background image

xStack DES-3500 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 

 

24

  

 

NOTICE

: Any changes made to the Switch configuration during the current session must be saved 

in the Save Changes web menu (explained below) or use the command line interface (CLI) 
command save. 

Web Pages 

When you connect to the management mode of the Switch with a web browser, a login window is displayed. Enter a user name 
and password to access the Switch's management mode. 

Below is a list and description of the main folders available in the web interface: 

Configuration

 – Contains windows concerning configurations for Switch Information, IP Address, Advanced Settings, Port 

Configuration, Port Description, Port Mirroring, Link Aggregation, LACP Port Setting, MAC Notification, IGMP, Spanning Tree, 
Forwarding Filtering, VLANs, Traffic Control, Port Security, QoS, System Severity Settings, System Log Server, SNTP Settings, 
Access Profile Table, CPU Interface Filtering, Port Access Entity, IP-MAC Binding, Limited IP Multicast Range and Layer 3 IP 
Networking. 

Security Management 

– Contains windows concerning configurations for Security IP, User Accounts, Access Authentication 

Control (TACACS), Secure Sockets Layer (SSL), Secure Shell (SSH), SNMP Manager and Safeguard Engine Settings.  

Monitoring 

– Contains windows concerning monitoring the Switch, pertaining to Port Utilization, CPU Utilization, Packets, 

Errors, Size, MAC Address, Switch History Log, IGMP Snooping Group, IGMP Snooping Forwarding, VLAN Status, Router 
Port, Port Access Control, Layer 3 Feature and Safeguard Engine Status. 

Maintenance

 – Contains windows concerning configurations and information about Switch maintenance, including TFTP 

Services, Multiple Image Services, Ping Test, Save Changes, Reset, Reset System, Reset Config, Reboot Device and Logout. 

Single IP Management

 – Contains windows concerning information on Single IP Management, including SIM Settings, 

Topology, and Firmware/Configuration downloads. 

 

NOTE:

 Be sure to configure the user name and password in the User Accounts menu 

before connecting the Switch to the greater network. 

 

 

  

 

NOTICE:

 In case of lost passwords or password corruption, please refer to the 

D-Link website and the White Paper entitled “Password Recovery Procedure”, 
which will guide you through the steps necessary to resolve this issue. 

 

Содержание xStack DES-3526DC

Страница 1: ... Copyright 2006 All Rights Reserved User Manual Product Model TM DES 3500 Series Layer 2 Managed Stackable Fast Ethernet Switch Release 4 ...

Страница 2: ...k Corporation is strictly forbidden Trademarks used in this text D Link and the D LINK logo are trademarks of D Link Corporation Microsoft and Windows are registered trademarks of Microsoft Corporation Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products D Link Corporation disclaims any proprietary interest in ...

Страница 3: ... 4 Gigabit Combo Ports 5 Installation 7 Package Contents 7 Before You Connect to the Network 7 Installing the Switch without the Rack 8 Installing the Switch in a Rack 9 Mounting the Switch in a Standard 19 Rack 10 Power On AC Power 11 Power Failure 11 Connecting DC Power to DES 3526DC 11 Connecting the Switch 12 Switch to End Node 12 Switch to Hub or Switch 13 Connecting To Network Backbone or Se...

Страница 4: ...g 33 Link Aggregation 34 Understanding Port Trunk Groups 34 LACP Port Setting 37 MAC Notification 38 MAC Notification Global Settings 38 MAC Notification Port Settings 39 IGMP 40 IGMP Snooping 40 Static Router Ports Entry 42 Forbidden Router Ports Entry 43 Spanning Tree 44 802 1s MSTP 44 802 1w Rapid Spanning Tree 44 Port Transition States 44 Edge Port 45 P2P Port 45 802 1d 802 1w 802 1s Compatibi...

Страница 5: ...unk Groups 64 Static VLAN Entry 64 GVRP Setting 66 Traffic Control 67 Port Security 69 QoS 70 Advantages of QoS 70 Understanding QoS 71 Port Bandwidth 72 Scheduling 73 802 1p Default Priority 74 802 1p User Priority 74 Traffic Segmentation 75 System Severity Alerts 76 System Log Server 76 SNTP Settings 78 Time Setting 78 Time Zone and DST 79 Access Profile Table 81 Configuring the Access Profile T...

Страница 6: ... Networking 119 Static ARP Table 119 DHCP BOOTP Relay 120 DHCP BOOTP Relay Global Settings 120 The Implementation of DHCP Information Option 82 in the xStack DES 3500 Series switches 122 DHCP BOOTP Relay Interface Settings 123 Management 124 Security IP 124 User Accounts 124 Admin and User Privileges 125 Access Authentication Control 126 Policy Parameters 127 Application s Authentication Settings ...

Страница 7: ...ived RX 153 UMB Cast RX 154 Transmitted TX 156 Errors 158 Received RX 158 Transmitted TX 159 Size 161 MAC Address 163 Switch History Log 164 IGMP Snooping Group 165 IGMP Snooping Forwarding 166 VLAN Status 167 Router Port 167 Port Access Control 168 Authenticator State 168 Layer 3 Feature 170 Browse ARP Table 170 Safeguard Engine Status 171 Maintenance 172 TFTP Services 172 Download Firmware from ...

Страница 8: ... 180 SIM Using the Web Interface 181 Topology 182 Tool Tips 184 Right Click 185 Group Icon 185 Commander Switch Icon 186 Member Switch Icon 187 Candidate Switch Icon 187 Menu Bar 189 Group 189 Device 189 View 189 Firmware Upgrade 190 Configuration File Backup Restore 190 Upload Log File 190 Technical Specifications 191 Cables and Connectors 193 System Log Entries 194 Cable Lengths 205 Glossary 206...

Страница 9: ...scussion about configuring some of the basic functions of the Switch including accessing the Switch information using the Switch s utilities and setting up network configurations such as Quality of Service The Access Profile Table port mirroring and configuring the Spanning Tree Section 7 Management A discussion of the security features of the Switch including Security IP User Accounts Access Auth...

Страница 10: ... example use the copy command Boldface Typewriter Font Indicates commands and responses to prompts that must be typed exactly as printed in the manual Initial capital letter Indicates a window name Names of keys on the keyboard have initial capitals For example Click Enter Italics Indicates a window name or a field Also can indicate a variables or parameter that is replaced with an appropriate wor...

Страница 11: ...gs of your system Doing so can cause fire or electric shock by shorting out interior components Use the product only with approved equipment Allow the product to cool before removing covers or touching internal components Operate the product only from the type of external power source indicated on the electrical ratings label If you are not sure of the type of power source required consult your se...

Страница 12: ...tem as well as to various peripherals or supporting hardware Before working on the rack make sure that the stabilizers are secured to the rack extended to the floor and that the full weight of the rack rests on the floor Install front and side stabilizers on a single rack or front stabilizers for joined multiple racks before working on the rack Always load the rack from the bottom up and load the ...

Страница 13: ...u can also take the following steps to prevent damage from electrostatic discharge ESD 1 When unpacking a static sensitive component from its shipping carton do not remove the component from the antistatic packing material until you are ready to install the component in your system Just before unwrapping the antistatic packaging be sure to discharge static electricity from your body 2 When transpo...

Страница 14: ...ease in theoretical throughput over 100Mbps Fast Ethernet and a one hundred fold increase over 10Mbps Ethernet Since it is compatible with all 10Mbps and 100Mbps Ether net environments Gigabit Ethernet provides a straightforward upgrade without wasting a company s existing investment in hardware software and trained personnel The increased speed and extra bandwidth offered by Gigabit Ethernet are ...

Страница 15: ...Support Support port based enable and disable Address table Supports up to 8K MAC addresses per device Supports a packet buffer of up to 3 Mbits Supports Port based VLAN Groups Port Trunking with flexible load distribution and fail over function IGMP Snooping support SNMP support Secure Sockets Layer SSL and Secure Shell SSH support Port Mirroring support MIB support for RFC1213 MIB II RFC1493 Bri...

Страница 16: ...sole terminal or PC using a terminal emulation program NOTE For customers interested in D View D Link Corporation s proprietary SNMP management software go to the D Link Website www dlink com cn and download the software and manual Front Panel Components The front panel of the Switch consists of LED indicators for power and for each 10 100 Mbps twisted pair ports and two 1000BASE T Mini GBIC ports...

Страница 17: ...ch using a straight through serial cable RPS DES 3526DC not supported This LED will be lit when the redundant power supply is present and in use Otherwise it will remain dark Port LEDs One row of LEDs for each port is located above the ports on the front panel The first LED is for the top port and the second one is for the bottom ports These port LEDs will light two different colors for 10M and 10...

Страница 18: ...ional external RPS will take over all the power immediately and automatically Figure 1 8 Rear panel view of DES 3526DC The rear panel of the DC power version of the Switch includes an opening designed to accommodate the DC power wiring assembly See the installation instructions in this Section for details Side Panel Description The right hand side panel of the Switch contains a system fan while th...

Страница 19: ...wo ports are 1000BASE T copper ports provided and Mini GBIC ports optional See the diagram below to view the two Mini GBIC port modules being plugged into the Switch Please note that although these two front panel modules can be used simultaneously the ports must be different The GBIC port will always have the highest priority Figure 1 11 Inserting the Mini GBIC modules into the DES 3526 Figure 1 ...

Страница 20: ...xStack DES 3500 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 6 Figure 1 13 Installing the Mini GBIC Module ...

Страница 21: ...e guidelines for setting up the Switch Install the Switch on a sturdy level surface that can support at least 6 6 lb 3 kg of weight Do not place heavy objects on the Switch The power outlet should be within 1 82 meters 6 feet of the Switch Visually inspect the power cord and see that it is fully secured to the AC power port Make sure that there is proper heat dissipation from and adequate ventilat...

Страница 22: ... the rubber feet included with the Switch should first be attached Attach these cushioning feet on the bottom at each corner of the device Allow enough ventilation space between the Switch and any other objects in the vicinity Figure 2 1 Preparing the DES 3526 for installation on a desktop or shelf Figure 1 14 Preparing the DES 3550 for installation on a desktop or shelf ...

Страница 23: ...in a standard 19 rack Use the following diagrams to guide you Figure 2 2 Fasten mounting brackets to the DES 3526 Figure 1 15 Fasten mounting brackets to the DES 3550 Fasten the mounting brackets to the Switch using the screws provided With the brackets attached securely you can mount the Switch in a standard rack as shown in Figure 2 3 below ...

Страница 24: ... resulting in bodily injury under certain circumstances Therefore always install the stabilizers before installing components in the rack After installing components in a rack do not pull more than one component out of the rack on its slide assemblies at one time The weight of more than one extended component could cause the rack to tip over and may result in injury Figure 2 3 Installing the DES 3...

Страница 25: ...ply units in the event of a power failure unplug the Switch When power has resumed plug the Switch back in Connecting DC Power to DES 3526DC Follow the instructions below to connect the DC power supply of the DES 3526DC to a DC power source Figure 2 5 Power connections attached to contacts on assembly 1 Firmly attach the DC power to the negative and positive contacts on the wiring assembly The neg...

Страница 26: ...nd Node End nodes include PCs outfitted with a 10 100 or 1000 Mbps RJ 45 Ethernet Fast Ethernet Network Interface Card NIC and most routers An end node can be connected to the Switch via a twisted pair Category 3 4 or 5 UTP STP cable The end node should be connected to any of the ports of the Switch Figure 3 1 DES 3526 connected to an end node Figure 2 6 DES 3550 connected to an end node The Link ...

Страница 27: ...ch can be connected to the Switch via a twisted pair Category 3 4 or 5 UTP STP cable A 100BASE TX hub or switch can be connected to the Switch via a twisted pair Category 5 UTP STP cable Figure 3 2 DES 3526 connected to a normal non Uplink port on a hub or switch using a straight or crossover cable Figure 2 7 DES 3550 connected to a normal non Uplink port on a hub or switch using a straight or cro...

Страница 28: ...erver The copper ports operate at a speed of 1000 100 or 10Mbps in full or half duplex mode The fiber optic ports can operate at 1000Mbps in full duplex mode Connections to the Gigabit Ethernet ports are made using fiber optic cable or Category 5 copper cable depending on the type of port A valid connection is indicated when the Link LED is lit Figure 3 3 Connecting the DES 3500 Series switch to a...

Страница 29: ...y statistics graphically using a web browser such as Netscape Navigator version 6 2 and higher or Microsoft Internet Explorer version 5 0 SNMP Based Management You can manage the Switch with an SNMP compatible console program The Switch supports SNMP version 1 0 version 2 0 and version 3 0 The SNMP agent decodes the incoming SNMP messages and responds to requests with MIB objects stored in the dat...

Страница 30: ...ator level access privileges Read the next section for more information on setting up user accounts See the DES 3500 Series switches Command Line Interface Reference Manual on the documentation CD for a list of all commands and additional information on using the CLI 13 When you have completed your tasks exit the session with the logout command or close the emulator program Make sure the terminal ...

Страница 31: ...user automatically gets Administrator level privileges It is recommended to create at least one Admin level user account for the Switch Password Protection The DES 3500 Series switches do not have a default user name and password One of the first tasks when settings up the Switch is to create user accounts If you log in using a predefined administrator level user name you have privileged access to...

Страница 32: ...ase sensitive new password Enter the new password again for confirmation Success DES 3500 4 NOTICE CLI configuration commands only modify the running configuration file and are not saved when the Switch is rebooted To save all your configuration changes in nonvolatile storage you must use the save command to copy the running configuration file to the startup configuration NOTICE In case of lost pa...

Страница 33: ...uthentication process that is separated into two parts The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers The second part describes what each user on that list can do as an SNMP manager The Switch allows groups of users to be listed and configured with a shared set of privileges The SNMP version may also be set for a listed group of SNMP man...

Страница 34: ...automatically set using BOOTP or DHCP protocols in which case the actual address assigned to the Switch must be known The IP address may be set using the Command Line Interface CLI over the console serial port as follows Starting at the command line prompt enter the commands config ipif System ipaddress xxx xxx xxx xxx yyy yyy yyy yyy Where the x s represent the IP address to be assigned to the IP...

Страница 35: ... Telnet and the CLI or via the Web based management Connecting Devices to the Switch After you assign IP addresses to the Switch you can connect devices to the Switch To connect a device to an SFP transceiver port Use your cabling requirements to select an appropriate SFP transceiver type Insert the SFP transceiver sold separately into the SFP transceiver slot Use the appropriate network cabling t...

Страница 36: ...l and can communicate directly with the Switch using the HTTP protocol The Web based management module and the Console program and Telnet are different ways to access the same internal switching software and configure it Thus all settings encountered in web based management are the same as those found in the console program Login to Web Manager To begin managing your Switch simply run the browser ...

Страница 37: ...ser interface The user interface is divided into three distinct areas as described in the table Figure 5 3 Main Web Manager page Area Function Area 1 Select the menu or window to be displayed The folder icons can be opened to display the hyper linked menu buttons and subfolders contained within them Click the D Link logo to go to the D Link website Area 2 Presents a graphical near real time image ...

Страница 38: ...y Management Contains windows concerning configurations for Security IP User Accounts Access Authentication Control TACACS Secure Sockets Layer SSL Secure Shell SSH SNMP Manager and Safeguard Engine Settings Monitoring Contains windows concerning monitoring the Switch pertaining to Port Utilization CPU Utilization Packets Errors Size MAC Address Switch History Log IGMP Snooping Group IGMP Snooping...

Страница 39: ...Settings Port Configuration Port Description Port Mirroring Link Aggregation LACP Port Setting MAC Notification IGMP Spanning Tree Forward Filtering VLANs Traffic Control Port Security QoS System Log Servers SNTP Settings Access Profile Table CPU Interface Filtering Port Access Entity IP MAC Binding Limited IP Multicast Range Settings Layer 3 IP Networking ...

Страница 40: ... necessary The user may also enter a System Name System Location and System Contact to aid in defining the Switch to the user s preference IP Address The IP Address may initially be set using the console interface prior to connecting to it through the Ethernet If the Switch IP address has not yet been changed read the introduction of the xStack DES 3500 Series Command Line Interface Manual or retu...

Страница 41: ...a Default Gateway for the Switch These fields should be of the form xxx xxx xxx xxx where each xxx is a number represented in decimal form between 0 and 255 This address should be a unique address on the network assigned for use by the network administrator Subnet Mask A Bitmask that determines the extent of the subnet that the Switch is on Should be of the form xxx xxx xxx xxx where each xxx is a...

Страница 42: ...ion on loading a configuration file for use by a client Also see the section titled Upload Configuration for instructions on uploading a configuration to a TFTP server If the Switch is unable to complete the autoconfiguration process the previously saved configuration file present in Switch memory will be loaded Click Apply to let your changes take effect NOTICE In case of lost passwords or passwo...

Страница 43: ...address age out time in seconds The MAC Address Aging Time can be set to any value between 10 and 1 000 000 seconds The default setting is 300 seconds IGMP Snooping To enable system wide IGMP Snooping capability select Enabled IGMP snooping is Disabled by default Enabling IGMP snooping allows you to specify use of a multicast router only see below To configure IGMP Snooping for individual VLANs us...

Страница 44: ...ccess Entity folder Port Based 802 1x specifies that ports configured for 802 1x are initialized based on the port number only and are subject to any authorization parameters configured MAC based Authorization specifies that ports configured for 802 1x are initialized based on the port number and the MAC address of the computer being authorized and are then subject to any authorization parameters ...

Страница 45: ...x The Auto setting allows the port to automatically determine the fastest settings the device the port is connected to can handle and then to use those settings The other options are Auto 10M Half 10M Full 100M Half and 100M Full There is no automatic adjustment of port settings with any option other than Auto Flow Control Displays the flow control scheme used for the various port configurations P...

Страница 46: ...ere the user may name various ports on the Switch To assign names to various ports click the Port Description on the Configuration menu Figure 6 5 Port Description Setting window Use the From and To pull down menu to choose a port or range of ports to describe and then enter a description of the port s Click Apply to set the descriptions in the Port Description Table ...

Страница 47: ...window To configure a mirror port Select the Source Port from where you want to copy frames and the Target Port which receives the copies from the source port Select the Source Direction Ingress Egress or Both and change the Status drop down menu to Enabled Click Apply to let the changes take effect NOTE You cannot mirror a fast port onto a slower port For example if you try to mirror the traffic ...

Страница 48: ...g Port Trunk Groups Port trunk groups are used to combine a number of ports together to make a single high bandwidth data pipeline The DES 3500 Series switches support up to six port trunk groups with 2 to 8 ports in each group A potential bit rate of 8000 Mbps can be achieved Figure 6 7 Example of Port Trunk Group ...

Страница 49: ...ed on the trunk group Further the aggregated links must all be of the same speed and should be configured as full duplex The Master Port of the group is to be configured by the user and all configuration options including the VLAN configuration that can be applied to the Master Port are applied to the entire link aggregation group Load balancing is automatically applied to the ports in the aggrega...

Страница 50: ... Master Port Choose the Master Port for the trunk group using the pull down menu Member Ports Choose the members of a trunked group Up to eight ports per group can be assigned to a group Flooding Port A trunking group must designate one port to allow transmission of broadcasts and unknown unicasts Active Port Shows the port that is currently forwarding packets Type This pull down menu allows you t...

Страница 51: ... processing and sending LACP control frames This allows LACP compliant devices to negotiate the aggregated link so the group may be changed dynamically as needs require In order to utilize the ability to change an aggregated port group that is to add or subtract ports from the group at least one of the participating devices must designate LACP ports as active Both devices must support LACP Passive...

Страница 52: ...h open the following window by opening the MAC Notification folder and clicking the MAC Notification Global Settings link Figure 6 12 MAC Notification Global Settings window The following parameters may be modified Parameter Description State Enable or disable MAC notification globally on the Switch Interval sec The time in seconds between notifications History size The maximum number of entries l...

Страница 53: ...ort Settings in the MAC Notification folder which will display the following window Figure 6 13 MAC Notification Port Settings window The following parameters may be set Parameter Description From To Select a port or group of ports to enable for MAC notification using the pull down menus State Enable MAC Notification for the ports selected using the pull down menu Click Apply to implement changes ...

Страница 54: ...an open or close a port to a specific multicast group member based on IGMP messages sent from the device to the IGMP host or vice versa The Switch monitors IGMP messages and discontinues forwarding multicast packets when there are no longer hosts requesting that they continue IGMP Snooping Use the Current IGMP Snooping Group Entries window to view IGMP Snooping settings To modify the settings clic...

Страница 55: ...ount of time between group specific query messages including those sent in response to leave group messages Default 1 Host Timeout This is the maximum amount of time in seconds allowed for a host to continue membership in a multicast group without the Switch receiving a host membership report Default 260 Route Timeout This is the maximum amount of time in seconds a route is kept in the forwarding ...

Страница 56: ...outer port A router port will be dynamically configured when IGMP query packets RIPv2 multicast DVMRP multicast or PIM DM multicast packets are detected flowing into a port Open the IGMP folder and the click on the Static Router Ports Entry link to open the Current Static Router Ports Entries page as shown below Figure 6 16 Current Static Router Ports Entries window The Current Static Router Ports...

Страница 57: ...ick Configuration IGMP Forbidden Router Ports Entry Figure 6 18 Current Forbidden MC Router Ports Entries To change the forbidden router ports settings for a listed VLAN click its corresponding Modify button which will display the following configurable window Figure 6 19 Forbidden MC Router Ports Settings To add ports as forbidden router ports click the corresponding check box of the port or port...

Страница 58: ... the Switch three steps need to be taken 1 The Switch must be set to the MSTP setting found in the STP Bridge Global Settings window in the STP Version field 2 The correct spanning tree priority for the MSTP instance must be entered defined here as a Priority in the MST Configuration Table window when configuring an MSTI ID settings 3 VLANs that will be shared must be added to the MSTP Instance ID...

Страница 59: ...ol STP operates on two levels 1 On the switch level the settings are globally implemented 2 On the port level the settings are implemented on a per user defined group of ports basis STP Loopback Detection When connected to other switches STP is an important configuration in consistency for delivering packets to ports and can greatly improve the throughput of your switch Yet even this function can ...

Страница 60: ...ly enabled for the switch yet the port by port default setting is disabled The default setting for the Loopback timer is 60 seconds This setting will only be operational if the interface is STP enabled The Loopback Detection feature can only prevent BPDU loops on the DES 3500 Series switches designated ports It can detect a loop condition occurring on the user s side connected to the edge port but...

Страница 61: ...For MSTP the Hello Time must be set on a port per port basis See the MST Port Settings section for further details Max Age The Max Age may be set to ensure that old information does not endlessly circulate through redundant paths in the network preventing the effective propagation of the new information Set by the Root Bridge this value will aid in determining that the Switch has spanning tree con...

Страница 62: ...he default is enabled LBD Recover Time This field will set the time the STP port will wait before recovering the STP state set 0 will denote that the LBD will never time out or restart until the administrator personally changes it The user may also set a time between 60 and 1000000 seconds The default is 60 seconds MST Configuration Identification Configuration Name Enter an alphanumeric string of...

Страница 63: ...figuration Name will identify the MSTP region configured on the Switch This field can also be set in the STP Bridge Global Settings window MSTI ID This field shows the MSTI IDs currently set on the Switch This field will always have the CIST MSTI which may be configured but not deleted Clicking the hyperlinked name will open a new window for configuring parameters associated with that particular M...

Страница 64: ...er the priority This entry must be divisible by 4094 Click Apply to implement changes made To configure the parameters for a previously set MSTI click on its hyperlinked MSTI ID number which will reveal the following window for configuration Figure 6 26 Instance ID Settings window modify The user may configure the following parameters for a MSTI on the Switch Parameter Description MSTI ID Displays...

Страница 65: ...rmation window To view the MSTI settings for a particular port select the Port number located in the top left hand corner of the screen and click Apply To modify the settings for a particular MSTI Instance click on its hyperlinked MSTI ID which will reveal the following window Figure 6 28 MSTI Settings window Parameter Description Instance ID Displays the MSTI ID of the instance being configured A...

Страница 66: ... instance type s currently configured on the Switch Each instance type is classified by a MSTI ID CIST refers to the default MSTI configuration set on the Switch Instance Status Displays the current status of the corresponding MSTI ID Instance Priority Displays the priority of the corresponding MSTI ID The lowest priority will be the root bridge Click Apply to implement changes made To acquire mor...

Страница 67: ...STP Group will use the switch level parameters entered above with the addition of Port Priority and Port Cost An STP Group spanning tree works in the same way as the switch level spanning tree but the root bridge concept is replaced with a root port concept A root port is a port of the group that is elected based on port priority and port cost to be the connection to the network for the group Redu...

Страница 68: ...P are not realized on a port where an 802 1d network connects to an 802 1w or 802 1s enabled network Migration should be set as yes on ports connected to network stations or segments that are capable of being upgraded to 802 1w RSTP or 802 1s MSTP on all or some portion of the segment Edge Choosing the True parameter designates the port as an edge port Edge ports cannot create loops however an edg...

Страница 69: ...cally forwarded This must be a unicast MAC address Allowed to Go Port Allows the selection of the port number on which the MAC address entered above resides Click Apply to implement the changes made To delete an entry in the Static Unicast Forwarding Table click the corresponding X under the Delete heading Multicast Forwarding The following figure and table describe how to set up Multicast Forward...

Страница 70: ...members of the static multicast group and ports either that are forbidden from joining dynamically or that can join the multicast group dynamically using GMRP The options are None No restrictions on the port dynamically joining the multicast group When None is chosen the port will not be a member of the Static Multicast Group Egress The port is a static member of the multicast group Click Apply to...

Страница 71: ...de This drop down menu allows you to select the action the Switch will take when it receives a multicast packet that is to be forwarded to one of the ports in the range specified above Forward All Groups This will instruct the Switch to forward a multicast packet to all multicast groups residing within the range of ports specified above Forward Unregistered Groups This will instruct the Switch to ...

Страница 72: ...ackets for every 1 packet cleared from Queue 0 Remember the priority queue settings on the Switch are for all ports and all devices connected to the Switch will be affected This priority queuing system will be especially beneficial if your network employs switches with the capability of assigning priority tags VLAN Description A Virtual Local Area Network VLAN is a network topology configured acco...

Страница 73: ...of IEEE 802 1Q VLANs allows VLANs to work with legacy switches that don t recognize VLAN tags in packet headers The tagging feature allows VLANs to span multiple 802 1Q compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally The IEEE 802 1Q standard restricts the forwarding of untagged packets to the VLAN the receiving port is a...

Страница 74: ...e VLAN identifier and is used by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLANs can be identified The tag is inserted into the packet header making the entire packet longer by 4 octets All of the information originally contained in the packet is retained Figure 6 37 IEEE 802 1Q Tag The EtherType and VLAN ID are inserted after the MAC source address but before the original Et...

Страница 75: ...g Ports with tagging enabled will put the VID number priority and other VLAN information into the header of all packets that flow into and out of it If a packet has previously been tagged the port will not alter the packet thus keeping the VLAN information intact Other 802 1Q compliant devices on the network to make packet forwarding decisions can then use the VLAN information in the tag Ports wit...

Страница 76: ...e able to identify 802 1Q tags in packet headers NICs send and receive normal Ethernet packets If the packet s destination lies on the same segment communications take place using normal Ethernet protocols Even though this is always the case when the destination for a packet lies on another switch port VLAN considerations come into play to decide if the packet gets dropped by the Switch or deliver...

Страница 77: ... shared servers and shared printers Therefore this group of ports is to be included for all VLANs VLAN V2 is then configured to include ports 1 8 shared VLAN ports and the set of ports to be separated from the other subsetted VLANs ports 9 16 VLAN V3 is then configured to include ports 1 8 shared ports and the set of ports to be separated from the other subsetted VLANs 17 24 Therefore we have two ...

Страница 78: ...o open the following window Figure 6 40 Current 802 1Q Static VLANs Entries window The 802 1Q Static VLANs window lists all previously configured VLANs by VLAN ID and VLAN Name To delete an existing 802 1Q VLAN click the corresponding X button under the Delete heading To create a new 802 1Q VLAN click the Add button in the 802 1Q Static VLANs window A new window will appear as shown below to confi...

Страница 79: ...indow Advertisement Enabling this function will allow the Switch to send out GVRP packets to outside sources notifying that they may join the existing VLAN Port Settings Allows an individual port to be specified as member of a VLAN Tag Specifies the port as either 802 1Q tagging or 802 1Q untagged Checking the box will desig nate the port as Tagged None Allows an individual port to be specified as...

Страница 80: ... PVID If the two are unequal the port will drop the packet If the two are equal the port will receive the packet GVRP The Group VLAN Registration Protocol GVRP enables the port to dynamically become a member of a VLAN GVRP is Disabled by default Ingress This field can be toggled using the space bar between Enabled and Disabled Enabled enables the port to compare the VID tag of an incoming packet w...

Страница 81: ... network or a malfunctioning device such as a faulty network card Thus switch throughput problems will arise and consequently affect the overall performance of the switch network To help rectify this packet storm the Switch will monitor and control the situation The packet storm is monitored to determine if too many packets are flooding the network based on the threshold level provided by the user...

Страница 82: ...he Traffic Control function These packet counts are the determining factor in deciding when incoming packets exceed the Threshold value The Interval may be set between 5 and 30 seconds with the default setting of 5 seconds Count Down The Count Down timer is set to determine the amount of time in minutes that the Switch will wait before shutting down the port that is experiencing a traffic storm Th...

Страница 83: ...ull down menu allows you to select how the MAC address table locking will be implemented on the Switch for the selected group of ports The options are Permanent The locked addresses will not age out after the aging timer expires Delete OnTimeout The locked addresses will age out after the aging timer expires Delete On Reset The locked addresses will not age out until the Switch has been reset Clic...

Страница 84: ...gure 6 46 Mapping QoS on the Switch The picture above shows the default priority setting for the Switch Class 3 has the highest priority of the four priority queues on the Switch In order to implement QoS the user is required to instruct the Switch to examine the header of a packet to see if it has the proper identifying tag tagged Then the user may forward these tagged packets to designated queue...

Страница 85: ...riority tags Only when these queues are empty are packets of lower priority transmitted For weighted round robin queuing the number of packets sent from each priority queue depends upon the assigned weight For a configuration of 8 CoS queues A H with their respective weight value 8 1 the packets are sent in the following sequence A1 B1 C1 D1 E1 F1 G1 H1 A2 B2 C2 D2 E2 F2 G2 A3 B3 C3 D3 E3 F3 A4 B4...

Страница 86: ...ay be configured starting with the selected port Type This drop down menu allows you to select between RX receive TX transmit and Both This setting will determine whether the bandwidth ceiling is applied to receiving transmitting or both receiving and transmitting packets No Limit This drop down menu allows you to specify that the selected port will have no bandwidth limit Enabled disables the lim...

Страница 87: ...QoS classes to set the scheduling Parameter Description Max Packets 0 255 Specifies the maximum number of packets the above specified hardware priority queue would be allowed to transmit before allowing the next lowest priority queue to transmit its packets A value between 0 and 255 can be specified Max Latency 0 255 Specifies the maximum amount of time the above specified hardware priority queue ...

Страница 88: ...n to the right This window allows you to assign a default 802 1p priority to any given port on the Switch The priority queues are numbered from 0 the lowest priority to 7 the highest priority Click Apply to implement your settings The DES 3500 Series switches allows the assignment of a user priority to each of the 802 1p priorities In the Configuration folder open the QoS folder and click 802 1p U...

Страница 89: ...on folder open the QoS folder and click Traffic Segmentation to view the screen shown below Figure 6 51 Traffic Segmentation Setting window This page allows you to determine which port on a given switch will be allowed to forward packets to other ports on that switch The user may set the following parameters Parameter Description Port Check the corresponding boxes for the port s you wish to transm...

Страница 90: ... agent Select information send informational warning and critical events to the Switch s log or SNMP agent Click Apply to implement the new System Severity alert level System Log Server Figure 6 53 System Log Servers window The parameters configured for adding and editing System Log Server settings are the same See the table below for a description Figure 6 54 System Log Server window Add The Swit...

Страница 91: ...acility 0 1 2 3 4 5 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 kernel messages user level messages mail system system daemons security authorization messages messages generated internally by syslog line printer subsystem network news subsystem UUCP subsystem clock daemon security authorization messages FTP daemon NTP subsystem log audit log alert clock daemon local use 0 local0 local use 1 lo...

Страница 92: ...t Time SNTP Settings SNTP State Use this pull down menu to Enabled or Disabled SNTP SNTP Primary Server This is the IP address of the primary server the SNTP information will be taken from SNTP Secondary Server This is the IP address of the secondary server the SNTP information will be taken from SNTP Poll Interval in Seconds This is the interval in seconds between requests for updated SNTP inform...

Страница 93: ...the amount of time that will constitute your local DST offset 30 60 90 or 120 minutes Time Zone Offset from GMT in HH MM Use these pull down menus to specify your local time zone s offset from Greenwich Mean Time GMT DST Repeating Settings Using repeating mode will enable DST seasonal time adjustment Repeating mode requires that the DST beginning and ending date be specified using a formula For ex...

Страница 94: ...nning and ending date be specified concisely For example specify to begin DST on April 3 and end DST on October 14 From Month Enter the month DST will start on each year From Day Enter the day of the week DST will start on each year From Time in HH MM Enter the time of day DST will start on each year To Month Enter the month DST will end on each year To Day Enter the day of the week DST will end o...

Страница 95: ...ed Access Profiles on the Switch open the Configuration folder and click on the Access Profile Table link This will open the Access Profile Table window as shown below Figure 6 57 Access Profile Table window To add an entry to the Access Profile Table click the Add Profile button This will open the Access Profile Configuration window as shown below There are three Access Profile Configuration wind...

Страница 96: ...r 2 part of each packet header Select IP to instruct the Switch to examine the IP address in each frame s header Select Packet Content Mask to specify a mask to hide the content of the packet header VLAN Selecting this option instructs the Switch to examine the VLAN identifier of each packet header and use this as the full or partial criterion for forwarding Source Mac Source MAC Mask Enter a MAC ...

Страница 97: ...tch to examine the Internet Control Message Protocol ICMP field in each frame s header Select Type to further specify that the access profile will apply an ICMP type value or specify Code to further specify that the access profile will apply an ICMP code value Select IGMP to instruct the Switch to examine the Internet Group Management Protocol IGMP field in each frame s header Select Type to furth...

Страница 98: ...Ethernet to instruct the Switch to examine the layer 2 part of each packet header Select IP to instruct the Switch to examine the IP address in each frame s header Select Packet Content Mask to specify a mask to hide the content of the packet header Offset This field will instruct the Switch to mask the packet header beginning with the offset value specified value 0 15 Enter a value in hex form to...

Страница 99: ... The user may display all Access ID entries by clicking the View All Entry button To create a new rule set for an access profile click the Add button A new window is displayed To remove a previously created rule click the corresponding button Figure 6 62 Access Rule Configuration window IP Configure the following Access Rule Configuration settings Parameter Description Profile ID This is the ident...

Страница 100: ...ming 802 1p user priority re written to its original value before being forwarded by the Switch For more information on priority queues CoS queues and mapping for 802 1p see the QoS section of this manual Replace DSCP 0 63 Select this option to instruct the Switch to replace the DSCP value in a packet that meets the selected criteria with the value entered in the adjacent field VLAN Name Allows th...

Страница 101: ...he identifier number for this profile set Mode Select Permit to specify that the Switch according to any additional rule forwards the packets that match the access profile added see below Select Deny to specify that packets that match the access profile are not forwarded by the Switch and will be filtered Access ID 1 65535 Type in a unique identifier number for this access This value can be set fr...

Страница 102: ... this manual VLAN Name Allows the entry of a name for a previously configured VLAN Source MAC Source MAC Address Enter a MAC Address for the source MAC address Destination MAC Destination MAC Address Enter a MAC Address mask for the destination MAC address 802 1p 0 7 Enter a value from 0 to 7 to specify that the access profile will apply only to packets with this 802 1p priority value Ethernet Typ...

Страница 103: ...cess ID entries by clicking the View All Entry button To remove a previously created rule select it and click the button Access rules are indexed using the Access ID number To locate a specific Access Rule in the table enter the Access ID and click Find To display all rules in the table click the View All Entries button To add a new Access Rule click the Add button above the Access Rule Table to v...

Страница 104: ...d by the Switch that match this priority are forwarded to the CoS queue specified previously by the user Replace Priority with Click the corresponding box if you want to re write the 802 1p default priority of a packet to the value entered in the Priority 0 7 field which meets the criteria specified previously in this command before forwarding it on to the specified CoS queue Otherwise a packet wi...

Страница 105: ...xStack DES 3500 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 91 Figure 6 69 Access Rule Display window Packet Content ...

Страница 106: ...art or parts of a frame the Switch will examine such as the MAC source address or the IP destination address The second part is entering the criteria the Switch will use to determine what to do with the frame The entire process is described below CPU Interface Filtering Profile Table Click Configuration CPU Interface Filtering to display the CPU Access Profile Table entries created on the Switch T...

Страница 107: ...er VLAN Selecting this option instructs the Switch to examine the VLAN identifier of each packet header and use this as the full or partial criterion for forwarding Source MAC Source MAC Mask Enter a MAC address mask for the source MAC address Destination MAC Destination MAC Mask Enter a MAC address mask for the destination MAC address 802 1p Enter a value from 0 7 to specify that the access profi...

Страница 108: ...cify that the access profile will apply an ICMP code value Select IGMP to instruct the Switch to examine the Internet Group Management Protocol IGMP field in each frame s header Select Type to further specify that the access profile will apply an IGMP type value Select TCP to use the TCP port number contained in an incoming packet as the forwarding criterion Selecting TCP requires that you specify...

Страница 109: ...profile Select Ethernet to instruct the Switch to examine the layer 2 part of each packet header Select IP to instruct the Switch to examine the IP address in each frame s header Select Packet Content Mask to specify a mask to hide the content of the packet header Offset This field will instruct the Switch to mask the packet header beginning with the offset value specified value 0 15 Enter a value...

Страница 110: ... 6 74 CPU Interface Filtering Rule Table Click the Add Rule button to continue on to the CPU Interface Filtering Rule Table window A new and unique window for Ethernet IP and Packet Content will open as shown in the examples below To change a rule for a previously created CPU Access Profile Rule In this window the user may change a rule that has been previously created by clicking the correspondin...

Страница 111: ...tch to examine the layer 2 part of each packet header IP instructs the Switch to examine the IP address in each frame s header Packet Content Mask instructs the Switch to examine the packet header VLAN Name Allows the entry of a name for a previously configured VLAN Source MAC Source MAC Address Enter a MAC Address for the source MAC address Destination MAC Destination MAC Address Enter a MAC Addr...

Страница 112: ...ing CPU Interface Filtering Rule Configuration settings for IP Parameter Description Profile ID This is the identifier number for this profile set Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch according to any additional rule added see below Select Deny to specify that packets that match the access profile are not forwarded by the Switch a...

Страница 113: ...k for the destination IP address Dscp 0 63 This field allows the user to enter a DSCP value in the space provided which will instruct the Switch to examine the DiffServ Code part of each packet header and use this as the or part of the criterion for forwarding The user may choose a value between 0 and 63 Protocol This field allows the user to modify the protocol used to configure the CPU Interface...

Страница 114: ...This value can be set from 1 65535 Type Selected profile based on Ethernet MAC Address IP address or Packet Content Ethernet instructs the Switch to examine the layer 2 part of each packet header IP instructs the Switch to examine the IP address in each frame s header Packet Content Mask instructs the Switch to examine the packet header Offset This field will instruct the Switch to mask the packet...

Страница 115: ...Stackable Fast Ethernet Managed Switch User Manual 101 To view the settings of a previously correctly configured rule click in the Access Rule Table to view the following screen Figure 6 81 CPU Interface Filtering Rule Display for IP ...

Страница 116: ...Authentication Protocol over LAN EAPOL packets between the Client and the Server The following figure represents a basic EAPOL packet Figure 6 82 EAPOL Packet Utilizing this method unauthorized devices are restricted from connecting to a LAN through a port to which the user is connected EAPOL packets are the only traffic that can be transmitted through the specific port until authorization is gran...

Страница 117: ...thentication Server Authenticator The Authenticator the Switch is an intermediary between the Authentication Server and the Client The Authenticator serves two purposes when utilizing 802 1x The first purpose is to request certification information from the Client through EAPOL packets which is the only information allowed to pass through the Authenticator before access is granted to the Client Th...

Страница 118: ...the network Only EAPOL traffic is allowed to pass through the specified port before a successful authentication is made This port is locked until the point when a Client with the correct username and password and MAC address if 802 1x is enabled by MAC address is granted access and therefore successfully unlocks the port Once unlocked normal traffic is allowed to pass through the port The D Link i...

Страница 119: ... This is the Port Based Network Access Control 802 1X Client 802 1X Client 802 1X Client 802 1X Client 802 1X Client 802 1X Client 802 1X Client 802 1X Client 802 1X Client Network access controlled port Network access uncontrolled port RADIUS Server Ethernet Switch Figure 6 87 Example of Typical Port Based Configuration Once the connected Client has successfully been authenticated the Port then b...

Страница 120: ...uration In order to successfully make use of 802 1x in a shared media LAN segment it would be necessary to create virtual Ports one for each attached device that required access to the LAN The Switch would regard the single physical Port connecting it to the shared media segment as consisting of a number of distinct virtual Ports each virtual Port being independently controlled from the point of v...

Страница 121: ...gs click Port Access Entity Configure Authenticator Figure 6 89 802 1X Authenticator Settings window To configure the settings by port click on the hyperlinked port number under the Port heading which will display the following table to configure Figure 6 90 802 1X Authenticator Settings window Modify This window allows you to set the following features ...

Страница 122: ... received The Switch then requests the identity of the client and begins relaying authentication messages between the client and the authentication server The default setting is Auto TxPeriod This sets the TxPeriod of time for the authenticator PAE state machine This value determines the period of an EAP Request Identity packet transmitted to the client The default setting is 30 seconds QuietPerio...

Страница 123: ...he Switch s 802 1x port based authentication select which ports are to be configured in the From and To fields Next enable the ports by selecting Authenticator from the drop down menu under Capability Click Apply to let your change take effect Configure the following 802 1x capability settings Parameter Description From and To Ports being configured for 802 1x settings Capability Two role choices ...

Страница 124: ...rent status of the port s This window displays the following information Parameter Description From and To Select ports to be initialized Port A read only field indicating a port on the Switch MAC Address The MAC address of the Switch connected to the corresponding port if any Auth PAE State The Authenticator PAE State will display one of the following Initialize Disconnected Connecting Authentica...

Страница 125: ...nding check box To begin the initialization click Apply NOTE The user must first globally enable 802 1X in the Switch Information Advanced Settings window in the Configuration folder before initializing ports Information in the Initialize Ports Table cannot be viewed before enabling 802 1X Reauthenticate Port s for Port Based 802 1x This window allows you to reauthenticate a port or group of ports...

Страница 126: ...f the Switch allows you to facilitate centralized user administration as well as providing protection against a sniffing active hacker The Web Manager offers three windows Click Port Access Entity RADIUS Server Authentic RADIUS Server to open the RADIUS Server Authentication Setting window shown below Figure 6 95 RADIUS Server Authentication Setting window This window displays the following inform...

Страница 127: ...ser can enable or disable the function on the individual port ACL Mode Figure 6 96 Access Profile Table IP MAC ACL Mode Enabled To view the particular configurations associated with these two entries click their corresponding hyperlinked Profile IDs which will display the following Figure 6 97 Access Profile Entry Display for IP MAC ACL Mode Enabled Entries These two entries cannot be modified or ...

Страница 128: ...function of the IP MAC binding function please pay close attention to previously set ACL entries Since the ACL mode entries will fill the first two available access profiles and access profile IDs denote the ACL priority the ACL mode entries may take precedence over other configured ACL entries This may render some user defined ACL parameters inoperable due to the overlapping of settings combined ...

Страница 129: ...inding folder on the Configuration Menu to open the IP MAC Binding Ports Setting window Select a port or a range of ports with the From and To fields Enable or disable the port with the State field The user may also enable the ACL Mode for IP MAC Binding which will create two Access Profile Entries on the Switch as previously stated Click Apply to save changes Figure 6 100 IP MAC Binding Ports win...

Страница 130: ...ow The following fields can be set or modified Parameter Description IP Address Enter the IP address you wish to bind to the MAC address set below MAC Address Enter the MAC address you wish to bind to the IP Address set above All Ports Click this check box to configure this IP MAC binding entry IP Address MAC Address for all ports on the Switch Ports Specify the switch ports for which to configure...

Страница 131: ...locked in the IP MAC Blocked folder on the Configuration menu to open the IP MAC Binding Blocked window Figure 6 102 IP MAC Binding Blocked window To find an unauthorized device that has been blocked by the IP MAC binding restrictions enter the VLAN name and MAC Address in the appropriate fields and click Find To delete an entry click the delete button next to the entry s MAC address To delete all...

Страница 132: ...IP Multicast Range window shown below Figure 6 103 Limited Multicast VLAN Range window To configure Limited IP Multicast Range 1 Choose the port or sequential range of ports using the From To port pull down menus 2 Use the remaining pull down menus to configure the parameters described below Parameter Description State Toggle the State field to either Enabled or Disabled a given port or group of p...

Страница 133: ...nd then open the Layer 3 IP Networking folder and click on the Static ARP Table link Figure 6 104 Static ARP Settings window To add a new entry click the Add button revealing the following window to configure Figure 6 105 Static ARP Table Add a New Entry window To modify an entry click the Modify button revealing the following window to configure Figure 6 106 Static ARP Table Modify The following ...

Страница 134: ...he Switch will not process the value in the seconds field of the BOOTP or DHCP packet If a non zero value is entered the Switch will use that value along with the hop count to determine whether to forward a given BOOTP or DHCP packet DHCP Agent Information Option 82 State This field can be toggled between Enabled and Disabled using the pull down menu It is used to enable or disable the DHCP Agent ...

Страница 135: ...es policy for handling packets when the DHCP Agent Information Option 82 Check is set to Disabled The default is Replace Replace The option 82 field will be replaced if the option 82 field already exists in the packet received from the DHCP client Drop The packet will be dropped if the option 82 field already exists in the packet received from the DHCP client Keep The option 82 field will be retai...

Страница 136: ... zero Circuit ID sub option format 1 2 3 4 5 6 7 1 6 0 4 VLAN Module Port 1 byte 1 byte 1 byte 1 byte 2 bytes 1 byte 1 byte a Sub option type b Length c Circuit ID type d Length e VLAN the incoming VLAN ID of DHCP client packet f Module For a standalone switch the Module is always 0 For a stackable switch the Module is the Unit ID g Port The incoming port number of DHCP client packet port number s...

Страница 137: ...indow once the user clicks the Add button under the Apply heading The user may add up to four server IPs per IP interface on the Switch Entries may be deleted by clicking it s corresponding To enable and configure DHCP BOOTP Relay Global Settings on the Switch click Configuration Layer 3 Networking DHCP BOOTP Relay DHCP BOOTP Relay Interface Settings Figure 6 109 DHCP BOOTP Relay Interface Setting...

Страница 138: ...Security IP Management window Use the Security IP Management to permit remote stations to manage the Switch If you choose to define one or more designated management stations only the chosen stations as defined by IP address will be allowed management privilege through the web manager or Telnet session To define a management station IP setting type in the IP address and click the Apply button User...

Страница 139: ...ser can be viewed in the Access Right field Admin and User Privileges There are two levels of user privileges Admin and User Some menu selections available to users with Admin privileges may not be available to those with User privileges The following table summarizes the Admin and User privileges Management Admin User Configuration Yes Read Only Network Monitoring Yes Read Only Community Strings ...

Страница 140: ...leges on the Switch The server will not accept the username and password and the user is denied access to the Switch The server doesn t respond to the verification query At this point the Switch receives the timeout from the server and then moves to the next method of verification configured in the method list The Switch has four built in Authentication Server Groups one for each of the TACACS XTA...

Страница 141: ...s Command line interface users will have to wait 60 seconds before another authentication attempt Telnet and web users will be disconnected from the Switch The user may set the number of attempts from 1 to 255 The default setting is 3 Click Apply to implement changes made Application s Authentication Settings This window is used to configure switch configuration applications console Telnet SSH web...

Страница 142: ...ot be removed but can be modified Up to eight authentications server hosts may be added to any particular group To view the following window click Security Management Access Authentication Control Authentication Server Group Figure 7 7 Authentication Server Group Settings window This screen displays the Authentication Server Groups on the Switch The Switch has four built in Authentication Server G...

Страница 143: ...s can only have server hosts running the same TACACS daemon TACACS XTACACS TACACS protocols are separate entities and are not compatible with each other Authentication Server Hosts This window will set user defined Authentication Server Hosts for the TACACS XTACACS TACACS RADIUS security protocols on the Switch When a user attempts to access the Switch with Authentication Policy enabled the Switch...

Страница 144: ... between 1 and 65535 to define the virtual port number of the authentication protocol on a server host The default port number is 49 for TACACS XTACACS TACACS servers and 1813 for RADIUS servers but the user may set a unique port number for higher security Timeout 1 255 Enter the time in seconds the Switch will wait for the server host to reply to an authentication request The default value is 5 s...

Страница 145: ...dant on the local account privilege configured on the Switch Successful login using any of these techniques will give the user a User privilege only If the user wishes to upgrade his or her status to the administrator level the user must use the Enable Admin window in which the user must enter a previously configured password set by the administrator See the Enable Admin part of this section for m...

Страница 146: ... Switch he or she must be authenticated by a method on the Switch to gain administrator privileges on the Switch which is defined by the Administrator A maximum of eight Enable Method Lists can be implemented on the Switch one of which is a default Enable Method List This default Enable Method List cannot be deleted but can be configured The sequence of methods implemented in this command will aff...

Страница 147: ...ser to be authenticated using the RADIUS protocol from a remote RADIUS server tacacs Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server xtacacs Adding this parameter will require the user to be authenticated using the XTACACS protocol from a remote XTACACS server tacacs Adding this parameter will require the user to be authenticate...

Страница 148: ...el After logging on to the Switch users will have only user level privileges To gain access to administrator level privileges the user will open this window and will have to enter an authentication password Possible authentication methods for this function include TACACS XTACACS TACACS RADIUS user defined server groups local enable local account on the Switch or no authentication none Because XTAC...

Страница 149: ... Message Digest 5 and SHA Secure Hash Algorithm These three parameters are uniquely assembled in four choices on the Switch to create a three layered encryption code for secure communication between the server and the host The user may implement any one or combination of the ciphersuites available yet different ciphersuites will affect the security level and the performance of the secured connecti...

Страница 150: ...e MD5 Hash Algorithm Use the pull down menu to enable or disable this ciphersuite This field is Enabled by default RSA with 3DES EDE CBC SHA This ciphersuite combines the RSA key exchange CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm Use the pull down menu to enable or disable this ciphersuite This field is Enabled by default DHS DSS with 3DES EDE CBC SHA This ciphersuite combine...

Страница 151: ...o use a specified authorization method to identify users that are allowed to establish SSH connections with the Switch using the SSH User Authentication window There are three choices as to the method SSH will use to authorize the user which are Host Based Password and Public Key 3 Configure the encryption algorithm that SSH will use to encrypt and decrypt messages sent between the SSH client and ...

Страница 152: ...w allows the configuration of the desired types of SSH algorithms used for authentication encryption There are four categories of algorithms listed and specific algorithms of each may be enabled or disabled by using their corresponding pull down menus All algorithms are enabled by default To open the following window click Security Management Secure Shell SSH SSH Algorithm Figure 7 25 Encryption A...

Страница 153: ...m utilizing the Secure Hash algorithm The default is Enabled HMAC MD5 Use the pull down to enable or disable the HMAC Hash for Message Authentication Code mechanism utilizing the MD5 Message Digest encryption algorithm The default is Enabled Public Key Algorithm HMAC RSA Use the pull down to enable or disable the HMAC Hash for Message Authentication Code mechanism utilizing the RSA encryption algo...

Страница 154: ...f the administrator wishes to use a remote SSH server for authentication purposes Choosing this parameter requires the user to input the following information to identify the SSH user Host Name Enter an alphanumeric string of no more than 31 characters to identify the remote SSH user Host IP Enter the corresponding IP address of the SSH user Password This parameter should be chosen if the administ...

Страница 155: ...P managers Thus you may create a group of SNMP managers that are allowed to view read only information or receive traps using SNMPv1 while assigning a higher level of security to another group granting read write privi leges using SNMPv3 Using SNMPv3 individual users or groups of SNMP managers can be allowed to perform or be restricted from performing specific SNMP management functions The functio...

Страница 156: ... User Name An alphanumeric string of up to 32 characters This is used to identify the SNMP users Group Name This name is used to specify the SNMP group created can request SNMP messages SNMP Version V1 Indicates that SNMP version 1 is in use V2 Indicates that SNMP version 2 is in use V3 Indicates that SNMP version 3 is in use Auth Protocol None Indicates that no authorization protocol is in use MD...

Страница 157: ...eld has been checked This field will require the user to enter a password SHA Specifies that the HMAC SHA authentication protocol will be used This field is only operable when V3 is selected in the SNMP Version field and the Encryption field has been checked This field will require the user to enter a password Priv Protocol None Specifies that no authorization protocol is in use DES Specifies that...

Страница 158: ...7 32 SNMP View Table Configuration window The SNMP Group created with this table maps SNMP users identified in the SNMP User Table to the views created in the previous window The following parameters can set Parameter Description View Name Type an alphanumeric string of up to 32 characters This is used to identify the new SNMP view being created Subtree OID Type the Object Identifier OID Subtree f...

Страница 159: ...window should appear Figure 7 33 SNMP Group Table window To delete an existing SNMP Group Table entry click the corresponding X under the Delete heading To display the current settings for an existing SNMP Group Table entry click the hyperlink for the entry under the Group Name Figure 7 34 SNMP Group Table Configuration window To add a new entry to the Switch s SNMP Group Table click the Add butto...

Страница 160: ...ncryption of packets sent between the Switch and a remote SNMP manager AuthNoPriv Specifies that authorization will be required but there will be no encryption of packets sent between the Switch and a remote SNMP manager AuthPriv Specifies that authorization will be required and that packets sent between the Switch and a remote SNMP manger will be encrypted To implement your new settings click App...

Страница 161: ...dow to set up SNMP trap recipients Open the SNMP Manager folder located in the Security Management folder and click on the SNMP Host Table link This will open the SNMP Host Table window as shown below To delete an existing SNMP Host Table entry click the corresponding X under the Delete heading To display the current settings for an existing SNMP Group Table entry click the blue link for the entry...

Страница 162: ...MP Engine ID The Engine ID is a unique identifier used for SNMP V3 implementations This is an alphanumeric string used to identify the SNMP engine on the Switch To display the Switch s SNMP Engine ID open the SNMP Manger folder located in the Security Management and click on the SNMP Engine ID link This will open the SNMP Engine ID Configuration window as shown below Figure 7 39 SNMP Engine ID Con...

Страница 163: ...ets Yet if the checking shows that there continues to be too many packets flooding the Switch it will stop accepting all ARP and IP broadcast packets for double the time of the previous stop period This doubling of time for stopping ingress ARP and IP broadcast packets will continue until the maximum time has been reached which is 320 seconds and every stop from this point until a return to normal...

Страница 164: ...on State Toggle the State field to either Enabled or Disabled for the Safeguard Engine of the Switch Rising Threshold Used to configure the acceptable level of CPU utilization before the Safeguard Engine mechanism is enabled Once the CPU utilization reaches this percentage level the Switch will move into the Exhausted state Falling Threshold Used to configure the acceptable level of CPU utilizatio...

Страница 165: ...tion window The following field can be set Parameter Description Time Interval Select the desired setting between 1s and 60s where s stands for seconds The default value is one second Record Number Select number of times the Switch will be polled between 20 and 200 The default value is 200 Click Clear to refresh the graph Click Apply to set changes implemented The Utilization window displays the p...

Страница 166: ...k the CPU Utilization link Figure 8 2 CPU Utilization window Click Apply to implement the configured settings The window will automatically refresh with new updated statistics The information is described as follows Parameter Description Time Interval Select the desired setting between 1s and 60s where s stands for seconds The default value is one second Record Number Select number of times the Sw...

Страница 167: ...eived RX Click the Received RX link in the Packets folder of the Monitoring menu to view the following graph of packets received on the Switch Figure 8 3 Rx Packets Analysis window line graph for Bytes and Packets To view the Received Packets Table click the link View Table which will show the following table Figure 8 4 Rx Packets Analysis window table for Bytes and Packets The following fields ma...

Страница 168: ...de Check whether to display Bytes and Packets Clear Clicking this button clears all statistics counters on this window View Table Clicking this button instructs the Switch to display a table rather than a line graph View Line Chart Clicking this button instructs the Switch to display a line graph rather than a table UMB Cast RX Click the UMB Cast RX link in the Packets folder of the Monitoring men...

Страница 169: ...default value is 20 Unicast Counts the total number of good packets that were received by a unicast address Multicast Counts the total number of good packets that were received by a multicast address Broadcast Counts the total number of good packets that were received by a broadcast address Show Hide Check whether or not to display Multicast Broadcast and Unicast Packets Clear Clicking this button...

Страница 170: ...he Monitoring menu to view the following graph of packets transmitted from the Switch Figure 8 7 Tx Packets Analysis window line graph for Bytes and Packets To view the Transmitted TX Table click the link View Table which will show the following table Figure 8 8 Tx Packets Analysis window table for Bytes and Packets The following fields may be set or viewed ...

Страница 171: ... 20 and 200 The default value is 20 Bytes Counts the number of bytes successfully sent from the port Packets Counts the number of packets successfully sent on the port Show Hide Check whether or not to display Bytes and Packets Clear Clicking this button clears all statistics counters on this window View Table Clicking this button instructs the Switch to display a table rather than a line graph Vi...

Страница 172: ...aph or a table Four windows are offered Received RX Click the Received RX link in the Error folder of the Monitoring menu to view the following graph of error packets received on the Switch Figure 8 9 Rx Error Analysis window line graph To view the Received Error Packets Table click the link View Table which will show the following table Figure 8 10 Rx Error Analysis window table The following fie...

Страница 173: ...he number of packets less than 64 bytes with either bad framing or an invalid CRC These are normally the result of collisions Jabber The number of packets with lengths more than the MAX_PKT_LEN bytes Internally MAX_PKT_LEN is equal to 1522 Drop The number of packets that are dropped by this port since the last Switch reboot Show Hide Check whether or not to display Crc Error Under Size Over Size F...

Страница 174: ...er of times that a collision is detected later than 512 bit times into the transmission of a packet ExColl Excessive Collisions The number of packets for which transmission failed due to excessive collisions SingColl Single Collision Frames The number of successfully transmitted packets for which transmission is inhibited by more than one collision Coll An estimate of the total number of collision...

Страница 175: ... Table click the link View Table which will show the following table Figure 8 14 Rx Size Analysis window table The following fields can be set or viewed Parameter Description Time Interval Select the desired setting between 1s and 60s where s stands for seconds The default value is one second Record Number Select number of times the Switch will be polled between 20 and 200 The default value is 20 ...

Страница 176: ...aming bits but including FCS octets 512 1023 The total number of packets including bad packets received that were between 512 and 1023 octets in length inclusive excluding framing bits but including FCS octets 1024 1518 The total number of packets including bad packets received that were between 1024 and 1518 octets in length inclusive excluding framing bits but including FCS octets Show Hide Chec...

Страница 177: ... The port that the MAC address above corresponds to Learned How the Switch discovered the MAC address The possible entries are Dynamic Self and Static Next Click this button to view the next page of the address table View All Entry Clicking this button will allow the user to view all entries of the address table Delete All Entry Clicking this button will allow the user to delete all entries of the...

Страница 178: ... to the console manager Click Next to go to the next page of the Switch History Log Clicking Clear will allow the user to clear the Switch History Log The information is described as follows Parameter Description Sequence A counter incremented whenever an entry to the Switch s history log is made The table displays the last entry highest sequence number first Time Displays the time in days hours a...

Страница 179: ...ts up to 128 IGMP Snooping groups The following field can be viewed Parameter Description VLAN ID The VLAN ID VID of the multicast group Multicast Group The IP address of the multicast group MAC Address The MAC address of the multicast group Queries A read only field showing the status of the Querier State Disabled implies that the Switch is not transmitting IGMP Snooping Query packets while Enabl...

Страница 180: ...lick the IGMP Snooping Forwarding link Figure 8 18 IGMP Snooping Forwarding Table window The user may search the IGMP Snooping Forwarding Table by VID clicking the top left hand corner Search button The following field can be viewed Parameter Description VLAN ID The VLAN ID VID of the multicast group Multicast Group The IP address of the multicast group MAC Address The MAC address of the multicast...

Страница 181: ...nitoring folder and click the VLAN Status Link Figure 8 19 VLAN Status window Router Port This displays which of the Switch s ports are currently configured as router ports A router port configured by a user using the console or Web based management interfaces is displayed as a static router port designated by S D designates a router port that is dynamically configured by the Switch To view the fo...

Страница 182: ... per port basis To view the Port Access Control windows open the monitoring folder and click the Port Access Control folder There are six windows to monitor Authenticator State The following section describes the 802 1X Status on the Switch To view the Authenticator State click Monitoring Port Access Control Authenticator State Figure 8 21 Authenticator State window Port based 802 1x ...

Страница 183: ...top of the window and clicking OK The information on this window is described as follows Parameter Description Auth PAE State The Authenticator PAE State value can be Initialize Disconnected Connecting Authenticating Authenticated Aborting Held Force_Auth Force_Unauth or N A N A Not Available indicates that the port s authenticator capability is disabled Backend State The Backend Authentication St...

Страница 184: ...e Browse ARP Table The ARP Table window may be found in the Monitoring menu in the Layer 3 Feature folder This window will show current ARP entries on the Switch To search a specific ARP entry enter an interface name into the Interface Name or an IP address and click Find Figure 8 23 ARP Table window ...

Страница 185: ...s Displays the current running status of the Safeguard Engine whether engaged or in normal mode Interval Displays the time interval between the checking of the rising and falling threshold of packets entering the Switch The default setting is 5 seconds Rising Threshold Displays the set percentage of the rising threshold of packets determinant of the Safeguard Engine Falling Threshold Displays the ...

Страница 186: ...nd click the Download Firmware link Figure 9 1 Download Update Firmware from TFTP Server window The Switch can hold two firmware versions for the user which can be specified in the Type field by clicking the Update radio button and selecting the Image 1 or Image 2 To download or update firmware configure the following fields and click Start Parameter Description Server IP Enter the IP address of t...

Страница 187: ... boot up of the Switch Delete Click the X in this column to permanently delete the corresponding firmware from the Switch Download Configuration File To download a settings file from a TFTP server click on the TFTP Service folder in the Maintenance folder and then the Download Configuration File link Figure 9 2 Download Settings from TFTP Server window Enter the IP address of the TFTP server and s...

Страница 188: ...TFTP server open the TFTP Services folder in the Maintenance folder and then click the Upload Log link Figure 9 4 Upload Log to TFTP Server window Enter the IP address of the TFTP server and the path and filename for the history log on the TFTP server Click Start to record the IP address of the TFTP server and to initiate the file transfer ...

Страница 189: ...f the switch in the switch stack ID States the image ID number of the firmware in the Switch s memory The Switch can store 2 firmware images for use Image ID 1 will be the default boot up firmware for the Switch unless otherwise configured by the user Version States the firmware version Size States the size of the corresponding firmware in bytes Update Time States the specific time the firmware ve...

Страница 190: ...ove as the boot up firmware for the Switch This firmware will be set as the boot up firmware after a switch reboot has been performed The default setting has firmware image ID 1 as the boot up firmware image for the Switch unless specified here Click Apply to implement changes made Ping Test Ping is a small program that sends ICMP Echo packets to the IP address you specify The destination node the...

Страница 191: ...figuration has been saved Figure 9 9 Save Configuration Confirmation dialog box Click the OK button to continue Once the Switch configuration settings have been saved to NV RAM they become the default settings for the Switch These settings will be used every time the Switch is rebooted Reset The Reset function has several options when resetting the Switch Some of the current configuration paramete...

Страница 192: ...rameters to their factory defaults without saving these default values to the Switch s non volatile RAM If the Switch is reset with this option enabled and Save Changes is not executed the Switch will return to the last saved configuration when rebooted Figure 9 12 Reset Config window Reboot Device The following window is used to restart the Switch All of the configuration information entered from...

Страница 193: ...nly have one Commander Switch CS All switches in a particular SIM group must be in the same IP subnet broadcast domain Members of a SIM group cannot cross a router A SIM group accepts up to 32 switches numbered 0 31 including the Commander Switch numbered 0 There is no limit to the number of SIM groups in the same IP subnet broadcast domain however a single switch can only belong to one group If m...

Страница 194: ...t the xStack DES 3500 Series switches have been upgraded to version 1 6 in this release Many improvements have been made including 1 The Commander Switch CS now has the capability to automatically rediscover member switches that have left the SIM group either through a reboot or web malfunction This feature is accomplished through the use of Discover packets and Maintain packets that previously se...

Страница 195: ...r Switch This is the default setting for the SIM role of the DES 3500 Series switches Commander Choosing this parameter will make the Switch a Commander Switch CS The user may join other switches to this Switch over Ethernet to be part of its SIM group Choosing this option will also enable the Switch to be configured for SIM Discovery Interval The user may set the discovery protocol interval in se...

Страница 196: ...he user If no Device Name is configured by the name it will be given the name default and tagged with the last six digits of the MAC Address to identify it Local Port Displays the number of the physical port on the CS that the MS or CaS is connected to The CS will have no entry in this field The CS will not display an entry in this field Speed Displays the connection speed between the CS and the M...

Страница 197: ...gle IP Management Group are connected to other groups and devices Possible icons in this window are as follows Icon Description Group Layer 2 commander switch Layer 3 commander switch Commander switch of other group Layer 2 member switch Layer 3 member switch Member switch of other group Layer 2 candidate switch Layer 3 candidate switch Unknown device Non SIM devices ...

Страница 198: ...ice information Setting the mouse cursor over a specific device in the topology window tool tip will display the same information about a specific device as the Tree view does See the window below for an example Figure 10 6 Device Information Utilizing the Tool Tip Setting the mouse cursor over a line between two devices will display the connection speed between the two devices as shown below ...

Страница 199: ...perform various functions depending on the role of the Switch in the SIM group and the icon associated with it Group Icon Figure 10 8 Right Clicking a Group Icon The following options may appear for the user to configure Collapse to collapse the group that will be represented by a single icon Expand to expand the SIM group in detail Property to pop up a window to display the group information ...

Страница 200: ...er Switch Icon Figure 10 10 Right Clicking a Commander Icon The following options may appear for the user to configure Collapse to collapse the group that will be represented by a single icon Expand to expand the SIM group in detail Property to pop up a window to display the group information Figure 10 11 Property window ...

Страница 201: ... Expand to expand the SIM group in detail Remove from group remove a member from a group Configure launch the web management to configure the Switch Property to pop up a window to display the device information Figure 10 13 Property window Candidate Switch Icon Figure 10 14 Right Clicking a Candidate icon The following options may appear for the user to configure Collapse to collapse the group tha...

Страница 202: ...lay the Device Name of the switches in the SIM group configured by the user If no Device Name is configured by the name it will be given the name default and tagged with the last six digits of the MAC Address to identify it Module Name Displays the full module name of the switch that was right clicked MAC Address Displays the MAC Address of the corresponding Switch Remote Port No Displays the numb...

Страница 203: ...l the following dialog box for the user to enter a password for authentication from the Candidate Switch before being added to the SIM group Click OK to enter the password or Cancel to exit the window Figure 10 18 Input password dialog box Remove from Group remove an MS from the group Device Configure will open the web manager for the specific device View Refresh update the views with the latest s...

Страница 204: ...iles from the Commander Switch to the Member Switch Member Switches will be listed in the table and will be specified by Port port on the CS where the MS resides MAC Address Model Name and Version To specify a certain Switch for upgrading configuration files click its corresponding radio button under the Port heading To update the configuration file enter the Server IP Address where the firmware r...

Страница 205: ... 802 3 Nway auto negotiation Protocols CSMA CD Data Transfer Rates Ethernet Fast Ethernet Gigabit Ethernet Fiber Optic Half duplex Full duplex 10 Mbps 20Mbps 100Mbps 200Mbps n a 2000Mbps SFP Mini GBIC Support IEEE 802 3z 1000BASE LX DEM 310GT transceiver IEEE 802 3z 1000BASE SX DEM 311GT transceiver IEEE 802 3z 1000BASE LH DEM 314GT transceiver IEEE 802 3z 1000BASE ZX DEM 315GT transceiver Topolog...

Страница 206: ...n condensing Dimensions 441 mm 207 mm 44 mm 1U 19 inch rack mount width Weight DES 3526 2 56 kg DES 3526DC 2 5 kg DES 3550 5Kg EMI CE class A FCC Class A C Tick Safety CSA International Performance Transmission Method Store and forward Packet Buffer 16 MB per device Packet Filtering Forwarding Rate Full wire speed for all connections 1 488 095 pps per port for 1000Mbps MAC Address Learning Automat...

Страница 207: ...cable pin assignment The following diagrams and tables show the standard RJ 45 receptacle connector and their pin assignments Figure B 1 The standard RJ 45 port and connector RJ 45 Pin Assignments Contact MDI X Port MDI II Port 1 RD receive TD transmit 2 RD receive TD transmit 3 TD transmit RD receive 4 Not used Not used 5 Not used Not used 6 TD transmit RD receive 7 Not used Not used 8 Not used N...

Страница 208: ...ded successfully Firmware upgraded by console successfully Username username IP ipaddr MAC macaddr Informational by console and IP ipaddr MAC macaddr are XOR shown in log string which means if the user logs in through the console no IP or MAC address information will be included in the log Firmware upgrade was unsuccessful Firmware upgrade by console was unsuccessful Username username IP ipaddr MA...

Страница 209: ... message upload was unsuccessful Log message upload by console was unsuccessful Username username IP ipaddr MAC macaddr Warning by console and IP ipaddr MAC macaddr are XOR shown in log string which means if the user logs in through the console no IP or MAC address information will be included in the log Interface Port link up Port portNum link up link state Informational Port link state ex 100Mbp...

Страница 210: ...lnet Login failed through Telnet Username username IP ipaddr MAC macaddr Warning Logout through Telnet Logout through Telnet Username username IP ipaddr MAC macaddr Informational Telnet session timed out Telnet session timed out Username username IP ipaddr MAC macaddr Informational SNMP SNMP request received with invalid community string SNMP request received from ipAddress with invalid community ...

Страница 211: ...authenticated by AAA local method Login failed through Console authenticated by AAA local method Username username Warning Successful login through Web authenticated by AAA local method Successful login through Web from userIP authenticated by AAA local method Username username MAC macaddr Informational Login failed through Web authenticated by AAA local method Login failed through Web from userIP...

Страница 212: ...ddr Informational Successful login through Web SSL authenticated by AAA none method Successful login through Web SSL from userIP authenticated by AAA none method Username username MAC macaddr Informational Successful login through Telnet authenticated by AAA none method Successful login through Telnet from userIP authenticated by AAA none method Username username MAC macaddr Informational Successf...

Страница 213: ...L from userIP authenticated by AAA server serverIP Username username MAC macaddr Informational Login failed through Web SSL authenticated by AAA server Login failed through Web SSL from userIP authenticated by AAA server serverIP Username username MAC macaddr Warning Login failed through Web SSL due to AAA server timeout or improper configuration Login failed through Web SSL from userIP due to AAA...

Страница 214: ...thenticated by AAA local_enable method Successful Enable Admin through Console authenticated by AAA local_enable method Username username Informational Enable Admin failed through Console authenticated by AAA local_enable method Enable Admin failed through Console authenticated by AAA local_enable method Username username Warning Successful Enable Admin through Web authenticated by AAA local_enabl...

Страница 215: ...e Admin through SSH authenticated by AAA local_enable method Successful Enable Admin through SSH from userIP authenticated by AAA local_enable method Username username MAC macaddr Informational Enable Admin failed through SSH authenticated by AAA local_enable method Enable Admin failed through Telnet or Web or SSH from userIP authenticated by AAA local_enable method Username username MAC macaddr W...

Страница 216: ...server serverIP Username username Warning Enable Admin failed through Console due to AAA server timeout or improper configuration Enable Admin failed through Console due to AAA server timeout or improper configuration Username username Warning Successful Enable Admin through Web authenticated by AAA server Successful Enable Admin through Web from userIP authenticated by AAA server serverIP Usernam...

Страница 217: ... Telnet from userIP authenticated by AAA server serverIP Username username MAC macaddr Warning Enable Admin failed through Telnet due to AAA server timeout or improper configuration Enable Admin failed through Telnet from userIP due to AAA server timeout or improper configuration Username username MAC macaddr Warning Successful Enable Admin through SSH authenticated by AAA server Successful Enable...

Страница 218: ...portNum Warning Safeguard Engine Safeguard Engine is in normal mode SafeGuard Engine enters NORMAL mode Informational Safeguard Engine is in filtering packet mode Safeguard Engine enters EXHAUSTED mode Warning Packet Storm Broadcast storm occurence Broadcast storm is occurring port id Warning Broadcast storm has cleared Broadcast storm has cleared port id Informational Multicast storm occurence Mu...

Страница 219: ...ths Standard Media Type Maximum Distance Mini GBIC 1000BASE LX Single mode fiber module 1000BASE SX Multi mode fiber module 1000BASE LHX Single mode fiber module 1000BASE ZX Single mode fiber module 10km 550m 40km 80km 1000BASE T Category 5e UTP Cable Category 5 UTP Cable 1000 Mbps 100m 100BASE TX Category 5 UTP Cable 100 Mbps 100m 10BASE T Category 3 UTP Cable 10 Mbps 100m ...

Страница 220: ...ure console port The port on the Switch accepting a terminal or modem connector It changes the parallel arrangement of data within computers to the serial form used on data transmission links This port is most often used for dedicated local management CSMA CD Channel access method used by Ethernet and IEEE 802 3 standards in which devices transmit only after finding the data channel clear for some...

Страница 221: ...sed to manage many aspects of network and end station operation Spanning Tree Protocol STP A bridge based system for providing fault tolerance on networks STP works by allowing you to implement parallel paths for network traffic and ensure that redundant paths are disabled when the main paths are operational and enabled if the main paths fail stack A group of network devices that are integrated to...

Страница 222: ...estic environment this product may cause radio interference in which case the user may be required to take adequate measures Warnung Dies ist ein Produkt der Klasse A Im Wohnbereich kann dieses Produkt Funkstoerungen verursachen In diesem Fall kann vom Benutzer verlangt werden angemessene Massnahmen zu ergreifen Precaución Este es un producto de Clase A En un entorno doméstico puede causar interfe...

Страница 223: ...aced by D Link or for which the purchase price is refunded shall become the property of D Link upon replacement or refund Limited Software Warranty D Link warrants that the software portion of the product Software will substantially conform to D Link s then current functional specifications for the Software as set forth in the applicable documentation from the date of original delivery of the Soft...

Страница 224: ...es provided by anyone other than D Link Disclaimer of Other Warranties EXCEPT FOR THE LIMITED WARRANTY SPECIFIED HEREIN THE PRODUCT IS PROVIDED AS IS WITHOUT ANY WARRANTY OF ANY KIND INCLUDING WITHOUT LIMITATION ANY WARRANTY OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT IF ANY IMPLIED WARRANTY CANNOT BE DISCLAIMED IN ANY TERRITORY WHERE A PRODUCT IS SOLD THE DURATION OF ...

Страница 225: ... for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with this manual may cause harmful interfe rence to radio communications ...

Страница 226: ...pired and the product is within warranty the customer shall submit a claim to D Link as outlined below The customer must submit with the product as part of the claim a written description of the Hardware defect or Software nonconformance in sufficient detail to allow D Link to confirm the same along with proof of purchase of the product such as a copy of the dated purchase invoice for the product ...

Страница 227: ...of 1976 and any amendments thereto Contents are subject to change without prior notice Copyright 2004 by D Link Corporation D Link Systems Inc All rights reserved CE Mark Warning This is a Class A product In a residential environment this product may cause radio interference in which case the user may be required to take adequate measures FCC Statement This equipment has been tested and found to c...

Страница 228: ...Registration Register online your D Link product at http support dlink com register Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights ...

Страница 229: ...ifetime hardware warranty Warranty beneficiary The warranty beneficiary is the original end user The original end user is defined as the person that purchases the product as the first owner Duration of Limited Lifetime Warranty As long as the original end user continues to own or use the product with the following conditions fan and power supplies are limited to a five 5 year warranty only in the ...

Страница 230: ... or by other circumstances of which D Link is not responsible Disclaimer of warranty Please note some countries do not allow the disclaimer of implied terms in contracts with consumers and the disclaimer below may not apply to you To the extend allowed by local law the above warranties are exclusive and no other warranty condition or other term whether written or oral is expressed or implied D Lin...

Страница 231: ...00 766 868 Monday to Friday 8 00am to 8 00pm EST Saturday 9 00am to 1 00pm EST D Link Technical Support over the Internet http www dlink com au email support dlink com au Tech Support for customers within New Zealand D Link Technical Support over the Telephone 0800 900 900 Monday to Friday 8 30am to 8 30pm Saturday 9 00am to 5 00pm D Link Technical Support over the Internet http www dlink co nz ...

Страница 232: ...bsite Tech Support for customers within South Eastern Asia and Korea D Link South Eastern Asia and Korea Technical Support over the Telephone 65 6895 5355 Monday to Friday 9 00am to 12 30pm 2 00pm 6 00pm Singapore Time D Link Technical Support over the Internet email support dlink com sg ...

Страница 233: ...ech Support for customers within India D Link Technical Support over the Telephone 91 22 26526741 91 22 26526696 ext 161 to 167 Monday to Friday 9 30AM to 7 00PM D Link Technical Support over the Internet http ww dlink co in http www dlink co in dlink drivers support asp ftp support dlink co in ...

Страница 234: ...t for customers for the duration of the warranty period on this product Customers can contact D Link technical support through our web site or by phone Tech Support for customers within the Russia D Link Technical Support over the Telephone 095 744 00 99 Monday to Friday 10 00am to 6 30pm D Link Technical Support over the Internet ...

Страница 235: ...srael D Link Technical Support over the Telephone 972 971 5701 Sunday to Thursday 9 00am to 5 00pm D Link Technical Support over the Internet http www dlink co il forum e mail support dlink co il Tech Support for customers within Turkey D Link Technical Support over the Telephone 90 212 289 56 59 Monday to Friday 9 00am to 6 00pm D Link Technical Support over the Internet http www dlink com tr e m...

Страница 236: ...stomers within South Africa and Sub Sahara Region D Link South Africa and Sub Sahara Technical Support over the Telephone 27 12 665 2165 08600 DLINK For South Africa only Monday to Friday 8 30am to 9 00pm South Africa Time D Link Technical Support over the Internet http www d link co za email support d link co za ...

Страница 237: ...777 711 Monday to Friday 07 00am to 20 00pm El Salvador 800 6137 Monday to Friday 06 00am to 19 00pm Guatemala 1800 300 0017 Monday to Friday 06 00am to 19 00pm Panama 0800 560 0193 Monday to Friday 07 00am to 20 00pm Peru 0800 52049 Monday to Friday 07 00am to 20 00pm Venezuela 0800 100 3470 Monday to Friday 08 00am to 21 00pm D Link Technical Support over the Internet www dlinkla com www dlinkla...

Страница 238: ...Link D Link предоставляет бесплатную поддержку для клиентов в течение гарантийного срока Клиенты могут обратиться в группу технической поддержки D Link по телефону или через Интернет Техническая поддержка D Link 095 744 00 99 Техническая поддержка через Интернет http www dlink ru email support dlink ru ...

Страница 239: ...Lunes a Viernes 09 00 am a 22 00 pm Soporte Técnico Help Desk Chile Teléfono 800 214422 Lunes a Viernes 08 00 am a 21 00 pm Soporte Técnico Help Desk Colombia Teléfono 01800 7001588 Lunes a Viernes 07 00 am a 20 00 pm Soporte Técnico Help Desk Ecuador Teléfono 1800 777 711 Lunes a Viernes 07 00 am a 20 00 pm Soporte Técnico Help Desk El Salvador Teléfono 800 6137 Lunes a Viernes 06 00 am a 19 00 p...

Страница 240: ...kbrasil com br A D Link fornece suporte técnico gratuito para clientes no Brasil durante o período de vigência da garantia deste produto Suporte Técnico para clientes no Brasil Telefone São Paulo 11 2185 9301 Segunda à sexta Das 8h30 às 18h30 Demais Regiões do Brasil 0800 70 14 104 E mail email suporte dlinkbrasil com br ...

Страница 241: ......

Страница 242: ...support through our website or by phone Tech Support for customers within the United States D Link Technical Support over the Telephone 888 843 6100 Hours of Operation 8 00AM to 6 00PM PST D Link Technical Support over the Internet http support dlink com email support dlink com Tech Support for customers within Canada D Link Technical Support over the Telephone 800 361 5265 Monday to Friday 7 30am...

Страница 243: ...UK Ireland Technical Support over the Telephone 08456 12 0003 United Kingdom 44 8456 12 0003 Ireland Lines Open 8 00am 10 00pm Mon Fri 10 00am 7 00pm Sat Sun D Link UK Ireland Technical Support over the Internet http www dlink co uk ftp ftp dlink co uk For Customers within Canada D Link Canada Technical Support over the Telephone 1 800 361 5265 Canada Monday to Friday 7 30 am to 3 00 am ET Saturda...

Страница 244: ...upport dlink de Telefon 49 1805 2787 0 12 Min aus dem Festnetz der Deutschen Telekom Telefonische technische Unterstützung erhalten Sie Montags bis Freitags von 09 00 bis 17 30 Uhr Unterstützung erhalten Sie auch bei der Premiumhotline für D Link Produkte unter der Rufnummer 09001 475767 Montag bis Freitag von 6 22 Uhr und am Wochenende von 11 18 Uhr 1 75 Min aus dem Festnetz der Deutschen Telekom...

Страница 245: ...ort technique destiné aux clients établis en France Assistance technique D Link par téléphone 0 820 0803 03 Assistance technique D Link sur internet http www dlink fr e mail support dlink fr Support technique destiné aux clients établis au Canada Assistance technique D Link par téléphone 800 361 5265 Lun Ven 7h30 à 21h00 HNE Assistance technique D Link sur internet http support dlink ca e mail sup...

Страница 246: ...ante el periodo de garantía del producto Los clientes españoles pueden ponerse en contacto con la asistencia técnica de D Link a través de nuestro sitio web o por teléfono Asistencia Técnica de D Link por teléfono 902 304545 de lunes a viernes desde las 9 00 hasta las14 00 y de las 15 00 hasta las 18 00 Asistencia Técnica de D Link a través de Internet http www dlink es email soporte dlink es ...

Страница 247: ...ito D Link Supporto tecnico per i clienti residenti in Italia D Link Mediterraneo S r L Via N Bonnet 6 B 20154 Milano Supporto Tecnico dal lunedì al venerdì dalle ore 9 00 alle ore 19 00 con orario continuato Telefono 02 39607160 URL http www dlink it supporto html Email tech dlink it ...

Страница 248: ...lands D Link Technical Support over the Telephone 0900 501 2007 Monday to Friday 8 00 am to 10 00 pm D Link Technical Support over the Internet www dlink nl Tech Support for customers within Belgium D Link Technical Support over the Telephone 32 0 2 717 3248 Monday to Friday 8 00 am to 10 00 pm D Link Technical Support over the Internet www dlink be Tech Support for customers within Luxemburg D Li...

Страница 249: ...ą pomoc techniczną klientom w Polsce w okresie gwarancyjnym produktu Klienci z Polski mogą się kontaktować z działem pomocy technicznej firmy D Link za pośrednictwem Internetu lub telefonicznie Telefoniczna pomoc techniczna firmy D Link 48 12 2 999 333 Pomoc techniczna firmy D Link świadczona przez Internet URL http www dlink pl e mail dlink fixit pl ...

Страница 250: ...irmy D Link D Link poskytuje svým zákazníkům bezplatnou technickou podporu Zákazníci mohou kontaktovat oddělení technické podpory přes webové stránky mailem nebo telefonicky Web http www dlink cz suppport E mail info dlink cz Telefon 0224247500 Telefonická podpora je v provozu PO PÁ od 08 00 do 17 00 ...

Страница 251: ...t munkanapokon hétfőtől csütörtökig 9 00 16 00 óráig és pénteken 9 00 14 00 óráig kérhet a 1 461 3001 telefonszámon vagy a support dlink hu emailcímen Magyarországi technikai támogatás D Link Magyarország 1074 Budapest Alsóerdősor u 6 R70 Irodaház 1 em Tel 06 1 461 3001 Fax 06 1 461 3004 email support dlink hu URL http www dlink hu ...

Страница 252: ...sider D Link tilbyr sine kunder gratis teknisk support under produktets garantitid Kunder kan kontakte D Links teknisk support via våre hjemmesider eller på tlf Teknisk Support D Link Teknisk telefon Support 800 10 610 Hverdager 08 00 20 00 D Link Teknisk Support over Internett http www dlink no ...

Страница 253: ...yder gratis teknisk support til kunder i Danmark i hele produktets garantiperiode Danske kunder kan kontakte D Link s tekniske support via vores hjemmeside eller telefonisk D Link teknisk support over telefonen Tlf 7026 9040 Åbningstider kl 08 00 20 00 D Link teknisk support på Internettet http www dlink dk ...

Страница 254: ...ndarinformation D Link tillhandahåller teknisk support till kunder i Sverige under hela garantitiden för denna produkt Teknisk Support för kunder i Sverige D Link Teknisk Support via telefon 0770 33 00 35 Vardagar 08 00 20 00 D Link Teknisk Support via Internet http www dlink se email support dlink se ...

Страница 255: ...a teknistä tukea asiakkailleen Tuotteen takuun voimassaoloajan Tekninen tuki palvelee seuraavasti Arkisin klo 9 21 numerosta 0800 114 677 Internetin kautta Ajurit ja lisätietoja tuotteista http www dlink fi Sähköpostin kautta voit myös tehdä kyselyitä ...

Страница 256: ... annan användarinformation D Link tillhandahåller teknisk support till kunder i Sverige under hela garantitiden för denna produkt Teknisk Support för kunder i Sverige D Link Teknisk Support via telefon 0770 33 00 35 Vardagar 08 00 20 00 D Link Teknisk Support via Internet http www dlink se ...

Страница 257: ...Ver 1 00 ...

Страница 258: ... 1800 FAX 61 2 8899 1868 URL www dlink com au India D Link House Kurla Bandra Complex Road Off CST Road Santacruz East Mumbai 400098 India TEL 91 022 26526696 56902210 FAX 91 022 26528914 URL www dlink co in Middle East Dubai P O Box 500376 Office No 103 Building 3 Dubai Internet City Dubai United Arab Emirates Tel 971 4 3916480 Fax 971 4 3908881 URL www dlink me com Turkey Maslak Ayazaga Yolu No ...

Страница 259: ...________________________________________________________ Answers to the following questions help us to support your product 1 Where and how will the product primarily be used Home Office Travel Company Business Home Business Personal Use 2 How many employees work at installation site 1 employee 2 9 10 49 50 99 100 499 500 999 1000 or more 3 What network protocol s does your organization use XNS IP...

Страница 260: ......

Отзывы: