Вы находитесь на странице: 1из 162

:

D-Link


, 2006

D-Link

.
.......................................................................................................................5
: ....5
. ...............................................6
.....................................................................................................7
..................................................7
..............................8
IEEE 802.3x ...................................9
.................................................................................................................9
OSI .........................................................................10
.............................................................12
...........................................12
......................................................................13
........................................................................................14
...............................................................15
xStack..............................................................................................................19
. Single IP Management .....................................23
, ............................25
......................................................25
..................................................................................................26
..........................................................................................................27
..............................................................................28
............................29
........................................................................................30
..............................................................31
........................................................................................................................31
...................................................................................................32
..................................................................................................................32
D-LINK ............................................................................................................................33
...........................................................................................34
............................................................................35
..................................................................................................37
................................................................................................39
, ....................39
.....................................................................................................39
.............................................................41
..................................................................................43
..............................................................................................43
.............................................................................45
Web- ..............................49
..................................................50
VLAN ........................................................................................51
VLAN..................................................................................................................................51
VLAN .........................................................................................................52
2

D-Link
VLAN MAC- ............................................................................................53
VLAN IEEE 802.1Q.........................................................54
IEEE 802.1Q ..............................................................................................55
VLAN 802.1Q ..........................................................................55
IEEE 802.1Q VLAN ....................................................................................................56
Port VLAN ID ..........................................................................................................................57
Tagged Untagged .............................................................................................................59
.................................................................................61
VLAN CLI.......................................................................62
VLAN............................................................................................................64
1. VLAN
..........................................................................................................................66
2. VLAN
........................................................................................................................69
..............72
CLI ...........................76
1. .....................................................................77
2.
IEEE 802.3ad ................................................................................................79
SPANNING TREE PROTOCOL (IEEE 802.1D).................................................................................82
........................................................................................................................82
.........................................................................................82
.....................................................................................82
......................................................................................................83
STP................................................................................................................87
Rapid Spanning Tree Protocol (IEEE 802.1w)...............................................................92
IEEE 802.1w .................................................................................................95
/..................................................98
..................................................................................99
IEEE 802.1d/IEEE 802.1w ..............................................................100
.......................................................................................101
STP 802.1d RSTP 802.1w ..........................................101
STP CLI.................................................102
(QOS) ...........................................................................................................104
(IEEE 802.1).....................................................104
CLI.....107
......................................................................................109
CLI.............109
....................................................................................................111
Port Security ................................................111
Port Security CLI .................................................................112
.................................................................................................................114
Traffic Segmentation CLI...............................115
IEEE 802.1 ..............................................................................................................116
.......................................................................................................................116
.....................................................................................118
IEEE 802.1 .........................................................119
IEEE 802.1 CLI................................................120
ACCESS CONTROL LISTS (ACL).....................................................................................................123
.........................................................................123
3

D-Link
( Web-) ...........123
Access Control Lists (ACL) CLI....................128
........................................................................................131
.........................................................................................................139
..........................................................................139
- .................................................................................139
..................................................................................140
IGMP v1.............................................................................................................140
IGMP v2.............................................................................................................141
2 ...........................................142
IGMP- snooping CLI.........................................144
: ...............................................................................................................................148
. .....................................................................149
. ..........................................................................................150

D-Link


.
,
.
,
-
,
.
, .

,
,
.
, 3- ,
VLAN .
, .


:

,
.
VLAN (Virtual Local Area
Network) ,
5

D-Link

, .

,
.

, Fast Ethernet, Gigabit Ethernet.


1990-
,

.

() ,

.
,
.

. ,

( ,
).
,
.

,

.


:
,
.


, .

.
.
:
;
;
.
D-Link
,
.
6

D-Link


.

,

.
,
.

(transparent bridge) IEEE 802.1,
Ethernet.

-
. , 1
1, ,
(forwarding database).
. , ,
, -
(content-addressable memory, CAM). ,
, .
.
, ,
. , ,
.

D-Link
.
,
- -
. , -
, ,
, .
, , ,
.

(flooding).

,
.
(broadcast)
, .
-
,
,
, .
(broadcast storm).
,
.
(filtering) , -
.
, .

:
.
- , ,

1.
,

- - .
,
. ,
,

. ,
, ,

2.

(collision domain) Ethernet,


, .
2
.
.

D-Link
IEEE 802.3x

, .
(, ) (, )
.
- -,
.
, ,
, -
(. 3).

3 IEEE 802.3x


- Ethernet
. -

()
/.
,
-
.



.
(store-and-forward)

. (
, 64 1518 ),
. ,
.
, ,
.
- ,
.
9

D-Link
(cut-through)
( 6
) ,
. ,
. :
(fast-forward switching)
,
, .
.
, , ,
.
(fragment-free switching)
, .
,
64 . , , 64
. ,
, , .

.
OSI

OSI, ,
. 2 (Layer 2 Switch),
2 3 (Layer 3 Switch)
.
2 ,

OSI.
2
. 2- ,
OSI.
2- .
, .

, Application-Specific Integrated Circuits (ASIC).
, ,
.
2 2-
.

.
(
),
, ,
.
2- ,
.
10

D-Link
(broadcast)
, .
, ,
3- OSI .
2 3 (
3- )
, -. 3-

( 2) ( 3) OSI .
, ( 2)
( 3) . 3

.
3-
:

( , IP)

3-
IP- .
3-

,

,

ASIC.
.
D-Link
3- Fast Ethernet Gigabit
Ethernet. xStack DGS-3324SR, DGS3324SRi, DXS-3326GSR, DXS-3350SR DES-3352SR,
DGS-3312SR, DES-6500 .
4-
3, (,
Telnet FTP). D-Link 4-
( , )

, .

2, 3 4.
:
- /
IP- / (3-)


/
.

11

D-Link

,
, . ,
, .

,
.
MAC- .

.

.
ASIC,
( ) . ,
(), , , RISC .
ASIC 2 ASIC,
( ) ASIC,
.

/
ASIC , , - .
3 :
(cross-bar);
(shared memory);
.

.


(cross-bar) -
,
. ,
,

.
- ,
.

( ).
. ,
cross-bar ,

12

D-Link
.
, cross-bar

.


(shared memory switch)
.
. ,
, 5
,

.

13

D-Link

(backplane)
,
. 6 -
, ASIC. ,
,
.


, ,
N

* 2 /

( N , Cpi -
, i- )

. ,
, ,
,
.
.

,
(non-blocking) -
.

14

D-Link

:

;
;

,
.


. 8 50
10,100,1000/,
.
Fast Ethernet D-Link DES-1005D, DES1008D, DES-1018DG, DES-1024DG, DES-1010G, DES-1016D, DES-1024D .

7 DES-1018DG

8 DES-1226G


.
- ,

.
hot swap,
, ,
.

.
2 3 D-Link
:
2 DES-1200M, DES-6000, DES-7000
3 DES-6300, DES-6500.

15

D-Link

9 3- DES-6500


. ,
, ,
,
, . ,
.

D-Link

:
Fast Ethernet 2/3-
DES-3x26S;
Fast Ethernet 2/3-
DES-35xx 38
Single IP Management (SIM);

Fast/Gigabit Ethernet 3-
SIM xStack DES-3352SR, DGS-3324SR, DGS3324SRi, DXS-3326GSR, DXS-3350SR, DGS-34xx DGS-36xx.


.

,
- ,
.
,
DGS-3324SR DES-3226S.

16

D-Link

10 DGS-3324SR

11 DES-3226S


(
), 10.

12 8 4

17

D-Link
,
.
13
DES-3226S DES-3326S 12 xStack
DGS-3324SR.
:
, ,

.
-.
,
:
, ..
-
. (
DES-3326S/3226S,
2- ,
);
,
- .
D-Link
Gigabit Ethernet 3- D-Link DGS-3312SR DGS-3324SRi,
- .
DEM-540, DGS-3312SR
12 2- DES3226S, 288 10/100 / Fast Ethernet 12
Gigabit Ethernet, .
, , DGS-3312SR
,
, 2-
,
3- .

13 DGS-3312SR ( ) DES-3226S

18

D-Link
xStack

3 DGS-3324SR/DGS-3324SRi
DXS-3326GSR/DXS-3350SR

10-Gigabit Ethernet

xStack.
xStack
, ,
.

xStack.
8 4
(. 14). ,

. ,
(8->9->10->11->12->1->2->3->4).

14

xStack ,
(8->7>6->5->4).

19

D-Link

15 xStack

(. 15) , 8
, ,
4. ,

, .
, xStack
.
(Full
Redundancy Mechanism),
,
8->9->10->11->12->1->2->3->4 (. 16)

20

D-Link

16 StackTM
( 6)

StackTM DGS-3324SR, DGS-3324SRi, DXS3326GSR DXS-3350SR


10 / .
,
20 /.

17

21


40 /.

D-Link

18 StackTM

12 DGS3324SR, DXS-3326GSR DXS-3350SR 336 Gigabit


Ethernet.
StackTM
- DGS-3324SRi.
6 DGS-3324SR, DXS-3326GSR
DXS-3350SR
120 /.
, -, 312 Gigabit
Ethernet 12 10 Gigabit Ethernet.

19 - DGS-3324Sri ( )

22

. Single IP Management

,
,
.
D-Link Single IP Management (SIM).
DES-3526, DES-3550, DGS3312SR xStack.
Single IP Management (SIM) -
IP .
32- ,
Ethernet.

20 Single IP Management

SIM :
,
;
IP- ;

, ;
, .
,
, SIM
7- 12- . SIM-
32 , Single IP
ManagementTM3. ,
, 2-
( ).
SIM-
. ,
, Fast
3

Single IP ManagementTM (SIM) SIM-.


SIM- ,

D-Link
Ethernet, Gigabit Ethernet 10 Gigabit Ethernet (10GBE)

, .
, .

Ethernet .

24

D-Link

,

.

, :
;
;
;
.
, ,

. :
;
() ;
;
;
.

-
.
,
.
(filtering) ,
:
;

;
,
;

-
.
(forwarding) ,
:
;

;

.
,
.
,

25

D-Link
, ,
Ethernet
, 64 ( )
46 .
,


,

.

( ),
.
,
,
Ethernet, Fast Ethernet ..

,
,
, ,
,
.
,
.
,

.
, , ,
, -
,
.

. ,
5 40 ,
- 50 200 ( ).


MAC-,
.
, .
- ,
,
, , 4 4
. D-Link

26

D-Link
4 8.
8
16, , 16 32
.

.
,
,
- .
,

, .
,
.
, ,
, .


,
.
.
,

, ,
. ,

,
.

(
50-100)
. .
,
,
.
(Flow control).
,
,
.
.
.

27

D-Link


.
D-Link
,
, ,
QoS
,


SNMP, D-Link D-View.

D-Link.
Flash-
, ,
8-16 .
,
.
Flash- ,

, .

NV-RAM, .

28

D-Link


.
,
, .

.
,
,
, ,
. D-Link
D-View.

21 RMON

22

29

D-Link

,
:
,
-
,
.

.
,
.
,
,

.
;
,

-
,



,
,
;
,

(

). ,

.

;


,
.

30

D-Link

23


:
;
;
.
.
.
OSI,
.
OSI ,
.
, ,
, ,
.


. ,
, .
,
, , .
,

.

31

D-Link

,
, .
,

:

,

;
;
(, 100Base-TX
1000Base-T);

.


.
/ .
:
( )
;
();
;

32

D-Link
D-Link

D-Link. D-Link
.
,
.
, .
.
:
DES (D-Link Ethernet Switch) - D-Link 10/100
;
DGS (D-Link Gigabit Switch) - D-Link 1000
,
X-Stack;
DXS (D-Link X-Stack Switch) - D-Link 1000
X-Stack 10;
DEM (D-Link Ethernet Module) - GBIC SFP
DXS;
DPS (D-Link Power Switch) -
.
- , :
10 ;
12 ;
13 -
;
15 -
;
21 2-
;
32 2- ;
33 3- ;
35 2-
Single IP Management;
38 - 3-
Single IP Management;
65 3-
Single IP Management.
.
:
D (Desktop) - ;
F FX FL (Fiber) - 100Base-FX ;
G or SX (Gigabit) - 1000Base-T
1000Base-SX;
R (RackMount) - 19" (
),
( );

33

D-Link
M (Module) - ;
S (Stack) - ;
TG (Twisted Pair and GBIC) - UTP/STP GBIC ;
T or TX or TP- Twisted Pair - UTP/STP 10
10/100 1000 .

, DGS-3324SR :
DGS -
33 -
24 - 24
SR - ,
.


.

.
D-Link
:
DES-1005D/1008D/1016D/1024D
5/8/16/24- 10/100BASE-TX,
, .

24 DES-1008D

DES-1018DG/1024DG
, 16 22
10/100BASE-TX 2 1000BASE-T.
Gigabit Ethernet

5.

25 DES-1024DG

DGS-1005D/08D/16D/24D Gigabit
Ethernet , 5/8/16/24 1000BASE-T
.

34

D-Link

26 DGS-1016D

DES-1226G DGS-12xxT Fast Gigabit


Ethernet, 10/100 /
10/100/1000 /
.
DES-3226S/3326S/3326SR 2- 3-
24 10/100BASE-TX 1
Fast Gigabit Ethernet.
,
.
DES-3526 DES-3550 Fast Ethernet 2-
Single IP Management (SIM).
24 48 10/100BASE-TX 2
1000BASE-T/SFP Gigabit Ethernet
. DES-3500
SIM,
3- ,

27 DES-3526 DES-3550




.
D-Link:
DES-3226S/3326S/3326SR,
DES-3250TG,
DES-3350SR
, ,
24 48 10/100BASE-TX 2 10/100/1000/.

DES-3226S/3326S

312
10/100BASE-TX 13 Gigabit
Ethernet.
DGS-3312SR Gigabit Ethernet 3 ,

35

D-Link
. 4 1000BASE-T/Mini GBIC (SFP) 2 .
DGS-3312SR 12 DES-3226S
, 288 10/100BASE-TX 12
Gigabit Ethernet, .

28 DGS-3312SR

DGS-3224TGR Gigabit Ethernet 2- ,



. 20 10/100/1000BASE-T 4
10/100/1000BASE-T /Mini GBIC (SFP)
. ,
, VLAN
,

.
48/
DGS-3324SR Gigabit Ethernet 3-
xStack,

. 20
1000BASE-T, 4 - 1000BASE-T/Mini GBIC (SFP)
, 2 10
/ .
88/.
DGS-3324SRi Gigabit Ethernet 3-
xStack 168
/. - ,
. DGS-3324SRi
16 1000BASE-T, 8
- 1000BASE-T/Mini GBIC (SFP) 6
10 / .
DXS-3326GSR Gigabit Ethernet 3-
20 Mini GBIC (SFP), 4 - 1000BASE-T/ Mini GBIC (SFP)
2 10 / ,
1
DEM-420X 2- 10GE XFP. Mini GBIC

.
(128/), 10 /
DXS-

36

D-Link
3326GSR ,
.
DXS-3350SR Gigabit Ethernet 3-
176 /.
44 SFP, 4 - 1000BASE-T/SFP, 2
10 / 1
DEM-420X 2- 10GE XFP.
,
( mini-GBIC)
DXS-3350SR
.

Metro Ethernet

29 DXS-3350SR


.
:
DGS-3324SR,
DGS-3324SRi,
DXS-3326GSR,
DXS-3350SR

Gigabit Ethernet 3-
.
DES-6000/6300
() 2- 3- ,
,
.
10/100/1000/,

.
16 , 128
10/100BaseTX.
DES-6500 ()
,
c
. DES-6500 9
,

, .

,
. DES-6500
2- 3- ,

37

D-Link
,
. DES-6500
160 /.

30 D-Link

38

D-Link

.

, Web- ,
(CLI), Telnet, SNMP, TFTP .
D-Link DES-3226S, DES-3326SR, DES3526, DES-3324SR, .

. D-Link DxS-10xx.

,
SNMP Telnet. DES-1226G DGS1216T/1224T.

Web,
, Web, .

).

,

,
, D-Link
.

,
.

, ,
.
,
. (
), Ethernet ( Telnet
Web-).
.
Ethernet,
IP-.
Ethernet Ethernet
,

UTP 5, 5 6 Gigabit Ethernet.


D-Link

39

D-Link
(MDI/MDI-X),
( ).

31


UTP 5, 5, 6 ,
.
.

32 ( -Uplink)

. ,
.
, ,
,
. , ,

( / ). (

).

40

D-Link

D-Link ,

RS-232, ,
.
Out-of-Band . ,
(
Ethernet).
,
.

(, HyperTerminal Windows).
,
, :

Baud rate:
Data width:
Parity:
Stop bits:
Flow Control:

9,600
8 bits
none
1
none


( ,

CLI):

33

, , DHS-3226
(. 34).
,

.

34

41

D-Link
, Ctrl+R , .

,
.
D-Link ,
Enter.
, DES-3800:admin#.
.

35 CLI

42

D-Link


CLI. ,
, ,
, . ?
Enter ,
.

36 ?

? ,
. ,
config, :
DES-3800:admin#config
? ( + ?) Enter.
.
TAB,
.

43

D-Link

37 config

44

D-Link

1.
.

.
.
, :
Admin User. Admin
.

create account admin/user <username>
( / , )
:
Enter a case-sensitive new password:
Enter the new password again for confirmation:
0 15 .

Success.

Admin (Username) dlink:

38

,
:
DES-3800:admin# config account <username>

39 dlink

:
DES-3800:admin# show account

45

D-Link

40

, delete account
<username>.

41 dlink

.
D-Link!

2. IP-.

web- Telnet, IP-
, . IP-
DHCP BOOTP
, CLI:
DES-3800:admin# config ipif System dhcp
DES-3800:admin# config ipif System ipaddress xxx.xxx.xxx.xxx/yy
xxx.xxx.xxx.xxx IP-, yy CIDR ,
/24 /30), System- .

42 IP-

3. .

46

D-Link
D-Link
().
,
.
D-Link
config ports.
10/,
, 1 3 (.
43).

43

show ports < >


.
show ports.

44 "show ports" 1-5 8

4.
NVRAM. save.

45 NVRAM

5. reboot.

46

47

D-Link

reset.

47

6. .
(
) show switch.

48

48

D-Link
Web-
D-Link Web
,

(GUI),
-, .
Web-

, ,
..
TCP/IP
80.
,
,
:
IP- ,
:
DES-3800:admin #config ipif System ipaddress xxx.xxx.xxx.xxx/yy ,
xxx.xxx.xxx.xxx IP-, yyy.yyy.yyy.yyy
IP-
:
DES-3800:admin#show ipif
Web-,
IP- ,
(. 49)

49 Web-

49

D-Link

, ,

, ,
, ,
.

, ,
.
, :
VLAN;
Spanning Tree IEEE 802.1d, 802.1w, 802.1s;
IEEE 802.3ad LACP
Ethernet;
IEEE 802.3ad LACP;
QoS;
,
IEEE 802.1 Port Security;
;
SNMP .

50

D-Link
VLAN
.
, ,
.
( "-")
, (
). ,
. ,
ARP, BOOTP DHCP,
,
- .

, . ,

(
) -
(Virtual LAN, VLAN).
,
, ,
. ,
MAC- ,

. ,
, ,
. ,

,
.
VLAN :
. VLAN

, ;
VLAN
, ,
;
VLAN ,
, ,

.

VLAN
VLAN:
VLAN
VLAN MAC-.
VLAN
IEEE 802.1Q

51

D-Link
VLAN
VLAN ,
VLAN, ,
. , ,
, VLAN.
.

50 VLAN

VLAN :
.

, ,
, VLAN
.
.

- , VLAN,
VLAN (VLAN ID) .


, VLAN (, VLAN )
(VLAN )
VLAN.
, VLAN ,
.
VLAN.
,
, (
ISO/OSI). VLAN
,
, IP
(. 51).

52

D-Link

51 VLAN ,

, VLAN
.
,
.
: ,
VLAN
3.

VLAN MAC-

-.


.

, .
-
, ,
-
.
MAC-,
( ),

-
MAC-
- , VLAN
1000 . , MAC-
,
, .

53

D-Link

52 VLAN -

VLAN IEEE 802.1Q



. VLAN
,

.
IEEE 802.1Q
Ethernet, VLAN .
, VLAN
, .
:

VLAN ,
, IEEE
802.1Q. VLAN
802.1Q-
.
(Spanning
Tree) . Spanning Tree
,
,

.
.

, ,

54

D-Link
,
. Spanning Tree
, ,
.
VLAN 802.1Q
VLAN
, .
,
, - .
.
, VLAN,
. ,
VLAN, ,
.
IEEE 802.1Q.
, VLAN
,
,
.
IEEE 802.1Q
Tagging ( )
IEEE 802.1Q VLAN .
Untagging 802.1Q VLAN
.
Ingress port ( ) - ,
,
VLAN.
Egress port ( ) ,

, ,
.
tagged untagged.
untagging()

VLAN, Ethernet.
tagging() VLAN
, IEEE 802.1Q,
Spanning Tree.
VLAN 802.1Q
3
:

VLAN;
-
;

55

D-Link
- ,
.

53 IEEE 802.1Q

IEEE 802.1Q VLAN


Ethernet IEEE
802.1Q (. 54). Ethernet . 2
08100 ,
IEEE 802.1Q/802.1p. 2
:
3
( 0 7, 7- ),
IEEE 802.1;
1 Canonical Format Indicator (CFI),
(Token Ring, FDDI),
Ethernet;
12-

VLAN
VLAN
ID
(VID),
, VLAN .

56

D-Link
VID 12 , 4096
VLAN.
4 .
.

54 Ethernet

,
Cyclic Redundancy Check
(CRC).
Port VLAN ID
( IEEE 802.1Q VID)
, IEEE
802.1Q, VLAN.
VLAN (
, -
IEEE 802.1Q).
IEEE 802.1Q.
tag-unaware ( ).
,

IEEE
802.1Q,

tag-aware
( ).
IEEE 802.1Q VLAN VLAN
MAC-.
Port VLAN ID (PVID) - VLAN- . ,
PVID ,
,
( ). PVID
, , PVID ,
.
PVID VLAN
(, VLAN
). , VLAN
( ).

57

D-Link
IEEE 802.1Q ,
PVID.
VLAN, VLAN PVID = 1.
, , ,

PVID

VID .
PVID VID,
, VLAN.
PVID ,
. PVID , VLAN
,
.

VID, Ethernet.
VID , , VID ,
. VID ,
. , VLAN,
, ,
VLAN .
PVID VID
, ,
, .
(. 55): 1
VLAN 1 PVID=1. ,
3 ( ),
, , , 3 VLAN
1, ,
VLAN. 3 VLAN 1,
. , 1
VLAN 1, .. PVID=1. 3, PVID=3
VLAN 1, VLAN,
VLAN 1, , PVID
1.

58

D-Link

55 VLAN 802.1Q


, ,
,
?
,
.

,
.
Tagged Untagged
, IEEE 802.1Q,
tagged () untagged
().
, tagged, VID,
VLAN .
,
, VLAN.
VLAN
, IEEE 802.1Q,
.
, untagged, 802.1Q
. VLAN 802.1Q,
. ,
VLAN (,
PVID ). untagging
,
IEEE 802.1Q, , .

59

D-Link

56

57

58 ,

60

D-Link

59 ,


,
VLAN,
ingress port ( ).

VLAN
.
VLAN,
, VLAN. ,
. , ,
VLAN. , .
VLAN,
.
VLAN,
VID,
PVID ( - tagged).
,
VLAN ( VID). , .

.
ingress filtering ( )

, VLAN,
.

61

D-Link
VLAN CLI
VLAN VID = 1,
DEFAULT_VLAN.
DEFAULT_VLAN. VLAN
VLAN ( DEFAULT_VLAN)
, VLAN.
CLI ,
, (.
1).
1 VLAN

create vlan
delete vlan
config vlan
config vlan
config gvrp

enable gvrp
disable gvrp
show vlan
show gvrp
enable
double_vlan
disable
double_vlan
create
double_vlan
config
double_vlan
show
double_vlan
delete
double_vlan

<vlan_name 32>
tag <vlanid 1-4094>
advertisement
<vlan_name 32>
<vlan_name 32>
add [tagged|untagged|forbidden]
advertisement [enable|disable]
<vlan_name 32>
delete <portlist>
<portlist> | all
state [enable | disable] ingress_checking
[enable | disable]
acceptable_frame
[tagged_only | admit_all]
pvid <vlanid 1-4094>}

<vlan_name 32>
<portlist>

VLAN
VLAN
VLAN

VLAN
GVRP

GVRP
GVRP
VLAN

GVRP
QinQ VLAN
QinQ VLAN

<vlan_name 32>
spvid <vlanid 1-4094>
tpid <hex 0x0-0xffff>
<vlan_name>
add [uplink | access]
delete <portlist>
tpid <hex 0x0-0xffff>
<vlan_name>
<vlan_name>

QinQ VLAN
QinQ VLAN

QinQ
VLAN
QinQ VLAN

1. 1-5 DEFAULT_VLAN config vlan default


delete 1-5

60 VLAN

62

D-Link
2. VLAN .
VLAN v1 VID
2 create vlan v1 tag 2

61 VLAN

3. VLAN.
1 5 VLAN v1
config vlan v1 add tagged 1-5

62 VLAN

4. VLAN .

63 VLAN

, 1-5
, Member ports,
,
Current Tagged ports.

63

D-Link
VLAN
,
-,
D-Link 2-
Asymmetric VLAN.
, VLAN
802.1Q ( )
,
. VLAN
2-
.

. ,
VLAN ,
(. 64).

,
,
.

64 VLAN

IEEE 802.1Q VLAN(


VLAN) VLAN ,
.
VLAN
,
VLAN-. VLAN ,
. ,
( ) .
, , VLAN, ,
, ,
, (PVID).

64

D-Link
VLAN IGMP Snooping .
VLAN, PVID
, VLAN .
, VLAN . VLAN
.
VLAN
CLI (. 2).
2 Asymmetric VLAN

enable asymmetric_vlan

disable asymmetric_vlan
show asymmetric_vlan


VLAN. PVID
, VLAN
.
VLAN.
Asymmetric VLAN
Asymmetric VLAN

65

D-Link
1. VLAN

65 VLAN

VLAN V1: 1-8, untagged


-
VLAN V2: 9-16, untagged
VLAN2 ( )
VLAN V3: 17-24, untagged
VLAN3 ( )
:
1. VLAN V2 V3
VLAN V1;
2. VLAN V2 V3 -
;
3. V2 V3 .
1. VLAN
enable asymmetric_vlan

66 Asymmetric VLAN

66

D-Link
2. VLAN
show asymmetric_vlan

67 Asymmetric VLAN

3. VLAN V2 V3 create vlan

68 VLAN

4. VLAN.
1 16 VLAN V2, 1-8 1724 VLAN V3. config vlan

69 VLAN

5. GVRP (Group VLAN Registration Protocol)


VLAN
config gvrp

67

D-Link

70 GVRP

68

D-Link
2. VLAN

71 VLAN

VLAN V1: 1 1-4, 2 1-4, untagged


-
1 5-8, 2 5-8, tagged


VLAN V2: 1 9-16, 2 9-16, untagged
VLAN2 ( )
VLAN V3: 1 17-24, 2 17-24,
untagged
VLAN3 ( )
:
1. VLAN V2 V3
- VLAN V1;
2. V2 V3 .

69

D-Link

, ).
1. VLAN
enable asymmetric_vlan

72 Asymmetric VLAN

2. VLAN
show asymmetric_vlan

73 Asymmetric VLAN

3. VLAN V2 V3 create vlan

74 VLAN

4. 5-8 VLAN.

75 VLAN

70

D-Link
5. VLAN V2 V3 .
1-4 9-16 VLAN V2, 1-4
17-24 VLAN V3. .

76 VLAN v2 v3

71

D-Link



.

:

Spanning Tree;

,


.
.
(Port Trunking) -
(
Link Aggregation).

.
STP (Spanning Tree
),
,
. ,
,
.

77

72

D-Link

. .

, ,
,
. ,
.


.

,
OSI. ,

, -
, -
, .

,
.

.

, ..
. D-Link 6
:
mac_source - ;
mac_destination - ;
mac_source_dest - - ;
ip_source IP- ;
ip_destination IP- ;
ip_source_dest IP- .

73

D-Link

78
mac_source_dest


, -
.

, -,
, .
.

( 1 ),
.
D-Link DES-3226S, DES3526, DES-3350SR, DGS-3324SR
: .
( ),
.
IEEE 802.3ad,
(Link
Aggregation Control Protocol) ,
. ,
LACP
. ,

,
. LACP

74

D-Link
.
,

LACP,


- .
LACP .
IEEE 802.3ad Ethernet-,
, ,
Gigabit Ethernet ( 8
).

75

D-Link
CLI
,
Ethernet (. 3).
3 Link Aggregation

create
link_aggregation
delete
link_aggregation
config
link_aggregation
config
link_aggregation
algorithm

show
link_aggregation
config lacp_ports
show lacp_ports

group_id <value>
{type[lacp/static]}
group_id <value>

group_id <value>
master_port <port>
ports <portlist>
state [enabled|disabled]
mac_source
mac_destination
mac_source_dest
ip_source
ip_destination
ip_source_dest
group_id <value 1-32>
algorithm
<portlist> mode [active|passive]
{<portlist>}



LACP

LACP

76

D-Link
1.

79 C

1.
create link_aggregation group_id 2 type static.

80

2. ,

-

config link_aggregation algorithm mac_source

81

3. . 2, 4, 6 8
1, 2
config link_aggregation group_id 1 master_port 2 ports 2,4,6,8 state
enable

82

77

D-Link
4.
show link_aggregation

83

5. 1 2 .
6. . 1, 3,
5 7 1, 3
config link_aggregation group_id 1
master_port 1 ports 1,3,5,7 state enable

84 B

78

D-Link
2.
IEEE 802.3ad4

85

1. 2- ( )
create link_aggregation
group 1 type LACP

86

2. ,
-
config link_aggregation algorithm mac_source_dest

87

3. . 1-4
1, 5-8 2
4

LACP, IEEE

802.3ad.

79

D-Link
config link_aggregation group_id 1 master_port 1 ports 1-4 state
enable

88

4. 1-8
lacp_port 1-8 mode active

Active config

89

5.
show link_aggregation

90

6. LACP
show lacp_port 1-8

80

D-Link

91

7.
create link_aggregation group 1 type LACP

92

8. .
1-4 1 1, 1
config link_aggregation group_id 1 master_port 1 ports 1-4
state enable

93 B C

Passive,
.
!
1. LACP,
LACP. LACP,
Static, .
2. IEEE 802.3ad
, ,
802.3ad
Static.

81

D-Link
Spanning Tree Protocol (IEEE 802.1d)
,
, Spanning Tree Protocol (STP)
. ,
. Ethernet,
, . ,

, , Ethernet.


, .
,

.
, , ,
, :
;
;
.


. , ,
1, .
,

.

94


,

.
,

82

D-Link
. ,
, .

,
.
. ,
.

STP STA (Spanning Tree Algorithm).
STA

.
, STP
.
- Spanning Tree (
).

.
STP.
STA ,
. 8- , 2 : 2- , 6
- .
, ,
-.
,
.

(root switch), .

. , ,
, 32768 (8000h). ,
-. ,
. ,
(
),
,

.
STP (root port)
.
,
.
STP .

(designated port). ,

. ,

83

D-Link

(designated bridge) .
,
, .
.
, .
.

.

,
,
, .
, ,
.

.
STA
(Path Cost)
.

.
4
IEEE 802.1d.
4 IEEE 802.1d

4 /
10 /
16 /
100 /
1 /
10 /

250
100
62
19
4
2

100-1000
50-600
40-400
10-60
3-10
1-5

1-65535
1-65535
1-65535
1-65535
1-65535
1-65535

.

, ,
- BPDU (Bridge Protocol Data Unit).
BPDU ,
:
,
;
-
( );
;
BPDU
, , Ethernet.
BPDU
( 1-4). (
) , BPDU

84

D-Link
(Max Age),
.

95 BPDU

BPDU (. 95):
STA - 2 .
STA,
;
STP 1 ;
BPDU - 1 . BPDU BPDU,
,
, BPDU
,

,
,

85

D-Link
,

- ,
;
- 1 .
, -
;
- 8 ;
- 2 ;
- 8 ;
- 2 ;
- 2 . 0.5
, .
BPDU ,
;
- 2 . BPDU
, ,
;
hello ( ),
BPDU ;
- 2 .
.
,

.

BPDU (. 96)
:
STA - 2 ;
STP 1 ;
BPDU - 1
.

96 BPDU

86

D-Link
STP

3
,

(. 97). ,
. , -
LAN1 .
,
, ,
. B .
,
. , A
. ,
.
STP B.

97 Spanning Tree

,
. BPDU (
hello),
, 0,
,
BPDU.
BPDU,
, ,
BPDU,

87

D-Link
. ,
BPDU, ,
.

.
,
- ,
.

(. 97). A ( ) BPDU,
0. B
BPDU, Port 1 (4) ,
BPDU (0). B
4 BPDU 4 Port 3 Port
2.
C BPDU B,
23 (4 + 19). C
BPDU Port 1.
BPDU 0 C 4 (
Port 1 4). C
. C Port 1 ,
. C
4
.

Port 1 4.

88

D-Link

98 Spanning Tree

,
.
,

. , ,
.
,
STP

.
,
.
Port 1 ( 4).
,
Port 1 .
Port 1 ( 4). ,
Port 2 .
Port 3 Port 2 ,
23. STP
.
(20) (30),

89

D-Link
Port 2 . Port 3
(. 98).
,
(. 99):
1.
2.
3.
4.
5.

;
;
;
;
.

99 STP

Blocking - (
) .
BPDU.
.
Listening () -
, BPDU.
,
BPDU , (,
). ,
,

.
Learning ()
.
.
STA, BPDU
. ,
,

.

90

D-Link
Forwarding () -

.

BPDU.
Disable () .
STP,
.
Blocking.

BPDU,

.
( 20 )
BPDU,
.
D-Link Rapid STP (IEEE
802.1w), STP
( 1 ).

91

D-Link
Rapid Spanning Tree Protocol (IEEE 802.1w)

D-Link
Spanning Tree Protocol, Rapid Spanning
Tree Protocol (RSTP), IEEE 802.1w ,
IEEE 802.1d STP. RSTP ,
STP,
.
IEEE 802.1w Rapid Spanning Tree Protocol (RSTP)
IEEE 802.1d STP.
STP,
, , 3- ,
Ethernet.
, 802.1w
Path Cost (. 5).
5 IEEE 802.1w

STP 802.1d RSTP 802.1w


,
. RSTP
Disabled, Blocking Listening, STP
Discarding (),
.

100 STP 802.1d RSTP 802.1w

92

D-Link
6 STP RSTP

STP


-?

DISABLE
DISABLE
BLOCKING

Disabled
Enabled
Enabled

RSTP
Discarding
Discarding
Discarding

LISTENING

Enabled

Discarding

LEARNING

Enabled

Learning

FORWARDING

Enabled

Forwarding

(Disabled)
(Disabled)

(Alternate,
Backup)

(Root,
Designated)

(Root,
Designated)

(Root,
Designated)

RSTP
. :
(Root Port);
(Designated Port);
(Alternate Port);
(Backup Port).
,
( )
.

101

, BPDU
, .

93

D-Link

102


.
RSTP 2 (Alternate)
(Backup), STP
.

.

103

,
.
,
( ).

94

D-Link

104

.
, RSTP,
,
. ,
.
, RSTP :
(edge port) - (point-to-point , P2P).
(Edge)
,
, .
, .
,
,
, .

, BPDU.
P2P , ,
. RSTP
, ,
2, , .

IEEE 802.1w
(Root)
BPDU (. 105).
BPDU,
. (sync).

95

D-Link

105 802.1w

,

(forwarding).

106 802.1w

96

D-Link
.
BPDU,
(. 106).


.
.
(
).
,
.
,
D (. 107).

107 802.1w

1 D . ,
BPDU
.
,
. RSTP (acknowledgement),


.
(listening) (learning).

97

D-Link
/

108

in-sync,
:


discarding );
.

109

98

D-Link

1.
RSTP

. ,
,
STP (IEEE 802.1d). RSTP
, :
TC While
hello
, ;
-,
;
TC While , BPDU,
, .
, BPDU .
2.
BPDU ,
:
-
, ,
;
TC While
BPDU
(RSTP
TCN BPDU, ,
-).

110

BPDU
.

99

D-Link
IEEE 802.1d/IEEE 802.1w
RSTP ,

STP
,

BPDU IEEE 802.1d. ,


(

) .
,
RSTP.
, ,
. ,
(Migration delay timer),
hello. ,
(STP RSTP) , .
, ,
BPDU. ,
BPDU ,
,
.
, , (. 111)
RSTP.
. ,
STP. 802.1d
BPDU RSTP ,

BPDU IEEE 802.1d.

111 STP RSTP

BPDU
, 802.1d.
, BPDU
(.
112).

100

D-Link

112 RSTP STP

, ,
, STP
, RSTP
,
, .
,
, .
IEEE 802.1d,
TCN BPDU ,
.

IEEE 802.1d IEEE 802.1w
(MessageAge). IEEE
802.1d

MessageAge

,
1
. IEEE 802.1w,
1/16 MaxAge 1,
(MaxAge
).
:
((MessageAge+HelloTime)>=MaxAge)
, MaxAge 20 Hellotime
2, 18 (Bridge hop)
, ,
, 37.
STP 802.1d RSTP 802.1w
:
STP 802.1d: 30 .
RSTP 802.1w: 5 .
:
STP 802.1d: 7
RSTP 802.1w: 18 (37 )

101

D-Link
STP CLI
STP Rapid STP
CLI (. 7).
7 STP RSTP

config stp

config stp ports

enable stp
disable stp
show stp
show stp ports

maxage <value>
hellotime <value>
forwarddelay <value>
priority <value>
fdpdu [enable|disable]
txholdcount <1-10>
version [rstp|stp]
<portlist>
cost <value>
priority <value>
migrate [yes|no]
edge [true|false]
p2p [true|false|auto]
state [enable|disable]

<portlist>

STP

STP
STP
STP
STP

1. STP () enable
stp:

113 STP

2. STP :
(path cost) 19, (priority) 16, (state)
enabled 1-5 config stp ports 1-5 cost 19
priority 16 state enabled:

114 STP

3. STP : maxage 18
hellotime 4 config stp maxage 18 hellotime 4:

115 STP

102

D-Link
4. STP show
stp:

116 STP

6. STP show stp ports:

117

103

D-Link
(QoS)
(IEEE 802.1)

, .
,
.
, ,
.

,
,
,

10 .

,


.

,
,

, /
:
(best effort service).

.
Qos
.
(differentiated service).

.


QoS ( ,
, ).
CoS (Class of Service).

.
,
.
.
,
.

(guaranteed
service).

.


. ,
Frame Relay RSVP TCP/IP.
,
.

104

D-Link

.
,
, Ethernet ,
-
. -
.
,
. ,
-
, , .

IEEE 802.1.
IEEE 802.1Q.

Ethernet, .
,
, 3 .
IEEE 802.1,
.

, ,
.

IEEE
802.1,
.

,
,
CoS, , ,
. .
(packet classification) ,

.
D-Link
. ,
:
IEEE 802.1;
TOS, IP-
(DSCP);
I-;
TCP/UDP.

,
CoS (, DES-3226S 4 CoS
, DES-3828 8 ). ,
,

, , ,
(Weighted Round Robin, WRR).

CoS (. 118). 1 2

105

D-Link
Q0, 0 3
Q1, 4 5
Q2, 6 7
Q3.
,
0, Q1.
- Q0
1 2.
( P0 P1 Q0, P2 P3 Q1)
,
Q0.

. D-Link 2
: (Strict Priority
Queuing) (Weighted Round Robin).
, ,
.
, .

WRR ,
.

,
, .
: 0 255. : 0
255 ( 16 ).

118

106

D-Link
CLI

CLI (. 8).
8 IEEE 802.1p

config
scheduling
show scheduling
config 802.1p
user_priority

show 802.1p
user_priority
config 802.1p
default_priority
show 802.1p
default_priority

<class_id 0-3>
max_packet <value 0-255>
max_latency <value 0-255>
<priority 0-7>
<class_id 0-3>

<portlist>
all
<priority 0-7>
<portlist>

IEEE 802.1p
,
.

,


.
IEEE 802.1,

1. .
Q0
100 150 config scheduling 0
max_packet 100 max_latency 150:

119 Q0

2. show
scheduling:

120

3. 1
Q3 config 802.1p user_priority 1 3:

107

D-Link

121

4.
show 802.1p user_priority:

122

5. .
,
1-5 ,
5 config 802.1p default_priority 1-5 5:

123 1-5 5

6. ,
1-10 show 802.1p default_priority 1-10:

124

108

D-Link


,
.

125

CLI

CLI (. 9).
9 Traffic control

config
bandwidth_control

show
bandwidth_control

<portlist>
rx_rate
no_limit
<value 64-1024000>
tx_rate
no_limit
<value 64-1024000>
<portlist>

1. 1 8 , 1
/ config bandwidth_control 1-8 tx_rate 1000:

126

109

D-Link
2.
show bandwidth_control:

127

110

D-Link

Port Security
,
MAC- ,
MAC-.

,
-.
-,
,
MAC-,
, .
-, MAC-
,
MAC--,
. D-Link
-, 256 .
MAC, MAC- , ,
.
,
,
. , MAC- (
, )
, ,
.

,

111

D-Link
Port Security CLI
Port Security
CLI (. 10) .
10 Port Security

config port_security
ports

clear
port_security_entry

[<portlist>| all ]
{admin_state [enable | disable]
|max_learning_addr <max_lock_no 0-10>
lock_address_mode[Permanent|
DeleteOnTimeout|DeleteOnReset]}
vlan_name <vlan_name 32> mac_address
<macaddr> port <port>

Show port_security

{ports <portlist>}

portlist

VLAN, MAC
.

1. Port Security 9-16,


- 5
-
config port_security ports 9-16
admin_state enable max_learning_addr 5 lock_address_mode DeleteOnTimeout
:

128 Port Security

2. Port Security show port_security


ports 7-13:

129 Port Security

112

D-Link
3. - Port Security
clear port_security_entry port 4:

130 Port Security

113

D-Link

2.
,
,
,
.
.

VLAN,

131 Traffic Segmentation

(. 131). (PC2 - PC24)


uplink,
. :
ETTH (Ethernet To The Home) ;
.

114

D-Link
Traffic Segmentation CLI

CLI (. 11).

Traffic

Segmentation

11 Traffic Segmentation

config
traffic_segmentation
show
traffic_segmentation

<portlist>
forward_list
null
<portlist>
<portlist>

1. 19 22 ,
23 24 config traffic_segmentation 19-22
forward_list 23-24:

132 Traffic Segmentation

2. ,
show traffic_segmentation 19-24:

133 Traffic Segmentation

115

D-Link
IEEE 802.1
IEEE 802.1
/ ,

(. 134). (RADIUS)
, ,
,
.
, ,
IEEE 802.1
Extensible Authentication Protocol over LAN (EAPOL) ,
. ,
.

134 IEEE 802.1x


802.1 ,
.

135 ()

,

.
802.1x, , Microsoft Windows XP.

116

D-Link

136


.

. RADIUS /,
RADIUS.
,
.

137

( (authenticator))
,
.
,
,
, .
RADIUS, EAP
.
,
.

, EAPOL-start,
.
,
,
.

117

D-Link
,
.

. ,
,

(One-Time-Password, OTP) RADIUS.

138

802.1 , :
802.1x MAC-
/,
MAC-, .
, MAC-;
802.1x , ,
, ,
, .

,
.
.

IEEE 802.1. ,
, .

118

D-Link
,
IEEE 802.1.
, IEEE 802.1,
IEEE 802.1,
. , ,

.
, IEEE 802.1
, IEEE 802.1,
, EAPOL-start. ,
.
, , ,
, .
, IEEE 802.1,
,
.
,
, .
,
.
,
-
.
, EAPOLlogoff, .
(up)
(down), EAPOL-logoff,
.
IEEE 802.1
IEEE 802.1 :
(Trunk port);
EtherChannel , IEEE 802.1
, EtherChannel.

119

D-Link
IEEE 802.1 CLI
: IEEE
802.1x, ( IEEE 802.1x Window XP).
Radius: Windows NT, Windows 2000 Server Radius Server Service,
.
:
IEEE 802.1x ;
IEEE 802.1x ;
Radius.
IEEE 802.1x CLI
(. 12).
12 IEEE 802.1

enable 802.1x

disable 802.1x
show 802.1x
config 802.1x
capability
config 802.1x
auth_parameter

config 802.1x
auth_mode

[auth_state |
auth_configuration]
{ports <portlist>}
ports <portlist>|all
authenticator
none
ports <portlist>|all
default
direction [both|in]
port_control
[force_unauth|auto|force_auth]
quiet_period <sec 0-65535>
tx_period <sec 1-65535>
supp_timeout <sec 1-65535>
server_timeout <sec 1-65535>
max_req <value 1-10>
reauth_period <sec 1-65535>
enable_reauth [enable|disable]
[port_based |mac_based]

config 802.1x init

config 802.1x init [port_based ports


[<portlist|all>]
|mac_based
ports
[<portlist>|all]
{mac_address <macaddr>}]

config 802.1x
reauth

[port_based
ports
[<portlist|all>]
|mac_based
ports [<portlist>|all] {mac_address
<macaddr>}]

config radius add

<server_index 1-3>
<server_ip>

IEEE
802.1
IEEE 802.1

IEEE
802.1x
IEEE 802.1

:

IEEE 802.1x
.
Default -

IEEE 802.1x

IEEE 802.1x:

-

IEEE
802.1x

120

D-Link

config
delete
config radius

show radius

radius

key <passwd 32>


default
auth_port <udp_port_number>
acct_port <udp_port_number>
<server_index 1-3>
<server_index 1-3>
ipaddress <server_ip>
key <passwd 32>
auth_port <udp_port_number>
acct_port <udp_port_number>

RADIUS


RADIUS.


RADIUS.

RADIUS

1. IEEE 802.1x enable 802.1x:

139 802.1x

2. IEEE 802.1 19-24


show 802.1x auth_state ports 19-24:

140 802.1x 19-24

3. IEEE 802.1x 19 24 config 802.1x


capability ports 19-24 authenticator:

141 802.1x

4. IEEE 802.1 19
show 802.1x auth_configuration ports 19:

121

D-Link

142 802.1x 19

5. 802.1 1924 config 802.1x reauth mac_based ports 19-24:

143 802.1x 19-24

6. IEEE 802.1
config 802.1x auth_mode port_based:

144 802.1x

7. Radius, IP 192.168.0.100, dlink config radius add 1


192.168.0.100 key dlink default :

145 RADIUS

122

D-Link
Access Control Lists (ACL)
(Access Control Lists)
.
, , .

, , , ,
.

, (ACL)
.
D-Link
: Ethernet IP.
- , VLAN,
IP-, .
,
(Profile ID). ,
, . ,
, .
, ,
.


:
: Ethernet IP;
;
, ,
Access Profile Mask ;
Access Profile Rule .

, . , ,
DES-3226S 10
, 50 (50
10 ), DES3526 9 800 .
( Web-)
2 :
-
, IP
.
: ,

( ).

123

D-Link

146

1: (Access Profile Mask)


1. Web- .
Configuration/ Access Profile Table.
2. Add
Access Profile Table. .
,
.
, .
3. :
) (Profile ID):

,
Auto Assign. 1 255;
) (Type):
Ethernet, IP, PacketContentMask.

(. 147, 148 149). Ethernet,
, 2-
. IP, ,
IP .
PacketContentMask
80- .
) VLAN: , ,
VLAN

.
Ethernet:
4. MAC (Source MAC Mask):
MAC MAC MAC
.
5. MAC (Destination MAC Mask):
MAC MAC
MAC .
6. 802.1p: , ,
IEEE 802.1p

.
7. Ethernet Type: ,
Ethernet .

124

D-Link

147 MAC

IP:
4. IP (Source IP Mask):
IP - IP IP .
5. IP (Destination IP Mask):
IP - IP IP
.
6. DSCP: , ,
DiffServ Code Point (DSCP)

.
7. Protocol: ,

(ICMP, IGMP, TCP, UDP) .
TCP UDP
.
, ,
. Source Port Mask Ox TCP/UDP
(hex 0x0-0xffff).
Destination Port Mask Ox TCP/UDP
(hex 0x0-0xffff).
8.
PacketContentMask:
9. Offset:
. 80 5 16 .
2: .
4.
Modify;
5. C ,
Add. , , ,
Delete;
6.
;
7. ;

125

D-Link
8. Permit () Deny
().

148 IP

149 PacketContentMask

126

D-Link

150

151

, ,
IEEE 802.1p , .
priority
. 0, 7.

127

D-Link
Access Control Lists (ACL) CLI
ACL CLI
DES-3526 (. 13).
13 ACL

create
access_profile

ethernet
vlan
source_mac <macmask>
destination_mac <macmask>
802.1p
ethernet_type
ip
vlan
source_ip_mask <netmask>
destination_ip_mask <netmask>
dscp
icmp
type
code
igmp {type}
tcp
src_port_mask <hex 0x0-0xffff>
dst_port_mask <hex 0x0-0xffff>
flag_mask
all
urg
ack
psh
rst
syn
Fin
udp
src_port_mask <hex 0x0-0xffff>
dst_port_mask <hex 0x0-0xffff>
protocol_id_mask <hex 0x0 - 0xFF>
user_define_mask
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
packet_content_mask
offset_0-15
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
offset_16-31
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
offset_32-47
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
offset_48-63

.
,
create access_profile,

,

,

.

128

D-Link

delete
access_profile
config
access_profile
profile_id
<value
1-255>

<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
offset_64-79
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
profile_id <value 1-255>
Profile_id <value 1-255>
profile_id <value 1-255>
add access_id <value 1-65535>
ethernet
vlan <vlan_name 32>
source_mac <macaddr>
destination_mac <macaddr>
802.1p <value 0-7>
ethernet_type <hex 0x0-0xffff>
ip
vlan <vlan_name 32>
source_ip <ipaddr>
destination_ip <ipaddr>
dscp <value 0-63>
icmp
type <value 0-255>
code <value 0-255>
igmp {type <value 0-255>}
tcp
src_port <value 0-65535>
dst_port <value 0-65535>
flag_mask
all
urg
ack
psh
rst
syn
fin
udp
src_port <value 0-65535>
dst_port <value 0-65535>
protocol_id <value 0 - 255>
user_define
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
packet_content_mask
offset_0-15
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
offset_16-31
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>


.

,


.

129

D-Link

show
access_profile

offset_32-47
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
offset_48-63
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
offset_64-79
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
<hex 0x0-0xffffffff>
port <portlist>
permit
priority <value 0-7>
replace_priority
replace_dscp_with <value 0-63>
deny
delete access_id <value 1-65535>
profile_id <value 1-255>
access_id <value 1-65535>


show access_profile.

152 ACL

130

D-Link

1. ACL Ethernet

153 Ethernet


-.

(. 153):
-, : 00-50-ba-00-00-19;
1 , : 00-50-ba-6b-18-c8;
.
( CLI).
:
MAC- = MAC-
= , (
,
)
MAC- = , .
,
1. 00-50-ba-6b-18-c8
,

Ethernet-

create
access_profile ethernet source_mac FF-FF-FF-FF-FF-FF destination_mac FF-FFFF-FF-FF-FF profile_id 10:

131

D-Link

154 10

, 1 ,
-:

155 1

2. 00-50-ba-00-00-19.
create access_profile ethernet destination_mac FF-FF-FF-FFFF-FF profile_id 20:

156 20

config access_profile profile_id 20 add access_id 21


ethernet destination_mac 00-50-BA-00-00-19 port 3-26 deny:

157 - 00-50-BA-00-00-19

132

D-Link
2. ACL Ethernet

-.

(. 153):
-, : 00-50-ba-00-00-19;
PC1 , : 00-50-ba-6b-18-c8;
.
:
MAC- = MAC-
= , (
,
)
,
1. MAC 00-50-ba-6b-18-c8
, create
access_profile ethernet source_mac FF-FF-FF-FF-FF-FF destination_mac FF-FFFF-FF-FF-FF profile_id 10 config access_profile profile_id 10 add access_id
11 ethernet source_mac 00-50-BA-6B-18-C8 destination_mac 00-50-BA-00-0019 port 1-26 deny:

158 ACL

2. ,
, ACL .

133

D-Link
3. ACL IP

159 IP


IP-.

:
- IP= 192.168.1.254/32;
: 192.168.1.0/24;
:
192.168.1.1 - 192.168.1.63 ( 192.168.1.0/26);
.
:
DestIP=192.168.1.254/32 SrcIP=192.168.1.0/26,
;
DestIP=192.168.1.254/32 SrcIP=192.168.1.0/24,
;
, .
1. 192.168.1.1-192.168.1.63
192.168.1.254 create access_profile ip destination_ip_mask
255.255.255.255 source_ip_mask 255.255.255.192 profile_id 10:

134

D-Link

160 IP

2.

192.168.1.0/24 192.168.1.254. ACL create
access_profile
ip
destination_ip_mask
255.255.255.255
source_ip_mask
255.255.255.0 profile_id 20 config access_profile profile_id 20 add access_id
21 ip destination_ip 192.168.1.254 source_ip 192.168.1.0 port 1-26 deny:

161 ACL

3. ACL ,
.

135

D-Link
4 IP 3-

162 ACL 3-

. 1
( ) 2, 3 4.
2, 3 4 (. 162).
:
Dest. IP=192.168.1.x, ;
Src. IP=192.168.1.x, ;
DestIP=192.168.2.x SrcIP=192.168.2.x,
;
DestIP=192.168.3.x SrcIP=192.168.3.x,
;
DestIP=192.168.4.x SrcIP=192.168.4.x,
;
.
1. 192.168.1.x

ACL

create
access_profile
profile_id
10
ip
destination_ip_mask 255.255.255.0 config access_profile profile_id 10 add
access_id 11 ip destination_ip 192.168.1.0 port 1-12 permit:

136

D-Link

163 ACL Net1

2. 2,3 4 192.168.1.x,
ACL create access_profile profile_id 11 ip source_ip_mask
255.255.255.0 config access_profile profile_id 11 add access_id 10 ip
source_ip 255.255.255.0 port 1-12 deny:

164 ACL Net1

3. 192.168.2.x, 192.168.3.x
192.168.4.x, ACL create access_profile profile_id 12 ip
source_ip_mask 255.255.255.0 destination_ip_mask 255.255.255.0;
config access_profile profile_id 12 add access_id 10 ip source_ip 192.168.2.0
destination_ip 192.168.2.0 port 1-12 permit;
config access_profile profile_id 12 add access_id 11 ip source_ip 192.168.3.0
destination_ip 192.168.3.0 port 1-12 permit;
config access_profile profile_id 12 add access_id 13 ip source_ip 192.168.4.0
destination_ip 192.168.4.0 port 1-12 permit:

137

D-Link

165 Net 2, Net3, Net4

4. , ACL create access_profile


profile_id 14 ip source_ip_mask 0.0.0.0 config access_profile profile_id 14
add access_id 5 ip source_ip 0.0.0.0 port 1-12 deny:

166 ACL

138

D-Link

(Multicast)
,
.

, , .
,

.

IP- .
:
. ,
, ( )
IGMP. IP,
,
.

IP-,

.
IANA (Internet Assigned
Numbers Authority,
). IP-
D.
,
224.0.0.0 239.255.255.255.
IANA IP 224.0.0.0224.0.0.255 .
.
224.0.1.0-224.0.1.255 ,

.
-
,
-
-
-
. ,
.
IP -
IP .
24 . 01-00-05
Ethernet. 24
- .

139

D-Link
-, 25- ( )
0, 23 IP- 23
- (. 167).

167 IP- Ethernet

5 1- IP, .
- 32 .

,
.
.
IGMP (Internet Group Management Protocol)

. ,
IGMP- .
IGMP IGMP-
, ,
(. 168).
IGMP v1
1 IGMP IGMP-:
;
.
IGMP-,
,
. IGMP-,
, ,
.

140

D-Link
IGMP-,
.

168 IGMP.

IGMP v2
2 IGMP IGMP-:
;
1;
2;
.
IGMP 2 IGMP 1.
.

(. 169).
, , ,
. ,
.
, ,
IGMP 1.
.

141

D-Link

169 IGMP.

2
2-
,
- . ,
-
, .
,
,
(. 170)

170

142

D-Link

:

VLAN

.
,
;
IGMP- (IGMP-snooping). IGMP-

IGMP-, ,
3- .
IGMP- ,

. IGMP-
, (.
171).

IGMP-

, 2-
. , IGMP-,
,

.
IGMP-

.

, IGMP- .

171 IGMP Snooping

143

D-Link
IGMP- snooping CLI
IGMP-snooping CLI
(. 14).
14 IGMP-Snooping

config
igmp_snooping

config
igmp_snooping
querier

config router_ports

enable igmp
snooping

disable igmp
snooping
show igmp
snooping

<vlan_name 32>
all
host_timeout <sec 1-16711450>
router_timeout <sec 1-16711450>
leave_timer <sec 1-16711450>
state
enable
disable
<vlan_name 32>
all
query_interval <sec 1-65535>
max_response_time <sec 1-25>
robustness_variable <value 1-255>
last_member_query_interval <sec 1-25>
state
enable|
disable
<vlan_name 32>
add
<portlist>
delete
<portlist>

forward_mcrouter_only

vlan <vlan_name 32>

show igmp
snooping group

vlan <vlan_name 32>

show router ports

vlan <vlan_name 32>


static
dynamic

IGMPsnooping

.
,

..
IGMPsnooping .
forward_mcrouter_only
,




.
,


IP
IGMPsnooping .

IGMP-snooping

IGMPsnooping

144

D-Link
1. IGMP-snooping config igmp_snooping default
host_timeout 250 state enable:

172 IGMP-Snooping

host_timeout <sec> - ,

. 260
.
2. IGMP-snooping querier config
igmp_snooping querier default query_interval 125 state enable:

173 IGMP-Snooping querier

3.
igmp_snooping:

IGMP-snooping

enable

174 IGMP-Snooping

4. 25
config router_ports default add 25:

175 router ports

5.
show igmp_snooping :

IGMP-snooping

145

D-Link

176 IGMP-snooping

6.

show igmp_snooping forwarding :

177

7. IGMP-snooping
show igmp_snooping group :

146

D-Link

178 IGMP-Snooping

147

D-Link

:
1. D-Link DES-3526, DES-3828
.
2. D-Link.
3. . , , . .. ,
.. . :, 2000.
4. , 3- .: .
. .: , 2002.
5. IP.: . . .
.: , 2003.
6. . http://www.routers.ru
7. IEEE

148

D-Link

. .

(. 15).
CLI ,
.
15 CLI
< >

,
.
[ ]


. .
|


, .
{ }

149

D-Link

1
10Base-F IEEE 802.3 Ethernet
.
10Base-T

(" ").

IEEE 802.3i Ethernet


100Base-T IEEE 802.3us Ethernet


100 /
(" ").
100Base-TX IEEE 802.3u Ethernet
100 / 2-
5.
100Base-FX IEEE 802.3u Ethernet
100 / FDDI TP-PMD
PMD ( ).
10Gbase-ER 10G Ethernet,
10 /
40 (25 )
1550 .
10Gbase-LR 10G Ethernet,
10 /
10 (6 )
1310 .
10Gbase-SR 10G Ethernet,
10 /
300 (990 )
850 .

A
Access method . ,
.
CSMA/CD (Ethernet) (Token Ring).
Address . ,
,
.

150

D-Link
Address mask . ,
Internet .
32 Inetrnet
. .
Address
resolution

(Network Layer)
(media-specific) . . ARP.
Agent . SNMP
.
- - ,
.
Aggregate link .
.
Application Layer . OSI,
,
.
ARP(Address Resolution Protocol) .
Internet,
Internet () .
ARP
, IP-.

B
Backbone , ,

.
Backplane .
,
.
Bandwidth ,
, .
().
Bridge . ,
.
OSI .
BPDU(Bridge Protocol Data Unit)
. (Spanning Tree
Protocol),
.

151

D-Link
Broadcast . ,
, .
Ethernet.
Bus topology
. ,
(
),
.

C
Channel . []
. : link, line, circuit
facility
Chassis .
, .
.
CLI Command Line Interface , .

.
Client .
), .

Collision . Ethernet,
.
.
Collision domain . Ethernet,
,
.
CoS(Class
of
Service)

.
,
,
.
ToS.
Crossover . (
)
.
CSMA/CD(Carrier sense multiple access/collision detection)

. , ,
, .
,

152

D-Link
.
,
. , ,

. CSMA/CD Ethernet IEEE 802.3.
Cut-through packet switching .
, ,

, .
,
.
.

D
Data Link Layer . 2 OSI,
.
, ,
, ,
. IEEE :
LLC.
Designated bridge . ,
.
DHCP(Dynamic Host Configuration Protocol)
.
IP-.

E
EMI(Electromagnetic interference) .
, -

.
Encapsulation . ,
,
(protocol data unit - PDU ) . Internet ,
(IP), -
(TCP), .
Ethernet (),
IEEE . IEEE 802.3. Ethernet
10 / CSMA/CD.

153

D-Link
Ethernet 10Base-T. Ethernet
Fast Ethernet (100 /) Gigabit Ethernet (1000 /).
Ethernet address Ethernet. 48- ,
( Ethernet) .
12 .
ETTH (Ethernet to the Home) ETTH
, Ethernet.

Ethernet

.

F
Fault management . ISO
.
,
.
Fault tolerance .
.
,
, ..
Fiber optic cable . ,
.
Filtering .

( , ) .
, .
Flooding . ,
,
.
Flow control . ,

.
Forwarding table .
,
, .

Frame .

. MAC ,
.
,

154

D-Link
.
, , ,
.
Full duplex .
- - .

G
GUI(Graphical User Interface) .
,
,
() .

H
Half Duplex .
.
, , .

I
IEEE(Institute of Electrical and Electronic Engineers)
.
, 1963
.
802 . 802
(Technical
Committee for Computer Communications), 1980
.
IEEE ANSI ISO.
IEEE 802 IEEE 802. IEEE,
.
Ethernet, Token Ring, Wireless LAN.
IEEE 802.3 IEEE CSMA/CD.
IGMP(Internet Group Management Protocol)
. , IP-

.
IP(Internet Protocol) IP- . TCP/IP,
RFC 791 .
.

155

D-Link
IP.
.
IP address IP-. IP - 32 (4 )
, STD 5 (RFC 791)
TCP/IP. IP-
(network portion) (host portion) -
.
IP- .
IPv6 128- ,
.

L
LAN(Local Area Network)
.

, .
, ,
,
.
LLC(Logical Link Control)
. ,
IEEE. , , ,
-. LLC-
IEEE 802.2. IEEE 802.2
.

M
MAC(Media Access Control)

. , IEEE.
- .
MAC address -. ,
,
.
,
. -
6 , IEEE. -
.
MAC
address
learning

-.

, -

156

D-Link
.
,
.
.
. -
IEEE 802.1.
MIB(Management Information Base) .
, ,
SNMP.
MIB-
SNMP (, D-Link D -View)
GUI-. MIB-
() () .
MTU(Maximum Transmission Unit)
. ( ) ,
.
Multicast .
.
(Destination address field).
Multicast address . ,
.
Multicast group .
IP-, IP-.
Multicast router . ,
IGMP-
. , ,
IGMP- ,
.
,
.

N
Network .
1. ( ).
2. , ,
,
.
Network Address . ,
, .
(protocol address).

157

D-Link
Network Layer . 3 OSI,
, OSI.
Node . , ,
.
NVRAM NonVolatile RAM,

P
Packet . , ,
, .
. 3
: (
, ..), ,
. 3 ()
OSI.
PDU(Protocol Data Unit) . OSI
.
Physical Layer . 1 OSI.
, ,
,
.
Ping (Packet INternet Groper) . ICMP . ,
IP-.
Port density . .
Port security .
.

Proxy ARP(Proxy Address Resolution Protocol)


. ARP,
(, ) ARP
.

Q
QoS(Quality
of
Service) .
,
.

158

D-Link

R
RADIUS(Remote Authentication Dial-In User Service)
. IETF,
,
.
Redundancy . ,
. ,
.
Redundant system . , ,
,
, ,
.
Reliability .
.
, .
RMON(Remote MONitoring) .
MIB-, RFC 1271,
. RMON
,
. ,
.
Router . ,

.
.
Routing .
.
RS-232

EIA

25-

, (DTE)
(DCE) .

S
Segment .
1. , ,
.
2. LAN ,
.

159

D-Link
3. , TCP
.
Session Layer . 5 OSI,
.
SNMP(Simple Network Management Protocol)
. ,
TCP/IP. SNMP
, ,
, .
SOHO(Small Office, Home Office) .

.
Spanning Tree
.

STA(Spanning Tree Algorithm)


. ,
. STA.
STP(Spanning Tree Protocol) .
,

.
BPDU
.
Store and forward packet switching

. ,

. CRC
. , ,
(, )
.
(cut-through packet switching).
Switch
.

,
.
OSI.
Switched LAN . .

T
Tag . , .

160

D-Link
TCP(Transmission Control Protocol) .

,
. TCP
/IP.
TCP/IP(Transmission Control Protocol/Internet Protocol)
/ Internet .
, 1970- .
.
Telnet
TCP/IP. Telnet

,
.
TFTP(Trivial File Transfer Protocol)
. FTP,
.
Throughput

,
, ,
.
Traffic segmentation . ,
2.
Transport Layer . 4 OSI,
.
Trap . (alarm message),
, ,
.
, ,
.
Trunk .
, .

U
UDP (User Datagram Protocol) .
, .
TCP/IP. UDP
.

161

D-Link

V
VLAN(Virtual LAN) . ,

), ,
,
. VLAN .

162