port number contained in an incoming packet as the forwarding criterion Se...

Page 207: ...igabit Ethernet Managed Switch Figure 9 23 CPU Interface Filtering Entry Display for IP The page shown below is the Packet Content Mask configuration window Figure 9 24 CPU Interface Filtering Configu...

Page 208: ...he packet header Offset This field will instruct the Switch to mask the packet header beginning with the offset value specified value 0 15 Enter a value in hex form to mask the packet from the beginni...

Page 209: ...Ethernet IP or Packet Content Each entry will open a new and unique window as shown in the examples below Figure 9 27 CPU Interface Filtering Table Ethernet To create a new rule set for an access pro...

Page 210: ...header IP instructs the Switch to examine the IP address in each frame s header Packet Content Mask instructs the Switch to examine the packet header VLAN Name Allows the entry of a name for a previou...

Page 211: ...9 CPU Interface Filtering Rule Display Ethernet The following window is the CPU Interface Filtering Rule Table for IP Figure 9 30 CPU Interface Filtering Rule Table IP To create a new rule set for an...

Page 212: ...P instructs the Switch to examine the IP address in each frame s header Packet Content Mask instructs the Switch to examine the packet header VLAN Name Allows the entry of a name for a previously conf...

Page 213: ...iltering Rule Display IP The following window is the CPU Interface Filtering Rule Table for Packet Content Figure 9 33 CPU Interface Filtering Rule Table Packet Content To remove a previously created...

Page 214: ...xStack DGS 3400 Series Layer 2 Gigabit Ethernet Managed Switch Figure 9 34 CPU Interface Filtering Rule Configuration Packet Content 200...

Page 215: ...nstructs the Switch to examine the packet header Offset This field will instruct the Switch to mask the packet header beginning with the offset value specified value 0 15 Enter a value in hex form to...

Page 216: ...ust Host Access Authentication Control MAC Based Access Control Traffic Segmentation SSL SSH JWAC Authorization Network State Settings This window is used to Enable or Disable the Authorization Networ...

Page 217: ...using the Countdown field Figure 10 2 Traffic Control Settings window If this field times out and the packet storm continues the port will be placed in a Shutdown Forever mode which will produce a wa...

Page 218: ...osing this option obligates the user to configure the Interval setting as well which will provide packet count samplings from the Switch s chip to determine if a Packet Storm is occurring Threshold Sp...

Page 219: ...in the switch stack to be modified From To A consecutive group of ports may be configured starting with the selected port Admin State This pull down menu allows the user to enable or disable Port Sec...

Page 220: ...sponding MAC address to be deleted Click the Next button to view the next page of entries listed in this table Figure 10 4 Port Lock Entries Table This window displays the following information Parame...

Page 221: ...rization is granted The 802 1x Access Control method holds three roles each of which are vital to creating and upkeeping a stable and working Access Control security method Figure 10 6 The three roles...

Page 222: ...ee steps must be implemented on the Switch to properly configure the Authenticator 1 The 802 1x State must be Enabled DGS 3400 Web Management Tool 2 The 802 1x settings must be implemented by port Sec...

Page 223: ...used on the Switch which are 1 Port Based Access Control This method requires only one user to be authenticated per port by a remote RADIUS server to allow the remaining users on the same port access...

Page 224: ...figuration Once the connected device has successfully been authenticated the Port then becomes Authorized and all subsequent traffic on the Port is not subject to access control restriction until an e...

Page 225: ...r to successfully make use of 802 1x in a shared media LAN segment it would be necessary to create logical Ports one for each attached device that required access to the LAN The Switch would regard th...

Page 226: ...n the administrator must configure the guest accounts accessing the Switch to be placed in a Guest VLAN when trying to access the Switch Upon initial entry to the Switch the client wishing services on...

Page 227: ...ick Security 802 1X Configure 802 1X Authenticator Parameter The user may toggle between switches in the switch stack by using the Unit pull down menu Figure 10 14 Configure 802 1X Authenticator Param...

Page 228: ...ication exchange required This means the port transmits and receives normal traffic without 802 1X based authentication of the client If forceUnauthorized is selected the port will remain in the unaut...

Page 229: ...work Select None disable 802 1X functions on the port Click Apply to implement your configuration changes To view configurations for the 802 1X Authenticator Settings on a port by port basis see the 8...

Page 230: ...er and Current RADIUS Server Settings Table window This window displays the following information Parameter Description Succession Choose the desired RADIUS server to configure First Second or Third R...

Page 231: ...to first enter the IP address of the station you are currently using To view this window click Security Trust Host Figure 10 18 Security IP menu for Trusted Host configuration To configure secure IP a...

Page 232: ...e Switch The server will not accept the username and password and the user is denied access to the Switch The server doesn t respond to the verification query At this point the Switch receives the tim...

Page 233: ...e Switch will accept authentication attempts Users failing to be authenticated after the set amount of attempts will be denied access to the Switch and will be locked out of further authentication att...

Page 234: ...er Group This window will allow users to set up Authentication Server Groups on the Switch A server group is a technique used to group TACACS XTACACS TACACS RADIUS server hosts into user defined categ...

Page 235: ...ee built in server groups can only have server hosts running the same TACACS daemon TACACS XTACACS TACACS protocols are separate entities and are not compatible with each other Authentication Server H...

Page 236: ...define the virtual port number of the authentication protocol on a server host The default port number is 49 for TACACS XTACACS TACACS servers and 1813 for RADIUS servers but the user may set a uniqu...

Page 237: ...od is used the privilege level will be dependant on the local account privilege configured on the Switch Successful login using any of these techniques will give the user a User privilege only If the...

Page 238: ...e Switch Enable Method Lists The Enable Method Lists window is used to set up Method Lists to promote users with user level privileges to Administrator Admin level privileges using authentication meth...

Page 239: ...button Both actions will result in the same screen to configure Figure 10 30 Enable Method List Edit window Figure 10 31 Enable Method List Add window To define an Enable Login Method List set the fol...

Page 240: ...g this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server xtacacs Adding this parameter will require the user to be authenticated using the XTACA...

Page 241: ...ew Local Enabled field will result in a fail message Click Apply to implement changes made Enable Admin The Enable Admin window is for users who have logged on to the Switch on the normal user level a...

Page 242: ...ers for the MAC Based Access Control function on the Switch Here the user can set the state password authentication method aswell as create config or delete Guest VLANs To enable the MAC Based Access...

Page 243: ...splays the name of the previously configured Guest VLAN being used for this function Clicking the hyperlinked name will send the web manager to Guest VLAN configuration screen for MAC Based Authentica...

Page 244: ...d the target VLAN name into their appropriate fields and click Apply To change a MAC address or a VLAN in the list click the corresponding Modify button To delete a entry by MAC or vlan enter its para...

Page 245: ...urrent Traffic Segmentation Table Click on the Setup button to open the Setup Forwarding ports menu as shown below Figure 10 37 Setup Forwarding Ports Configuring traffic segmentation on the xStack DG...

Page 246: ...allows the user to choose a message digest function which will determine a Message Authentication Code This Message Authentication Code will be encrypted with a sent message to provide integrity and...

Page 247: ...e disabled To manage the Switch through the web based management while utilizing the SSL function the web browser must support SSL encryption and the header of the URL must begin with https Ex https x...

Page 248: ...Enabled by default RSA EXPORT with RC4 40 MD5 This ciphersuite combines the RSA Export key exchange and stream cipher RC4 encryption with 40 bit keys Use the pull down menu to enable or disable this c...

Page 249: ...uding specifying a password This password is used to logon to the Switch once a secure communication path has been established using the SSH protocol 2 Configure the User Account to use a specified au...

Page 250: ...onnect to the Switch to attempt another login The number of maximum attempts may be set between 2 and 20 The default setting is 2 Session Rekeying This field is used to set the time period that the Sw...

Page 251: ...ion Standard AES192 encryption algorithm with Cipher Block Chaining The default is Enabled AES256 CBC Use the pull down to enable or disable the Advanced Encryption Standard AES 256 encryption algorit...

Page 252: ...ser To configure the parameters for a SSH user click on the hyperlinked User Name in the Current Accounts window which will reveal the following window to configure NOTE To set the SSH User Authentica...

Page 253: ...s to identify the remote SSH user Host IP Enter the corresponding IP address of the SSH user Password This parameter should be chosen if the administrator wishes to use an administrator defined passwo...

Page 254: ...ame time To use the JWAC feature computer users need to pass through two stages of authentication The first stage is to do the authentication with the quarantine server and the second stage is the aut...

Page 255: ...ine Server or the JWAC Login Page Redirect Delay Time 0 10 This parameter specifies the Delay Time before an unauthenticated host is redirected to the Quarantine Server or JWAC Login Page Enter a valu...

Page 256: ...Server IP address Mask This parameter specifies the Server IP net mask Update Server Table Index This parameter displays the Index of the Server IP Address This parameter displays the Server IP Addres...

Page 257: ...after it successes to authenticate Enter a value between 0 and 1440 minutes The default setting is 1440 minutes To maintain a constant Port Configuration check the Infinite box in the JWAC configurati...

Page 258: ...thernet Managed Switch Figure 10 49 JWAC Port Table window To configure the settings by port click on the Modify button in the corresponding column which will bring you to the following window Figure...

Page 259: ...JWAC user settings in the table at the bottom of the window click the Delete All button Parameter Description User Name Enter a username of up to 15 alphanumeric characters New Password Enter the pas...

Page 260: ...o access the JWAC Host Table Settings for the Switch click Security JWAC JWAC Host Information which will open the following window Figure 10 54 JWAC Host Table Settings window To search for hosts han...

Page 261: ...ation CPU Utilization Port Utilization Packets Errors Packet Size Browse Router Port Browse MLD Router Port VLAN Status VLAN Status Port Port Access Control MAC Address Table IGMP Snooping Group MLD S...

Page 262: ...rmation To change a switch s default stacking configuration for example the order in the stack see Box Information in the Configuration folder The number of switches in the switch stack up to 12 total...

Page 263: ...tch This may be different from the values shown in the illustrations H W Version Shows the hardware version in use for the Switch This may be different from the values shown in the illustration Topolo...

Page 264: ...ization by port use the real time graphic of the Switch and or switch stack at the top of the web page by simply clicking on a port Click Apply to implement the configured settings The window will aut...

Page 265: ...Switch in the switch stack by using the Unit pull down menu and then select the port by using the Port pull down menu The user may also use the real time graphic of the Switch and or switch stack at t...

Page 266: ...ect a port to view these statistics for first select the Switch in the switch stack by using the Unit pull down menu and then select the port by using the Port pull down menu The user may also use the...

Page 267: ...kets Counts the number of packets received on the port Unicast Counts the total number of good packets that were received by a unicast address Multicast Counts the total number of good packets that we...

Page 268: ...and then select the port by using the Port pull down menu The user may also use the real time graphic of the Switch and or switch stack at the top of the web page by simply clicking on a port Click Mo...

Page 269: ...ue is 200 Unicast Counts the total number of good packets that were received by a unicast address Multicast Counts the total number of good packets that were received by a multicast address Broadcast...

Page 270: ...he port by using the Port pull down menu The user may also use the real time graphic of the Switch and or switch stack at the top of the web page by simply clicking on a port Click Monitoring Packets...

Page 271: ...ort Packets Counts the number of packets successfully sent on the port Unicast Counts the total number of good packets that were transmitted by a unicast address Multicast Counts the total number of g...

Page 272: ...ch in the switch stack by using the Unit pull down menu and then select the port by using the Port pull down menu The user may also use the real time graphic of the Switch and or switch stack at the t...

Page 273: ...lision fragments a nor mal network occurrence OverSize Counts valid packets received that were longer than 1518 octets and less than the MAX_PKT_LEN Internally MAX_PKT_LEN is equal to 1536 Fragment Th...

Page 274: ...rst select the Switch in the switch stack by using the Unit pull down menu and then select the port by using the Port pull down menu The user may also use the real time graphic of the Switch and or sw...

Page 275: ...undary LateColl Counts the number of times that a collision is detected later than 512 bit times into the transmission of a packet ExColl Excessive Collisions The number of packets for which transmiss...

Page 276: ...s are offered To select a port to view these statistics for first select the Switch in the switch stack by using the Unit pull down menu and then select the port by using the Port pull down menu The u...

Page 277: ...in length inclusive excluding framing bits but including FCS octets 128 255 The total number of packets including bad packets received that were between 128 and 255 octets in length inclusive excludin...

Page 278: ...gabit Ethernet Managed Switch 264 View Table Clicking this button instructs the Switch to display a table rather than a line graph View Line Chart Clicking this button instructs the Switch to display...

Page 279: ...port configured by a user using the console or Web based management interfaces is displayed as a static router port designated by S A router port that is dynamically configured by the Switch is design...

Page 280: ...A router port configured by a user using the console or Web based management interfaces is displayed as a static router port designated by S A router port that is dynamically configured by the Switch...

Page 281: ...Status This allows the VLAN status for each of the Switch s ports to be viewed by VLAN This window displays the ports on the Switch that are currently Egress E or Tag T ports To view the following tab...

Page 282: ...VLAN status for each of the Switch s ports to be viewed To view the following table click Monitoring VLAN Status Port Figure 11 21 VLAN Status Port window Enter the port number and click Find the VLAN...

Page 283: ...ach RADIUS Authentication server that the client shares a secret with AuthServerAddress The conceptual table listing the RADIUS authentication servers with which the client shares a secret ServerPortN...

Page 284: ...statistics between 1s and 60s where s stands for seconds The default value is one second To clear the current statistics shown click the Clear button in the top left hand corner The following informat...

Page 285: ...due to receipt of an Accounting Response a timeout or a retransmission ClientTimeouts The number of accounting timeouts to this server After a timeout the client may retry to the same server send to a...

Page 286: ...it Port Select the unit of the switch in the switch stach and a port on that switch where to find the MAC address Find Allows the user to move to a sector of the database corresponding to a user defin...

Page 287: ...e The user may search the IGMP Snooping Group Table by VLAN name by entering it in the top left hand corner and clicking Search The following field can be viewed Parameter Description VLAN Name The VL...

Page 288: ...the Reports field To view the MLD Snooping Group Table click Monitoring MLD Snooping Group Figure 11 26 MLD Snooping Group Table The following field can be viewed Parameter Description VLAN Name The V...

Page 289: ...itch History Log The information in the table is categorized as Parameter Description Type Choose the type of log to view There are two choices Regular Log Choose this option to view regular switch lo...

Page 290: ...Table window will show current ARP entries on the Switch To search a specific ARP entry enter an interface name into the Interface Name or an IP address and click Find To clear the ARP Table click Cl...

Page 291: ...Layer 2 Gigabit Ethernet Managed Switch Session Table This window displays the management sessions since the Switch was last rebooted To view this table click Monitoring Session Table Figure 11 29 Cur...

Page 292: ...a read only screen where the user may view IP addresses discovered by the Switch To search a specific IP address enter it into the field labeled IP Address at the top of the screen and click Find to b...

Page 293: ...Table window shows the current IP routing table of the Switch To find a specific IP route enter an IP address into the IP Address field along with a proper subnet mask into the Netmask field and clic...

Page 294: ...ol Authentication Status To clear MAC Based Access Control Authentication entries enter the appropriate information and click Clear To view this table click Monitoring MAC Based Access Control Authent...

Page 295: ...ned while resetting all other configuration parameters to their factory defaults NOTE Only the Reset System option will enter the factory default parameters into the Switch s non volatile RAM and then...

Page 296: ...box will instruct the Switch to save the current configuration to non volatile RAM before restarting the Switch Clicking the No click box instructs the Switch not to save the current configuration be...

Page 297: ...nges to NV RAM before rebooting the switch To retain any configuration changes permanently click Save Services Save Changes The save options allow one alternative configuration image to be stored Figu...

Page 298: ...ime States the specific time the configuration file was downloaded to the Switch From States the origin of the firmware There are five ways configuration files may be uploaded to the Switch R If the I...

Page 299: ...field has three options for configuration Delete Select this option to delete the configuration file ID specified in the Configuration ID field above Boot_up Select this option to set the configurati...

Page 300: ...ation Control IEEE 802 3x Full duplex Flow Control IEEE 802 1u Fast Ethernet IEEE 802 3af Power over Ethernet Protocols CSMA CD Data Transfer Rates Ethernet Fast Ethernet Gigabit Ethernet Fiber Optic...

Page 301: ...idity 5 95 non condensing Dimensions 441mm x 389mm x 44mm Weight DGS 3400 Series Switch DGS 3426 5 42 kg DGS 3426P 6 kg DGS 3427 5 51 kg DGS 3450 5 74 kg Module Inserts DEM 410CX 0 16 kg DEM 410X 0 18...

Page 302: ...following diagrams and tables show the standard RJ 45 receptacle connector and their pin assignments Appendix 1 1 The standard RJ 45 port and connector RJ 45 Pin Assignments Contact MDI X Port MDI II...

Page 303: ...Media Type Maximum Distance Mini GBIC 1000BASE LX Single mode fiber module 1000BASE SX Multi mode fiber module 1000BASE LHX Single mode fiber module 1000BASE ZX Single mode fiber module 10km 550m 2km...

Page 304: ...d MAC information for logging Configuration and log saved to flash Unit unitID Configuration and log saved to flash by console Username username IP ipaddr MAC macaddr Informational by console and IP i...

Page 305: ...console was unsuccessful Username username IP ipaddr MAC macaddr Warning by console and IP ipaddr MAC macaddr are XOR shown in log string which means if user login by console will no IP and MAC infor...

Page 306: ...console Web Successful login through Web Successful login through Web Username username IP ipaddr MAC macaddr Informational Login failed through Web Login failed through Web Username username IP ipadd...

Page 307: ...ailed through SSH Login failed through SSH Username username IP ipaddr MAC macaddr Warning Logout through SSH Logout through SSH Username username IP ipaddr MAC macaddr Informational SSH session timed...

Page 308: ...ethod Username username MAC macaddr Warning Successful login through SSH authenticated by AAA local method Successful login through SSH from userIP authenticated by AAA local method Username username...

Page 309: ...server serverIP Username username MAC macaddr Informational Login failed through Web authenticated by AAA server Login failed through Web from userIP authenticated by AAA server serverIP Username user...

Page 310: ...due to AAA server timeout or improper configuration Username username MAC macaddr Warning Successful Enable Admin through Console authenticated by AAA local_enable method Successful Enable Admin thro...

Page 311: ...local_enable method Enable Admin failed through SSH from userIP authenticated by AAA local_enable method Username username MAC macaddr Warning Successful Enable Admin through Console authenticated by...

Page 312: ...gh Web authenticated by AAA server Enable Admin failed through Web from userIP authenticated by AAA server serverIP Username username MAC macaddr Warning Enable Admin failed through Web due to AAA ser...

Page 313: ...ailed through SSH from userIP authenticated by AAA server serverIP Username username MAC macaddr Warning Enable Admin failed through SSH due to AAA server timeout or improper configuration Enable Admi...

Page 314: ...Invalid TTL packet received Interface string VRID id receives an invalid VRRP TTL packet Warning string is interface name Invalid length packet received Interface string VRID id receives an invalid VR...

Page 315: ...tID portNum Broadcast storm has cleared Informational Multicast storm occurrence Port unitID portNum Multicast storm is occurring Warning Multicast storm cleared Port unitID portNum Multicast storm ha...

Page 316: ...ation devices on the network broadcast storm Multiple simultaneous broadcasts that typically absorb available network bandwidth and can cause network failure console port The port on the Switch accept...

Page 317: ...ly designed to be used in managing TCP IP internets SNMP is presently implemented on a wide range of computers and networking equipment and may be used to manage many aspects of network and end statio...

Page 318: ...by the original purchaser for the defective Hardware will be refunded by D Link upon return to D Link of the defective Hardware All Hardware or part thereof that is replaced by D Link or for which th...

Page 319: ...y way that is not contemplated in the documentation for the product or if the model or serial number has been altered tampered with defaced or removed Initial installation installation and removal of...

Page 320: ...en the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with this manual may cause har...

Page 321: ...307 BSMI Warning MIC Warning CCC Warning A...

Page 322: ...ertaining to the product and in that case the product is being sold As Is without any warranty whatsoever including without limitation the Limited Warranty as described herein notwithstanding anything...

Page 323: ...pyright Statement No part of this publication or documentation accompanying this product may be reproduced in any form or by any means or used to make any derivative such as translation transformation...

Page 324: ...egistration Register online your D Link product at http support dlink com register Product registration is entirely voluntary and failure to complete or return this form will not diminish your warrant...

Page 325: ...fetime hardware warranty Warranty beneficiary The warranty beneficiary is the original end user The original end user is defined as the person that purchases the product as the first owner Duration of...

Page 326: ...or by other circumstances of which D Link is not responsible Disclaimer of warranty Please note some countries do not allow the disclaimer of implied terms in contracts with consumers and the disclaim...

Page 327: ...ustomers can contact D Link technical support through our website or by phone Tech Support for customers within the United States D Link Technical Support over the Telephone 877 354 6555 Monday to Fri...

Page 328: ...BT 10ppm UK Pence per minute other carriers may vary Times Mon Fri 9 00am 6 00pm Sat 10 00am 2 00pm 1890 886 899 Ireland 0 05ppm peak 0 045ppm off peak Times Mon Fri 9 00am 6 00pm Sat 10 00am 2 00pm D...

Page 329: ...Link D Link bietet kostenfreie technische Unterst tzung f r Kunden innerhalb Deutschlands sterreichs der Schweiz und Osteuropas Unsere Kunden k nnen technische Unterst tzung ber unsere Website per E...

Page 330: ...z contacter le service technique de D Link par notre site internet ou par t l phone Assistance technique D Link par t l phone 0 820 0803 03 0 12 min Hours Monday Friday 9h to 13h and 14h to 19h Saturd...

Page 331: ...itio web de D Link D Link ofrece asistencia t cnica gratuita para clientes residentes en Espa a durante el periodo de garant a del producto Asistencia T cnica de D Link por tel fono 34 902 30 45 45 0...

Page 332: ...Gli ultimi aggiornamenti e la documentazione sono disponibili sul sito D Link Supporto Tecnico dal luned al venerd dalle ore 9 00 alle ore 19 00 con orario continuato Telefono 199400057 Web http www...

Page 333: ...stomers within Benelux for the duration of the warranty period on this product Benelux customers can contact D Link technical support through our website or by phone Netherlands 0900 501 2007 0 15ppm...

Page 334: ...tn pomoc techniczn klientom w Polsce w okresie gwarancyjnym produktu Klienci z Polski mog si kontaktowa z dzia em pomocy technicznej firmy D Link za po rednictwem Internetu lub telefonicznie Telefonic...

Page 335: ...tuje sv m z kazn k m bezplatnou technickou podporu Z kazn ci mohou kontaktovat odd len technick podpory p es webov str nky mailem nebo telefonicky Telefon 225 281 553 Land Line 1 78 CZK min Mobile 5 4...

Page 336: ...gat s Meghajt programokat s friss t seket a D Link Magyarorsz g weblapj r l t lthet le Tel 06 1 461 3001 Fax 06 1 461 3004 Land Line 14 99 HUG min Mobile 49 99 HUF min Web http www dlink hu E mail sup...

Page 337: ...web sider D Link tilbyr sine kunder gratis teknisk support under produktets garantitid Kunder kan kontakte D Links teknisk support via v re hjemmesider eller p tlf D Link Teknisk telefon Support 800...

Page 338: ...r gratis teknisk support til kunder i Danmark i hele produktets garantiperiode Danske kunder kan kontakte D Link s tekniske support via vores hjemmeside eller telefonisk D Link teknisk support over te...

Page 339: ...a asiakkaille Suomessa D Link tarjoaa teknist tukea asiakkailleen Tuotteen takuun voimassaoloajan Tekninen tuki palvelee seuraavasti numerosta 0800 114 677 Arkisin klo 9 21 Internetin kautta Web http...

Page 340: ...pdateringar och annan anv ndarinformation D Link tillhandah ller teknisk support till kunder i Sverige under hela garantitiden f r denna produkt D Link Teknisk Support via telefon 0770 33 00 35 Vardag...

Page 341: ...de utilizador no site de D Link Portugal http www dlink pt A D Link fornece suporte t cnico gratuito para clientes no Portugal durante o per odo de vig ncia de garantia deste produto Assist ncia T cn...

Page 342: ...software updates D Link D Link D Link Hellas Support Center 64 11251 210 86 11 114 09 00 17 00 210 8611114 Web http www dlink gr support...

Page 343: ...hni ka podr ka Hvala vam na odabiru D Link proizvoda Za dodatne informacije podr ku i upute za kori tenje ure aja molimo vas da posjetite D Link internetsku stranicu na www dlink eu Web www dlink biz...

Page 344: ...hni na podpora Zahvaljujemo se vam ker ste izbrali D Link proizvod Za vse nadaljnje informacije podporo ter navodila za uporabo prosimo obi ite D Link ovo spletno stran www dlink eu Web www dlink biz...

Page 345: ...Suport tehnica V mul umim pentru alegerea produselor D Link Pentru mai multe informa ii suport i manuale ale produselor v rug m s vizita i site ul D Link www dlink eu Web www dlink ro...

Page 346: ...www dlink co in support productsupport aspx Indonesia Malaysia Singapore and Thailand Tel 62 21 5731610 Indonesia Tel 1800 882 880 Malaysia Tel 65 66229355 Singapore Tel 66 2 719 8978 9 Thailand Mond...

Page 347: ...support e mail support dlink co il Pakistan Tel 92 21 4548158 or 92 21 4548310 Sunday to Thursday 9 00am to 6 00pm http support dlink me com e mail support pk dlink me com South Africa and Sub Sahara...

Page 348: ...D Link D Link D Link D Link 495 744 00 99 http www dlink ru e mail support dlink ru...

Page 349: ...p Desk Colombia Tel fono 01800 9525465 Lunes a Viernes 07 00 am a 20 00 pm Soporte T cnico Help Desk Ecuador Tel fono 1800 035465 Lunes a Viernes 07 00 am a 20 00 pm Soporte T cnico Help Desk El Salva...

Page 350: ...rasil com br A D Link fornece suporte t cnico gratuito para clientes no Brasil durante o per odo de vig ncia da garantia deste produto Suporte T cnico para clientes no Brasil Telefone S o Paulo 11 218...

Page 351: ...D Link D Link D Link 0800 002 615 8 30 9 00 http www dlink com tw dssqa_service dlink com tw D Link http www dlink com tw...

Page 352: ...kumentasi pengguna dapat diperoleh pada situs web D Link Dukungan Teknis untuk pelanggan Dukungan Teknis D Link melalui telepon Tel 62 21 5731610 Dukungan Teknis D Link melalui Internet Email support...

Page 353: ...D Link 36 B 26F 02 05 100013 8008296688 028 66052968 028 85176948 36 B 26F 02 05 100013 010 58257789 010 58257790 http www dlink com cn 09 00 18 00...

Page 354: ...International Offices...

Page 355: ...ork at installation site 1 employee 2 9 10 49 50 99 100 499 500 999 1000 or more 3 What network protocol s does your organization use XNS IPX TCP IP DECnet Others______________________________________...

Page 356: ......

Reviews:

No comments

Related manuals for xStack DGS-3426

Brand: Brightlink Pages: 33

Brand: Cole Hersee Pages: 2

Brand: Amped Wireless Pages: 22

Brand: YA Pages: 47

VEEMUX SM-nXm-15V-LC

Brand: Network Technologies Pages: 46

Brand: Black Box Pages: 4

Brand: Mellanox Technologies Pages: 12

Brand: Cabletron Systems Pages: 120

Brand: LEGRAND Pages: 140

Brand: H3C Pages: 57

Brand: Avid Technology Pages: 34

iBootBar iBB-DC8

Brand: Dataprobe Pages: 36

Brand: NegoRack Pages: 41

Brand: Dusun Pages: 18

Brand: Enable-IT Pages: 49

Brand: CoolGear Pages: 8

Brand: MicroNet Pages: 74

Brand: Tripp Lite Pages: 3

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands