D-Link DES-3528 - xStack Switch - Stackable Скачать руководство пользователя | Manualshive

Страница: 1 / 322

background image

®

User Manual

Product Model:

xStack

®

DES-3528/DES-3552 Series

Layer 2 Managed Stackable Fast Ethernet Switch

Release 2.0

1
2
3
...
»

Содержание DES-3528 - xStack Switch - Stackable

Страница 1: ...User Manual Product Model xStack DES 3528 DES 3552 Series Layer 2 Managed Stackable Fast Ethernet Switch Release 2 0...

Страница 2: ...sion of D Link Corporation is strictly forbidden Trademarks used in this text D Link and the D LINK logo are trademarks of D Link Corporation Microsoft and Windows are registered trademarks of Microso...

Страница 3: ...r Accounts 23 System Log Configuration 24 System Log Settings 24 System Log Server 25 System Severity Settings 26 DHCP Relay 27 DHCP Relay Global Settings 27 DHCP Relay Interface Settings 30 DHCP Rela...

Страница 4: ...ble 50 SNMP Engine ID 50 SNMP Trap Configuration 51 sFlow 51 sFlow Global State Settings 51 sFlow Analyzer Server Settings 52 sFlow Flow Sampler Settings 52 sFlow Counter Poller Settings 53 Stacking 5...

Страница 5: ...gs 93 Port Trunking 94 LACP Port Settings 96 Traffic Segmentation 97 IGMP Snooping 98 IGMP Snooping Settings 98 IGMP Snooping Rate Limit Settings 100 IGMP Snooping Static Group Settings 101 IGMP Multi...

Страница 6: ...ormation 131 LLDP Remote Port Information 132 CFM 133 CFM Port Settings 133 CFM CCM PDUs Forwarding Mode 133 CFM MPs Reply LTRs 134 CFM Mipccm List 134 Connectivity Fault Management Settings 135 CFM L...

Страница 7: ...163 CoS Bandwidth Control Settings 164 SRED 165 SRED Settings 165 SRED Drop Counter 166 DSCP Trust Settings 167 DSCP Map Settings 168 802 1p Map Settings 170 Security 171 Safeguard Engine 171 Trusted...

Страница 8: ...nable Password Settings 207 RADIUS Accounting Services 208 MAC based Access Control 209 MAC based Access Control Settings 209 MAC based Access Control Local Settings 211 Web Authentication 212 Web bas...

Страница 9: ...Session Statistics 279 Authenticator Diagnostics 280 Browse ARP Table 282 Browse Route Table 282 Browse VLAN 282 Show VLAN Ports 283 Browse Voice VLAN Device 283 Browse DHCP Server Dynamic Binding 28...

Страница 10: ...stem Log 293 Save Services and Tools 294 Save Configuration ID 1 294 Save Configuration ID 2 295 Save Log 295 Save All 295 Configuration File Backup Restore 296 Upload Log File 296 Reset 296 Download...

Страница 11: ...mands For example use the copy command Boldface T ypewriter Font Indicates commands and responses to prompts that must be typed exactly as printed in the manual Initial capital letter Indicates a wind...

Страница 12: ...different ways to access the same internal switching software and configure it Thus all settings encountered in web based management are the same as those found in the console program Login to Web Man...

Страница 13: ...described in the table Figure 1 2 Main Web Manager page Area Function Area 1 Select the folder or window to be displayed The folder icons can be opened to display the hyperlinked window buttons and s...

Страница 14: ...king LACP Port Settings Traffic Segmentation IGMP Snooping MLD Snooping Port Mirror Loopback Detection Settings BPDU Attack Protection Settings Spanning Tree Forwarding Filtering LLDP CFM and Ethernet...

Страница 15: ...nts System Log Configuration System Severity Settings DHCP Relay DHCP Local Relay Settings DHCP Auto Configuration Settings MAC Address Aging Time Web Settings Telnet Settings Password Encryption Clip...

Страница 16: ...dition this window displays the status of functions on the Switch to quickly assess their current global status Some functions are hyper linked to their configuration window for easy access from the D...

Страница 17: ...ress has not yet been changed read the introduction of the DES 3528 DES 3552 Series CLI Manual for more information Click Configuration IP Address to display the following window Figure 2 4 IP Address...

Страница 18: ...the Switch These fields should be of the form xxx xxx xxx xxx where each xxx is a number represented in decimal form between 0 and 255 This address should be a unique address on the network assigned f...

Страница 19: ...xStack DES 3528 DES 3552 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 18...

Страница 20: ...e Toggle this field to either enable or disable a given port or group of ports Speed Duplex Toggle the Speed Duplex field to either select the speed and duplex half duplex state of the port Auto denot...

Страница 21: ...ther configuration will result in a link down status for both ports Flow Control Displays the flow control scheme used for the various port configurations Ports configured for full duplex use 802 3x f...

Страница 22: ...hould be nominated Copper The result will be displayed in the appropriate switch port number slot C for copper ports and F for fiber ports Figure 2 6 Port Description window The following parameters c...

Страница 23: ...static entries are defined a permanent entry is entered and is used to translate IP address to MAC addresses To view this window click Configuration Static ARP Settings Figure 2 8 Static ARP Settings...

Страница 24: ...cation method of the Switch or through the Access Authentication Control feature discussed later in this document Once the user has logged in to the Switch in the Operator level certain security scree...

Страница 25: ...Yes Yes No Factory Reset Yes No No User Account Management Add Update Delete User Accounts Yes No No View User Accounts Yes No No Table 2 1 Admin Operator and User Privileges System Log Configuration...

Страница 26: ...ssigned Facility values Processes and daemons that have not been explicitly assigned a Facility may use any of the local use facilities or they may use the user level Facility Those Facilities that ha...

Страница 27: ...scribed below Parameter Description System Severity Choose how the alerts are used from the drop down menu Select Log to send the alert of the Severity Type configured to the Switch s log for analysis...

Страница 28: ...ered the Switch will not process the value in the seconds field of the BOOTP or DHCP packet If a non zero value is entered the Switch will use that value along with the hop count to determine whether...

Страница 29: ...enables or disables the DHCP option 60 state When option 60 is enabled if the packet does not have option 60 then the relay servers cannot be determined based on option 60 As a result the relay server...

Страница 30: ...e Module is always 0 For a stackable switch the Module is the Unit ID g Port The incoming port number of DHCP client packet port number starts from 1 Remote ID sub option format default 1 2 3 4 5 2 8...

Страница 31: ...t will be connected directly to the Server Server IP Enter the IP address of the DHCP server Up to four server IPs can be configured per IP Interface DHCP Relay Option 60 Default Settings This window...

Страница 32: ...elow Figure 2 17 DHCP Relay Option 60 Settings window The following parameters may be configured Parameter Description String Enter the specified string up to a maximum of 255 alphanumeric characters...

Страница 33: ...add a rule to the relay server based on option 61 The matching rule can be based on either the MAC address or the user specified string Only one relay server can be specified for a MAC address or a st...

Страница 34: ...autoconfiguration function on the Switch will load a previously saved configuration file for current use When DHCP autoconfiguration is Enabled on the Switch the DHCP reply will contain a configurati...

Страница 35: ...t for the web protocol is 80 To access this table click Configuration Web Settings Figure 2 23 Web Settings window Telnet Settings Telnet configuration is Enabled by default If you do not want to allo...

Страница 36: ...reen allows the user to view information about current firmware images stored on the Switch To access this table click Configuration Firmware Information Figure 2 27 Firmware Information window This w...

Страница 37: ...own for users that are unidentified Dual Configuration Settings The following window is used to manage configuration information in the Switch The DES 3528 DES 3552 Series has the capability to store...

Страница 38: ...ve the circuit ID tag from the received PPPoE offer and session confirmation packet To view this window click Configuration PPPoE Circuit ID Insertion Settings as shown below Figure 2 29 PPPoE Circuit...

Страница 39: ...or are displayed Parameter Description Status SNTP State Use the radius button to select an Enabled or Disabled SNTP state Current Time Displays the Current Time set on the Switch Time Source Displays...

Страница 40: ...able the DST Settings Daylight Saving Time Offset in Minutes Use this pull down menu to specify the amount of time that will constitute your local DST offset 30 60 90 or 120 minutes Time Zone Offset f...

Страница 41: ...ober 14 From Month Enter the month DST will start on each year From Day Enter the day of the week DST will start on each year From Time in HH MM Enter the time of day DST will start on each year To Mo...

Страница 42: ...notification Up to 500 entries can be specified Click Apply to implement changes MAC Notification Port Settings To configure the MAC Notification Port Settings for the Switch click Configuration M AC...

Страница 43: ...t and secondly if the per port power consumption exceeds the per port power limit Active circuit protection automatically disables the port if there is a short Other ports will remain active Based on...

Страница 44: ...Port or Deny Low Priority Port to offset the power limit being exceeded and keeps the Switch s power at a usable level Use the drop down menu to select a Power Disconnect Method The default Power Disc...

Страница 45: ...of supplying power Whether the disconnect method is set to deny low priority port the priority of each port will be used by the system to manage the supply of power to ports Power Limit This function...

Страница 46: ...Switch allows groups of users to be listed and configured with a shared set of privileges The SNMP version may also be set for a listed group of SNMP managers Thus you may create a group of SNMP mana...

Страница 47: ...B objects can be accessed by a remote SNMP manager To configure SNMP View Settings for the Switch click Configuration SNMP Settings SNMP View Table Figure 2 38 SNMP View Table window The following par...

Страница 48: ...ceive SNMP trap messages generated by the Switch s SNMP agent User based Security Model SNMPv1 Specifies that SNMP version 1 will be used SNMPv2 Specifies that SNMP version 2c will be used The SNMPv2...

Страница 49: ...MP V3 Encryption None Indicates that there is no SNMP V3 Encryption Password Indicates that there is SNMP V3 Encryption through a password Key Indicates that there is SNMP V3 Encryption through a key...

Страница 50: ...munity entries click Configuration SNMP Settings SNMP Community Table Figure 2 41 SNMP Community Table window The following parameters can set Parameter Description Community Name Type an alphanumeric...

Страница 51: ...P version 2 will be used SNMPV3 To specify that the SNMP version 3 will be used Security Level NoAuthNoPriv To specify a NoAuthNoPriv security level AuthNoPriv To specify an AuthNoPriv security level...

Страница 52: ...echnology for monitoring traffic in data networks containing switches and routers The sFlow monitoring system consists of an sFlow Agent embedded in a switch or router or in a standalone probe and a c...

Страница 53: ...d out When the analyzer server times out all of the flow samplers and counter pollers associated with this analyzer server will be deleted Infinite indicates that the analyzer server will never time o...

Страница 54: ...lated and forwarded to the server Click Apply to implement the changes made sFlow Counter Poller Settings This window is used to create the sflow counter poller settings on the Switch Within the sflow...

Страница 55: ...roles exist when stacking with the DES 3528 DES 3552 Series NOTE Only ports 27 and 28 of the DES 3528 Series or ports 51 and ports 52 of DES 3552 support stacking The other ports cannot be used for st...

Страница 56: ...et on the newly added switch such as configured priority or MAC address Yet if adding two stacks together that have both previously undergone the election process and therefore both have a Primary Mas...

Страница 57: ...Description Stacking Mode Click Enabled or Disabled to enable or disable the stacking function Current Box ID Use the dorp down menu to identify the Switch being configured The box ID is 1 8 New Box...

Страница 58: ...S The SIM group is a group of switches that are managed as a single entity SIM switches may take on three different roles 1 Commander Switch CS This is a switch that has been manually configured as th...

Страница 59: ...scovery process cannot occur 3 This version will support multiple switch upload and downloads for firmware configuration files and log files as follows Firmware The switch now supports multiple MS fir...

Страница 60: ...terval 30 90 The user may set the discovery protocol interval in seconds that the Switch will send out discovery packets Returning information to a Commander Switch will include information about othe...

Страница 61: ...identify it Remote Port Displays the number of the physical port on the CS that the MS or CaS is connected to The CS will have no entry in this field Speed Displays the connection speed between the C...

Страница 62: ...Single IP Management Group are connected to other groups and devices Possible icons in this screen are as follows Icon Description Group Layer 2 commander switch Layer 3 commander switch Commander swi...

Страница 63: ...ing the mouse cursor over a specific device in the topology window tool tip will display the same information about a specific device as the Tree view does See the window below for an example Figure 2...

Страница 64: ...s in the SIM group configured by the user If no Device Name is configured by the name it will be given the name default and tagged with the last six digits of the MAC Address to identify it Module Nam...

Страница 65: ...y To pop up a window to display the group information Member Switch Icon Figure 2 62 Right Clicking a Member icon The following options may appear for the user to configure Collapse To collapse the gr...

Страница 66: ...indow contains a menu bar for device configurations as seen below Figure 2 65 Menu Bar of the Topology View The five menus on the menu bar are as follows File Print Setup Will view the image to be pri...

Страница 67: ...re Upgrade Figure 2 68 Firmware Upgrade window Configuration File Backup Restore This screen is used to upgrade configuration files from the Commander Switch to the Member Switch using a TFTP server M...

Страница 68: ...Layer 2 Stackable Fast Ethernet Managed Switch User Manual 67 save this file Click Upload to initiate the file transfer To view this window click Configuration Single IP Management Upload Log File Fig...

Страница 69: ...t Mirror Loopback Detection Settings BPDU Attack Protection Settings Spanning Tree Forwarding Filtering LLDP CFM Ethernet OAM The following section will aid the user in configuring Layer 2 functions f...

Страница 70: ...s given the lowest priority for delivery Strict mode and weighted round robin system are employed on the Switch to determine the rate at which the queues are emptied of packets The ratio used for clea...

Страница 71: ...l connection and allows Spanning Tree to be enabled on all ports and work normally The IEEE 802 1Q standard restricts the forwarding of untagged packets to the VLAN of which the receiving port is a me...

Страница 72: ...Q compliant Unfortunately not all network devices are 802 1Q compliant These devices are referred to as tag unaware 802 1Q devices are referred to as tag aware Prior to the adoption of 802 1Q VLANs po...

Страница 73: ...Q tag from all packets that flow into and out of those ports If the packet doesn t have an 802 1Q VLAN tag the port will not alter the packet Thus all packets received by and forwarded by an untagging...

Страница 74: ...If Port 10 is not a member of VLAN 2 then the packet will be dropped by the Switch and will not reach its destination If Port 10 is a member of VLAN 2 the packet will go through This selective forward...

Страница 75: ...r the example below Figure 3 5 Double VLAN Example In this example the Service Provider Access Network switch Provider edge switch is the device creating and configuring Double VLANs with different SP...

Страница 76: ...7 All packets sent from the CPU to the Access ports must be untagged 8 The following functions will not operate when the switch is in Double VLAN mode Guest VLANs Web based Access Control IP Multicas...

Страница 77: ...e new VLAN See the table below for a description of the parameters in the new menu NOTE The Switch supports up to 4k static VLAN entries Figure 3 8 802 1Q VLAN window Edit window The following fields...

Страница 78: ...will designate the port as untagged Forbidden Select this to specify the port as not being a member of the VLAN and that the port is forbidden from becoming a member of the VLAN dynamically Not Membe...

Страница 79: ...h to send out GVRP packets to outside sources notifying that they may join the existing VLAN Port List e g 1 5 Allows an individual port list to be added or deleted as a member of the VLAN Tagged Spec...

Страница 80: ...ice VLAN An IP phone and a PC connect to a HUB and the HUB connects to a switch that supports voice VLAN The received untagged traffic by the switch can come from the IP phone or the PC The switch che...

Страница 81: ...C address of this voice device is aged out the voice VLAN aging timer will be started The port will be removed from the voice VLAN after expiration of voice VLAN aging timer Trap Log Use the pull down...

Страница 82: ...ngs This window allows the user to configiure the user defined voice traffic s OUI There are some pre defined OUIs and when the user configures personal OUI these pre defined OUIs must be avoided Foll...

Страница 83: ...based VLAN The IP address of customer A is 172 18 0 1 and IP address of customer B is 172 18 0 2 Both of them connect to the same port of the Switch through a HUB Customers can access Internet through...

Страница 84: ...net VLAN Subnet VLAN Settings as shown below Figure 3 16 Subnet VLAN Settings window The following parameters can be configured Parameter Description VLAN Name The VLAN Name to be associated with the...

Страница 85: ...lassification will be processed first If subnet based VLAN classification fails the MAC based VLAN classification will be executed To view this window click L2 Features Subnet VLAN VLAN Precedence Set...

Страница 86: ...ce provider network may have VLAN ranges that overlap which might cause traffic to become mixed up So assigning a unique range of VLAN IDs to each customer might cause restrictions on some of their co...

Страница 87: ...Priority Use Inner Priority This is the priority given to the inner tag that is copied to the outer tag if this setting is enabled Add Inner Tag hex 0x1 0xffff Deselect Disabled and enter an inner tag...

Страница 88: ...up Settings supports multiple VLANs for each protocol and allows the user to configure the untagged ports of different protocols on the same physical port For example it allows the user to configure a...

Страница 89: ...in the Switch which is used to determine the CoS queue to which packets are forwarded to Once this field is specified packets accepted by the Switch that match this priority are forwarded to the CoS...

Страница 90: ...LAN has been configured with redirect ports To view this window click L2 Features RSPAN Settings as shown below Figure 3 22 RSPAN Settings window Enter the VLAN Name or VID and click Create To remove...

Страница 91: ...ecify the range of ports that will be included in the Port based VLAN that you are creating using the 802 1Q Port Settings window PVID The read only field in the 802 1Q Port Table shows the current PV...

Страница 92: ...time between the Switch receiving the information about becoming a member of the group and actually joining the group The default is 200 Leave Time 100 100000 The time in milliseconds that specifies t...

Страница 93: ...ering it into the MAC Address field VID 1 4094 VLAN Name Enter the VID or VLAN name of a previously configured VLAN Click Find Add or Delete All for changes to take affect PVID Auto Assign Settings Th...

Страница 94: ...tagged frames with any VID To view this window click L2 Features VLAN Trunk Settings Figure 3 29 VLAN Trunk Settings window The following fields can be set Parameter Description VLAN Trunk Global Stat...

Страница 95: ...trunk group This allows packets in a data stream to arrive in the same order they were sent NOTE If any ports within the trunk group become disconnected packets intended for the disconnected port wil...

Страница 96: ...STP will block one entire group in the same way STP will block a single port that has a redundant link To view the Trunking Settings window click L2 Features Port Trunking Figure 3 31 Port Trunking w...

Страница 97: ...arting with the selected port Activity Active Active LACP ports are capable of processing and sending LACP control frames This allows LACP compliant devices to negotiate the aggregated link so the gro...

Страница 98: ...other ports on that switch Select a port number from the drop down menu to display the forwarding ports To configure new forwarding ports for a particular port select a port from the menu and click Ap...

Страница 99: ...lder When enabled for IGMP snooping the Switch can open or close a port to a specific multicast group member based on IGMP messages sent from the device to the IGMP host or vice versa The Switch monit...

Страница 100: ...a Driven Group Expiry Time 1 65535 Allows the user to set the time that an IGMP Snooping data driven learning group will expire for the specified VLAN Default 260 Querier State Choose Enabled to enabl...

Страница 101: ...w click L2 Features IGMP Snooping IGMP Snooping Rate Limit Settings as shown below Figure 3 36 IGMP Snooping Rate Limit Settings window The following parameters can be configured Parameter Description...

Страница 102: ...mation and click Find To remove an entry enter the appropriate information and click Delete To modify an IGMP static group entry click the corresponding Edit button in the table To delete an IGMP stat...

Страница 103: ...to enable or disable multicast VLAN for the chosen VLAN ISM Forward Unmatched When the Switch receives an IGMP packet it will match the packet against the multicast profile to determine the multicast...

Страница 104: ...ofile Name drop down menu and click Add The new information will be displayed in the table Click Show IGMP Snooping Multicast VLAN Entries to return to the IGMP Snooping Multicast VLAN Settings window...

Страница 105: ...the ports or VLAN ID on the Switch that will be involved in the Limited IP Multicast Range The user can configure the range of ports or VLAN ID that will send or receive the multicast packets To confi...

Страница 106: ...t F iltering M ode enables the user to configure the VLANs on the switch that will be involved in the Multicast Filtering Mode To configure these settings click L2 F eatures I GMP S nooping Multicast...

Страница 107: ...Control Packet Settings is used to discard the Layer 3 control packets sent to CPU from specific ports Figure 3 49 Method of dealing with the specified packet The above figure displays how the Switch...

Страница 108: ...st group data MLD Control Messages Three types of messages are transferred between devices using MLD snooping These three messages are all defined by three ICMPv6 packet headers labeled 130 131 and 13...

Страница 109: ...s for an existing entry click the corresponding Edit button which will display the following window Figure 3 52 MLD Snooping Settings Edit window The following parameters may be viewed or modified Par...

Страница 110: ...rameter allows the user to enable the Fast Leave function When enabled this function will allow members of a multicast group to leave the group immediately without the implementation of the Last Membe...

Страница 111: ...MLD Snooping Rate Limit Settings window The following parameters may be viewed or modified Parameter Description Port List Specifies a port or range ports to configure or display VLAN List Specifies...

Страница 112: ...ch to configure the MLD snooping static group information Click Create to create a new entry To search for an entry enter the information and click Find To view all previously configured entries click...

Страница 113: ...VLAN the user wishes to modify the MLD Snooping Settings for VID 2 4094 This is the VLAN ID that along with the VLAN Name identifies the VLAN the user wishes to modify the MLD Snooping Settings for St...

Страница 114: ...9 Port Mirror window To configure a mirror port 1 Change the status to Enabled 2 Select the Source Port from where you want to the frames to come from 3 Select the Target Port which receives the copie...

Страница 115: ...s function using the pull down menu To view this window click L2 Features Loopback Detection Settings Figure 3 60 Loopback Detection Settings window Parameter Description State Use the drop down menu...

Страница 116: ...Parameter Description BPDU Protection Global State Use the drop down menu to enable or disable BPDU Attack Protection setting The default is Disabled Trap Status Select the trap status choose None At...

Страница 117: ...Port Transition States An essential difference between the three protocols is in the way ports transition to a forwarding state and in the way this transition relates to the role of the port forwardi...

Страница 118: ...will be protected against a loop occurring between switches Once a BPDU packet returns to the Switch this function will detect that there is an anomaly occurring and will place the receiving port in...

Страница 119: ...on does not endlessly circulate through redundant paths in the network preventing the effective propagation of the new information Set by the Root Bridge this value will aid in determining that the Sw...

Страница 120: ...packet and the information held for the port will age out The user may set a hop count from 6 to 40 The default is 20 NNI BPDU Address Configure NNI port address dot1d Specifies GVRP s bpdu MAC addre...

Страница 121: ...or the group Redundant links will be blocked just as redundant links are blocked on the switch level The STP on the switch level blocks redundant links between switches and similar network devices The...

Страница 122: ...cannot have p2p status Auto allows the port to have p2p status whenever possible and operate as if the p2p status were true If the port cannot maintain this status for example if the port is forced t...

Страница 123: ...icular MSTI Type This field allows the user to choose a desired method for altering the MSTI settings The user has two choices Add VID Select this parameter to add VIDs to the MSTI ID in conjunction w...

Страница 124: ...lues mean higher priorities for forwarding packets To view the following window click L2 Features Spanning Tree MSTP Port Information Figure 3 67 MSTP Port Information window The following parameters...

Страница 125: ...ets will be statically forwarded This must be a unicast MAC address Drop Port Select Drop to drop the MAC address or select Port and enter the port number on which the MAC address entered above reside...

Страница 126: ...information distributed via this protocol is stored by its recipients in a standard Management Information Base MIB making it possible for the information to be accessed by a Network Management System...

Страница 127: ...d on the port from an LLDP neighbor To set the LLDP Notification Interval enter a value in seconds 5 to 3600 Click Apply to implement changes made LLDP Port Settings To view this window Click L2 Featu...

Страница 128: ...ce that you want to add Action Used to Enable or Disable the advertise management address function base port Click Apply to implement changes made LLDP Management Address List To view this window Clic...

Страница 129: ...andatory data types cannot be disabled There are also four data types which can be optionally selected These include Port Description System Name System Description and System Capability To view this...

Страница 130: ...ick L2 Features LLDP LLDP Dot1 TLVs Settings Figure 3 74 LLDP Dot1 TLVs Settings window The following parameters can be set Parameter Description From Port To Port Use the pull down menu to select a r...

Страница 131: ...3 link to be configured with different duplex and or speed settings and still establish some limited network connectivity More precisely the information includes whether the port supports the auto neg...

Страница 132: ...half of the table To view this window click L2 Features LLDP LLDP Statistics System Figure 3 76 LLDP Statistics System window LLDP Local Port Information LLDP Local Port Information window displays th...

Страница 133: ...w To return to the LLDP Local Port Information window click the Back button LLDP Remote Port Information This window displays port information learned from the neighbor The switch receives packets fro...

Страница 134: ...age CCM Loopback Message and Response LBM LBR and Linktrace Message and Response LTM and LTR CFM Port Settings This table is used to enable or disable the connectivity fault management function on a p...

Страница 135: ...able the CFM maintenance point reply Linktrace Response on the Switch To view this window click L2 Features CFM CFM MPs Reply LTRs as shown below Figure 3 84 CFM MPs Reply LTRs window Select Enable or...

Страница 136: ...ish to create Level Enter the maintenance domain level Connectivity Fault Management Settings MD MD Enter the maintenance domain name you wish to configure MIP This setting controls the creation of MI...

Страница 137: ...End Point between 1 and 8191 MD Max 22 characters The Maintenance Domain Name MA Max 22 characters The Maintenance Association Name MAC Address The destination MAC address LBMs Number 1 65535 The numb...

Страница 138: ...ters can be configured Parameter Description MEP Name The name of the Maintenance End Point MEP ID 1 8191 The ID for the Maintenance End Point between 1 and 8191 MD Name The Maintenance Domain Name MA...

Страница 139: ...r List window The following parameters can be configured Parameter Description Port List e g 1 5 10 Specifies which ports counter to show Tick All Ports and all ports will be shown State This drop dow...

Страница 140: ...drop down menu to specify the port number Level 0 7 Specifies the MD Level If not specified all levels are shown Direction Tick the check box and select Inward or Outward facing MEP VLAN ID The VLAN...

Страница 141: ...w this window click L2 Features Ethernet OAM Ethernet OAM Settings as shown below Figure 3 93 Ethernet OAM Settings window The following parameters can be configured Parameter Description From Port To...

Страница 142: ...be configured Link Event Configures the Ethernet OAM critical link event Specify Link Monitor or Critical Link Event Link Monitor Indicates that the OAM entity can send and receive Event Notification...

Страница 143: ...nitially be set using the console interface prior to connecting to it through the Ethernet If the Switch IP address has not yet been changed read the introduction of the DES 3528 DES 3552 Series CLI M...

Страница 144: ...d to this IP interface VLAN Name This field states the VLAN Name directly associated with this interface Interface Admin State Use the pull down menu to enable or disable the IP interface Proxy ARP St...

Страница 145: ...ddress to MAC address mapping and other hosts still had the old mapping in their ARP cache To view this window click L3 Features Gratuitous ARP Gratuitous ARP Global Settings as shown below Figure 4 5...

Страница 146: ...configure the interval for the periodical sending of gratuitous ARP request packets By default the interval is 0 Click Apply to implement changes made ARP Spoofing Prevention Settings ARP spoofing al...

Страница 147: ...server usually maintained by an ISP Domain Name Resolution The domain name system can be used by contacting the name servers one at a time or by asking the domain name system to do the complete name...

Страница 148: ...implement changes made DNS Relay Static Settings To view this window click L3 Features DNS Relay DNS Relay Static Settings which will open the DNS Relay Static Settings window as seen below Figure 4...

Страница 149: ...ire a static IP address To begin configuring the Switch as a DHCP Server open the L3 Features folder then the DHCP Server folder which will display five links to aid the user in configuring the DHCP s...

Страница 150: ...alf of the window as shown below Figure 4 11 DHCP Server Excluded Address Settings DHCP Server Pool Settings The following windows will allow users to create and then set the parameters for the DHCP P...

Страница 151: ...ext Server This field is used to identify the IP address of the device that has the previously stated boot file DNS Server Address Enter the IP address of a DNS server that is available to the DHCP cl...

Страница 152: ...parameters may be configured Parameter Description Pool Name Enter the name of the DHCP pool within which will be created a manual DHCP binding entry IP Address Enter the IP address to be statically b...

Страница 153: ...protocols along with other pertinent information Next the administrator must configure the Policy Route window to be enabled for this Access Profile and its associated rule and the Next Hop Router s I...

Страница 154: ...ify this policy route Profile ID 1 14 Enter the Profile ID number of the Access Profile previously created which will be used to identify packets as following this Policy Route This access profile alo...

Страница 155: ...ng Advantages of QoS QoS is an implementation of the IEEE 802 1p standard that allows network administrators a method of reserving bandwidth for important functions that require a large bandwidth or h...

Страница 156: ...ministrator instructs the Switch to examine packets for this tag acquires the tagged packets and maps them to a class queue on the Switch Then in turn the administrator will set a priority for this qu...

Страница 157: ...e sent in the following sequence A1 B1 C1 D1 E1 F1 G1 H1 A2 B2 C2 D2 E2 F2 G2 A3 B3 C3 D3 E3 F3 A4 B4 C4 D4 E4 A5 B5 C5 D5 A6 B6 C6 A7 B7 A8 A1 B1 C1 D1 E1 F1 G1 H1 For weighted round robin queuing if...

Страница 158: ...limited bandwidth Rate This field allows you to enter the data rate in Kbits per second that will be the limit for the selected port The value must be a multiple of 64 between 64 and 1024000 Click App...

Страница 159: ...acket storm discontinues before the Countdown timer expires the port will again allow all incoming traffic If this field times out and the packet storm continues the port will be placed in a Shutdown...

Страница 160: ...ngs for this field are 0 5 30 minutes 0 is disable forever state port will not enter shutdown forever mode Time Interval The Interval will set the time between Multicast and Broadcast packet counts se...

Страница 161: ...to any given port on the Switch The priority queues are numbered from 0 the lowest priority to 7 the highest priority Click Apply to implement your settings The following information is displayed in...

Страница 162: ...the assignment of a user priority to each of the 802 1p priorities To view this window click QoS 802 1p User Priority Figure 5 6 802 1p User Priority window Once you have assigned a priority to the p...

Страница 163: ...k performance especially during peak demand as bottlenecks can quickly develop if the QoS settings are not suitable To view this window click QoS QoS Scheduling Mechanism Figure 5 7 QoS Scheduling Mec...

Страница 164: ...n below Figure 5 8 QoS Scheduling window The following parameters can be configured Parameter Description From Port To Port Enter the port or port list you wish to configure Class ID Select the Class...

Страница 165: ...l Settings window The following parameters can be configured Parameter Description From Port To Port Enter the port or port list you wish to configure Class ID Select the Class ID from 0 6 to configur...

Страница 166: ...ilization while minimizing frame loss This proactive approach starts discarding specific colored packets before the packet buffer becomes full If this queue depth is less than the threshold there is m...

Страница 167: ...ckets it might also include yellow packets Threshold High Threshold High refers to the drop yellow or green packets depending on the drop mode Drop Rate Low There are eight drop rates as shown below t...

Страница 168: ...es Layer 2 Stackable Fast Ethernet Managed Switch User Manual 167 DSCP Trust Settings This window is used to enable DSCP Trust Settings To view this window click QoS SRED DSCP Trust Settings Figure 5...

Страница 169: ...port Then the packet will be processed base on the new DSCP By default the DSCP is mapped to the same DSCP The DSCP to color mapping is used to determine the initial color of the packet when the polic...

Страница 170: ...space provided which will instruct the Switch to examine the DiffServ Code part of each packet header and use this as the or part of the criterion for forwarding The user may choose a value between 0...

Страница 171: ...Description From port To port A consecutive group of ports may be configured starting with the selected port Priority List 0 7 This parameter is specified if you want to re write the 802 1p default pr...

Страница 172: ...y packets to process or b exerts too much memory it will enter an Exhausted mode When in this mode the Switch only receives a small amount of ARP or IP broadcast packets for a calculated time interval...

Страница 173: ...ll decrease by half of the level that caused the Switch to enter Exhausted mode After the packet flow has stabilized the rate will initially increase by 25 and then return to a normal packet flow To c...

Страница 174: ...designated management stations only the chosen stations as defined by IP address will be allowed management privilege through the web manager or Telnet session To define a management station IP setti...

Страница 175: ...binding configuration set on the Switch To view this window click Security IP MAC Port Binding IMP Binding Global Settings Figure 6 4 IMP Binding Global Settings window The following parameters can b...

Страница 176: ...ket is not found by the entry the MAC address will be set to block Other packets will be dropped The default mode is strict if not specified The ports with strict mode will capture unicast DHCP packet...

Страница 177: ...t is 500 Max Entry 1 50 Specifies the maximum number of IP MAC Port Binding entries By default The maximum entry for each port is No Limit IMP Binding Entry Settings This table is used to create Stati...

Страница 178: ...d To delete an entry click the delete button next to the entry s port To delete all the entries in the Blocked Address Browser window click Clear All To view this window click Security IP MAC Port Bin...

Страница 179: ...d ports Max Learning Address 0 64 The number of MAC addresses that will be in the MAC address forwarding table for the selected switch and group of ports Lock Address Mode This pull down menu allows y...

Страница 180: ...HCP servers are present on the network and both provide DHCP services to different distinct groups of clients The first time the DHCP filter is enabled it will create both an access profile entry and...

Страница 181: ...ss Duration The DHCP server filtering function filters any illegal DHCP server packets The DHCP server who sends the illegal packets will be logged This command is used to suppress the logging of DHCP...

Страница 182: ...t Based and Host Based Access Control The IEEE 802 1X standard is a security measure for authorizing and authenticating users to gain access to various wired or wireless devices on a specified Local A...

Страница 183: ...packets and in turn informs the Switch whether or not the Client is granted access to the LAN and or switches services Figure 6 15 The Authentication Server Authenticator The Authenticator the Switch...

Страница 184: ...he LAN and or Switch through EAPOL packets and in turn will respond to requests from the Switch Figure 6 17 The Client Authentication Process Utilizing the three roles stated above the 802 1X protocol...

Страница 185: ...nticated by the Switch using a remote RADIUS server before being allowed access to the Network Understanding 802 1X Port based and Host based Network Access Control The original intent behind the deve...

Страница 186: ...orized and all subsequent traffic on the Port is not subject to access control restriction until an event occurs that causes the Port to become Unauthorized Hence if there are more than one device con...

Страница 187: ...ogical Port can be seen as independently controlled from the point of view of EAPOL exchanges and authorization state The Switch learns each attached devices individual MAC addresses and effectively c...

Страница 188: ...he port Authentication Protocol Choose the Auth Protocol either RADIUS EAP or Local Forward EAPOL PDU This enables or disables the Switch retransmit EAPOL PDU Request Max User 1 488 Specify the maximu...

Страница 189: ...efault setting is 30 seconds ServerTimeout 1 65535 This value determines timeout conditions in the exchanges between the Authenticator and the authentication server The default setting is 30 seconds M...

Страница 190: ...r The default setting is Auto Capability This allows the 802 1X Authenticator settings to be applied on a per port basis Select Authenticator to apply the settings to the port When the setting is acti...

Страница 191: ...ver to configure 1 2 or 3 IP Address Set the RADIUS Server IP Authentic Port 1 65535 Set the RADIUS authentic server s UDP port The default port is 1812 Accounting Port 1 65535 Set the RADIUS account...

Страница 192: ...width 100Mbps on an Ethernet port or 1Gbps on a Gigabit port of the port will be set to no_limited 2 To assign 802 1p default priority by RADIUS server proper parameters should be configured on the RA...

Страница 193: ...er does not support the Tag field the Tunnel Private Group ID string will be dealt as VLAN name The definitions of the Tag field are Tag field value String field format 0x00 VLAN name ASCII 0x01 VLAN...

Страница 194: ...ces on the Switch will need to be authenticated by a remote RADIUS Server or local authentication on the Switch to be placed in a fully operational VLAN If authenticated and the authenticator posseses...

Страница 195: ...they exchange keys in looking for a match and therefore authentication to be accepted to negotiate encryptions on the following level 2 Encryption The second part of the ciphersuite that includes the...

Страница 196: ...ers specific encryption algorithms and key sizes to be used for an authentication session The Switch possesses four possible ciphersuites for the SSL function which are all enabled by default To utili...

Страница 197: ...r disable this ciphersuite This field is enabled by default RSA EXPORT with RC4 40 MD5 This ciphersuite combines the RSA Export key exchange and stream cipher RC4 encryption with 40 bit keys Use the p...

Страница 198: ...s as to the method SSH will use to authorize the user which are Host Based Password and Public Key 3 Configure the encryption algorithm that SSH will use to encrypt and decrypt messages sent between t...

Страница 199: ...ssword This parameter may be enabled if the administrator wishes to use a locally configured password for authentication on the Switch The default is enabled Public Key This parameter may be enabled i...

Страница 200: ...he default is enabled Public Key Algorithm HMAC RSA Check the box to enable the HMAC Hash for Message Authentication Code mechanism utilizing the RSA encryption algorithm The default is enabled HMAC D...

Страница 201: ...authentication Upon entry of this parameter the Switch will prompt the administrator for a password and then to re type the password for confirmation Public Key This parameter should be chosen if the...

Страница 202: ...r doesn t respond to the verification query At this point the Switch receives the timeout from the server and then moves to the next method of verification configured in the method list The Switch has...

Страница 203: ...n attempts Users failing to be authenticated after the set amount of attempts will be denied access to the Switch and will be locked out of further authentication attempts Command line interface users...

Страница 204: ...tion Server Group This window will allow users to set up Authentication Server Groups on the Switch A server group is a technique used to group TACACS XTACACS TACACS RADIUS server hosts into user defi...

Страница 205: ...CS daemon TACACS XTACACS TACACS protocols are separate entities and are not compatible with each other Authentication Server This window will set user defined Authentication Server Hosts for the TACAC...

Страница 206: ...n on the same physical server host but remember that TACACS XTACACS TACACS are separate entities and are not compatible with each other Login Method Lists This command will configure a user defined or...

Страница 207: ...tabase on the Switch none Adding this parameter will require no authentication to access the Switch Enable Method Lists The Enable Method List Settings window is used to set up Method Lists to promote...

Страница 208: ...uthenticated using the RADIUS protocol from a remote RADIUS server tacacs Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server xtacacs...

Страница 209: ...to send these informational packets Account Session ID Account Status Type Account Terminate Cause Account Authentic Account Delay Time Account Session Time Username Service Type NAS IP Address NAS Id...

Страница 210: ...FDB of that port 2 If a port is granted clearance for a MAC address in a VLAN that is not a Guest VLAN other MAC addresses on that port must be authenticated for access and otherwise will be blocked b...

Страница 211: ...ed Access Control Local Database Settings window RADIUS Use this method to utilize a remote RADIUS server as the authenticator for MAC based Access Control Remember the MAC list must be previously set...

Страница 212: ...o unauthenticated state Hold Time 1 300 If a host fails to pass the authentication the next authentication will not started within the entered period of time unless the user clear the entry state manu...

Страница 213: ...l IP is transformed into the physical IPIF IP interface address of the Switch to make the communication possible The host PC and other servers IP configurations do not depend on the virtual IP of WAC...

Страница 214: ...xStack DES 3528 DES 3552 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 213...

Страница 215: ...cal authentication method of the Switch as the authenticating method for users trying to access the network via the switch This is in fact the username and password to access the Switch configured usi...

Страница 216: ...ion Page field set will be prompted with an error message and Web based Access Control will not be enabled The URL should follow the form http s www dlink com NOTE The subnet of the IP address of the...

Страница 217: ...ettings window To set the Web based Access Control for the Switch complete the following fields Parameter Description Port Settings From Port To Port Enter the Port range State Use the pull down menu...

Страница 218: ...JWAC Japanese Web based Access Control The JWAC folder contains three windows JWAC Global Settings JWAC Port Settings JWAC User Settings JWAC Global Settings Use this window to enable and configure J...

Страница 219: ...en redirect is disabled only access to the quarantine server and the JWAC login page from the unauthenticated host are allowed all other web access will be denied NOTE When enabling redirect to the qu...

Страница 220: ...Switch will handle this HTTP packet and send back a message to the host to allow it access to the Quarantine Server with the configured URL When a computer is connected to the specified URL the quara...

Страница 221: ...checked The default setting is Infinite Block Time 0 300 Seconds This parameter specifies the period of time a host will keep in a blocked state after it fails to authenticate Enter a value between 0...

Страница 222: ...OS traffic NetBEUI has been the protocol of choice for small MS DOS and Windows based workgroups NetBIOS no longer lives strictly inside of the NetBEUI protocol Microsoft worked to create the internat...

Страница 223: ...n a port The Multiple Authentication feature allows clients running different authentication methods to connect to the network using the same switch port The Multiple Authentication feature can be imp...

Страница 224: ...ying one of the supported authentication methods The IMPB Table is used to create a white list that checks if the IP streams sent by authorized hosts have been granted or not In the above diagram the...

Страница 225: ...not In the above diagram the Switch port has been configured to allow clients to authenticate using JWAC If a client passes IMPB authentication and JWAC authentication access will be granted If a cli...

Страница 226: ...set Parameter Description VLAN Name VLAN ID 1 4094 Click the radio button and enter the VLAN name VLAN ID of a previously configured VLAN to which the failed authenticated web users will be allocated...

Страница 227: ...based on the criteria specified in the access profile It tests packets against the conditions in an access list one by one The ACL consists of profiles and rules Generally speaking the profiles specif...

Страница 228: ...source address or the IPv6 destination address at any one time Action Select Permit to specify that the packets that match the access profile are forwarded by the Switch according to any additional ru...

Страница 229: ...ss Profile Lists Figure 7 2 Access Profile Lists To add an ACL Profile click the Add ACL Profile button which will display the window below There are four Access Profile Configuration pages one for Et...

Страница 230: ...ach packet header Select IPv4 to instruct the Switch to examine the IPv4 address in each frame s header Select IPv6 to instruct the Switch to examine the IPv6 address in each frame s header Select Pac...

Страница 231: ...g Delete button to view the specific configurations for an entry click the Show Details button To add a rule to the Access Profile entry click the Add View Rules button Figure 7 5 Access Profile List...

Страница 232: ...t header Action Select Permit to specify that the packets that match the access profile are forwarded by the Switch according to any additional rule added see below Select Deny to specify the packets...

Страница 233: ...using the following equation 1 value 64Kbit sec ex If the user selects an Rx rate of 10 then the ingress rate is 640Kbit sec The user many select a value between 1 and 15624 or tick the No Limit check...

Страница 234: ...or forwarding Source IP Mask Enter an IP address mask for the source IP address Destination IP Mask Enter an IP address mask for the destination IP address ICMP Type icmp Specifies that the Switch wil...

Страница 235: ...n port in hex form hex 0x0 0xffff which you wish to filter Select UDP to use the UDP port number contained in an incoming packet as the forwarding criterion Selecting UDP requires that you specify a s...

Страница 236: ...ifier number for this access This value can be set from 1 to 128 VLAN Name VLAN ID Allows the entry of a VLAN name or VLAN ID for a previously configured VLAN DSCP Selecting this option instructs the...

Страница 237: ...the DSCP value in a packet that meets the selected criteria with the value entered in the adjacent field Replace ToS Precedence Select this option to instruct the Switch to replace the Type of Servic...

Страница 238: ...eader that is similar to the Type of Service ToS or Precedence bits field in IPv4 IPv6 Flow Label Ticking this check box will instruct the Switch to examine the flow label field of the IPv6 header Thi...

Страница 239: ...n entry click the Show D etails button To add a rule to the Access Profile entry click the Add View Rules button Figure 7 17 Access Profile List IPv6 To view the configurations for previously configur...

Страница 240: ...ined in the config mirror port command Port Mirroring must be enabled and a target port must be set Priority 0 7 Enter a priority value if you want to re write the 802 1p default priority of a packet...

Страница 241: ...rule will be implemented on the Switch Counter Enable or disable the counter settings Ports VLAN Name VLAN ID Use the pull down menu to select Ports VLAN Name or VLAN ID that the access rule will take...

Страница 242: ...Allows users to examine up to 4 specified offset_chunks within a packet at one time and specifies the frame content offset and mask There are 4 chunk offsets and masks that can be configured A chunk m...

Страница 243: ...Profile List entry in the Access Profile List table shown below To add another Access Profile click Add ACL Profile To delete a profile click the corresponding Delete button to view the specific conf...

Страница 244: ...be set Priority 0 7 Enter a priority value if you want to re write the 802 1p default priority of a packet to the value entered in the Priority field which meets the criteria specified previously in...

Страница 245: ...ever ARP is vulnerable as it can be easily spoofed and utilized to attack a LAN For a more detailed explanation on how ARP works and how to employ D Link s advanced unique Packet Content ACL to preven...

Страница 246: ...st entries created on the Switch one CPU access profile of each type has been created for explanatory purposes To view the configurations for an entry click the corresponding Show Details button To ad...

Страница 247: ...address in each frame s header Select Packet Content Mask to specify a mask to hide the content of the packet header Source MAC Mask Enter a MAC address mask for the source MAC address Destination MAC...

Страница 248: ...uirements for the type of profile Select Ethernet to instruct the Switch to examine the layer 2 part of each packet header Select IPv4 to instruct the Switch to examine the IPv4 address in each frame...

Страница 249: ...he packets by checking the boxes corresponding to the flag bits of the TCP field The user may choose between urg urgent ack acknowledgement psh push rst reset syn synchronize fin finish src port mask...

Страница 250: ...mask to hide the content of the packet header IPv6 Class Checking this field will instruct the Switch to examine the class field of the IPv6 header This class field is a part of the packet header tha...

Страница 251: ...acket content mask This will change the menu according to the requirements for the type of profile Select Ethernet to instruct the Switch to examine the layer 2 part of each packet header Select IPv4...

Страница 252: ...To establish the rule for a previously created CPU Access Profile To configure the Access Rules for Ethernet open the CPU Access Profile List window and click Add View Rules for an Ethernet entry This...

Страница 253: ...box and enter the name of the Time Range settings that has been previously configured in the Time Range Settings window This will set specific times when this access rule will be implemented on the S...

Страница 254: ...rule added see below Select Deny to specify the packets that match the access profile are not forwarded by the Switch and will be filtered VLAN Name Enter a VLAN name that has been previously configu...

Страница 255: ...Enter an IPv6 Class The class can be between 0 255 Flow Label Configuring this field in hex form will instruct the Switch to examine the flow label field of the IPv6 header This flow label field is u...

Страница 256: ...view the following window Figure 7 45 CPU Access Rule Detail Information window for IPv6 To establish the rule for a previously created CPU Access Profile To configure the Access Rules for IP open th...

Страница 257: ...name of the Time Range settings that has been previously configured in the Time R ange Settings window This will set specific times when this access rule will be implemented on the Switch Ports Specif...

Страница 258: ...which will display the following window for the user to configure Figure 7 51 ACL Flow Meter Add window The following fields may be configured Parameter Description Profile ID Use the drop down menu t...

Страница 259: ...say 1 means 64Kbps CBS Kbyte Specifies the Committed Burst Size of the packet Tha range is from 0 to 16384 The unit is Kbyte That is to say 1 means 1Kbyte This parameter is optional and the default v...

Страница 260: ...able Browse VLAN Show VLAN Ports Browse Voice VLAN Device Browse DHCP Server Dynamic Binding Brwose DHCP Conflict IP Browse Session Table MLD Snooping IGMP Snooping Ethernet OAM JWAC Authentication St...

Страница 261: ...e Diagnostics This window displays the details of copper cables attached to specific ports on the Switch If there is an error in the cable this feature can determine the type of error and the position...

Страница 262: ...U Utilization Figure 8 3 CPU Utilization window To view the CPU utilization by port use the real time graphic of the Switch and or switch stack at the top of the web page by simply clicking on a port...

Страница 263: ...ort by using the Port pull down menu The user may also use the real time graphic of the Switch at the top of the web page by simply clicking on a port Change the view parameters as follows Parameter D...

Страница 264: ...user may also use the real time graphic of the Switch at the top of the web page by simply clicking on a port To view the packet size windows click Monitoring Packet Size Figure 8 5 Packet Size window...

Страница 265: ...ts 256 511 The total number of packets including bad packets received that were between 256 and 511 octets in length inclusive excluding framing bits but including FCS octets 512 1023 The total number...

Страница 266: ...witch To select a port to view these statistics for select the port by using the Port pull down menu The user may also use the real time graphic of the Switch at the top of the web page by simply clic...

Страница 267: ...r of bytes received on the port Packets Counts the number of packets received on the port Unicast Counts the total number of good packets that were received by a unicast address Multicast Counts the t...

Страница 268: ...y also use the real time graphic of the Switch at the top of the web page by simply clicking on a port To view the following graph of UMB cast packets received on the Switch click Monitoring Packets U...

Страница 269: ...s that were received by a broadcast address Show Hide Check whether or not to display Multicast Broadcast and Unicast Packets Clear Clicking this button clears all statistics counters on this window C...

Страница 270: ...unts the number of bytes successfully sent on the port Packets Counts the number of packets successfully sent on the port Unicast Counts the total number of good packets that were transmitted by a uni...

Страница 271: ...view these statistics for select the port by using the Port pull down menu The user may also use the real time graphic of the Switch at the top of the web page by simply clicking on a port To view the...

Страница 272: ...ets received that were longer than 1518 octets and less than the MAX_PKT_LEN Internally MAX_PKT_LEN is equal to 1536 Fragment The number of packets less than 64 bytes with either bad framing or an inv...

Страница 273: ...aph of error packets received on the Switch Click the Monitoring Errors Transmitted TX Figure 8 15 Transmitted TX window for errors To view the Transmitted TX Table window click the link View Table wh...

Страница 274: ...SingColl Single Collision Frames The number of successfully transmitted packets for which transmission is inhibited by more than one collision Collision An estimate of the total number of collisions...

Страница 275: ...resses The number of RADIUS Access Response packets received from unknown addresses Identifier The NAS Identifier of the RADIUS authentication client This is not necessarily the same as sysName in MIB...

Страница 276: ...t packets destined for this server that have not yet timed out or received a response This variable is incremented when an Access Request is sent and decremented due to receipt of an Access Accept Acc...

Страница 277: ...ceptual table listing the RADIUS accounting servers with which it shares a secret ServerPortNumber The UDP port it is using to send requests to this server RoundTripTime The time interval between the...

Страница 278: ...802 1X Status on the Switch To view the Authenticator State click Monitoring Port Access Control Authenticator State Figure 8 19 Authenticator State window This window displays the Authenticator State...

Страница 279: ...mber of EAP Req Id frames that have been transmitted by this Authenticator RxLogOff The number of EAPOL Logoff frames that have been received by this Authenticator Tx Req The number of EAP Request fra...

Страница 280: ...on Port The identification number assigned to the Port by the System in which the Port resides Octets Rx The number of octets received in user data frames on this port during the session Octets Tx The...

Страница 281: ...dow contains the diagnostic information regarding the operation of the Authenticator associated with each port An entry appears in this table for each port that supports the Authenticator function To...

Страница 282: ...an EAPOL Start message being received from the Supplicant Authed LogOff Counts the number of times that the state machine transitions from AUTHENTICATED to DISCONNECTED as a result of an EAPOL Logoff...

Страница 283: ...Clear All The view the Browse ARP Table window click Monitoring Browse ARP Table Figure 8 23 Browse ARP Table window Browse Route Table This window displays the current IP routing table of the Switch...

Страница 284: ...ed to clients on the local network and are now bound to the device stated by its MAC address To view this window click Monitoring Browse DHCP Server Dynamic Binding Figure 8 28 Browse DHCP Server Dyna...

Страница 285: ...e Session Table window click Monitoring Browse Session Table Figure 8 30 Browse Session Table window MLD Snooping Browse MLD Router Port This window displays which of the Switch s ports are currently...

Страница 286: ...button The information of the MLD snooping group will display in the MLD Snooping Group Table To view this window click Monitoring MLD Snooping MLD Snooping Group as shown below Figure 8 32 MLD Snoopi...

Страница 287: ...ng settings of the Switch Browse IGMP Router Port This window displays which of the Switch s ports are currently configured as router ports A router port configured by a user using the console or Web...

Страница 288: ...IGMP Snooping Group window The following field can be viewed Parameter Description VLAN Name The VLAN ID of the multicast group VLAN List e g 1 4 6 The VLAN ports of the multicast group Group IP Addr...

Страница 289: ...dow click Monitoring IGMP Snooping Browse IGMP Snooping Counter as shown below Figure 8 38 Browse IGMP Snooping Counter window Enter the VLAN Name VLAN List or Port List of the VLAN you wish to view a...

Страница 290: ...Ethernet OAM Statistics This window displays the Ethernet OAM Statistic information on each port of the Switch To clear information for a particular port or list of ports enter the ports and click Cl...

Страница 291: ...d Access Control authentication information Specify the port list you wish to view and click Find To remove an entry enter the appropriate information and click Clear Click View All Hosts to see all t...

Страница 292: ...orresponds MAC Address Enter a MAC address for the forwarding table to be browsed by IP Address Enter an IP address for the forwarding table to be browsed by Find By Port Click this button to move to...

Страница 293: ...rameter Description Port The port to which the MAC address below corresponds VLAN Name Enter a VLAN Name for the forwarding table to be browsed by MAC Address Enter a MAC address for the forwarding ta...

Страница 294: ...w Clicking Clear will allow the user to clear the Switch History Log The information in the table is categorized as Parameter Description Type Choose the type of log to view There are two choices Regu...

Страница 295: ...ry The options include Save Configuration_ID_1 to save the configuration file indexed as Image file 1 To use this file for configuration it must be designated as the Boot configuration Save Configurat...

Страница 296: ...ck Save C onfiguration I D 2 to open the following window Figure 9 2 Save Configuration ID 2 window Save Log Open the Save drop down menu at the top of the Web manager and click Save Log to open the f...

Страница 297: ...Server IP address and file path name and then click Upload or Upload Attack Log Figure 12 2 Upload Log File window Reset The Reset function has several options when resetting the Switch Some of the c...

Страница 298: ...nd field Click Download to initiate the file transfer Reboot System The following window is used to restart the Switch Figure 12 5 Reboot System window Clicking the Yes radio button will instruct the...

Страница 299: ...own in Figure 1 Figure 1 In the mean time PC A s MAC address will be written into the Sender H W Address and its IP address will be written into the Sender Protocol Address in ARP payload As PC B s MA...

Страница 300: ...arding Table the switch will learn PC A s MAC and the associated port into its Forwarding Table Port1 00 20 5C 01 11 11 In addition when the switch receives the broadcast ARP request it will flood the...

Страница 301: ...s Target H W address Target protocol address ARP reply 00 20 5C 01 11 11 10 10 10 1 00 20 5C 01 22 22 Table 3 ARP Payload When PC B replies the query the Destination Address in the Ethernet frame will...

Страница 302: ...ateway Any traffic meant for that IP address would be mistakenly re directed to the node specified by the attacker IP spoofing attack is caused by Gratuitous ARP that occurs when a host sends an ARP r...

Страница 303: ...a nonexistent or specified MAC address to the IP address of the network s default gateway The malicious attacker only needs to broadcast ONE Gratuitous ARP to the network claiming it is the gateway s...

Страница 304: ...rnet the Sender MAC address and Sender IP address in the ARP protocol can pass through the switch In this example it is the gateway s ARP 2 The switch will deny all other ARP packets which claim they...

Страница 305: ...nk24 Offset Chunk25 Offset Chunk26 Offset Chunk27 Offset Chunk28 Offset Chunk129 Offset Chunk30 Byte 63 67 71 75 79 83 87 91 95 99 103 107 111 115 119 123 Byte 64 68 72 76 80 84 88 92 96 100 104 108 1...

Страница 306: ...xStack DES 3528 DES 3552 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 305...

Страница 307: ...red Critical Redundant Power failed Unit unitID Redundant Power failed Critical Redundant Power is working Unit unitID Redundant Power is working Critical Access flash failed Unit unitID Access flash...

Страница 308: ...Successful login through Web Successful login through Web Username username IP ipaddr Informational Login failed through Web Login failed through Web Username username IP ipaddr Warning Logout through...

Страница 309: ...licy is enabled Authentication Policy is enabled Module AAA Informational Authentication Policy is disabled Authentication Policy is disabled Module AAA Informational Successful login through Console...

Страница 310: ...hrough Web SSL from userIP authenticated by AAA none method Username username Informational Successful login through Telnet authenticated by AAA none method Successful login through Telnet from userIP...

Страница 311: ...l Enable Admin failed through Console authenticated by AAA local_enable method Enable Admin failed through Console authenticated by AAA local_enable method Username username Warning Successful Enable...

Страница 312: ...through Web authenticated by AAA server Successful Enable Admin through Web from userIP authenticated by AAA server serverIP Username username Informational Enable Admin failed through Web authenticat...

Страница 313: ...configuration Username username Warning Enable Admin failed through Telnet from user due to AAA server timeout or improper configuration Enable Admin failed through Telnet from userIP due to AAA serv...

Страница 314: ...reated Creating IMPB entry Failed due to no ACL rule available IP ipaddr MAC macaddr Port unitID portNum Informational Port enter IMPB block state Port unitID portNum enter IMPB block state Informatio...

Страница 315: ...vel VLAN vid Local Port portNum Direction direcrtion Warning CFM remote down CFM remote down MD Level level VLAN vid Local Port S Direction direcrtion Warning CFM error ccm CFM error ccm MD Level leve...

Страница 316: ...6 1 6 3 1 1 5 1 None V2 RFC1907 SNMPv2 MIB Critical warmStart 1 3 6 1 6 3 1 1 5 2 None V2 RFC1907 SNMPv2 MIB Critical authenticationFailure 1 3 6 1 6 3 1 1 5 5 None V2 RFC1907 SNMPv2 MIB Informationa...

Страница 317: ...StormCtrl MIB Warning swPktStormCleared 1 3 6 1 4 1 171 12 25 5 0 2 swPktStormCtrlPortIndex V2 PktStormCtrl MIB Warning swPktStormDisablePort 1 3 6 1 4 1 171 12 25 5 0 3 swPktStormCtrlPortIndex V2 Pkt...

Страница 318: ...xStack DES 3528 DES 3552 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 317 agentGratuitousARPTrap 1 3 6 1 4 1 171 12 1 7 2 0 5 agentNotifyPrefix V2 Genmgmt MIB Warning...

Страница 319: ...omatically map an IP address to a given MAC address each time a device is started In addition the protocol can assign the subnet mask and default gateway to a device bridge A device that interconnects...

Страница 320: ...also main port and standby port RJ 45 Standard 8 wire connectors for IEEE 802 3 10BASE T networks RMON Remote Monitoring A subset of SNMP MIB II that allows monitoring and management capabilities by a...

Страница 321: ...rogram on another device VLAN Virtual L AN A group of location and topology independent devices that communicate as if they are on a common physical LAN VLT Virtual LAN Trunk A Switch to Switch link w...

Страница 322: ...rminal emulation to the console port of the switch 2 Power on the switch After the runtime image is loaded to 100 the Switch will allow 2 seconds for the user to press the hotkey Shift 6 to enter the...

Отзывы:

Нет отзывов

Похожие инструкции для DES-3528 - xStack Switch - Stackable

Бренд: Sagem Страницы: 19

Бренд: Panasonic Страницы: 44

Бренд: E-TOP Страницы: 76

ThunderLAN TNETE100A

Бренд: Texas Instruments Страницы: 179

Бренд: Funkwerk Страницы: 2

Бренд: Winext Страницы: 37

ION 1200 Series

Бренд: PaloAlto Networks Страницы: 90

Бренд: Teletronics International Страницы: 57

Secure Site Manager 16

Бренд: Black Box Страницы: 16

Бренд: RR-Concepts Страницы: 12

Бренд: Alcatel Страницы: 4

Бренд: NetComm Страницы: 4

Бренд: Carrier Страницы: 18

Бренд: Qvis Страницы: 233

Redbooks Emulex VFA5

Бренд: IBM Страницы: 15

Бренд: Baileigh Страницы: 20

Бренд: Alcatel Страницы: 158

Бренд: Belkin Страницы: 2

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды