D-Link DXS-3400 SERIES Скачать руководство пользователя страница 370 | Manualshive

Страница: 370 / 490

background image

DXS-3400 Series Lite Layer 3 Stackable 10GbE Managed Switch Web UI Reference Guide

360

ping packet is illegal according to networking protocol, but a packet of such a size can be sent if it is fragmented;
when the target computer reassembles the packet, a buffer overflow can occur, which often causes a system
crash.

•

TCP Tiny Fragment Attack:

The Tiny TCP Fragment attacker uses IP fragmentation to create extremely small

fragments and force the TCP header information into a separate packet fragment to pass through the check
function of the router and issue an attack.

•

All Types:

All of above types.

To view the following window, click

Security > DoS Attack Prevention Settings

, as shown below:

Figure 9-87 DoS Attack Prevention Settings Window

The fields that can be configured in

SNMP Server Enable Traps DoS Settings

are described below:

Parameter

Description

Trap State

Select to enable or disable the DoS attack prevention trap state here.

Click the

Apply

button to accept the changes made.

The fields that can be configured in

DoS Attack Prevention Settings

are described below:

Parameter

Description

DoS Type Selection

Tick the DoS type option that will be prevented here.

State

Select to enable or disable the DoS attack prevention feature’s global state here.

Action

Select the action that will be taken when the DoS attack was detected here. The
only option to select here is

Drop

.

Click the

Apply

button to accept the changes made.

SSH

Secure Shell (SSH) is a program allowing secure remote login and secure network services over an insecure network.
It allows a secure login to remote host computers, a safe method of executing commands on a remote end node, and

«
...
368
369
370
371
372
...
»

Содержание DXS-3400 SERIES

Страница 1: ......

Страница 2: ... are trademarks of the D Link Corporation Microsoft and Windows are registered trademarks of the Microsoft Corporation Other trademarks and trade names may be used in this document to refer to either as the entities claiming the marks and the names or their products D Link Corporation disclaims any proprietary interest in trademarks and trade names other than its own 2016 D Link Corporation All ri...

Страница 3: ...Status 10 Port GBIC 10 Port Auto Negotiation 11 Error Disable Settings 12 Jumbo Frame 13 Loopback Test 14 System Log 16 System Log Settings 16 System Log Discriminator Settings 17 System Log Server Settings 18 System Log 19 System Attack Log 19 Time and SNTP 20 Clock Settings 20 Time Zone Settings 20 SNTP Settings 22 Time Range 23 PTP Precise Time Protocol 24 PTP Global Settings 24 USB Console Set...

Страница 4: ... Relay 58 DHCPv6 Relay 67 DHCP Auto Configuration 69 DNS 69 DNS Global Settings 70 DNS Name Server Settings 70 DNS Host Settings 71 NTP 71 NTP Global Settings 71 NTP Server Settings 73 NTP Peer Settings 73 NTP Access Group Settings 74 NTP Key Settings 75 NTP Interface Settings 76 NTP Associations 77 NTP Status 78 IP Source Interface 78 File System 80 Stacking 81 Physical Stacking 85 Stacking Bandw...

Страница 5: ...ration Identification 140 STP Instance 141 MSTP Port Information 142 ERPS G 8032 143 ERPS 143 ERPS Profile 147 Loopback Detection 148 Link Aggregation 150 L2 Protocol Tunnel 152 L2 Multicast Control 154 IGMP Snooping 154 MLD Snooping 163 Multicast VLAN 172 PIM Snooping 176 Multicast Filtering 178 LLDP 179 LLDP Global Settings 179 LLDP Port Settings 181 LLDP Management Address List 182 LLDP Basic T...

Страница 6: ...07 IPv6 General Prefix 207 RIP 208 RIP Settings 208 RIP Distribute List 210 RIP Interface Settings 210 RIP Database 211 RIPng 212 RIPng Settings 212 RIPng Interface Settings 213 RIPng Database 214 IP Multicast Routing Protocol 214 IPMC 214 IPv6MC 216 BFD 217 BFD Settings 217 BFD Neighbor Table 218 IP Route Filter 219 Route Map 219 Policy Route 222 VRRP Settings 222 VRRPv3 Settings 224 7 Quality of...

Страница 7: ...erface Settings 256 QCN CNPV Interface Simple 257 QCN CP Interface Settings 258 QCN CP Counters 259 QCN CPID Table 259 iSCSI 260 iSCSI Settings 260 iSCSI Sessions 261 8 Access Control List ACL 262 ACL Configuration Wizard 262 Step 1 Create Update 262 Step 2 Select Packet Type 263 Step 3 Add Rule 263 Step 4 Apply Port 271 ACL Access List 272 Standard IP ACL 274 Extended IP ACL 275 Standard IPv6 ACL...

Страница 8: ...rver Settings 317 TACACS Statistic 319 IMPB 319 IPv4 319 IPv6 332 DHCP Server Screening 337 DHCP Server Screening Global Settings 338 DHCP Server Screening Port Settings 339 ARP Spoofing Prevention 339 BPDU Attack Protection 340 NetBIOS Filtering 341 MAC Authentication 342 Web based Access Control 344 Web Authentication 346 WAC Port Settings 346 WAC Customize Page 347 Network Access Authentication...

Страница 9: ...ation Settings 386 Ethernet OAM Event Log Table 389 Ethernet OAM Statistics Table 389 Ethernet OAM DULD Settings 390 DDM 391 DDM Settings 392 DDM Temperature Threshold Settings 393 DDM Voltage Threshold Settings 393 DDM Bias Current Threshold Settings 394 DDM TX Power Threshold Settings 394 DDM RX Power Threshold Settings 395 DDM Status Table 396 11 Monitoring 397 VLAN Counter 397 Utilization 398 ...

Страница 10: ...ion Restore Backup 423 Configuration Restore from HTTP 423 Configuration Restore from TFTP 424 Configuration Restore from FTP 424 Configuration Restore from RCP 425 Configuration Backup to HTTP 426 Configuration Backup to TFTP 426 Configuration Backup to FTP 427 Configuration Backup to RCP 428 Log Backup 428 Log Backup to HTTP 428 Log Backup to TFTP 429 Log Backup to RCP 429 Ping 430 Trace Route 4...

Страница 11: ... bundled with the Switch or from the D Link website Other documents related to the Switch are DXS 3400 Series Hardware Installation Guide DXS 3400 Series CLI Reference Guide Typographical Conventions Convention Description Boldface Font Indicates a button a toolbar icon menu or menu item For example Open the File menu and choose Cancel Used for emphasis May also indicate system messages or prompts...

Страница 12: ...e incoming SNMP messages and responds to requests with MIB objects stored in the database The SNMP agent updates the MIB objects to generate statistics and counters Web User Interface Web UI The Web UI can be accessed from any computer running web browsing software from its MGMT port or LAN port when it is connected to any of the RJ45 or SFP SFP ports The Web UI on the Switch can also be accessed ...

Страница 13: ...credentials will be required to access the Web UI During the sending and receiving of the login password to and from the Switch this information will be protected using a strong encryption algorithm to prevent attackers from snooping this information to gain unauthorized access to the Switch Web User Interface Web UI The Web UI provides access to various Switch configuration and management windows...

Страница 14: ...go to go to the D Link website AREA 2 This area displays a toolbar used to access Save and Tools menus AREA 3 This area displays a file explorer type menu tree with all configurable options Select the folder or window to display Open folders and click the hyperlinked window buttons and subfolders contained within them to display information pertaining to that category AREA 4 In this area the Switc...

Страница 15: ...Information section the user can view a list of basic information regarding the Switch It appears automatically when you log on to the Switch To return to the Device Information window after viewing other windows click the DXS 3400 24TC link Figure 3 1 Device Information Window System Information Settings This window is used to display and configure the system information settings and management i...

Страница 16: ...s made The fields that can be configured in Management Interface are described below Parameter Description State Select to enable or disable this interface here IPv4 Address Enter the IPv4 address for this interface here Subnet Mask Enter the IPv4 subnet mask for this interface here Gateway Enter the gateway IPv4 address for this interface here Description Enter the description for the management ...

Страница 17: ... Temperature Threshold Settings are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here Thermal Select the thermal sensor ID High Threshold Enter the high threshold value of the warning temperature setting The range is from 100 to 200 Celsius degree Tick the Default check box to return to the default value Low Threshold Enter the low thre...

Страница 18: ... Type Select the port medium type here Options to choose from are RJ45 and SFP Note Selecting the SFP option includes the use of SFP transceivers for 10G connectivity State Select this option to enable or disabled the physical port here MDIX Select the Medium Dependent Interface Crossover MDIX option here Options to choose from are Auto Normal and Cross Auto Select this option for auto sensing of ...

Страница 19: ...ate the speed and flow control with its link partner For fiber ports auto negotiation will start to negotiate the clock and flow control with its link partner 100M Specifies to force the port speed to 100Mbps This option is only available for 100Mbps copper connections 1000M Specifies to force the port speed to 1Gbps This option is only available for 1Gbps fiber connections 1000M Master Specifies ...

Страница 20: ...l port status and settings To view the following window click System Port Configuration Port Status as shown below Figure 3 5 Port Status Window The fields that can be configured are described below Parameter Description Unit Select the stacking unit ID of the Switch that will be displayed here Port GBIC This window is used to display active GBIC information found on each applicable physical port ...

Страница 21: ...that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this display here Port Auto Negotiation This window is used to display detailed port auto negotiation information To view the following window click System Port Configuration Port Auto Negotiation as shown below ...

Страница 22: ...ured are described below Parameter Description Unit Select the stacking unit ID of the Switch that will be displayed here Error Disable Settings This window is used to display and configure the error recovery for causes and to configure the recovery interval To view the following window click System Port Configuration Error Disable Settings as shown below ...

Страница 23: ...e enable or disable the error disabled recovery feature here Interval Enter the time in seconds to recover the port from the error state caused by the specified module The range is from 5 to 86400 Click the Apply button to accept the changes made Jumbo Frame This window is used to display and configure the Jumbo Frame size and settings The Switch supports jumbo frames Jumbo frames are Ethernet fra...

Страница 24: ...Port Select the appropriate port range used for the configuration here Maximum Receive Frame Size Enter the maximum receive frame size value here This value must be between 64 and 12288 bytes By default this value is 1536 bytes Click the Apply button to accept the changes made Loopback Test This window is used to display and configure the loopback settings of the physical port interfaces and to st...

Страница 25: ...ernal loopback mode at the MAC layer Internal PHY Default Specifies the internal loopback mode at the PHY layer to test the default medium Internal PHY Copper Specifies the internal loopback mode at the PHY layer to test the copper medium Internal PHY Fiber Specifies the internal loopback mode at the PHY layer to test the fiber medium External MAC Specifies the external loopback mode at the MAC la...

Страница 26: ...ed below Parameter Description Log State Select the enable or disable the system log feature s global state here Click the Apply button to accept the changes made The fields that can be configured for Source Interface Settings are described below Parameter Description Source Interface State Select this option to enable or disable the source interface s global state Type Select the type of interfac...

Страница 27: ... that can be configured for Console Log Settings are described below Parameter Description Console Log State Select whether the enable or disable the console log s global state here Severity Select the severity value of the type of information that will be logged Options to choose from are 0 Emergencies 1 Alerts 2 Critical 3 Errors 4 Warnings 5 Notifications 6 Informational and 7 Debugging Discrim...

Страница 28: ...e Drops and Includes Severity Select the severity behavior option and the value of the type of information that will be logged Behavior options to choose from are Drops and Includes Severity value options to choose from are 0 Emergencies 1 Alerts 2 Critical 3 Errors 4 Warnings 5 Notifications 6 Informational and 7 Debugging Click the Apply button to accept the changes made Click the Delete button ...

Страница 29: ...rmational and 7 Debugging Facility Select the facility value here Options to choose from are 0 to 23 Discriminator Name Enter the discriminator name here This name can be up to 15 characters long Click the Apply button to accept the changes made Click the Delete button to delete the specified entry System Log This window is used to display and clear the system log To view the following window clic...

Страница 30: ...me settings for the Switch To view the following window click System Time and SNTP Clock Settings as shown below Figure 3 16 Clock Settings Window The fields that can be configured are described below Parameter Description Time Enter the current time in hours HH minutes MM and seconds SS here For example 18 30 30 Date Enter the current day DD month MM and year YY here For example 30 04 2015 Click ...

Страница 31: ...t and end on the specified week day of the specified month Date Setting Select to configure the summer time that should start and end on the specified date of the specified month Time Zone Select to specify your local time zone s offset from Coordinated Universal Time UTC The fields that can be configured in Recurring Settings are described below Parameter Description From Week of the Month Select...

Страница 32: ...ill start From Year Enter the year that the summer time will start From Time Select the time of the day that summer time will start To Date of the Month Select date of the month that summer time will end To Month Select the month that summer time will end To Year Enter the year that the summer time will end To Time Select the time of the day that summer time will end Offset Enter the number of min...

Страница 33: ...o view the following window click System Time Range as shown below Figure 3 19 Time Range Window The fields that can be configured are described below Parameter Description Range Name Enter the time profile s range name here This name can be up to 32 characters long From Week To Week Select the starting and ending days of the week that will be used for this time profile Tick the Daily option to us...

Страница 34: ...add residence time to correct the field When the PTP function is disabled all Switch ports will forward the PTP packets according to the multicast filtering configuration PTP Mode Select the PTP mode here Click the Apply button to accept the changes made USB Console Settings This window is used to display and configure the USB console settings To view the following window click System USB Console ...

Страница 35: ... fields that can be configured are described below Parameter Description SRM Prefer Mode Select the SRM prefer mode here Options to choose from are LAN Specifies that the Switch prefers the LAN switch mode IP Specifies that the Switch prefer the IP route mode L2VPN Specifies that the Switch prefer the Layer 2 VPN mode Click the Apply button to accept the changes made SRM Prefer Mode This window is...

Страница 36: ...de 26 The fields that can be configured are described below Parameter Description SRM Prefer Mode Select the SRM prefer mode that will be used in the display here Options to choose from are LAN IP and L2VPN Click the Find button to generate the display based on the selections made ...

Страница 37: ...the command itself along with information about the user account that entered the command into the system log Commands that do not cause a change in the Switch configuration or operation such as show will not be logged To view the following window click Management Command Logging as shown below Figure 4 1 Command Logging Window The fields that can be configured are described below Parameter Descri...

Страница 38: ...re This value must be between 1 and 15 Password Type Select the password type for this user account here Options to choose from are None Plain Text and Encrypted Password After selecting either Plain Text or Encrypted as the password type enter the password for this user account here Click the Apply button to accept the changes made Click the Delete button to delete the specified user account entr...

Страница 39: ...r may have the need to update a user s account because the password of the account was forgotten To view the following window click Management Password Recovery as shown below Figure 4 5 Password Recovery Window The fields that can be configured are described below Parameter Description Password Recovery State Select to enable or disable the password recovery feature here Enabling this feature all...

Страница 40: ...re In the plain text form the password can be up to 32 characters long is case sensitive and can contain spaces In the encrypted form the password must be 35 bytes long and is case sensitive Click the Apply button to accept the changes made Click the Edit button to re configure the specified entry The fields that can be configured in Login Method are described below Parameter Description Login Met...

Страница 41: ...sions 1 2c and 3 The three versions of SNMP vary in the level of security provided between the management station and the network device In SNMPv1 and SNMPv2c user authentication is accomplished using community strings which function like passwords The remote user SNMP application and the Switch SNMP must use the same community string SNMP packets from any station that has not been authenticated a...

Страница 42: ...agement can be customized to suit the needs of the networks and the preferences of the network administrator Use the SNMPv3 menus to select the SNMP version used for specific tasks The administrator can specify the SNMP version used to monitor and control the Switch The three versions of SNMP vary in the level of security provided between the management station and the network device SNMP settings...

Страница 43: ...rt link up notifications A linkup trap is generated when the device recognizes that one of the communication links has come up Port Link Down Tick this option to control the sending of port link down notifications A linkDown trap is generated when the device recognizes a failure in one of the communication links Coldstart Tick this option to control the sending of SNMP coldStart notifications Warm...

Страница 44: ...s as shown below Figure 4 9 SNMP View Table Settings Window The fields that can be configured are described below Parameter Description View Name Type an alphanumeric string of up to 32 characters This is used to identify the new SNMP view being created Subtree OID Type the Object Identifier OID sub tree for the view The OID identifies an object tree MIB tree that will be included or excluded from...

Страница 45: ... Select the key type for the SNMP community Options to choose from are Plain Text and Encrypted Community Name Enter an alphanumeric string of up to 32 characters that is used to identify members of an SNMP community This string is used like a password to give remote SNMP managers access to MIB objects in the Switch s SNMP agent View Name Enter an alphanumeric string of up to 32 characters that is...

Страница 46: ...p user to use the SNMPv2c security model SNMPv3 Select to allow the group user to use the SNMPv3 security model Write View Name Enter the write view name that the group user can access Security Level When selecting SNMPv3 in the User based Security Model drop down list this option is available NoAuthNoPriv Specify that there will be no authorization and no encryption of packets sent between the Sw...

Страница 47: ...ow Parameter Description Engine ID Enter the engine ID string with the maximum of 24 characters Click the Default button to revert the engine ID to the default Click the Apply button to accept the changes made SNMP User Table Settings This window is used to configure and display the SNMP users that are currently configured on the Switch To view the following window click Management SNMP SNMP User ...

Страница 48: ...ion is in use based on the CBC DES DES 56 standard This field will require the user to enter a password or a key Password Enter the private protocol password here For none this field will be disabled For DES56 this password must be between 8 and 16 characters long Auth Protocol by Key When selecting v3 in the SNMP Version drop down list and selecting Key in the SNMP V3 Encryption drop down list th...

Страница 49: ...NMPv3 Select to allow the group user to use the SNMPv3 security model Security Level When selecting SNMPv3 in the User based Security Model drop down list this option is available NoAuthNoPriv Specify that there will be no authorization and no encryption of packets sent between the Switch and a remote SNMP manager AuthNoPriv Specify that authorization will be required but there will be no encrypti...

Страница 50: ...ing Alarm Trap Feature Click the Apply button to accept the changes made RMON Statistics Settings This window is used to configure and display the RMON statistics on the specified port To view the following window click Management RMON RMON Statistics Settings as shown below Figure 4 16 RMON Statistics Settings Window The fields that can be configured are described below Parameter Description Unit...

Страница 51: ...Description Unit Select the Switch unit that will be used for this configuration here Port Select the port that will be used here Index Enter the history group table index The value is from 1 to 65535 Bucket Number Enter the number of buckets specified for the RMON collection history group of statistics The range is from 1 to 65535 The default value is 50 Interval Enter the time in seconds in each...

Страница 52: ...o be sampled Type Select the monitoring type Options to choose from are Absolute and Delta Rising Threshold Enter the rising threshold value between 0 and 2147483647 Falling Threshold Enter the falling threshold value between 0 and 2147483647 Rising Event Number Enter the index of the event entry that is used to notify the rising threshold crossing event The valid range is from 1 to 65535 If not s...

Страница 53: ...ong Type Select the RMON event entry type Options to choose from are None Log Trap and Log and Trap Community Enter the community string The string can be up to 127 characters Owner Enter the owner string The string can be up to 127 characters Click the Add button to add a new entry based on the information entered Click the Delete button to remove the specified entry Click the View Logs button to...

Страница 54: ...configured in Source Interface are described below Parameter Description Source Interface State Select to enable or disable the source interface s state here Type Select the type of source interface that will be used here Options to choose from are Loopback Mgmt and VLAN VID Enter the interface s ID here For loopback interfaces the range is from 1 to 8 For the management Mgmt interface this value ...

Страница 55: ...ault setting The value is from 0 to 1439 minutes 0 means never timeout The default value is 3 minutes Telnet Session Timeout Enter the time in minutes of the Telnet session timeout Tick the Default check box to return to the default setting The value is from 0 to 1439 minutes 0 means never timeout The default value is 3 minutes SSH Session Timeout Enter the time in minutes of the SSH session timeo...

Страница 56: ...nfigure the DHCP class and the DHCP option matching pattern for the DCHP class To view the following window click Management DHCP DHCP Class Settings as shown below Figure 4 26 DHCP Class Settings Window The fields that can be configured are described below Parameter Description Class Name Enter the DHCP class name with a maximum of 32 characters Click the Apply button to accept the changes made C...

Страница 57: ... be then utilize the IP address allocated by the DHCP server as its local configuration The user can configure many DHCP related parameters that it will utilize on its locally attached network to control and limit the IP settings of clients desiring an automatic IP configuration such as the lease time of the allotted IP address the range of IP addresses that will be allowed in its DHCP pool the ab...

Страница 58: ...ly button to accept the changes made DHCP Server Pool Settings This window is used to display and configure the DHCP server pool settings To view the following window click Management DHCP DHCP Server DHCP Server Pool Settings as shown below Figure 4 29 DHCP Server Pool Settings Window The fields that can be configured are described below Parameter Description Pool Name Enter the DHCP server s poo...

Страница 59: ...lete by Address button to remove the DHCP class association by address Click the Back button to return to the previous window After clicking the Edit Option button the following page will appear Figure 4 31 DHCP Server Pool Settings Edit Option Window The fields that can be configured are described below Parameter Description Option Enter the DHCP option number here The range is from 1 to 254 Type...

Страница 60: ... Up to 8 IPv4 address can be entered here The IP address of the router should be on the same subnet as the client s subnet Routers are listed in the order of preference If default routers are already configured the default routers configured later will be added to the default interface list DNS Server Enter the IPv4 address to be used by the DHCP client as the DNS server here Up to 8 IPv4 address ...

Страница 61: ... the router and the excluded address es specified here are available for allocation Multiple ranges of addresses can be excluded To remove a range of excluded addresses administrators must specify the exact range of addresses previously configured To view the following window click Management DHCP DHCP Server DHCP Server Exclude Address as shown below Figure 4 33 DHCP Server Exclude Address Window...

Страница 62: ...the media type and the MAC address Click the Apply button to accept the changes made Click the Delete button to remove the specified entry DHCP Server Dynamic Binding This window is used to display and clear the DHCP server s dynamic binding entries To view the following window click Management DHCP DHCP Server DHCP Server Dynamic Binding as shown below Figure 4 35 DHCP Server Dynamic Binding Wind...

Страница 63: ...s that can be configured are described below Parameter Description IP Address Enter the IPv4 address of the conflict entry to be located or cleared Pool Name Enter the DHCP server s pool name here This name can be up to 32 characters long Select the All option to clear the conflict entries for all pools Click the Find button to locate a specific entry based on the information entered Click the Cle...

Страница 64: ... settings To view the following window click Management DHCP DHCPv6 Server DHCPv6 Server Pool Settings as shown below Figure 4 38 DHCPv6 Server Pool Settings Window The fields that can be configured are described below Parameter Description Pool Name Enter the DHCPv6 server s pool name here This name can be up to 12 characters long Click the Apply button to accept the changes made Click the Config...

Страница 65: ...t valid lifetime will be 2592000 seconds 30 days Preferred Lifetime Enter the preferred lifetime value here The range is from 60 to 4294967295 seconds If this value is not specified then the default preferred lifetime will be 604800 seconds 7 days DNS Server Enter the DNS server s IPv6 address to be assigned to requesting DHCPv6 clients here Domain Name Enter the domain name to be assigned to requ...

Страница 66: ... server s pool name here This name can be up to 12 characters long IPv6 Address Prefix Length Enter the IPv6 prefix address and prefix length of the local pool here Assigned Length Enter the prefix length to be delegated to the user from the pool here The value of the assigned length cannot be less than the value of the prefix length Click the Apply button to accept the changes made Click the Find...

Страница 67: ... specified entry DHCPv6 Server Binding This window is used to display and clear the DHCPv6 server s binding entries To view the following window click Management DHCP DHCPv6 Server DHCPv6 Server Binding as shown below Figure 4 42 DHCPv6 Server Binding Window The fields that can be configured are described below Parameter Description IPv6 Address Enter the binding entry s IPv6 address to be display...

Страница 68: ...s not allowed Preference Enter the preference value here Select the Allow Hint option to allow hints Interface Name Enter the interface s name here Click the Apply button to accept the changes made Click the Find button to locate a specific entry based on the information entered Click the Delete button to remove the specified entry Enter a page number and click the Go button to navigate to a speci...

Страница 69: ...nfigure the DHCP relay pool on a DHCP relay agent To view the following window click Management DHCP DHCP Relay DHCP Relay Pool Settings as shown below Figure 4 46 DHCP Relay Pool Settings Window The fields that can be configured are described below Parameter Description Pool Name Enter the address pool name with a maximum of 32 characters Click the Apply button to accept the changes made Click th...

Страница 70: ... to remove the specified entry Click the Back button to return to the previous window After clicking the Edit button under Destination the following window will appear Figure 4 48 DHCP Relay Pool Settings Destination Edit Window The fields that can be configured are described below Parameter Description Relay Destination Enter the relay destination DHCP server IP address Click the Apply button to ...

Страница 71: ...it button the following window will appear Figure 4 50 DHCP Relay Pool Settings Class Edit Edit Window The fields that can be configured are described below Parameter Description Relay Target Enter the DHCP relay target for relaying packets that matches the value pattern of the option defined in the DHCP class Click the Apply button to accept the changes made Click the Delete button to remove the ...

Страница 72: ...equest packet that already has the relay option is left unchanged and directly relayed to the DHCP server Drop Select to discard the packet that already has the relay option Replace Select that the DHCP request packet that already has the relay option will be replaced by a new option Information Option Select this option to enable or disable the insertion of relay agent information Option 82 durin...

Страница 73: ...ircuit ID sub option Options to choose from are Default User Define and Vendor1 Default Select to use the default circuit ID sub option User Define Select to use a user defined circuit ID Enter the user defined string with the maximum of 32 characters in the text box Vendor1 Select to use vender 1 as the circuit ID Expert UDF Select to use the expert UDF circuit ID Select the stand alone unit form...

Страница 74: ...er defined profile will be formatted as aa bb cc dd ee ff Uppercase Specifies that when using the uppercase format the Option 82 MAC address for the user defined profile username will be formatted as AA BB CC DD EE FF Delimiter Select the delimiter that will be used here Options to choose from are Hyphen Specifies that the format will be AA BB CC DD EE FF Colon Specifies that the format will be AA...

Страница 75: ...bytes the translated key string should occupy If the actual length of the translated key string is less than the length specified by this option a fill indicator will be used to fill Otherwise this length option and fill indicator will be ignored and the actual string will be used directly keyword Indicates that the keyword will be translated based on the actual value of the system The following k...

Страница 76: ...ted key strings and 0 9 A F a f and space characters The formatted key strings only support keywords that support hexadecimal values Spaces not in the formatted key string will be ignored Click the Apply button to accept the changes made Click the Find button to locate a specific entry based on the information entered Click the Edit button to re configure the specific entry Click the Delete button...

Страница 77: ...maximum of 128 characters in the text box HEX Select to enter the hexadecimal string with a maximum of 256 characters in the text box IPv6 DHCP Relay Remote ID Policy Select to choose Option 37 forwarding policy for the DHCPv6 relay agent Options to choose from are Keep and Drop Keep Select that the DHCPv6 request packet that already has the relay agent Remote ID option is left unchanged and direc...

Страница 78: ... number and click the Go button to navigate to a specific page when multiple pages exist DHCPv6 Local Relay VLAN This window is used to display and configure the DHCPv6 local relay VLAN settings This window is used to enable DHCPv6 local relay on a VLAN or a group of VLANs To view the following window click Management DHCP DHCPv6 Relay DHCPv6 Local Relay VLAN as shown below Figure 4 57 DHCPv6 Loca...

Страница 79: ...Somewhere a database of network devices text names and their corresponding IP addresses must be maintained The Domain Name System DNS is used to map names to IP addresses throughout the Internet and has been adapted for use within intranets For two DNS servers to communicate across different subnets the DNS Relay of the Switch must be used The DNS servers are identified by IP addresses Mapping Dom...

Страница 80: ...and configure the DNS global settings To view the following window click Management DNS DNS Global Settings as shown below Figure 4 59 DNS Global Settings Window The fields that can be configured are described below Parameter Description IP DNS Lookup Static State Select to enable or disable the IP DNS lookup static state here IP DNS Lookup Cache State Select to enable or disable the IP DNS lookup...

Страница 81: ... Settings as shown below Figure 4 61 DNS Host Settings Window The fields that can be configured are described below Parameter Description Host Name Enter the host name of the equipment IP Address Select and enter the IPv4 address of the equipment IPv6 Address Select and enter the IPv6 address of the equipment Click the Apply button to accept the changes made Click the Clear All button to clear the...

Страница 82: ...to accept the changes made The fields that can be configured in NTP Update Calendar are described below Parameter Description NTP Update Calendar Select to enable or disable the NTP update calendar feature here This is used to periodically update the hardware clock from an NTP source Click the Apply button to accept the changes made The fields that can be configured in NTP Settings are described b...

Страница 83: ... is calculated as 2 to the power of the minimum poll interval value specified For example if the value specified here is 6 the minimum poll interval that will be used is 64 seconds 26 64 The range is from 3 to 16 Max Poll Enter the maximum poll value here This specifies the maximum poll interval for NTP messages This value is calculated as 2 to the power of the maximum poll interval value specifie...

Страница 84: ...ower of the maximum poll interval value specified For example if the value specified here is 6 the maximum poll interval that will be used is 64 seconds 26 64 The range is from 4 to 17 Prefer Select whether or not this entry will be the preferred peer for synchronization Options to choose from are True and False Click the Apply button to accept the changes made Click the Delete button to delete th...

Страница 85: ... cryptographically authenticated Version Select this option to deny packets that mismatch the current NTP version No Peer Select this option to deny packets that might mobilize an association unless authenticated The packets include broadcast symmetric active and manycast server packets when a configured association does not exist Note that this flag does not apply to packets that do not attempt t...

Страница 86: ...dc utility program The range is from 1 to 255 Select the None option to disable this feature Click the Apply button to accept the changes made The fields that can be configured in NTP Key Settings are described below Parameter Description Key ID Enter the NTP key ID here The range is from 1 to 255 MD5 Enter the MD5 authentication key string here This string must be 32 characters long Trusted Key S...

Страница 87: ...specified VLAN interface here Click the Edit button to re configure the specific entry Click the Apply button to accept the changes made Enter a page number and click the Go button to navigate to a specific page when multiple pages exist NTP Associations This window is used to display NTP association information To view the following window click Management NTP NTP Associations as shown below Figu...

Страница 88: ...tus This window is used to display NTP status information To view the following window click Management NTP NTP Status as shown below Figure 4 70 NTP Status Window IP Source Interface This window is used to display and configure the IP source interface settings To view the following window click Management IP Source Interface as shown below ...

Страница 89: ...Select to enable or disable the IP FTP source interface s state here Interface Type After enabling the Source Interface State option select the interface type here Options to choose from are Loopback Mgmt and VLAN VID Enter the interface s ID here For loopback interfaces this value is from 1 to 8 For the management interface Mgmt this value can only be 0 For VLAN interfaces this value is from 1 to...

Страница 90: ... the path entered Click the Copy button to copy a specific file to the Switch Click the c hyperlink to navigate the C drive After clicking the c hyperlink the following window will appear Figure 4 73 File System Drive Window Click the Go button to navigate to the path entered Click the Previous button to return to the previous window Click the Create Directory to create a new directory within the ...

Страница 91: ...pace provided Tick the Replace check box to replace the current running configuration with the indicated configuration file Click the Apply button to initiate the copy Click the Cancel button the discard the process Stacking The Switch supports stacking 4 Switches together while being managed by one console connection to any one of the console ports on the master Switch or by an IP address through...

Страница 92: ... When the 4 port stacking configuration is used a full duplex speed of up to 80Gbps will be used between two Switches The figure below illustrates how Switches can be stacked in a Duplex Chain formation using Category 6a cables with RJ45 connectors where the 2 port stacking configuration is used Figure 4 75 Duplex Chain stacking topology RJ45 The figure below illustrates how Switches can be stacke...

Страница 93: ...d to the same Switch in the stack Splitting logical stacking port pairs between different Switches in the stack might not guarantee a stable stacking connection Within each of these topologies each Switch plays a role in the Switch stack These roles can be set by the user per individual Switch or if desired can be automatically determined by the Switch stack Three possible roles exist when stackin...

Страница 94: ...iscover the type of topology used elect a Primary Master and then a Backup Master Synchronization State Once the Primary Master and the Backup Master have been established the Primary Master will assign Stacking Unit IDs to Switches in the stack synchronize configurations for all Switches and then transmit commands to the rest of the Switches based on the users configurations of the Primary Master...

Страница 95: ...Users can only get device information configure Box IDs save and reboot All stacking ports will be disabled and an error message will be produced on the local console port of each device in the stack Users must reconfigure Box IDs and reboot the stack Physical Stacking This window is used to display and configure the physical stacking settings To view the following window click Management Physical...

Страница 96: ...sed between two Switches using ports 21 to 24 aggregated into two virtual stacking ports Ports 21 and 23 will act as SIO1 and ports 22 and 24 will act as SIO2 SIO1 is a logical stacking port pair and SIO2 is a logical stacking port pair A logical stacking port pair must always be connected to the same Switch in the stack Splitting logical stacking port pairs between different Switches in the stack...

Страница 97: ...ize the management VLAN on any Switch SIM allows intermediate devices that do not support SIM This enables the user to manage Switches that are more than one hop away from the CS The SIM group is a group of Switches that are managed as a single entity The Switch may take on three different roles 1 Commander Switch CS This is a Switch that has been manually configured as the controlling device for ...

Страница 98: ... and Maintenance packets that previously set SIM members will emit after a reboot Once a MS has had its MAC address and password saved to the CS s database if a reboot occurs in the MS the CS will keep this MS information in its database and when a MS has been rediscovered it will add the MS back into the SIM tree automatically No configuration will be necessary to rediscover these Switches There ...

Страница 99: ...oup but is connected to a Commander Switch This is the default setting for the SIM role of the Switch Commander Select to make the Switch a Commander Switch CS The user may join other Switches to this Switch over Ethernet to be part of its SIM group Choosing this option will also enable the Switch to be configured for SIM Group Name Enter a group name This is optional This name is used to segment ...

Страница 100: ...roup and requires Java script to function properly on your computer To view the following window click Management Virtual Stacking SIM Topology as shown below Figure 4 82 Topology Window The fields that can be configured are described below Parameter Description Device Name Display the Device Name of the Switches in the SIM group configured by the user If no device is configured by the name it wil...

Страница 101: ...onding Switch To view the Topology View window open the View drop down menu in the toolbar and then click Topology which will open the following Topology Map This window will refresh itself periodically 20 seconds by default Figure 4 83 Topology View This window will display how the devices within the Single IP Management Group connect to other groups and devices Possible icons on this window are ...

Страница 102: ...opology window tool tip will display the same information about a specific device as the Tree view does See the window below for an example Figure 4 84 Device Information Utilizing the Tool Tip Setting the mouse cursor over a line between two devices will display the connection speed between the two devices as shown below Figure 4 85 Port Speed Utilizing the Tool Tip Right Click Right clicking on ...

Страница 103: ...e of the Switches in the SIM group configured by the user If no Device Name is configured by the name it will be given the name default and tagged with the last six digits of the MAC Address to identify it Module Name Display the full module name of the Switch that was right clicked MAC Address Display the MAC Address of the corresponding Switch Remote Port No Display the number of the physical po...

Страница 104: ...Member Switch Icon Figure 4 89 Right clicking a Member icon The following options may appear for the user to configure Collapse To collapse the group that will be represented by a single icon Expand To expand the SIM group in detail Remove from group Remove a member from a group Configure Launch the web management to configure the Switch Property To pop up a window to display the device informatio...

Страница 105: ...y View File Print Setup Will view the image to be printed Print Topology Will print the topology map Preference Will set display properties such as polling interval and the views to open at SIM startup Group Add to group Add a candidate to a group Clicking this option will reveal the following dialog box for the user to enter a password for authentication from the Candidate Switch before being add...

Страница 106: ...lds that can be configured are described below Parameter Description TFTP Server IP Enter the TFTP server IP address Path Filename Enter the path and file name Click the Download button to update the firmware To specify a certain Switch for firmware download tick its corresponding check box Configuration File Backup Restore This window is used to display and upgrade configuration files from the Co...

Страница 107: ...rver Upload Log File This window is used to display and upload log files from SIM member Switches to a specified PC To view the following window click Management Virtual Stacking SIM Upload Log File as shown below Figure 4 97 Upload Log File Window The fields that can be configured are described below Parameter Description TFTP Server IP Enter the TFTP server IP address Path Filename Enter the pat...

Страница 108: ...erval between two consecutive DDP report messages Options to choose from are 30 60 90 120 seconds or Never Selecting Never specifies to stop sending report messages Click the Apply button to accept the changes made The fields that can be configured in DDP Port Settings are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To P...

Страница 109: ...MTP IPv6 Server Address After selecting IPv6 as the SMTP IP type enter the SMTP server s IPv6 address here SMTP IPv4 Server Port After selecting IPv4 as the SMTP IP type enter the SMTP server s port number here The range is from 1 to 65535 By default this value is 25 SMTP IPv6 Server Port After selecting IPv6 as the SMTP IP type enter the SMTP server s port number here The range is from 1 to 65535...

Страница 110: ... Unicast mode The client uses a unicast MAC address as the destination MAC address to reach the server Multicast mode The client uses a multicast MAC address as the destination MAC address to reach the server This destination MAC address is called the shared MAC address However the server uses its own MAC address rather than the shared MAC address as the source MAC address in the reply packet In o...

Страница 111: ...ified MAC address it will be forwarded to the specified interface Unit Select the Switch s unit ID that will be used here From Port To Port Select the Switch s port range that will be used here Click the Apply button to accept the changes made Click the Delete All button to delete all the entries found in the display table Click the Delete button to delete the specified entry Enter a page number a...

Страница 112: ... the port number on which the MAC address entered resides This option could also drop the MAC address from the unicast static FDB When selecting Port select the port number Unit Select the stacking unit ID of the Switch that will be configured here Port Number After selecting the Port option select the port number used here VID Enter the VLAN ID on which the associated unicast MAC address resides ...

Страница 113: ... address The format of the destination MAC address is 01 XX XX XX XX XX Click the Apply button to accept the changes made Click the Delete All button to remove all the entries Click the Delete button to remove the specific entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist MAC Address Table Settings This window is used to display and configur...

Страница 114: ...ID of the Switch that will be configured here From Port To Port Select the range of ports that will be used for this configuration here Status Select to enable or disable the MAC address learning function on the ports specified here Click the Apply button to accept the changes made After selecting the MAC Address VLAN Learning Settings tab option at the top of the page the following page will be a...

Страница 115: ...described below Parameter Description Port Select the stacking unit ID and the port number of the Switch that will be configured here VID Enter the VLAN ID that will be used for this configuration here MAC Address Enter the MAC address that will be used for this configuration here Click the Clear Dynamic by Port button to clear the dynamic MAC address listed on the corresponding port Click the Cle...

Страница 116: ...between 0 and 500 By default this value is 1 MAC Notification Trap State Select to enable or disable the MAC notification trap state Unit Select the stacking unit ID of the Switch that will be configured here From Port To Port Select the range of ports that will be used for this configuration here Added Trap Select to enable or disable the added trap for the port s selected Removed Trap Select to ...

Страница 117: ... displayed here Click the Find button to locate a specific entry based on the information entered Click the Show All button to locate all the entries Click the Edit button to re configure the specific entry Click the Delete button to remove the specific entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist 802 1v Protocol VLAN Protocol VLAN Prof...

Страница 118: ...e type the octet string will have one of the following values For Ethernet 2 this is a 16 bit 2 octet hex value For example IPv4 is 0800 IPv6 is 86DD ARP is 0806 etc For IEEE802 3 SNAP this is a 16 bit 2 octet hex value For IEEE802 3 LLC this is a 2 octet IEEE 802 2 Link Service Access Point LSAP pair The first octet is for Destination Service Access Point DSAP and the second octet is for Source C...

Страница 119: ...l This window is used to display and configure the GARP VLAN Registration Protocol GVRP global settings To view the following window click L2 Features VLAN GVRP GVRP Global as shown below Figure 5 12 GVRP Global Window The fields that can be configured are described below Parameter Description Global GVRP State Select to enable or disable the global GVRP state here Dynamic VLAN Creation Select to ...

Страница 120: ... is disabled Join Time Enter the Join Time value in centiseconds This value must be between 10 and 10000 centiseconds By default this value is 20 centiseconds Leave Time Enter the Leave Time value in centiseconds This value must be between 10 and 10000 centiseconds By default this value is 60 centiseconds Leave All Time Enter the Leave All Time value in centiseconds This value must be between 10 a...

Страница 121: ...n that will be taken here Options to choose from are All Add Remove and Replace When selecting All all the advertised VLANs will be used Advertise VID List Enter the advertised VLAN ID list here Click the Apply button to accept the changes made GVRP Forbidden VLAN This window is used to display and configure the GVRP forbidden VLAN settings To view the following window click L2 Features VLAN GVRP ...

Страница 122: ...indow click L2 Features VLAN GVRP GVRP Statistics Table as shown below Figure 5 16 GVRP Statistics Table Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this display here Port Select the port number of which GVRP statistic information will be displayed Click the Find button to locate a specific entry based on the ...

Страница 123: ...ll be configured To view the following window click L2 Features VLAN MAC VLAN as shown below Figure 5 18 MAC VLAN Window The fields that can be configured are described below Parameter Description MAC Address Enter the unicast MAC address VID Enter the VLAN ID that will be used Priority Select the priority that is assigned to untagged packets This value is between 0 and 7 Click the Apply button to...

Страница 124: ... the specific interface Click the Edit button to re configure the specific entry After clicking the Show Detail button the following page will appear Figure 5 20 VLAN Interface VLAN Detail Window On this page more detailed information about the VLAN of the specific interface is displayed Click the Back button to return to the previous page After click the Edit button the following page will appear...

Страница 125: ...e the ingress checking function VLAN ID Enter the VLAN ID used for this configuration here This value must be between 1 and 4094 Clone Select this option to enable the clone feature From Port To Port Select the range of ports that will be used in the clone feature here Click the Apply button to accept the changes made Click the Back button to discard the changes made and return to the previous pag...

Страница 126: ...ter the allowed VLAN range information here Clone Select this option to enable the clone feature From Port To Port Select the range of ports that will be used in the clone feature here Click the Apply button to accept the changes made Click the Back button to discard the changes made and return to the previous page When Trunk was selected as the VLAN Mode the following page will appear Figure 5 23...

Страница 127: ...l Window The fields that can be configured are described below Parameter Description VLAN Mode Select the VLAN mode option here Options to choose from are Access Hybrid Trunk 802 1Q Tunnel Promiscuous Host Trunk Promiscuous and Trunk Secondary Acceptable Frame Select the acceptable frame behavior option here Options to choose from are Tagged Only Untagged Only and Admit All Ingress Checking Select...

Страница 128: ...t All Ingress Checking Select to enable or disable the ingress checking function Clone Select this option to enable the clone feature From Port To Port Select the range of ports that will be used in the clone feature here Click the Apply button to accept the changes made Click the Back button to discard the changes made and return to the previous page When Host was selected as the VLAN Mode the fo...

Страница 129: ...om are Tagged Only Untagged Only and Admit All Ingress Checking After selecting Trunk Promiscuous as the VLAN Mode the following parameter will be available Select to enable or disable the ingress checking function Native VLAN Tick this option to enable the native VLAN function Also select if this VLAN supports Untagged or Tagged frames VID After ticking the Native VLAN option the following parame...

Страница 130: ...he native VLAN function Also select if this VLAN supports Untagged or Tagged frames VID After ticking the Native VLAN option the following parameter will be available Enter the VLAN ID used for this configuration here This value must be between 1 and 4094 Action Select the action that will be taken here Options to choose from are All Add Remove Except and Replace Allowed VLAN Range Enter the allow...

Страница 131: ... specified Layer 2 VLAN Enter a page number and click the Go button to navigate to a specific page when multiple pages exist Subnet VLAN This window is used to display and configure the subnet VLAN settings A subnet VLAN entry is an IP subnet based VLAN classification rule If an untagged or priority tagged IP packet is received on a port its source IP address will be used to match the subnet VLAN ...

Страница 132: ...e the auto surveillance VLAN properties To view the following window click L2 Features VLAN Auto Surveillance VLAN Auto Surveillance Properties as shown below Figure 5 31 Auto Surveillance Properties Window The fields that can be configured in Global Settings are described below Parameter Description Surveillance VLAN Select to enable or disable the surveillance VLAN feature here Surveillance VLAN...

Страница 133: ...s configuration here State Select to enable or disable the surveillance VLAN feature on the specified port s here When surveillance VLAN is enabled for a port the port will be automatically learned as surveillance VLAN untagged member the received untagged surveillance packets will be forwarded to surveillance VLAN The received packets are determined as surveillance packets if the source MAC addre...

Страница 134: ...t Mask Enter the matching bitmask for the OUI MAC address here Click the Apply button to accept the changes made Click the Delete button to delete the specified entry After selecting the Auto Surveillance VLAN Summary tab option at the top of the page the following page will be available Figure 5 33 MAC Settings and Surveillance Device Auto Surveillance VLAN Summary Window The fields that can be c...

Страница 135: ...c in quality of service Aging Time Enter the aging time value here This is used to configure the aging time for aging out the voice device and the voice VLAN automatically learned member ports When the last voice device connected to the port stops sending traffic and the MAC address of this voice device is aged out from FDB the voice VLAN aging timer will be started The port will be removed from t...

Страница 136: ...UI it will join the voice VLAN as a tagged member automatically When the voice device sends tagged packets the Switch will change its priority When the voice device sends untagged packets it will forward them in port s PVID VLAN When the port is working in auto untagged mode and the port captures a voice device through the device s OUI it will join the voice VLAN as an untagged member automaticall...

Страница 137: ...ription for the user defined OUI MAC address here This string can be up to 32 characters long Click the Apply button to accept the changes made Click the Delete button to delete the specified entry Voice VLAN Device This window is used to display the voice VLAN device table To view the following window click L2 Features VLAN Voice VLAN Voice VLAN Device as shown below Figure 5 37 Voice VLAN Device...

Страница 138: ... the private VLAN settings To view the following window click L2 Features VLAN Private VLAN as shown below Figure 5 39 Private VLAN Window The fields that can be configured for Private VLAN are described below Parameter Description VID List Enter the private VLAN ID list here State Select to enable or disable the private VLAN state here Type Select the type of private VLAN that will be created her...

Страница 139: ... this configuration here From Port To Port Select the range of ports that will be used for this configuration here Select the Trunk option to specify that the trunk port will be associated with the private VLAN map Primary VID Enter the primary private VLAN ID here Action Select Add to add a new entry based in the information entered Select Remove to remove an entry based in the information entere...

Страница 140: ...gress packet is C tagged The Inner TPID is per system configurable Unit Select the Switch s unit ID that will be used here From Port To Port Select the Switch s port range that will be used here Outer TPID Enter the outer TPID value here This value is in the hexadecimal form The range is from 0x1 to 0xFFFF Click the Apply button to accept the changes made After clicking the Dot1q Tunnel Port Setti...

Страница 141: ... entered Select Remove to remove an entry based in the information entered Click the Apply button to accept the changes made VLAN Mapping This window is used to display and configure the VLAN mapping settings If a profile is applied on an interface the Switch matches the incoming packets according to the rules of the profile If the packets match a rule the action of the rule will be taken The acti...

Страница 142: ...o accept the changes made Click the Find button to locate a specific entry based on the information entered Click the Delete button to delete the specified entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist VLAN Mapping Profile This window is used to display and configure the VLAN mapping profile settings To view the following window click L2...

Страница 143: ...cremented by 10 for every new rule The range is from 1 to 10000 Src MAC Address Enter the source MAC address here Dst MAC Address Enter the destination MAC address here Priority Select the 802 1p priority value here The range is from 0 to 7 A lower value has a higher priority Inner VID Enter the inner VLAN s ID here The range is from 1 to 4094 Ethernet Type Enter the Ethernet type value here The r...

Страница 144: ... 0 to 63 Source Port Enter the source TCP UDP port s number here The range is from 1 to 65535 Destination Port Enter the destination TCP UDP port s number here The range is from 1 to 65535 IP Protocol Enter the Layer 3 IP protocol value here The range is from 0 to 255 Action Select the action that will be taken here Options to choose from are Dot1q Tunnel and Translate Dot1q Tunnel Specifies that ...

Страница 145: ...tion that will be taken here Options to choose from are Dot1q Tunnel and Translate Dot1q Tunnel Specifies that the outer VID will be added for matched packets Translate Specifies that the outer VID will replace the outer VID of the matched packets New Outer VID Enter the new outer VLAN s ID here The range is from 1 to 4094 802 1P Priority Select the 802 1p priority value here The range is from 0 t...

Страница 146: ...from 0x0 to 0xFFFF Src IP Address Enter the source IPv4 address and subnet mask here Dst IP Address Enter the destination IPv4 address and subnet mask here DSCP Enter the DSCP value here The range is from 0 to 63 Source Port Enter the source TCP UDP port s number here The range is from 1 to 65535 Destination Port Enter the destination TCP UDP port s number here The range is from 1 to 65535 IP Prot...

Страница 147: ...nfigure the STP global settings To view the following window click L2 Features STP STP Global Settings as shown below Figure 5 48 STP Global Settings Window The field that can be configured for STP State is described below Parameter Description STP State Select to enable or disable the STP global state here Click the Apply button to accept the changes made The fields that can be configured for STP...

Страница 148: ... between two transmissions of BPDU packets sent by the Root Bridge to tell all other Switches that it is indeed the Root Bridge This field will only appear here when STP or RSTP is selected for the STP Version For MSTP the Hello Time must be set on a port per port basis Bridge Forward Time Enter the bridge s forwarding time value here This value must be between 4 and 30 seconds By default this val...

Страница 149: ...ort is 2000 The lower the number the greater the probability the port will be chosen to forward packets State Select to enable or disable the STP port state Guard Root Select to enable or disable the guard root function Link Type Select the link type option here Options to choose from are Auto P2P and Shared A full duplex port is considered to have a point to point P2P connection On the opposite a...

Страница 150: ...o enable or disable the loop guard feature on the specified port s here The STP loop guard feature provides additional protection against Layer 2 forwarding loops STP loops An STP loop is created when an STP blocking port in a redundant topology erroneously transitions to the forwarding state This usually happens because one of the ports of a physically redundant topology not necessarily the STP b...

Страница 151: ... button to accept the changes made In the Private VLAN Synchronize section the user can click the Apply button to synchronize the private VLANs The fields that can be configured for Instance ID Settings are described below Parameter Description Instance ID Enter the instance ID here This value must be between 1 and 64 Action Select the action that will be taken here Options to choose from are Add ...

Страница 152: ...ton to accept the changes made Enter a page number and click the Go button to navigate to a specific page when multiple pages exist MSTP Port Information This window is used to display and configure the MSTP port information settings To view the following window click L2 Features STP MSTP Port Information as shown below Figure 5 52 MSTP Port Information Window The fields that can be configured are...

Страница 153: ...S Version Select the ERPS version here Options to choose from are G 8032v1 and G 8032v2 Before specifying G 8032v1 for a G 8032v2 device changing the ERPS version will lead to the restart of the running protocol Click the Apply button to accept the changes made The fields that can be configured in Ethernet Ring G 8032 are described below Parameter Description Ring Name Enter the Ethernet Ring Prot...

Страница 154: ... button to configure this parameter as per normal Select the None radio button to revert this parameter to the default setting Port1 Select the checkbox and then select the Switch s unit ID and the port number that will be the second ring port of the physical ring Select the None option from the drop down menu specifies that the inter connected node is a local node endpoint of an open ring Select ...

Страница 155: ...indow After selecting the ERPS Brief tab option at the top of the page the following page will be available Figure 5 56 ERPS ERPS Brief Window Click the Edit Instance button to configure the ERP instance Enter a page number and click the Go button to navigate to a specific page when multiple pages exist After click the Edit Instance button the following window will appear ...

Страница 156: ...rt this parameter to the default setting MEL Select the checkbox and enter the ring MEL value of the ERP instance here This value must be between 0 and 7 The configured MEL value of all ring nodes that participate in the same ERP instance should be identical Select the Specify radio button to configure this parameter as per normal Select the None radio button to revert this parameter to the defaul...

Страница 157: ...lures and FS conditions are absent Options to choose from are Port0 and Port1 Click the Back button to discard the changes made and return to the previous window Click the Apply button to accept the changes made ERPS Profile This window is used to display and configure the Ethernet Ring G 8032 profile settings To view the following window click L2 Features ERPS G 8032 ERPS Profile as shown below F...

Страница 158: ...n 0 and 10 seconds By default this value is 0 seconds WTR Timer Select the checkbox and enter the WTR timer value here This value must be between 1 and 12 minutes By default this value is 5 minutes Click the Back button to discard the changes made and return to the previous window Click the Apply button to accept the changes made Loopback Detection The Loopback Detection LBD function is used to de...

Страница 159: ...to 32767 seconds The default setting is 10 seconds Trap State Select to enable or disable the loopback detection trap state Action Mode Select the action mode here Option to choose from are Shutdown Specifies to shut down the port in the port based mode or block traffic on the specific VLAN in the VLAN based mode when the loop has been detected None Specifies not to shut down the port in the port ...

Страница 160: ...the creation of up to 32 link aggregation groups each group consisting of up to 8 links ports Each port can only belong to a single link aggregation group All of the ports in the group must be members of the same VLAN and their STP status static multicast traffic control traffic segmentation and 802 1p default priority configurations must be identical Port locking and 802 1X must not be enabled on...

Страница 161: ... Destination MAC Source IP Destination IP Source Destination IP Source L4 Port Destination L4 Port and Source Destination L4 Port By default this option is Source Destination MAC Click the Apply button to accept the changes made The fields that can be configured for Channel Group Information are described below Parameter Description Unit Select the Switch unit that will be used for this configurat...

Страница 162: ... be configured are described below Parameter Description Description Enter the description for the port channel here This string can be up to 64 characters long Click the Apply button to accept the changes made Click the Delete Description button to delete the description for the port channel Click the Edit button to re configure the specific entry Click the Back button to return to the previous p...

Страница 163: ...Layer 2 protocol packets that can be processed by the system When the maximum number of packets is exceeded the excessive protocol packets are dropped Click the Apply button to accept the changes made After selecting the L2 Protocol Tunnel Port Setting tab option at the top of the page the following page will be available Figure 5 64 L2 Protocol Tunnel L2 Protocol Tunnel Port Setting Window The fi...

Страница 164: ...stations or devices and an IGMP host IGMP Snooping Settings In order to use IGMP Snooping it must first be enabled for the entire Switch under IGMP Global Settings at the top of the window You may then fine tune the settings for each VLAN by clicking the corresponding Edit button When enabled for IGMP snooping the Switch can open or close a port to a specific multicast group member based on IGMP m...

Страница 165: ...ered Click the Show All button to view all the entries Click the Show Detail button to see the detail information of the specific VLAN Click the Edit button to re configure the specific entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist After clicking the Show Detail button the following window will appear Figure 5 66 IGMP Snooping Settings S...

Страница 166: ...r leave message is forwarded The remaining report and leave messages are suppressed Suppression Time Enter the interval of suppressing duplicate IGMP reports or leaves The range is from 1 to 300 Querier State Select this option to enable or disable the querier state Query Version Select the general query packet version sent by the IGMP snooping querier Options to choose from are 1 2 and 3 Query In...

Страница 167: ...configuration here From Port To Port Select the range of ports that will be used for this configuration here Authentication Select to enable or disable authentication here This is used to enable or disable the authentication function for IGMP join messages When enabled and the client wants to join a group the system will perform authentication first Accounting Select to enable or disable accountin...

Страница 168: ...d for the configuration here VID Click the radio button and enter a VLAN ID of the multicast group The range is from 1 to 4094 Group Address Click the radio button and enter an IP multicast group address Click the Apply button to accept the changes made Click the Delete button to remove the specified entry Click the Find button to locate a specific entry based on the information entered Click the ...

Страница 169: ...hat will be used here From Port To Port Select the Switch s port range that will be used here This is only available if the Port option was selected as the action below Limit Number Enter the limit number here This is to configure the rate of IGMP control packets that the Switch can process on a specific interface The range is from 1 to 1000 packets per second Select the No Limit option to remove ...

Страница 170: ... configuration VID Enter the Layer 2 VLAN s name on a trunk port here This applies the filter to packets that arrive on that VLAN The range is from 1 to 4094 Click the Apply button to accept the changes made Click the Delete button to delete an entry based on the information entered The fields that can be configured in Access Group Settings are described below Parameter Description Unit Select the...

Страница 171: ... router ports on the Switch To view the following window click L2 Features L2 Multicast Control IGMP Snooping IGMP Snooping Mrouter Settings as shown below Figure 5 72 IGMP Snooping Mrouter Settings Window The fields that can be configured in IGMP Snooping Mrouter Settings are described below Parameter Description VID Enter the VLAN ID used here The range is from 1 to 4094 Configuration Select the...

Страница 172: ... can be configured in IGMP Snooping Statistics Settings are described below Parameter Description Statistics Select the interface here Options to choose from are All VLAN and Port VID Enter a VLAN ID between 1 and 4094 This is available when VLAN is selected in the Statistics drop down list Unit Select the Switch unit that will be used for this configuration here This is available when Port is sel...

Страница 173: ...3 Multicast Listener Query Similar to the IGMPv2 Host Membership Query for IPv4 and labeled as 130 in the ICMPv6 packet header this message is sent by the router to ask if any link is requesting multicast data There are two types of MLD query messages emitted by the router The General Query is used to advertise all multicast addresses that are ready to send multicast data to all listening ports an...

Страница 174: ...094 and select to enable or disable MLD snooping on the VLAN Click the Apply button to accept the changes made The fields that can be configured in MLD Snooping Table are described below Parameter Description VID Enter a VLAN ID from 1 to 4094 Click the Find button to locate a specific entry based on the information entered Click the Show All button to view all the entries Click the Show Detail bu...

Страница 175: ...indow displays the detail information about MLD snooping VLAN Click the Modify button to edit the information in the following window After clicking the Modify or Edit button in MLD Snooping Settings window the following window will appear Figure 5 76 MLD Snooping Settings Modify Edit Window The fields that can be configured are described below ...

Страница 176: ...lect the general query packet version sent by the MLD snooping querier Options to choose from are 1 and 2 Query Interval Enter the interval at which the MLD snooping querier sends MLD general query messages periodically The range is from 1 to 31744 Max Response Time Enter the maximum response time in seconds advertised in MLD snooping queries The range is from 1 to 25 Robustness Value Enter the ro...

Страница 177: ...k the Apply button to accept the changes made Click the Delete button to remove the specified entry Click the Find button to locate a specific entry based on the information entered Click the Show All button to view all the entries Enter a page number and click the Go button to navigate to a specific page when multiple pages exist The fields that can be configured in MLD Snooping Groups Table are ...

Страница 178: ...umber Enter the limit number here This is to configure the rate of MLD control packets that the Switch can process on a specific interface The range is from 1 to 1000 packets per second Select the No Limit option to remove the limitation Action Select the action that will be taken here Options to choose from are Port and VLAN VID Enter the VLAN s ID here This is the Layer 2 VLAN on a trunk port an...

Страница 179: ...ck the Apply button to accept the changes made Click the Delete button to delete an entry based on the information entered The fields that can be configured in Access Group Settings are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here Action Select Add ...

Страница 180: ...ure 5 80 MLD Snooping Mrouter Settings Window The fields that can be configured in MLD Snooping Mrouter Settings are described below Parameter Description VID Enter a VLAN ID between 1 and 4094 Configuration Select the port configuration Options to choose from are Port Forbidden Port and Learn PIMv6 Port Select to have the configured ports as being connected to multicast enabled routers Forbidden ...

Страница 181: ...ed below Parameter Description Statistics Select the interface here Options to choose from are All VLAN and Port VID Enter a VLAN ID between 1 and 4094 This is available when VLAN is selected in the Statistics drop down list Unit Select the Switch unit that will be used for this configuration here This is available when Port is selected in the Statistics drop down list From Port To Port Select the...

Страница 182: ...LAN Settings This window is used to display and configure the multicast VLAN settings To view the following window click L2 Features L2 Multicast Control Multicast VLAN Multicast VLAN Settings as shown below Figure 5 82 Multicast VLAN Settings Window The fields that can be configured in Multicast VLAN Global Settings are described below Parameter Description Multicast VLAN IPv4 State Select to ena...

Страница 183: ... range is 2 to 4094 Action Select Add to add a new entry based in the information entered Select Delete to delete an entry based in the information entered Role Select the role here Options to choose from are Receiver and Source Receiver Specifies to configure the port as a subscriber port that can only receive multicast data in the multicast VLAN Source Specifies to configure the port as an uplin...

Страница 184: ...e from are Receiver Source and Both Receiver Specifies that the source IPv4 IPv6 address of the IGMP MLD report leave packet received on any multicast VLAN receiver port will be replaced Source Specifies that the source IPv4 IPv6 address of the IGMP MLD report leave packet received on any multicast VLAN source port will be replaced Both Specifies that the source IPv4 IPv6 address of the IGMP MLD r...

Страница 185: ...ype Select the address type here Options to choose from are IPv4 and IPv6 IPv4 Specifies to use IPv4 multicast addresses in the range IPv6 Specifies to use IPv6 multicast addresses in the range From IP Address Enter the source IPv4 IPv6 address here To IP Address Enter the destination IPv4 IPv6 address here Click the Apply button to accept the changes made The fields that can be configured in Acce...

Страница 186: ... to a specific page when multiple pages exist The fields that can be configured in Access Group Table are described below Parameter Description VID Click the Find button to locate a specific entry based on the information entered Click the Show All button to display all the entries Enter a page number and click the Go button to navigate to a specific page when multiple pages exist PIM Snooping PIM...

Страница 187: ...he range is from 1 to 4094 Click the Find button to generate the display based on the information entered PIM Snooping Neighbor Table This window is used to display the PIM snooping neighbor table To view the following window click L2 Features L2 Multicast Control PIM Snooping PIM Snooping Neighbor Table as shown below Figure 5 85 PIM Snooping Neighbor Table Window The fields that can be configure...

Страница 188: ...ing PIM Snooping Statistics Table as shown below Figure 5 87 PIM Snooping Statistics Table Window The fields that can be configured are described below Parameter Description VID Select and enter the VLAN ID that will be used here The range is from 1 to 4094 Click the Find button to generate the display based on the information entered Click the Clear button to clear the statistics information rela...

Страница 189: ...ed based on the forwarding table and all unregistered multicast packets will be flooded based on the VLAN domain When selecting the Forward All option all multicast packets will be flooded based on the VLAN domain When selecting the Filter Unregistered option registered packets will be forwarded based on the forwarding table and all unregistered multicast packets will be filtered Click the Apply b...

Страница 190: ...P Forward Sate is enabled the received LLDPDU packet will be forwarded LLDP Trap State Select this option to enable or disable the LLDP trap state LLDP MED Trap State Select this option to enable or disable the LLDP MED trap state Click the Apply button to accept the changes made The fields that can be configured in LLDP MED Settings are described below Parameter Description Fast Start Repeat Coun...

Страница 191: ... This window is used to display and configure the LLDP port settings To view the following window click L2 Features LLDP LLDP Port Settings as shown below Figure 5 90 LLDP Port Settings Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used ...

Страница 192: ...4 option enter the IPv4 address in the space provided After selecting the IPv6 option enter the IPv6 address in the space provided Click the Find button to locate a specific entry based on the selection made LLDP Basic TLVs Settings Type length value TLV allows the specific sending information as a TLV element within LLDP packets This window is used to enable the settings for the Basic TLVs Settin...

Страница 193: ... Name option System Description Select this option to enable or disable the System Description option System Capabilities Select this option to enable or disable the System Capabilities option Click the Apply button to accept the changes made LLDP Dot1 TLVs Settings LLDP Dot1 TLVs are organizationally specific TLVs which are defined in IEEE 802 1 and used to configure an individual port or group o...

Страница 194: ... Settings This window is used to display and configure an individual port or group of ports to exclude one or more IEEE 802 3 organizational specific TLV data type from outbound LLDP advertisements To view the following window click L2 Features LLDP LLDP Dot3 TLVs Settings as shown below Figure 5 94 LLDP Dot3 TLVs Settings Window The fields that can be configured are described below Parameter Desc...

Страница 195: ...ields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here Notification Select this option to enable or disable transmitting the LLDP MED notification TLV Capabilities Select this option to enable or disable transmitting the LLDP ...

Страница 196: ...e the ETS recommendation TLV feature here This specifies the ETS Recommendation TLV to be sent The Enhanced Transmission Selection Recommendation TLV is an optional TLV that allows a bridge port to advertise the ETS recommendation for the operational state of the remote port Priority based Flow Control Configuration TLV Select to enable or disable the Priority based Flow Control PFC configuration ...

Страница 197: ...on for the statistics displayed Click the Clear All button to clear all the counter information displayed LLDP Local Port Information This window is used to display the information on a per port basis currently available for populating outbound LLDP advertisements in the local port brief table shown below To view the following window click L2 Features LLDP LLDP Local Port Information as shown belo...

Страница 198: ...view detailed information of the specific port After clicking the Show Detail button the following window will appear Figure 5 99 LLDP Local Port Information Show Detail Window To view more details about for example the MAC PHY Configuration Status click the Show Detail hyperlink Click the Back button to return to the previous window After clicking a hyperlink a new section will appear at the bott...

Страница 199: ...l To view the following window click L2 Features LLDP LLDP Neighbor Port Information as shown below Figure 5 101 LLDP Neighbor Port Information Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be displayed Port Select the port number that will be displayed Click the Find button to locate a specific entry based on the informati...

Страница 200: ...nfigure the ARP aging time settings To view the following window click L3 Features ARP ARP Aging Time as shown below Figure 6 1 ARP Aging Time Window The fields that can be configured are described below Parameter Description Timeout After click the Edit button enter the ARP aging timeout value here Click the Edit button to re configure the specific entry Click the Apply button to accept the chang...

Страница 201: ...stined for another device by faking its identity IP and MAC Address as the original ARP responder Therefore the Switch can then route packets to the intended destination without configuring static routing or a default gateway The host usually a Layer 3 Switch will respond to packets destined for another device To view the following window click L3 Features ARP Proxy ARP as shown below Figure 6 3 P...

Страница 202: ...lect this option to display the Management port s information Click the Find button to locate a specific entry based on the information entered Click the Clear All button to clear all the information Click the Delete button to remove the specific entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist Gratuitous ARP This window is used to display ...

Страница 203: ...that corresponds to the system s IP address This option used to enable or disable the learning of ARP entries in the ARP cache based on the received gratuitous ARP packet The gratuitous ARP packet is sent by a source IP address that is identical to the IP that the packet is queries for Click the Apply button to accept the changes made Click the Edit button to re configure the specific entry Enter ...

Страница 204: ...l button to clear all the dynamic IPv6 neighbor information in this table Click the Delete button to remove the specific entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist Interface IPv4 Interface This window is used to display and configure the IPv4 interface settings To view the following window click L3 Features Interface IPv4 Interface as...

Страница 205: ...e IP directed broadcast feature here This parameter is used to enable or disable the conversion of IP directed broadcasts received by the interface to physical broadcasts when the destination network is directly connected to the Switch Description Enter the description for the interface Get IP From Select the get IP from option here Options to choose from are Static and DHCP When the Static option...

Страница 206: ... up to 32 characters long Select the Hex option to enter the class ID string in the hexadecimal format This string can be up to 64 characters long This parameter is used to specify the vendor class identifier used as the value of Option 60 for the DHCP discover message Host Name Enter the host name here This string can be up to 64 characters long This parameter is used to specify the value of the ...

Страница 207: ...r the IPv6 MTU value here The range is from 1280 to 65534 bytes By default this value is 1500 bytes This parameter is used to configure the MTU to be advertised in RA messages IPv6 State Select to enable or disable the IPv6 interface s global state here Click the Back button to discard the changes made and return to the previous page Click the Apply button to accept the changes made The fields tha...

Страница 208: ... reachable time is used by the IPv6 node in determining the reachability of the neighbor nodes Managed Config Flag Turn the managed config flag option On or Off here When the neighbor host receives the RA which has flag turned on the host should use a stateful configuration protocol to obtain IPv6 addresses Other Config Flag Turn the other config flag option On or Off here By setting the other con...

Страница 209: ...cept the changes made The fields that can be configured for DHCPv6 Client PD Settings are described below Parameter Description Client PD State Select to enable or disable the DHCPv6 client process to request the prefix delegation through a specified interface Select the Rapid Commit option to proceed with two message exchange for prefix delegation The rapid commit option will be filled in the Sol...

Страница 210: ...pecific page when multiple pages exist After clicking the Edit button the following page will appear Figure 6 16 Loopback Interface Edit Window The fields that can be configured are described below Parameter Description State Select to enable or disable the loopback interface here Description Enter the description for the loopback interface here This string can be up to 64 characters long IP Addre...

Страница 211: ...an be configured are described below Parameter Description Interface Null Enter the NULL interface s ID here This value can only be 0 Description After clicking the Edit button enter the description for the NULL interface here This string can be up to 64 characters long Click the Apply button to accept the changes made Click the Edit button to modify the description for the NULL interface UDP Help...

Страница 212: ...all one broadcast The packets are IPv4 UDP packets The IP TTL value must be greater than or equal to 2 To view the following window click L3 Features UDP Helper IP Helper Address as shown below Figure 6 19 IP Helper Address Window The fields that can be configured are described below Parameter Description Interface VLAN Enter the VLAN interface s ID used here The range is from 1 to 4094 Helper Add...

Страница 213: ...n be configured are described below Parameter Description IP Address Enter the IPv4 address for this route here Tick the Default Route option to use the default route as the IPv4 address Mask Enter the IPv4 network mask for this route here Gateway Enter the gateway address for this route here Null Interface Select to enable or disable the NULL interface here Backup State Select the backup state op...

Страница 214: ... window is used to display and configure the IPv4 route table settings To view the following window click L3 Features IPv4 Route Table as shown below Figure 6 22 IPv4 Route Table Window The fields that can be configured are described below Parameter Description IP Address Select and enter the single IPv4 address here Network Address Select and enter the IPv4 network address here In the first space...

Страница 215: ... will be associated with this route here Next Hop IPv6 Address Enter the next hop IPv6 address here Distance Enter the administrative distance of the static route here This value must be between 1 and 254 A lower value represents a better route If not specified the default administrative distance for a static route is 1 Backup State Select the backup state option here Options to choose from are Pr...

Страница 216: ... when multiple pages exist IPv6 Route Table This window is used to display and configure the IPv6 route table To view the following window click L3 Features IPv6 Route Table as shown below Figure 6 25 IPv6 Route Table Window The fields that can be configured are described below Parameter Description IPv6 Address Select and enter the IPv6 address to display here IPv6 Address Prefix Length Select an...

Страница 217: ...ult route and static route The distance of the default route and the static route will be compared with other IPv4 routes learned by the dynamic routing protocol if they have the same destination network address The lower distance value is preferred To view the following window click L3 Features Route Preference as shown below Figure 6 26 Route Preference Window The fields that can be configured a...

Страница 218: ...to 12 characters long IPv6 Address Enter the IPv6 address and prefix length here Click the Apply button to accept the changes made Click the Find button to locate a specific entry based on the information entered Click the Delete button to delete the specified entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist RIP RIP Settings This window is ...

Страница 219: ...tic option means to redistribute IP static routes The Connected option refers to routes that are established automatically by virtue of configuring IP address on an interface Third enter the value to be used as the metric for the redistributed route here The range is from 0 to 16 Fourth enter the route map s name that is used in the filtering of the routes to be redistributed to the current routin...

Страница 220: ...ure should use the default configuration By default RIPv1 and RIPv2 packets are received but only RIPv1 packets are sent Distance Enter the administrative distance for RIP here The range is from 1 to 255 A lower value represents a better route Select the Default option to use the default administrative distance for RIP which is 100 Click the Apply button to accept the changes made RIP Distribute L...

Страница 221: ... to enable or disable the BFD feature on the specified interface When BFD is enabled on an interface the router creates BFD peers with the current RIP peers of the interface and BFD peers will be created when new RIP peers are added If an RIP peer is removed because RIP is disabled the related BFD peer will be removed When the BFD session goes down the RIP routes learned from the peer will be dele...

Страница 222: ...elds that can be configured in RIPng Global Settings are described below Parameter Description Global State Select to globally enable or disable the RIPng feature here Click the Apply button to accept the changes made The fields that can be configured in RIPng Settings are described below Parameter Description Default Metric Enter the default metric value here The range is from 1 to 16 This value ...

Страница 223: ...e interface with an unreachable metric Split Horizon Select to enable or disable the split horizon feature here When split horizon is enabled the routes learned from an interface will be not advertised out to the same interface Click the Apply button to accept the changes made The fields that can be configured in Redistribute Settings are described below Parameter Description Protocol Select the p...

Страница 224: ... Select to enable or disable the passive interface feature here If this option is enabled the router will not send RIPng packets out through the interface However RIPng packets from other routers received on the interface will continue to be processed Click the Apply button to accept the changes made Enter a page number and click the Go button to navigate to a specific page when multiple pages exi...

Страница 225: ...ticast routing forwarding cache database To view the following window click L3 Features IP Multicast Routing Protocol IPMC IP Multicast Forwarding Cache as shown below Figure 6 36 IP Multicast Forwarding Cache Window The fields that can be configured are described below Parameter Description Group Address Enter the multicast group s IP address here Source Address Enter the multicast source s IP ad...

Страница 226: ...he CPU will discard Open Shortest Path First OSPF Layer 3 control packets sent to it RIP Specifies that the CPU will discard Routing Information Protocol RIP Layer 3 control packets sent to it VRRP Specifies that the CPU will discard Virtual Router Redundancy Protocol VRRP Layer 3 control packets sent to it Action Select the action that will be taken here Options to choose from are Add Specifies t...

Страница 227: ...tton to locate a specific entry based on the information entered Click the Show All button to display all the entries BFD BFD Settings This window is used to display and configure the Bidirectional Forwarding Detection BFD settings To view the following window click L3 Features BFD BFD Settings as shown below Figure 6 39 BFD Settings Window The fields that can be configured in BFD State are descri...

Страница 228: ... control packets that this system is capable of supporting here The range is from 50 to 1000 milliseconds Multiplier Enter the BFD detection time multiplier value here The range is from 3 to 99 Slow Time Enter the BFD slow time value here The range is from 1000 to 3000 milliseconds Click the Apply button to accept the changes made BFD Neighbor Table This window is used to display the BFD neighbor ...

Страница 229: ...this rule here Options to choose from are Permit and Deny Permit Specifies that routes that match the rule entry are permitted Deny Specifies that routes that match the rule entry are denied Sequence ID Enter the sequence ID for this rule here The range is from 1 to 65535 Click the Apply button to accept the changes made Click the Find button to locate a specific entry based on the information ent...

Страница 230: ...tended IP access list Route Source Select and enter the standard or extended IP access list s name here This option is used to define a clause to match the route s source based on the standard or extended IP access list Metric Select and enter the metric value of the route here The range is from 0 to 4294967294 This option is used to define a clause to match the route s metric Route Type Select th...

Страница 231: ...es the match clauses of the configured route map sequence Options to choose from are IP Address and Recursive IP Address Specifies the IP addresses of the next hops to route the packet Enter the next hop IP addresses in the spaces provided here Up to 8 next hop IP addresses can be entered Recursive Specifies the IP address of the recursive as the next hop router Enter the recursive next hop IP add...

Страница 232: ...he Apply button to accept the changes made VRRP Settings This window is used to display and configure the Virtual Router Redundancy Protocol VRRP feature s settings All routers in the same VRRP group must be configured with the same virtual router ID and IP address A virtual router group is represented by a virtual router ID The IP address of the virtual router is the default router configured on ...

Страница 233: ...ot owned but associated with this virtual router Click the Apply button to accept the changes made The fields that can be configured in Virtual Router Settings are described below Parameter Description VLAN Enter the VLAN interface s ID used here The range is from 1 to 4094 VRID Enter the virtual router s ID used here This ID is used to identify the virtual router in the VRRP group The range is fr...

Страница 234: ...has a better priority than the current master Priority Enter the priority value here The range is from 1 to 254 BFD Remote IP Enter the VRRP group s BFD peer address here Critical IP Address Enter the critical IPv4 address here If the critical IP is configured on one virtual router the virtual router cannot be activated when the critical IP address is unreachable One VRRP group can only track one ...

Страница 235: ...r IPv6 Specifies to create an IPv6 virtual router Interface Name Enter the name of the VLAN interface that will be used in the display here This string can be up to 12 characters long Click the Apply button to accept the changes made Click the Find button to find and display an entry based on the information entered Click the Edit button to configure more detailed settings of the specified entry C...

Страница 236: ... of the virtual router here The range is from 1 to 254 The master of a VRRP group is elected based on the priority The virtual router with the highest priority becomes the master and others with lower priorities act as the backup for the VRRP group If there are multiple routers with the same highest priority value the router with the larger IP address will become the Master The router that is the ...

Страница 237: ...rt To Port Select the range of ports that will be used for this configuration here Default CoS Select the default CoS option for the port s specified here Options to choose from are 0 to 7 Select the Override option to override the CoS of the packets The default CoS will be applied to all incoming packets tagged or untagged received by the port Select the None option to specify that the CoS of the...

Страница 238: ...is subtracted by 1 and the packet in the next lower CoS queue will be serviced When the weight of a CoS queue reaches zero the queue will not be serviced until its weight is replenished When weights of all CoS queues reach 0 the weights get replenished at a time Weighted Deficit Round Robin WDRR operates by serving an accumulated set of backlogged credits in the transmit queue in a round robin ord...

Страница 239: ...cription Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the range of ports that will be used for this configuration here Queue ID Enter the queue ID value here This value must be between 0 and 7 WRR Weight Enter the WRR weight value here This value must be between 0 and 127 To satisfy the behavior requirements of Expedited Forwarding EF the highe...

Страница 240: ...splay and configure the port rate limiting settings To view the following window click QoS Basic Settings Port Rate Limiting as shown below Figure 7 5 Port Rate Limiting Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the range of ports that will be used for this co...

Страница 241: ...mitation Click the Apply button to accept the changes made Queue Rate Limiting This window is used to display and configure the queue rate limiting settings To view the following window click QoS Basic Settings Queue Rate Limiting as shown below Figure 7 6 Queue Rate Limiting Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be...

Страница 242: ... This value must be between 1 and 100 percent Also enter the maximum percentage value Max Percent in the space provided This value must be between 1 and 100 percent Click the Apply button to accept the changes made Advanced Settings DSCP Mutation Map This window is used to display and configure the Differentiated Services Code Point DSCP mutation map settings When a packet is received by an interf...

Страница 243: ...ding as shown below Figure 7 8 Port Trust State and Mutation Binding Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the range of ports that will be used for this configuration here Trust State Select the port trust state option here Options to choose from are CoS a...

Страница 244: ... Select the range of ports that will be used for this configuration here CoS Select the CoS value to map to the DSCP list Options to choose from are 0 to 7 DSCP List Enter the DSCP list value to map to the CoS value here This value must be between 0 and 63 Click the Apply button to accept the changes made CoS Color Mapping This window is used to display and configure the CoS color mapping settings...

Страница 245: ...nge of ports that will be used for this configuration here CoS List Enter the CoS value that will be mapped to the color This value must be between 0 and 7 Color Select the color option that will be mapped to the CoS value Options to choose from are Green Yellow and Red Click the Apply button to accept the changes made DSCP Color Mapping This window is used to display and configure the DSCP color ...

Страница 246: ... between 0 and 63 Color Select the color option that will be mapped to the DSCP value Options to choose from are Green Yellow and Red Click the Apply button to accept the changes made Class Map This window is used to display and configure the class map settings To view the following window click QoS Advanced Settings Class Map as shown below Figure 7 12 Class Map Window The fields that can be conf...

Страница 247: ... Select and enter the DSCP list value that will be matched with this class map here This value must be between 0 and 63 Tick the IPv4 only option to match IPv4 packets only If not specified the match is for both IPv4 and IPv6 packets Precedence List Select and enter the precedence list value that will be matched with this class map here This value must be between 0 and 7 Tick the IPv6 only option ...

Страница 248: ...e provided This value sets the IP differentiated services code point DSCP value and transmits the packet with the new IP DSCP value When selecting the Set 1P Transmit option enter the 1P transmit value in the space provided This value sets the 802 1p value and transmits the packet with the new value When selecting the Transmit option packets will be transmitted unaltered When selecting the Set DSC...

Страница 249: ...ansmits the packet with the new IP DSCP value When selecting the Set 1P Transmit option enter the 1P transmit value in the space provided This value sets the 802 1p value and transmits the packet with the new value When selecting the Transmit option packets will be transmitted unaltered When selecting the Set DSCP 1P option enter the IP DSCP and 1P transmit values in the spaces provided Color Awar...

Страница 250: ... on packets that exceed the rate limit For a two rate policer if the exceed action is not specified the default action is Drop Options to choose from are Drop Set DSCP Transmit Set 1P Transmit Transmit and Set DSCP 1P When selecting the Drop option the packet will be dropped When selecting the Set DSCP Transmit option enter the IP DSCP value in the space provided This value sets the IP differentia...

Страница 251: ...his window is used to display and configure the policy map settings To view the following window click QoS Advanced Settings Policy Map as shown below Figure 7 16 Policy Map Window The fields that can be configured for Create Delete Policy Map are described below Parameter Description Policy Map Name Enter the policy map s name here that will be created or deleted This name can be up to 32 charact...

Страница 252: ...l be marked only If not selected then both IPv4 and IPv6 precedence will be marked For IPv6 packets the precedence is the most three significant bits of the traffic class of the IPv6 header Setting the precedence will not affect the CoS queue selection New DSCP Select the new DSCP value for the packet here The range is from 0 to 63 Select the IPv4 only option to specify that the IPv4 DSCP will be ...

Страница 253: ...ansmit the packet with the new DSCP value Enter the new DSCP value in the space provided Set 1P Transmit Specifies that the conform action is to modify the 802 1p value and then to transmit the packet with the new 802 1p value Enter the new 802 1p value in the space provided Transmit Specifies that the conform action is to transmit the packet unmodified Set DSCP 1P Specifies that the conform actio...

Страница 254: ...ded Set 1P Transmit Specifies that the violate action is to modify the 802 1p value and then to transmit the packet with the new 802 1p value Enter the new 802 1p value in the space provided Transmit Specifies that the violate action is to transmit the packet unmodified Set DSCP 1P Specifies that the violate action is to modify the DSCP and 802 1p values and then to transmit the packet with the ne...

Страница 255: ...gure the network Quality of Service QoS feature s Priority based Flow Control PFC class map settings To view the following window click QoS QoS PFC Network QoS Class Map as shown below Figure 7 20 Network QoS Class Map Window The fields that can be configured are described below Parameter Description Network QoS Class Map Name Enter the network QoS class map s name to be associated with a traffic ...

Страница 256: ...igure 7 22 Network QoS Policy Map Window The fields that can be configured in Create Delete Network QoS Policy Map are described below Parameter Description Network QoS Policy Map name Enter the network QoS policy map s name here This name can be up to 32 characters long Click the Apply button to accept the changes made The fields that can be configured in Traffic Policy are described below Parame...

Страница 257: ...to enable or disable the pause feature here This feature is used to enable PFC on a class referenced in a type network QoS policy map Click the Apply button to accept the changes made Network QoS Policy Binding This window is used to display and configure the network QoS policy s binding settings To view the following window click QoS QoS PFC Network QoS Policy Binding as shown below Figure 7 24 N...

Страница 258: ...low Figure 7 25 PFC Port Settings Window The fields that can be configured in PFC Port Settings are described below Parameter Description Unit Select the Switch s unit ID that will be used here From Port To Port Select the Switch s port range that will be used here Willing Select to enable or disable the willing feature here This is used to turn on the Data Center Bridging Exchange Protocol DCBX P...

Страница 259: ...ngs To view the following window click QoS WRED WRED Profile as shown below Figure 7 26 WRED Profile Window The fields that can be configured are described below Parameter Description Profile Enter the WRED profile s ID here The range is from 1 to 128 Packet Type Select the packet type here Options to choose from are TCP and Non TCP TCP Specifies the WRED drop parameters for the TCP packets to be ...

Страница 260: ...sed on the information entered Click the Reset Configuration button to reset the configuration on the specified entry WRED Queue This window is used to display and configure the WRED feature s queue settings WRED drops packets based on the average queue size exceeding a specific threshold to indicate congestion Explicit Congestion Notification ECN is an extension to WRED in that ECN marks packets ...

Страница 261: ...d to display and clear the WRED feature s drop counter information To view the following window click QoS WRED WRED Drop Counter as shown below Figure 7 28 WRED Drop Counter Window The fields that can be configured are described below Parameter Description Unit Select the Switch s unit ID that will be used here From Port To Port Select the Switch s port range that will be used here Click the Clear...

Страница 262: ...om the remote Switch DCBX is used by DCB devices to exchange configuration information with directly connected peers The protocol may also be used for misconfiguration detection and for configuration of the peer The willing mode indicates that the local port has been administratively configured to accept configurations from the remote device Click the Apply button to accept the changes made Click ...

Страница 263: ... range that will be used here Queue 1 Queue 7 Select and enter the recommended bandwidth for traffic classes 0 to 7 here that will be associated with the selected port s It is required to specify 8 values for traffic class 0 to 7 respectively The sum of the bandwidth assigned to a given port is required at all times to be equal to 100 An operation that attempts to change the bandwidth where the su...

Страница 264: ... for all interfaces will be created with a default value When a priority is deleted from CNPV the CNPV configuration for all interfaces will be deleted To view the following window click QoS QCN QCN CNPV Status as shown below Figure 7 32 QCN CNPV Status Window The fields that can be configured are described below Parameter Description QCN Status Select to globally enable or disable the QCN feature...

Страница 265: ...he Edit button the following page will appear Figure 7 34 QCN CNPV Settings Edit Window The fields that can be configured in the table are described below Parameter Description Defense Mode Choice Select the defense mode choice here Options to choose from are Admin and Auto By default this option is Auto Admin Specifies that the default Congestion Notification Domain CND defense mode and alternate...

Страница 266: ...iority value to which this priority value is to be remapped when the receiving frame with an 802 1p priority equal to the specified CNPV at Edge port The range is from 0 to 7 CP Creation Select to enable or disable the CP creation feature here Click the Apply button to accept the changes made QCN CNPV Interface Settings This window is used to display and configure the QCN CNPV interface settings T...

Страница 267: ...he priority parameter of frame input is not remapped to or from this priority and the CN TAGs won t be stripped off when transmitting the frames Edge Specifies that the priority parameter of frame input at this priority is remapped to an alternate value Frames at other priorities are not remapped to this priority and the frames are transmitted without a CN TAG Alternate Priority Select the alterna...

Страница 268: ...t s Min Header Octets Enter the minimum number of octets to be returned in a CNM from the data frame that triggered transmission of the CNM here The range is from 0 to 64 By default this value is 0 Sample Base Enter the minimum number of octets to queue in the CP s queue between transmissions of CNMs here The range is from 10000 to 4294967295 octets By default this value is 15000 octets Set Point ...

Страница 269: ...the Switch s unit ID that will be used here Port Select the port that will be used here CP Select the queue ID same as the outbound queue ID to specify which Congestion Point CP to clear counters Click the Find button to locate a specific entry based on the information entered Click the Clear button to clear the counter information based on the information specified Click the Show All button to di...

Страница 270: ...gs To view the following window click QoS iSCSI iSCSI Settings as shown below Figure 7 40 iSCSI Settings Window The fields that can be configured are described below Parameter Description iSCSI State Select to globally enable or disable the iSCSI awareness feature here iSCSI CoS Select the iSCSI CoS that will be configured here Options to choose from are VPT Specifies to use VLAN Priority Tag VPT ...

Страница 271: ...t the changes made The fields that can be configured in iSCSI Targets and TCP Ports are described below Parameter Description iSCSI Target Port Enter the iSCSI target port number here The range is from 1 to 65535 IP Address Enter the IP address of the iSCSI target here Target Name Enter the iSCSI target name here This string can be up to 255 characters long The name can be manually configured or o...

Страница 272: ...LAN Filter CPU ACL ACL Configuration Wizard This window is used to guide the user to create a new ACL access list or configure an existing ACL access list Step 1 Create Update To view the following window click ACL ACL Configuration Wizard as shown below Figure 8 1 ACL Configuration Wizard Create Window Figure 8 2 ACL Configuration Wizard Update Window The fields that can be configured are describ...

Страница 273: ...nter a page number and click the Go button to navigate to a specific page when multiple pages exist Step 2 Select Packet Type After clicking the Next button the following window will appear Figure 8 3 ACL Configuration Wizard Create Packet Type Window The fields that can be configured are described below Parameter Description MAC Select to create update a MAC ACL IPv4 Select to create update an IP...

Страница 274: ... the source host s MAC address here When the MAC option is selected the Wildcard option will also be available Enter the source MAC address and wildcard value in the spaces provided Destination Select and enter the destination MAC address information here Options to choose from are Any Host and MAC When the Any option is selected any destination traffic will be evaluated according to the condition...

Страница 275: ...lect the inner CoS value that will be used here The range is from 0 to 7 Mask Enter the inner CoS mask value here The range is from 0x0 to 0x7 VID Enter the VLAN ID that will be associated with this ACL rule here The range is from 1 to 4094 Mask Enter the VLAN ID mask value here The range is from 0x0 to 0xFFF Inner VID Enter the inner VLAN ID that will be associated with this ACL rule here The ran...

Страница 276: ...ule number for this entry Protocol Type Select the protocol type option here Options to choose from are TCP UDP ICMP EIGRP 88 ESP 50 GRE 47 IGMP 2 OSPF 89 PIM 103 VRRP 112 IP in IP 94 PCP 108 Protocol ID and None Value The protocol ID can also manually be entered here The range is from 0 to 255 Mask After selecting the Protocol ID option manually enter the protocol mask value here The range is fro...

Страница 277: ...ll ports greater than the selected port will be used When selecting the option all ports smaller than the selected port will be used When selecting the option all ports excluding the selected port will be used When selecting the Range option the start port number and end port number selected of the range will be used Alternatively the port number s can manually be entered in the space s provided i...

Страница 278: ...ntered here The range is from 0 to 7 Mask Enter the IP precedence mask value here The range is from 0x0 to 0x7 ToS Select the Type of Service ToS value that will be used here Options to choose from are normal 0 min monetary cost 1 max reliability 2 max throughput 4 and min delay 8 Value The ToS value can also manually be entered here The range is from 0 to 15 Mask Enter the ToS mask value here The...

Страница 279: ...tically generate an ACL rule number for this entry Protocol Type Select the protocol type option here Options to choose from are TCP UDP ICMP Protocol ID ESP 50 PCP 108 SCTP 132 and None Value The protocol ID can also manually be entered here The range is from 0 to 255 Mask After selecting the Protocol ID option manually enter the protocol mask value here The range is from 0x0 to 0xFF Fragments Se...

Страница 280: ...ng the option all ports excluding the selected port will be used When selecting the Range option the start port number and end port number selected of the range will be used Alternatively the port number s can manually be entered in the space s provided if the port number s is are not available in the drop down list When selecting the Mask option the specified source port number and mask will be u...

Страница 281: ... 46 Value The DSCP value can also manually be entered here The range is from 0 to 63 Mask Enter the DSCP mask value here The range is from 0x0 to 0x3F Traffic Class Select and enter the traffic class value here The range is from 0 to 255 Mask Enter the traffic class mask value here The range is from 0x0 to 0x3F TCP Flag Tick the appropriate TCP flag option to include the flag in this rule Options ...

Страница 282: ...ed are described below Parameter Description ACL Type Select the ACL type to find here Options to choose from are All IP ACL IPv6 ACL MAC ACL and Expert ACL ID Select and enter the access list s ID here The range is from 1 to 14999 ACL Name Select and enter the access list s name here This name can be up to 32 characters long Click the Find button to locate a specific entry based on the informatio...

Страница 283: ...step here The step range is from 1 to 32 This specifies the number that the sequence numbers step The default value is 10 For example if the increment step value is 5 and the beginning sequence number is 20 the subsequent sequence numbers are 25 30 35 40 and so on Counter State Select to enable or disable the counter state option here Remark Enter an optional remark that will be associated with th...

Страница 284: ...d Rule button the following page will appear Figure 8 11 Standard IP ACL Add Rule Window The fields that can be configured are described below Parameter Description Sequence No Enter the sequence number of this ACL rule here The range is from 1 to 65535 If this value is not specified the system will automatically generate an ACL rule number for this entry Action Select the action that this rule wi...

Страница 285: ...n IP addresses by using a wildcard bitmap The bit corresponding to the bit value 1 will be ignored The bit corresponding to the bit value 0 will be checked Time Range Enter the name of the time range profile that will be used in this ACL rule here This name can be up to 32 characters long Click the Apply button to accept the changes made Click the Back button to discard the changes made and return...

Страница 286: ...estination IP information here Options to choose from are Any Host and IP When the Any option is selected any destination traffic will be evaluated according to the conditions of this rule When the Host option is selected enter the destination host s IP address here When the IP option is selected the Wildcard option will also be available Enter the group of destination IP addresses by using a wild...

Страница 287: ... enter the Message Code numerical value used here The range is from 0 to 255 When the ICMP Message Type is selected this numerical value will automatically be entered This parameter is only available in the protocol type ICMP TCP Flag Tick the appropriate TCP flag option to include the flag in this rule Options to choose from are ack fin psh rst syn and urg This parameter is only available in the ...

Страница 288: ... Host IPv6 and Prefix Length When the Any option is selected any source traffic will be evaluated according to the conditions of this rule When the Host option is selected enter the source host s IPv6 address here When the IPv6 option is selected the Prefix Length option will also be available Enter the source IPv6 address and prefix length value in the spaces provided Destination Select and enter...

Страница 289: ...ly generate an ACL rule number for this entry Action Select the action that this rule will take here Options to choose from are Permit and Deny Protocol Type Select the protocol type option here Options to choose from are TCP UDP ICMP Protocol ID ESP 50 PCP 108 SCTP 132 and None Value The protocol ID can also manually be entered here The range is from 0 to 255 Mask After selecting the Protocol ID ...

Страница 290: ...ange will be used Alternatively the port number s can manually be entered in the space s provided if the port number s is are not available in the drop down list When selecting the Mask option the specified source port number and mask will be used Enter the source port mask value in the space provided The range is from 0x0 to 0xFFFF This parameter is only available in the protocol type TCP and UDP...

Страница 291: ...rom are default 0 af11 10 af12 12 af13 14 af21 18 af22 20 af23 22 af31 26 af32 28 af33 30 af41 34 af42 36 af43 38 cs1 8 cs2 16 cs3 24 cs4 32 cs5 40 cs6 48 cs7 56 and ef 46 Value The DSCP value can also manually be entered here The range is from 0 to 63 Mask Enter the DSCP mask value here The range is from 0x0 to 0x3F Traffic Class Select and enter the traffic class value here The range is from 0 t...

Страница 292: ...ected enter the source host s MAC address here When the MAC option is selected the Wildcard option will also be available Enter the source MAC address and wildcard value in the spaces provided Destination Select and enter the destination MAC address information here Options to choose from are Any Host MAC and Wildcard When the Any option is selected any destination traffic will be evaluated accord...

Страница 293: ...here The range is from 0x0 to 0x7 VID Enter the VLAN ID that will be associated with this ACL rule here The range is from 1 to 4094 Mask Enter the VLAN ID mask value here The range is from 0x0 to 0xFFF Inner VID Enter the inner VLAN ID that will be associated with this ACL rule here The range is from 1 to 4094 Mask Enter the inner VLAN ID mask value here The range is from 0x0 to 0xFFF VLAN Range S...

Страница 294: ...P EIGRP 88 ESP 50 GRE 47 IGMP 2 OSPF 89 PIM 103 VRRP 112 IP in IP 94 PCP 108 Protocol ID and None Value The protocol ID can also manually be entered here The range is from 0 to 255 Mask After selecting the Protocol ID option manually enter the protocol mask value here The range is from 0x0 to 0xFF Fragments Select this option to include packet fragment filtering Source Select and enter the source ...

Страница 295: ...ny Host MAC and Wildcard When the Any option is selected any destination traffic will be evaluated according to the conditions of this rule When the Host option is selected enter the destination host s MAC address here When the MAC option is selected the Wildcard option will also be available Enter the destination MAC address and wildcard value in the spaces provided Source Port Select and enter t...

Страница 296: ...will automatically be entered This parameter is only available in the protocol type ICMP IP Precedence Select the IP precedence value used here Options to choose from are routine 0 priority 1 immediate 2 flash 3 flash override 4 critical 5 internet 6 and network 7 Value The IP precedence value can also manually be entered here The range is from 0 to 7 Mask Enter the IP precedence mask value here T...

Страница 297: ...ters long Click the Apply button to accept the changes made Click the Back button to discard the changes made and return to the previous page ACL Interface Access Group This window is used to display and configure the ACL interface access group settings To view the following window click ACL ACL Interface Access Group as shown below Figure 8 17 ACL Interface Access Group Window The fields that can...

Страница 298: ... map settings To view the following window click ACL ACL VLAN Access Map as shown below Figure 8 19 ACL VLAN Access Map Window The fields that can be configured are described below Parameter Description Access Map Name Enter the access map s name here This name can be up to 32 characters long Sub Map Number Enter the sub map s number here This value must be between 1 and 65535 Action Select the ac...

Страница 299: ...rameter Description Match IP Access List Here the IP access list that will be matched will be displayed Match IPv6 Access List Here the IPv6 access list that will be matched will be displayed Match MAC Access List Here the MAC access list that will be matched will be displayed Click the Please Select button navigate to a list of access lists that can be selected to be used in this configuration Cl...

Страница 300: ...ID List Enter the VLAN ID list that will be used here Select the All VLANs option to apply this configuration to all the VLANs configured on the Switch Click the Apply button to accept the changes made Click the Delete button to remove the specific entry Enter a page number and click the Go button to navigate to a specific page when multiple pages exist CPU ACL This window is used to display and c...

Страница 301: ...e higher the priority of the access list ACL Name Enter the standard or extended IP access list s name to be matched here This name can be up to 32 characters long Alternatively click the Please Select button to select an existing ACL from the list Click the Apply button to accept the changes made Click the Delete button to delete the specified entry The fields that can be configured in Match IPv6...

Страница 302: ...cess list ACL Name Enter the extended expert access list s name to be matched here This name can be up to 32 characters long Alternatively click the Please Select button to select an existing ACL from the list Click the Apply button to accept the changes made Click the Delete button to delete the specified entry The fields that can be configured in Match Ingress Interface are described below Param...

Страница 303: ...L SFTP Server Settings Port Security Port Security Global Settings This window is used to display and configure the port security global settings Port Security is a security feature that prevents unauthorized computers with source MAC addresses unknown to the Switch prior to locking the port or ports from connecting to the Switch s locked ports and gaining access to the network To view the followi...

Страница 304: ...id range is from 1 to 6656 Tick the No Limit checkbox to allow the maximum number of secure MAC address Click the Apply button to accept the changes made The fields that can be configured in Port Security VLAN Settings are described below Parameter Description VID List Enter the VLAN ID s here VLAN Max Learning Address Enter the maximum number of allowed MAC addresses that can be learned on the sp...

Страница 305: ...ess level and increments the security violation count and record the system log Selecting Shutdown specifies to shut down the port if there is a security violation and record the system log Security Mode Select the security mode option here Options to choose from are Permanent and Delete on Timeout Selecting Permanent specifies that under this mode all learned MAC addresses will not be purged out ...

Страница 306: ...ere This value must be between 1 and 4094 Click the Add button to add a new entry based on the information entered Click the Delete button to remove a new entry based on the information entered Click the Clear by Port button to clear the information based on the port selected Click the Clear by MAC button to clear the information based on the MAC address entered Click the Clear All button to clear...

Страница 307: ...e roles of Client Authenticator and Authentication Server in greater detail Authentication Server The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator must be running a RADIUS Server program and must be configured properly on the Authenticator Switch Clients connected to a port on the Switch must be authenticated by the Authentication S...

Страница 308: ...ck to the Client Figure 9 7 The Authenticator Three steps must be implemented on the Switch to properly configure the Authenticator The 802 1X State must be Enabled Security 802 1X 802 1X Global Settings The 802 1X settings must be implemented by port Security 802 1X 802 1X Port Settings A RADIUS server must be configured on the Switch Security RADIUS RADIUS Server Settings Client The Client is si...

Страница 309: ...hrough the port The following figure displays a more detailed explanation of how the authentication process is completed between the three roles stated above Figure 9 9 The 802 1X Authentication Process The D Link implementation of 802 1X allows network administrators to choose between two types of Access Control used on the Switch which are Port based Access Control This method requires only one ...

Страница 310: ...riction until an event occurs that causes the Port to become Unauthorized Hence if the Port is actually connected to a shared media LAN segment with more than one attached device successfully authenticating one of the attached devices effectively provides access to the LAN for all devices on the shared segment Clearly the security offered in this situation is open to attack Figure 9 10 Example of ...

Страница 311: ...tings as shown below Figure 9 12 802 1X Global Settings Window The fields that can be configured are described below Parameter Description 802 1X State Select to enable or disable the 802 1X global state here 802 1XTrap State Select to enable or disable the 802 1X trap state here Click the Apply button to accept the changes made 802 1X Port Settings This window is used to display and configure the...

Страница 312: ...le or disable the forward PDU option here MaxReq Enter the maximum required times value here This value must be between 1 and 10 By default this option is 2 This option configures the maximum number of times that the backend authentication state machine will retransmit an Extensible Authentication Protocol EAP request frame to the supplicant before restarting the authentication process PAE Authent...

Страница 313: ... the session information based on the MAC address Enter a page number and click the Go button to navigate to a specific page when multiple pages exist Authenticator Statistics This window is used to display and clear the authenticator statistics To view the following window click Security 802 1X Authenticator Statistics as shown below Figure 9 15 Authenticator Statistics Window The fields that can...

Страница 314: ... below Parameter Description Unit Select the Switch unit that will be used for this query here Port Select the appropriate port used for the query here Click the Find button to locate a specific entry based on the information entered Click the Clear Counters button to clear the counter information based on the selections made Click the Clear All button to clear all the information in this table Au...

Страница 315: ...e information entered Click the Clear Counters button to clear the counter information based on the selections made Click the Clear All button to clear all the information in this table Enter a page number and click the Go button to navigate to a specific page when multiple pages exist AAA AAA Global Settings This window is used to enable or disable the Authentication Authorization and Accounting ...

Страница 316: ...ow Figure 9 19 Application Authentication Settings Window Click the Edit button to re configure the specific entry Figure 9 20 Application Authentication Settings Edit Window The fields that can be configured are described below Parameter Description Login Method List After clicking the Edit button for the specific entry enter the login method list name used here Click the Edit button to re config...

Страница 317: ...fic entry enter the EXEC method list name used here Click the Apply button to accept the changes made The fields that can be configured in Application Accounting Commands Method List are described below Parameter Description Application Select the application used here Options to choose from are Console Telnet and SSH Level Select the privilege level used here Options to choose from are levels 1 t...

Страница 318: ...ne Normally the method is listed as the last method The user will pass authentication if it is not denied by previous method authentication local Specifies to use the local database for authentication group Specifies to use the server groups defined by the AAA group server Enter the AAA group server name in the space provided This string can be up to 32 characters long radius Specifies to use the ...

Страница 319: ...oose from are none Normally the method is listed as the last method The user will pass authentication if it is not denied by previous method authentication local Specifies to use the local database for authentication group Specifies to use the server groups defined by the AAA group server Enter the AAA group server name in the space provided This string can be up to 32 characters long radius Speci...

Страница 320: ...ccept the changes made The fields that can be configured in AAA Authentication Login are described below Parameter Description List Name Enter the method list name that will be used with the AAA authentication login option here Method 1 Method 4 Select the method lists that will be used for this configuration here Options to choose from are none Normally the method is listed as the last method The...

Страница 321: ...cking the AAA Accounting System tab the following page will appear Figure 9 26 Accounting Settings AAA Accounting System Window The fields that can be configured in AAA Accounting System are described below Parameter Description Default Select to enable or disable the use of the default method list here Method 1 Method 4 Select the method lists that will be used for this configuration here Options...

Страница 322: ... The fields that can be configured are described below Parameter Description Level Select the privilege level used here Options to choose from are levels 1 to 15 List Name Enter the method list name that will be used with the AAA accounting commands option here Method 1 Method 4 Select the method lists that will be used for this configuration here Options to choose from are none group and tacacs O...

Страница 323: ...server When the system finds a server does not respond it will mark the server as down start a dead time timer and skip them in authentication of the following requests until expiration of the dead time Click the Apply button to accept the changes made The fields that can be configured in RADIUS Global IPv4 Source Interface are described below Parameter Description IPv4 RADIUS Source Interface Nam...

Страница 324: ...nter the retransmit value used here This value must be between 0 and 20 By default this value is 3 To disable this option enter the value 0 Timeout Enter the timeout value used here This value must be between 1 and 255 seconds By default this value is 5 seconds Key Type Select the key type that will be used here Options to choose from are Plain Text and Encrypted Key Enter the key used to communic...

Страница 325: ...specified entry After clicking the Show Detail button the following page will be available Figure 9 32 RADIUS Group Server Settings Detail Window The fields that can be configured are described below Parameter Description IPv4 RADIUS Source Interface Name Enter the name of the source IPv4 RADIUS interface here IPv6 RADIUS Source Interface Name Enter the name of the source IPv6 RADIUS interface her...

Страница 326: ... on the selections made Click the Clear All button to clear all the information in this table Enter a page number and click the Go button to navigate to a specific page when multiple pages exist TACACS TACACS Global Settings This window is used to display and configure the global TACACS server settings To view the following window click Security TACACS TACACS Global Settings as shown below Figure ...

Страница 327: ...n below Figure 9 35 TACACS Server Settings Window The fields that can be configured are described below Parameter Description IP Address Enter the TACACS server s IPv4 address here IPv6 Address Enter the TACACS server s IPv6 address here Port Enter the port number used here This value must be between 1 and 65535 By default this value is 49 Timeout Enter the timeout value here This value must be be...

Страница 328: ...a new entry based on the information entered Click the Show Detail button to view and configure more detailed settings for the TACACS group server Click the Delete button to remove the specified entry After clicking the Show Detail button the following page will be available Figure 9 37 TACACS Group Server Settings Show Detail Window The fields that can be configured are described below Parameter ...

Страница 329: ...ws the transmission of data between the layers The primary purpose of IP MAC Port Binding IMPB is to restrict the access to a Switch to a number of authorized users Authorized clients can access a Switch s port by either checking the pair of IP MAC addresses with the pre configured database or if DHCP snooping has been enabled in which case the Switch will automatically learn the IP MAC pairs by s...

Страница 330: ...and MAC address Click the Apply button to accept the changes made DHCP Snooping Port Settings This window is used to display and configure the DHCP snooping port settings To view the following window click Security IMPB IPv4 DHCPv4 Snooping DHCP Snooping Port Settings as shown below Figure 9 40 DHCP Snooping Port Settings Window The fields that can be configured are described below Parameter Descr...

Страница 331: ...window click Security IMPB IPv4 DHCPv4 Snooping DHCP Snooping VLAN Settings as shown below Figure 9 41 DHCP Snooping VLAN Settings Window The fields that can be configured are described below Parameter Description VID List Enter the VLAN ID list used here State Select to enable or disable the DHCP snooping VLAN setting here Click the Apply button to accept the changes made DHCP Snooping Database T...

Страница 332: ...cription URL Select the location from the drop down list and enter the URL where the DHCP snooping database will be stored to here Locations to choose from are TFTP FTP and Flash An example URL is given Click the Apply button to accept the changes made The fields that can be configured in Load DHCP Snooping Database are described below Parameter Description URL Select the location from the drop do...

Страница 333: ...ng binding entry here Unit Select the Switch unit that will be used for this configuration here Port Select the appropriate port used for the configuration here Expiry Enter the expiry time value used here This value must be between 60 and 4294967295 seconds Click the Add button to add a new entry based on the information entered Click the Delete button to remove the specified entry Enter a page n...

Страница 334: ...ons to choose from are Any Host and IP with Mask Sender IP After selecting the Host or IP with Mask options as the type of IP enter the sender IP address used here Sender IP Mask After selecting the IP with Mask option as the type of IP enter the sender IP mask used here MAC Select the type of sender MAC address that will be used here Options to choose from are Any Host and MAC with Mask Sender MA...

Страница 335: ...ted IP addresses It also specifies to check the validity of IP address in the ARP payload The sender IP in both the ARP request and response and target IP in the ARP response are validated Packets destined for the IP addresses 0 0 0 0 255 255 255 255 and all IP multicast addresses are dropped Sender IP addresses are checked in all ARP requests and responses and target IP addresses are checked only...

Страница 336: ...range used for the configuration here Rate Limit Enter the rate limit value here This value must be between 1 and 150 packets per seconds Burst Interval Enter the burst interval value here This value must be between 1 and 15 Tick the None option to disable the option Trust State Select to enable or disable the trust state here Click the Apply button to accept the changes made Click the Set to Defa...

Страница 337: ...low Parameter Description VID List Enter the VLAN ID list used here Click the Clear by VLAN button to clear the information based on the VLAN ID s entered Click the Clear All button to clear all the information in this table Enter a page number and click the Go button to navigate to a specific page when multiple pages exist ARP Inspection Log This window is used to display configure and clear the ...

Страница 338: ... for this configuration here From Port To Port Select the appropriate port range used for the configuration here State Select to enable or disable the IP source guard s state for the specified port s here Validation Select the validation method used here Options to choose from are IP and IP MAC Selecting IP means that the IP address of the received packets will be checked Selecting IP MAC means th...

Страница 339: ...the Switch unit that will be used for this query here From Port To Port Select the appropriate port range used for the query here IP Address Enter the IP address of the binding entry here MAC Address Enter the MAC address of the binding entry here VID Enter the VLAN ID of the binding entry here Type Select the type of binding entry to find here Options to choose from are All DHCP Snooping and Stat...

Страница 340: ...for this query here From Port To Port Select the appropriate port range used for the query here Click the Find button to locate a specific entry based on the information entered Enter a page number and click the Go button to navigate to a specific page when multiple pages exist Advanced Settings IP MAC Port Binding Settings This window is used to display and configure the IP MAC Port binding setti...

Страница 341: ...ss control a host will be denied to access the port after the host sends ARP or IP packets and the ARP packet or IP packet sent by the host does not pass the binding check To pass the binding check the source IP address source MAC address VLAN ID and arrival port must match any of the entries defined by either the IP source guard static binding entry or the DHCP snooping learned dynamic binding en...

Страница 342: ...n Protocol Select the protocol state here Options to choose from are Enabled and Disabled Select DHCP to associate the DHCP protocol with this policy Select NDP to associate the NDP protocol with this policy DHCPv6 Snooping sniffs the DHCPv6 packets sent between the DHCPv6 client and server in the address assigning procedure When a DHCPv6 client successfully got a valid IPv6 address DHCPv6 snoopin...

Страница 343: ... against the dynamic binding table learned from the ND protocol or from the DHCP Validate Source MAC Select to enable or disable the validation of the source MAC address option here When the Switch receives an ND message that contains a link layer address the source MAC address is checked against the link layer address The packet will be dropped if the link layer address and the MAC addresses are ...

Страница 344: ...Tick this option to specify the target port Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here Click the Apply button to accept the changes made Click the Edit button to re configure the specific entry Click the Delete button to remove the specified entry After clicking the Please Select butt...

Страница 345: ... IPv6 access list to match here Click the Please Select button to select an existing ACL from the list Target Port Tick this option to specify the target port Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here Click the Apply button to accept the changes made Click the Edit button to re confi...

Страница 346: ...hen all global addresses on a link are assigned by DHCP and the administrator that wants to block hosts with self configured addresses from sending traffic Link Local Traffic Select to permit of deny hardware permitted data traffic send by the link local address Target Port Tick this option to specify the target port Unit Select the Switch unit that will be used for this configuration here From Po...

Страница 347: ...are described below Parameter Description Unit Select the Switch unit that will be used for this search here From Port To Port Select the appropriate port range used for the search here IPv6 Address Enter the IPv6 address to find here MAC Address Enter the MAC address to find here VID Enter the VLAN ID to find here Click the Find button to locate a specific entry based on the information entered C...

Страница 348: ...gure 9 64 DHCP Server Screening Global Settings Window The fields that can be configured in Trap Settings are described below Parameter Description Trap State Select to enable or disable the DHCP server screening trap here Click the Apply button to accept the changes made The fields that can be configured in Profile Settings are described below Parameter Description Profile Name Enter the DHCP ser...

Страница 349: ...e port s specified Server IP Enter the DHCP server s IP address here Profile Name Enter the DHCP server screening profile that will be used for the port s specified here Click the Apply button to accept the changes made Click the Delete button to remove the specified entry ARP Spoofing Prevention This window is used to display and configure the ARP spoofing prevention settings When an entry is cre...

Страница 350: ...ormal state and another is under attack state The under attack state has three modes drop block and shutdown A BPDU protection enabled port will enter an under attack state when it receives one STP BPDU packet and it will take action based on the configuration Thus BPDU protection can only be enabled on the STP disabled port BPDU protection has a higher priority than the Forward BPDU FBPDU setting...

Страница 351: ...he Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here State Select to enable or disable the BPDU attack protection feature s state on the port s specified Mode Select the BPDU attack protection feature s mode that will be applied to the port s specified Options to choose from are Drop Block and Shutdown Drop...

Страница 352: ...tBIOS Filtering State Select to enable or disable the extensive NetBIOS filtering state on the specified port s This is used to permit or deny NetBIOS packets over 802 3 frames on physical ports Click the Apply button to accept the changes made MAC Authentication This window is used to display and configure the MAC authentication settings MAC authentication is a feature designed to authenticate a ...

Страница 353: ...nter the username used for MAC authentication here This name can be up to 16 characters long Tick the Default option to restore the username to the client s MAC address here Password Enter the password used for MAC authentication here Tick the Encrypt option save this password in the encrypted form Tick the Default option to restore the password to the client s MAC address here Click the Apply but...

Страница 354: ...nt to a virtual IP address but not to the IP address of the Switch s physical interface Virtual IP works like this when a host PC communicates with the WAC Switch through a virtual IP the virtual IP is transformed into the physical IPIF IP interface address of the Switch to make the communication possible The host PC and other servers IP configurations do not depend on the virtual IP of WAC The vi...

Страница 355: ...ction so that client may obtain an IP address Certain functions exist on the Switch that will filter HTTP packets such as the ACL function The user needs to be very careful when setting filter functions for the target VLAN so that these HTTP packets are not denied by the Switch If a RADIUS server is to be used for authentication the user must first establish a RADIUS Server with the appropriate pa...

Страница 356: ...est So it s not allowed to configure virtual IP in the same subnet as the Switch s IP interface or the same subnet as the host PCs subnet otherwise the Web authentication cannot operate correctly The defined URL only takes effect when the virtual IP address is configured The users get the FQDN URL stored on the DNS server to get the virtual IP address The obtained IP address must match the virtual...

Страница 357: ...nfiguration here From Port To Port Select the appropriate port range used for the configuration here State Select to enable or disable the WAC feature on the port s specified Click the Apply button to accept the changes made WAC Customize Page This window is used to display and configure the WAC customized login page To view the following window click Security Web based Access Control WAC Customiz...

Страница 358: ...ck the Set to Default button to replace the information with the default information Click the Apply button to accept the changes made Network Access Authentication Guest VLAN This window is used to display and configure the network access authentication guest VLAN settings To view the following window click Security Network Access Authentication Guest VLAN as shown below Figure 9 74 Guest VLAN Wi...

Страница 359: ...lect to enable or disable the deny MAC move feature here This option controls whether to allow authenticated hosts to do roaming across different Switch ports and only controls whether a host which is authenticated at a port set to the multi authenticate mode is allowed to move to another port If a station is allowed to move there are two situations It may either need to be re authenticated or dir...

Страница 360: ...The fields that can be configured in User Information are described below Parameter Description User Name Enter the user name used here This name can be up to 32 characters long VID Enter the VLAN ID used here Password Type Select the password type option here Options to choose from are Plain Text and Encrypted Password Enter the password used here Click the Apply button to accept the changes made...

Страница 361: ...s authentication mode is changed to multi host the previous authentication VLAN s on this port will be cleared CompAuth Mode Select the compound authentication mode option here Options to choose from are Any and MAC WAC Selecting Any specifies that if any of the authentication method 802 1X MAC based Access Control or WAC to passes then pass Selecting MAC WAC specifies to verify MAC based authenti...

Страница 362: ...kload of the Switch while the attack is ongoing thus making it capable to forward essential packets over its network in a limited bandwidth If the CPU load rises above the rising threshold value the Safeguard Engine function will be activated and the Switch will enter the exhausted mode In the exhausted mode the Switch will limit the bandwidth available for ARP and broadcast IP packets If the CPU ...

Страница 363: ...ol Telnet Manage Telnet TFTP Manage Trivial File Transfer Protocol Web Manage Hypertext Transfer Protocol HTTP and Hypertext Transfer Protocol Secure HTTPS A customized rate limit in packets per second can be assigned to the Safeguard Engine s sub interfaces as a whole or to individual protocols specified by the user in the management interface Be careful when customizing the rate limit for indivi...

Страница 364: ... is used to configure the acceptable level of CPU utilization as a percentage where the Switch leaves the Safeguard Engine state and returns to normal mode Click the Apply button to accept the changes made CPU Protect Counters This window is used to display and clear the CPU protection counter information To view the following window click Security Safeguard Engine CPU Protect Counters as shown be...

Страница 365: ...in Sub Interface Information are described below Parameter Description Sub Interface Select the sub interface option here Options to choose from are Manage Protocol and Route Click the Find button to locate a specific entry based on the information entered CPU Protect Type This window is used to display and configure the CPU protection type settings To view the following window click Security Safe...

Страница 366: ...S Click the Apply button to accept the changes made Click the Delete button to remove the specific entry Traffic Segmentation Settings This window is used to display and configure the traffic segmentation settings When the traffic segmentation forwarding domain is specified packets received by the port will be restricted in Layer 2 packet forwarding to interfaces within the domain When the forward...

Страница 367: ...ect the forward Switch unit that will be used for this configuration here From Forward Port To Forward Port Select the forward port range used for the configuration here Click the Add button to add a new entry based on the information entered Click the Delete button to remove an entry based on the information entered Storm Control This window is used to display and configure the storm control sett...

Страница 368: ...hoose from are Broadcast Multicast and Unicast When the action is configured as the shutdown mode the unicast refers to both known and unknown unicast packets that is if the known and unknown unicast packets hit the specified threshold the port will be shutdown Otherwise unicast refers to unknown unicast packets Action Select the action that will be taken here Options to choose from are None Shutd...

Страница 369: ... is not specified the default value is 80 of the specified risen level Click the Apply button to accept the changes made DoS Attack Prevention Settings This window is used to display and configure the Denial of Service DoS attack prevention settings The following well known DoS types which can be detected by most Switches Land Attack This type of attack involves IP packets where the source and des...

Страница 370: ...gs Window The fields that can be configured in SNMP Server Enable Traps DoS Settings are described below Parameter Description Trap State Select to enable or disable the DoS attack prevention trap state here Click the Apply button to accept the changes made The fields that can be configured in DoS Attack Prevention Settings are described below Parameter Description DoS Type Selection Tick the DoS ...

Страница 371: ...nfigure the encryption algorithm that SSH will use to encrypt and decrypt messages sent between the SSH client and the SSH server using the SSH Authentication Method and Algorithm Settings window Finally enable SSH on the Switch using the SSH Configuration window After completing the preceding steps a SSH Client on a remote PC can be configured to manage the Switch using a secure in band connectio...

Страница 372: ...e button to generate a host key based on the selections made Click the Delete button to remove a host key based on the selections made The fields that can be configured in Host Key are described below Parameter Description Crypto Key Type Select the crypto key type used here Options to choose from are the Rivest Shamir Adleman RSA key type and the Digital Signature Algorithm DSA key type After cli...

Страница 373: ...cation Method enter the public key here Host Name After selecting the Host based option as the Authentication Method enter the host name here IPv4 Address After selecting the Host based option as the Authentication Method select and enter the IPv4 address here IPv6 Address After selecting the Host based option as the Authentication Method select and enter the IPv6 address here Click the Apply butt...

Страница 374: ...n the Switch to create a three layered encryption code for secure communication between the server and the host The user may implement any one or combination of the cipher suites available yet different cipher suites will affect the security level and the performance of the secured connection The information included in the cipher suites is not included with the Switch and requires downloading fro...

Страница 375: ...e Crypto PKI Trustpoint This window is used to display and configure the crypto PKI trust point settings To view the following window click Security SSL Crypto PKI Trustpoint as shown below Figure 9 95 Crypto PKI Trustpoint Window The fields that can be configured are described below Parameter Description Trustpoint Enter the name of the trust point that is associated with the imported certificate...

Страница 376: ...gure 9 96 SSL Service Policy Window The fields that can be configured are described below Parameter Description Policy Name Enter the SSL service policy name here This name can be up to 32 characters long Version Select the SSL or TLS version SSL 3 0 Select to use SSL version 3 0 as the SSL service policy TLS 1 0 Select to use TLS version 1 0 as the SSL service policy TLS 1 1 Select to use TLS ver...

Страница 377: ...encryption for message encryption and SHA for message digest RSA_WITH_AES_256_CBC_SHA Select to use RSA key exchange with AES 256 bit encryption for message encryption and SHA for message digest RSA_WITH_AES_128_CBC_SHA256 Select to use RSA key exchange with AES 128 bit encryption for message encryption and SHA 256 bit for message digest RSA_WITH_AES_256_CBC_SHA256 Select to use RSA key exchange w...

Страница 378: ...ption SFTP Server Select to globally enable or disable the SFTP server feature here Idle Timeout Enter the idle timeout value here If the SFTP server detects no operation after the duration of the idle timer for a specific SFTP session the Switch will close this SFTP session The range is from 30 to 600 seconds By default this value is 120 seconds Click the Apply button to accept the changes made ...

Страница 379: ...rs a trap will be sent out LCK Trap State Select to enable or disable the CFM Locked Signal LCK trap feature here If the trap status of LCK is enabled once an ETH LCK event occurs or an ETH LCK event clears a trap will be sent out All MPs Reply LTRs Select to enable or disable the all MPs Linktrace Reply LTR feature here According to IEEE 802 1ag a Bridge replies with one LTR to a Linktrace Messag...

Страница 380: ...ated value indicates whether the management entity can create MIP Half Functions MHF for a maintenance domain Options to choose from are None Auto and Explicit None Specifies not to create the MIP for a maintenance domain Auto Specifies that MIPs will be created on any port for the MAs in this maintenance domain when there is no MEP configured on that port for the MAs with the same VID at this MD ...

Страница 381: ... Enter the Maintenance Association MA entry s name here This name can be up to 22 characters long Each MA in an MD must have a unique MA name MAs configured in different MDs may have the same MA identifier When the MA entry is deleted the configuration on it is also deleted MA VID Enter the Maintenance Association MA entry s VLAN ID here The range is from 1 to 4094 Click the Apply button to accept...

Страница 382: ...e MA with the same VID at the next lower active MD level or there is no MA with the same VID at any lower active MD levels For an intermediate Switch in an MA the setting must be Auto in order for the MIPs to be created on this device Explicit Specifies that MIPs will be created on any port for the MAs in this maintenance domain when there is no MEP configured on that port for the MAs with the sam...

Страница 383: ...ed here Direction Select the direction of the MEP here Options to choose from are Up and Down Up Specifies to create an inward facing up MEP Down Specifies to create an outward facing down MEP Click the Apply button to accept the changes made Click the Back button to return to the previous window Click the Show Detail button to view more detailed information about the specified MEP Click the Remov...

Страница 384: ...ch Web UI Reference Guide 374 Figure 10 6 CFM Settings Add MA Add MEP MEPID Detail Window Click the Edit button to modify the specified entry Click the Back button to return to the previous window After clicking the Edit button the following page will appear ...

Страница 385: ...by the MEP Fault Alarm Select the type of defects whose fault alarms can be sent by this MEP Options to choose from are None All MAC Status Remote CCM Error CCM and XCON CCM None Specifies that no fault alarm will be sent All Specifies that the fault alarms for all types of defects can be sent MAC Status Specifies that the fault alarms for the defects whose priority is equal to or higher than the ...

Страница 386: ... MIP and MEPs exist on The range is from 0 to 7 LCK State Select the enable or disable the LCK feature on this interface here LCK Period Select the transmitting interval of the LCK PDU here Options to choose from are 1 Seconds and 1 Minute The default period is 1 second LCK Client Level Select the client level ID to which the MEP sends the LCK PDU here The default client MD level is the MD level t...

Страница 387: ...cribed below Parameter Description MAC Address Enter the MAC address for the DM test here Period Interval Select the period interval time here This specifies the transmitting period of the DDM message and diagnostic interval Options to choose from are 100ms 1sec The transmission period is 100 milliseconds and the diagnostic interval is 1 second 1sec 10sec The transmission period is 1 second and th...

Страница 388: ...n the selection made Click the Clear All button to clear all the CFM DM statistics information Click the Back button to return to the previous window After clicking the Edit LM button the following page will appear Figure 10 11 CFM Settings Add MA Add MEP Edit LM Window The fields that can be configured in CFM LM Settings are described below Parameter Description State Select to enable or disable ...

Страница 389: ...ored LM results Statistics Specifies to clear the stored statistics of ETH LM frames LMM and LMR Click the Clear button to clear the CFM LM statistics information based on the selection made Click the Clear All button to clear all the CFM LM statistics information Click the Back button to return to the previous window CFM Port Settings This window is used to display and configure the CFM feature s...

Страница 390: ... and enter the remote MEP s ID here The range is from 1 to 8191 MEPID Enter the MEP s ID that will initiate the loopback test here The range is from 1 to 8191 MA Name Enter the MA s name here This name can be up to 22 characters long Domain Name Enter the MD s name here This name can be up to 22 characters long LBMs Number Enter the number of LBMs to be sent here The range is from 1 to 65535 By de...

Страница 391: ...e The range is from 1 to 8191 MA Name Enter the MA s name here The name can be up to 22 characters long Domain Name Enter the MD s name here The name can be up to 22 characters long TTL Enter the link trace message s TTL value here The range is from 2 to 255 The default value is 64 PDU Priority Select the 802 1p priority to be set in the transmitted LBMs here If not specified it uses the same prio...

Страница 392: ...view the following window click OAM CFM CFM Packet Counter as shown below Figure 10 17 CFM Packet Counter Window The fields that can be configured are described below Parameter Description Unit Select the Switch s unit ID that will be used here Port Select the Switch s port that will be used here Type Select the type of counter information that will be cleared or displayed here Options to choose f...

Страница 393: ...CM Table This window is used to display the MIP CCM database entries To view the following window click OAM CFM CFM MIP CCM Table as shown below Figure 10 19 CFM MIP CCM Table Window CFM MEP Fault Table This window is used to display the MEPs that have faults To view the following window click OAM CFM CFM MEP Fault Table as shown below Figure 10 20 CFM MEP Fault Table Window Cable Diagnostics The ...

Страница 394: ...Select the appropriate port range used for the configuration here Click the Test button to test the specific port Click the Clear button to clear all the information for the specific port Click the Clear All button to clear all the information in this table Ethernet OAM Ethernet OAM Settings This window is used to display and configure the Ethernet Operations Administration and Maintenance OAM set...

Страница 395: ...owing two actions are allowed by ports in the active mode but disallowed by ports in the passive mode 1 Initiate OAM discovery 2 Start or stop remote loopback Received Remote Loopback Select to configure the behavior of the received remote loopback requirement from the peer on the specified port s here Options to choose from are Ignore and Process Ignore Specifies not to react to remote loopback r...

Страница 396: ...al client is already in the remote loopback mode then this feature cannot be applied Click the Apply button to accept the changes made The fields that can be configured in Ethernet OAM Table are described below Parameter Description Unit Select the Switch s unit ID that will be used here From Port To Port Select the Switch s port range that will be used here Click the Find button to locate a speci...

Страница 397: ...ent bit set when an unrecoverable local failure condition has occurred Critical Event Select to enable or disable the critical event feature here This feature is used to configure the capability of the critical event If the capability for a critical event is disabled the port will never send out OAM PDUs with critical event bit set when an unspecified critical event has occurred Link Monitor Selec...

Страница 398: ...r the amount of time over which the threshold is defined here If threshold symbol errors occur within the period an event notification OAM PDU should be generated with an error symbol period event TLV indicating that the threshold has been crossed in this window The range is from 10 to 600 deciseconds When Error Frame is selected as the link monitor enter the amount of time over which the threshol...

Страница 399: ...vent Log Table as shown below Figure 10 24 Ethernet OAM Event Log Table Window The fields that can be configured are described below Parameter Description Unit Select the Switch s unit ID that will be used here Port Select the Switch s port that will be used here Action Select the Find option to find and display the log entries associated with the specified port Select the Clear option to clear th...

Страница 400: ...lick the Find button to find and display the statistics information associated with the specified port s Click the Show All button to display all the statistics information Ethernet OAM DULD Settings This window is used to display and configure the Ethernet OAM feature s D Link Unidirectional Link Detection DULD settings DULD is an extension of 802 3ah Ethernet OAM It provides a mechanism to detec...

Страница 401: ...n on the specified port s Action Select the action that will be taken here Options to choose from are Normal and Shutdown Discovery Time Enter the discovery time value here The range is from 5 to 65535 seconds By default this value is 5 seconds If the OAM discovery does not successfully negotiate before discovery time expired OAM unidirectional link detection will start Click the Apply button to a...

Страница 402: ...toring traps alarm feature here Transceiver Monitoring Traps Warning Select to enable or disable the transceiver monitoring traps warning feature here Click the Apply button to accept the changes made The fields that can be configured in DDM Shutdown Settings are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select...

Страница 403: ...ere Port Select the port used for the configuration here Action Select the action that will be taken here Options to choose from are Add and Delete Type Select the type of temperature threshold Options to choose from are Low Alarm Low Warning High Alarm and High Warning Value Enter the threshold value This value must be between 128 and 127 996 C Click the Apply button to accept the changes made DD...

Страница 404: ...ch To view the following window click OAM DDM DDM Bias Current Threshold Settings as shown below Figure 10 30 DDM Bias Current Threshold Settings Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here Port Select the port used for the configuration here Action Select the action that will be taken ...

Страница 405: ...High Alarm and High Warning Power Unit Select the power unit here Options to choose from are mW and dBm Value Enter the threshold value either in mW or dBm here When selecting mW in the Power Unit drop down list this value must be between 0 and 6 5535 When selecting dBm in the Power Unit drop down list this value must be between 40 and 8 1647 Click the Apply button to accept the changes made DDM R...

Страница 406: ...g Power Unit Select the power unit here Options to choose from are mW and dBm Value Enter the threshold value either in mW or dBm here When selecting mW in the Power Unit drop down list this value must be between 0 and 6 5535 When selecting dBm in the Power Unit drop down list this value must be between 40 and 8 1647 Click the Apply button to accept the changes made DDM Status Table This window is...

Страница 407: ...face VLAN Enter the VLAN ID that will be used here The range is from 1 to 4094 Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the range of ports that will be used for this configuration here Select the All option to use all the ports in this configuration Frame Type Select the frame type here Options to choose from are Broadcast Specifies to coun...

Страница 408: ...raffic count settings TX Specifies to display egress traffic count settings Both Specifies to display ingress and egress traffic count settings Click the Find button to display entries in the table based on the information entered selected Enter a page number and click the Go button to navigate to a specific page when multiple pages exist Utilization Port Utilization This window is used to display...

Страница 409: ...3 History Utilization Memory Window After selecting CPU as the Type the following window will appear Figure 11 4 History Utilization CPU Window After selecting Port as the Type the following window will appear Figure 11 5 History Utilization Port Window The fields that can be configured are described below Parameter Description Type Select the history utilization type to display here Options to ch...

Страница 410: ...rom 48 hours ago until 24 hours ago Slot Index Select the slot index here Options to choose from are All and 1 to 5 Click the Find button to display entries in the table based on the information selected Statistics Port This window is used to display the port statistics information To view the following window click Monitoring Statistics Port as shown below Figure 11 6 Port Window The fields that ...

Страница 411: ...rt Show Detail Window Click the Back button to return to the previous window Click the Refresh button to refresh the information displayed in the table CPU Port This window is used to display the CPU statistics information To view the following window click Monitoring Statistics CPU Port as shown below ...

Страница 412: ...are All Layer 2 L2 Layer 3 L3 and Protocol Click the Find button to display entries in the table based on the information selected Click the Refresh button to refresh the information displayed in the table Click the Clear All button clear all the statistics information displayed in the table Interface Counters This window is used to display the interface counter information To view the following w...

Страница 413: ...the Switch unit that will be used in this display here From Port To Port Select the range of ports that will be used in this display here Click the Find button to display entries in the table based on the information selected Click the Refresh button to refresh the information displayed in the table Click the Show Errors button to view more detailed error information on the specified port After cl...

Страница 414: ...ibed below Parameter Description Type Select the type of information to display here Options to choose from are Port and VLAN Interface VLAN Enter the VLAN ID that will be used in this display here Click the Find button to display entries in the table based on the information selected entered Click the Refresh button to refresh the information displayed in the table Interface History Counters This...

Страница 415: ...t value here Options to choose from are 15 Minutes Specifies to display 15 minute based statistics count 1 Day Specifies to display daily based statistics count For 15 minute based statistics slot 1 represents the time from 15 minutes ago until now slot 2 represents the time from 30 minutes ago until 15 minutes ago and so on For 1 day based statistics slot 1 represents the time from 24 hours ago u...

Страница 416: ...itch unit that will be used in this display here From Port To Port Select the range of ports that will be used in this display here Click the Find button to display entries in the table based on the information selected Click the Refresh button to refresh the counter information displayed in the table Click the Clear button clear the counter information displayed in the table based on the informat...

Страница 417: ...eb UI Reference Guide 407 Figure 11 14 Counters Show Detail Window Click the Back button to return to the previous window Click the Refresh button to refresh the information displayed in the table After selecting VLAN as the Type the following window will appear ...

Страница 418: ...isplayed in the table Click the Clear button clear the counter information displayed in the table based on the information selected entered Click the Clear All button clear all the counter information displayed in the table Mirror Settings This window is used to display and configure the mirror feature s settings The Switch allows users to copy frames transmitted and received on a port and redirec...

Страница 419: ...n Options to choose from are Port and Remote VLAN Port After selecting this option select the Switch s unit ID and destination port number from the drop down menus Remote VLAN After selecting this option select the Switch s unit ID and destination port number from the drop down menus and enter the VID in the space provided The VID must be between 2 and 4094 Source Tick the checkbox next to the Sou...

Страница 420: ...he information entered The fields that can be configured for Mirror Session Table are described below Parameter Description Mirror Session Type Select the mirror session type of information that will be displayed from the drop down menu Options to choose from are All Session Session Number Remote Session and Local Session After selecting the Session Number option select the session number from the...

Страница 421: ...e Enter the expiration time for the entry here The parameters of the entry will reset when the timer expired The range is from 0 to 2000000 seconds Selecting Infinite specifies that the entry will not expire Max Datagram Size Enter the maximum number of data bytes of a single sFlow datagram here The range is from 700 to 1400 bytes By default this value is 1400 bytes Collector Address Enter the rem...

Страница 422: ...nbound specifies to sample ingress packets This is the default direction of a sampler Selecting Outbound specifies to sample egress packets Sampling Rate Enter packet sampling rate here This value must be between 0 and 65536 Entering 0 will disable this function If not specified the default value is 0 Max Header Size Enter the maximum number of bytes that should be copied from sampled packets This...

Страница 423: ...d click the Go button to navigate to a specific page when multiple pages exist Device Environment The device environment feature displays the Switch internal temperature status To view the following window click Monitoring Device Environment as shown below Figure 11 22 Device Environment Window External Alarm Settings This window is used to display and configure the external alarm settings This is...

Страница 424: ... The fields that can be configured in External Alarm Settings are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here Channel Select the channel to be configured here The range is from 1 to 4 Message Enter the alarm message associated with the channel here This string can be up to 128 characters long Click the Apply button to accept the c...

Страница 425: ...ower saving feature This feature will allow the Switch to automatically detect the cable length connected to the port and increase or reduce the required power to this port accordingly to save power Scheduled Port shutdown Power Saving Select this option to enable or disable applying the power saving by scheduled port shutdown Scheduled Dim LED Power Saving Select this option to enable or disable ...

Страница 426: ...eter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here Time Range Enter the name of the time range to associate with the ports Click the Apply button to accept the changes made Click the Delete button to remove the specified entry EEE Energy Efficient Ethernet EEE is defined in I...

Страница 427: ...e described below Parameter Description Unit Select the Switch unit that will be used for this configuration here From Port To Port Select the appropriate port range used for the configuration here State Select this option to enable or disable the state of this feature here Click the Apply button to accept the changes made ...

Страница 428: ...e Configuration as shown below Figure 13 1 Save Configuration Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here File Path Enter the filename and path in the space provided Click the Apply button to save the configuration Firmware Upgrade Backup Firmware Upgrade from HTTP This window is used t...

Страница 429: ...om TFTP as shown below Figure 13 3 Firmware Upgrade from TFTP Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here TFTP Server IP Enter the TFTP server s IP address here When select the IPv4 option enter the IPv4 address of the TFTP server in the space provided When the IPv6 option is selected e...

Страница 430: ...e can be up to 32 characters long Password Enter the password used for the FTP connection here This password can be up to 15 characters long Source File Enter the source filename and path of the firmware file located on the FTP server here This field can be up to 64 characters long Destination File Enter the destination path and location where the new firmware should be stored on the Switch This f...

Страница 431: ...window is used to initiate a firmware backup to a local PC using HTTP To view the following window click Tools Firmware Upgrade Backup Firmware Backup to HTTP as shown below Figure 13 6 Firmware Backup to HTTP Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here Source File Enter the source file...

Страница 432: ...up Firmware Backup to FTP as shown below Figure 13 8 Firmware Backup to FTP Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here FTP Server IP Enter the FTP server s IP address here When select the IPv4 option enter the IPv4 address of the FTP server in the space provided When the IPv6 option is...

Страница 433: ...path of the firmware file located on the Switch here This field can be up to 64 characters long Destination File Enter the destination filename and path of the firmware file to be backed up to the RCP server here This field can be up to 64 characters long Click the Backup button to initiate the firmware backup Configuration Restore Backup Configuration Restore from HTTP This window is used to init...

Страница 434: ...at can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here TFTP Server IP Enter the TFTP server s IP address here When select the IPv4 option enter the IPv4 address of the TFTP server in the space provided When the IPv6 option is selected enter the IPv6 address of the TFTP server in the space provided Source File Enter t...

Страница 435: ...ere This password can be up to 15 characters long Source File Enter the source filename and path of the configuration file located on the FTP server here This field can be up to 64 characters long Destination File Enter the destination path and location where the configuration file should be stored on the Switch This field can be up to 64 characters long Select the running config option to restore...

Страница 436: ...e configuration file on the Switch with this one Click the Restore button to initiate the configuration restore Configuration Backup to HTTP This window is used to initiate a configuration file backup to a local PC using HTTP To view the following window click Tools Configuration Restore Backup Configuration Backup to HTTP as shown below Figure 13 14 Configuration Backup to HTTP Window The fields ...

Страница 437: ...p configuration file from the Switch Destination File Enter the destination path and location where the configuration file should be stored on the TFTP server This field can be up to 64 characters long Click the Backup button to initiate the configuration file backup Configuration Backup to FTP This window is used to initiate a configuration file backup to an FTP server To view the following windo...

Страница 438: ...e backup to an RCP server To view the following window click Tools Configuration Restore Backup Configuration Backup to RCP as shown below Figure 13 17 Configuration Backup to RCP Window The fields that can be configured are described below Parameter Description Unit Select the Switch unit that will be used for this configuration here RCP Server IP Enter the RCP server s IP address here User Name ...

Страница 439: ...13 19 Log Backup to TFTP Window The fields that can be configured are described below Parameter Description TFTP Server IP Enter the TFTP server s IP address here When select the IPv4 option enter the IPv4 address of the TFTP server in the space provided When the IPv6 option is selected enter the IPv6 address of the TFTP server in the space provided Destination File Enter the destination path and ...

Страница 440: ...ed on the RCP server This field can be up to 64 characters long Log Type Select the log type that will be backed up to the RCP server When the System Log option is selected the system log will be backed up When the Attack Log is selected the attack log will be backed up Click the Backup button to initiate the system log backup Ping Ping is a small program that sends ICMP Echo packets to the IP add...

Страница 441: ...ct and enter the domain name of the system to discover Ping Times Enter the number of times desired to attempt to Ping the IPv4 address configured in this window Users may enter a number of times between 1 and 255 Tick the Infinite check box to keep sending ICMP Echo packets to the specified IP address until the program is stopped Timeout Select a timeout period between 1 and 99 seconds for this P...

Страница 442: ... Ping packet will be dropped Frequency Enter the frequency time for the ping here The range is from 0 to 86400 Source IPv6 Address Enter the source IPv6 address If the current Switch has more than one IPv6 address you can enter one of them to this field When entered this IPv6 address will be used as the packets source IP address sent to the remote host or as primary IP address Click the Start butt...

Страница 443: ...n two devices The range for the TTL is 1 to 255 hops Port Enter the port number here The value range is from 1 to 65535 Timeout Enter the timeout period while waiting for a response from the remote device here A value of 1 to 65535 seconds can be specified The default is 5 seconds Frequency Enter the frequency time for the trace route here The range is from 0 to 86400 Probe Number Enter the probe ...

Страница 444: ...ng IPv4 Trace Route Result section will appear Figure 13 25 Trace Route Start Window Click the Back button to stop the trace route and return to the IPv4 Trace Route section Reset This window is used to reset the Switch s configuration to the factory default settings To view the following window click Tools Reset as shown below Figure 13 26 Reset Window Select one of the following options The Swit...

Страница 445: ...witch License keys are sold in the market It may be printed on a physical package or be displayed in an e mail or a portal The user needs to register the license key on the Global Registration Portal to get the activation code Install the proper activation code rather than license key to activate unlock some features After the activation code was installed successfully reboot the Switch to activat...

Страница 446: ...e Switch Power on the Switch After the Starting runtime image message was displayed the Switch will allow 1 second for the user to press the hotkey Shift 6 to enter the Password Recovery Mode Enter the hotkey continuously to ensure that the timing is correct Once the Switch enters the Password Recovery Mode all ports on the Switch will be disabled Boot Procedure V1 00 006 Power On Self Test 100 MA...

Страница 447: ...abled Log Message AAA is status Parameters description status The status indicates the AAA enabled or disabled Informational Event description Successful login Log Message Successful login through exec type from client ip authenticated by AAA aaa method server ip Username username Parameters description exec type It indicates the EXEC types e g Console Telnet SSH Web Web SSL client ip It indicates...

Страница 448: ...ss if valid through IP protocol aaa method It indicates the authentication method e g none local server server ip It indicates the AAA server IP address if authentication method is remote server username It indicates the username for authentication Warning Event description the remote server does not respond to the enable password authentication request Log Message Enable privilege failed through ...

Страница 449: ...ntication interface id It indicates the port number of the client authenticated acl script The assign ACL script that authorized by from RADIUS server Warning Auto Save Config Log Description Severity Event description Record the event when the configure information of DDP is saved automatically Log Message CONFIG 6 DDPSAVECONFIG Unit unitID Configuration automatically saved to flash due to config...

Страница 450: ...ents the MAC address of the MEP The value all zeros means unknown MAC address Note In CFM hardware mode remote MEP information mepid and macaddr is unknown Warning Event description Cannot receive the remote MEP s CCM packet Log Message CFM remote down MD Level mdlevel VLAN vlanid Local Interface interface id Direction mepdirection Parameters description vlanid Represents the VLAN identifier of th...

Страница 451: ...rameters description vlanid Represents the VLAN identifier of the MEP mdlevel Represents the MD level of the MEP interface id Represents the interface number of the MEP mepdirection Represents the direction of the MEP This can be inward or outward mepid Represents the MEPID of the MEP Notice Event description LCK condition detected Log Message LCK condition detected MD Level mdlevel VLAN vlanid Lo...

Страница 452: ...address pathFile Path and file name on server Warning Event description Firmware uploaded successfully Log Message Unit unitID Firmware uploaded by session successfully Username username IP ipaddr MAC macaddr Server IP serverIP File Name pathFile Parameters description unitID The unit ID session The user s session username Represent current login user ipaddr Represent client IP address macaddr Rep...

Страница 453: ...it unitID Configuration uploaded by session successfully Username username IP ipaddr MAC macaddr Server IP serverIP File Name pathFile Parameters description unitID The unit ID session The user s session username Represent current login user ipaddr Represent client IP address macaddr Represent client MAC address serverIP Server IP address pathFile Path and file name on server Informational Event d...

Страница 454: ...ration DUT will add a log Log Message Duplicate address ipv6address on interface id via receiving Neighbor Advertisement Messages Parameters description ipv6address ipv6 address in Neighbor Advertisement Messages interface id port interface ID Warning DDM Log Description Severity Event description when the any of SFP parameters exceeds from the warning threshold Log Message Optical transceiver int...

Страница 455: ... ipv6 address obtained from a DHCPv6 server ipif name Name of the DHCPv6 client interface Informational Event description The ipv6 address obtained from a DHCPv6 server starts renewing Log Message The IPv6 address ipv6address on interface ipif name starts renewing Parameters description ipv6address ipv6 address obtained from a DHCPv6 server ipif name Name of the DHCPv6 client interface Information...

Страница 456: ... interface intf name starts renewing Parameters description ipv6networkaddr IPv6 prefix obtained from a delegation router intf name Name of the DHCPv6 client PD interface Informational Event description The IPv6 prefix obtained from a delegation router renews success Log Message The IPv6 prefix ipv6networkaddr on interface intf name renews success Parameters description ipv6anetworkaddr IPv6 prefi...

Страница 457: ...onal DLMS Log Description Severity Event Description Input an illegal activation code Log Message Illegal activation code AC string25 Parameters Description string25 Activation Code Informational Event Description License Expired Log Message License expired license license model AC string25 Parameters Description license model License Model Name string25 Activation Code Critical Event Description ...

Страница 458: ... Severity Event description A unidirectional link has been detected on this port Log Message DULD INTERFACE ID is detected as unidirectional link Parameters description INTERFACE ID The interface name Warning Dynamic ARP Inspection Log Description Severity Event description Detect illegal ARP packet Log Message Illegal ARP type packets IP ip address MAC mac address VLAN vlan id on interface id Par...

Страница 459: ... OAM disable Port shutdown Port link down Packet overload Warning Event description Error Symbol Period Event remote Log Message Error symbol period event received Port interface id Parameters description interface id The interface name Warning Event description Error Frame Event Log Message Error frame event received Port interface id Parameters description interface id The interface name Warning...

Страница 460: ...ted Broadcast packet rate is high on subnet IP s Parameters description IP the Broadcast IP destination address Informational Event description IP Directed broadcast rate exceed 100 packets per second Log Message IP Directed Broadcast rate is high Informational IPSG Log Description Severity Event description When there is no hardware rule resource to set DHCP Snooping entry into IPSG table the sys...

Страница 461: ...rt unitID portNum VID vlanID LBD recovered Loop detection restarted Parameters Description unitID The unit ID portNum The port number vlanID The VLAN ID number Informational Event Description The number of VLANs that loop back has occurred hit the specified number Log Message Loop VLAN number overflow Parameters Description None Informational LLDP MED Log Description Severity Event description LLD...

Страница 462: ...3 portComponent 3 4 macAddress 4 5 networkAddress 5 6 interfaceName 6 7 local 7 chassisID chassis ID portType port ID subtype Value list 1 interfaceAlias 1 2 portComponent 2 3 macAddress 3 4 networkAddress 4 5 interfaceName 5 6 agentCircuitId 6 7 local 7 portID port ID deviceClass LLDP MED device type Notice Event description Incompatible LLDP MED TLV set detected Log Message Incompatible LLDP MED...

Страница 463: ...vent description Console session timed out Log Message Unit unitID Console session timed out Username username Parameters description unitID The unit ID username Represent current login user Informational Event description Logout through console Log Message Unit unitID Logout through Console Username username Parameters description unitID The unit ID username Represent current login user Informati...

Страница 464: ...ess ipv6addr Represent client IPv6 address Informational Event description Login through SSH unsuccessfully Log Message Login failed through SSH Username username IP ipaddr ipv6address Parameters description username Represent current login user ipaddr Represent client IP address ipv6addr Represent client IPv6 address Critical Event description SSH session timed out Log Message SSH session timed o...

Страница 465: ...enters stop learning state Warning Event description the authorized user number on the whole device is below the maximum user limit in a time interval Log Message MAC based Access Control recovers from stop learning state Warning Event description the authorized user number on an interface has reached the maximum user limit Log Message interface id enters MAC based Access Control stop learning sta...

Страница 466: ... old_role new_role Parameters description InstanceID Instance ID portNum Port ID old_role Old role new_status New role Informational Event description Spanning Tree instance created Log Message Spanning Tree instance created Instance InstanceID Parameters description InstanceID Instance ID Informational Event description Spanning Tree instance deleted Log Message Spanning Tree instance deleted Ins...

Страница 467: ...scription Unit id The unit ID Fan id The FAN ID Critical Event description Temperature sensor enters alarm state Log Message Unit unitID Temperature sensor sensorID enters alarm state current temperature temperature Parameters description unitID The unit ID sensorID The sensor ID temperature The temperature Warning Event description Temperature recovers to normal Log Message Unit unitID Temperatur...

Страница 468: ...s the speed and duplex of link Informational Event description port link down Log Message Port port link down Parameters description port Represents the logical port number Informational Port Security Log Description Severity Event description Address full on a port Log Message MAC address mac address causes port security violation on interface id Parameters description macaddr The violation MAC a...

Страница 469: ...sage Unit unitID SRM mode is different with master Parameters description unitID the Unit ID of device in the stacking system Alert SSH Log Description Severity Event description SSH server is enabled Log Message SSH server is enabled Informational Event description SSH server is disabled Log Message SSH server is disabled Informational Event description Login failed through SSH Log Message Login ...

Страница 470: ...eters description unitID Box ID macaddr The MAC addresses of the conflicting boxes Critical Storm Control Log Description Severity Event description Storm occurrence Log Message Broadcast Multicast Unicast storm is occurring on interface id Parameters description Broadcast Storm is resulted by broadcast packets DA FF FF FF FF FF FF Multicast Storm is resulted by multicast packets including unknown...

Страница 471: ...Warning Event description Logout through Telnet Log Message Logout through Telnet Username username IP ipaddr Parameters description ipaddr The IP address of telnet client username the user name that used to login telnet server Informational Event description Telnet session timed out Log Message Telnet session timed out Username username IP ipaddr Parameters description ipaddr The IP address of te...

Страница 472: ...ame on which virtual router is based Warning Event description Virtual router ID mismatch of one received VRRP advertisement message Log Message Received ADV msg virtual router ID mismatch VR vr id at interface intf name Parameters description vr id VRRP virtual router ID intf name Interface name on which virtual router is based Warning Event description Advertisement interval mismatch of one rece...

Страница 473: ... mac addr VRRP virtual MAC address Error Event description Failed when adding a virtual MAC into switch L3 table The port where the MAC is learned from is invalid Log Message Failed to add virtual IP vrrp ip addr MAC vrrp mac addr into L3 table Port mac port is invalid Parameters description vrrp ip addr VRRP virtual IP address vrrp mac addr VRRP virtual MAC address mac port port number of VRRP vi...

Страница 474: ...dress IPv6 address macaddr MAC address unitID The unit ID portNum The port number Warning Event description This log will be triggered when the number of authorized users reaches the maximum user limit on the whole device Log Message Web Authentication enters stop learning state Warning Event description This log will be triggered when the number of authorized users is below the maximum user limit...

Страница 475: ...sername IP ipaddr Parameters description username The username that used to login HTTP server ipaddr The IP address of HTTP client Informational Event description Successful login through Web SSL Log Message Successful login through Web SSL Username username IP ipaddr Parameters description username The username that used to login SSL server ipaddr The IP address of SSL client Informational Event ...

Страница 476: ...aSessionAuthVlan 4 dnaSessionAuthUserName 5 dDot1xExtNotifyFailReason 1 3 6 1 4 1 171 14 30 0 2 Authentication Fail Trap Name Description OID authenticationFailure An authenticationFailure trap signifies that the SNMPv2 entity acting in an agent role has received a protocol message that is not properly authenticated While all implementations of the SNMPv2 must be capable of generating this trap th...

Страница 477: ...jects 1 dCfmEventMdIndex 2 dCfmEventMaIndex 3 dCfmEventMepIdentifier 1 3 6 1 4 1 171 14 86 0 3 dCfmLockCleared This trap is initiated when local MEP exits lock status Binding objects 1 dCfmEventMdIndex 2 dCfmEventMaIndex 3 dCfmEventMepIdentifier 1 3 6 1 4 1 171 14 86 0 4 DDM Trap Name Description OID dDdmAlarmTrap A notification is generated when an abnormal alarm situation occurs or recovers from...

Страница 478: ...ck Binding objects 1 dDoSPrevCtrlAttackType 2 dDosPrevNotiInfoDropIpAddr 3 dDosPrevNotiInfoDropPortNumber 1 3 6 1 4 1 171 14 59 0 2 ERPS Trap Name Description OID dErpsFailuredetectedNotif A dErpsFailureNotification is sent when dErpsNotificationEnabled is true and a signal failure is detected 1 3 6 1 4 1 171 14 78 0 1 dErpsFailureClearedNotif A dErpsFailureClearedNotif is sent when dErpsNotificat...

Страница 479: ...ress 5 dImpbViolationVlan 1 3 6 1 4 1 171 14 22 0 1 LBD Trap Name Description OID swPortLoopOccurred The trap is sent when a port loop occurs Binding objects 1 swLoopDetectPortIndex 1 3 6 1 4 1 171 14 46 0 1 swPortLoopRestart The trap is sent when a port loop restarts after the interval time Binding objects 1 swLoopDetectPortIndex 1 3 6 1 4 1 171 14 46 0 2 swVlanLoopOccurred The trap is sent when ...

Страница 480: ... Control host ages out Binding objects 1 ifIndex 2 dnaSessionClientMacAddress 3 dnaSessionAuthVlan 1 3 6 1 4 1 171 14 153 0 3 MSTP Trap Name Description OID newRoot The newRoot trap indicates that the sending agent has become the new root of the Spanning Tree the trap is sent by a bridge soon after its election as the new root e g upon expiration of the Topology Change Timer immediately subsequent...

Страница 481: ...eripheral Trap Name Description OID dEntityExtFanStatusChg The commander Switch will send this notification when a fan fails dEntityExtEnvFanStatus is fault or recovers dEntityExtEnvFanStatus is ok Binding objects 1 dEntityExtEnvFanUnitId 2 dEntityExtEnvFanIndex 3 dEntityExtEnvFanStatus 1 3 6 1 4 1 171 14 5 0 1 dEntityExtThermalStatusChg The commander Switch will send this notification when a ther...

Страница 482: ...trigger trap messages to be sent out Binding objects 1 ifIndex 2 dPortSecIfCurrentStatus 3 dPortSecIfLastMacAddress 1 3 6 1 4 1 171 14 8 0 1 RMON Trap Name Description OID risingAlarm The SNMP trap that is generated when an alarm entry crosses its rising threshold and generates an event that is configured for sending SNMP traps Binding objects 1 alarmIndex 2 alarmVariable 3 alarmSampleType 4 alarm...

Страница 483: ... 4 1 171 12 8 6 0 12 swSingleIPMSLinkDown The commander Switch will send this notification when its member generates a link down notification Binding objects 1 swSingleIPMSID 2 swSingleIPMSMacAddr 3 ifIndex 1 3 6 1 4 1 171 12 8 6 0 13 swSingleIPMSLinkUp The commander Switch will send this notification when its member generates a link up notification Binding objects 1 swSingleIPMSID 2 swSingleIPMSM...

Страница 484: ... 1 ifIndex 2 dStormCtrlNotifyTrafficType 1 3 6 1 4 1 171 14 25 0 2 System File Trap Name Description OID dsfUploadImage The notification is sent when the user uploads image file successfully 1 3 6 1 4 1 171 14 14 0 1 dsfDownloadImage The notification is sent when the user downloads image file successfully 1 3 6 1 4 1 171 14 14 0 2 dsfUploadCfg The notification is sent when the user uploads configu...

Страница 485: ...ith this router s authentication key or authentication type Implementation of this trap is optional Binding objects 1 vrrpTrapPacketSrc 2 vrrpTrapAuthErrorType 1 3 6 1 2 1 68 0 2 WAC Trap Name Description OID swWACLoggedSuccess The trap is sent when a WAC client pass the authentication Binding objects 1 swWACAuthStatePort 2 swWACAuthStateOriginalVid 3 swWACAuthStateMACAddr 4 swWACAuthUserName 5 sw...

Страница 486: ...re the privilege level attribute and authenticates successfully the device will not assign any privilege level to the access user If the privilege level is configured less than the minimum supported value or greater than the maximum supported value the privilege level will be ignored To assign the Ingress Egress Bandwidth by the RADIUS server the proper parameters should be configured on the RADIU...

Страница 487: ...onfigured on the RADIUS server To use VLAN assignment RFC 3580 defines the following tunnel attributes in RADIUS packets The table below shows the parameters for a VLAN RADIUS Tunnel Attribute Description Value Usage Tunnel Type This attribute indicates the tunneling protocol s to be used in the case of a tunnel initiator or the tunneling protocol in use in the case of a tunnel terminator 13 VLAN ...

Страница 488: ...c Attribute are RADIUS Tunnel Attribute Description Value Usage Vendor ID Defines the vendor 171 DLINK Required Vendor Type Defines the attribute 14 for ACL script Required Attribute Specific Field Used to assign the ACL script The format is based on Access Control List ACL Commands ACL Script For example ip access list a1 permit host 10 90 90 100 exit mac access list extended m1 permit host 00 00...

Страница 489: ... attributes are defined in the RFC 2865 Remote Authentication Dial In User Service RADIUS RFC 2866 RADIUS Accounting RFC 2868 RADIUS Attributes for Tunnel Protocol Support and RFC 2869 RADIUS Extensions The following table lists the IETF RADIUS attributes supported by the D Link Switch RADIUS Authentication Attributes Number IETF Attribute 1 User Name 2 User Password 3 CHAP Password 4 NAS IP Addre...

Страница 490: ...Port 6 Service Type 8 Framed IP Address 31 Calling Station ID 32 NAS Identifier 40 Acct Status Type 41 Acct Delay Time 42 Acct Input Octets 43 Acct Output Octets 44 Acct Session ID 45 Acct Authentic 46 Acct Session Time 47 Acct Input Packets 48 Acct Output Packets 49 Acct Terminate Cause 52 Acct Input Gigawords 53 Acct Output Gigawords 61 NAS Port Type 95 NAS IPv6 Address ...

Отзывы:

Нет отзывов

Похожие инструкции для DXS-3400 SERIES

Бренд: Lanner Страницы: 2

Бренд: NETGEAR Страницы: 14

Бренд: I-O Wireless Страницы: 55

Бренд: ADTRAN Страницы: 2

InnoMedia MTA 3328-2R

Бренд: VoiceLine Страницы: 18

Бренд: LevelOne Страницы: 26

Бренд: QTech Страницы: 406

Бренд: Softing Страницы: 16

Бренд: VideoWave Страницы: 12

Бренд: Modecom Страницы: 16

Бренд: Variscite Страницы: 17

TEG-S16R - DATA SHEETS

Бренд: TRENDnet Страницы: 12

Бренд: Idis Страницы: 40

Бренд: H3C Страницы: 46

Бренд: ROBOfiber Страницы: 2

Бренд: Westermo Страницы: 22

Бренд: D-Link Страницы: 80

Бренд: Asus Страницы: 63

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды