D-LINK DES-3200 series Manual
Contents
1. restarted after interval time restarted Critical Port with VID loop Port lt portNum gt VID lt vlanID gt LBD loop occurred Packet occurred discard begun Port with VID Loop Port lt portNum gt VID lt vlanID gt LBD recovered Loop detection restarted after Informational interval time ad Mae Loop VLAN number overflow Informational lt dos_ name gt is detected from IP lt ipaddr gt Port lt portNum gt detection restarted Denial of The DoS attack is blocked Service Critical MAC based A host fails to pass the MAC based Access Control unauthenticated host MAC authentication lt macaddr gt Port lt portNum gt VID lt vid gt Informational A host passes the MAC based Access Control host login successful MAC ee ee authentication lt macaddr gt port lt portNum gt VID lt vid gt MAC based Access Control host aged out MAC lt macaddr gt port lt portNum gt VID lt vid gt Informational A host is aged out Failed to assign ACL profiles rules from RADIUS RADIUS server lt ipAddr gt assigns lt username gt ACL failure Warning nee at port lt portNum gt lt string gt O AM Dying gasp event remote OAM dying gasp event received Port lt portNum gt Warning Dying gasp event local Device encountered an OAM dying gasp event Warning Critical event remote OAM critical event event received Port lt portNum gt Warning Critical event local Device e2. Remember my password Figure 1 1 Enter Network Password dialog Enter admin in both the User Name and Password fields and click OK This will open the Web based user interface The Switch management features available in the web based manager are explained below Web based User Interface The user interface provides access to various Switch configuration and management windows allows you to view performance statistics and permits you to graphically monitor the system status Areas of the User Interface The figure below shows the user interface The user interface is divided into three distinct areas as described in the table A i 4 i rrr ee es E E E gt Dt Tink FE Pontoon GE Portola sungaty 3 5 9 9 tt i i 7 19 A E Gita E xStack 53110218 6 10 26 Power Console 4 l D Li 7 1115 1 m de Li o RIGS bara ES oses y 8 12 2 2 4 AR 24 14 16 18 20 ta E E 28 gt Apply System Up Time 0 days 1 57 13 Logged in as administrator Anonymous 10 41 44 9 D Logout ball DES 3200 28F ii z e 3 Configuration 5 L2 Features Device Information 5 Qos Device Type DES 3200 28F MAC Address 00 00 01 02 03 04 H B Security System Name IP Address 10 76 97 4 Static E 5 a System Location Mask 255 0 0 0 System Contact Gateway 10 1 1 254 Boot PROM Version 1 00 8003 Management VLAN default Firmware Version 1 20 B008 Login Timeout Minutes 10 mins Hardware Version At Dual Image Supported Syst
3. Auth Mode Port Based Auth Protocal RADIUS EAP v 202 1X Port Access Control From Port of v To Fort GuietPeriod 0 655535 suppTimeout 1 65535 sec ServerTimeout 1 65535 sec MaxReg 1 10 TxPeriod 1 55535 T ReAuthentication Disabled Port Control Capability None Direction El ReAuthPeriod 1 65535 Forward EAPOL PDU On Port bled Por AdmDir Port Control Quiet Period Supp Timeout estan ReaAuth Period ReAuthentication Capability Both Disabled Both Both Ri Disabled Disabled Disabled Disabled Disabled Disabled Figure 5 19 802 1X Settings window This window allows you to set the following features Parameter Description 802 1X Use the radio buttons to enable or disable 802 1X Auth Mode Choose the 802 1X authentication mode Port Based or MAC Based Auth Protocol Choose the authentication protocol Local or RADIUS EAP From Port To Enter the port or ports to be set Port QuietPeriod This allows you to set the number of seconds that the Switch remains in the quiet state following 0 65535 a failed authentication exchange with the client The default setting is 60 seconds SuppTimeout This value determines timeout conditions in the exchanges between the Authenticator and the 1 65535 client The default setting is 30 seconds ServerTimeout This value determines timeout conditions in the exchanges between the Authenticator a
4. MACIPHY Configuration Status Link Aggregation Maximum Frame Size Disabled Enabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Enabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Enabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Figure 3 56 LLDP Dot3 TLVs Settings window The following parameters can be set Parameter Description From Port To Port Use the drop down menu to select a range of ports to be configured MAC PHY This TLV optional data type indicates that the LLDP agent should transmit MAC PHY Configuration configuration status TLV This indicates it is possible for two ends of an IEEE 802 3 link to be Status configured with different duplex and or speed settings and still establish some limited network connectivity More precisely the information includes wheth
5. i Sherpa From Port Link Event Link Monitor Threshold 0 429496 7295 Window 1000 60000 o o1 Link Monitor Error Symbol y 1000 ms Notify Disabled Ethemet OAM Event Configuration Table Port 1 OAM Disabled Mode Active j Dying Gasp Critical Event Enabled Remote Loopback OAMPDU Not Processed symbol Error Notify State Enabled Window 1000 Milliseconds Threshold 1 Errored Symbol Frame Error Notify State Enabled Window 1000 Milliseconds Threshold 1 Errored Frame Frame Period Error Notify State Enabled Window 148810 Frames Threshold 1 Errored Frame Frame Seconds Error Notify State Enabled Window 50000 Milliseconds Threshald 1 Errored Seconds Figure 3 58 Ethernet OAM Event Configuration window The following parameters can be set Parameter Description From Port To Port Specified a range of ports to be configured Link Event Choose the type of Link Event Link Monitor or Critical Link Event to configure Link Monitor The option is used to configure ports Ethernet OAM link monitoring error symbols error frames error frame period and error frame seconds Link monitoring function provides a mechanism to detect and indicate link faults under a variety of conditions OAM monitors the statistics on the number of frame errors as well as the number of coding symbol errors If the number of error symbols or error frames is equal to or greater than the specified threshol
6. Clear D Link D Link D Link Figure 7 17 RADIUS Authentication window The user may also select the desired time interval to update the statistics between 7s and 60s where s stands for seconds The default value is one second To clear the current statistics shown click the Clear button in the top left hand corner 223 The following information is displayed Parameter Description InvalidServerAddresses The number of RADIUS Access Response packets received from unknown addresses The NAS Identifier of the RADIUS authentication client This is not necessarily the same as sySName in MIB II Serverlndex The identification number assigned to each RADIUS Authentication server that the client shares a secret with AuthServerAddress The conceptual table listing the RADIUS authentication servers with which the client shares a secret ServerPortNumber The UDP port the client is using to send requests to this server RoundTripTime The time interval in hundredths of a second between the most recent Access Reply Access Challenge and the Access Request that matched it from this RADIUS authentication server AccessRequests The number of RADIUS Access Request packets sent to this server This does not include retransmissions AccessRetransmissions The number of RADIUS Access Request packets retransmitted to this RADIUS authentication server AccessAccepts The number of RADIUS Access Accept packets valid
7. Delete All IGMP Snooping Multicast VLAN Group List 0 Multicast Address List Show IGMP Snooping Multicast VLAN Entries Figure 3 31 IGMP Snooping Multicast VLAN Group List Settings window Enter a Multicast occ and click Add The new mermar will be displayed in the table at the bottom of the window Click lt oping Multicast VLAN Entries to return to the IGMP Snooping Multicast VLAN Settings nos Click Delete All to remove al the entries on this window IP Multicast Profile Settings This window allows the user to add a profile to which multicast IP address reports are to be received on specified ports on the Switch This function will therefore limit the number of reports received and the number of multicast groups configured on the Switch The user may set an IP Multicast address or range of IP Multicast addresses to accept reports Permit or deny reports Deny coming into the specified switch ports To view this window click L2 Features gt IGMP Snooping gt IP Multicast Profile Settings Profile ID Profile Mame it i Total Entries 0 Profile ID Profile Mame Figure 3 32 IP Multicast Profile Settings window The following fields can be set Parameter Description Profile ID Use the drop down menu to choose a Profile ID Profile Name Enter a name for the IP Multicast Profile To edit and entry click the corresponding Edit button and to delete an entry click the corresponding Delete button P
8. MAC Address 00 32 28 53 10 20 Firmware Version 1 10 8014 Hardware Version Al System Mame System Location System Contact Apply Figure 2 2 System Information window The fields that can be configured are described below Parameter Description System Name Enter a system name for the Switch if so desired This name will identify it in the Switch network System Location Enter the location of the Switch if so desired System Contact Enter a contact name for the Switch if so desired Click Apply to implement changes made 13 Serial Port Settings The following window allows the Baud Rate and the Auto Logout to be changed as well as containing information about the Serial Port Settings Click Configuration gt Serial Port Settings to display this window Baud Rate qROO 7 Auto Logout 10 minutes Data Bits a Parity Bits Mone Stop Bits 1 Apply Figure 2 3 Serial Port Settings window Parameter Description Baud Rate This field specifies the baud rate for the serial port on the Switch There are four possible baud rates to choose from 9600 19200 38400 and 115200 For a connection to the Switch using the CLI interface the baud rate must be set to 9600 which is the default setting Auto Logout Select the logout time used for the console interface This automatically logs the user out after an idle period of time as defined Choose from the following options 2 Minutes
9. a 2 d 4 5 E T A y _ _ ss ns si fs ss o o oo dc o Figure 5 9 Port Security Port Settings window The following parameters can be set Parameter Description From Port To Port A consecutive group of ports may be configured starting with the selected port Admin State This pull down menu allows you to enable or disable Port Security locked MAC address table for the selected ports Max Learning The number of MAC addresses that will be in the MAC address forwarding table for the Address 0 64 selected switch and group of ports Lock Address This pull down menu allows you to select how the MAC address table locking will be Mode implemented on the Switch for the selected group of ports The options are Permanent The locked addresses will not age out after the aging timer expires Delete on Timeout The locked addresses will age out after the aging timer expires Delete on Reset The locked addresses will not age out until the Switch has been reset Click Apply to implement changes made 143 Port Security FDB Entries This window is used to clear the Port Lock Entries by individual ports To clear entries enter the range of ports and click Clear To view the following window click Security gt Port Security gt Port Security FDB Entries Clear Locked Entries FromPot n w mo Total Entries 0 MAC Address Figure 5 10 Port Security FDB Entrie
10. default 53 10 20 00 32 28 53 10 20 peer 0 28 L2 Switch Figure 2 43 Topology window The Topology window holds the following information under the Data tab Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user If no Device Name is configured by the name it will be given the name default and tagged with the last six digits of the MAC Address to identify it Remote Port Displays the number of the physical port on the MS or CaS that the CS is connected to The CS will have no entry in this field Displays the connection speed between the CS and the MS or CaS Local Port Displays the number of the physical port on the CS that the MS or CaS is connected to The CS will have no entry in this field MAC Address Displays the MAC address of the corresponding Switch Model Name Displays the full model name of the corresponding Switch 49 To view the Topology Map click the View menu in the toolbar and then Topology which will produce the following window The Topology View will refresh itself periodically 20 seconds by default Topology Cluster 1 default 01 01 00 default 33 1 3 00 default 38 29 00 default 1 0 24 04 default 00 36 1 8 default 01 01 00 default B8 28 00 default 00 00 01 default 35 26 03 Java Applet Window Figure 2 44 Topology view This window will display how the devices w
11. ERPS Settings This page is used to enable the Ethernet Ring Protection Switching ERPS function on the Switch STP and LBD should be disabled on the ring ports before enabling ERPS The ERPS cannot be enabled before the R APS VLAN is created and ring ports RPL port RPL owner are configured Note that these parameters cannot be changed when ERPS is enabled To view this window click L2 Features gt ERPS Settings ERPS State Enabled Disabled ERPS Log O Enabled 6 Disabled ERPS Trap O Enabled Disabled R APS VLAN Configuration Settings RAPSVID 1 4094 West Port East Port RPL Port RPL Owner Ring MEL 0 7 Protected VLANs e g 1 fee Hold Off Time 0 10000 ms Guard Time 10 2000 ms wre Time 12 mi Total Entries 0 R APS VLAN Curent Ring State WestPort EastPort RPLPort RPL Owner Ring MEL Protected VLANs Hold Off Time Guard Time WTR Time Note B Blocking F Forwarding Signal Fail Figure 3 68 ERPS Settings window The fields that can be configured are described below Parameter Description ERPS State To enable or disable the ERPS State ERPS Log To enable or disable the ERPS Log ERPS Trap To enable or disable the ERPS Trap R APS VLAN Specify the VLAN which will be the R APS VLAN Enter the R APS VLAN ID West Port East port RPL Owner status Ring MEL Protected VLAN Hold Off Timer Guard Time and WTR Time West Port Specifies the port as the west ring port ERPS u
12. Figure 2 48 Property window This window holds the following information Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user If no Device Name is configured by the name it will be given the name default and tagged with the last six digits of the MAC Address to identify it Module Name Displays the full module name of the switch that was right clicked MAC Address Displays the MAC Address of the corresponding Switch Local Port No Displays the number of the physical port on the CS that the MS or CaS is connected to The CS will have no entry in this field Remote Port No Displays the number of the physical port on the MS or CaS that the CS is connected to The CS will have no entry in this field Port Speed Displays the connection speed between the CS and the MS or CaS 92 Click Close to close the Property window Commander Switch Icon default s5 26 alh Figure 2 49 Right Clicking a Commander Icon The following options may appear for the user to configure e Collapse To collapse the group that will be represented by a single icon Expand To expand the SIM group in detail o Property To pop up a window to display the group information Member Switch Icon 1 Collapse 1 Remove from group Remove from group Confiqure Property Configure Property Figure 2 50 Right Clicking a Member ic
13. Informational Enable Admin failed Enable Admin failed through SSH from lt userlP gt through SSH authenticated authenticated by AAA server lt serverlP gt Username by AAA server lt username gt Enable Admin failed through SSH due to AAA Enable Admin failed through SSH from lt userlP gt due to AAA server timeout or improper configuration Username lt username gt Warning server timeout or improper configuration AAA server response is AAA server lt serverlP gt Protocol lt protocolname gt Wann wrong response is wrong J A onenn SUpport iuis AAA doesn t support this functionality Informational functionality VAA serwer imedoii An i lt serverlP gt Protocol lt protocol gt connection Warning Port security has exceeded its maximum learning size Port security violation Port lt portNum gt MAC and will not learn any new lt macaddr gt addresses Port security Unauthentiucated IP Unathenticated IP MAC address and discarded by ip mac port binding IP lt ipaddr gt MAC lt macadar gt Port lt portNum gt Dynamic IMPB entry is Dynamic IMPB entry is conflicting with static ARP IP conflict with static ARP lt ipaddr gt MAC lt macaddr gt Port lt portNum gt Dynamic IMPB entry is Dynamic IMPB entry is conflicting with static FDB IP conflict with static FDB lt ipaddr gt MAC lt macaddr gt Port lt portNum gt Dynamic IMPB entry Dynamic IMPB entry is confli
14. ah O h _ eos MN Figure 2 62 PPPoE Circuit ID Insertion The following fields can be set or viewed Parameter Description Circuit ID Choose the device ID used for encoding of the circuit ID option The available options are e Switch MAC Specifies that the Switch MAC address be used to encode the circuit ID option Switch IP Specifies that the Switch IP address be used to encode the circuit ID option UDF String A user defined string to be used to encode the circuit ID option The maximum length is 32 The default encoding for the device ID option is the Switch IP address Click Apply to implement changes made 99 L2 Features Jumbo Frame 802 1Q Static VLAN Q in Q 802 1v Protocol VLAN VLAN Trunk Settings GVRP Settings Asymmetric VLAN Settings MAC based VLAN Settings PVID Auto Assign Settings Port Trunking LACP Port Settings Traffic Segmentation Layer 2 Protocol Tunneling Settings IGMP Snooping MLD Snooping Settings Port Mirror Loopback Detection Settings Spanning Tree Forwarding amp Filtering LLDP Ethernet OAM Connectivity Failure Management ERPS Settings The following section will aid the user in configuring Layer 2 functions for the Switch The Switch includes various functions all discussed in detail in the following section Jumbo Frame This window will enable or disable the Jumbo Frame function
15. successful login through Console sername Anonymous Figure 7 42 System Log window Clear Log The Switch can record event information in its own logs Click Next to go to the next page of the System Log window Clicking Clear will allow the user to clear the Switch History Log The information in the table is categorized as Parameter Description A counter incremented whenever an entry to the Switch s history log is made The table displays the last entry highest sequence number first Displays the time in days hours minutes and seconds since the Switch was last restarted Log Text Displays text describing the event that triggered the history log entry 244 Save and Tools Save Configuration Save Log Save All Configuration File Upload amp Download Upload Log File Reset Ping Test Download Firmware Reboot System The three Save windows include Save Configuration Save Log and Save All Each version of the window will aid the user in saving configurations to the Switch s memory The options include e Save Configuration to save the current configuration file e Save Log to save only the current log e Save All to save the current configuration file and log Save Configuration Open the Save drop down menu at the top of the Web manager and click Save Configuration to open the following window Current Status Completed Program Firmware Write Flash Status Saved Figure 8
16. Community restricted Community Community Community Community Community Community Community Community Community Community Communit Community restricted Community Communit Community Community Community Community oM hl Py SMMPy3 SoM hl Py oM fl Py SMM Py SMMPy2 ohh Py oN MPy2 MoAuthhoPriv NoAuthboPriv MoAuthihoPriy MoAuthhoPriv MNosuthMNoP rv MoAuthboPriw MoAuthhoPriy MoAuthhoPriv Delete Delete Delete Delete Delete Delete Delete Figure 2 33 SNMP Group Table window To delete an existing SNMP Group Table entry click the corresponding Delete button The following parameters can be set Parameter Group Name Read View Name Write View Name Notify View Name User based Security Model Description Type an alphanumeric string of up to 32 characters This is used to identify the new SNMP group of SNMP users Specify an SNMP group name for users that are allowed SNMP read privileges to the Switch s SNMP agent Specify an SNMP group name for users that are allowed SNMP write privileges to the Switch s SNMP agent Specify an SNMP group name for users that can receive SNMP trap messages generated by the Switch s SNMP agent SNMPv1 Specifies that SNMP version 1 will be used SNMPv2 Specifies that SNMP version 2c will be used The SNMPv2 supports both 41 centralized and distributed network manageme
17. D Link Building Networks for People 7 j e aja J nn i Ear ELY z ooa E SEP RELEASE 1 21 CARRIER ETHERNET MEF Certified Compliant Information in this document is subject to change without notice 2010 D Link Corporation All rights reserved Reproduction in any manner whatsoever without the written permission of D Link Corporation is strictly forbidden Trademarks used in this text D Link and the D LINK logo are trademarks of D Link Corporation Microsoft and Windows are registered trademarks of Microsoft Corporation Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products D Link Corporation disclaims any proprietary interest in trademarks and trade names other than its own April 2010 P N 651ES3200025G Table of Contents SS A oe gale et aN hte PIN E E O SAR tO OE Vill Typographical Conventions iria o dd dd a viii Notes Notices and GAUL OS neen n A mas eee A Vill Web based Switch Configuration siiseciss ccsscisesevecessdceavevsdesaveessaveususdtsevevedsasveusdisewsssdcassieudcavccesdseesess 9 INTOdUciON sit 9 Login to Web Wanadoo es 9 Web based User Inter aCE serseri a a EE E E E AE A OEE 10 MTD eS ena da a desea tectonic le 11 A e na Ron sens aeaesseicanssamecaeuconssecesapiveceenecanavenoeas 12 Device MOMO a ii e E O DS 13 System IO Ma adn ao 13 senal POM Sing SiN Noia TA 14 IP
18. Disabled Disabled NODO Misahlard Niesahiad Figure 3 11 Q in Q Settings window The following fields can be set Parameter Description Q in Q Global Click the radio button to enable or disable the Q in Q Global Settings Settings From Port To Port A consecutive group of ports that are part of the VLAN configuration starting with the selected port The user can choose between UNI or NNI role UNI To select a user network interface which specifies that communication between the specified user and a specified network will occur NNI To select a network to network interface specifies that communication between two specified networks will occur Outer TPID hex The Outer TPID is used for learning and switching packets The Outer TPID constructs and 0x1 Oxffff inserts the outer tag into the packet based on the VLAN ID and Inner Priority Trust CVID Enable or disable the Trust Customer VLAN ID CVID If the state is Enabled use the CVID from the customer s packet as the VLAN ID of the SPVLAN tag The default is Disabled VLAN Translation Enable or disable VLAN Translation This translates the VLAN IDs carried in the data packets received from private networks into those used in the Service Provider s network The default is Disabled Note To use this function Trust CVID must also be enabled Clic
19. From Port To Fort State speed Duplex Flow Control Address Learning Medium Type Pot or enano Baco Disabled ggg Enabled fl copper gj a Speed Duplex Flow Control Connection Address Learning Auto Disabled TOOMHaltione Enabled Auto O O Disabled Link Down Auto Disabled Link Down Auto Enabled Disabled Link Down Enabled oo Disabled Link Down Enabled co Disabled Link Down Enabled Disabled Link Down Enabled Disabled Link Down Enabled Enabled Disabled Link Down Disabled Link Down Disabled Link Down Disabled Link Down Disabled Link Down Disabled Link Down Disabled els Down Enabled Disabled Enabled Enabled Disabled Link Down Enabled Auto Enabled Disabled Link Down Enabled Auto Enabled Disabled Link Down Enabled Auto Enabled Disabled Link Down Enabled Auto Enabled Disabled CHE Down Enabled Enabled Enabled Auto z Parker 1 i i r ton Tone ks Le rl Figure 2 8 Port Settings window To configure switch ports choose the port or sequential range of ports using the From Port and To Port pull down menus Use the remaining pull down menus to configure the parameters described below 19 Parameter From Port To Port Speed Duplex Flow Control Address Learning Medium Type MDIX Description Use the pull down menus to select the port or range of ports to be configured Toggle this field to either enable or disable a given port or group of
20. Length The The payload length of LBM to be sent The defaultis length The payload length of LBM to be sent The defaultis LBM to be sent The default is O LBM Payload Pattern An arbitrary amount of data to be included in a Data TLV along with an indication whether the Data TLV is to be included LBMs Priority The 802 1p priority to be set in the transmitted LBMs If not specified it uses the same priority as CCMs and LTMs sent by the MA Click Apply to implement changes made 121 CFM Linktrace Settings On this page the user can configure the CFM link track message To view this window click L2 Features gt CFM gt CFM Linktrace Settings HAC Address pene TL 2255 pouPrionty None E Transaction ID Source MEP Destination Figure 3 67 CFM Linktrace Settings window The fields that can be configured are described below Parameter Description e e AAA AAA Mi Aa 2 dl oe TA MAC Address To enter the destination MAC address Link trace message TTL value The default value is 64 The range is 2 255 PDU Priority The 802 1p priority to be set in the transmitted LTM If not specified it uses the same priority as CCMs sent by the MEP Click Apply to implement changes made Type the MEP Name or MA Name and MEP ID in the spaces provided and click on Find to view details for the linktrace in the table below Click on the View Detail link to display the details of any listed CFM Linktrace set 122
21. Mode Single rate Two Calor Figure 6 100 ACL Flow Meter Configuration window The following fields may be configured Parameter Description Profile ID Use the drop down menu to select the pre configured Profile ID that will be used to configure the Flow Metering parameters Access ID Enter the Access ID that will be used to configure the Flow Metering parameters enter a value 1 65535 between 7 and 65535 Violate Specifies the action when the packet is in red color mode e Permit Permits the packet e Replace DSCP Change the DSCP of the packet Single rate Two Color Marker marks packets green or red based on a rate and burst size This is useful when only burst size matters e Rate 64 1024000 Kbps Specifies the committed bandwidth in Kbps for the flow The range is from 64 to 1024000 The unit is Kbps e Burst Size 0 1016 Kbyte Specifies the burst size for this flow The range is from O to 1016 The unit is Kbyte e Drop Drops the packet Click Apply to implement changes made click lt lt Back to return to the ACL Flow Meter window 208 Monitoring Cable Diagnostics CPU Utilization Port Utilization Packet Size Memory Utilization Packets Errors Port Access Control Browse ARP Table Browse VLAN IGMP Snooping LLDP Ethernet OAM Connectivity Fault Management MAC based Access Authentication State Browse Session Table MAC Address Table System Log Cable
22. server IF Address Path Filename Upload Total Entries 0 MAC Address Model Name Firmware Version Figure 2 58 Upload Log File window Gratuitous ARP An ARP announcement also known as Gratuitous ARP is a packet usually an ARP Request containing a valid SHA and SPA for the host which sent it with TPA equal to SPA Such a request is not intended to solicit a reply but merely updates the ARP caches of other hosts which receive the packet This is commonly done by many operating systems on startup and helps to resolve problems which would otherwise occur if for example a network card had recently been changed changing the IP address to MAC address mapping and other hosts still had the old mapping in their ARP cache Gratuitous ARP Global Settings To view this window click Configuration gt Gratuitous ARP gt Gratuitous ARP Global Settings send On IF Interface status Up Enabled w Send On Duplicate IP Detected Enabled Gratuitous ARP Learning Enabled e Figure 2 59 Gratuitous ARP Global Settings window The following fields can be configured Parameter Description Send On IP This is used to enable or disable the sending of gratuitous ARP request packets while an IP Interface Status Up interface comes up This is used to automatically announce the interface s IP address to other nodes By default the state is Enabled Send On Duplicate This is used to enable or disable the sending of grat
23. 1 Save Configuration window 245 Save Log Open the Save drop down menu at the top of the Web manager and click Save Log to open the following window Current Status Completed Program Firmware Write Flash Status saver Figure 8 2 Save Log window Save All Open the Save drop down menu at the top of the Web manager and click Save All to open the following window Current Status Completed Program Firmware Write Flash Status saved Figure 8 3 Save All window Configuration File Upload amp Download The Switch can upload and download configuration files Open the Tools drop down menu on the left hand side of the menu bar at the top of the Web manager and click Configuration File Upload amp Download to open the following window Interface Mame File Increment Upload Note The Increment option use only for Download Configuration Figure 8 4 Configuration File Upload amp Download window Use the radio button to select IPv4 and specify File name or use the radio button to select IPv6 enter a Server IP Interface Name and File name Click either Download or Upload to initiate the file transfer 246 Upload Log File To upload a log file enter a Server IP address use the radio button to select IPv4 and then enter a File name or use the radio button to select IPv6 enter a Server IP Interface Name and File name Click Upload Open the Tools drop down menu on the left h
24. 1 U LOZO ZO AVE MLD Snooping Group The following window allows the user to view MLD Snooping Groups present on the Switch MLD Snooping is an IPv6 function comparable to IGMP Snooping for IPv4 The user may browse this table by VLAN present in the Switch by entering that VLAN Name in the empty field shown below and clicking the Find button To view this window click Monitoring gt MLD Snooping gt MLD Snooping Group VLAN Name VLAN List c g 1 4 6 Group IF Address View All MLO Snooping Group Table Total Entries 0 VLAN Name Source Group Member Port Filter Mode Figure 7 29 MLD Snooping Group window Enter a VLAN Name or VLAN List and Group IP Address in the appropriate field and click the Find button The searched entries will be shown in the MLD Snooping Group Table Click View All to see all the entries LLDP The Switch offers three LLDP statistic windows LLDP Statistics System To view this window click Monitoring gt LLDP gt LLDP Statistics System Last Change Time 1363 Number of Table Insert Mumber of Table Delete Murnber of Table Drop Mumber of Table Aqeout pot or 9 LLDP Statistics Ports Total TxFrames Total Discarded Ry Frames Rx Errors Frames Total Rx Frames Total Discarded Rx TLWS Total Unrecognized Rx TLWS Total Aged out Neighbor Information Figure 7 30 LLDP Statistics System window 237 LLDP Local Port Information To view this window click Monitor
25. 6 T E g Figure 5 44 DHCP Screening Port Settings Use the radio buttons at the top of the menu to enable or disable the DHCP Server Screening trap and log state Set the Illegal Server Log Suppression Duration time to 1 minute 5 minutes default or 30 minutes Click the Apply button to apply the settings To configure per port screening settings use the pull down menus to configure the following parameters Parameter Description From Port To Port A consecutive group of ports may be configured starting with the selected port Choose Enabled to enable the DHCP Server Screening function or Disabled to disable it The default is Disabled After setting the previous parameters click Apply to allow your changes to be implemented The DHCP Port Information Table shows which ports are enabled or disabled for DHCP Sever Screening 173 DHCP Offer Permit Entry Setting This function allows the user not only to restrict all DHCP Server packets but also to receive any specified DHCP server packet by any specified DHCP client it is useful when one or more DHCP servers are present on the network and both provide DHCP services to different distinct groups of clients To view this window click Security gt DHCP Server Screening gt DHCP Offer Permit Entry Setting as shown below server IF Address Clients MAC Address Ports a NOAA DAI Ports Total Entries 0 Server IF Address Clients MAC Address Figure 5 4
26. 802 1v Protocol VLAN Settings window The following fields can be set Parameter Description Click the corresponding radio button to select a previously configured Group ID from the drop down menu Click the corresponding radio button to select a previously configured Group Name from the drop down menu Click the radio button to enter the VID This is the VLAN ID that along with the VLAN Name identifies the VLAN the user wishes to create Click the radio button to enter a VLAN Name This is the VLAN Name that along with the VLAN ID identifies the VLAN the user wishes to create 802 1p Priority This parameter is specified to re write the 802 1p default priority previously set in the Switch which is used to determine the CoS queue to which packets are forwarded to Once this field is specified packets accepted by the Switch that match this priority are forwarded to the CoS queue specified previously by the user For more information on priority queues CoS queues and mapping for 802 1p see the QoS section of this manual Port List e g 1 6 Select the specified ports you wish to configure by entering the port number in this field or tick the Select All Ports box Search Port List This function allows the user to search all previously configured port list settings and display them on the lower half of the table To search for a port list enter the port number you wish to view and click Find To display all previously co
27. ACL rule config access_profile profile_id 100 add access _id auto_assign ethernet vian_id default port all deny If the user has configured the ACL attribute of the RADIUS server for example ACL profile create access profile ethernet vlan OxFFF profile id 100 ACL rule config access profile profile _id 100 add access _id auto_assign ethernet and the MAC based Access Cotntrol authentication is successful the device will assign the ACL profiles and rules according to the RADIUS server For more information about the ACL module please refer to Chapter 22 Access Control List ACL Commands 270 Appendix D Glossary 1000BASE SX A short laser wavelength on multimode fiber optic cable for a maximum length of 2000 meters 1000BASE LX A long wavelength for a long haul fiber optic cable for a maximum length of 10 kilometers 1000BASE T 1000Mbps Ethernet implementation over Category 5E cable 100BASE FX 100Mbps Ethernet implementation over fiber 100BASE TX 100Mbps Ethernet implementation over Category 5 and Type 1 Twisted Pair cabling 10BASE T The IEEE 802 3 specification for Ethernet over Unshielded Twisted Pair UTP cabling aging The automatic removal of dynamic entries from the Switch Database which have timed out and are no longer valid ATM Asynchronous Transfer Mode A connection oriented transmission protocol based on fixed length cells packets ATM is designed to carry a complete range of user traffic including vo
28. D Link DES 3200 28F R1 20 Port 26 D Link DES 3200 28F R120 Port 27 D Link DES 3200 28F R1 20 Port 28 Figure 7 31 LLDP Local Port Information window Port Description Figure 7 32 LLDP Remote Port Information window xStack DES 3200 10 18 28 28F Layer 2 Ethernet Managed Switch User Manual Ethernet OAM This folder contains two windows to view Ethernet OAM Event Log information and Ethernet OAM Statistics Browse Ethernet OAM Event Log This window allows the user to view the Ethernet OAM event log information The Switch can buffer up to 1000 event logs The event log will provide and record detailed information about each OAM event Specify the port number and port list you wish to view and click Find To remove an entry enter the appropriate information and click Clear To view this window click Monitoring gt Ethernet OAM gt Browse Ethernet OAM Event Log as shown below Port List e g 1 4 8 E EMi Pons Local Event Statistics Error Symbol Event Error Frame Event Error Frame Period Event Errored Frame Seconds Event Crying Gasp Critical Event Error Symbol Event Error Frame Event Error Frame Pernod Event Errored Frame Seconds Event Dying Gasp Critical Event Ethernet OAM Event Log Table inde Location Time Stamp Value Abra cay Threshold Accumulated errors Figure 7 33 Browse Ethernet OAM Event Log window Browse Ethernet OAM Statistics This window displays the Ethernet OAM Statisti
29. L2mgmt mib des3200 28 L2mgmt mib des3200 28f L2mgmt mib des3200 10 L2mgmt mib des3200 18 L2mgmt mib des3200 26 L2mgmt mib des3200 28 L2mgmt mib des3200 28f L2mgmt mib des3200 10 L2mgmt mib des3200 18 L2mgmt mib des3200 26 L2mgmt mib des3200 28 L2mgmt mib des3200 28f L2mgmt mib Appendix C RADIUS Attributes Assignment The RADIUS Attributes Assignment on the DES 3200 is used in the following modules 802 1X Port based and Host based and MAC based Access Control The description that follows explains the following RADIUS Attributes Assignment types Ingress Egress Bandwidth 802 1p Default Priority VLAN ACL To assign Ingress Egress bandwidth by RADIUS Server the proper parameters should be configured on the RADIUS Server The tables below show the parameters for bandwidth The parameters of the Vendor Specific attributes are Vendor ID Defines the vendor 171 DLINK Vendor Type Defines the attribute for ingress Required ee 3 for egress bandwidth Attribute Specific Field Used to assign the bandwidth Unit Kbits of a port If the user has configured the bandwidth attribute of the RADIUS server for example ingress bandwidth 1000Kbps and the 802 1X authentication is successful the device will assign the bandwidth according to the RADIUS server to the port However if the user does not configure the bandwidth attribute and authenticates successfu
30. Priority o a Settings Effective Priority 1 ola m S G m a G m G G a 0 A EE TA a A AA Olla mm A A m B G m A a 3 ooo wa G GA an G EE m B G m a ajo D O Figure 4 5 802 1p Default Priority window This window allows assignment of a default 802 1p priority to any given port on the Switch The priority values are numbered from 0 the lowest priority to 7 the highest priority Click Apply to implement the settings 802 1p User Priority The Switch allows the assignment of a user priority to each of the 802 1p priorities 131 To view this window click QoS gt 802 1p User Priority Priority d Class 1 w class 0 w class 0 w Class 2 Y Class v Class 3 El Class 3 y Apply Figure 4 6 802 1p User Priority window Once a priority has been assigned to the port groups on the Switch assign this Class to each of the eight levels of 802 1p priorities The following parameter may be set Parameter Description Class ID This field is used to enter a Class ID between Class 0 and Class 3 Click Apply to set the changes QoS Scheduling Settings Changing the output scheduling used for the hardware queues in the Switch can customize QoS As with any changes to QoS implementation careful consideration should be given to how network traffic in lower priority queues are affected Changes in scheduling may result in unacceptable levels of packet loss or signifi
31. So assigning a unique range of VLAN IDs to each customer might cause restrictions on some of their configurations requiring intense processing of VLAN mapping tables which may exceed the VLAN mapping limit Q in Q uses a single service provider VLAN SPVLAN for customers who have multiple VLANs Customer s VLAN IDs are segregated within the service provider s network even when they use the same customer specific VLAN ID Q in Q expands the VLAN space available while preserving the customer s original tagged packets and adding SPVLAN tags to each new frame 70 Q in Q Settings To view this window click L2 Features gt Q in Q gt Q in Q Settings QinQ Global Settings Enabled Disabled From Pot ToPort Role Outer TPID hex 0x1 Oxfffh Trust CVID f VLAN Translation 01 Y 01 Y NNi oxiseas Disabled Disabled vw C e AE AL e Outer TPID Trust CYID VLAN Translation Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled 0x588 Disabled Disabled 0x88a8 Disabled Disabled 0x88a8
32. When a user configures a port to VLAN X s untagged membership this ports PVID will be updated with VLAN X In the form of a VLAN list command PVID is updated with the last item on the VLAN list When a u