D-Link xStack DGS-3324SRi Скачать руководство пользователя страница 61 | Manualshive

Страница: 61 / 208

background image

D-Link DGS-3324SRi Intelligent Stackable Gigabit Ethernet Switch

46

Ingress Filtering

A port on a switch where packets are flowing into the switch and VLAN decisions must be made is referred to as
an

ingress port

. If ingress filtering is enabled for a port, the Switch will examine the VLAN information in the

packet header (if present) and decide whether or not to forward the packet.

If the packet is tagged with VLAN information, the ingress port will first determine if the ingress port itself is a
member of the tagged VLAN. If it is not, the packet will be dropped. If the ingress port is a member of the
802.1Q VLAN, the switch then determines if the destination port is a member of the 802.1Q VLAN. If it is not,
the packet is dropped. If the destination port is a member of the 802.1Q VLAN, the packet is forwarded and the
destination port transmits it to its attached network segment.

If the packet is not tagged with VLAN information, the ingress port will tag the packet with its own PVID as a
VID (if the port is a tagging port). The switch then determines if the destination port is a member of the same
VLAN (has the same VID) as the ingress port. If it does not, the packet is dropped. If it has the same VID, the
packet is forwarded and the destination port transmits it on its attached network segment.

This process is referred to as

ingress filtering

and is used to conserve bandwidth within the switch by dropping

packets that are not on the same VLAN as the ingress port at the point of reception

.

This eliminates the

subsequent processing of packets that will just be dropped by the destination port.

Default VLANs

The Switch initially configures one VLAN, VID = 1, called “default.” The factory default setting assigns all
ports on the Switch to the “default” VLAN. As new VLANs are configured in Port-based mode, their respective
member ports are removed from the “default” VLAN.

Packets cannot cross VLANs. If a member of one VLAN wants to connect to another VLAN, the link must be
through an external router.

Note

: If no VLANs are configured on the Switch, then all packets will be

forwarded to any destination port. Packets with unknown source
addresses will be flooded to all ports. Broadcast and multicast packets will
also be flooded to all ports.

An example is presented below:

VLAN Name

VID

Switch Ports

System (default)

1

5, 6, 7, 8, 21, 22, 23, 24

Engineering

2

9, 10, 11, 12

Marketing

3

13, 14, 15, 16

Finance

4

17, 18, 19, 20

Sales

5

1, 2, 3, 4

Table 4- 1. VLAN Example – Assigned Ports

Port-based VLANs

Port-based VLANs limit traffic that flows into and out of switch ports. Thus, all devices connected to a port are
members of the VLAN(s) the port belongs to, whether there is a single computer directly connected to a switch,
or an entire department.

«
...
59
60
61
62
63
...
»

Содержание xStack DGS-3324SRi

Страница 1: ...D Link DGS 3324SRi High Density Layer 3 Stackable Intelligent Gigabit Ethernet Switch User s Guide ...

Страница 2: ...oration is strictly forbidden Trademarks used in this text D Link the D LINK logo are trademarks of D Link Computer Corporation Microsoft and Windows are registered trademarks of Microsoft Corporation Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products D Link Computer Corporation disclaims any proprietary inte...

Страница 3: ... Connector 3 Management Options 3 Web based Management Interface 3 Command Line Console Interface Through the Serial Port or Telnet 3 SNMP Based Management 3 Installation 2 Package Contents 2 Switch Installation 3 Installing the Switch Without the Rack 3 Installing the Switch in a Rack 3 Connecting Stacked Switch Groups 4 Configuring a Switch Group for Stacking 5 Gigabit Combo Ports 5 External Red...

Страница 4: ... Unavailable 23 Configuring Ports 24 Configuring Port Mirroring 26 Configuring Link Aggregation 27 Understanding Port Trunk Groups 27 LACP Port Setting 30 Configuring IGMP Snooping 31 IGMP Snooping 31 Static Router Ports 33 Configuring The Spanning Tree 34 802 1w Rapid Spanning Tree 34 Port Transition States 35 802 1d 802 1w Compatibility 35 STP Switch Settings 35 STP Port Settings 37 Configuring ...

Страница 5: ...g Mechanism Table 56 QoS Output Scheduling 56 802 1p Default Priority 57 802 1p User Priority 58 Configuring Traffic Segmentation 59 The System Log Server 61 Configuring SNTP Settings 63 Time Settings 63 Time Zone and DST 64 Configuring The Access Profile Table 66 Configuring The Port Access Entity 74 802 1X Port based Network Access Control 74 Configure Authenticator 76 Configuring Local Users 79...

Страница 6: ...Settings 113 Area Aggregation Configuration 115 OSPF Host Route Settings 116 BOOTP DHCP Relay 117 BOOT DHCP Relay Information 117 BOOTP DHCP Relay Settings 117 DNS Relay 118 Configuring DNS Relay Information 119 DNS Relay Static Settings 119 IP Multicast Routing Protocol 120 IGMP Interface Configuration 120 DVMRP Interface Configuration 122 PIM_DM Interface Configuration 123 Managing SNMP 126 SNMP...

Страница 7: ...nticator Diagnostics 158 Radius Authentication 161 Radius Accounting 162 Layer 3 Features 164 Browse IP Address 164 Browse Routing Table 164 Browse ARP Table 165 Browse IP Multicast Forwarding Table 166 Browse IGMP Group Table 167 OSPF Monitoring 167 OSPF LSDB Table 167 OSPF Neighbor Table 168 OSPF Virtual Neighbor 169 DVMRP Monitoring 169 DVMRP Routing Table 170 DVMRP Neighbor Address Table 170 D...

Страница 8: ...CompactFlash Services 173 Download Firmware From CF 174 Download Configuration From CF 175 Upload Firmware to CF 175 Upload Config to CF 176 Upload Log to CF 177 Ping Test 177 Save Changes 178 Reset 178 Reboot Device 179 Logout 180 Technical Specifications 181 Glossary 183 ...

Страница 9: ...mes program names and commands For example use the copy command Boldface Typewriter Font Indicates commands and responses to prompts that must be typed exactly as printed in the manual Initial capital letter Indicates a window name Names of keys on the keyboard have initial capitals For example Click Enter Italics Indicates a window name or a field Also can indicate a variables or parameter that i...

Страница 10: ...not operate correctly when you follow the operating instructions Keep your system away from radiators and heat sources Also do not block cooling vents Do not spill food or liquids on your system components and never operate the product in a wet environment If the system gets wet see the appropriate section in your troubleshooting guide or contact your trained service provider Do not push any objec...

Страница 11: ...ur power company for site modifications Always follow your local national wiring rules When connecting or disconnecting power to hot pluggable power supplies if offered with your system observe the following guidelines Install the power supply before connecting the power cable to the power supply Unplug the power cable before removing the power supply If the system has multiple sources of power di...

Страница 12: ... following steps to prevent damage from electrostatic discharge ESD 1 When unpacking a static sensitive component from its shipping carton do not remove the component from the antistatic packing material until you are ready to install the component in your system Just before unwrapping the antistatic packaging be sure to discharge static electricity from your body 2 When transporting a sensitive c...

Страница 13: ...guration for up to 6 additional DGS 3324SR switches 1 DGS 3324SRi 88 Gbps switching fabric capacity Supports 802 1D STP and 802 1w Rapid Spanning Tree for redundant back up bridge paths Supports 802 1Q VLAN IGMP snooping 802 1p Priority Queues port trunking port mirroring Multi layer Access Control based on MAC address IP address VLAN Protocol 802 1p DSCP Supports Layer 3 functions including multi...

Страница 14: ...ately 2 seconds after the Switch is powered on to indicate the ready state of the device Master Lights steady green when the Switch is configured as the Master switch in a stack Console This indicator on the front panel should be lit during the Power On Self Test POST Lights green when the Switch is being managed via out of band local console management through the RS 232 console port using a stra...

Страница 15: ...hically using a web browser such as Netscape Navigator version 6 2 and higher or Microsoft Internet Explorer version 5 0 NOTE To access the Switch through a web browser the computer running the web browser must have IP based network access to the Switch Command Line Console Interface Through the Serial Port or Telnet You can also connect a computer or terminal to the serial console port or use Tel...

Страница 16: ...ocessing for SNMP RFC2573 SNMP Applications RFC2574 USM for SNMP RFC2575 VACM for SNMP RFC2576 Coexistence between SNMPs RFC2618 Radius Auth Client MIB RFC2620 Radius Acc Client MIB RFC2932 IPv4 Multicast Routing RFC2933 IGMP RFC2934 PIM DVMRP MIB D Link Enterprise MIB 802 1p RFC2674 IEEE8021 PAE MIB RSTP MIB ...

Страница 17: ...ord One PCMCIA CompactFlash memory card This User s Guide with Registration Card CLI Reference CD ROM with User s Guide and CLI Reference Manuals Before You Connect to the Network NOTICE Do not connect the Switch to the network until you have established the correct IP settings Before you connect to the network you must install the Switch on a flat surface or in a rack set up a terminal emulation ...

Страница 18: ...6 inches at the back for the power cable 3 Attach the rubber feet on the marked locations on the bottom of the chassis 4 The rubber feet although optional are recommended to keep the unit from slipping Figure 2 1 Install rubber feet for installations with or without a rack Installing the Switch in a Rack You can install the Switch in most standard 19 inch 48 3 cm racks Refer to the illustrations b...

Страница 19: ...0 Gigabit stacking ports at the rear of the Switch Users can add units to reach a maximum 168 GbE ports per Star stack Switches are stacked together through a high speed stack cables that provide high speed of multiple Gigabit connections allowing the entire stack to perform as a single IP entity User can see the number of switches stacked together from the SIO LEDs on the front panel of the Switc...

Страница 20: ...h for a switch stacking group Once DGS 3324SR switches have been added to the Switch the DGS 3324SRi automatically becomes the master switch of the stack and no configuration is necessary Gigabit Combo Ports In addition to the 24 10 100 1000 Mbps ports the Switch features eight Mini GBIC Combo ports These eight ports are 10 100 1000BASE T copper ports built in and Mini GBIC ports optional Please n...

Страница 21: ...324SRi Intelligent Stackable Gigabit Ethernet Switch 6 External Redundant Power System The Switch supports an external redundant power system Figure 2 5 DPS 900 with DGS 3324SRi Figure 2 6 DPS 800 with DGS 3324SRi ...

Страница 22: ...r Properties select VT100 for Emulation mode 7 Select Terminal keys for Function Arrow and Ctrl keys Ensure that you select Terminal keys not Windows keys NOTICE When you use HyperTerminal with the Microsoft Windows 2000 operating system ensure that you have Windows 2000 Service Pack 2 or later installed Windows 2000 Service Pack 2 allows you to use arrow keys in HyperTerminal s VT100 emulation Se...

Страница 23: ...be asked to provide a password Type the password used for the administrator account being created and press the Enter key 3 You will be prompted to enter the same password again to verify it Type the same password and press the Enter key 4 Successful creation of the new administrator account will be verified by a Success message User names and passwords can be up to 15 characters in length The sam...

Страница 24: ...ess that is separated into two parts The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers The second part describes what each user on that list can do as an SNMP manager The Switch allows groups of users to be listed and configured with a shared set of privileges The SNMP version may also be set for a listed group of SNMP managers Thus you may...

Страница 25: ...s follows 1 Starting at the command line prompt enter the commands config ipif System ipaddress xxx xxx xxx xxx yyy yyy yyy yyy Where the x s represent the IP address to be assigned to the IP interface named System and the y s represent the corresponding subnet mask 2 Alternatively you can enter config ipif System ipaddress xxx xxx xxx xxx z Where the x s represent the IP address to be assigned to...

Страница 26: ...rt the SFP transceiver sold separately into the SFP transceiver slot 3 Use the appropriate network cabling to connect a device to the connectors on the SFP transceiver NOTICE When the SFP transceiver acquires a link the associated integrated 10 100 1000BASE T port is disabled ...

Страница 27: ... the Console program and Telnet are different ways to access the same internal switching software and configure it Thus all settings encountered in web based management are the same as those found in the console program Login to Web Manager To begin managing your Switch simply run the browser you have installed on your computer and point it to the IP address you have defined for the device The URL...

Страница 28: ...able in the web based manager are explained below Web based User Interface The user interface provides access to various switch configuration and management screens allows you to view performance statistics and permits you to graphically monitor the system status Areas of the User Interface The figure below shows the user interface The user interface is divided into 3 distinct areas as described i...

Страница 29: ...ion bandwidth control link aggregation port mirroring VLANs configuration Spanning Tree Protocol setup forwarding filtering configuration Quality of Service broadcast multicast storm controls Traffic Control IGMP snooping static router ports setup SysLog server setup port security SNTP settings and the access profile table This also contains the Advanced Settings menu which is used to configure mi...

Страница 30: ...d to obtain the Switch s MAC address for entry into another network device s address table if necessary You may assign a System Name System Location and System Contact If any changes or additions are made click Apply Switch IP Settings Switch IP settings may initially be set using the console interface prior to connecting to it through the Ethernet If the Switch IP address has not yet been changed...

Страница 31: ...ected to the management station that will access the Switch The Switch will allow management access from stations with the same VLAN Name listed here To use the BOOTP or DHCP protocols to assign the Switch an IP address subnet mask and default gateway address Use the Get IP From Manual pull down menu to choose from BOOTP or DHCP This selects how the Switch will be assigned an IP address on the nex...

Страница 32: ... the Security IP Management table by default so any management station that can connect to the Switch can access the Switch until either a management VLAN is specified or Management Station IP Addresses are assigned Setting the Switch s IP Address using the Console Interface Each Switch must be assigned its own IP Address which is used for communication with an SNMP network manager or other TCP IP...

Страница 33: ...ting type in the IP address and click on the Apply button User Accounts Management Use the User Accounts Management to control user privileges To view existing User Accounts open the Security Management folder and click on the User Accounts link This will open the User Account Management page as shown below Figure 3 7 User Accounts Management Table To add a new user click on the Add button To modi...

Страница 34: ...t Management menu appears Admin and User Privileges There are two levels of user privileges Admin and User Some menu selections available to users with Admin privileges may not be available to those with User privileges The following table summarizes the Admin and User privileges Management Admin User Configuration Yes Read Only Network Monitoring Yes Read Only Community Strings and Trap Stations ...

Страница 35: ...e versions and other optional information You can also enter or change a System Name System Location and the name and telephone number of the responsible administrator in the System Contact It is recommended that the person responsible for the maintenance of the network system be listed here Click on the Apply button to make the changes effective To view this information using Telnet use CLI comma...

Страница 36: ...erial Port Baud Rate Fixed at 115200 MAC Address Aging Time This field specifies the length of time a learned MAC Address will remain in the forwarding table without being accessed that is how long a learned MAC Address is allowed to remain idle The default age out time for the Switch is 300 seconds To change this type in a different value representing the MAC address age out time in seconds The A...

Страница 37: ... this by selecting Disabled you will lose the ability to configure the system through the web interface as soon as these settings are applied RMON Status Remote monitoring RMON of the Switch is Enabled or Disabled here Link Aggregation Algorithm The algorithm that the Switch uses to balance the load across the ports that make up the port trunk group is defined by this definition Choose Source Addr...

Страница 38: ...Configuring The Port Access Entity Configuring Layer 3 IP Networking Configuring Box Information Currently Unavailable The Box Information Configuration screen can be found in the Configuration folder under the heading Box Information This window is used to configure the Master switch of a switch stack The Master switch is the switch that will be used to configure the software applications regardi...

Страница 39: ...screen may be found in the Monitoring folder under Stack Information in Section 6 of this User Guide NOTE At the time of release of this version of the DGS 3324SRi this function has been rendered inoperable due to the fact that the DGS 3324SRi switch of a switch stack will always be the master switch Future firmware releases of the DGS 3324SRi will have the capability to configure this function Co...

Страница 40: ...5 Figure 4 2 Port Configuration menu To configure switch ports 1 Choose the Unit from the pull down menu 2 Choose the port or sequential range of ports using the From To port pull down menus Use the remaining pull down menus to configure the parameters described below ...

Страница 41: ...f duplex ports use backpressure flow control and Auto ports use an automatic selection of the two The default is Disabled Learning Enable or disable MAC address learning for the selected ports When Enabled destination and source MAC addresses are automatically listed in the forwarding table When learning is Disabled MAC addresses must be manually entered into the forwarding table This is sometimes...

Страница 42: ... than the port to which you are sending the copies Also the target port for the mirroring cannot be a member of a trunk group Please note a target port and a source port cannot be the same port Configuring Link Aggregation Understanding Port Trunk Groups Port trunk groups are used to combine a number of ports together to make a single high bandwidth data pipeline The DGS 3324SRi supports up to 32 ...

Страница 43: ... aggregation group including the VLAN configuration Load balancing is automatically applied to the ports in the aggregated group and a link failure within the group causes the network traffic to be directed to the remaining links in the group The Spanning Tree Protocol will treat a link aggregation group as a single link on the switch level On the port level the STP will use the port parameters of...

Страница 44: ...is is useful for diagnostics to quickly isolate a bandwidth intensive network device or to have an absolute backup aggregation group that is not under automatic control Master Port Choose the Master port for the trunk group using the two available pull down menus The first pull down menu is for a switch in the switch stack while the other is for the port of the previously entered switch Unit Choos...

Страница 45: ...assive in processing and sending LACP control frames Figure 4 7 LACP Port Setting window The user may set the following parameters Parameter Description Unit Choose the number representing the Switch in the stack for which you would like to change the LACP Port mode From To A consecutive group of ports may be configured starting with the selected port Mode Active Active LACP ports are capable of p...

Страница 46: ... the Switch to recognize IGMP queries and reports sent between network stations or devices and an IGMP host When enabled for IGMP snooping the Switch can open or close a port to a specific device based on IGMP messages passing through the Switch In order to use IGMP Snooping it must first be enabled for the entire Switch see Advanced Settings You may then fine tune the settings for each VLAN using...

Страница 47: ...n seconds between transmitting IGMP queries Entries between 1 and 9 999 seconds are allowed Default 125 Max Response Time This determines the maximum amount of time in seconds allowed before sending an IGMP response report The Max Response Time field allows an entry between 1 and 25 seconds Default 10 Robustness Variable Adjust this variable according to expected packet loss If packet loss on the ...

Страница 48: ...tablishing a router port will allow multicast packets coming from the router to be propagated through the network as well as allowing multicast messages IGMP coming from the network to be propagated to the router A router port has the following behavior All IGMP Report packets will be forwarded to the router port IGMP queries from the router port will be flooded to all ports All UDP multicast pack...

Страница 49: ...w RSTP has been recently introduced to D Link managed Ethernet switches a brief introduction to the technology is provided below followed by a description of how to set up 802 1 d STP and 802 1w RSTP 802 1w Rapid Spanning Tree The Switch implements two versions of the Spanning Tree Protocol the Rapid Spanning Tree Protocol RSTP as defined by the IEE 802 1w specification and a version compatible wi...

Страница 50: ...figurations RSTP compliant bridges are sensitive to feedback from other RSTP compliant bridge links Ports do not need to wait for the topology to stabilize before transitioning to a forwarding state In order to allow this rapid transition the protocol introduces two new variables the edge port and the point to point P2P port Edge Port The edge port is a configurable designation used for a port tha...

Страница 51: ...Switch Bridge Max Age 6 40 sec 20 The Max Age can be set from 6 to 40 seconds At the end of the Max Age if a BPDU has still not been received from the Root Bridge your Switch will start sending its own BPDU to all other switches for permission to become the Root Bridge If it turns out that your switch has the lowest Bridge Identifier it will become the Root Bridge Bridge Hello Time 1 10 sec 2 The ...

Страница 52: ...fault or STP Compatibility Both versions use STP parameters in the same way RSTP is fully compatible with IEEE 802 1d STP and will function with legacy equipment Tx Hold Count 3 This is the maximum number of Hello packets transmitted per interval The count can be specified from 1 to 10 Default value 3 Forwarding BPDU Enabled This field can be enabled or disabled When it is Enabled it allows the fo...

Страница 53: ...ost An STP Group spanning tree works in the same way as the switch level spanning tree but the root bridge concept is replaced with a root port concept A root port is a port of the group that is elected on the basis of port priority and port cost to be the connection to the network for the group Redundant links will be blocked just as redundant links are blocked on the switch level The STP on the ...

Страница 54: ...t realized on a port where an 802 1d network connects to an 802 1w enabled network Migration should be enabled yes on ports connected to network stations or segments that will be upgraded to 802 1w RSTP on all or some portion of the segment Edge No Select Yes or No Choosing Yes designates the port as an edge port Edge ports cannot create loops however an edge port can lose edge port status if a to...

Страница 55: ...f the module on which the above MAC address resides Port Allows the selection of the port number on which the MAC address entered above resides Static Multicast Forwarding The following figure and table describe how to set up Multicast forwarding on the Switch Open the Forwarding Filtering folder and click on the Multicast Forwarding link to see the entry screen below Figure 4 15 Setup Static Mult...

Страница 56: ...2 1p standard have the ability to recognize the priority level of data packets These devices can also assign a priority label or tag to packets Compliant devices can also strip priority tags from packets This priority tag determines the packet s degree of expeditiousness and determines the queue to which it will be assigned Priority tags are given values from 0 to 7 with 0 being assigned to the lo...

Страница 57: ...oadcast domain because broadcast packets are forwarded to only members of the VLAN on which the broadcast was initiated Notes About VLANs on the DGS 3324SRi No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership packets cannot cross VLANs without a network device performing a routing function between the VLANs The DGS 3324SRi supports IEEE 802 1Q VLANs a...

Страница 58: ...e enabled on all ports and work normally The IEEE 802 1Q standard restricts the forwarding of untagged packets to the VLAN the receiving port is a member of The main characteristics of IEEE 802 1Q are as follows Assigns packets to VLANs by filtering Assumes the presence of a single global spanning tree Uses an explicit tagging scheme with one level tagging 802 1Q VLAN Packet Forwarding Packet forw...

Страница 59: ...ackets so they can be carried across Ethernet backbones and 12 bits of VLAN ID VID The 3 bits of user priority are used by 802 1p The VID is the VLAN identifier and is used by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLANs can be identified The tag is inserted into the packet header making the entire packet longer by 4 octets All of the information originally contained in th...

Страница 60: ...D is not used to make packet forwarding decisions the VID is Tag aware switches must keep a table to relate PVIDs within the switch to VIDs on the network The switch will compare the VID of a packet to be transmitted to the VID of the port that is to transmit the packet If the two VIDs are different the switch will drop the packet Because of the existence of the PVID for untagged packets and the V...

Страница 61: ...nsmits it on its attached network segment This process is referred to as ingress filtering and is used to conserve bandwidth within the switch by dropping packets that are not on the same VLAN as the ingress port at the point of reception This eliminates the subsequent processing of packets that will just be dropped by the destination port Default VLANs The Switch initially configures one VLAN VID...

Страница 62: ...sources such as printers and servers however can be shared across VLANs This is achieved by setting up overlapping VLANs That is ports can belong to more than one VLAN group For example setting VLAN 1 members to ports 1 2 3 and 4 and VLAN 2 members to ports 1 5 6 and 7 Port 1 belongs to two VLAN groups Ports 8 9 and 10 are not configured to any VLAN group This means ports 8 9 and 10 are in the sam...

Страница 63: ...ted entry in the 802 1Q Static VLANs menu A new menu appears use this to configure the port settings and to assign a unique name and number to the new VLAN See the table below for a description of the parameters in the new menu Figure 4 22 802 1Q Static VLANs Entry Settings Modify The following fields can then be set in either the Add or Modify 802 1Q Static VLANs menus Parameter Description Unit ...

Страница 64: ...s to specify the port as a static member of the VLAN Egress member ports are ports that will be transmitting traffic for the VLAN These ports can be either tagged or untagged Forbidden Select this to specify the port as not being a member of the VLAN and that the port is forbidden from becoming a member of the VLAN dynamically GVRP Settings In the Configuration menu open the VLANs folder and click...

Страница 65: ...ng fields can be set Parameter Description Unit Displays the Unit ID of the switch within the switch stack that the VLAN will be created on From To These two fields allow you to specify the range of ports that will be included in the Port based VLAN that you are creating using the 802 1Q Port Settings page ...

Страница 66: ...for each port The Switch s default is to assign all ports to the Default VLAN with a VID of 1 The PVID is used by the port to tag outgoing untagged packets and to make filtering decisions about incoming packets If the port is specified to accept only tagged frames as tagging and an untagged packet is forwarded to the port for transmission the port will add an 802 1Q tag using the PVID to write the...

Страница 67: ...old value is the upper threshold at which the specified traffic control is switched on This is the number of Broadcast Multicast or DLF packets in Kbps received by the Switch that will trigger the storm traffic control measures The Threshold value can be set from 0 to 255 packets The Default setting is 128 Configuring Port Security A given port s or a range of ports dynamic MAC address learning ca...

Страница 68: ...switch in a switch stack using that switch s Unit ID From To A consecutive group of ports may be configured starting with the selected port Admin State This pull down menu allows you to enable or disable Port Security locked MAC address table for the selected ports Max Addr 0 64 The number of MAC addresses that will be in the MAC address forwarding table for the selected switch and group of ports ...

Страница 69: ...riority tags Only when these queues are empty are packets of lower priority transmitted For weighted round robin queuing the number of packets sent from each priority queue depends upon the assigned weight For a configuration of 8 CoS queues A H with their respective weight value 8 1 the packets are sent in the following sequence A1 B1 C1 D1 E1 F1 G1 H1 A2 B2 C2 D2 E2 F2 G2 A3 B3 C3 D3 E3 F3 A4 B4...

Страница 70: ...or are displayed Parameter Description Unit Allows you to specify a switch in a switch stack using that switch s Unit ID From To A consecutive group of ports may be configured starting with the selected port Type This drop down menu allows you to select between RX receive TX transmit and Both This setting will determine whether the bandwidth ...

Страница 71: ...g Mechanism to view the screen shown below Figure 4 27 Scheduling Mechanism Configuration window The Scheduling Mechanism has the following parameters Parameter Description Strict The highest queue is the first to process traffic That is the highest queue will finish before other queues empty Weight fair Use the weighted round robin WRR algorithm to handle packets in an even distribution in priori...

Страница 72: ... port numbers Note The DGS 3324SRi introduces the concept of a Combination Queue where the user may mix strict and weighted round robin priority scheduling A Max Packets field with an entry of zero 0 denotes a strict priority scheduling for that queue while other classes empty on a weighted round robin WRR priority schedule The web manager WILL NOT allow configuration of this function and is only ...

Страница 73: ...02 1p priority tag to any given port on the Switch The priority tags are numbered from 0 the lowest priority to 7 the highest priority 802 1p User Priority The DGS 3324SRi allows the assignment of a User Priority to each of the 802 1p priorities In the Configuration folder open the QoS folder and click 802 1p User Priority to view the screen shown below ...

Страница 74: ...Traffic segmentation is used to limit traffic flow from a single port to a group of ports on either a single Switch in standalone mode or a group of ports on another switch in a switch stack This method of segmenting the flow of traffic is similar to using VLANs to limit traffic but is more restrictive It provides a method of directing traffic that does not increase the overhead of the Master swit...

Страница 75: ...witch in a switch stack will be allowed to forward packets to other ports on that switch Configuring traffic segmentation on the DGS 3324SRi is accomplished in two parts First you specify a switch from a switch stack and then a port from that switch Then you specify a second switch from the switch stack and then you select which ports or different ports on the same switch on that switch that you w...

Страница 76: ...orts heading allows you to select a switch from a switch stack using that switch s Unit ID The Forward Port click boxes allow you to select which of the ports on the selected switch will be able to forward packets These are the ports that will be allowed to receive packets from the port specified above Click Apply to enter the settings into the Switch s Traffic Segmentation table The System Log Se...

Страница 77: ... the facility values that the Switch is currently utilizing now Numerical Facility Code 0 kernel messages 1 user level messages 2 mail system 3 system daemons 4 security authorization messages 5 messages generated internally by syslog line printer subsystem 7 network news subsystem 8 UUCP subsystem 9 clock daemon 10 security authorization messages 11 FTP daemon 12 NTP subsystem 13 log audit 14 log...

Страница 78: ...ing screen for the user to configure Figure 4 35 Time Settings Page The following parameters can set or are displayed Parameter Description System Boot Time Displays the beginning time of the current session of the Switch Time Source Displays the time source for the system SNTP State Use this pull down menu to enable or disable SNTP SNTP Primary Server This is the primary server the SNTP informati...

Страница 79: ...u would like to update the system clock Time in HH MM SS Enter the current time in hours minutes and seconds if you wish to update the system clock Time Zone and DST The following are screens used to configure time zones and Daylight Savings time settings for SNTP Open the Configuration folder then the SNTP folder and click on the Time Zone and DST link revealing the following screen Figure 4 36 T...

Страница 80: ...of the month that DST will start From Day of Week Enter the day of the week that DST will start on From Month Enter the month DST will start on From time in HH MM Enter the time of day that DST will start on To Which Day Should be be To Which Week Enter the week of the month the DST will end To Day of Week Enter the day of the week that DST will end To Month Enter the month that DST will end To ti...

Страница 81: ...on the Switch open the Configuration folder and click on the Access Profile Table link This will open the Access Profile Table page as shown below Figure 4 37 Access Profile Table To add an entry to the Access Profile Table click the Add button This will open the Access Profile Configuration page as shown below There are two Access Profile Configuration pages one for Ethernet or MAC address based ...

Страница 82: ...ch frame s header Port The user may set the Access Profile Table on a per port basis by entering an entry in this field The user may select all denoting all ports within the switch stack or enter a port or ports The port list is specified by listing the lowest switch number and the beginning port number on that switch separated by a colon Then the highest switch number and the highest port number ...

Страница 83: ...he type of profile Select Ethernet to instruct the Switch to examine the layer 2 part of each packet header Select IP to instruct the Switch to examine the IP address in each frame s header Vlan Selecting this option instructs the Switch to examine the VLAN part of each packet header and use this as the or part of the criterion for forwarding Source IP Mask Source IP Mask Enter an IP address mask ...

Страница 84: ... the source port in hex form hex 0x0 0xffff which you wish to deny dest port mask Specify a TCP port mask for the destination port in hex form hex 0x0 0xffff which you wish to deny Select UDP to use the UDP port number contained in an incoming packet as the forwarding criterion Selecting UDP requires that you specify a source port mask and or a destination port mask src port mask Specify a TCP por...

Страница 85: ... Configure the following Access Rule Configuration settings Parameter Description Profile ID This is the identifier number for this profile set Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch according to any additional rule added see below Select Deny to specify that packets that do not match the access profile are not forwarded by the Swit...

Страница 86: ...or the source IP address Destination IP Destination IP Address Enter an IP Address mask for the destination IP address Dscp 0 63 This field allows the user to enter a Dscp value in the space provided which will instruct the Switch to examine the DiffServ Code part of each packet header and use this as the or part of the criterion for forwarding The user may choose a value between 0 and 63 Protocol...

Страница 87: ...djust the following parameters and click Apply Parameters Description Profile ID This is the identifier number for this profile set Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch according to any additional rule added see below Select Deny to specify that packets that do not match the access profile are not forwarded by the Switch and will ...

Страница 88: ... entered in the adjacent field Vlan Name Allows the entry of a name for a previously configured VLAN Source Mac Source MAC Address Enter a MAC Address for the source MAC address Destination Mac Destination MAC Address Enter a MAC Address mask for the destination MAC address 802 1p 0 7 Enter a value from 0 7 to specify that the access profile will apply only to packets with this 802 1p priority val...

Страница 89: ...on of the server side of IEEE 802 1X Port Based Network Access Control Through this mechanism users have to be authorized before being able to access the network See the following figure Figure 4 46 Typical 802 1X Configuration Prior to User Authentication Once the user is authenticated the switch unblocks the port that is connected to the user as shown in the next figure ...

Страница 90: ...ypical 802 1X Configuration with User Authentication The user s information including account number password and configuration details such as IP address and billing information is stored in a centralized RADIUS server Figure 4 48 Typical Configuration with 802 1X Fully Implemented ...

Страница 91: ...ne Backend Authentication state machine Controlled Directions state machine The Key Receive state machine Conformance to IEEE 802 1X Standards Configure Authenticator To display the current 802 1X Authenticator Settings on the Switch open the Configuration folder and then the Port Access Entity folder and finally click on the Configure Authenticator link This will open the 802 1X Authenticator Set...

Страница 92: ...thernet Switch 77 Figure 4 49 802 1x Authenticator Settings window To configure the 802 1X Authenticator Settings for a given port click on the blue port number under the Port heading This will open the 802 1X Authenticator Settings page as shown below ...

Страница 93: ...administrative control over the port s authorization status forceAuthorized forces the Authenticator of the port to become Authorized forceUnauthorized forces the port to become Unauthorized Auto means the port state reflects the outcome of the authentication exchange between supplicant authenticator and authentication The default is forceAuthorized TxPeriod Select the time to wait for a response ...

Страница 94: ...uration folder open the Port Access Entity folder and click Local users to open the 802 1x Local User Table Configuration window This window will allow the user to set different local users on the Switch Figure 4 51 802 1x Local User Table Configuration window Enter a User Name Password and confirmation of that password Properly configured local users will be displayed in the 802 1x Local Users Ta...

Страница 95: ...orts are to be configured in the From and To fields Next enable the ports by selecting Authenticator from the drop down menu under Capability Click Apply to let your change take effect Configure the following 802 1x capability settings Parameter Description Unit Allows you to select a switch from a switch stack using that switch s Unit ID From and To Ports being configured for 802 1x settings ...

Страница 96: ...s the authentication process to gain access to the network None The port is not controlled by the 802 1x functions Initializing Ports Existing 802 1x port settings are displayed and can be configured using the window below Click Initialize Port s on the PAE Access Entity folder on the Configuration menu to open the 802 1x Port Initial window ...

Страница 97: ...is window allows you to initialize a port or group of ports The Initialize Port Table in the bottom half of the window displays the current status of the port s once you have clicked Apply This window displays the following information Parameter Description Unit Allows you to select a switch from a switch stack using that switch s Unit ID ...

Страница 98: ...Port s This window allows you to reauthenticate a port or group of ports The Reauthenticate Port Table displays the current status of the port s once you have clicked Apply Click Reauthenticate Port s on the PAE Access Entity folder on the Configuration menu to open the Reauthenticate Port s window Figure 4 54 Reauthenticate Port and Reauthenticate Port Table window This window displays the follow...

Страница 99: ...r offers three windows Click the Radius Server folder on the Configuration menu and then click the Authentic Radius Server link to open the Authentic Radius Server Setting window Figure 4 55 Authentic Radius Server Setting and Table window This window displays the following information Parameter Description Succession First Choose the desired RADIUS server to configure First Second or Third Radius...

Страница 100: ...d Settings The user may set the following Parameter Description DVMRP State The user may globally enable or disable the Distance Vector Multicast Routing Protocol DVMRP function by using the pull down menu PIM DM State The user may globally enable or disable the Protocol Independent Multicast Dense Mode PIM DM function by using the pull down menu RIP State The user may globally enable or disable t...

Страница 101: ...rom the allowed range of IP addresses for each subnet can be chosen as an IP address for an IP interface on the switch For this example we have chosen the next IP address above the network address for the IP interface s IP Address VLAN Name VID Network Number IP Address System default 1 10 32 0 0 10 32 0 1 Engineer 2 10 64 0 0 10 64 0 1 Marketing 3 10 96 0 0 10 96 0 1 Finance 4 10 128 0 0 10 128 0...

Страница 102: ...Save Changes dialog box from the Basic Setup folder to enter the changes into NV RAM The following fields can be set Parameter Description Interface Name This field displays the name for the IP interface The default IP interface is named System IP Address This field allows the entry of an IP address to be assigned to this IP interface Subnet Mask This field allows the entry of a subnet mask to be ...

Страница 103: ...Apply to enter the new Key ID settings To delete a Key ID entry click the corresponding under the Delete heading Route Redistribution Settings Route redistribution allows routers on the network which are running different routing protocols to exchange routing information This is accomplished by comparing the routes stored in the various routers routing tables and assigning appropriate metrics This...

Страница 104: ...routing protocols to all routers on the network that are running OSPF or RIP To access the Route Redistribution Table Configuration window go to Configuration Layer 3 IP Networking Route Redistribution Settings Figure 4 60 Route Redistribution Table Configuration window The following parameters may be set or viewed Parameter Description Src Protocol Allows for the selection of the protocol for the...

Страница 105: ...s of the Static Default Route Subnet Mask The corresponding Subnet Mask of the IP address entered into the table Gateway The corresponding Gateway of the IP address entered into the table Hops Represents the metric value of the IP interface entered into the table This field may read a number between 1 65535 for an OSPF setting and 1 16 for a RIP setting Protocol Represents the protocol used for th...

Страница 106: ...ress above Backup State Primary The user may choose between Primary and Backup If the Primary Static Default Route fails the Backup Route will support the entry Please take note that the Primary and Backup entries cannot have the same Gateway Static ARP Table The Address Resolution Protocol ARP is a TCP IP protocol that converts IP addresses into physical addresses This table allows network manage...

Страница 107: ...rs between a source and a destination the greater the RIP distance or hop count There are a few rules to the routing table update process that help to improve performance and stability A router will not replace a route with a newly learned one if the new route has the same hop count sometimes referred to as cost So learned routes are retained until a new route with a lower hop count is learned Whe...

Страница 108: ...ng 1 Request for partial or full routing information 2 Response containing network distance pairs from sender s routing table 3 Turn on trace mode obsolete 4 Turn off trace mode obsolete 5 Reserved for Sun Microsystem s internal use 9 Update Request 10 Update Response 11 Update Acknowledgement RIP Command Codes The field VERSION contains the protocol version number 1 in this case and is used by th...

Страница 109: ...ted routes other interfaces cannot The router will then advertise only a single route to the network RIP Version 2 Extensions RIP version 2 includes an explicit subnet mask entry so RIP version 2 can be used to propagate variable length subnet addresses or CIDR classless addresses RIP version 2 also adds an explicit next hop entry which speeds convergence and helps prevent the formation of routing...

Страница 110: ...n table form listing settings for IP interfaces currently on the Switch To configure RIP settings for an individual interface click on the hyperlinked Interface Name Figure 4 66 RIP Interface Settings window Click the name of the interface you want to setup for RIP to access the following menu Figure 4 67 RIP Interface Settings Edit window Refer to the table below for a description of the availabl...

Страница 111: ...est authentication MD 5 Message Digest Authentication MD 5 MD 5 authentication is a cryptographic method A key and a key ID are configured on each router The router then uses an algorithm to generate a mathematical message digest that is derived from the OSPF packet the key and the key ID This message digest a number is then appended to the packet The key is not exchanged over the wire and a non d...

Страница 112: ...ion of a password for a specific area Two routers on the same segment and belonging to the same area must also have the same OSPF password before they can become neighbors Hello and Dead Intervals The Hello interval specifies the length of time in seconds between the hello packets that a router sends on an OSPF interface The dead interval is the number of seconds that a router s Hello packets have...

Страница 113: ...eir entire link state database by sending database description packets Loading The routers are finalizing the information exchange Routers have link state request list and a link state retransmission list Any information that looks incomplete or outdated will be put on the request list Any update that is sent will be put on the retransmission list until it gets acknowledged Full The adjacency is n...

Страница 114: ...the packet s contents except for the 64 bit authentication field Authentication Type The type of authentication to be used for the packet Authentication A 64 bit field used by the authentication scheme OSPF Packet Header The Hello Packet Hello packets are OSPF packet type 1 They are sent periodically on all interfaces including virtual links in order to establish and maintain neighbor relationship...

Страница 115: ...hat must pass before declaring a silent router as down Designated Router The identity of the DR for this network in the view of the advertising router The DR is identified here by its IP interface address on the network Backup Designated Router The identity of the Backup Designated Router BDR for this network The BDR is identified here by its IP interface address on the network This field is set t...

Страница 116: ... The initial value indicated by the Initial bit being set should be unique The DD sequence number then increments until the complete database description has been sent Database Description Packet The rest of the packet consists of a list of the topological database s pieces Each link state advertisement in the database is described by its link state advertisement header The Link State Request Pack...

Страница 117: ...physical networks that support multicast broadcast In order to make the flooding procedure reliable flooded advertisements are acknowledged in Link State Acknowledgment packets If retransmission of certain advertisements is necessary the retransmitted advertisements are always carried by unicast Link State Update packets The format of the Link State Update packet is shown below Version No Packet L...

Страница 118: ...separate link state advertisement types Each link state advertisement describes a piece of the OSPF routing domain Every router originates a router links advertisement In addition whenever the router is elected as the Designated Router it originates a network links advertisement Other types of link state advertisements may also be originated The flooding algorithm is reliable ensuring that all rou...

Страница 119: ...is field identifies the portion of the internet environment that is being described by the advertisement The contents of this field depend on the advertisement s Link State Type Advertising Router The Router ID of the router that originated the Link State Advertisement For example in network links advertisements this field is set to the Router ID of the network s Designated Router Link State Seque...

Страница 120: ... separate set of routes for each IP Type of Service TOS Router links advertisements are flooded throughout a single area only Field Description V bit When set the router is an endpoint of an active virtual link that is using the described area as a Transit area V is for Virtual link endpoint E bit When set the router is an Autonomous System AS boundary router E is for External B bit When set the r...

Страница 121: ...pecifies the interface s MIB II ifIndex value For other link types it specifies the router s associated IP interface address This latter piece of information is needed during the routing table build process when calculating the IP address of the next hop No of TOS The number of different Type of Service TOS metrics given for this link not counting the required metric for TOS 0 If no additional TOS...

Страница 122: ...Number Link State Checksum Length Network Link Advertisements 2 Network Mask Attached Router Field Description Network Mask The IP address mask for the network Attached Router The Router Ids of each of the routers attached to the network Only those routers that are fully adjacent to the Designated Router DR are listed The DR includes itself in this list Network Link Advertisement Summary Link Adve...

Страница 123: ...d Description Network Mask For Type 3 link state advertisements this indicates the destination network s IP address mask For example when advertising the location of a class A network the value 0xff000000 TOS The Type of Service that the following cost is relevant to Metric The cost of this route Expressed in the same units as the interface costs in the router links advertisements Summary Link Adv...

Страница 124: ...fic for the advertised destination will be forwarded to this address If the Forwarding Address is set to 0 0 0 0 data traffic will be forwarded instead to the advertisement s originator TOS The Type of Service that the following cost is relevant to Metric The cost of this route The interpretation of this metric depends on the external type indication the E bit above External Route Tag A 32 bit fie...

Страница 125: ...lays the OSPF Route ID currently in use by the Switch This Route ID is displayed as a convenience to the user when changing the Switch s OSPF Route ID State Allows OSPF to be enabled or disabled globally on the Switch without changing the OSPF configuration OSPF Area Setting This menu allows the configuration of OSPF Area IDs and to designate these areas as either Normal or Stub Normal OSPF areas ...

Страница 126: ... Parameter Description Area ID A 32 bit number in the form of an IP address xxx xxx xxx xxx that uniquely identifies the OSPF area in the OSPF domain Type This field can be toggled between Normal and Stub using the space bar When it is toggled to Stub additional fields appear Stub Import Summary LSA and Default Cost Stub Import Summary LSA Displays whether or not the selected Area will allow Summa...

Страница 127: ...reviously configured OSPF settings Read the descriptions below for details Parameter Description Interface Name Displays the of an IP interface previously configured on the Switch Area ID Allows the entry of an OSPF Area ID configured above Router Priority Allows the entry of a number between 0 and 255 representing the OSPF priority of the selected area If a Router Priority of 0 is selected the Sw...

Страница 128: ...uth Key ID field allows the specification of the Key ID as defined in the MD5 configuration above This must be the same MD5 Key as used by the neighboring router Auth Key ID Enter a Key ID of up to 5 characters to set the Auth Key ID for either the Simple Auth Type or the MD5 Auth Type as specified in the previous parameter Metric This field allows the entry of a number between 1 and 65 535 that i...

Страница 129: ...rval Dead Interval Authorization Type and Authorization Key should have identical settings for all routers on the same network Dead Interval 1 65535 Specify the length of time between receiving Hello packets from a neighbor router before the selected area declares that router down Again all routers on the network should use the same setting Auth Type If using authorization for OSPF routers select ...

Страница 130: ...first accessing the menu To add a new OSPF Area Aggregation setting click the Add button A new menu pictured below appears To change an existing configuration click on the hyperlinked Area ID for the set you want to change The menu to modify an existing configuration is the same as the menu used to add a new one To eliminate an existing configuration click the in the Delete column for the configur...

Страница 131: ...oute Settings link To add a new OSPF Route click the Add button Configure the setting in the menu that appears The Add and Modify menus for OSPF host route setting are nearly identical The difference being that if you are changing an existing configuration you will be unable to change the Host Address To change an existing configuration click on the hyperlinked Host Address in the list for the con...

Страница 132: ... configure BOOTP or DHCP on the Switch click on the BOOTP DHCP Relay folder from the Configuration folder and then click on the BOOTP DHCP Relay Information link Figure 4 79 BOOTP DHCP Relay Information window The following fields can be set Parameter Description BOOTP DHCP Relay Status Disabled This field can be toggled between Enabled and Disabled using the pull down menu It is used to enable or...

Страница 133: ...ervers to translate a name to an address The Domain Name System DNS servers are organized in a somewhat hierarchical fashion A single server often holds names for a single network which is connected to a root DNS server usually maintained by an ISP Domain Name Resolution The domain name system can be used by contacting the name servers one at a time or by asking the domain name system to do the co...

Страница 134: ... Disabled and Enabled using the pull down menu and is used to enable or disable the DNS Relay service on the Switch Primary Name Server 0 0 0 0 Allows the entry of the IP address of a primary domain name server DNS Secondary Name Server 2 0 0 0 0 Allows the entry of the IP address of a secondary domain name server DNS DNSR Cache Status Disabled This can be toggled between Disabled and Enabled This...

Страница 135: ...er from the Layer 3 IP Networking folder IGMP Snooping DVMRP and PIM DM can be enabled or disabled on the Switch without changing the individual protocol s configuration IGMP Interface Configuration The Internet Group Multicasting Protocol IGMP can be configured on the Switch on a per IP interface basis To view the IGMP Interface Table open the IP Multicasting folder under Configuration and click ...

Страница 136: ...Name System Displays the name of the IP interface that is to be configured for IGMP This must be a previously configured IP interface IP Address Displays the IP address corresponding to the IP interface name above Version 2 Enter the IGMP version 1 or 2 that will be used to interpret IGMP queries on the interface Query Interval 125 Allows the entry of a value between 1 and 65535 seconds with a def...

Страница 137: ...he multicast was received over the shortest path then the adjacent router enters the information into its tables and forwards the message If the message is not received on the shortest path back to the source the message is dropped Route cost is a relative number that is used by DVMRP to calculate which branches of a multicast delivery tree should be pruned The cost is relative to other costs assi...

Страница 138: ...te Disabled This field can be toggled between Enabled and Disabled and enables or disables DVMRP for the IP interface The default is Disabled PIM_DM Interface Configuration The Protocol Independent Multicast Dense Mode PIM DM protocol should be used in networks with a low delay low latency and high bandwidth as PIM DM is optimized to guarantee delivery of multicast packets not to reduce overhead T...

Страница 139: ...the PIM DM to be configured for each IP interface defined on the Switch Each IP interface configured on the Switch is displayed in the below PIM DM Interface Table dialog box To configure PIM DM for a particular interface click the corresponding hyperlink for that IP interface This will open the PIM DM Interface Configuration window Figure 4 89 PIM DM Interface Table Figure 4 90 PIM DM Interface C...

Страница 140: ...router uses to automatically remove prune information from a branch of a multicast delivery tree and begin to flood multicast messages to all branches of that delivery tree These two actions are equivalent The default is 60 seconds State Disabled This field can be toggled between Enabled and Disabled using the pull down menu and is used to enable or disable PIM DM for the IP interface The default ...

Страница 141: ...entication is accomplished using community strings which function like passwords The remote user SNMP application and the switch SNMP must use the same community string SNMP packets from any station that has not been authenticated are ignored dropped The default community strings for the Switch used for SNMP v 1 and v 2 management access are public Allows authorized management stations to retrieve...

Страница 142: ...environment SNMP management can be customized to suit the needs of the networks and the preferences of the network administrator Use the SNMP V3 menus to select the SNMP version used for specific tasks The DGS 3324SRi supports the Simple Network Management Protocol SNMP versions 1 2c and 3 The administrator can specify the SNMP version used to monitor and control the Switch The three versions of S...

Страница 143: ... will be used V3 Indicates that SNMP version 3 will be used Auth Protocol None Indicates that no authorization protocol is in use MD5 Indicates that the HMAC MD5 96 authentication level will be used SHA Indicates that the HMAC SHA authentication protocol will be used Priv Protocol None Indicates that no authorization protocol is in use DES Indicates that DES 56 bit encryption is in use based on th...

Страница 144: ...at the HMAC SHA authentication protocol will be used This field is accompanied by a mandatory password for both MD5 and SHA Priv Protocol None Specifies that no authorization protocol is in use DES Specifies that DES 56 bit encryption is in use based on the CBC DES DES 56 standard This field is accompanied by a mandatory password for DES encrypted Checking the corresponding box will enable encrypt...

Страница 145: ...s identified in the SNMP User Table to the views created in the previous menu The following parameters can set Parameter Description View Name Type an alphanumeric string of up to 32 characters This is used to identify the new SNMP view being created Subtree OID Type the Object Identifier OID Subtree for the view The OID identifies an object tree MIB tree that will be included or excluded from acc...

Страница 146: ... The following screen should appear Figure 5 6 SNMP Group Table To delete an existing SNMP Group Table entry click the corresponding icon under the Delete heading To display the current settings for an existing SNMP Group Table entry click the blue hyper link for the entry under the Group Name heading Figure 5 7 SNMP Group Table Display To add a new entry to the Switch s SNMP Group Table click the...

Страница 147: ... in the Structure of Management Information SMI and adds some security features SNMPv3 User based Security Module Specifies that the SNMP version 3 will be used SNMP v3 provides secure access to devices through a combination of authentication and encrypting packets over the network Security Level NoAuthNoPriv Specifies that there will be no authorization and no encryption of packets sent between t...

Страница 148: ...of up to 32 characters that is used to identify the group of MIB objects that a remote SNMP manager is allowed to access on the Switch The view name must exist in the SNMP View Table Access Right read_only Specifies that SNMP community members using the community string created with this command can only read the contents of the MIBs on the Switch read_write Specifies that SNMP community members u...

Страница 149: ...witch SNMP Version V1 To specifies that SNMP version 1 will be used V2 To specify that SNMP version 2 will be used V3 To specify that the SNMP version 3 will be used The user may choose between NoAuth NoPriv Auth NoPriv and Auth Priv Community String or SNMP V3 User Name Type in the community string or SNMP V3 user name as appropriate SNMP Engine ID The Engine ID is a unique identifier used for SN...

Страница 150: ...Link DGS 3324SRi Intelligent Stackable Gigabit Ethernet Switch 135 Figure 5 12 SNMP Engine ID Configuration To change the Engine ID type the new Engine ID in the space provided and click the Apply button ...

Страница 151: ...tch History Log IGMP Snooping Browse Router Port Port Access Control Layer 3 Feature Port Utilization The Port Utilization page displays the percentage of the total available bandwidth being used on the port Port utilization statistics may be viewed using a line graph or table format To view the port utilization click on the Monitoring folder and then the Port Utilization link ...

Страница 152: ...tes a switch in standalone mode Port Allows you to specify a port to monitor from the switch selected above Time Interval Select the desired setting between 1s and 60s where s stands for seconds The default value is one second Record Number Select number of times the Switch will be polled between 20 and 200 The default value is 20 Packets The Web Manager allows various packet statistics to be view...

Страница 153: ... Received RX link in the Packets folder of the Monitoring menu to view the following graph of packets received on the Switch Figure 6 2 Rx Packets Analysis window line graph for Bytes and Packets To view the Received Packets Table click the link View Table which will show the following table ...

Страница 154: ...r 200 Select number of times the Switch will be polled between 20 and 200 The default value is 20 Bytes Counts the number of bytes received on the port Packets Counts the number of packets received on the port Show Hide Check whether to display Bytes and Packets Clear Clicking this button clears all statistics counters on this window View Table Clicking this button instructs the Switch to display ...

Страница 155: ... link in the Packets folder of the Monitoring menu to view the following graph of UMB cast packets received on the Switch Figure 6 4 Rx Packets Analysis window line graph for Unicast Multicast and Broadcast Packets To view the UMB_cast Table click the link View Table which will show the following table ...

Страница 156: ...lt value is 20 Unicast Counts the total number of good packets that were received by a unicast address Multicast Counts the total number of good packets that were received by a multicast address Broadcast Counts the total number of good packets that were received by a broadcast address Show Hide Check whether or not to display Multicast Broadcast and Unicast Packets Clear Clicking this button clea...

Страница 157: ...e Transmitted TX link in the Packets folder of the Monitoring menu to view the following graph of packets transmitted from the Switch Figure 6 6 Tx Packets Analysis window line graph for Bytes and Packets To view the UMB_cast Table click the link View Table which will show the following table ...

Страница 158: ...number of times the Switch will be polled between 20 and 200 The default value is 20 Bytes Counts the number of bytes successfully sent from the port Packets Counts the number of packets successfully sent on the port Show Hide Check whether or not to display Bytes and Packets Clear Clicking this button clears all statistics counters on this window View Table Clicking this button instructs the Swit...

Страница 159: ...be viewed as either a line graph or a table Four windows are offered Received RX Click the Received RX link in the Error folder of the Monitoring menu to view the following graph of error packets received on the Switch Figure 6 8 Rx Error Analysis window line graph To view the Received Error Packets Table click the link View Table which will show the following table ...

Страница 160: ...nimum permitted frame size of 64 bytes and have a good CRC Undersize frames usually indicate collision fragments a normal network occurrence OverSize Counts packets received that were longer than 1518 octets or if a VLAN frame 1522 octets and less than the MAX_PKT_LEN Internally MAX_PKT_LEN is equal to 1522 Fragment The number of packets less than 64 bytes with either bad framing or an invalid CRC...

Страница 161: ...n a line graph View Line Chart Clicking this button instructs the Switch to display a line graph rather than a table Transmitted TX Click the Transmitted TX link in the Error folder of the Monitoring menu to view the following graph of error packets received on the Switch Figure 6 10 Tx Error Analysis window line graph To view the Transmitted Error Packets Table click the link View Table which wil...

Страница 162: ...e the medium was busy LateColl Counts the number of times that a collision is detected later than 512 bit times into the transmission of a packet ExColl Excessive Collisions The number of frames for which transmission failed due to excessive collisions SingColl Single Collision Frames The number of successfully transmitted frames for which transmission is inhibited by more than one collision Coll ...

Страница 163: ...graph rather than a table Size The Web Manager allows packets received by the Switch arranged in six groups and classed by size to be viewed as either a line graph or a table Two windows are offered Figure 6 12 Rx Size Analysis window line graph To view the Packet Size Analysis Table click the link View Table which will show the following table ...

Страница 164: ...ved that were between 65 and 127 octets in length inclusive excluding framing bits but including FCS octets 128 255 The total number of packets including bad packets received that were between 128 and 255 octets in length inclusive excluding framing bits but including FCS octets 256 511 The total number of packets including bad packets received that were between 256 and 511 octets in length inclus...

Страница 165: ...ch stack up to 12 total are displayed in the upper right hand corner of your web browser The icons are in the same order as their respective Unit numbers with the Unit 1 switch corresponding to the icon in the upper left most corner of the icon group When the switches are properly interconnected through their optional Stacking Modules information about the resulting switch stack is displayed under...

Страница 166: ...e physical attributes of the Switch including power sources and fans Figure 6 15 Device Status window The following fields may be viewed in this window Parameter Description ID The Box ID of the Switch in the switch stack Internal Power A read only field denoting the current status of the internal power supply Active will suggest the mechanism is functioning correctly while Fail will show the mech...

Страница 167: ...t Parameter Description VLAN Name Enter a VLAN Name of the VLAN which that name is a member of to browse the table by MAC Address Enter a MAC address for the forwarding table to be browsed by Unit Port Enter a unit number denoting the Switch in a switch stack and a port number for the forwarding table to be browsed by Find Allows the user to move to a sector of the database corresponding to a user...

Страница 168: ...ss entered into the address table Port The port that the MAC address above corresponds to Type How the Switch discovered the MAC address The possible entries are Dynamic Self and Static Next Click this button to view the next page of the address table Switch History Log The Web manager allows the Switch s history log as compiled by the Switch s management agent to be viewed Figure 6 17 Switch Hist...

Страница 169: ...Table IGMP Snooping Table This allows the Switch s IGMP Snooping Table to be viewed IGMP Snooping allows the Switch to read the Multicast Group IP address and the corresponding MAC address from IGMP packets that pass through the Switch The number of IGMP reports that were snooped is displayed in the Reports field To view the IGMP Snooping table click IGMP Snooping Group on the Monitoring menu Figu...

Страница 170: ...P snooping may be found in Section 4 of this manual under Configuring IGMP Browse Router Port This displays which of the Switch s ports are currently configured as router ports A router port configured by a user using the console or Web based management interfaces is displayed as a static router port designated by S A router port that is dynamically configured by the Switch is designated by D Figu...

Страница 171: ...o update the statistics between 1s and 60s where s stands for seconds The default value is one second The following fields can be viewed Parameter Description Port The identification number assigned to the Port by the System in which the Port resides Frames Rx The number of valid EAPOL frames that have been received by this Authenticator Frames Tx The number of EAPOL frames that have been transmit...

Страница 172: ...ved EAPOL frame Last Source The source MAC address carried in the most recently received EAPOL frame Authenticator Session Statistics This table contains the session statistics objects for the Authenticator PAE associated with each port An entry appears in this table for each port that supports the Authenticator function To view the Authenticator Session Statistics click Monitoring Port Access Con...

Страница 173: ... Remote Authentic Server The Authentication Server is external to the Authenticator s System 2 Local Authentic Server The Authentication Server is located within the Authenticator s System Time The duration of the session in seconds Terminate Cause The reason for the session termination There are eight possible reasons for termination 1 Supplicant Logoff 2 Port Failure 3 Supplicant Restart 4 Reaut...

Страница 174: ...ECTING to AUTHENTICATING as a result of an EAP Response Identity message being received from the Supplicant Auth Success Counts the number of times that the state machine transitions from AUTHENTICATING to AUTHENTICATED as a result of the Backend Authentication state machine indicating successful authentication of the Supplicant authSuccess TRUE Auth Timeout Counts the number of times that the sta...

Страница 175: ... Authentication server i e aReq becomes TRUE causing exit from the RESPONSE state Indicates that the Authentication Server has communication with the Authenticator OtherReqToSupp Counts the number of times that the state machine sends an EAP Request packet other than an Identity Notification Failure or Success message to the Supplicant i e executes txReq on entry to the REQUEST state Indicates tha...

Страница 176: ...mber of RADIUS Access Response packets received from unknown addresses Identifier The NAS Identifier of the RADIUS authentication client This is not necessarily the same as sysName in MIB II AuthServerAddr The conceptual table listing the RADIUS authentication servers with which the client shares a secret ServerPortNumber The UDP port the client is using to send requests to this server RoundTripTi...

Страница 177: ...t A send to a different server is counted as a Request as well as a timeout UnknownTypes The number of RADIUS packets of unknown type which were received from this server on the authentication port PacketsDropped The number of RADIUS packets of which were received from this server on the authentication port and dropped for some other reason Radius Accounting This window shows managed objects used ...

Страница 178: ...d length Bad authenticators and unknown types are not included as malformed accounting responses BadAuthenticators The number of RADIUS Accounting Response packets which contained invalid authenticators received from this server PendingRequests The number of RADIUS Accounting Request packets sent to this server that have not yet timed out or received a response This variable is incremented when an...

Страница 179: ...e Layer 3 Feature folder The Browse IP Address window is a read only screen where the user may view IP addresses discovered by the Switch To search a specific IP address enter it into the field labeled IP Address at the top of the screen and click Find to begin your search Figure 6 25 Browse IP Address window Browse Routing Table The Browse Routing Table window may be found in the Monitoring menu ...

Страница 180: ...wse ARP Table The Browse ARP Table window may be found in the Monitoring menu in the Layer 3 Feature folder This window will show current ARP entries on the Switch To search a specific ARP entry enter an interface name into the Interface Name or an IP address and click Find To clear the ARP Table click Clear All ...

Страница 181: ...ing Table The Browse IP Multicast Forwarding Table window may be found in the Monitoring menu in the Layer 3 Feature folder This window will show current IP multicasting information on the Switch To search a specific entry enter an multicast group IP address into the Multicast Group field or a Source IP address and click Find ...

Страница 182: ...oup IP address and click Find Figure 6 29 Browse IGMP Group Table OSPF Monitoring This section offers windows regarding OSPF Open Shortest Path First information on the Switch including the OSPF LSDB Table OSPF Neighbor Table and the OSPF Virtual Neighbor Table To view these tables open the Monitoring folder and click OSPF Monitoring OSPF LSDB Table This table can be found in the OSPF Monitoring f...

Страница 183: ...y link Summary Autonomous System link ASSummary Autonomous System external link ASExternal MCGLink Multicast Group and NSSA Not So Stubby Area Adv Router ID Displays the Advertising Router s ID Link State ID This field identifies the portion of the Internet environment that is being described by the advertisement The contents of this field depend on the advertisement s LS type LS Type Link State I...

Страница 184: ...the entry of an OSPF Area ID previously defined on the Switch that allows a remote area to communicate with the backbone area 0 A Transit Area cannot be a Stub Area or a Backbone Area Neighbor ID The OSPF router ID for the remote router This IP address uniquely identifies the remote area s Area Border Router Figure 6 32 OSPF Virtual Neighbor window DVMRP Monitoring This menu allows the DVMRP Dista...

Страница 185: ...on about DVMRP neighbors of the Switch To search this table enter either an Interface Name or Neighbor Address into the respective field and click the Find button DVMRP neighbors of that entry will appear in the DVMRP Neighbor Table below Figure 6 34 DVMRP Neighbor Address Table DVMRP Routing Next Hop Table The DVMRP Routing Next Hop Table contains information regarding the next hop for forwarding...

Страница 186: ...uration on the Switch see the IP Multicasting chapter of Section 4 Configuration PIM Neighbor Address Table The PIM Neighbor Address Table contains information regarding each of a router s PIM neighbors This screen may be found in the Monitoring folder under the heading PIM Monitor To search this table enter either an Interface Name or Neighbor Address into the respective field and click the Find ...

Страница 187: ... window Unit ID Select which switch of a switch stack you want to update the firmware on This allows the selection of a particular switch from a switch stack if you have installed the optional stacking module and have properly interconnected the switches All indicates all switches in a switch stack will download the same firmware Enter the IP address of the TFTP server in the Server IP Address fie...

Страница 188: ...iguration window Enter the IP address of the TFTP server and the path and filename for the history log on the TFTP server Click Start to initiate the file transfer Upload Log To upload the Switch history log file to a TFTP server open the TFTP Service folder in the Maintenance folder and then click the Upload Log link Figure 7 4 Upload History Log window Enter the IP address of the TFTP server and...

Страница 189: ...lash card insert it into the available slot on the back of the Switch as shown below and ensure that the card clicks into place When correctly inserted the CF Card Button should protrude To eject the card from the slot press the CF Card button in and the CompactFlash card should pop out Figure 7 5 CF Card Installation Download Firmware From CF To download firmware saved on the CompactFlash card op...

Страница 190: ...ndow Enter the file name and path into the space provided and click Start This will begin the configuration download from the CompactFlash card to the Switch If the user wishes to implement a complete configuration setting click the Reset box of the Config Control field If the user wishes to download increments of the configuration leave the Reset box unchecked Figure 7 9 Save Settings from CF win...

Страница 191: ... the user must save the current configuration file to the NV RAM on the Switch by going to the Save Changes window also in the Maintenance folder and click the Save Configuration button After the configuration has been saved the user should open the Upload Config to CF window by clicking Maintenance CF Services Upload Config to CF In the following window enter a new path name e g c 3324sri cfg in ...

Страница 192: ...LI management options To save a Switch History Log to the CompactFlash memory first go to the Upload Log to CF window by clicking Maintenance CF Services Upload Log to CF Figure 7 14 Upload Log to CF Enter a path name chosen by the user into the File Name field in the window above and click Start to initiate the file transfer The following window should appear notifying the user of the current tra...

Страница 193: ...diately take effect Once the Switch s configuration settings have been saved to NV RAM they become the default settings for the Switch These settings will be used every time the Switch is rebooted Some settings though require you to restart the Switch before they will take effect Restarting the Switch erases all settings in RAM and reloads the stored settings from the NV RAM Thus it is necessary t...

Страница 194: ...faults save these parameters to the Switch s non volatile RAM and then restart the Switch This option is equivalent to Reset Config above followed by Save Changes Figure 7 18 Factory Reset window Reboot Device The following menu is used to restart the Switch Clicking the Yes click box will instruct the Switch to save the current configuration to non volatile RAM before restarting the Switch Clicki...

Страница 195: ...ntelligent Stackable Gigabit Ethernet Switch 180 Figure 7 19 Restart System window Logout Use the Logout page to logout of the Switch s Web based management agent by clicking on the Log Out button Figure 7 20 Logout window ...

Страница 196: ... Flow Control IEEE 802 3 Nway auto negotiation Protocols CSMA CD Data Transfer Rates Ethernet Fast Ethernet Gigabit Ethernet Fiber Optic Half duplex Full duplex 10 Mbps 20Mbps 100Mbps 200Mbps 1000Mbps 2000Mbps IEC 793 2 1992 Type A1a 50 125um multimode Type A1b 62 5 125um multimode Both types use LC optical connector Topology Star Network Cables UTP Cat 5 for 100Mbps UTP Cat 3 4 5 for 10Mbps EIA T...

Страница 197: ...5 to 95 RH non condensing Storage 0 to 95 RH non condensing Dimensions 441 mm x 207 mm x 44 mm 1U 19 inch rack mount width Weight 3 15 kg EMI FCC Part 15 Class A ICES 003 Class Canada EN55022 Class A EN55024 Safety CSA International Performance Transmission Method Store and forward RAM Buffer 2 MB per device Filtering Address Table 16 K MAC address per device Packet Filtering Forwarding Rate Full ...

Страница 198: ...segments BOOTP The BOOTP protocol allows you to automatically map an IP address to a given MAC address each time a device is started In addition the protocol can assign the subnet mask and default gateway to a device bridge A device that interconnects local or remote networks no matter what higher level protocols are involved Bridges form a single logical network centralizing network administratio...

Страница 199: ...d by the Simple Network Management Protocol SNMP to contain attributes of their managed systems The Switch contains its own internal MIB multicast Single packets copied to a specific subset of network addresses These addresses are specified in the destination address field of the packet protocol A set of rules for communication between devices on a network The rules dictate format timing sequencin...

Страница 200: ... letting a user log in to another computer system and access a host as if the user were connected directly to the host TFTP Trivial File Transfer Protocol Allows you to transfer files such as software upgrades from a remote device using your switch s local management capabilities UDP User Datagram Protocol An Internet standard protocol that allows an application program on one device to send a dat...

Страница 201: ......

Страница 202: ...Condes Santiago Chile TEL 56 2 232 3185 FAX 56 2 232 0923 URL www dlink com cl China D Link Beijing Level 5 Tower W1 The Tower Oriental Plaza No 1 East Chang An Ave Dong Cheng District Beijing 100738 China TEL 8610 85182529 30 31 32 33 FAX 8610 85182250 URL www dlink com cn E MAIL webmaster dlink com cn Denmark D Link Denmark Naverland 2 DK 2600 Glostrup Copenhagen Denmark TEL 45 43 969040 FAX 45 ...

Страница 203: ...link co jp E MAIL kida d link co jp Netherlands D Link Benelux Lichtenauerlaan 102 120 3062 ME Rotterdam Netherlands TEL 31 10 2045740 FAX 31 10 2045880 URL www d link benelux nl www dlink benelux be E MAIL info dlink benelux com Norway D Link Norway Karihaugveien 89 1086 Oslo TEL 47 22 309075 FAX 47 22 309085 SUPPORT 800 10 610 800 10 240 DI xxx URL www dlink no Russia D Link Russia 129626 Russia...

Страница 204: ...ort dlink me com U A E D Link Middle East FZCO P O Box18224 R 8 Warehouse UB 5 Jebel Ali Free Zone Dubai United Arab Emirates TEL Jebel Ali 971 4 883 4234 FAX Jebel Ali 971 4 883 4394 Dubai 971 4 335 2464 E MAIL dlinkme dlink me com support dlink me com U K D Link Europe United Kingdom Ltd 4th Floor Merit House Edgware Road Colindale London NW9 5AB United Kingdom TEL 44 020 8731 5555 SALES 44 020 ...

Страница 205: ...beschädigt b Flüssigkeit ist in das Gerät eingedrungen c Das Gerät war Feuchtigkeit ausgesetzt d Wenn das Gerät nicht der Bedienungsanleitung ensprechend funktioniert oder Sie mit Hilfe dieser Anleitung keine Verbesserung erzielen e Das Gerät ist gefallen und oder das Gehäuse ist beschädigt f Wenn das Gerät deutliche Anzeichen eines Defektes aufweist 16 Bei Reparaturen dürfen nur Orginalersatzteil...

Страница 206: ...cts may be obtained by contacting a D Link office within the applicable warranty period A list of D Link offices is provided at the back of this manual together with a copy of the Registration Card If a Registration Card for the product in question has not been returned to a D Link office then a proof of purchase such as a copy of the dated purchase invoice must be provided when requesting warrant...

Страница 207: ...trary Submitting A Claim Any claim under this limited warranty must be submitted in writing before the end of the Warranty Period to an Authorized D Link Service Office The customer must submit as part of the claim a written description of the Hardware defect or Software nonconformance in sufficient detail to allow D Link to confirm the same The original product owner must obtain a Return Material...

Страница 208: ...ND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ANY OTHER WARRANTIES OR REMEDIES EXPRESS IMPLIED OR STATUTORY Governing Law This Limited Warranty shall be governed by the laws of the state of California Some states do not allow exclusion or limitation of incidental or consequential damages or limitations on how long an implied warranty lasts so the foregoing limitations and exclusions may not apply T...

Отзывы:

Нет отзывов

Похожие инструкции для xStack DGS-3324SRi

NetDefend DFL-260E

Бренд: D-Link Страницы: 328

ShareCenter Pulse DNS-320

Бренд: D-Link Страницы: 2

DFL-210 - NetDefend - Security Appliance

Бренд: D-Link Страницы: 19

Бренд: D-Link Страницы: 22

Бренд: Dahua Страницы: 12

NetDefend DFL-1600

Бренд: D-Link Страницы: 23

Бренд: NEC Страницы: 8

Express5800/E120d-M

Бренд: NEC Страницы: 2

Бренд: TP-Link Страницы: 3

Fan Tray 8820-S2-900

Бренд: Paradyne Страницы: 6

Бренд: NKE Страницы: 15

Бренд: Gemtek Systems Страницы: 51

Бренд: RubyTech Страницы: 25

Бренд: Handicare Страницы: 60

Бренд: Zalip Страницы: 76

Бренд: Tripp Lite Страницы: 3

Бренд: Vista Страницы: 93

RuggedSwitch RS500

Бренд: RuggedCom Страницы: 16

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды