TP-Link T3700G-28TQ User Manual Download Page 333 | Manualshive

Page: 333 / 430

background image

Chapter 13

ACL

The fast growth of network size and traffic brings challenges to network security and
bandwidth allocation. Packet filtering can prevent unauthorized access behaviors and improve
bandwidth use.
ACL (Access Control List), which is based on rule matching, is primarily used for packet filtering.
ACL accurately identifies and controls packets on the network to manage network access
behaviors, prevent network attacks, and improve bandwidth use efficiency. In this way, ACL
ensures security and high service quality on networks.  It is usually applied in the following
occasions:
To prevent various network attacks, such as IP (Internet Protocol), TCP (Transmission Control
Protocol), and ICMP (Internet Control Message Protocol) packets attacks.
To manage network access behaviors, such as controlling access to a network or to specific
resources on your network.
The ACL module is mainly for ACL configuration of the switch, including three  submenus:

Time-Range

,

ACL Config

and

ACL Binding

.

13.1

Time-Range

If a configured ACL is needed to be effective in a specified time-range, a time-range should be
firstly specified in the ACL. As the time-range based ACL takes effect only within the specified
time-range, data packets can be filtered by differentiating the time-ranges.
On this switch absolute time and periodic time can be configured. Configure an absolute time
section in the form of “the start date to the end date” to make ACLs effective; configure a
periodic time section to make ACLs effective on the fixed days of the week.
The Time-Range configuration can be implemented on

Time-Range Summary

page.

13.1.1

Time-Range Summary

On this page you can view the current time-ranges.
Choose the menu

ACL

→

Time-Range

→

Time-Range Summary

to load the following page.

Figure 13-1 Time-Range Table

Configuration Procedure:

1)

To add a new time range, click “

Add

” to load the following page. Then enter the name of

the time-range for time identification and click “Create”. You can view the entry in the
Time-Range Table.

322

«
...
331
332
333
334
335
...
»

Summary of Contents for T3700G-28TQ

Page 1: ...User Guide T3700G 28TQ T3700G 52TQ 1910012358 REV3 0 0 November 2018...

Page 2: ...3 1 Login 12 3 2 Configuration 12 Chapter 4 System 14 4 1 System Info 14 4 1 1 System Summary 14 4 1 2 Device Description 16 4 1 3 System Time 17 4 1 4 Daylight Saving Time 18 4 1 5 System IPv6 19 4 1...

Page 3: ...Copy Software 51 5 2 Application Example for Stack 52 Chapter 6 Switching 53 6 1 Port 53 6 1 1 Port Config 53 6 1 2 Port Mirror 54 6 1 3 Port Security 57 6 1 4 Protected Ports 58 6 1 5 Loopback Detec...

Page 4: ...ate 92 7 6 Application Example for Protocol VLAN 93 7 7 VLAN VPN 94 7 7 1 VLAN VPN Config 95 7 7 2 Default Settings 96 7 8 GVRP 96 7 8 1 GVRP Config 98 7 8 2 Default Settings 99 7 9 Private VLAN 99 7...

Page 5: ...3 VLAN Config 146 9 2 4 Querier Config 147 9 2 5 Profile Config 149 9 3 MVR 151 9 3 1 MVR Config 151 9 3 2 Port Config 152 9 3 3 Member Config 154 9 3 4 Traffic 155 9 4 Multicast Table 156 9 4 1 Summa...

Page 6: ...Proxy ARP 191 10 6 3 Application Example for Proxy ARP 192 10 7 ARP 192 10 7 1 ARP Table 192 10 7 2 Static ARP 193 10 8 RIP 194 10 8 1 Basic Config 198 10 8 2 Interface Config 200 10 8 3 Application...

Page 7: ...Interface State 263 11 2 4 Multicast Group Table 264 11 2 5 Application Example for IGMP 265 11 3 PIM DM 267 11 3 1 PIM DM Interface 272 11 3 2 PIM DM Neighbor 272 11 3 3 Application Example for PIM...

Page 8: ...6 Service Config 313 12 3 Bandwidth Control 314 12 3 1 Rate Limit 314 12 3 2 Storm Control 315 12 4 Voice VLAN 316 12 4 1 Global Config 317 12 4 2 Port Config 318 12 4 3 OUI Config 318 12 5 Auto VoIP...

Page 9: ...5 1 DoS Defend 352 14 6 802 1X 352 14 6 1 Global Config 357 14 6 2 Port Config 357 14 7 AAA 359 14 7 1 RADIUS Server Config 360 14 7 2 TACACS Server Config 361 14 7 3 Authentication Method List Confi...

Page 10: ...Statistics 394 16 4 LLDP MED 396 16 4 1 Global Config 397 16 4 2 Port Config 398 16 4 3 Local Info 399 16 4 4 Neighbor Info 401 Chapter 17 Maintenance 402 17 1 System Monitor 402 17 1 1 CPU Monitor 40...

Page 11: ...XI...

Page 12: ...mounting brackets and other fittings Installation Guide Resource CD for the switch including This User Guide The Command Line Interface Guide SNMP MIBs 802 1X Client Software and its User Guide Other...

Page 13: ...atements information and recommendations in this document do not constitute the warranty of any kind express or implied Users must take full responsibility for their application of any products In thi...

Page 14: ...escription system time and network parameters of the switch User Management Configure the user name and password for users to manage the switch with a certain access level System Tools Manage the conf...

Page 15: ...resources of uplink devices and decrease broadcast Private VLAN mainly used in campus or enterprise networks to achieve user layer 2 separation and to save VLAN resources of uplink devices Chapter 8 S...

Page 16: ...t Routing This module is used to configure several multicast routing protocols for multicast data forwarding Here mainly introduces Global Config IGMP Configure the IGMP features PIM DM Configure the...

Page 17: ...o prevent the network from ARP attacks IP Source Guard Configure IP source guard feature to filter IP packets in the LAN DoS Defend Configure DoS defend feature to prevent DoS attack 802 1X Configure...

Page 18: ...e system log function Device Diagnose Including Cable Test and Loopback Cable Test tests the connection status of the cable connected to the switch and Loopback tests if the port of the switch and the...

Page 19: ...to better protect your network T3700G 28TQ T3700G 52TQ supports 2 power supply modules T3700G 28TQ T3700G 52TQ can fully implement resilient scalable networks due to its advanced features such as OSP...

Page 20: ...g data Yellow On Running at 10 100Mbps but no activity Yellow Flashing Running at 10 100Mbps and is transmitting or receiving data Off No device is linked to the corresponding port For T3700G 28TQ 25...

Page 21: ...o install the expansion card TX432 of TP Link for example If TX432 is installed you get another two 10Gbps SFP ports Console Port USB RJ 45 Designed to connect with the USB port of a computer for moni...

Page 22: ...ule 1 2 One AC Power Supply Module PSM150 AC has been installed in the switch The malfunctioned PSM150 AC can be replaced with a TP Link power supply module of the same model Its input voltage is 100...

Page 23: ...ame subnet addresses of the switch The IP address is 192 168 0 x x is any number from 2 to 254 Subnet Mask is 255 255 255 0 2 After a moment a login window will appear as shown in Figure 3 2 Enter adm...

Page 24: ...tive before the switch is rebooted If you want to keep the configurations effective even the switch is rebooted please click Save Config You are suggested to click Save Config before cutting off the p...

Page 25: ...mented on System Summary Device Description System Time Daylight Saving Time System IPv6 Management Port IPv4 and Management Port IPv6 pages 4 1 1 System Summary On this page you can view the port con...

Page 26: ...es the 1000Mbps port is not connected to a device Indicates the 1000Mbps port is at the speed of 1000Mbps Indicates the 1000Mbps port is at the speed of 10Mbps or 100Mbps Indicates the SFP port is not...

Page 27: ...Figure 4 3 displays the bandwidth utilization monitored every four seconds Monitoring the bandwidth utilization on each port facilitates you to monitor the network traffic and analyze the network abno...

Page 28: ...running On this page you can configure the system time and the settings here will be used for other time based functions like ACL You can manually set the system time get UTC automatically if it has...

Page 29: ...pecify the rate fetching time from NTP server Synchronize with PC S Clock When this option is selected the administrator PC s clock is utilized Note 1 The system time will be restored to the default w...

Page 30: ...figuration in Date mode This configuration is one off in use Offset Specify the time adding in minutes when Daylight Saving Time comes Start End Time Select starting time and ending time of Daylight S...

Page 31: ...g page Figure 4 7 System IPv6 The following entries are displayed on this screen Gobal Config IPv6 Enable or disable IPv6 function globally on the switch Interface Choose the interface ID to set IPv6...

Page 32: ...automatically configures a global address and other information according to the address prefix and other configuration parameters from the received RA Router Advertisement message Global Address Auto...

Page 33: ...valid time of the global address Status Displays the status of the global address Normal Indicates that the global address is normal Try Indicates that the global address may be newly configured Repea...

Page 34: ...s to modify or delete IPv4 Protocol Specify IPv4 Address allocate mode of the management port None Setup manually DHCP Allocated through DHCP IP Address Specify the IP address of the interface when th...

Page 35: ...t identifier used by the DHCPv6 client if enabled when sending messages to the DHCPv6 server AutoConfig Choose whether to allow to enable the IPv6 stateless address autoconfiguration mode via the RA m...

Page 36: ...on to the Web management page with a certain access level so as to protect the settings of the switch from being randomly changed The User Management function can be implemented on User Table and User...

Page 37: ...sword User Table Select Select the desired entry to delete the corresponding user information It is multi optional The current user information cannot be deleted User ID User Name and Access Level Dis...

Page 38: ...on When the startup process is finished the switch will read the startup config file If it fails the switch will try to read the backup config file If it fails too the switch will be restored to facto...

Page 39: ...ally reboots Note 1 It will take a few minutes to restore the configuration Please wait without any operation 2 To avoid any damage please don t power down the switch while being restored 3 After the...

Page 40: ...mance Go to http www tp link com to download the updated firmware Choose the menu System System Tools Firmware Upgrade to load the following page Figure 4 15 Firmware Upgrade Note 1 Don t interrupt th...

Page 41: ...te The System Reset option will restore the configuration to default and your current settings will be lost 4 4 Access Security Access Security provides different security measures for the remote logi...

Page 42: ...Address Mask These fields can be available for configuration only when IP based mode is selected Only the users within the IP range you set here are allowed for managing the switch MAC Address The fi...

Page 43: ...ervices 1 Authenticate the users and the servers based on the certificates to ensure the data are transmitted to the correct users and servers 2 Encrypt the data transmission to prevent the data being...

Page 44: ...g an IPv6 address for example 3001 1 for the switch you can log on to the switch s Web management page via https 3001 1 On this page you can configure the HTTPS function Choose the menu System Access...

Page 45: ...Config Hard Timeout Configure hard timeout of HTTP sessions Soft Timeout Configure soft timeout of HTTP sessions Maximum Sessions Configure maximum allowable number of HTTP sessions Certificate and Ke...

Page 46: ...werful authentication when you log on to the switch remotely through an insecure network environment It can encrypt all the transmission data and prevent the information in a remote management being l...

Page 47: ...e supported protocol Protocol V2 Enable or disable SSH V2 to be the supported protocol Idle Timeout Specify the idle timeout time The system will automatically release the connection when the time is...

Page 48: ...algorithm of SSH HMAC MD5 Select the checkbox to enable the HMAC MD5 algorithm of SSH Key Management You can get the status of the DSA and RSA keys which can also be generated or deleted here with the...

Page 49: ...ample for SSH Network Requirements 1 Log on to the switch via password authentication using SSH and the SSH function is enabled on the switch 2 PuTTY client software is recommended Configuration Proce...

Page 50: ...g to load the following page Figure 4 22 Access Control The following entries are displayed on this screen Global Config Telnet Enable or disable Telnet function globally on the switch 4 5 SDM Templat...

Page 51: ...he template name ARP Entries The maximum number of entries in the IPv4 Address Resolution Protocol ARP cache for routing interfaces IPv4 Unicast Routes The maximum number of IPv4 unicast forwarding ta...

Page 52: ...ack master to take charge of the operation management and maintenance of the stack while the other stack members process services and keep a copy configuration file in accordance with the master for p...

Page 53: ...ure 5 2 Load Distribution and Backup across Devices 3 Network scalability Each member device in the stack system is able to process protocol packets and forward data individually which enables you to...

Page 54: ...w Master Indicates the device is responsible for managing the entire stack system Member Indicates the device provides backup for the master If the master fails the stack will elect a new master from...

Page 55: ...obably brings about routing and forwarding problems on the network since the partitioned stacks keep operating with the previous IP address by default which results in same IP address being reused in...

Page 56: ...fter a period of time of broadcasting and updating information all the stack members can collect the complete topology information known as topology convergence Then the switch enters the master elect...

Page 57: ...devices already carrying manually assigned unit number If the unit number has not been used by other stack members the member device will keep it Otherwise the unit number is configured based on the...

Page 58: ...and implemented only on the related stack member which the ports belong to Stack Maintenance Stack maintenance mainly functions to monitor the join and leave of member devices collect the new topolog...

Page 59: ...n view the basic parameters of the stack function Choose the menu Stack Stack Management Stack Info to load the following page Figure 5 7 Stack Info Configuration Procedure View the basic parameters o...

Page 60: ...ays the device type of the plugged in switch Switch Description Displays the description of the switch Version Displays the current software version of the switch SFS Last Attempt Status Displays the...

Page 61: ...he Stack Member 4 Configure the SFP port s stacking feature Entry Description Role Config Master Set the switch as master Standby Member Set the switch as standby member Provision Info Unit ID Configu...

Page 62: ...d as stack ports Configured Stack Mode Configure the SFP port to be an Ethernet port or a stack port Running Stack Mode Displays whether the port is an Ethernet port or a stack port at the moment Link...

Page 63: ...Required On Stack Management Stack Config page configure the port s stack mode as Stack in Stack Port Config section 2 Configure unit ID Optional On Stack Management Stack Config page configure the u...

Page 64: ...ection pages 6 1 1 Port Config On this page you can configure port status speed mode duplex mode flow control and jumbo frames for ports Choose the menu Switching Port Port Config to load the followin...

Page 65: ...eed with the peer device thus avoiding the packet loss caused by congestion By default it is disabled Jumbo With this option properly configured the port can send jumbo frames The default MTU Maximum...

Page 66: ...ing Port Port Mirror to load the following page Figure 6 2 Mirror Session List The above page displays a mirror session and no more session can be created Click Edit to configure the mirror session on...

Page 67: ...d click Apply to make the settings effective Entry Description Session Displays session number Destination Port Input or select a physical port from the port panel as the mirroring port Ingress With t...

Page 68: ...e learned on each port thus preventing the MAC address table from being exhausted by the attack packets Choose the menu Switching Port Port Security to load the following page Figure 6 4 Port Security...

Page 69: ...Note 1 Port Security cannot be enabled on the member port of a LAG and the port with Port Security enabled cannot be added to a LAG 2 On one port Port Security and 802 1X cannot be enabled at the same...

Page 70: ...up Protected ports in the same group cannot forward traffic to each other even if they are in the same VLAN But the protected ports can forward traffic to the unprotected ports and the ports that are...

Page 71: ...tings effective 2 In the Port Config section select one or multiple ports for configuration Then set the parameters and click Apply to make the settings effective 3 View the loopback detection informa...

Page 72: ...lay alerts It is the default setting Port based In addition to displaying alerts the switch will block the port on which the loop is detected Recovery Mode If you select Port Based as the operation mo...

Page 73: ...e Web Refresh Interval 6 seconds Port Status Disable Operation mode Alert Recovery mode Auto 6 2 LAG With the LAG Link Aggregation Group function you can aggregate multiple physical ports into a logic...

Page 74: ...traffic evenly One LACP LAG supports more than eight member ports but at most eight of them can be active Using LACP protocol the switches negotiate parameters and determine the active ports When an a...

Page 75: ...ng There are six options SRC MAC The computation is based on the source MAC addresses of the packets DST MAC The computation is based on the destination MAC addresses of the packets SRC MAC DST MAC Th...

Page 76: ...ge you can manually configure the LAG The LACP feature is disabled for the member ports of the manually added Static LAG Choose the menu Switching LAG Static LAG to load the following page Figure 6 9...

Page 77: ...erly choose the load balancing algorithm to avoid data stream transferring only on one physical link For example if the destination device of the packets is a server with the fixed MAC address and IP...

Page 78: ...G Note that the group number of other static LAGs cannot be set as an Admin Key The valid value ranges from 1 to 64 Port Priority Specify the Port Priority A smaller value means a higher port priority...

Page 79: ...ffic Summary screen displays the traffic information of each port which facilitates you to monitor the traffic and analyze the network abnormity Choose the menu Switching Traffic Monitor Traffic Summa...

Page 80: ...d in Packets Tx Displays the number of packets transmitted on the port Octets Rx Displays the number of octets received on the port Error octets are counted in Octets Tx Displays the number of octets...

Page 81: ...formation of the LAGs Entry Description Auto Refresh Auto Refresh Allows you to Enable Disable refreshing the Traffic Summary automatically Refresh Rate Enter a value in seconds to specify the refresh...

Page 82: ...received packets including error packets that are between 256 and 511 bytes long Pkts512to1023Octets Displays the number of the received packets including error packets that are between 512 and 1023...

Page 83: ...MAC address cannot be learned by the other ports in the same VLAN Dynamic Address Table Automatically learning Yes No The bound MAC address can be learned by the other ports in the same VLAN Filtering...

Page 84: ...t number or link aggregation number of your desired entry Type Select the type of your desired entry All This option allows the address table to display all the address entries Static This option allo...

Page 85: ...ss entries which can be added or removed manually independent of the aging time In the stable networks the static MAC address entries can facilitate the switch to reduce broadcast packets and remarkab...

Page 86: ...ress VLAN ID Displays the corresponding VLAN ID of the MAC address Port Displays the corresponding Port number of the MAC address Here you can modify the port number to which the MAC address is bound...

Page 87: ...r updating the table That is the switch removes the MAC address entries related to a network device if no packet is received from the device within the aging time On this page you can configure the dy...

Page 88: ...the MAC address Bind Click the Bind button to bind the MAC address of your selected entry to the corresponding port statically Tips Setting aging time properly helps implement effective MAC address a...

Page 89: ...able to display all the filtering address entries MAC Address Enter the MAC address of your desired entry VLAN ID Enter the VLAN ID number of your desired entry Filtering Address Table Select Select t...

Page 90: ...wn Hosts in the same VLAN communicate with one another as if they are in a LAN However hosts in different VLANs cannot communicate with one another directly Therefore broadcast packets are limited in...

Page 91: ...ation MAC address and source MAC address to show the information about VLAN As shown in the following figure a VLAN tag contains four fields including TPID Tag Protocol Identifier Priority CFI Canonic...

Page 92: ...LANs and set various egress rules according to the different VLANs The default egress rule is UNTAG The PVID can be set as the VID number of any valid VLAN PVID PVID Port VLAN ID is the default VID of...

Page 93: ...rriving packet s VLAN tag is the same as the port s PVID the packet will be forwarded after removing its VLAN tag otherwise the packet will be forwarded with its current VLAN tag General If the egress...

Page 94: ...on for each entry Edit Click to modify the settings of VLAN Detail Click to get the information of VLAN Click Edit button to modify the settings of the corresponding VLAN Click Create button to create...

Page 95: ...ch in order to configure the ports properly Choose the menu VLAN 802 1Q VLAN Port Config to load the following page Figure 7 5 802 1Q VLAN Port Config The following entries are displayed on this scree...

Page 96: ...valid VLAN PVID Enter the PVID number of the port LAG Displays the LAG to which the port belongs VLAN Click the Detail button to view the information of the VLAN to which the port belongs Click the De...

Page 97: ...plication Example for 802 1Q VLAN Network Requirements Switch A is connecting to PC A and Server B Switch B is connecting to PC B and Server A PC A and Server A is in the same VLAN PC B and Server B i...

Page 98: ...le VLAN ID For the device in a MAC VLAN if its MAC address is bound to VLAN the device can be connected to another member port in this VLAN and still takes its member role effect without changing the...

Page 99: ...longs to 7 4 Application Example for MAC VLAN Network Requirements Switch A and switch B are connected to meeting room A and meeting room B respectively and the two rooms are for all departments Noteb...

Page 100: ...tag 3 Create VLAN20 Required On VLAN 802 1Q VLAN VLAN Config page create a VLAN with its VLAN ID as 20 owning Port 11 and Port 12 and configure the egress rule of Port 11 as Untag 4 Configure MAC VLAN...

Page 101: ...4 and Port 5 as ACCESS 2 Create VLAN10 Required On VLAN 802 1Q VLAN VLAN Config page create a VLAN with its VLAN ID as 10 owning Port 2 Port 3 and Port 5 3 Create VLAN20 Required On VLAN 802 1Q VLAN V...

Page 102: ...l be forwarded normally Otherwise the packet will be discarded 3 If the Protocol VLAN is created please set its enabled port to be the member of corresponding 802 1Q VLAN so as to ensure the packets f...

Page 103: ...late ID for this group VLAN ID Enter the ID number of the Protocol VLAN This VLAN should be one of the 802 1Q VLANs the ingress port belongs to 7 5 3 Protocol Template The Protocol Template should be...

Page 104: ...hernet protocol type field in the protocol template Note The Protocol Template bound to VLAN cannot be deleted 7 6 Application Example for Protocol VLAN Network Requirements Department A is connected...

Page 105: ...ged 3 Create VLAN20 Required On VLAN 802 1Q VLAN VLAN Config page create a VLAN with its VLAN ID as 20 owning Port 3 and Port 5 and configure the egress rule of Port 3 as Tagged 4 Create Protocol Temp...

Page 106: ...ckets To be compatible with devices coming from other manufacturers this switch can adjust the TPID values of VLAN VPN packets globally You can configure TPID values by yourself When a port receives a...

Page 107: ...ings Global TPID 8100 7 8 GVRP GVRP GARP VLAN Registration Protocol is an implementation of GARP generic attribute registration protocol GVRP allows the switch to automatically add or remove the VLANs...

Page 108: ...ore the timer times out into one Join message and sends out the message after the timer times out Join Timer To transmit the Join messages reliably to other entities a GARP entity sends each Join mess...

Page 109: ...address and a VLAN ID Then click Create to make the settings effective 1 Globally enable the GVRP feautre 2 Configure the parameters for ports 3 Click Apply to make the settings effective Entry Descr...

Page 110: ...t receive a Join message again before the timer times out The Leave Timer ranges from 20 to 600 centiseconds LAG Displays the LAG to which the port belongs Note LeaveAll Timer 10 Leave Timer Leave Tim...

Page 111: ...t port is the same as the Secondary VLAN ID One host port can only belong to one Private VLAN Primary VLAN A Private VLAN has one Primary VLAN and one Secondary VLAN Primary VLAN is the user VLAN upli...

Page 112: ...ted on the PVLAN Config and Port Config pages 7 9 1 PVLAN Config On this page you can create Private VLAN and view the information of the current defined Private VLANs Choose the menu VLAN Private VLA...

Page 113: ...VLAN 7 9 2 Port Config The Private VLAN provides two Port Types for the ports Promiscuous and Host Usually the Promiscuous port is used to connect to uplink devices while the Host port is used to conn...

Page 114: ...ription 1 Create Private VLAN Required On the VLAN Private VLAN PVLAN Config page enter the Primary VLAN and Secondary VLAN select one type of secondary VLAN and then click the Create button 2 Add por...

Page 115: ...ondary VLAN and then click the Create button 2 Add Promiscuous port to Private VLANs Required On the VLAN Private VLAN Port Config page configure the port type of Port 1 0 2 and Port 1 0 4 as Promiscu...

Page 116: ...he VLAN Private VLAN Port Config page configure the port type of Port 1 0 3 as Promiscuous enter Primary VLAN 6 and Secondary VLAN 5 and click the Apply button 3 Add Host port to Private VLANs Require...

Page 117: ...ue will be elected as the root bridge If the priority of all the switches are the same the switch with the lowest MAC address is selected as the root bridge Root Bridge The root of a spanning tree The...

Page 118: ...is the root port of switch B and port 5 is the root port of switch C port 1 and 2 are the designated ports of switch A and port 4 is the designated port of switch B port 6 is the blocked port of switc...

Page 119: ...ws the comparing operations Step Operation 1 If the priority of the BPDU received on the port is lower than that of the BPDU of the port itself the switch discards the BPDU and does not change the BPD...

Page 120: ...ternate port can rapidly transit to the new root port once the old root port failed The backup port can rapidly transit to the new designated port once the old designated port failed The condition for...

Page 121: ...AN can be mapped to only one instance IST Internal Spanning Tree A special MST instance with an instance ID of 0 By default all the VLANs are mapped to IST CST Common Spanning Tree A CST is the spanni...

Page 122: ...common root Alternate Port If a port is not selected as the designated port for it receives better BPDUs from another switch it will become an alternate port In RSTP MSTP the alternate port is the bac...

Page 123: ...d parameters Choose the menu Spanning Tree STP Config STP Config to load the following page Figure 8 4 STP Config Configuration Procedure 1 Enable spanning tree function select the STP mode and click...

Page 124: ...lue is 5 Max Hops Specify the maximum number of hops that occur in a specific region before the BPDU is discarded The valid values are from 1 to 40 and the default value is 20 Max Hops is a parameter...

Page 125: ...w the related parameters for Spanning Tree function Choose the menu Spanning Tree STP Config STP Summary to load the following page Figure 8 5 STP Summary 8 2 Port Config On this page you can configur...

Page 126: ...by 16 and the default value is 128 The port with the lower value has the higher priority In the same condition the port with the highest priority will be elected as the root port in CIST Ext Path Cos...

Page 127: ...t they can transit their states to forwarding directly Three options are supported Auto Open Force and Close Force By default it is Auto Auto The switch automatically detects if the port is connected...

Page 128: ...onnected The port is enabled with spanning tree function but not connected to any device LAG Displays the LAG number which the port belongs to Note 1 Configure the ports connected directly to terminal...

Page 129: ...ion using up to 32 characters By default it is the MAC address of the switch Revision Enter the revision from 0 to 65535 for MST region identification By default it is 0 8 3 2 Instance Config Instance...

Page 130: ...s the higher priority and the switch with the highest priority will be elected as the root bridge in the desired instance VLAN ID Enter the VLAN ID mapped to the corresponding instance ID After the mo...

Page 131: ...tance ID for its port configuration 2 Configure port parameters in the desired instance Instance ID Select Instance ID Select the desired instance ID for its port configuration Instance Port Config UN...

Page 132: ...a backup of a root port Backup Port Indicates the port is a backup of a designated port Disabled Indicates the port is not participating in the spanning tree Port Status Displays the port status Forw...

Page 133: ...ommended to enable this function on root ports and alternate ports If the switch cannot receive BPDUs because of link congestions or link failures the root port will become a designated port and the a...

Page 134: ...otect function enabled the edge port will be shut down when it receives BPDUs and reports these cases to the administrator Only the administrator can restore it BPDU Filter BPDU filter function is to...

Page 135: ...nfiguration It is multi optional Port Displays the port number of the switch Loop Protect Enable or disable the Loop Protect function It is recommended to enable this function on root ports and altern...

Page 136: ...enabled the edge port will be shut down when it receives BPDUs and reports these cases to the administrator Only the administrator can restore it BPDU Filter Enable or disable the BPDU Filter function...

Page 137: ...or the port 3 Configure the region name and the revision of MST region On Spanning Tree MSTP Instance Region Config page configure the region as TP Link and keep the default revision setting 4 Configu...

Page 138: ...switch B as the designated bridge of Instance 2 On Spanning Tree MSTP Instance Instance Config page configure the priority of Instance 2 to be 4096 Configure Switch C Step Operation Description 1 Con...

Page 139: ...nfig STP Config page enable STP function and select MSTP version On Spanning Tree Port Config Port Config page enable MSTP function for the port 3 Configure the region name and the revision of MST reg...

Page 140: ...ggestion for Configuration Enable TC Protect function for all the ports of switches Enable Root Protect function for all the ports of root bridges Enable Loop Protect function for the non edge ports E...

Page 141: ...ppose a point to multi point service is required unicast is suitable for networks with sparsely users whereas broadcast is suitable for networks with densely distributed users When the number of users...

Page 142: ...dress a logical MAC address is needed to be used as the destination address As stipulated by IANA the high order 24 bits of a multicast MAC address begins with 01 00 5E while the low order 23 bits of...

Page 143: ...es transmitted between the host and the router and tracks the IGMP messages and the registered port When receiving IGMP report message the switch adds the port to the multicast address table when the...

Page 144: ...le when its member port time times out The host running IGMPv2 or IGMPv3 sends IGMP leave message when leaving a multicast group to inform the multicast router of its leaving When receiving IGMP leave...

Page 145: ...re displayed on this screen Global Config IGMP Snooping Enable or disable IGMP Snooping function globally on the switch Unknown Multicast Configure the way how the switch processes the multicast data...

Page 146: ...for the desired port If Fast Leave is enabled for a port the switch will immediately remove this port from the multicast group upon receiving IGMP leave messages Member Port Time Member ports are port...

Page 147: ...to one profile LAG Displays the LAG number which the port belongs to Note 1 Fast Leave on the port is effective only when the host supports IGMPv2 or IGMPv3 2 When both Fast Leave feature and Unknown...

Page 148: ...ber port any more Router Port Time Specify the aging time of the router port Within this time if the switch doesn t receive IGMP query message from the router port it will consider this port is not a...

Page 149: ...uration it indicates the IGMP Snooping is not enabled in the VLAN thus the multicast data in the VLAN will be broadcasted 9 1 4 Querier Config In an IP multicast network that runs IGMP a Layer 3 multi...

Page 150: ...ry Interval which is amount of time the device remains in non querier mode after it has discovered that there is a multicast querier in the network IGMP Snooping Querier Table Select Select the desire...

Page 151: ...he profile Permit Only permit the IP address within the IP range and deny others Deny Only deny the IP address within the IP range and permit others Search Option Profile ID Enter the profile ID the d...

Page 152: ...dress within the IP range and deny others Deny Only deny the IP address within the IP range and permit others Add IP range Start IP Enter the start IP address of the IP range End IP Enter the end IP a...

Page 153: ...ends MLD query messages After receiving the MLD query messages the switch will remove the port from the multicast address table if the switch receives no MLD report message from the host within a peri...

Page 154: ...ly reset 3 Member Leave The host will send MLD Done message when leaving a multicast group to inform the router of its leaving When Immediate Leave is not enabled in a VLAN and a Done message is recei...

Page 155: ...unknown multicast data Unknown IPv6 multicast packets refer to those packets without corresponding forwarding entries in the IPv6 multicast table When unknown multicast filter is enabled the switch w...

Page 156: ...Leave is enabled for a port the switch will immediately remove this port from the multicast group upon receiving MLD done messages Member Port Time Member ports are ports connected to multicast group...

Page 157: ...he LAG number 9 2 3 VLAN Config Multicast groups established by MLD Snooping are based on VLANs On this page you can configure different MLD parameters for different VLANs Choose the menu Multicast ML...

Page 158: ...ure of the VLAN Member Port Time Displays the member port time of the VLAN Router Port Time Displays the router port time of the VLAN Max Response Time Displays the max response time of the VLAN Stati...

Page 159: ...ant to receive IP multicast traffic The MLD snooping feature listens to these MLD reports to establish appropriate forwarding Query VLAN Address Enter the General Query Message source IP address MLD V...

Page 160: ...ime Last Querier Address Table VLAN ID Displays the VLAN ID Last Querier Address Displays the Last Querier Address MLD Version Displays the Last Querier Version 9 2 5 Profile Config On this page you c...

Page 161: ...s the profile ID Mode Displays the attribute of the profile Permit Only permit the IP address within the IP range and deny others Deny Only deny the IP address within the IP range and permit others Bi...

Page 162: ...ent VLANs In IGMP snooping if member ports are in different VLANs a copy of the multicast streams is sent to each VLAN that has member ports While MVR provides a dedicated multicast VLAN to forward mu...

Page 163: ...MP router on the Multicast VLAN Multicast VLAN Specify the VLAN on which the multicast data will be received Query Response Time Set the maximum time wait for the IGMP membership report on a receiver...

Page 164: ...VR settings on the specific interface It is multi optional Port Displays the port number of the switch Mode Enable or disable MVR on this port Type Configure an port as one of the following type None...

Page 165: ...leave message is received on this port without sending an IGMP query message and waiting for the IGMP group membership report This function should only be enabled on receiver ports to which a single...

Page 166: ...t VLAN and the IP multicast address specified above Multicast VLAN Registration Group Table MVR Group IP Displays the IP multicast address Status Displays the status of the multicast group Members Dis...

Page 167: ...following page Figure 9 20 Multicast Table The following entries are displayed on this screen Multicast MAC Address Stats Max MFDB Table Entries Displays the Max MFDB Table Entries Most MFDB Entries...

Page 168: ...multicast MAC entries Source Displays the source of the multicast MAC entries Type Displays the type of the multicast MAC entries Forward Port Displays the forward port of the multicast MAC entries 9...

Page 169: ...All Displays all multicast MAC entries VLAN ID Enter the VLAN ID the desired entry must carry MAC Address Enter the multicast MAC address the desired entry must carry Forward Port Enter the forward po...

Page 170: ...d the desired entries quickly All Displays all multicast MAC entries VLAN ID Enter the VLAN ID the desired entry must carry MAC Address Enter the multicast MAC address the desired entry must carry For...

Page 171: ...address the desired entry must carry Forward Port Enter the forward port number the desired entry must carry MLD Multicast MAC Address Table VLAN ID Displays the VLAN ID of the multicast MAC entries M...

Page 172: ...Address List Enter the source address list the desired entry must carry Source Specific Multicast Groups Table VLAN ID Displays the VLAN ID of the entries Group Displays the Group of the entries Inter...

Page 173: ...de Enter the source filter mode the desired entry must carry Interface Enter the interface the desired entry must carry Source Specific Multicast Groups Table VLAN ID Displays the VLAN ID of the entri...

Page 174: ...s Ever Used of source specific multicast Current Entries Displays the Current Entries of source specific multicast MLD Snooping Total Entries Displays the Max MFDB Table Entries Most SSM FDB Entries E...

Page 175: ...interface in Layer 3 mode and mainly used for realizing the Layer 3 connectivity between VLANs or routed ports Each VLAN interface is corresponding to one VLAN Each routed port is corresponding to on...

Page 176: ...the ID of the interface Mode Displays IP address allocation mode None without ip Static setup manually DHCP allocated through DHCP IP Address Displays the IP address of the interface Subnet Mask Displ...

Page 177: ...ce ID Displays ID of the interface including VLAN ID loopback interface and routed port IP Address Mode View and modify the IP address allocation mode None Without IP address Static Setup manually DHC...

Page 178: ...le This page displays the routing information summary generated by different routing protocols Choose the menu Routing Routing Table Routing Table to load the following page Figure 10 4 Routing Table...

Page 179: ...s to add a static route Then click Create 2 In the Static Route Table section you can view the corresponding interface entry you create Entry Description Static Routing Config Static Route Table Desti...

Page 180: ...2 168 0 1 the mask as 255 255 255 0 and the interface name as VLAN10 Destination Address Displays the destination IP address of the packets Subnet Mask Displays the subnet mask of the destination IP a...

Page 181: ...me as VLAN30 3 Add static route entry Required On page Routing Static Routing Static Routing Config add a static route entry with the destination as 192 168 0 0 the subnet mask as 255 255 255 0 and th...

Page 182: ...cific DHCP clients e g web server the configuration parameters are manually specified by the administrator and are assigned to these clients via a DHCP server 2 Automatic Assignment The DHCP server mu...

Page 183: ...d 4 DHCP acknowledgement The server selected in the DHCP REQUEST message commits the binding for the client to persistent storage and responds with a DHCP ACK message containing the configuration para...

Page 184: ...ore its protocol software has been configured should clear the first bit to 0 A server or relay agent sending or relaying a DHCP message directly to a DHCP client should examine the first bit in the f...

Page 185: ...ption is option1 which identifies the assigned IP address with network and its length is 4 octets 2 option 3 Router option The router option is option 3 which specifies an IP address for routers on th...

Page 186: ...particulars of DHCP option please refer to RFC 2132 In the next section DHCP Server and DHCP Relay function on this switch will be introduced in detail Application Environment of DHCP Server DHCP Ser...

Page 187: ...hoose another IP as destination IP to test again The server will assign the IP address if the server not receives the Reply packet in the Ping time Policy of IP Assignment The switch chooses the IP as...

Page 188: ...IP Address and End IP Address to specify the range of reserved IP addresses Click Create 4 In the Conflict IP Address Table section you can view the list of the IP addresses that should not be assigne...

Page 189: ...age Figure 10 12 Pool Setting Configuration Procedure 1 Enter the pool name and choose the pool type 2 Configure the pool parameters according to your actual needs Click Create Entry Description Ping...

Page 190: ...s the binding mode select a hardware type The hardware type includes Ethernet and IEEE802 Lease Time Specify the lease time of IP addresses in the pool Days Specify the days of the lease time of IP ad...

Page 191: ...clients should use when resolving host names via DNS Bootfile Specify the name of the bootfile If needed the clients can get the bootfile from the TFTP server for auto installation option 60 Specify...

Page 192: ...code Option TYPE Specify the extend option type Option VALUE Specify the extend option value 10 4 4 Binding Table Choose the menu Routing DHCP Server Binding Table to load the following page Figure 10...

Page 193: ...0 15 Statistics Configuration Procedure View the DHCP packets the switch received or sent Entry Description Binds Automatic Bindings Displays the DHCP Server auto bindings Expired Bindings Displays th...

Page 194: ...Create VLAN interface Required On the Routing Static Routing Static Routing Config page create the interface IP address of the VLAN 4 Enable DHCP Server Required On the Routing DHCP Server DHCP Server...

Page 195: ...ace Required On page Routing Interface Interface Config configure VLAN interface 192 168 10 1 24 for VLAN10 192 168 20 1 24 for VLAN20 and 192 168 30 1 for VLAN30 3 Enable DHCP Server Required On page...

Page 196: ...ed On the Routing DHCP Relay DHCP Server page specify the DHCP Server with the IP address of the central switch 10 5 DHCP Relay Application Environment of DHCP Relay In DHCP model DHCP clients broadca...

Page 197: ...eld with the interface IP of the receiving port optionally insert the option 82 information and then forward the packet to the server When receiving DHCP OFFER and DHCP REQUEST packets from the server...

Page 198: ...options are defined as follows The Circuit ID is defined to be the number and VLAN of the port which receives the DHCP Request packets The Remote ID is defined to be the MAC address of DHCP Relay devi...

Page 199: ...82 on the relay device closest to the client Existed Option 82 Field Select the operation for the Option 82 field of the DHCP request packets Keep Indicates keeping the Option 82 field of the packets...

Page 200: ...and then enter the server address of the interface 2 Click Create to specify the DHCP server for the interface Entry Description Add DHCP Server Address Interface ID Select the interface type and ente...

Page 201: ...to respond to this request This can be achieved by the device running proxy ARP Within the same network segment hosts connecting with different layer 3 ports can communicate with each other through La...

Page 202: ...port Status Enable or disable Proxy ARP 10 6 2 Local Proxy ARP On this page you can enable Local Proxy ARP function for the layer 3 port Choose the menu Routing Proxy ARP Local Proxy ARP to load the...

Page 203: ...heir ports 2 Create VLAN Interface 2 Required On Routing Interface Interface Config page create VLAN Interface 2 with its IP address as 192 168 2 1 subnet mask as 255 255 255 0 and interface name as V...

Page 204: ...pe Displays the type of an ARP entry STATIC A static ARP entry that will always be remained DYNAMIC A dynamic ARP entry that will be deleted after aging time 10 7 2 Static ARP You can add desired stat...

Page 205: ...using UDP packets for exchanging information through port 520 RIP uses hop to measure the distance to a destination The hop count from a router to a directly connected network is 0 The hop count from...

Page 206: ...ting loops and save bandwidth Poison reverse A router sets the metric of routes received from a neighbor to 16 and sends back these routes to the neighbor to help delete such information from the neig...

Page 207: ...default type using 224 0 0 9 as the multicast address The interface working in the RIPv2 broadcast mode can also receive RIPv1 messages RIP Message Format 1 RIPv1 message format A RIPv1 message consi...

Page 208: ...v2 sets the AFI field of the first route entry as 0xFFFF to identify authentication information See Figure 10 26 Figure 10 29 RIPv2 Authentication Message Authentication Type A value of 2 represents p...

Page 209: ...hms You could configure the protocol below to active as you like Choose the menu Routing RIP Basic Config to load the following page Figure 10 30 RIP Basic Config The following entries are displayed o...

Page 210: ...the default metric for the redistributed routes The valid values are 1 to 15 Redistribute Static Choose to distribute Static router entries to RIP the default is disable Redistribute OSPF Choose to d...

Page 211: ...using multicast RIP 1c send RIP version 2 packets using broadcast Receive Version Select what RIP control packets the interface will accept from the pulldown menu RIPv1 accept only RIP version 1 form...

Page 212: ...B with the use of RIPv2 Network Diagram Configuration Procedure Configure Switch A Step Operation Note 1 Enable RIP Required On page Routing RIP Basic Config enable RIP select RIPv2 as RIP version 2...

Page 213: ...routers in the same area Thus the smaller link state database requires lower memory consumption from the routers and the less routing information to manage also releases certain CPU resources for the...

Page 214: ...protocol 1 Autonomous System Autonomous System short for AS is a set of routers using the same routing protocol to exchange routing information OSPF working within an AS is an internal gateway protoc...

Page 215: ...4 0 0 5 LSU and LSAck packets are multicast 224 0 0 5 or unicast DD and LSR packets are unicast 4 P2P Point to Point When the link layer protocol is PPP or HDLC the link always connects a pair of rout...

Page 216: ...icates the status of the router in a network segment rather than the features of the router on the network Every network segment needs to elect a DR and a BDR to synchronize the routing information Th...

Page 217: ...he root thus to describe the shortest forward path to every network node it knows and create a routing table according to the topology of shortest forward path and provide a basis for data forwarding...

Page 218: ...e link state database via LSA request LSA update and LSA acknowledgement packets But in the actual module of router network how do the routers flood the change of local network to the entire network t...

Page 219: ...uting table so any delicate changes in the network topology will require the routers in the entire network to re synchronize and re calculate which will cause the network to be in the state of frequen...

Page 220: ...e 10 35 shows after the area partition of the network the routers need to accomplish different tasks due to their locations in different areas according to which the routers can be classified into 4 t...

Page 221: ...ld provide a logical link for Area 2 to connect with the backbone area A virtual link is a point to point connection between two ABRs Hence simply configuring the virtual link parameters on two ordina...

Page 222: ...the external routing information described by AS External LSA either But it does allow ASBR in the area to spread in the NSSA the routing information as Type 7 LSA which is learned by other routing pr...

Page 223: ...ves as the root node The OSPF protocol routing calculation is simply presented as below 1 Each OSPF router would generate LSA according to its own link state or routing information and then send it th...

Page 224: ...er protocol segment are OSPF ones This device abides by the standard RFC protocol And we are going to introduce the packet formats involved in the course of OSPF routing protocol running according to...

Page 225: ...Authentication The 64 bit authentication information fields behind are all 0 1 Plain text Authentication The 64 bit authentication information behind is the password to authenticate 2 MD5 Ciphertext A...

Page 226: ...ertising router within the specified age time it will delete the advertising router from its neighbor table Only routers with the coincident dead interval can be neighbors 5 Designated Router ID The i...

Page 227: ...the master slave router having been elected the master router randomly determines the sequence number of the first DD packet and then the sequence number of the following DD packets increments by one...

Page 228: ...ving a LSU the router will send to the router forwarding the LSU packet a LSAck packet including the LSA header it receives to confirm whether the data received is correct 7 LSA OSPF protocol defines...

Page 229: ...to the other area 4 ASBR Summary LSA Originates from ABR and describes the routers from ABR to ASBR and advertises the path to ASBR to the area ABR connects 5 AS External LSA Originates from ASBR and...

Page 230: ...tual link 8 Configuration of Stub Area and NSSA 9 ABR route summarization to summarize the intra area routing information with the same prefix with a single route and then distribute it to other areas...

Page 231: ...es the router within the autonomous system AS OSPF Process Table Select Select the desired item for configuration It is multi optional Process ID Displays the configured OSPF process Active Router ID...

Page 232: ...s to configure 2 Configure the relevant parameters and functions 3 Click Apply Entry Description Select Current Process Current Process Select the desired OSPF process for configuration Default Route...

Page 233: ...llest distance will be inserted to IP routing table The valid value ranges from 0 to 255 and the default is 110 RFC 1583 Compatibility Select the preference rules that will be used when choosing among...

Page 234: ...fault Configure the global passive mode settings for all OSPF interfaces Configuring this field will overwrite any present interface level passive mode settings OSPF does not form adjacencies on passi...

Page 235: ...dress of the network Wildcard Mask Displays the wildcard mask of the network Area ID Displays the area to which the network belongs 10 9 4 Interface Choose the menu Routing OSPF Interface to load the...

Page 236: ...t a link state update packet over the selected interface The valid value ranges from 1 to 65535 seconds and the default is 1 second Cost The link cost OSPF uses this value in computing shortest paths...

Page 237: ...Router or a Designated Router until it transitions out of Waiting state This prevents unnecessary changes of Backup Designated Router DR This router is itself the Designated Router on the attached ne...

Page 238: ...changed its state Click Edit to display the following figure Figure 10 51 Interface Config Configuration Procedure 1 Configure the OSPF parameters of the interface 2 Click Apply Entry Description Inte...

Page 239: ...it takes to transmit a link state update packet over the selected interface The valid value ranges from 1 to 65535 seconds and the default is 1 second Cost The link cost OSPF uses this value in comput...

Page 240: ...b area The valid value ranges from 1 to 16777214 Summary Set whether or not the specified Area will allow Summary Link State Advertisements Summary LSAs to be imported into the area from other areas I...

Page 241: ...lt route and it can be modified SPF runs Displays the number of times that the intra area route table has been calculated using this area s link state database This is typically done using Dijkstra s...

Page 242: ...ocedure 1 Select a process 2 Configure the relevant parameters 3 Click Apply Entry Description Area Aggregation Config Process ID Select the desired OSPF process for configuration Area ID The 32 bit u...

Page 243: ...k to load the following page Figure10 54 Virtual Link Configuration Procedure 1 Select a process 2 Configure the relevant parameters 3 Click Apply Entry Description Virtual Link Creation Process ID Se...

Page 244: ...specified interface in seconds This specifies how long a router will wait to see a neighbor router s Hello packets before declaring that the router is down This parameter must be the same for all rout...

Page 245: ...bution Choose the menu Routing OSPF Route Redistribution to load the following page Figure10 55 Route Redistribution Configuration Procedure 1 Select a Source to be enabled with Route Redistribution 2...

Page 246: ...cess to display its neighbor list Interface Displays the interface for which neighbor list is to be displayed Neighbor IP Address The IP address of the neighboring router s interface to the attached n...

Page 247: ...t advanced state short of beginning adjacency establishment The Backup Designated Router is selected from the set of neighbors in state 2 Way or greater ExStart This is the first step in creating an a...

Page 248: ...k Summary ASBR Summary External Type 5 NSSA External Type 7 Link State ID The Link State ID identifies the piece of the routing domain that is being described by the advertisement The value of the LS...

Page 249: ...1 with the IP 1 10 1 1 24 and routed port 1 0 2 with the IP 1 20 1 1 24 2 Create OSPF process Required On page Routing OSPF Process Create OPSF process 1 and configure the Router ID as 1 1 1 1 3 Crea...

Page 250: ...ure network 1 20 0 0 16 in area 1 Configure Switch D Step Operation Description 1 Create routing interfaces and their IP addresses Required On page Routing Interface Interface Config create routed por...

Page 251: ...tion protocol and thus provides routing service for hosts Therefore communication between hosts and external network can be established without interruption Advantages of VRRP VRRP owns the following...

Page 252: ...from 0 to 255 the bigger the number is the higher the priority is Configurable range is 1 254 The priority value 0 is reserved for the current master when it gives up its role as master router For ex...

Page 253: ...the VRRP packets conducts digest operation on VRRP packets using authentication data and MD5 algorithm The result is saved in Authentication Header The router which has received the VRRP packet condu...

Page 254: ...C is the master router Device A and B are backup routers To realize the workload balancing among Device A B and C the default gateway of the hosts associated with the LAN should be set as Virtual Rout...

Page 255: ...y if you are creating a new VRRP group The VRID ranges from 1 to 255 Interface Select the VLAN interface ID or router interface ID for the new VRRP group Virtual IP Assign a virtual IP address for the...

Page 256: ...ecified VRRP group If you do not configure the tracked interface the track information will not display here Figure 10 61 Detailed Specified VRRP Information Entry Description VRID Displays the VRID a...

Page 257: ...sociated with the VRRP group Virtual MAC Displays the Virtual MAC address associated with the VRRP group Tracked Interface Displays the tracked interface ID Reduced Priority Displays the reduced prior...

Page 258: ...y By default it is enabled Delay Time Specify the time that a backup router has to wait for before setting itself as the master when the current master is considered to be unavailable It ranges from 0...

Page 259: ...elect the VRID associated with your desired VRRP group Type Set the type of the virtual IP address Virtual IP Add an IP address for the VRRP group You can add up to 32 virtual IP addresses associated...

Page 260: ...fig to load the following page Figure10 64 Track Config Configuration Procedure Select the interface and VRID associated with your desired VRRP group and add track information for the VRRP group Then...

Page 261: ...racking the uplink interface the devices in the VRRP group must work in preemption mode 10 10 5 Virtual Router Statistics You can view global and detailed statistics of VRRP groups Choose the menu Rou...

Page 262: ...ck IP TTL Errors Displays the number of VRRP packets received by the virtual router with IP TTL Time To Live not equal to 255 Zero Priority Packets Received Displays the number of VRRP packets receive...

Page 263: ...ent should configure this Virtual IP as the default gateway 4 Configure the priority Optional On page Routing VRRP Advanced Config configure the priority value to be used by the VRRP router in the ele...

Page 264: ...face as VLAN 2 and the Virtual IP as 192 168 1 10 4 Configure VRRP priority On page Routing VRRP Advanced Config configure the VRRP priority of interface VLAN 2 as 110 Configure Switch B Steps Operati...

Page 265: ...e routing protocol IGMP stands for Internet Group Management Protocol It is responsible for members management of IP multicast in the TCP IP and is used to establish and maintain the multicast member...

Page 266: ...ne otherwise network congestion and malfunction of the multicast members may occur SSM Source Specific Multicast In the SSM model the receivers know the exact location of the multicast source The SSM...

Page 267: ...nfig Mroute Table to load the following page Figure 11 2 Mroute Table The following entries are displayed on this screen Search Option All Select All to display all entries Group Select Group and ente...

Page 268: ...lticast member relationships between the IP host and its directly neighboring multicast routers So far there are three IGMP versions IGMPv1 defined in RFC 1112 IGMPv2 defined in RFC 2236 IGMPv3 define...

Page 269: ...ssage to G1 to declare it belongs to G1 As all the hosts and routers can receive this membership report message and the IGMP routers Router A and Router B already know there is a host interested in G1...

Page 270: ...ll start up a timer known as the Other Querier Present Timer This timer will be reset if the non querier receives the IGMP query message before the timer runs out otherwise the former querier will be...

Page 271: ...can be marked with EXLUDE Sources S1 S2 As shown in Figure 11 4 there are two multicast sources Source 1 S1 and Source 2 S2 sending multicast data to multicast group G Host B is only expecting the mu...

Page 272: ...ceive the multicast data sending to this multicast group with its source not in the specified source list TO_IN indicating the mapping relationship between the multicast group and the multicast source...

Page 273: ...se the menu Multicast Routing IGMP Interface Config to load the following page Figure 11 6 Interface Config The following entries are displayed on this screen Search Option All Displays all the interf...

Page 274: ...Query Interval ranging from 1 to 300 The default is 31 seconds Startup Query Count The number of general queries to be sent on startup ranging from 1 to 20 The default is 2 Last Member Query Interval...

Page 275: ...system is the querier this will be zero Wrong Version Queries Received The current number of dynamic groups for the selected interface Number of Joins Received The number of times a group membership...

Page 276: ...p 11 2 5 Application Example for IGMP Network Requirements 1 Receivers of different organizations form the stub networks N1 and N2 and Host A and Host C are the multicast information receivers in N1 a...

Page 277: ...e switches via the unicast routing protocol The detailed configuration steps are omitted here 2 Enable the IP multicast routing and enable the IGMP function on the interfaces of the user side Configur...

Page 278: ...the RPF Reverse Path Forwarding check mechanism to forward the multicast data There are two types of multicast routing and forwarding tables in the multicast implementation All the multicast route in...

Page 279: ...The router looks up the static multicast routing table with the IP address of the packet source specified as the source address and selects an optimal static multicast route automatically The correspo...

Page 280: ...n RFC 3973 is a multicast routing protocol in dense mode It uses Push Mode to transfer multicast packets and applies to small network with relatively dense multicast group members The working mechanis...

Page 281: ...ithout receivers downstream are pruned The downstream branches with no receivers will send prune message to the upstream node to delete the corresponding interface in the output interface list of the...

Page 282: ...will keep sending graft messages until being confirmed Assert Mechanism If there are multiple multicast routers in one network segment these routers may send the same multicast packets to this networ...

Page 283: ...terface The interface for which data is to be displayed or configured You must have configured at least one router interface before configuring or displaying data for a PIM DM interface Status Select...

Page 284: ...he time since the PIM neighbor last became a neighbor of the local switch Expires The time remaining before the PIM neighbor will be aged out Configuration Procedure for PIM DM Step Operation Descript...

Page 285: ...to Switch B in VLAN 2 connects to Switch C in VLAN 3 The Source server connects to Switch A in VLAN 1 4 Host A and B connect to Switch B in VLAN 4 Host C and D connect to Switch C in VLAN 5 5 The VLAN...

Page 286: ...and PIM DM Enable multicast routing on Multicast Routing Global Config page Enable PIM DM on VLAN interfaces 2 3 4 and 5 on Multicast Routing PIM DM PIM DM Interface page 4 Enable IGMP Enable IGMP on...

Page 287: ...Discovering DR Electing RP Discovering RPT Building Multicast Source Registering Switching from RPT to SPT Asserting Neighbor Discovering The neighbor discovering mechanism of PIM SM and PIM DM is the...

Page 288: ...ward it In this network an RP can be statically designated among the routers in the PIM SM domain in more circumstances the PIM SM domain is of large scale and the forwarding data for the RP is huge T...

Page 289: ...establishing process of RPT is illustrated below 1 When a receiver joins a multicast group G it informs the directly connected DR with IGMP message 2 After receiving the IGMP message from multicast g...

Page 290: ...ce S s directly connected DR receives a multicast packet sent from the multicast source to the multicast group G the DR will encapsulate this packet into a register packet and send it to the correspon...

Page 291: ...the same For more details refer to Assert Mechanism BSR Administrative Domain BSR is the administrative core in the PIM SM domain The BSR is exclusive in one PIM SM domain and it advertises the RP Se...

Page 292: ...ge Select Select the desired interface to configure Interface Displays the VLAN interface which you can configure Status Select to enable or disable PIM SM function on the interface Hello Interval Spe...

Page 293: ...PIM SM Neighbor Interface The physical interface on which PIM DM is enabled Neighbor The IP address of the PIM neighbor for which this entry contains information Uptime The time since the PIM neighbo...

Page 294: ...hash function is called All groups with the same seed hash correspond to the same RP The valid value range from 0 to 32 and the default value is 30 Priority Specify the priority of the BSR The BSR wi...

Page 295: ...k Length Displays the hash mask length of the Candidate BSR 11 4 4 RP In the PIM SM mode RP receives multicast data from the source and transmits the data down the shared tree to the multicast group m...

Page 296: ...the static RP will take effect no matter the candidate RP is configured or not Otherwise the static RP will be invalid when the candidate RP is configured PIM SM Candidate RP Config Configure the can...

Page 297: ...lect All to display all entries RP Select RP and enter the RP IP address of desired entry Group to RP Mappings Information Group Displays the group address RP Displays the RP address Info Source Displ...

Page 298: ...gure static RP or configure candidate BSR and candidate RP Required Configure static RP or configure a specified routing interface as candidate RP on Multicast Routing PIM SM RP page Configure a speci...

Page 299: ...e source specific multicast group ip address Group Displays the source specific multicast group ip address Group Mask Displays the source specific multicast group ip address mask 11 4 8 Packet Statist...

Page 300: ...ets Statistics Error Packet Err Packets Statistics 11 4 9 Application Example for PIM SM Network Requirements 1 Receivers receive VOD data through multicast The whole network runs PIM SM as multicast...

Page 301: ...Description 1 Configure interface Configure IP addresses and subnet masks of VLAN interfaces 1 2 and 3 on Routing Interface Interface Config page 2 Configure routing protocol Configure the routing ent...

Page 302: ...en the multicast network topology is the same as that of the unicast network receivers can receive the multicast data through the unicast route But in some circumstances the multicast network topology...

Page 303: ...path Router A Router C which is the same as the unicast path When Router C is configured with static multicast routing and the RPF neighbor of Router C to Source is configured as Router B the multica...

Page 304: ...Displays the IP address of the multicast source Source Mask Displays the subnet mask of source RPF Neighbor Displays the IP address of the neighbor router Distance Displays the Administrative distance...

Page 305: ...the multicast routing features Configure Switch A Step Operation Note 1 Enable IP multicast routing Required On page Multicast Routing Global Config Global Config enable the Multicast Routing functio...

Page 306: ...1 2 Configure Switch C Step Operation Note 1 Enable IP multicast routing Required On page Multicast Routing Global Config Global Config enable the Multicast Routing function globally 2 Enable PIM DM R...

Page 307: ...e ingress packets to different priority queues based on the priority modes This switch implements three priority modes based on port on 802 1P and on DSCP Queue scheduling algorithm When the network i...

Page 308: ...e you can configure different DS field mapping to the corresponding priority levels Non IP datagram with 802 1Q tag are mapped to different priority levels based on 802 1P priority mode if 8021 1P Pri...

Page 309: ...TC1 TC2 TC3 TC4 TC5 and TC6 is 1 2 3 4 5 6 7 Figure 12 5 WRR Mode 3 SP WRR Mode Strict Priority Weight Round Robin Mode In this mode this switch provides two scheduling groups SP group and WRR group...

Page 310: ...an be configured to trust one of the packet fields 802 1p or IP DSCP or to not trust any packet s priority designation untrusted mode Choose the menu QoS Class of Service Trust Mode to load the follow...

Page 311: ...splays the physical port number of the switch Priority Specify the CoS queue that the port will be mapped to The packets are firstly mapped to CoS queues then to TC queues according to the 802 1P CoS...

Page 312: ...P CoS to Queue Mapping On this page you can configure the mapping relation between the 802 1P priority CoS id and the TC id 802 1P gives the Pri field in 802 1Q tag a recommended definition This field...

Page 313: ...t trust 802 1p mode 2 Configure the mapping relation between the 802 1P priority CoS and the TC Required On QoS Class of Service 802 1P CoS to Queue Mapping page configure the mapping relation between...

Page 314: ...mapped to The switch supports 7 TC queues from TC0 for the lowest priority to TC 6 for the highest priority Note To complete QoS function configuration you have to go to the Schedule Mode page to sele...

Page 315: ...se the menu QoS Class of Service Schedule Mode to load the following page Figure 12 10 Schedule Mode Configuration Procedure 1 Select a schedule mode Click Apply 2 Optional Configure the weight value...

Page 316: ...bandwidth for TC0 TC6 Valid bandwidth range is 0 to 100 Total queue minimum bandwidth value is 100 12 2 DiffServ Differentiated Services DiffServ feature allows traffic to be classified into streams...

Page 317: ...in the table Class rules specify the match criteria that belong to a class definition Policy Table The current and maximum number of policy entries in the table The policy determines the traffic condi...

Page 318: ...following page Figure 12 12 Class Summary Configuration Procedure Specify the name type and protocol of the DiffServ Class then click Create Entry Description Name Enter the class name It ranges from...

Page 319: ...lick submit Entry Description Class The name of the class To configure match criteria for a class select its name from the menu L3 Protocol The Layer 3 protocol to use for filtering class types which...

Page 320: ...source MAC address to match the specified MAC address D MAC Select this option to require a packet s destination MAC address to match the specified MAC address S IP Select this option to require the s...

Page 321: ...y Configuration Procedure Create DiffServ policies and specify the traffic flow direction to which the policy is applied Then click Create Entry Description DiffServ Policy Create Name Enter the DiffS...

Page 322: ...ve a DiffServ policy class association and configure the policy attributes Entry Description DiffServ Policy Config Policy The name of the policy To add a class to the policy remove a class from the p...

Page 323: ...t with the same CoS value that is included in the inner tag Mark DSCP Select this option to mark all packets in the associated traffic stream with the specified IP DSCP value Mark Precedence Select th...

Page 324: ...ion you have to go to the Schedule Mode page to select a schedule mode after the configuration is finished on this page 12 2 6 Service Config Choose the menu QoS DiffServ Service Config to load the fo...

Page 325: ...dcast flow on each port to ensure network in working order can be implemented on Rate Limit and Storm Control pages 12 3 1 Rate Limit Rate limit functions to control the egress traffic rate on each po...

Page 326: ...u are suggested to disable the flow control on each port to ensure the switch works normally 12 3 2 Storm Control Storm Control function allows the switch to filter broadcast multicast and UL frame in...

Page 327: ...he packet traffic exceeding the bandwidth will be discarded For gigabit ports valid values are from 1 to 1488000 pps and for ten gigabit ports valid values are from 1 to 14880000 pps Or you can select...

Page 328: ...on Configuration Procedure 1 Enable the voice VLAN feature and enter a VLAN ID 2 Specify a priority for the voice VLAN and click Apply Note 1 Before configuring the voice VLAN you need to create a VLA...

Page 329: ...Enable or disable the administrative mode of OUI based Voice VLAN on the interface Operational Status Displays the current state of the ports that are connected to voice devices Up The corresponding p...

Page 330: ...ansmission of voice traffic Voice over Internet Protocol VoIP enables telephone calls over a data network and the Auto VoIP feature helps provide a classification mechanism for voice packets When Auto...

Page 331: ...mode and enter corresponding interface value choose the CoS override mode and click Apply 3 Configure the corresponding module based on the interface mode Entry Description Admin Mode Enable or disab...

Page 332: ...on the configuration of itself Untagged Instruct the IP phone to send untagged voice traffic Disable Disable the Auto VoIP feature on the interface Interface Value If you have selected VLAN ID or Dot1...

Page 333: ...tion of the switch including three submenus Time Range ACL Config and ACL Binding 13 1 Time Range If a configured ACL is needed to be effective in a specified time range a time range should be firstly...

Page 334: ...any time range entries configured for the time range Absolute Entry Shows whether an absolute time entry is currently configured for the time range Periodic Entry Count The number of periodic time ran...

Page 335: ...atched packets taking the operation specified in the rule without considering the other rules which can enhance the performance of the switch Packets are classified based on match rules in order of th...

Page 336: ...lowing page Figure 13 3 ACL Create Configuration Procedure Enter an ID number in the ACL ID field then click Apply Entry Description ACL ID Enter a number that is used to identify the ACL Rule Order U...

Page 337: ...ID Enter the rule ID Operation Select the operation for the switch to process packets which match the rules Permit Forward packets Deny Discard Packets S MAC Enter the source MAC address contained in...

Page 338: ...o the specific port 13 2 4 Standard IP ACL Standard IP ACLs analyze and process data packets based on a series of match conditions which can be the source IP addresses and destination IP addresses car...

Page 339: ...transmission rate of the data packets Valid values are 1 to 1000000 in Kbps Qos Remark Select QoS Remark to forward the data packets based on the QoS settings S Mirror Select S Mirror to mirror the d...

Page 340: ...t matching criteria Entry Description ACL ID Select a Standard IP ACL from the drop down list Rule ID Enter an ID number that is used to identify the rule It cannot be the same as the existing Standar...

Page 341: ...ence contained in the rule Time Range Select the time range for the rule to take effect S Condition Select S Condition to limit the transmission rate of the data packets Rate The transmission rate of...

Page 342: ...Port Bind Table you can view port binding entries 3 You can also delete existing entries if needed Entry Description Search Options Show Mode Select a show mode appropriate to your needs ACL Vlan Bin...

Page 343: ...L Direction Displays the binding direction 13 3 2 Port Binding On this page you can bind an ACL to a port Choose the menu ACL ACL Binding Port Binding to load the following page Figure13 8 Bind the AC...

Page 344: ...AN ID Then click Apply Entry Description VLAN Bind Config ACL ID Select the ID or name of the ACL you want to bind VLAN ID Enter the ID of the VLAN you want to bind VLAN Bind Table Index Displays the...

Page 345: ...ACL ACL Config configuration pages configure ACL rules to match packets 3 Bind the ACL to the port VLAN Required On ACL ACL Binding configuration pages bind the ACL to the port VLAN to make the ACL ef...

Page 346: ...ndition that you have got the related information of the Hosts in the LAN 2 DHCP Snooping You can use DHCP Snooping functions to monitor the process of the Host obtaining the IP address from DHCP serv...

Page 347: ...he Host MAC Address Displays the MAC Address of the Host VLAN ID Displays the VLAN ID here Port Displays the number of port connected to the Host Source Displays the Source of the entry Protect Type D...

Page 348: ...ated The amount of the PCs always exceeds that of the assigned IP addresses The wireless network and the laptops are widely used and the locations of the PCs are always changed Therefore the correspon...

Page 349: ...o bind the static IP address to the specific Client e g WWW Server via the DHCP Server 2 Automatically assign the IP address DHCP Server assigns the IP address without an expiration time limitation to...

Page 350: ...ynamically For the details of the DHCP Option please refer to RFC 2132 Option 82 records the location of the DHCP Client Upon receiving the DHCP REQUEST packet the switch adds the Option 82 to the pac...

Page 351: ...Attack Implementation Procedure DHCP Snooping feature only allows the port connected to the DHCP Server as the trusted port to forward all types of DHCP packets and thereby ensures that users get pro...

Page 352: ...ecified VLAN 2 Configure Option 82 3 Click Apply Entry Description DHCP Snooping Enable Disable the DHCP Snooping function globally MAC Verify Enable or disable the MAC Verify feature There are two fi...

Page 353: ...eld of the packets with the switch defined one Drop Indicates to discard the packets including the Option 82 field Customization Enable or Disable the switch to define the Option 82 Remote ID Enter th...

Page 354: ...plex network Thus the cheating attacks against ARP such as imitating Gateway cheating Gateway cheating terminal Hosts and ARP Flooding Attack frequently occur to the network especially to the large ne...

Page 355: ...sends the fake ARP packets of Host A to the Gateway and then the Gateway will automatically update its ARP table after receiving the ARP packets When the Gateway tries to communicate with Host A in L...

Page 356: ...N communicate with one another they will send the packets to the attacker according to the wrong ARP table Thus the attacker can get and process the packets before forwarding them During the procedure...

Page 357: ...packets in a network segment to occupy the network bandwidth viciously which results in a dramatic slowdown of network speed Meantime the Gateway learns the false IP address to MAC address mapping en...

Page 358: ...n ARP packet If not the ARP packet will be discarded Validate Destination MAC Enable or disable the switch to check whether the Destination MAC address and the Target MAC address are the same when rec...

Page 359: ...desired member in the stack Select Select your desired port for configuration It is multi optional Port Displays the port number Trust State Enable or disable this port to be a trusted port on which t...

Page 360: ...Procedure 1 In the Auto Refresh section configure the Auto Refresh feature 2 In the Illegal ARP Packet section view the statistics of ARP packets in each VLAN Entry Description Auto Refresh Enable or...

Page 361: ...r configuration It is multi optional Port Displays the port number Security Type Select Security Type for the port Disable Select this option to disable the IP Source Guard feature for the port SIP On...

Page 362: ...emely Scan SYNFIN The attacker sends the packet with its SYN field and the FIN field set to 1 The SYN field is used to request initial connection whereas the FIN field is used to request disconnection...

Page 363: ...iate to your need Choose the menu Network Security DoS Defend DoS Defend to load the following page Figure 14 16 DoS Defend Configuration Procedure Select one or more Defend Types to be enabled and cl...

Page 364: ...thenticator system Normally in the form of a RADIUS server Authentication Server can store user information and serve to perform authentication and authorization To ensure a stable authentication syst...

Page 365: ...r example 1 EAP Relay Mode This mode is defined in 802 1X In this mode EAP packets are encapsulated in higher level protocol such as EAPOR packets to allow them successfully reach the authentication s...

Page 366: ...ADIUS Access Request packet with the locally encrypted password If the two match it will then send feedbacks through a RADIUS Access Accept packet and an EAP Success packet to the switch to indicate t...

Page 367: ...e specified period before it processes another authentication request re initiated by the supplicant system Guest VLAN Guest VLAN function enables the supplicants that do not pass the authentication t...

Page 368: ...and click Apply 14 6 2 Port Config On this page you can configure the 802 1X features for the ports basing on the actual network Choose the menu Network Security 802 1X Port Config to load the followi...

Page 369: ...0 times and the default is 10 times Tx Period Specify the Dot1x transmit period on the specified port to determine when an EAP Request Identity packet is to be transmitted It ranges from 1 to 65535 se...

Page 370: ...n the CD 3 Configure the 802 1X globally Required By default the global 802 1X function is disabled On the Network Security 802 1X Global Config page configure the 802 1X function globally 4 Configure...

Page 371: ...ch means the secure server or the local switch denies the user s access the authentication process stops and no other authentication methods are attempted 802 1X Authentication 802 1X protocol uses th...

Page 372: ...imeout Specify the time interval that the switch waits for the server to reply before resending 14 7 2 TACACS Server Config This page is used to configure the authentication servers running the TACACS...

Page 373: ...listed to authenticate users if that method fails to respond the switch selects the next authentication method in the method list This process continues until there is a successful communication with...

Page 374: ...ed Enable password to verify the user s credentials none No authentication is used line Use the locally configured Line password to verify the user s credentials radius Use the remote RADIUS server se...

Page 375: ...hisoption defines the authentication method for users requiring the administrator privilege Entry Description Module Lists of the configurable applications on the switch Login List Configure an applic...

Page 376: ...Retransmit is 4 times Timeout is 5 seconds TACACA server Communication port is 49 Timeout is 5 seconds Authentication login method list The list contains local and the default login username and passw...

Page 377: ...Station is the workstation for running the SNMP client program providing a friendly management interface for the administrator to manage the most network devices conveniently SNMP Agent Agent is the...

Page 378: ...functions The authentication function is to limit the access of the illegal user by authenticating the senders of packets Meanwhile the encryption function is used to encrypt the packets transmitted b...

Page 379: ...can manage the switch via the client program on management station The specified User Name and the Auth Privacy Password are used for SNMP Management Station to access the SNMP Agent functioning as t...

Page 380: ...ke remote user invaild please re create new remote users 15 1 2 SNMP View The OID Object Identifier of the SNMP packets is used to describe the managed objects of the switch and the MIB Management Inf...

Page 381: ...D of the vew entry 15 1 3 SNMP Group On this page you can configure SNMP Group to control the network access by providing the users in various groups with different management rights via the Read View...

Page 382: ...h the authentication and the privacy security levels are used Read View Select the View to be the Read View The management access is restricted to read only and changes cannot be made to the assigned...

Page 383: ...re15 6 SNMP User Configuration Procedure 1 Specify the user name user type and the group which the user belongs to 2 Set the security model If you have chosen authNoPriv or authPriv as the security le...

Page 384: ...elete the corresponding User It is multi optional User Name Displays the name of the User User Type Displays the User Type Group Name Displays the Group Name of the User Auth Mode Displays the Authent...

Page 385: ...d write and changes can be made to the corresponding View MIB View Select the MIB View for the community to access IP Address Enter the IP address which could connect the SNMP server If null all user...

Page 386: ...Pv1 or SNMPv2c is employed please take the following steps Step Operation Description 1 Create SNMP View Required On the SNMP SNMP Config SNMP View page create SNMP View of the management agent The de...

Page 387: ...inform request if the resending times reach the specified Retry times The Inform type employed on SNMPv2c and SNMPv3 has a higher security than the Trap type The Notification can be configured on the...

Page 388: ...r Specify the user name or community name used by the NMS Security Model Choose the corresponding SNMP version for the NMS The version should be consistent with settings of the user or community v1 Th...

Page 389: ...try time reaches the limit Timeout Set the length of time that the switch waits for a response from the NMS after sending an inform message the default is 100 seconds Set the length of time that the s...

Page 390: ...ge you can configure the traps of SNMP Choose the menu SNMP Notification Traps Config to load the following page Figure15 9 Traps Config Configuration Procedure Configure traps you desire to send to t...

Page 391: ...ceived on a locked port Dot1q Generates a trap when creating or deleting a VLAN Inventory Generates a trap for Inventory Vrrp Generates a trap for Virtual Routing Redundancy Protocol VRRP changes Pim...

Page 392: ...tate database is approaching overflow If State Change Generates a trap when non virtual interface state changes Port Traps Port Displays the port number of the switch Link status Enable or disable lin...

Page 393: ...statistic of alarm variables on the specific ports Alarm Group Alarm Group is configured to monitor the specific alarm variables When the value of a monitored variable exceeds the threshold an alarm e...

Page 394: ...ts Choose the menu SNMP RMON Event to load the following page Figure15 11 Event Config Configuration Procedure Configure the event group for RMON Click Create Entry Description Index Displays the inde...

Page 395: ...alarm type the rising and falling event action and the corresponding threshold of the entry Enter the alarm interval time 3 Enter the owner name 4 Click Create Entry Description Index Displays the in...

Page 396: ...83647 Falling Event Select the index of the corresponding event which will be triggered if the sampled value is lower than the Falling Threshold Falling Threshold Enter the falling counter value that...

Page 397: ...arn about the neighbors allowing for interoperability between the network devices of different vendors This protocol allows two systems running different network layer protocols to learn about each ot...

Page 398: ...comes back to the regular interval 3 LLDPDU receipt mechanism When a port is working in TxRx or Rx mode the device will check the validity of the received LLDPDUs and the attached TLVs save this neig...

Page 399: ...ies the main functions of the system and the functions enabled Optional 8 Management Address Identifies the management IP address the corresponding interface number and OID Object Identifier The manag...

Page 400: ...entities to assist discovery by network management Port VLAN ID TLV The Port VLAN ID TLV allows a VLAN bridge port to advertise the port s VLAN identifier PVID that will be associated with untagged o...

Page 401: ...mitted on behalf of this LLDP agent Hold Multiplier This parameter is a multiplier on the Transmit Interval that determines the actual TTL Time To Live value used in an LLDPDU TTL Hold Multiplier Tran...

Page 402: ...the settings effective Entry Description UNIT Select the unit ID of the desired member in the stack Select Select the desired entry for configuration It is multi optional Port Displays the port number...

Page 403: ...LLDP Device Info Local Info to load the following page Figure 16 3 Local Information Configuration Procedure 1 Choose Enable or Disable Auto Refresh according to your needs 2 Select the desired port...

Page 404: ...the recipient LLDP agent is to regard the information associated with this chassis ID and port ID identifier to be valid Port Description Displays local port s description System Name Indicates local...

Page 405: ...the auto refresh rate UNIT Select the unit ID of the desired member in the stack System Name Displays the system name of the neighbor device Chassis ID Displays the Chassis ID of the neighbor device S...

Page 406: ...e Total Drops Displays the number of neighbors dropped by local device Total Ageouts Displays the number of overtime neighbors in local device UNIT Select the unit ID of the desired member in the stac...

Page 407: ...ed of three defined Classes Class I Class II and Class III Generic Endpoint Device Class I The most basic class of Endpoint Device Media Endpoint Device Class II The class of Endpoint Device that supp...

Page 408: ...t start mechanism is activated multiple LLDP MED frames will be transmitted the number of frames equals this parameter LLDP MED fast start mechanism will be activated when LLDP MED status changes from...

Page 409: ...ration Configuration Procedure 1 Select your desired port and enable LLDP MED Then click Apply to make the settings effective 2 Click Detail to configure the included TLVs in outgoing LLDPDU on the fo...

Page 410: ...Detail button to display the included TLVs and select the desired TLVs 16 4 3 Local Info On this page you can view all ports LLDP MED configuration Choose the menu LLDP LLDP MED Local Info to load th...

Page 411: ...LAN VLAN identifier VID for the port Media Policy Layer 2 Priority Displays the Layer 2 priority to be used for the specified application type Media Policy DSCP Displays the DSCP value to be used to p...

Page 412: ...sable the auto refresh function Refresh Rate Specify the auto refresh rate Unit Select the unit ID of the desired member in the stack Device Type Displays the device type of the neighbor Application T...

Page 413: ...t whether the destination device is reachable and detect the route hops from the switch to the destination device 17 1 System Monitor System Monitor functions to display the utilization status of the...

Page 414: ...ber in the stack Click the Monitor button to enable the switch to monitor and display its Memory utilization rate every four seconds 17 2 Log The Log system of switch can record classify and manage th...

Page 415: ...utput to two directions namely log buffer and log file The information in log buffer will be lost after the switch is rebooted or powered off whereas the information in log file will be kept effective...

Page 416: ...ys the content of the log information Note 1 There are 8 severity levels marked with value 0 7 The smaller value has the higher priority 2 This page displays logs in the log buffer and at most 1024 lo...

Page 417: ...orted on the Maintenance Log Backup Log page Severity Specify the severity level of the log information output to each channel Only the log with the same or smaller severity level value will be output...

Page 418: ...th the same or smaller severity level value will be sent to the corresponding log host Status Displays the status of the corresponding log host Note The Log Server software is not provided If necessar...

Page 419: ...ck functions for device diagnose 17 3 1 Cable Test Cable Test functions to test the connection status of the cable connected to the switch which facilitates you to locate and diagnose the trouble spot...

Page 420: ...The result is more reasonable when the cable pair is in the open status 3 The test result is just for your information 4 If the port is 100Mbps and its connection status is normal cable test cannot ge...

Page 421: ...address of the destination node for Ping test Ping Times Enter the amount of times to send test data during Ping testing The default value is recommended Data Size Enter the size of the sending data d...

Page 422: ...section enter the IP address of the destination set the max hop and then click Tracert to start the test 2 In the Tracert Result section check the test results Entry Description Destination IP Enter t...

Page 423: ...into IP addresses Dynamic Host Control Protocol DHCP Provides a framework for passing configuration information to hosts on a TCP IP network DHCP is based on the Bootstrap Protocol BOOTP adding the ca...

Page 424: ...y requiring users to first enter a user ID and password for authentication IEEE 802 3ac Defines frame extensions for VLAN tagging IEEE 802 3x Defines Ethernet frame start stop requests and timers used...

Page 425: ...converts it into a fixed string of digits also called a message digest Network Time Protocol NTP NTP provides the mechanisms to synchronize time across the network The time servers operate in a hiera...

Page 426: ...ong the shortest available path maximizing the performance and efficiency of the network Telnet Defines a remote communication facility for interfacing to a terminal device over TCP IP Transmission Co...

Page 427: ...quipment has been tested and found to comply with the limits for a Class A digital device pursuant to part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmfu...

Page 428: ...res EU declaration of conformity TP Link hereby declares that the device is in compliance with the essential requirements and other relevant provisions of directives 2014 30 EU 2014 35 EU 2009 125 EC...

Page 429: ...tion when operating the device We cannot guarantee that no accidents or damage will occur due to improper use of the device Please use this product with care and operate at your own risk Pb Cd Hg CrVI...

Page 430: ...electrical and electronic equipment WEEE This means that this product must be handled pursuant to European directive 2012 19 EU in order to be recycled or dismantled to minimize its impact on the envi...

Reviews:

No comments

Related manuals for T3700G-28TQ

Brand: Abocom Pages: 1

Brand: Cambium Networks Pages: 68

Brand: CAME Pages: 4

Brand: Cambium Networks Pages: 110

Brand: Tait Pages: 41

Brand: Tait Pages: 149

Brand: Tait Pages: 132

Brand: Vega Pages: 2

Brand: Vega Pages: 11

Brand: Waterpik Pages: 2

Brand: Conrad Electronic Pages: 24

Brand: Becker Pages: 52

NexXxoS CPX PHI-M01

Brand: Alphacool Pages: 3

Brand: Ubiquiti Pages: 20

Brand: AMG Systems Pages: 2

Brand: Colzer Pages: 8

HYGRASGARD ESFF-I

Brand: S+S Regeltechnik Pages: 16

Brand: Barazza Pages: 8

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands