D-Link DAS-3626 Скачать руководство пользователя

Страница: 104 / 177

DAS-3626 VDSL2 Switch User Manual

Figure 126. 802.1Q VLAN menu – Add/Edit VLAN Tab

To return to the

802.1Q VLAN

window, click the

VLAN List

Tab at the top of the window. To change an existing

802.1Q VLAN entry, click the corresponding

Edit

button. A new window will appear to configure the port settings and

to assign a unique name and number to the new VLAN. See the table below for a description of the parameters in the
new menu.

NOTE:

The switch supports up to 4k static VLAN entries.

Figure 127. 802.1Q VLAN menu – Edit menu

The following fields can then be set in either the

Add/Edit VLAN

Edit

802.1Q VLAN windows:

104

Содержание DAS-3626

Страница 2: ...t the written permission of D Link Corporation is strictly forbidden Trademarks used in this text D Link and the D LINK logo are trademarks of D Link Corporation Microsoft and Windows are registered trademarks of Microsoft Corporation Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products D Link Corporation discl...

Страница 3: ...onfiguration 6 System Configuration 14 Switch Configuration 26 VDSL Configuration 53 Multicasting 59 Storm Control 74 QoS 76 ACL 84 VLAN 103 Security 109 CPE Management 122 Status 135 Maintenance 154 System Log Entries 163 Glossary 174 Password Recovery Procedure 176 iii ...

Страница 4: ...settings and Multicast Listener Discovery MLD configuration Section 6 Storm Control Configuration menus for multicast and broadcast storm control Section 7 QoS Information for Quality of Service configuration Menus include Bandwidth Control 802 1P Default Priority 802 1P User Priority QoS Scheduling Mechanism QoS Scheduling and In Band Manage Settings Section 8 ACL Configuration Menus for configur...

Страница 5: ... command Boldface Typewriter Font Indicates commands and responses to prompts that must be typed exactly as printed in the manual Initial capital letter Indicates a window name Names of keys on the keyboard have initial capitals For example Click Enter Italics Indicates a window name or a field Also can indicate a variables or parameter that is replaced with an appropriate word or string For examp...

Страница 6: ...he switch Connect to the RS 232 Console serial port on the front panel or use the Mangament Ethernet port located next to the Console port Use standard terminal emulation software for Console port access as described in the CLI Command Reference Manual Use of the Management port provides the options of using either the web based management module or the command line interface via Telnet The Manage...

Страница 7: ...ponding subnet mask The CLI command syntax used to change the IP settings of the out of band IP interface is config ipif outband ipaddress xxx xxx xxx xxx yyy yyy yyy yyy Alternatively you can use CIDR notation for the IP settings xxx xxx xxx xxx z where the x s represents the corresponding number of subnets Connection to the switch using Telnet can be done by connecting to the Management Ethernet...

Страница 8: ...ess bar should read something like http 123 123 123 123 where the numbers 123 represent the IP address of the switch this opens the management module s user authentication window as seen below Figure 3 Enter Network Password dialog There is no default user name or password At the User Name and Password fields click on OK This opens the web based management interface Switch management features avai...

Страница 9: ...to go to the D Link website Area 2 Presents a graphical near real time image of the front panel of the switch This area displays the switch s ports and expansion modules showing port activity Various areas of the graphic can be selected for performing management functions including port configuration Area 3 Presents switch information based on your selection and the entry of configuration data Are...

Страница 10: ...n menu To save the current configuration from the Save drop down menu pull the cursor down to the Save Configuration option The Save Configuration menu display appears during the saving process Upon successfully saving the configuration a message informs you the save is completed Figure 6 Save Configuration display In addition to the Save Configuration option the Save menus offer a Save Log and Sa...

Страница 11: ...t the desired configuration file to backup or restore The default switch settings will use image ID 1 as the boot configuration or firmware To backup the configuration file enter the Server IP either IPv4 or IPv6 interface name file path name desired Configuration ID and click Backup To restore the configuration file enter the Server IP either IPv4 or IPv6 interface name file path name desired Con...

Страница 12: ...e resetting all other configuration parameters to their factory defaults If the switch is reset using this window and Save Changes is not executed the switch will return to the last saved configuration when rebooted Figure 10 Reset System menu Download Firmware The following window is used to download firmware for the switch Figure 11 Download Firmware menu Enter the Server IP address the Interfac...

Страница 13: ...changeable the Boot PROM Version Firmware Version and Hardware Version as well as other information about different settings on the switch This information is helpful to keep track of PROM and firmware updates and to obtain the switch s MAC address for entry into another network device s address table if necessary In addition this window displays the status of functions on the switch to quickly as...

Страница 14: ... Time Setting TimeZone Setting Users Setting System Log Setting System Log Server Configuration menus in the System Configuration folder are used to change general system settings sucha as IP settings for the two switch IP interfaces system time settings and user account settings This section describes the menus contained in the System Configuration menu directory 14 ...

Страница 15: ...ings menu Parameter Description Interface The name of the IP interfaces used to manage the switch VLAN Name The name of the VLAN that includes the System interface This can be configured in the IPv4 or IPv6 Interface Settings menu for the interface Admin State Displays the current state of the interface Access the IPv4 or IPv6 Interface Settings menu to enable or disable the interface To change th...

Страница 16: ...rface only IPv6 Network Address Enter the IPv6 Network Address to be configured The interface can have multiple IPv6 addresses defined Configuration of IPv6 addresses must be done through the command config ipif IPv6 State Allows the user to enable or disable the IPv6 state on the interface NS Retransmit time 0 4294967295 This field is used to set the interval in milliseconds that the switch will ...

Страница 17: ...dded as an IPv6 neighbor on the IP interface Interface Name In order to search for a previously configured Interface name enter the appropriate information and click Find To remove a previously configured Interface enter the Interface name and click Clear State To find or delete specific entries use the pull down menu to select All Address Static or Dynamic All Select All to view all configured ne...

Страница 18: ...tings Web based management is Enabled by default If you choose to disable this by selecting Disabled you will lose the ability to configure the system through the web interface as soon as these settings are applied To view this menu click the Web Settings link in the Quick Configuration menu as shown below Figure 20 Web Settings menu Telnet Settings Telnet configuration is Enabled by default If yo...

Страница 19: ...layed Parameter Description Status SNTP State Use the radius button to select an Enabled or Disabled SNTP state Current Time Displays the Current Time set on the switch Time Source Displays the time source for the system SNTP Settings SNTP First Server This is the IP address of the primary server the SNTP information will be taken from SNTP Second Server This is the IP address of the secondary ser...

Страница 20: ... DST Settings menu The following parameters can be set Time Zone and DST Daylight Saving Time State Use this pull down menu to enable or disable the DST Settings Daylight Saving Time Offset in Minutes Use this pull down menu to specify the amount of time that will constitute your local DST offset 30 60 90 or 120 minutes Time Zone Offset from GMT in HH MM Use these pull down menus to specify your l...

Страница 21: ...of the month the DST will end To Day of the Week Enter the day of the week that DST will end To Month Enter the month that DST will end To Time in HH MM Enter the time DST will end DST Annual Settings Using annual mode will enable DST seasonal time adjustment Annual mode requires that the DST beginning and ending date be specified concisely For example specify to begin DST on April 3 and end DST o...

Страница 22: ...view configurations on the switch except for those involving security features which are still left to the Admin level privilege Operator level users can be authenticated through either the local authentication method of the switch or through the Access Authentication Control feature discussed later in this document Once the user has logged in to the switch in the Operator level certain security s...

Страница 23: ...henticated through either the local authentication method of the switch or through the Access Authentication Control feature discussed later in this document Once the user has logged in to the switch in the Operator level certain security screens and windows will not be made available to view or to configure Only Admin level users have access to these features There are three levels of user privil...

Страница 24: ...entry You can choose between On Demand Time Interval and Log Trigger On Demand This method will only save log files when they manually tell the switch to do so using the Save Log link in the Save folder Time Interval This method configures a time interval by which the switch will save the log files The user may set a time between 1 and 65535 minutes Log Trigger This method will save log files to t...

Страница 25: ...se facilities or they may use the user level Facility Those Facilities that have been designated are shown in the following Bold font indicates the facility values that the switch is currently employing Numerical Facility Code Numerical Facility Code 0 1 2 3 4 5 7 8 9 10 11 kernel messages user level messages mail system system daemons security authorization messages messages generated internally ...

Страница 26: ...ernet Settings FDB Traffic Segmentation CLI Paging Port Mirror LACP Port Settings Loopback Detection Settings QinQ Settings GVRP DHCP BOOTP Relay Settings Spanning Tree Settings Multiple Spanning Tree Settings CFM The Switch Configurtion Section includes these functions discussed in detail 26 ...

Страница 27: ...alue between 10 and 1 000 000 seconds The default setting is 300 seconds To view this window click Switch Configuration MAC Address Aging Time as shown below Figure 29 MAC Address Aging Time menu Ethernet Settings Figure 30 Ethernet Port Settings Users may configure the speed and duplex of Ethernet port 1 here Auto negotiate Turning on this feature will automatically adjust the speed and duplex of...

Страница 28: ... MAC address and click on the Find button To scroll through the FDB list manually click on the Next and Back buttons To clear FDB entries choose to clear dynamic entries for a specified Port or VLAN by clicking on the Clear Dynamic Entries button for the search option used Alternatively to clear all entries in the FDB click on the Clear All Entries button The MAC Address Table lists the following ...

Страница 29: ...guration Traffic Segmentation as shown below Figure 32 Traffic Segmentation menu The following fields can be set Parameter Description From Port To Port Check the corresponding boxes for the port s to transmit packets Forward Portlist Check the boxes to select which of the ports on the switch will be able to forward packets These ports will be allowed to receive packets from the port specified abo...

Страница 30: ...gure a mirror port 1 Change the status to Enabled 2 Select the Source Port from where you want to the frames to come from 3 Select the Target Port which receives the copies from the source port 4 Click Apply to let the changes take effect NOTE You cannot mirror a fast port onto a slower port For example if you try to mirror the traffic from a 100 Mbps port onto a 10 Mbps port this can cause throug...

Страница 31: ...irroring and 802 1X must not be enabled on the trunk group Further the aggregated links must all be of the same speed and should be configured as full duplex The Master Port of the group is to be configured by the user and all configuration options including the VLAN configuration that can be applied to the Master Port are applied to the entire link aggregation group Load balancing is automaticall...

Страница 32: ... LACP Port Settings The LACP Port Settings window is used to create port trunking groups on the switch Using the following window the user may set which ports will be active and passive in processing and sending LACP control frames To view this window click Switch Configuration LACP Port Settings as shown below Figure 36 LACP Port Settings menu The following fields can be set Parameter Description...

Страница 33: ...w this window click Switch Configuration Loopback Detection Settings as shown below Figure 37 Loopback Detection Settings menu The following parameters can be configured Parameter Description LBD State Used to Enable or Disable loopback detection The default is Disabled Mode Use the drop down menu to toggle between Port Based and VLAN Based Interval 1 32767 Set a Loopdetect Interval between 1 and ...

Страница 34: ... customer specific VLAN ID Q in Q expands the VLAN space available while preserving the customer s original tagged packets and adding SPVLAN tags to each new frame To view this window click Switch Configuration QinQ as shown below Figure 38 QinQ Settings menu The following fields can be set Parameter Description From Port To Port A consecutive group of ports that are part of the VLAN configuration...

Страница 35: ...uery The default is 600 The Leave Time must be greater than 2 join times Leave All Time 100 100000 The time in milliseconds that specifies the amount of time the Switch will take to Leave All groups The default is 10000 The Leave All Time must be greater than the Leave Time NNI BPDU Address This specifies the GVRP s pdu MAC address of the NNI port Dot1d Specifies GVRP s pdu MAC address of NNI port...

Страница 36: ...e port for transmission the port will add an 802 1Q tag using the PVID to write the VID in the tag When the packet arrives at its destination the receiving device will use the PVID to make VLAN forwarding decisions If the port receives a packet and Ingress filtering is enabled the port will compare the VID of the incoming packet to its PVID If the two are unequal the port will drop the packet If t...

Страница 37: ...ay State This field can be toggled between Enabled and Disabled using the pull down menu It is used to enable or disable the DHCP Relay service on the switch The default is Disabled DHCP Relay Hops Count Limit 1 16 This field allows an entry between 1 and 16 to define the maximum number of router hops DHCP messages can be forwarded across The default hop count is 4 DHCP Relay Time Threshold 0 6553...

Страница 38: ...ent the DHCP request Disabled If the field is toggled to Disabled the relay agent will not insert and remove DHCP relay information option 82 field in messages between DHCP servers and clients and the check and policy settings will have no effect DHCP Relay Agent Information Option 82 Check This field can be toggled between Enabled and Disabled using the pull down menu It is used to enable or disa...

Страница 39: ...ottom of the following window The user may add up to four server IP s per IP interface on the switch To view this window click System Configuration DHCP BOOTP Relay DHCP BOOTP Relay Interface Settings as shown below Figure 42 DHCP BOOTP Relay Interface Settings and DHCP BOOTP Relay Interface Table menu The following parameters may be configured or viewed Parameter Description Interface The IP inte...

Страница 40: ... do not forward packets In the STP port transition states disabled blocking or listening or in the RSTP port state discarding there is no functional difference the port is not active in the network topology Table 6 2 below compares how the two protocols differ regarding the port state transition All three protocols calculate a stable topology in the same way Every segment will have a single path t...

Страница 41: ... benefit from the rapid transition and rapid topology change detection of RSTP The protocol also provides for a variable used for migration in the event that legacy equipment on a segment is updated to use RSTP The Spanning Tree Protocol STP operates on two levels 1 On the switch level the settings are globally implemented 2 On the port level the settings are implemented on a per user defined grou...

Страница 42: ...ll become the Root Bridge The user may choose a time between 6 and 40 seconds The default value is 20 Bridge Hello Time 1 10 Sec The Hello Time can be set from 1 to 10 seconds This is the interval between two transmissions of BPDU packets sent by the Root Bridge to tell all other switches that it is indeed the Root Bridge Bridge Forward Delay 4 30 Sec The Forward Delay can be from 4 to 30 seconds ...

Страница 43: ...tings An STP Group will use the switch level parameters entered above with the addition of Port Priority and Port Cost An STP Group spanning tree works in the same way as the switch level spanning tree but the root bridge concept is replaced with a root port concept A root port is a port of the group that is elected based on port priority and port cost to be the connection to the network for the g...

Страница 44: ...ge port status if needed P2P Choosing the True parameter indicates a point to point P2P shared link P2P ports are similar to edge ports however they are restricted in that a P2P port must operate in full duplex Like edge ports P2P ports transition to a forwarding state rapidly thus benefiting from RSTP A p2p value of false indicates that the port cannot have p2p status Auto allows the port to have...

Страница 45: ... for configuring parameters associated with that particular MSTI Type This field allows the user to choose a desired method for altering the MSTI settings The user has two choices Add VID Select this parameter to add VIDs to the MSTI ID in conjunction with the VID List parameter Remove VID Select this parameter to remove VIDs from the MSTI ID in conjunction with the VID List parameter VID List 1 4...

Страница 46: ...e Settings View menu MSTP Port Information This window displays the current MSTP Port Information and can be used to update the port configuration for an MSTI ID If a loop occurs the MSTP function will use the port priority to select an interface to put into the forwarding state Set a higher priority value for interfaces to be selected for forwarding first In instances where the priority value is ...

Страница 47: ...nce The default setting is 0 auto There are two options 0 auto Selecting this parameter for the internalCost will set quickest route automatically and optimally for an interface The default value is derived from the media speed of the interface value 1 200000000 Selecting this parameter with a value in the range of 1 to 200000000 will set the quickest route when a loop occurs A lower Internal cost...

Страница 48: ...All CFM messages are confined to a maintenance domain per VLAN basis There are different message types which are identified by unique Opcode of the CFM frame payload CFM message types that are supported include Continuity Check Message CCM Loopback Message and Response LBM LBR and Linktrace Message and Response LTM and LTR CFM Global Settings This table is used to enable or disable the connectivit...

Страница 49: ...antial amount of CPU resources To meet the performance requirement the handling of CCM can be changed to hardware mode To view this window click Switch Configuration CFM CFM MD Settings as shown below Figure 50 CFM MD Settings menu Use the drop down menu to forward by Software or Hardware and click Apply CFM MA Settings This window is used to enable the CFM maintenance point reply Linktrace Respon...

Страница 50: ...ement Create MD MD Enter the maintenance domain name you wish to create Level Enter the maintenance domain level Connectivity Fault Management Settings MD MD Enter the maintenance domain name you wish to configure MIP This setting controls the creation of MIPs None Means that no MIPs will be created This is the default value Auto MIPs are created when the next lower active MD level on the port is ...

Страница 51: ... MAC Address The destination MAC address LBMs Number 1 65535 The number of LBMs to be sent the default value is 4 LBM Payload Length 0 1500 The payload length of the LBM to be sent the default value is O LBM Payload Pattern Max 1500 characters The arbitary amount of data to be included in a Data TLV along with the indication of whether the Data TLV is to be included LBMs Priority The 802 1p priori...

Страница 52: ...enance End Point between 1 and 8191 MD Name The Maintenance Domain Name MA Name The Maintenance Association Name MAC Address The destination MAC address TTL 2 255 The linktrace message TTL value The default value is 64 PDU Priority The 802 1p priority to be set in the transmitted LTM If the PDU Priority is not specified it uses the same priority as CCMs sent by the MA Click Apply to implement chan...

Страница 53: ...n VDSL Profiles VDSL Ports and VDSL Status which are described below VDSL Profiles The VDSL Profile window allows users to configure the settings for VDSL profiles of the switch These profiles once configured may be set to individual VDSL lines on the switch using the VDSL Ports window Features such as upstream and downstream rates and power settings can be configured per profile Click the VDSL Pr...

Страница 54: ...SL line to which this profile will be added Rate Adaptive Use Choose if the downstream mode is Rate Adaptive in which the switch automatically adjusts the downstream rate depending on the line conditions such as FEXT band plan limit or noise or Fixed to statically set the transfer rate above in the Max Downstream Rate field If a bad link is detected the Adaptive setting implements a shorter loop p...

Страница 55: ...Coding Enable or disable Trellis coding RFI Mode Enable or disable G 993 2 RFI cancellation BitSwap Enable or disable BitSwap VDSL2 Profile Select VDSL2 Profile PSD Mask Selection Environmental conditions especially radio interference can cause significant problems in any or all bands These masks will limit crosstalk between VDSL lines on the switch Choosing one of these masks will filter noise fr...

Страница 56: ...gure 58 VDSL Port table To attach a profile to a VDSL line use the pull down menu under the Profile heading select a pre configured profile and click the Attach button located under the Action heading To view the settings of a VDSL Port click the corresponding Port s Detail button which will produce the following read only window Figure 59 VDSL Port details menu 56 ...

Страница 57: ... loopback The following parameters can be viewed or set Parameter Description Line Specifies vdsl line to do loop back function Choose Side co side Specifies that loop back test is internal eoc Specifies that loop back test is external via VDSL EOC channel cpe side Specifies that loop back test is external via VDSL DATA channel Times How many times to run loop back test Packet size Specifies pcket...

Страница 58: ...DAS 3626 VDSL2 Switch User Manual VDSL Status Figure 62 VDSL Bitmap Status display 58 ...

Страница 59: ... Switch User Manual Section 5 Multicasting IGMP Snooping Settings IPv4 Multicasting Settings IPv4 Limited Multicast Range Settings IPv4 Max Multicast Group Settings Multicasting Forwarding Multicast Filtering Mode 59 ...

Страница 60: ...n open or close a port to a specific multicast group member based on IGMP messages sent from the device to the IGMP host or vice versa The switch monitors IGMP messages and discontinues forwarding multicast packets when there are no longer hosts requesting that they continue IGMP Snooping Settings Use the IGMP Snooping Settings window to enable or disable IGMP Snooping on the switch To modify the ...

Страница 61: ... field specifies the maximum amount of time between group specific query messages including those sent in response to leave group messages Default 1 Querier State Choose Enabled to enable transmitting IGMP Query packets or Disabled to disable The default is Disabled Fast Leave This parameter allows the user to enable the Fast Leave function Enabled this function will allow members of a multicast g...

Страница 62: ...y to implement changes made IGMP Snooping Static Group Settings This table is used to configure the current IGMP snooping static group information on the switch To view this window click Switch Configuration IGMP Snooping IGMP Snooping Static Group Settings as shown below Figure 67 IGMP Snooping Static Group Settings menu The following parameters can be configured Parameter Description VLAN Name T...

Страница 63: ...ings as shown below Figure 68 IGMP Multicast Group Profile Settings menu To configure the multicast address list once a profile has been created click on the hyperlinked Group List to reveal the following window Figure 69 IGMP Multicast Group Profile Settings menu Group List Enter the Multicast Address List and click Add the new information will be displayed in the table Click Back to return to th...

Страница 64: ...s for VID 2 4094 This is the VLAN ID that along with the VLAN Name identifies the VLAN the user wishes to modify the IGMP Snooping Settings for State Use the drop down menu to toggle between Enabled and Disabled Replace Source IP Enter an IP address that new IP address to be used Member Port e g 1 4 6 Select the ports that will be members of the Multicast VLAN Eg Ports 1 to 4 and port 6 Source Por...

Страница 65: ...ick Switch Configuration IGMP Snooping IPv4 Multicast Profile Settings as shown below Figure 71 IPv4 Multicast Profile Settings menu The following fields can be set Parameter Description Profile ID Use the drop down menu to choose a Profile ID Profile Name Enter a name for the IPv4 Multicast Profile To edit and entry click the corresponding Edit button and to delete an entry click the correspondin...

Страница 66: ... new IPv 4 Max Multicast Group enter the information and click Apply to search for an entry click Find MLD Snooping Multicast Listener Discovery MLD Snooping is an IPv6 function used similarly to IGMP snooping in IPv4 It is used to discover ports on a VLAN that are requesting multicast data Instead of flooding all ports on a selected VLAN with multicast traffic MLD snooping will only forward multi...

Страница 67: ...beled as 131 in the ICMP packet header this message is sent by the listening host to the switch stating that it is interested in receiving multicast data from a multicast address in response to the Multicast Listener Query message 3 Multicast Listener Done Akin to the Leave Group Message in IGMPv2 and labeled as 132 in the ICMPv6 packet header this message is sent by the multicast listening host s...

Страница 68: ...lt is 1 second Data Driven Group Expiry Time 1 65535 Specifies the data driven group expiry in seconds The user may specify a time between 1 and 65535 with a default setting of 260 seconds Querier State The default is Disabled If the field displays Disabled it will always be in MLD Snooping non querier state Fast Done Used to enable or disable the fast done state of the switch This field is disabl...

Страница 69: ...Limit Settings menu The following parameters may be viewed or modified Parameter Description Port List Specifies a port or range ports to configure or display VLAN List Specifies a VLAN or range of VLANs to configure or display Rate Limit Specifies the rate of MLD control packets that the switch can process on a specific port The rate is specified in packets per second The packet that exceeds the ...

Страница 70: ...tatic Group Settings menu The following parameters may be viewed or modified Parameter Description VLAN Name Specifies the name of the VLAN for which to configure the MLD snooping static group information VLAN List Specifies the list of the VLAN IDs for which to configure the MLD snooping static group information IPv6 Address Specifies the static group IPv6 address for which to configure the MLD s...

Страница 71: ...perlinked Group List to reveal the following window Figure 83 Multicast Group Profile Multicast Address Settings menu Group List Enter the Multicast Address List and click Add the new information will be displayed in the table Click Back to return to the IGMP Multicast Group Profile Settings window and click Delete to remove an entry MLD Snooping Multicast VLAN Settings This window is used to conf...

Страница 72: ...le describe how to set up Multicast Forwarding on the switch To view this window click Switch Configuration Forwarding Filtering Multicast Forwarding as shown below Figure 85 Multicast Forwarding menu The following parameters can be set Parameter Description VID The VLAN ID of the VLAN to which the corresponding MAC address belongs Multicast MAC Address The MAC address of the static source of mult...

Страница 73: ... the Multicast Filtering settings on the switch It allows users to configure the switch to forward or filter the Unregistered Groups per VLAN To view this window click Switch Configuration Forwarding Filtering Multicast Filtering Mode as shown below Figure 86 Multicast Filtering Mode menu 73 ...

Страница 74: ...e switch by monitoring the switch s chip counter This method is only viable for Broadcast and Multicast storms because the chip only has counters for these two types of packets Once a storm has been detected that is once the packet threshold set below has been exceeded the switch will shutdown the port to all incoming traffic with the exception of STP BPDU packets for a time period specified using...

Страница 75: ...ing packets exceed the Threshold value The Interval may be set between 5 and 30 seconds with the default setting of 5 seconds Threshold 0 255000 Specifies the maximum number of packets per second that will trigger the Traffic Control function to commence The configurable threshold range is from 0 to 255000 with a default setting of 131072 Storm Control Type Select the type of Storm Type to detect ...

Страница 76: ...ntion Bandwidth Control Traffic Control 802 1p Default Priority 802 1p User Priority QoS Scheduling Mechanism QoS Scheduling In Band Manage Settings SRED The following section discusses the implementation of 802 1p priority queuing as it is supported on the switch 76 ...

Страница 77: ...ned to the Switch s Q2 queue Priority 1 is assigned to the Switch s Q0 queue Priority 2 is assigned to the Switch s Q1 queue Priority 3 is assigned to the Switch s Q3 queue Priority 4 is assigned to the Switch s Q4 queue Priority 5 is assigned to the Switch s Q5 queue Priority 6 is assigned to the Switch s Q6 queue Priority 7 is assigned to the Switch s Q7 queue For strict priority based schedulin...

Страница 78: ...his window click QoS Bandwidth Control as shown below Figure 88 Bandwidth Control menu The following parameters can be set or are displayed Parameter Description From port To port A consecutive group of ports may be configured starting with the selected port Type This drop down menu allows you to select between RX receive TX transmit and Both This setting will determine whether the bandwidth ceili...

Страница 79: ...port on the switch The priority queues are numbered from 0 the lowest priority to 7 the highest priority Click Apply to implement your settings 802 1p User Priority The switch allows the assignment of a user priority to each of the 802 1p priorities To view this window click QoS 802 1p User Priority as shown below Figure 90 802 1p User Priority menu Once you have assigned a priority to the port gr...

Страница 80: ...chanism The following parameters can be configured Parameter Description From Port To Port Enter the port or port list you wish to configure Scheduling Mechanism Strict The highest class of service is the first to process traffic That is the highest class of service will finish before other queues empty Weighted Round Robin Use the weighted round robin WRR algorithm to handle packets in an even di...

Страница 81: ... process traffic That is the highest class of service will finish before other queues empty Weight Use the weighted round robin WRR algorithm to handle packets in an even distribution in priority classes of service When Weight is selected a field appears next to this field for the user to specify the maximium number of packets The specified hardware priority queue will be allowed to transmit befor...

Страница 82: ...oS In Band Manage Settings as shown below Figure 93 In Band Manage Settings Select the priority and click Apply DSCP Trust Settings This window is used to enable DSCP Trust Settings on the switch To view this window click QoS SRED DSCP Trust Settings as shown below Figure 94 DSCP Trust Settings menu Select the port or port range you wish to Enable or Disable and click Apply DSCP Map Settings This ...

Страница 83: ... are forwarded to Once this field is specified packets accepted by the switch that match this priority are forwarded to the CoS queue specified previously by the user Click Apply to implement changes 802 1p Map Settings This window is used to enable 802 1p Map Settings To view this window click QoS SRED 802 1p Map Settings as shown below Figure 96 DSCP Map Settings menu The following parameters ma...

Страница 84: ...ecified on a basis of Packet Content MAC address or IP address Due to a chipset limitation the switch supports a maximum of 12 access profiles The rules used to define the access profiles are limited to a total of 1536 rules for the switch ACL Configuration Wizard The ACL Configuration Wizard will aid with the creation of access profiles and ACL rules The ACL Wizard will create the access rule and...

Страница 85: ... Deny to specify the packets that match the access profile to be filtered Select Mirror to specify that packets that match the access profile are mirrored to a port defined in the config mirror port command Port Mirroring must be enabled and a target port must be set Option Use the pull down menu to select an option the user can choose between Rate Limiting Change 1P Priority Replace DSCP and Repl...

Страница 86: ...d using the radio button to select an ACL Type and click Select The user may remove all Access Profiles by clicking the Delete All button The page shown below is the Ethernet Access Profile Configuration page Figure 99 Add Access Profile Ethernet If creating an Ethernet ACL enter the Profile ID and Profile Name and click Select the following window will appear Figure 100 Add Ethernet ACL Profile m...

Страница 87: ... a mask to check the content of the packet header 802 1Q VLAN Selecting this option instructs the switch to examine the VLAN identifier of each packet header and use this as the full or partial criterion for forwarding 802 1P Selecting this option instructs the switch to examine the 802 1p priority value of each packet header and use this as the or part of the criterion for forwarding Ethernet Typ...

Страница 88: ... Profile Details Ethernet To return to the Access Profile List click Show All Profiles to add a rule to a previously configured entry click on the corresponding Add View Rules which will reveal the following window Figure 103 Access Profile Ethernet 88 ...

Страница 89: ...r a replace priority manually if you want to re write the 802 1p default priority of a packet to the value entered in the Priority field which meets the criteria specified previously in this command before forwarding it on to the specified CoS queue Otherwise a packet will have its incoming 802 1p user priority re written to its original value before being forwarded by the switch Replace DSCP 0 63...

Страница 90: ...o create an IPv4 ACL select IPv4 enter the Profile ID and Profile Name into the top half of the screen in the Add ACL Profile window and click Select the following window will appear Figure 106 Add IPv4 ACL Profile Click on the boxes at the top of the table which will then turn red and reveal parameters for configuration To create a new entry enter the correct information and click Create To retur...

Страница 91: ...ernet Group Management Protocol IGMP field in each frame s header Select Type to further specify that the access profile will apply an IGMP type value Select TCP to use the TCP port number contained in an incoming packet as the forwarding criterion Selecting TCP requires that you specify a source port mask and or a destination port mask The user may also identify which flag bits to filter Flag bit...

Страница 92: ...ton To add a rule to the Access Profile entry click the Add View Rules button Figure 107 Access Profile List IPv4 To view the configurations for previously configured entry click on the corresponding Show Details Button which will display the following window Figure 108 Access Profile Details IPv4 To return to the Access Profile List click Show All Profiles to add a rule to a previously configured...

Страница 93: ...e selected criteria with the value entered in the adjacent field Replace ToS Precedence Select this option to instruct the switch to replace the Type of Service as part of the packet header VLAN Mask Allows the entry of a name for a previously configured VLAN VLAN ID Allows the entry of a VLAN ID for a previously configured VLAN DSCP Selecting this option instructs the switch to examine the DiffSe...

Страница 94: ...ame into the top half of the screen in the Add ACL Profile window and click Select the following window will appear Figure 112 Add IPv6 ACL Profile Click on the boxes at the top of the table which will then turn red and reveal parameters for configuration To create a new entry enter the correct information and click Create To return to the Access Profile List page click Back 94 ...

Страница 95: ...the rule applies to UDP traffic The user can enter a specific UDP Source Port Mask or UDP Destination Port Mask IPv6 Address IPv6 Source Address Enter an IPv6 address to be used as the source address mask IPv6 Destination Address Enter an IPv6 address that will be used as the destination address mask NOTE At any one time the user can only choose IPv6 class and IPv6 Flow Label together or IPv6 Addr...

Страница 96: ...ss Profile Details IPv6 To return to the CPU Access Profile List click Show All Profiles to add a rule to a previously configured entry click on the corresponding Add View Rules which will reveal the following window Figure 115 Access Profile IPv6 96 ...

Страница 97: ... written to its original value before being forwarded by the switch Replace DSCP Select this option to instruct the switch to replace the DSCP value in a packet that meets the selected criteria with the value entered in the adjacent field Replace ToS Precedence Select this option to instruct the switch to replace the Type of Service as part of the packet header Class Entering a class will instruct...

Страница 98: ...e Name into the top half of the screen in the Add ACL Profile window and click Select the following window will appear Figure 118 Add Packet Content ACL Profile Click on the boxes at the top of the table which will then turn red and reveal parameters for configuration To create a new entry enter the correct information and click Create To return to the Access Profile List page click Previous Page ...

Страница 99: ... packet_content_mask profile can be created With this advanced unique Packet Content Mask also known as Packet Content Access Control List ACL the D Link switch family can effectively mitigate some network attacks like the common ARP Spoofing attack that is wide spread today This is why the Packet Content ACL is able to inspect any specified content of a packet in different protocol layers Click A...

Страница 100: ... Details Packet Content To return to the CPU Access Profile List click Show All Profiles to add a rule to a previously configured entry click on the corresponding Add View Rules which will reveal the following window Figure 121 Access Profile Packet Content 100 ...

Страница 101: ...ace ToS Precedence Select this option to instruct the switch to replace the Type of Service as part of the packet header Chunk This field will instruct the switch to mask the packet header beginning with the offset value specified Rx Rate 1 15624 Use this to limit Rx bandwidth for the profile being configured This rate is implemented using the following equation 1 value 64Kbit sec ex If the user s...

Страница 102: ...et Content ACL to prevent ARP spoofing attack please see Appendix B at the end of this manual ACL Finder This window is used to help find a previously configured ACL entry To search for an entry enter the profile ID from the drop down menu select a port that you wish to view define the state and click Find the table on the lower half of the screen will display the entries To delete an entry click ...

Страница 103: ...Ns Entries menu To create a new 802 1Q VLAN entry or edit an existing one click the Add Edit VLAN tab at the top of the 802 1Q VLAN window A new window will appear as shown below to configure the port settings and to assign a unique name and number to the new VLAN See the table below for a description of the parameters in the new window NOTE After all IP interfaces are set for your configurations ...

Страница 104: ...click the corresponding Edit button A new window will appear to configure the port settings and to assign a unique name and number to the new VLAN See the table below for a description of the parameters in the new menu NOTE The switch supports up to 4k static VLAN entries Figure 127 802 1Q VLAN menu Edit menu The following fields can then be set in either the Add Edit VLAN or Edit 802 1Q VLAN wind...

Страница 105: ...ual port to be specified as member of a VLAN Tagged Specifies the port as 802 1Q tagged Checking the box will designate the port as Tagged Untagged Specifies the port as 802 1Q untagged Checking the box will designate the port as untagged Forbidden Select this to specify the port as not being a member of the VLAN and that the port is forbidden from becoming a member of the VLAN dynamically Not Mem...

Страница 106: ...s function will allow the switch to send out GVRP packets to outside sources notifying that they may join the existing VLAN Port List e g 1 5 Allows an individual port list to be added or deleted as a member of the VLAN Tagged Specifies the port as 802 1Q tagged Checking the box will designate the port as Tagged Untagged Specifies the port as 802 1Q untagged Checking the box will designate the por...

Страница 107: ...ings menu The following fields can be set Parameter Description Group ID Select an ID number for the group between 1 and 16 Group Name This is used to identify the new Protocol VLAN group Type an alphanumeric string of up to 32 characters Protocol This function maps packets to protocol defined VLANs by examining the type octet within the packet header to discover the type of protocol associated wi...

Страница 108: ...tch this priority are forwarded to the CoS queue specified previously by the user Click the corresponding box if you want to set the 802 1p default priority of a packet to the value entered in the Priority 0 7 field which meets the criteria specified previously in this command before forwarding it on to the specified CoS queue Otherwise a packet will have its incoming 802 1p user priority re writt...

Страница 109: ...DAS 3626 VDSL2 Switch User Manual Section 10 Security Safeguard Engine Trusted Host Port Security MAC Spoofing Access Authentication Control 109 ...

Страница 110: ...tch will again begin accepting all packets Yet if the checking shows that there continues to be too many packets flooding the switch it will still only accept a small amount of ARP and IP broadcast packets for double the time of the previous stop period This doubling of time for stopping ingress ARP and IP broadcast packets will continue until the maximum time has been reached which is 320 seconds...

Страница 111: ... switch leaves the Exhausted state and returns to normal mode Trap log Use the pull down menu to enable or disable the sending of messages to the device s SNMP agent and switch log once the Safeguard Engine has been activated by a high CPU utilization rate Mode Toggle the State field to either Strict or Fuzzy for the Safeguard Engine of the switch Click Apply to implement the settings made Trusted...

Страница 112: ...rt Security Port Settings menu The following parameters can be set Parameter Description From Port To Port A consecutive group of ports may be configured starting with the selected port Admin State This pull down menu allows you to enable or disable Port Security locked MAC address table for the selected ports Lock Address Mode This pull down menu allows you to select how the MAC address table loc...

Страница 113: ...ation query At this point the switch receives the timeout from the server and then moves to the next method of verification configured in the method list The switch has four built in Authentication Server Groups one for each of the TACACS XTACACS TACACS and RADIUS protocols These built in Authentication Server Groups are used to authenticate users trying to access the switch The users will set Aut...

Страница 114: ... setting is 30 seconds User Attempts 1 255 This command will configure the maximum number of times the switch will accept authentication attempts Users failing to be authenticated after the set amount of attempts will be denied access to the switch and will be locked out of further authentication attempts Command line interface users will have to wait 60 seconds before another authentication attem...

Страница 115: ... by the user See the Enable Method Lists window in this section for more information Click Apply to implement changes made Authentication Server Group This window will allow users to set up Authentication Server Groups on the switch A server group is a technique used to group TACACS XTACACS TACACS RADIUS server hosts into user defined categories for authentication using method lists The user may d...

Страница 116: ...tocols are separate entities and are not compatible with each other Authentication Server This window will set user defined Authentication Server Hosts for the TACACS XTACACS TACACS RADIUS security protocols on the switch When a user attempts to access the switch with Authentication Policy enabled the switch will send authentication packets to a remote TACACS XTACACS TACACS RADIUS server host on a...

Страница 117: ... but remember that TACACS XTACACS TACACS are separate entities and are not compatible with each other Login Method Lists This command will configure a user defined or default Login Method List of authentication techniques for users logging on to the switch The sequence of techniques implemented in this command will affect the authentication result For example if a user enters a sequence of techniq...

Страница 118: ...er to be authenticated using the local user account database on the switch none Adding this parameter will require no authentication to access the switch Enable Method Lists The Enable Method List Settings window is used to set up Method Lists to promote users with user level privileges to Administrator Admin level privileges using authentication methods on the switch Once a user acquires normal u...

Страница 119: ...ng this parameter will require the user to be authenticated using the local enable password database on the switch The user in the next section entitled Local Enable Password must set the local enable password none Adding this parameter will require no authentication to access the switch radius Adding this parameter will require the user to be authenticated using the RADIUS protocol from a remote ...

Страница 120: ...gured for this entry enter it here in order to change it to a new password New Local Enable Password Enter the new password that you wish to set on the switch to authenticate users attempting to access Administrator Level privileges on the switch The user may set a password of up to 15 characters Confirm Local Enable Password Confirm the new password entered above Entering a different password her...

Страница 121: ... Network When enabled the switch will send informational packets to a remote RADIUS server when network events occur on the switch Shell When enabled the switch will send informational packets to a remote RADIUS server when a user either logs in logs out or times out on the switch using the console Telnet or SSH System When enabled the switch will send informational packets to a remote RADIUS serv...

Страница 122: ... Settings CPE Server Settings CPE VLAN Settings CPE ProtoVLAN Settings CPE QoS Settings CPE Firmware CPE Loopback The following menus are used for configuration of features for CPE Customer Premises Equipment devices connected to VDSL lines of the switch Each CPE is equipped with four Ethernet ports that can be configured individually here for VLAN settings QoS and Speed 122 ...

Страница 123: ...cluding the model firmware version MAC address and VDSL firmware version The following parameters are configured in the CPE Basic Information menu Parameter Description System Password Enter a password used for the CPE administrator and click on the Apply button Current Mode Choose to operate CPE in Router or Bridge Mode click on Apply PTM Interface Select the PTM connection if applicable on which...

Страница 124: ...nu Parameter Description Wireless Port Status Choose to enable or disable the wireless interface if applicable and click on the Apply button Default Disabled NAT Status Choose to enable or disable NAT for the CPE and click on Apply Default Enabled IGMP Snooping Status Choose the Connection to which the IGMP Snooping settings are applied then choose enable or disable IGMP Snooping default Enabled A...

Страница 125: ... the Connection Select menu to choose the CPE connection to which the settings are applied Use the WAN Mode Select pull down menu to choose the WAN settings for the selected CPE connection Enter an MTU value and click on the Apply button For Static connections continue to configure Static IP Address settings in the menu below Static IP settings Configure Static IP Address settings including Static...

Страница 126: ... account user name used to establish the PPPoE connection Password Type in the account password used to establish the PPPoE connection VLAN ID Enter the VLAN ID used for the CPE Service Name Enter the Service Name for the PPPoE connection optional Host Name Enter the Host Name for the PPPoE connection optional Idle Timeout Enter the amount of time in minutes allowed for the connection to be idle f...

Страница 127: ...ter being set to set these configurations in the memory of the switch CPE Server Status To view the CPE Basic Information menu click CPE Management CPE Server Status Figure 149 CPE Server Status Select the CPE unit to be configured with the pull down line menu and click on the Display button The status of the line is displayed Use the menu to enable or disable various standard network serices on t...

Страница 128: ...ol Based VLAN Settings menu To configure port based VLAN settings select the Port Based VLAN radio button click on Apply and configure the settings visble in this menu The following parameters are configured in the CPE VLAN Settings port based VLAN menu Parameter Description PVID Setting Configure the LAN ports for PVID and 802 1p values Click on Apply to save the settings VLAN ID Choose the taggi...

Страница 129: ... Delete buttone Figure 151 CPE Protocol VLAN Settings table Select the CPE unit to be configured with the pull down line menu and click on the Display button Click the Add button to configure settings in a new menu Figure 152 CPE Protocol VLAN configuration menu Select the Mapping Type used for the Protocol VLAN the menu options allowed change according to what type of mapping is used Configure th...

Страница 130: ...ings Figure 153 CPE QoS Settings menu Choose the QoS classification used and click on the Apply button The User Define option requires additional configuration in a new menu Figure 154 User Define rule configuration for CPE Configure the Priority Protocol and IP source and destination settings In addition the Mark QoS Information settings can be configured to use 802 1p ToS or DSCP Click on Apply ...

Страница 131: ...To change a rule click on the Edit button for the rule to change To remove a filter rule click on the Delete button for that rule To crate a new filter rule click on the Add aNew Rule button a new menu appears Figure 156 Add Filter Rule for CPE Use the State radio button to make the new rule Active or Inactive Choose to Allow or Deny forwarding according to the rule being created and configure the...

Страница 132: ...he read only table lists all dynamic MAC address entries in the CPE forwarding database with the VID and Port information CPE CFM To view the CPE CFM Setting menu click CPE Management CPE CFM Figure 158 CPE CFM Setting menu Select the CPE unit to be configured with the pull down line menu and click on the Display button Use the menu to enable or disable CFM and CCM on the CPE Click on the Apply bu...

Страница 133: ...an SNMP Agent on the CPE and click on Apply for the agent status Configure administrator contact information SNMP Community and Traps settings in separate menus CPE Firmware To upgrade CPE firmware choose the line of the CPE being upgraded enter the IP address of the server where the firmware is located together with the complete file name and path of and click the Upgrade button To view the menu ...

Страница 134: ... the Display button Choose the Packet Count and Packet Length used for the test and click Apply The test results appear in the bottom half of the menu CPE Maintenance To view the CPE Maintenance menu click CPE Management CPE Maintenance Figure 161 CPE Maintenance menu Use the CPE Maintenance menu to perform a simple reboot save configuration settings to reset the configuration settings without cha...

Страница 135: ...work funtion status VDSL Status Alarm View alarm status for each line Figure 162 VDSL Alarms 15 Min ES SES UAS This status window allows you to display Downstream Upstream information for either Error Second ES Severely Errored Second SES or Unavailable Second UAS View ES SES UAS statistics for 15 minute interval Figure 163 15 Min ES SES UAS 135 ...

Страница 136: ... Downstream Upstream information for either Error Second ES Severely Errored Second SES or Unavailable Second UAS View ES SES UAS statistics for 1 Day interval Figure 164 1 Day ES SES UAS VDSL PM Threshold Use this to set the near end and far end PM threshold Figure 165 VDSL PM Threshold Click Apply to set the threshold settings 136 ...

Страница 137: ...the real time graphic of the switch and or switch stack at the top of the web page by simply clicking on a port Click Apply to implement the configured settings The window will automatically refresh with new updated statistics Change the view parameters as follows Parameter Description Time Interval Select the desired setting between 1s and 60s where s stands for seconds The default value is one s...

Страница 138: ... by using the Port pull down menu The user may also use the real time graphic of the switch at the top of the web page by simply clicking on a port Change the view parameters as follows Parameter Description Port Use the drop down menu to choose the port that will display statistics Time Interval Select the desired setting between 1s and 60s where s stands for seconds The default value is one seco...

Страница 139: ... six groups and classed by size to be viewed as either a line graph or a table Two windows are offered To select a port to view these statistics for select the port by using the Port pull down menu The user may also use the real time graphic of the switch at the top of the web page by simply clicking on a port To view this window click Status Packet Ports Packet Size as shown below Figure 168 Pack...

Страница 140: ...ceived that were between 128 and 255 octets in length inclusive excluding framing bits but including FCS octets 256 511 The total number of packets including bad packets received that were between 256 and 511 octets in length inclusive excluding framing bits but including FCS octets 512 1023 The total number of packets including bad packets received that were between 512 and 1023 octets in length ...

Страница 141: ...al time graphic of the switch at the top of the web page by simply clicking on a port To view this window click Status Packet Ports Received RX as shown below Figure 170 Received RX menu for Bytes and Packets To view the Received RX Table window click View Table Figure 171 Received RX Table menu for Bytes and Packets The following fields may be set or viewed Parameter Description Port Use the drop...

Страница 142: ...the port Unicast Counts the total number of good packets that were received by a unicast address Multicast Counts the total number of good packets that were received by a multicast address Broadcast Counts the total number of good packets that were received by a broadcast address Show Hide Check whether to display Bytes and Packets Clear Clicking this button clears all statistics counters on this ...

Страница 143: ...Port pull down menu The user may also use the real time graphic of the switch at the top of the web page by simply clicking on a port To view this window click Monitoring Packets UMB_cast RX as shown below Figure 172 UMB_cast RX menu for Unicast Multicast and Broadcast Packets To view the UMB_cast RX Table window click the View Table link Figure 173 UMB_cast RX Table menu for Unicast Multicast and...

Страница 144: ...e port Packets Counts the number of packets successfully sent on the port Unicast Counts the total number of good packets that were received by a unicast address Multicast Counts the total number of good packets that were received by a multicast address Broadcast Counts the total number of good packets that were received by a broadcast address Show Hide Check whether or not to display Multicast Br...

Страница 145: ...wn menu The user may also use the real time graphic of the switch at the top of the web page by simply clicking on a port To view this window click Status Packet Ports Transmitted TX as shown below Figure 174 Transmitted TX menu for Bytes and Packets To view the Transmitted TX Table window click the link View Table Figure 175 Transmitted TX Table menu for Bytes and Packets 145 ...

Страница 146: ... on the port Packets Counts the number of packets successfully sent on the port Unicast Counts the total number of good packets that were transmitted by a unicast address Multicast Counts the total number of good packets that were transmitted by a multicast address Broadcast Counts the total number of good packets that were transmitted by a broadcast address Show Hide Check whether or not to displ...

Страница 147: ... a port to view these statistics for select the port by using the Port pull down menu The user may also use the real time graphic of the switch at the top of the web page by simply clicking on a port To view this window click Status Error Ports Received RX as shown below Figure 176 Received RX menu for errors To view the Received RX Table window for errors click the link View Table which will show...

Страница 148: ...ed that were longer than 1518 octets and less than the MAX_PKT_LEN Internally MAX_PKT_LEN is equal to 1536 Fragment The number of packets less than 64 bytes with either bad framing or an invalid CRC These are normally the result of collisions Jabber Counts invalid packets received that were longer than 1518 octets and less than the MAX_PKT_LEN Internally MAX_PKT_LEN is equal to 1536 Drop The numbe...

Страница 149: ...u The user may also use the real time graphic of the switch at the top of the web page by simply clicking on a port To view this window click Status Error Ports Transmitted TX as shown below Figure 178 Transmitted TX menu for errors To view the Transmitted TX Table window click the link View Table which will show the following table Figure 179 Transmitted TX Table menu for errors 149 ...

Страница 150: ...yte octet boundary LateColl Counts the number of times that a collision is detected later than 512 bit times into the transmission of a packet ExColl Excessive Collisions The number of packets for which transmission failed due to excessive collisions SingColl Single Collision Frames The number of successfully transmitted packets for which transmission is inhibited by more than one collision Collis...

Страница 151: ...anual Utilization Memory Utilization This window is used to display the utilization of the CPU and memory on the switch To view this window click Status Utilization Memory Utilization as shown below Figure 180 Packet Size Table menu Click Refresh to reload the display 151 ...

Страница 152: ...d between 1 and 10 seconds for this Ping message to reach its destination If the packet fails to find the IPv4 address in this specified time the Ping packet will be dropped IPv6 Ping Test Target IP Address Enter the Target IPv6 Address of the host Interface Name Enter the Target Interface Name of the host Repeat Pinging for Check the Infinite times radio button which will tell the ping program to...

Страница 153: ...e the firmware version was downloaded to the switch From States the IP address of the origin of the firmware There are five ways firmware may be downloaded to the switch R If the IP address has this letter attached it denotes a firmware upgrade through the serial port RS232 T If the IP address has this letter attached to it it denotes a firmware upgrade through Telnet S If the IP address has this ...

Страница 154: ...ate the file transfer To view this window click Maintenance Firmware Upgrade as shown below Figure 183 Firmware Upgrade menu Configuration File Backup Restore This screen is used to upgrade configuration files from the Commander switch to the Member switch using a TFTP server Member switches will be listed in the table and will be specified by ID Port port on the CS where the MS resides MAC Addres...

Страница 155: ...he switch allows groups of users to be listed and configured with a shared set of privileges The SNMP version may also be set for a listed group of SNMP managers Thus you may create a group of SNMP managers that are allowed to view read only information or receive traps using SNMPv1 while assigning a higher level of security to another group granting read write privileges using SNMPv3 Using SNMPv3...

Страница 156: ...y strings that define which MIB objects can be accessed by a remote SNMP manager To view this window click Configuration SNMP Settings SNMP View Table as shown below Figure 186 SNMP View Table menu The following parameters can be set Parameter Description View Name Type an alphanumeric string of up to 32 characters This is used to identify the new SNMP view being created Subtree OID Type the Objec...

Страница 157: ...e SNMP trap messages generated by the switch s SNMP agent User based Security Model SNMPv1 Specifies that SNMP version 1 will be used SNMPv2 Specifies that SNMP version 2c will be used The SNMPv2 supports both centralized and distributed network management strategies It includes improvements in the Structure of Management Information SMI and adds some security features SNMPv3 Specifies that the SN...

Страница 158: ...SNMP V3 Encryption Password Indicates that there is SNMP V3 Encryption through a password Key Indicates that there is SNMP V3 Encryption through a key Auth Protocol by Password MD5 Indicates that the HMAC MD5 96 authentication level will be used SHA Indicates that the HMAC SHA authentication protocol will be used Priv Protocol by Password None Indicates that no authorization protocol is in use DES...

Страница 159: ...MP community To view this window click Maintenance SNMP Settings SNMP Community Table as shown below Figure 189 SNMP Community Table menu The following parameters can set Parameter Description Community Name Type an alphanumeric string of up to 32 characters that is used to identify members of an SNMP community This string is used like a password to give remote SNMP managers access to MIB objects ...

Страница 160: ...es that SNMP version 1 will be used SNMPV2c Specifies that SNMP version 2 will be used SNMPV3 To specify that the SNMP version 3 will be used Security Level NoAuthNoPriv To specify a NoAuthNoPriv security level AuthNoPriv To specify an AuthNoPriv security level AuthPriv To specify an AuthPriv security level Community String SNMP V3 User Name Type in the community string or SNMP V3 user name as app...

Страница 161: ...lid source Encryption scrambles the contents of messages to prevent it being viewed by an unauthorized source Security Level When SNMPv3 is in use it is necessary to choose the security level Use the drop down menu to select from the following noauth_nopriv Specifies that there will be no authorization and no encryption of packets sent between the switch and a remote SNMP manager auth_nopriv Speci...

Страница 162: ...ble and disable trap settings for the SNMP function on the switch To view this window click Maintenance SNMP Settings SNMP Trap Configuration as shown below Figure 193 SNMP Trap Configuration menu To enable or disable the Traps State and or the Authenticate Traps State use the corresponding pull down menu to change and click Apply 162 ...

Страница 163: ...e Fan recovered Critical Upload Download Firmware upgraded successfully Firmware upgraded by console telnet WEB SSH SNMP SIM successfully Username username Informational Firmware upgrade was unsuccessful Firmware upgrade by console telnet WEB SSH SNMP SIM was unsuccessful Username username Warning Configuration successfully downloaded Configuration successfully downloaded by console telnet WEB SSH...

Страница 164: ...ough Web SSL Login failed through Web SSL Username username Warning Logout through Web SSL Logout through Web SSL Username username Informational Web SSL session timed out Web SSL session timed out Username username Informational Telnet Successful login through Telnet Successful login through Telnet Username username IP ipaddr MAC macaddr Informational Login failed through Telnet Login failed thro...

Страница 165: ...local method Username username Informational Login failed through Console authenticated by AAA local method Login failed through Console authenticated by AAA local method Username username Warning Successful login through Web authenticated by AAA local method Successful login through Web from userIP authenticated by AAA local method Username username MAC macaddr Informational Login failed through ...

Страница 166: ...ough Console authenticated by AAA server Successful login through Console authenticated by AAA server serverIP Username username Informational Login failed through Console authenticated by AAA server Login failed through Console authenticated by AAA server serverIP Username username Warning Successful login through Web authenticated by AAA server Successful login through Web from userIP authentica...

Страница 167: ...ssful Enable Admin through Telnet from userIP authenticated by AAA local_enable method Username username MAC macaddr Informational Enable Admin failed through Telnet authenticated by AAA local_enable method Enable Admin failed through Telnet from userIP authenticated by AAA local_enable method Username username MAC macaddr Warning Successful Enable Admin through SSH authenticated by AAA local_enab...

Страница 168: ... serverIP Username username MAC macaddr Informational Enable Admin failed through SSH authenticated by AAA server Enable Admin failed through SSH from userIP authenticated by AAA server serverIP Username username MAC macaddr Warning Login failed through Console due to AAA server timeout or improper configuration Login failed through Console due to AAA server timeout or improper configuration Usern...

Страница 169: ...AAA server serverIP Protocol protocol response is wrong Warning AAA doesn t support this functionality AAA doesn t support this functionality Informational Port Security Port security has exceeded its maximum learning size and will not learn any new addresses Port security violation mac addrss macaddr on locking address full port unitID portNum Warning Safeguard Engine Safeguard Engine is in norma...

Страница 170: ...s IP s MAC s Port s Warning CFM Cross connect is detected CFM cross connect VLAN vlanid Local MD Level mdlevel Port unitID portNum Direction mepdirection Remote MEPID mepid MAC macaddr Critical Error CFM CCM packet is detected CFM remote setting error MD Level mdlevel VLAN vlanid Local Port unitID portNum Direction mepdirection Remote MEPID mepid MAC macaddr Warning Can not receive remote MEP s CC...

Страница 171: ...with ingressBandwidth to port portNum account username Informational Egress bandwidth assigned from RADIUS server after RADIUS client authenticated by RADIUS server successfully This egress bandwidth will assign to the port Radius server ipaddr assigned egress bandwith egressBandwidth to port portNum account username Informational 802 1p default priority assigned from RADIUS server after RADIUS cl...

Страница 172: ... Informational Proprietary Trap List Trap Name OID Variable Bind Format MIB Name Severity swL2macNotification 1 3 6 1 4 1 171 11 101 2 2 100 1 2 0 1 swL2macNotifyInfo V2 L2Mgmt MIB Warning SwIpMacBindingViolationTrap 1 3 6 1 4 1 171 12 23 5 0 1 swIpMacBindingPortIndex swIpMacBindingViolationIP swIpMacBindingViolationMac V2 IPMacBind MIB Warning swPktStormOccurred 1 3 6 1 4 1 171 12 25 5 0 1 swPktS...

Страница 173: ... V2 MBA MIB Warning SwExternalAlarm 1 3 6 1 4 1 171 12 11 2 2 5 0 1 swExternalAlarm V2 EQUIPMENT MIB Warning SwDdmAlarmTrap 1 3 6 1 4 1 171 12 72 4 0 1 swDdmAlarmTrap V2 DDM MIB Warning SwDdmWarningTrap 1 3 6 1 4 1 171 12 72 4 0 2 swDdmWarningTrap V2 DDM MIB Warning swL2PortLoopOccurred 1 3 6 1 4 1 171 11 102 1 1 2 100 1 2 0 3 swL2PortLoopOccurred V2 L2Mgmt MIB Warning swL2PortLoopRestart 1 3 6 1 ...

Страница 174: ...at higher level protocols are involved Bridges form a single logical network centralizing network administration broadcast A message sent to all destination devices on the network broadcast storm Multiple simultaneous broadcasts that typically absorb available network bandwidth and can cause network failure console port The port on the switch accepting a terminal or modem connector It changes the ...

Страница 175: ...rotocol which allows IP to run over a serial line connection SNMP Simple Network Management Protocol A protocol originally designed to be used in managing TCP IP internets SNMP is presently implemented on a wide range of computers and networking equipment and may be used to manage many aspects of network and end station operation Spanning Tree Protocol STP A bridge based system for providing fault...

Страница 176: ...nal emulation to the console port of the switch 2 Power on the switch After the runtime image is loaded to 100 the switch will allow 2 seconds for the user to press the hotkey Shift 6 to enter the Password Recovery Mode Once the switch enters the Password Recovery Mode all ports on the switch will be disabled Boot Procedure V1 00 B06 Power On Self Test 100 MAC Address 00 19 5B EC 32 15 H W Version...

Страница 177: ...Command Parameters show account The show account command displays all previously created accounts 177 ...

Результаты поиска

Содержание DAS-3626

Отзывы:

Похожие инструкции для DAS-3626

Бренды по названию

Популярные бренды

D-Link DAS-3626, Руководство пользователя

Результаты поиска

Содержание DAS-3626

Отзывы:

Похожие инструкции для DAS-3626

Бренды по названию

Популярные бренды