Вы находитесь на странице: 1из 264

DES-3500

Fast Ethernet 2
Release 5

Copyright 2007.


..............................................................................................................................................vii
.......................................................................................................................viii
.........................................................................................................................viii
, , ....................................................................................viii
................................................................................................................... ix
..............................................................................................................ix
, ............................................... x
................................................................................................. xi
.....................................................................................................................................................1
............................................................................................................................. 1
.................................................................................................................. 2
...........................................................................................................................................................3
...................................................................................................................3
........................................................................................................................3
............................................................................................................................5
.........................................................................................................................5
-..........................................................................................................................6
..................................................................................................................................................8
................................................................................................................................... 8
............................................................................................................................. 8
................................................................................................... 8
............................................................................................................... 9
19" ................................................................................ 10
( )....................................................................................11
....................................................................................................................11
DES-3526DC .............................................................. 11
................................................................................................................ 12
.................................................................................... 12
....................................................... 13
............................................................. 14
............................................................................................ 15
............................................................................................................................. 15
Web- .................................................................................................................. 15
SNMP-...................................................................................................... 15
(RS-232 DCE)..................................................... 15
................................................................................................... 17
...................................................................................................................................... 17
SNMP.................................................................................................................................... 19
Traps .........................................................................................................................................................20
MIB...................................................................................................20
IP-............................................................................................................................. 20
.............................................................................................. 22
Web-............................................................................. 23
.................................................................................................................................................. 23
Web- ........................................................................................ 23
Web-............................................................................................... 24
Web- .....................................................................................................24
, Web-............................................................................................ 25
..................................................................................................................... 26
................................................................................................................. 26
IP-.....................................................................................................................................................27
.........................................................................................................................29
.....................................................................................................................................31
......................................................................................................................................33

ii

................................................................................................................. 34
......................................................................................................................... 35
...........................................................................................35
LACP......................................................................................................................... 38
MAC-..................................................................................................................................40
MAC-........................................................................................ 40
MAC- ............................................................................................. 40
IGMP ...................................................................................................................................................... 41
IGMP Snooping ...................................................................................................................................... 42
.................................................................. 43
................................................................... 44
VLAN IGMP................................................................................................................ 45
......................................................................................................... 48
802.1s MSTP ...........................................................................................................................................48
802.1w Rapid Spanning Tree...................................................................................................................48
STP, MSTP, RSTP.........................................................49
..................................................................................................................................49
P2P-...................................................................................................................................................50
802.1d/802.1w/802.1s...................................................................................................50
STP-....................................................................................................... 50
MST ............................................................................................................... 53
MSTI.................................................................................................................................... 55
STP........................................................................................................................... 56
MSTP................................................................................................................ 57
Loopback Detection................................................................................................................ 60
( Forwarding Filtering)................................................... 62
Unicast- (Unicast Forwarding).......................................... 62
Multicast Forwarding.............................................................................................................................. 63
......................................................................... 64
(VLAN)................................................................................................ 65
IEEE 802.1p.........................................................................................................65
VLAN.................................................................................................................................... 66
VLAN DES-3500 ............................66
IEEE 802.1Q VLAN............................................................................................................................... 66
802.1Q VLAN.................................................................................................................................68
VLAN ID...........................................................................................................68
...................................................................................................70
(Ingress Filtering) ..............................................................................70
VLAN .............................................................................................................................70
Port-based VLAN ( )....................................................................................................71
VLAN................................................................................................................................71
VLAN .........................................................................................................................71
VLAN ...........................................................................................72
VLAN................................................................................................................... 72
GVRP.................................................................................................................................. 74
.......................................................................................................................... 76
Port Security( )................................................................................... 79
QoS ........................................................................................................................................................ 81
QoS ...............................................................................................................................82
QoS...........................................................................................................................................83
................................................................................................................... 85
........................................................................................................................... 86
802.1p ......................................................................................................... 86
802.1p .......................................................................................................... 87
............................................................................................................................ 87
................................................. 88
................................................................................................................................ 89

iii

SNTP..................................................................................................................................... 90
................................................................................................................................ 90
DST............................................................................................................................. 91
........................................................................... 93
................................................................................................ 93
CPU Interface Filtering.......................................................................................................................... 108
CPU Interface Filtering......................................................................................... 109
Port Access Entity (802.1X) ................................................................................................................. 122
802.1x MAC-............................................................ 122
.......................................................................................................................122
....................................................................................................................................123
....................................................................................................................................................124
.................................................................................................................... 124
.................................................................................................... 124
MAC-........................................................................................ 126
......................................................................... 127
PAE.................................................................................................................... 129
Port Capability .......................................................................................................................................129
802.1x .........................................130
802.1x MAC-.............................131
802.1x ...................................................131
RADIUS-............................................................................................................................ 132
Guest VLAN.................................................................................................................................. 133
Guest VLAN..................................................................................134
IP-MAC Binding( IP-MAC)...................................................................................................... 135
ACL........................................................................................................................................... 135
IP-MAC Binding ............................................................................................. 138
IP-MAC Binding.................................................................................................................... 138
- IP-MAC........................................................................... 140
IP- ..................................... 140
IP- .................... 141
IP- ................... 141
IP- ................................. 143
IP- 3 ............................................................................................................ 145
ARP.................................................................. 145
DHCP/BOOTP Relay........................................................................................................................... 147
DHCP / BOOTP Relay ..............................................147
Option 82 DES-3500 xStack..........................................149
DHCP/BOOTP Relay................................................................................150
..........................................................................................................................................151
IP- ........................................................................................................ 151
...........................................................................................................151
Admin, Operator User Privileges ............................................153
............................................................................................. 153
.....................................................................................................154
...........................................................................................154
...................................................................................155
................................................................................................... 157
(Login Method Lists).......................................................................... 159
Enable Method Lists ............................................................................................................................. 161
............................................................................................................................... 162
Enable Admin ( )................................................. 163
Secure Socket Layer (SSL)................................................................................................................... 164
............................................................................................................. 165
Ciphersuite............................................................................................................. 165
Secure Shell (SSH) .............................................................................................................................. 167
SSH.................................................................................................................................... 167

iv

SSH Algorithm (SSH-)........................................................................................................... 168


SSH-................................................................................................... 170
SNMP-................................................................................................................................... 171
SNMP..................................................................................................................... 171
Traps .......................................................................................................................................................172
MIB................................................................................................173
SNMP-........................................................................................................... 173
SNMP (SNMP View Table) .............................................................................. 175
SNMP (SNMP Group Table)...................................................................................... 176
SNMP Community....................................................................................... 177
SNMP.......................................................................................................................... 178
SNMP Engine ID ................................................................................................................................. 179
Safeguard Engine................................................................................................................................. 180
..................................................................................................................................... 183
DHCP-........................................................................................... 183
DHCP-............................................................................................ 184
NetBIOS....................................................................................................... 185
........................................................................................................................................ 188
...................................................................................................... 188
CPU.................................................................................................................... 189
.................................................................................................................................................. 190
(RX)................................................................................................................... 190
, (RX) ..................... 191
(TX)................................................................................................................ 193
................................................................................................................................................. 194
(RX)....................................................................... 195
(TX) .................................................................... 197
....................................................................................................................................... 199
MAC-.............................................................................................................. 200
........................................................................................................................... 202
IGMP Snooping....................................................................................................................... 203
IGMP Snooping Forwarding................................................................................................. 204
VLAN....................................................................................................................................... 204
......................................................................................................................... 205
.............................................................................................................. 206
.............................................................................................................. 206
3........................................................................................................ 208
ARP...................................................................................................................... 208
Safeguard Engine...................................................................................................................... 208
.......................................................................................................... 210
TFTP...................................................................................................................................... 210
TFTP-..................................................................... 210
................................................................................................. 211
TFTP-.............................................................. 211
TFTP-.............................................................................. 212
.......................................................... 212
...................................................................................... 212
................................................................................ 213
Ping Test .............................................................................................................................................. 214
....................................................................................................................... 215
( Reset)................................................................................. 215
Reset System.......................................................................................................................................... 216
Reset Config .......................................................................................................................................... 216
..................................................................................................................... 216
(Logout)................................................................................................................. 217
D-Link Single IP Management ........................................................................................ 218
Single IP Management (SIM)............................................................................... 218

SIM v1.6.....................................................................................219
SIM Web-......................................................................... 220
.................................................................................................................................... 221
................................................................................................................................. 223
........................................................................................................... 224
.............................................................................................................................224
....................................................................................................225
............................................................................................................................226
CaS..........................................................................................................226
....................................................................................................................................... 227
File ......................................................................................................................................................228
Group ......................................................................................................................................................228
Device .....................................................................................................................................................228
View.........................................................................................................................................................228
Help......................................................................................................................................................228
SIM-.................................................. 229
/ ...............................................................229
..................................................................................................230
............................................................................................................... 231
.......................................................................................................................... 233
............................................................................................................... 234
...................................................................................................................................... 249
............................................................................................................................................... 250

vi


DES-3500 ,
.
:
1, - .
2, - ,
, .
, DES-3500.
3, - ,
Ethernet/Fast Ethernet.
4, -
, , SNMP, IP-
.
5, Web- -
Web-.
6, -
, ,
, IP-, ,
, , , SNTP, TFTP, Ping
Test, SNMP, IP-, .
7, ,
IP-, ,
SNMP.
8, - ,
.
9,
, TFTP-, , Ping Test,
.
10, Single IP Management Single IP Management
( IP-), Java
SIM.
A,
DES-3500.
B, - RJ-45 /,
.
C,
.
D, - .
- , .

vii

DES-3500
.
, .

[]

,
, .
: [copy filename] ,
, .
.
, ,
. : File Cancel. ,
.
, . : You have
mail ( ).
, . : use the copy command.
,
, .

, ,
. : Enter.

Menu Name
Menu Option

,
, .
: ,
, ( ), .
>

Menu Name > Menu Option . , Device > Port


> Port Properties , Port Properties ( )
Port Device.

,
,
.

,
.

, .

viii


, .
(
).
, .


, ,
, :

, ,
.

.

, :

, .

,
, .

,
. ,

.

.
.

,
.

,
.
, .

, , ( )
:

115 (V)/60 (Hz)


, , .

100 /50 - 100 /60 -

230 /50 - ,

, ,
.
. ,
, .
, .
, ,

ix

.
,
.
- . ,
, - ,
80% - .

, (UPS).
, , ,
. , .
,
.
.
,
, :

, ,
.
; , /
. .

,
.
.
,
.
:
, , ,
, .
/ , .
, .
,
.
.
, .
, , .
, , -

, , ,

,
. 80% ,
.
, .
, .
:
.

.

.
, ,
.
:
. ,
.
. ,
.


.
, , ,
. .

(ESD):
1.

, , ,
,
. ,
.

2.

3.

- . ,
,
.

xi




- Gigabit Ethernet
DES-3500 c 2 Fast Ethernet
D-Link xStack. xStack 10/100 /
SIM , ,
, .
,
.
,
DES-3500 xStack.
,
(DES-3526, DES-3526DC, DES-3550).
, Web-,
,
.
, ,
,
.


DES-3500
(UTP), 10 100 /.
24 ( DES-3526, DES-3526DC) 48 ( DES-3550) 10/100Base-TX,
MDI-X/MDI-II.
, , , , ,
.

. 10/100 / 200
/ .
- 1000Base-T/Mini-GBIC(SFP),
.


, , .
,
(VLAN), ,
.
: (DES-3526, DES-3526DC, DES-3550)
DES-3500. ,
.


IEEE 802.3 10BASE-T
IEEE 802.3u 100BASE-TX
IEEE 802.1p
IEEE 802.3x
(LACP) IEEE 802.3ad
IEEE 802.1x MAC-
VLAN IEEE 802.1Q
IEEE 802.1D Spanning Tree, IEEE 802.1W
Rapid Spanning Tree and IEEE 802.1s
(ACL)
IP- (SIM)
TACACS, XTACACS and TACACS+
(Dual Image)
SNTP
MAC Notification
VLAN


MAC- 8
16 M
VLAN

IGMP Snooping
SNMP
Secure Sockets Layer (SSL) Secure Shell
(SSH)

(MIB) :
RFC1213 MIB II
RFC1493 Bridge
RFC1757 RMON
RFC1643 Ether-like MIB
RFC2233 Interface MIB
Private MIB
RFC2674 for 802.1p
IEEE 802.1x MIB
RS-232 DCE

,
, : 14 881 /
Ethernet 10/, 148 810 / 100/
Fast Ethernet.
10 100/.
.
,
.
.
:
store and forward
.
/ .
IP- Port Binding

Safeguard Engine

24 ( DES-3526, DES-3526DC) 48 ( DES-3550) 10/100Base-TX(MDIX/MDI-II) , ,


.
(10 //100 /) ( /
), (
, 802.1).

- 1000BASE-T/Mini-GBIC(SFP)
, .

RS-232 DCE ( )
,
.
: ,
SNMP D-Link D-View, D-Link
(www.dlink.ru) .


:
;
10/100 /;
- 1000BASE-T Mini-GBIC.

1.1 DES-3526

1.2 DES-3550
DES-3526DC ,
RPS.

1.3 DES-3526DC
.


, ,
RPS ( DES-3526/DES-3550), . 1.3

,
.

1.4 DES-3526

1.5 DES-3550

Power
Console

RPS (
DES-3526/DES3550)
Ports LEDs

100M/10M
Gigabit ports


, .
, .

Power-On Self Test (POST). ,
, .

RS-232
.
,
, .

.

10/ 100/:

10 /.
,
.

- 100 /.
,
.

100 /.
Mini GBIC
:
Speed
1000 /.
, 10/100 /
Link/Act ,
.
.


DES-3526 DES-3550 .

1.6 DES-3526

1.7 DES-3550

.
, .
100 ~ 240
50 ~ 60 .
,
.
. ,
.

1.8 DES-3526DC
DES-3526DC ,
. .


,
. .
. 6 (1 = 2,54 , 6
= 15,24 ) .
, ,
, , ,
.

1.9 DES-3526/DES-3526DC

1.10 DES-3550

-
24 ( 48) 10/100 /
Ethernet -, .. ,
1000BASE-T, Mini-GBIC.
Mini-GBIC . , ,
( )
Mini-GBIC . GBIC-
.

1.11 Mini-GBIC DES-3526

1.12 Mini-GBIC DES-3550

1.13 Mini-GBIC

2 -





, ,
. :

DES-3500 xStack

(AC) ( DES-3526DC)

( )

RS-232
- , ,
D-Link .


.
, .

,
, , 3 . .

1,82 .

,
( DES-3526).

,
. 10
.

,
, , .

,
.
.


,
.
.
.

2.1 DES-3526 DES-3550


19 .
.

2.2 DES-3526 DES-3550

.
, ,
2.3 2.4.

19
:
,
, ,
. ,
. ,
,
.

2.3 DES-3526

2.4 DES-3550

10


,
. , ,
. .


,
, . ,
.

DES-3526DC
DES-3526DC ,
.

2.4
1. , 2.4.
(-) -48V.
(+) -48V Return.
.
2. , .

11

3 -


: 24 (48 DES-3550) NWay


Ethernet MDI-II, MDI-X-.


(PC) 10, 100 1000 /
Ethernet/Fast Ethernet RJ-45, .
3, 4
5 UTP/STP-.

3.1 DES-3526DC

3.2 DES-3550

12

Link/Act
UTP-
.
.

10 Base-T
3, 4 5 / (UTP/STP) .

100Base-TX
5 / (UTP/STP) .

3.3 DES-3526DC, ( Uplink)


3.4 DES-3550, ( Uplink)


13


- MiniGBIC uplink-
. 1000, 100 10 /
. , - ,
1000 / .
Gigabit Ethernet
- 5. Link
.

3.5 DES-3500

14

4 -

Web-
SNMP-
(RS-232 DCE)


SNMP
IP-



, Telnet.
Web- Web-.

Web-
, ,
,
Web-, , Netscape Navigator ( 6.2 ) Microsoft Internet Explorer
( 5.0).

SNMP-
,
SNMP-. SNMP 1.0, 2.0 3.0. SNMP-
SNMP-
MIB. SNMP- MIB
.

(RS-232 DCE)
RS-232,

. DB-9 ,
(DTE Data Terminal Equipment).
:

- RS-232 DB-9
.
:
1. RS-232
.

15

2. .
:
3. (COM 1 COM 2).
4. 9600 .
5. : 8 ; 1 .
6. .
7. Properties VT 100 .
8. , Crtl. ,
, Windows.
: HyperTerminal
Microsoft Windows 2000, , Windows 2000
Service Pack 2 . Windows 2000 Service Pack 2
HyperTerminal
VT100. Windows 2000 Service Pack
www.microsoft.com
9. , ,
. .
10. , , console login.
11. (CLI) ,
Enter, (User name)
(Password), .. . , ,
.
, , ,
.
12. .
.
. CD-

DES-3500,
CLI.
13. , ,
.
, , ,
.
, ,
VT100.
, Hyper Terminal File Properties
Settings Emulation. ,
, .
, .
.
.
: ,
Enter.

16

4.1


, ,

. , .
: , ,
, , S s.
.
: Ctrl+R .

.
Enter Username ( ) Password ().
DES-3526:admin#, .
. Username ( )
Password () .

17

4.2
:
.
.


DES-3500 .
.

,
.
,

.

:

CLI ,
<user name>, Enter.

. <password> ,
Enter.

.
Enter.


.
: .
15 .

18


newmanager.

: CLI

.
, Save,
.

SNMP
Simple Network Management Protocol (SNMP)
( ) OSI,
. SNMP
, ,
. SNMP
,
, .
SNMP (
), .
SNMP .
MIB (Management Information Base),
, SNMP-.
SNMP MIB
.
DES-3500 SNMP : 1, 2 3.
, SNMP .
SNMP
.
SNMP v.1 v.2
(community string), .
SNMP
community string. SNMP ,
().
community strings , v.1 v.2
SNMP, :
public MIB.
private
MIB.
SNMP v.3 ,
. ,
SNMP-. ,
SNMP-.

19


. SNMP
SNMP-. , SNMP,
, SNMP v.1,
/, SNMP v3.
SNMP , SNMP
v.3,
SNMP. (OID
Object Identifier), MIB. SNMP v.3
: SNMP .
SNMP v.3 ,
.

Traps
Traps - , ,
. , (-
) , , .
traps ( ).
traps (Authentication Failure),
(Topology Change) /
(Broadcast\Multicast Storm).

MIB
MIB
. MIB-II. ,
MIB
, SNMP. MIB-II,
MIB,
. MIB,
MIB. MIB , -.

IP-
IP-,
SNMP TCP/IP
(, BOOTP, TFTP). , IP- - 10.90.90.90.
, .
MAC-. MAC-
, show switch

, :

20

4.3
MAC- Web-
Switch Information (Basic Settings) Configuration.
IP-
Web- . IP-
, BOOTP DHCP:
, . IP-
CLI :
:
config ipif System ipaddress xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy
x IP-, IP- (System); y .
: config ipif System ipaddress xxx.xxx.xxx.xxx/z
x IP-, IP- (System); z
CIDR
IP- , System, IP-
. Telnet Web-
.

21

4.4 IP-
IP- 10.41.44.254
255.0.0.0. Success ,
. Telnet CLI
Web- .


IP- .
SFP-:
SFP- .
SFP- SFP-.
SFP.
: SFP-,
10/100/1000Base-T (
- 10/100/1000Base-T/SFP).

22

5 - Web-

Web-
Web-

DES-3500 ,
Web- (HTML).
,
Opera, Netscape Navigator/Communicator Microsoft Internet Explorer.
HTTP.
Web- (Telnet)

. , ,
Web- , .

Web-
, ,
, IP-, . URL
: http://123.123.123.123, 123
IP- .
: IP- 10.90.90.90.
Login. ,
:

5.1 Enter Network Password

User Name ( ) Password ()


. Web-.

23

, Web- ,
.

Web-
Web-
, , .

Web-
, ,
: , .

5.3 Web-

Area 1

: .
, ,
, . D-Link,
D-Link.

Area 2


. ,
, , ,
, .

, .

Area 3


.
: ,
, Web- ( )
Save Changes Save ()
CLI.

24

, Web-
Web- ,
.
, Web-:
Configurations () , IP Address (IP), Switch Information ( ), Advanced Settings (
), Port Configuration ( ), IGMP, Spanning Tree, Forwarding Filtering,
VLANs, Port Bandwidth ( ), SNTP Settings ( SNTP), Port
Security, QoS, MAC Notification, LACP, Access Profile Table ( ), System
Log Servers ( ), PAE Access Entity, Layer 3 IP Networking.
Security Management ( ) ,
Security IP, User Accounts ( ), Access Authentication
Control (TACACS), Secure Sockets Layer (SSL), Secure Shell (SSH) SNMP V3.
Monitoring () , ,
Port Utilization ( ), CPU Utilization ( CPU),
Packets ( ), Errors Size ( ), MAC Address
(MAC-), IGMP Snooping Group, IGMP Snooping Forwarding, VLAN Status ( VLAN),
Router Port ( ), Port Access Control ( )
Layer 3 Feature ( L3).
Maintenance () ,
, TFTP Services ( TFTP),
Switch History ( ), Ping Test , Save Changes ( ), Reboot
Services ( ), Logout ( ).
Single IP Management ( IP-) ,
Single IP Management ( IP-),
SIM Settings ( SIM), Topology (), Firmware/Configuration downloads
( / ).
: ,
.

25

6 -

IP-





LACP
MAC- (MAC Notification)
IGMP

Forward Filtering
VLANs

(Port Security)
QoS
(System Log Servers)
SNTP
(Access Profile Table)
Port Access Entity
IP MAC- (IP-Mac Binding)
IP Multicast


, , IP, , ,
. Switch Information
Configuration.

6-1. Switch Information (Basic Settings)


Switch Information (Basic Settings) - (
), Boot PROM (), Firmware (
), Hardware ( ).
PROM ,
- , .

26

(System
Name), (System Location) (System Contact).

IP-
Ethernet IP-
. IP- ,
DES-3526 4
.
IP- Web-, IP Address,
Configuration.
IP- :
Configuration IP Address. IP Address Settings
IP- , .

6-2. IP Address Settings


IP- , :
1. Get IP From Manual.
2. IP- (Subnet Mask).
3. , IP . ,
, (0.0.0.0).
4. VLAN ,
VLAN - Default. VLAN
, ID VLAN (VID), ,
, .
VID,
.
: , IP- 10.90.90.90
255.0.0.0 0.0.0.0.
IP-, ,
BOOTP DHCP, Get IP From BOOTP
DHCP. , IP-
.
: AutoConfig, Get IP From
DHCP.

27

IP-:

BOOTP

DHCP

Manual

Subnet Mask

Default
Gateway
VLAN Name

Admin State

Auto Config
State

BOOTP. IP-, ,
BOOTP-.
,
BOOTP-,
.
DHCP-.
IP-, ,
DHCP-. ,

DHCP-, .
IP-, ,
.
: xxx.xxx.xxx.xxx, 0 255.
,
.
, .
: xxx.xxx.xxx.xxx,
0 255.
255.0.0.0, 255.255.0.0 255.255.255.0.
.
IP-, ,
. IP-.
,
, .
VLAN,
, TCP/IP (
Web- Telnet). VLAN
, , IP-
Security IP Management. VLAN ,
VLAN . .. Security
IP Management , ,
, ,
VLAN IP-
.
/ Admin State
IP-, .
,

.
,
TFTP DHCP- .
. , Auto Config,
DHCP- TFTP- IP-
DHCP. TFTP-

.

DHCP- / TFTP-.
,
,

28

.
Apply.

IP-

IP-, SNMP TCP/IP (, BOOTP, TFTP). IP-


10.90.90.90. ,
.
IP- Web. IP-
BOOTP DHCP, .
IP- :
, config ipif System ipaddress
xxx.xxx.xxx.xxx/ yyy.yyy.yyy.yyy. - IP-, IP- (System),
.
config ipif System ipaddress xxx.xxx.xxx.xxx/z. x IP-,
IP- (System); z CIDR.
IP- , System, IP-
, Telnet
Web- .
Telnet Web- .
Sucess .
Telnet, CLI Web-
. IP-
.
: , ,
D-Link, .


Switch Information (Advanced Settings)
. Advanced Settings
Configuration.

29

6-3. Switch Information (Advanced Settings)

Serial Port Auto


Logout Time

MAC Address
Aging
Time
IGMP Snooping

GVRP Status
Telnet Status
TCP Port Number
(1-65535)
Web Status
Web TCP Port
Number
Link Aggregation
Algorithm

.

, . : 2
Minutes, 5Minutes, 10 Minutes, 15 Minutes Never.
10 minutes.
- ( -).
. 10
1,000,000 . 300 .
IGMP Snooping Enable.
. IGMP Snooping
, ,
, . IGMP Snooping
VLAN IGMP Snooping IGMP.
/ GVRP
.
Telnet .
Telnet, Disable.
TCP-. - 1 65535. -
Telnet - 23.
Web- (Enable).

Web-.
-, Web-
( 80).
,
, .
MAC Source, MAC Destination, MACSrc & Dest, IP Source, IP Destination

30

RMON Status
802.1x Status

802.1x
Authentication
Protocol
Asymmetric VLAN

IP Src & Dest. (


.)
/
.
802.1x
- ( : Disable).
Port Access Entity.
802.1x
,
.
802.1x -
- ,
.
radius eap radius pap 802.1x
. radius eap.

/ VLAN .
Disabled.
Syslog Global State / Syslog State ( ).
Disabled.
Apply.
: VLAN ,
VLAN .



. Port Configurations ,
:

31

6-4. Port Configuration


:
1. , FromTo.
2. :

State
Speed/Duplex

/ .
/
. Auto
10 100 / . Auto

. : Auto, 10M/Half, 10M/Full, 100M/Half
100M/Full.
Auto.

32

,
. , ,
802.3x. ,
,
. Auto
. ,
Disabled.
/ - .
Learn
Enable , -
-. Disabled,
- - .
.
- Forwarding/Filtering.
Enabled.
/ trap-
Trap
.
Apply.
Flow Control

Show Errdisabled Ports Port Configuration. Err-Disabled Ports


, .
: Return to Port Setting page.


DES-3526 .
, Port Description
Configuration:

33

6-5. Port Description Setting


From To,
. Apply Port
Description Table.



, ,
, , RMON-.
.

34

6-6. Setup Port Mirroring


:
Source Port (-), , Target
Port (-), .
: Ingress (), Egress () Both ();
Status Enabled.
Apply.
: .
, 100 10 ,
. ,
, , ,
.
.



(Port trunk groups)
. DES-3526
2 8 . ,
8000/

35

6-7.
.
, ( ),
.
: -
, , ,
.
.

. .
,
, .
:
,
2 8. ,
. :
.
VLAN, STP-,
, ;
802.1p .
,
802.1X , .
, ,
.
Master Port ( ) , ,
VLAN, Master Port,
.

36


,
.
Spanning Tree Protocol ( )
. STP

. , STP
, , .
Link Aggregation Configuration,
:

6-8. Port Link Aggregation Group


Add,
. Link Aggregation Settings ( )
. , Modify,
. ,
Delete, .

6-9. Link Aggregation Settings -

37

6-10. Link Aggregation Settings -


, :

Group ID
State

ID 1 6
(Enabled)
(Disabled). ,

,
.

Master Port

, ,.
.
Member Ports
.
Flooding Port

.
Active Port
, .
Type
Static LACP (Link Aggregation Control
Protocol). LACP

.
Apply, .
Current Link Aggregation Group Entries,
6-8.

LACP
LACP Port Setting Link Aggregation
. ,
,
LACP-.

38

6- 11. LACP Port Settings


:

From/To
Mode

.
LACP-
Active LACP-,
LACP-. LACP
.

, ,
LACP.
LACP.
Passive - LACP- LACP.
, ,
LACP (.
).

, Apply .
LACP- / .

39

MAC-
MAC Notification (MAC-) MAC-
.

MAC-
-
. Notification MAC Notification
Global Settings.

6- 12. MAC Notification Global Settings

State
Interval (sec)
History size

/ MAC- .
.
.
500 .

MAC-
- ,
Port Settings MAC Notification. :

40

6- 13. MAC Notification Port Settings


:

FromTo

State

, MAC.
MAC- .

Apply .

IGMP
IGMP (Internet Group Management Protocol) snooping IGMP
, IGMP-.
IGMP snooping, ,
, IGMP, .

41

IGMP Snooping,
(. ).
VLAN, IGMP Snooping L2 Features. IGMP snopping
,
IGMP-, .
IGMP ,
, .

IGMP Snooping
Current IGMP Snooping Group Entries IGMP
Snooping. Modify,
VLAN ID.

6- 14. Current IGMP Snooping Group Entries


Modify IGMP Snooping Settings, :

6- 15. IGMP Snooping Settings


.

VLAN ID

VLAN Name

VLAN, VLAN,
VLAN, IGMP
snooping.
VLAN, ID VLAN, VLAN,

42

IGMP snooping.
Query Interval

Max Response
Time
Robustness
Variable

Last Member Query


Interval

Host Timeout

Route Timeout

Leave Timer

Querier State

State

( )
IGMP-. 1 65535.
125.
IGMP-.
1 25 ( ). 10.
.
VLAN, , ,
Robustness Variable ,
. 1 255. 2.

-, ,
. =1
,

.
= 260.
( ).
260.

Leave
.
Enabled IGMP-, Disabled
. Disabled.
Enabled IGMP snopping.
Disabled.

Apply . Current IGMP


Snooping Group Entries Show All IGMP Group Entries.


,
. WAN .
,
, (IGMP),
, .
:
IGMP- .
IGMP- .
UDP- .
IGMP- IGMP snooping,
, 3- ,
UDP-, UDP-
.
,
IGMP-, RIPv2, DVMRP PIM-DM.
Current Static Router Ports Entries ( )
IGMP, Static Router Ports Entry.

43

6- 16. Current Static Router Ports Entries


.
Modify. Static Router Ports Settings,
:

6- 17. Static Router Ports Settings


:

VID (VLAN ID)

VLAN Name

Member Ports

(ID) VLAN, VLAN,


VLAN, .
VLAN,
.
,
.

Apply. Static Router


Ports Settings, Show All Static Router Port Entries.


Forbidden Router Ports Entry ,
VLAN
. Configuration > IGMP >
Forbidden Router Ports Entry.

6- 18. Current Forbidden MC Router Ports Entries

VLAN
Modify, .

44

6- 19. Forbidden MC Router Ports Settings



, , Apply.

Current Forbidden MC Router Ports Entries Port List.

VLAN IGMP
IGMP snooping
, ,
. 2- IGMP-
,
.
. ,
. (IGMP Join Group)
(Leave Group).

.
IGMP snooping ,
. , IGMP snooping
,
VLAN, -
IGMP-snooping .
,
VLAN.
DES-3526
( VLAN), VLAN.
VLAN,
VLAN, .
(Join Group)
(Leave Group). , ,
.
, VLAN, MAC . (IGMP
Join Group) (Leave Group).
VLAN Configuration > IGMP
> IGMP Multicast VLAN. :

45

6- 20. Multicast VLAN Current Multicast VLANs Entries


VLAN Add ,
.

6- 21. Multicast VLAN ()


:

VID

VLAN Name

Replace Source IP
With
State

Source Port

ID () VLAN.
1 4094. 3- VLAN.
VLAN. VLAN
32 .
3-
VLAN.
IP-, IP- .

VLAN,
.
, -
.
, VLAN. ,
-

46

VLAN, .
Member Port

VLAN.
-.
, - .

Apply VLAN.
VLAN,
Modify Current Multicast VLANs Entries Table,
:

6- 22. Multicast VLAN


:

VID

VLAN Name

Replace Source IP
With
State
Source Port

Member Port

ID () VLAN.
1 4094. 3- VLAN.
VLAN. VLAN
32 .
3-
VLAN.
IP-, IP- .

VLAN, .
, -
.
, VLAN. ,
-
VLAN, .
VLAN.
-.
, - .

Apply .

47

: VLAN,
IGMP Snooping , ..
VLAN IGMP Snooping .


(Spanning Tree): 802.1d
STP, 802.1w Rapid STP 802.1s MSTP. 802.1s, 802.1d STP 802.1w Rapid
STP MSTP, .
802.1d STP, 802.1w Rapid
STP 802.1s MSTP.

802.1s MSTP
Multiple Spanning Tree Protocol (MSTP) , IEEE,
VLAN , .
MSTP ,
,
. , VLAN,
(STP, RSTP MSTP).
BDPU- ,
, spanning tree VLAN. MSTI ID
. MSTP
(CIST). CIST
MSTP,
. , VLAN
,

VLAN .
, MSTP,
, :
1. 32 (
Configuration Name, STP Bridge Global Settings).
2. ( Revision Level STP
Bridge Global Settings).
3. 4096 ( VID List, MST Configuration
Table), 4096 VLAN,
.
MSTP- :
1. MSTP ( STP Bridge Global Settings
STP Version).
2. ( Priority,
MSTConfiguration Table, MSTI ID).
3. VLAN, ,
MSTP Instance ID ( VID List MST Configuration Table,
, MSTI ID).

802.1w Rapid Spanning Tree


Spaning Tree: Multiple Spanning Tree Protocol
(MSTP), IEEE 802.1s; Rapid Spanning Tree Protocol (RSTP),
IEEE 802.1w, IEEE 802.1d STP. RSTP
IEEE 802.1d, , ,
RSTP.
IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) 802.1d STP.
RSTP , STP

48

(, 3- ,
Ethernet). RSTP
STP, , ,
.
STP .

STP, MSTP, RSTP



,
( ). MSTP RSTP
Discarding (, ),
802.1d, (, ,
). STP ,
RSTP/MSTP Discarding,
, .
6-1 .
.
.
BPDU-, Hello-. BPDU-
, BPDU- .
. ,
. 802.1d
.
802.1d MSTP

802.1w RSTP

(Discarding)

(Discarding)

(Discarding)

(Discarding)

(Discarding)

(Discarding)

(Learning)

(Forwarding)

(Learning)

(Forwarding)

802.1d STP

(Disabled)

(Blocking)

(Listening)

(Learning)

(Forwarding)

6-1.
RSTP ,
, RSTP- RSTP. , ,
. ,
: edge port ( ) point-to-point (P2P) .


(Edge port) , ,
. ,
. , ,
,
. , BPDU-,
spanning tree.

49

P2P-
2- . 2-
. RSTP/MSTP
, , 2-,
.

802.1d/802.1w/802.1s
MSTP RSTP , STP 802.1d,
BPDU- 802.1d.
802.1d STP MSTP
RSTP, .
Spanning Tree Protocol (STP) :
1. .
2. -
.

STP-
Spanning Tree Configuration
STP Bridge Global Settings.

6- 23. STP Bridge Global Settings STP

50

6- 24. STP Bridge Global Settings - RSTP ( )

6- 25. STP Bridge Global Settings - MSTP


: Hello Time , Max. Age.
.
, :
Max. Age = 2 x (Forward Delay - 1 )
Max. Age = 2 x (Hello Time + 1 )
:

51


STP Status

STP Version

/ STP
. Disabled ().
STP,
. :
STP - Spanning Tree Protocol (STP)
RSTP - Rapid Spanning Tree Protocol (RSTP)
MSTP - Multiple Spanning Tree Protocol (MSTP)

Hello Time

1 2 .
BPDU .
STP RSTP. MSTP
. MSTP ,
MST.

Max Age

Max Age ,
, .

BPDU-
. , BPDU-
,
BPDU- ,
. ,
Bridge Identifier,
. 6
40 . - 20.
4 30 . ,

.

Forward Delay

Max Hops

TX Hold Count

Forwarding BPDU

()
, ,
BPDU-, ,
.
, ,
. BPDU-.
1 20. 20.
Hello-,
. 1
10. 3.
Enabled() Disabled
(). STP
BPDU- . Enabled.
MST Configuration Identification

Configuration
Name

32
MSTP- . ,

52

Revision Level, MSTP-.


, . ,
MSTP.
Revision Level

0 65535 MSTP. MSTP. - 0. ,


MSTP.

Apply.

MST
, Current MST Configuration Identification,
MSTI .
spanning tree, .
CIST (Common Internal Spanning Tree),
, MSTI ID. CIST .
Current MST Configuration Identification, Configuration >
Spanning Tree > MST Configuration Table.

6- 26. Current MST Configuration Identification

, , :

Configuration
Name

Revision Level

MSTI ID
VID List

, Revision Level,
MSTP-. ,
- .
STP Bridge Global Settings.
, Configuration Name,
MSTP-, .
STP Bridge Global Settings.
MSTI ID .
CIST MSTI, .
VLAN ID,
MSTI.

Add , :

53

6- 27. Instance ID Settings window

MSTI ID

Type
VID List (1-4094)

Priority (0-61440)

1 15 MSTI
.
Create , MSTI.
VID,
VLAN. VID,
, - 1 4094.
0 61440 MSTI
. , .
4094.

Apply.
CIST Current MST Configuration Identification:
:

6- 28. Instance ID Settings CIST

CIST:

MSTI ID
Type
VID List (1-4094)

MSTI ID 0 .
. CIST.
.
VID VLAN,
. 1 4094.

54

CIST .
Priority (0-61440)

0 61440 MSTI
. , .
4094.

Apply.
MSTI MSTI ID,
:

6- 29. Instance ID Settings

MSTI :

MSTI ID
Type

VID List (1-4094)

Priority (0-61440)

MSTI ID, .

MSTI. :
Add VID MSDI ID.
VID List.
Remove VID MSDI ID.
VID List.
Delete MSDI ID.
Set Priority Only MDSI ID.
Priority.
VID VLAN,
. 1 4094.
, Type Add Remove.
0 61440 MSTI
. , .
4094. ,
Type Set Priority Only.

Apply.

MSTI
MSTI
MSTI ID. MSTI
, . ,
,
. , ,
MSTP - -,
. ,
, .

55

Configuration > Spanning Tree > MSTP


Settings:

6- 30. MSTP Port Information

MSTI ,
Apply. MSTI,
MSTI ID, :

6- 31. MSTI Settings

Instance ID

Internal cost
(0=Auto)

Priority

ID MSTI.
, CIST (
).

, STP.
0 (). :
0 () .
.
1 2000000
. ,
.
0 240
. , ,
. ,
.

Apply.

STP
MSTI, .
Configuration > Spanning Tree > STP Instance Settings:

56

6- 32. STP Instance Table

Instance Type

Instance Status
Instance Priority

MSTI,
.
MSTI ID.
MSTI ID.
.

Apply.
STP,
Instance Type. ,
.

6- 33. STP Instance Operational Status

MSTP
STP , , .
Configuration > Spanning Tree > MST Port Information:

57

6- 34. STP Port Settings

Spanning Tree, ,
.
Spanning Tree, . STP
, ,
. STP ,
, .
,
. ,
.

58

STP (
). STP
STP-. STP-
VLAN.
: BPDU-
, : 1. STP
. 2. BPDU- .
STP Bridge
Global Settings, .
STP-:

From/To

External Cost


.
.
0 ().
0 ()
(). :
100/ =200000; Gigabit =20000
1 200000000 .
, ,
.

Hello Time


LAN.
1 2 . 2 .
, MSTP.

Migration

Edge

Restricted Role

yes BPDU-
, STP.
RSTP, 802.1d
STP 802.1w RSTP.
MSTP,

802.1d STP 802.1s MSTP. RSTP MSTP


STP, , RSTP MSTP
802.1d 802.1w 802.1s.
True .
,
. BPDU-.
BPDU-,
. False ,
.
: True False.
TRUE CIST
MSTI, .
, ,
.
FALSE. True
.

59

Restricted Tcn

P2P

Forward BPDU

,
.
: True False.
TRUE (topology change notifications
topology change) .
FALSE, .
False -
(topology change), .

True ,
point-to-point (P2P)-. 2- ,
2-
. , P2P-
,
RSTP. False , 2-.
Auto 2 ,
, 2- True.
-
(, ), , P2P-
False. Auto.
True BPDU-
. STP ,
BPDU- (
STP Bridge Global Settings).
False: BPDU-
, STP .

State

/ STP .
Enabled ().

Apply.

Loopback Detection
, CTP (Configuration
Testing Protocol) . CTP-,
VLAN, .
VLAN
. Loopback Detection Recover Time
discarding (). Loopback Detection
. ,
.

60

6- 35. LoopBack Detection Global Settings

61

Loopback Detection Global Settings

Loopback
Detection Status

/
Loopback Detection . ,
Disabled ().

Interval (1-32767)

, ( ),
CTP-
. 10,
1 32767.

Recover Time
(0 60
1000000)

(
),

,
Loopback. 60 1000000.
0,
. , 60.

Mode

LoopBack Detection: Port_based (


), VLAN_based ( VLAN). Port_based
. vlanbased, , VLAN,
.

From/To

Loopback Detection Status Settings

State

/
Loopback Detection .
Disabled ().
Apply.

( Forwarding
Filtering)
Unicast- (Unicast
Forwarding)
Forwarding Filtering Configuration,
Unicast Forwarding, Setup Static Unicast Forwarding Table.

6- 36. Setup Static Unicast Forwarding Table

/
Add/Modify:

62


VLAN ID (VID)

VLAN (VLAN ID), MAC-,


.

MAC Address

-, .
(unicast) MAC-.
Allowed to Go Port ,
-.
Apply. Static Unicast
Forwarding Table Delete.

Multicast Forwarding
, Multicast Forwarding (
) . Forwarding Filtering,
Multicast Forwarding, :

6- 37. Static Multicast Forwarding Settings

Static Multicast Forwarding Settings ,


. Setup Static Multicast Forwarding
Table Add. , :

6- 38. Setup Static Multicast Forwarding Table

VID

VLAN (VLAN ID),


-.

Multicast MAC
Address

- .
-.

Port Settings

63

, ,
.
,
, GMRP. :
None
. None,
.
Egress , .
Apply. Static Unicast
Forwarding Table, Delete.
Static Multicast Forwarding Settings, Show All
Multicast Forwarding Entries.



. Forwarding Filtering
Multicast Port Filtering Mode Setup, :

6- 39. Multicast Port Filtering Mode Setup

64

From/To

Mode

,
.
,
,
- .
Forward All Groups ,

,
.
Forward Unregistered Groups ,
,
,
, .
Filter Unregistered Groups -
,

, .

Apply.

(VLAN)
IEEE 802.1p
IEEE 802.1p
, .
, ,
, ,
.
, IEEE 802.1p,
. ,
, ().
, .
0 7: 0 , 7 .
7 , (,
- - ) ,
.
,
.
. , ,
.
Queue 1
7. , , Queue 0,
, .
weighted round robin (
WRR) , .
4:1, ..
Queue 1 4- , Queue 0 .
,
, , .
,
.

65

VLAN
Virtual Local Area Network (VLAN) ,
, . VLAN
LAN , LAN.
VLAN
, VLAN.
, VLAN , .
VLAN , ,
,
. , ,
VLAN . VLAN
, ..
VLAN,
.

VLAN
DES-3500
,
VLAN, VLAN ,
VLAN.
DES-3500 VLAN: VLAN IEEE 802.1Q s Port-Based
VLAN ( ). ,
802.1Q, 802.1Q .
VLAN 802.1Q, default.
VID "default" VLAN 1.
, Port-Based VLAN.

IEEE 802.1Q VLAN


:
Tagging () () 802.1Q VLAN .
Untagging ( ) 802.1Q VLAN .
Ingress port ,
( ,
VID=PVID)
Egress port ,
. ,
. ,
.
(tagged),
(untagged). untagging ( ) IEEE 802.1Q VLAN
, VLAN .
(tagging) VLAN ,
802.1Q, Spanning Tree .
IEEE 802.1Q :
VLAN ,
.
(Spanning Tree).
.
802.1Q VLAN
:
Ingress rules , .
Forwarding rules ,
.
Egress rules , .

66

6- 40. IEEE 802.1Q

67

802.1Q VLAN
6.41 802.1Q VLAN. . , EtherType.
08100, . 802.1Q
3 (802.1p), 1 Canonical Format Identifier (CFI
Token Ring
Ethernet) 12 VLAN ID (VID). VID VLAN, 802.1Q.
VID 12 4094 VLAN.
4 .
.

6- 41. IEEE 802.1Q

EtherType VLAN ID - ,
EtherType/Length Logical Link Control.
, , (Cyclic Redundancy
Check, CRC).

68

6- 42. IEEE 802.1Q

VLAN ID
802.1Q , 802.1Q,
. , 802.1Q.
VLAN 802.1Q, Port-Based VLAN ( )
MAC-Based VLAN ( -). VLAN
Port VLAN ID (PVID). , ,
PVID, , .
PVID , , PVID , ,
.
PVID VLAN (, VLAN
). , VLAN
PVID VLAN,
.
PVID. 802.1Q
PVID. VLAN
PVID, 1. PVID ,
. PVID.
, VID.
PVID, PVID .
, 802.1Q VLAN, PVID
VID . VID VID , .
VID , .
PVID VID
802.1Q VLAN, .
PVID,
VID, ,
, VLAN.
, 802.1Q VLAN,
, 802.1Q VLAN,
. , ,
802.1Q VLAN, .
, 802.1Q VLAN, .

69


802.1Q
.
VID, VLAN
. ,
VLAN . 802.1Q,
, VLAN.
802.1Q .
, , ,
802.1Q VLAN. ( , PVID
). (Untagging)
, 802.1Q,
802.1Q VLAN.

(Ingress Filtering)
, , VLAN,
Ingress Port. Ingress filtering,
VLAN- ( )
.
VLAN-, Ingress port ,
VLAN, . , .
802.1Q VLAN, ,
.
VLAN-, Ingress Port PVID
VID ( ). Ingress Port ,
VLAN (.. VID), .
, . VID,
, .
Ingress Filtering
. , VLAN, ,
, .

VLAN
VLAN VID=1. PortBased VLAN ( ), VLAN
VLAN .
, VLAN VLAN
.
: VLAN,
.
.
.
:
VLAN
System ( )

VID
1


5, 6, 7, 8, 21, 22, 23, 24


2
9, 10, 11, 12

3
13, 14, 15, 16

4
17, 18, 19, 20

5
1, 2, 3, 4
6- 2. VLAN

70

Port-based VLAN ( )
VLAN .
, , , VLAN,
.
VLAN 802.1Q
. Ethernet-.
,
Ethernet-. ,
VLAN .

VLAN
, , 1 (Port 1),
VLAN 2. , (Port 10)
VLAN 2 (.. VLAN 2). Port 10 VLAN 2,
. Port 10
VLAN 2, Port 10.
VLAN.

VLAN
xStack DES-3500 VLAN.
VLAN VLAN,
VLAN. VLAN :
1) VLAN, 2) VLAN GVRP. .

6- 43. VLAN

VLAN :

71

1. VLAN Advanced Settings,


Configuration.
2. VLAN. 1-8
, . ,
. ,
VLAN. , VLAN V2 1-8 ( VLAN), ,
VLAN ( 9-16). VLAN V3 1-8
( ), , VLAN(17-24).
VLAN, , - .
3. PVID GVRP, VLANs.
PVID 1, PVID 2 PVID 3 .
( PVID 1),
VLAN ( PVID 2 PVID 3).
VLAN .

VLAN
c VLAN. VLAN, ,
.
: VLAN-
, ()
, VLAN.
, VLAN ,
VLAN :
. VLAN
.

VLAN
Configuration,
VLAN Static VLAN Entry:

6- 44. Current 802.1Q Static VLANs Entries

802.1Q Static VLANs VLAN ( ID).


802.1Q VLAN Delete.
802.1Q VLAN 802.1Q Static VLANs
Add. , . ,
, VLAN.
:

72

6- 45. 802.1Q Static VLAN -

Current 802.1Q Static VLANs Entries Show


All Static VLAN Entries. 802.1Q VLAN,
Modify.
VLAN. .
: 255 VLAN.

6- 46. 802.1Q Static VLAN window

73


VID (VLAN ID)

VLAN Name
Advertisement

Port Settings

VLAN ID Add Modify


VLAN ID VLAN. VLAN
VID.
VLAN Add
VLAN Modify.
GVRP-
, ,
VLAN.
, VLAN.

Tag

802.1Q 802.1Q .
, .
None
, VLAN
Egress
,
VLAN. Egress Port , VLAN.
, .
Forbidden
, VLAN
VLAN.
Apply.

GVRP
Configuration VLANs GVRP Setting.
802.1Q Port Settings . ,
GARP VLAN Registration
Protocol (GVRP) VLAN. Ingress
Checking , PVID
PVID . ,
:

74

6- 47. 802.1Q Port Settings

From/To

PVID

,
VLAN . VLAN 802.1Q Port
Settings.

PVID , VLAN
802.1Q Port Settings.
VLAN VID=1. PVID
,
. ,
, 802.1Q,
PVID. ,

75

GVRP

Ingress

Acceptable Frame
Type

PVID
. , Ingress Filtering
, VID PVID
. , .
.
Group VLAN Registration Protocol (GVRP)
VLAN.
.
Enabled () Disabled
(). VID
PVID . ,
. Disabled () ingress-.
, .
, .
Tagged Only, ,
VLAN, Admit_All,
, ,
. Admit_All.

Apply.



. -
, , . ,
, , ,
. ,
.
,
. ,
.
, .
Drop Action .

.
,
. (.. ),
, STP BPDU.
, CountDown.
, Shutdown Forever,
.
, Administration Port Configuration,
Enabled ().
Shutdown Action .

76

6- 48. Traffic Control Setting

Traffic Control Setting /



, DLF (Destination Look Up Failure).
.
Configuration > VLANs > Traffic Control.
:

Trap Setting

Traffic Control
Trap

(Trap)
, .
:
None ,
, .
Storm Occurred
.
Storm Cleared
, .
Both ,
, .
,
(..

77

Drop Action).
Traffic Control Settings
Storm Type

Action

,
.

:
Broadcast
(

), Multicast (
) Unicast ( ).
,
(Enable) (Disable)
.
.
:
shutdown
.
, STP BPDU-,
.
countdown ,
Shutdown Forever ,
config ports enable 5
Shutdown Forever Auto- Recovery.

.
drop
.

, ,
.

Group List

,
Shutdown.

Threshold

,
.
0-255000.
128000.

Time Interval

,


.
,
. 5 30 (
5 ).
Count Down ,
,
. ,
Shutdown Action, ..
.
0, 5-30 . 0, ,
shutdown .

Count Down

78

: , Shutdown forever,
Discarding Spanning Tree, BPDU-
CPU .
: , Shutdown Forever,
, (link down)
,
5 Shutdown Forever
Auto-Recovery ( ).
: ,
shutdown Group List
. Action drop
Group list . (, 1
1 8, 2 - 9-16 ..)
drop
Action:
Group 1 1-8.
Group 2 9-16.
Group 3 17-24.
Group 4 9-16 ( DES-3550) 25 Gigabit Ethernet (
DES-3526).
Group 5 33-40 (DES-3550) 26 Gigabit Ethernet (DES3526).
Group 6 41-48 ( DES-3550).
Group 7 49 Gigabit Ethernet ( DES-3550).
Group 8 - 50 Gigabit Ethernet ( DES-3550).

Port Security ( )
Port Security -
( ). -,
-, , .
Admin State Enabled
Apply, .
, Port Security ,
( -
, )
.

79

6- 49. Port Security Settings


:

80

Port Security Trap/Log

State

(enable)
(disable) (trap) SNMP.
Port Security Settings

From/To

,
.

Admin State

/ Port
Security ( - ).

Max. Learning
Addr. (0-64)

-
.

Lock Address
Mode


- :
Permanent
.
DeleteOnTimeout

.
DeleteOnReset ,
.

Apply.

QoS
(QoS) DES-3500
802.1p Quality of Service.
QoS 802.1p.

QoS
IEEE 802.1p QoS
, , VoIP (
IP) .
, .
,
. ,
, 802.1P DES-3500.

81

6- 50. QoS

.
Class 3 .
QoS,
.
.
,
. , ,
.
, .
,
-
, -.

QoS
: 0 3, 3 -
, 0 - . ,
IEEE 802.1p, :
0 Q1
1 Q0
2 Q0
3 Q1
4 Q2
5 Q2
6 Q3
7 Q3.
(Strict mode)
.

82

. , ,
.
(weighted round robin,
WRR) , ,
. 8 CoS (A~H)
8~1, :
A1, B1, C1, D1, E1, F1, G1, H1, A2, B2, C2, D2, E2, F2, G2, A3, B3, C3, D3, E3, F3, A4, B4, C4, D4,
E4, A5, B5, C5, D5, A6, B6, C6, A7, B7, A8, A1, B1, C1, D1, E1, F1, G1, H1. ..
8 A ( ), H (
) 1 .
WRR CoS ,
.
WRR CoS 0, ,
. CoS, ,
WRR.
, DES-3500 (
CoS) .



.
Port Bandwidth Configuration:

83

6- 51. Bandwidth Settings


:

From/To

Type


.
: RX (), TX
() Both. , ,
,

84

.

.
Enable.
Rate
/
.

Apply.
Port Bandwidth Table.
no_limit


QoS
. ,
.

.
, , ..
- QoS.
QoS Configuration QoS
Output Scheduling.

6- 52. QoS Output Scheduling

Max. Packets (0255)

,
,
. 0 255.

Max. Latency (0255)


, .
0 255. , 16 ,
, .
, 3 316=48.
, .
Apply.
: 0 7:
, IEEE 802.1p.
, , .

85

802.1p

802.1p.

,
,
Configuration,
QoS 802.1p
Default Priority.

802.1p
.
0
7


Apply.

6- 53. 802.1p Default Priority Settings

802.1p
DES-3500

802.1p.

Configuration QoS,
802.1p User Priority.

,
802.1p
Class.
Apply.

6- 54. QoS Class of Traffic

86



( )
( Single IP).
VLAN,
.
, CPU Master-.
, , Configuration QoS
Traffic Segmentation.

6- 55. Traffic Segmentation Setting


. :

87


Port

Forward Portlist

,
.
Apply,
Traffic Segmentation Table ( ).

DES-3500
. /
SNMP- (trap). ,
, . System Severity
Settings. .
:
.

6- 56. System Severity Settings

, , .

Severity Name

Severity Type

,
. log
. trap SNMP (Trap). all
SNMP- (Trap).
,
.
critical
.
warning

,
. information
.

88

Apply.



,

.
System Log Servers
System Log Server
Configuration.
6- 57. System Log Servers

, System Log Server


, .
.

6- 58. System Log Server

Index

(1-4) , (Syslog).

Server IP

IP- Syslog-.

Severity


. :
Warning, Informational All.

Facility

Facility Values.
, , Facility
Values
. Facility Values
. Facility Values,
:
0-
1-
2-
3-
4- /
5- ,
syslog line printer

89

UDP Port (514 or


6000-65535)
Status

7-
8- UUCP
9-
10- /
11- FTP-
12- NTP
13-
14-
15-
16- 0(local0)
17- 1(local1)
18- 2(local2)
19- 3(local3)
20- 4(local4)
21- 5(local5)
22- 6(local6)
23- 7(local7)
UDP-,
. 0.
(Enabled)
(Disabled) .

System Log Server Apply.


System Log Server X Delete.
Current System Log Servers, Show All System Log Servers.

SNTP

Configuration, SNTP
Current Time Setting. , .

6- 59. Current Time: Status

90

, ,
:

Current Time: Status

Current Time

Time Source

,
.
Current Time: SNTP Settings

SNTP State

(Enabled)
(Disabled) SNTP.
IP- , SNTP-.

SNTP Primary
Server
SNTP Secondary
Server

IP- , SNTP-.

SNTP Poll Interval


in Seconds

SNTP.
Current Time: Set Current Time

Year

Month

Day

Time in HH MM

,
.
Apply.

DST

, Administration SNTP Time Zone and DST

91

6- 60. Time Zone and DST Settings

Time Zone and DST Settings

Daylight Saving
Time State
Daylight Saving
Time Offset in
Minutes
Time Zone Offset
from GMT in +/HH:MM


DST ( ).

30, 60, 90 120 .

(Greenwich Mean Time (GMT)).
DST Repeating Settings

.
, . ,
,
.
From: Which Day
,

92

From: Day of Week

.
, .

From: Month

, .

From: time in
HH:MM

( ),
.

To: Which Day

,
.
,
.
, .

To: Day of Week


To: Month
To: time in HH:MM

( ),
.
DST Annual Settings

.
. ,
3 , - 14 .
From: Month
,
.
From: Day
,
.
From: Time in
( ),
HH:MM
.
To: Month

,
.
To: Day
,
.
To: Time in HH:MM ( ),
.
Time Zone and DST Apply.




, , .
: 3,
.
.
,
(ACL),
CLI.
, , . -,
, (,
- IP- ). -, ,
, .

Configuration Access Profile Table. ,
:

93

6- 61. Access Profile Table

Access Profile Table Add,


Access Profile Configuration, .
Access Profile Configuration: Ethernet ( ), IP-
. Access
Profile Configuration . Access
Profile Configuration, Ethernet.
: 9 ,
1 255. ID
,
.
, , ,
(ACL),
CLI.

6- 62. Access Profile Configuration (Ethernet)

Type Ethernet :

Profile ID (1-255)


.
. ,
.
.
1 255, , ,
9 .

94

Type

: Ethernet (), IP- .



:
Ethernet ,
2- .
.
IP ,
IP- .
Packet Content Mask ,
, .

VLAN

,
VLAN

.
, , .
, , .

802.1p
.

Ethernet type .

Source Mac
Destination Mac
802.1p

Ethernet type

Access Profile Configuration IP.

95

6- 63. Access Profile Configuration (IP)

Type IP :

Profile ID (1-255)

Type


.
. ,
.
.
1 255, , ,
9 .
: Ethernet (), IP- .

:
Ethernet ,
2- .
IP ,
IP- .

96

VLAN

Source IP Mask
Destination IP
Mask
DSCP

Protocol

.
Packet Content Mask ,
, .
,
VLAN

.
, ,
.
, , I
.
DiffServ Code

.

. ,
:
ICMP-
Internet Control Message Protocol (ICMP)
Type, ,
ICMP type .
Code,
ICMP code.
IGMP
Internet Group Management Protocol (IGMP)
Type, ,
IGMP type.
TCP
TCP-, .
, /
.
( , ).

TCP,
. ,

:
urg
(urgent),
ack
(acknowledgement), psh (push), rst (reset), syn (synchronize), fin (finish).
.
src port mask (0x0-0xffff)
TCP- ,
.
dest port mask - (0x00xffff) TCP- ,
.
UDP
UDP-, .
,
/ .

src port mask (0x0-0xffff)


UDP- ,
.
dest port mask - (0x00xffff) UDP- ,
.

protocol id ,

97

. 5 4-
(0x0-0xffffffff).
Access Profile Configuration
.

6- 64. Access Profile Configuration window (Packet Content Mask)

,
. Type Packet Content Mask
:

Profile ID (1-255)

Type


. 1 255.
: Ethernet (), IP- .

:
Ethernet ,
2- .
IP ,

98

Offset

IP- .
Packet Content Mask ,
, .
.
,
.
value (0-15)
15- .
value (16-31)
16 31 .
value (32-47) -
32 47 .
value (48-63) -
48 63 .
value (64-79) -
64 79 .

Apply.
:
Configuration Access Profile Table, Access
Profile Table. Access Rule Modify,
:

6- 65. Access Rule Table


ID. Find
. ,
View All Entry.
, Add.
.
X.

99

6- 66. Access Rule Configuration (IP)

Profile ID
Mode

Access ID (165535)

Type

Priority (0-7)

, .
Permit , , ,
,
(. ).
Deny , , ,
, .
.
1 65 535.
Auto Assign ,
.
: Ethernet (-),
IP- .
Ethernet ,
2- .
IP ,
IP- .
Packet Content Mask ,
,
.
,
802.1p,

CoS,
.
,

100

CoS,
.
Replace Priority with ,
802.1p, ,
Priority (0-7) ,
, CoS.
802.1p .
,
CoS 802.1p,
QoS .
Replace DSCP (063)
VLAN Name

0 63,
DSCP ,
.
VLAN.

Source IP

IP- .

Destination IP

IP- .

DSCP (0-63)

DSCP.
DiffServ Code

. 0 63.
,
, ,
.
() , (-)
.

Protocol

Port Number

,
Table, :

6- 67. Access Rule Display (IP)

101

Access Rule


Access Rule Table.
ACL Meters Setting,
. ACL- ,
ACL , .
Fast Ethernet 1000/, Gogabit Ethernet
8000/. , ACL ,
.

6- 68. ACL Meter Setting ()

Ethernet Access Profile


Table Modify. :

6- 69. Access Rule Table (Ethernet)


ID. Find
. ,
View All Entry.
, Add.
.
X.

102

6- 70. Access Rule Configuration (Ethernet)

Ethernet
:

Profile ID
Mode

Access ID (165535)

Type

Priority (0-7)

, .
Permit , , ,
,
(. ).
Deny , , ,
, .
.
1 65 535.
Auto Assign ,
.
: Ethernet (-),
IP- .
Ethernet ,
2- .
IP ,
IP- .
Packet Content Mask ,
,
.
,
802.1p,

CoS,
.
,
CoS,
.
Replace Priority with ,
802.1p, ,

103

Priority (0-7) ,
, CoS.
802.1p .
,
CoS 802.1p,
QoS .
Replace DSCP (063)
VLAN Name

0 63,
DSCP ,
.
VLAN.

Source IP

IP- .

Destination IP

IP- .

802.1p (0-7)

802.1p ( 0 7),
802.1p.
,
, ,
.
() , (-)
.

Protocol

Port Number

,
Table, :

Access Rule

6- 71. Access Rule Display (Ethernet)

(Access Rule) Packet Content Mask


Access Profile Table Modify. :

104

6- 72. Access Rule Table (Packet Content Mask)


ID. Find
. ,
View All Entry.
,
Add. Add Access
Rule Table, Access Rule Configuration:

105

6- 73. Access Rule Configuration (Packet Content Mask)

Packet Content Mask


:

Profile ID
Mode

Access ID

Type

, .
Permit , , ,
,
(. ).
Deny , , ,
, .
.
1 65 535.
Auto Assign ,
.
: Ethernet (-),
IP- .
Ethernet ,

106

Priority (0-7)

Offset

Port Number

2- .
IP ,
IP- .
Packet Content Mask ,
,
.
,
802.1p,

CoS,
.
,
CoS,
.
Replace Priority with ,
802.1p, ,
Priority (0-7) ,
, CoS.
802.1p .
,
CoS 802.1p,
QoS .
,
.
value (0-15)
15- .
value (16-31)
16 31 .
value (32-47) -
32 47 .
value (48-63) -
48 63 .
value (64-79) -
64 79 .
() , (-)
.

,
Table, :

107

Access Rule

6- 74. Access Rule Display (Packet Content)

CPU Interface Filtering


xStack DES-3500 CPU Interface filtering,
,
. ,
, CPU
. CPU interface filtering
, CPU, Ethernet, IP-
.
.
CPU filtering ,
, .
CPU . -,
, (, -
IP- ). -, ,
, .

108

CPU Interface Filtering


Configuration > CPU Interface Filtering,
CPU, .
Profile ID.

6- 75. CPU Interface Filtering

CPU Interface Filtering Profile Table, Add.


CPU Interface Filtering Profile Configuration, .
CPU Access Profile Configuration:
Ethernet ( MAC-), IP-
(Packet Content Mask).
CPU Access Profile Configuration
Type. CPU Interface Filtering Configuration
Type Ethernet.

6- 76. CPU Interface Filtering Profile Configuration (Ethernet)

109

Profile ID (1-5)


. 1 5.

Type

: Ethernet (), IP- .



:
Ethernet ,
2- .
IP ,
IP- .
Packet Content Mask ,
, .

VLAN

,
VLAN

.
Source Mac
, , .
Destination Mac
, , .
802.1p

802.1p
.
Ethernet type

Ethernet type .
Apply .
CPU Interface Filtering Profile Configuration Type
IP.

110

6- 77. CPU Interface Filtering Profile Configuration (IP)

Profile ID (1-5)

Type


. 1 5.
: Ethernet (), IP- .

:
Ethernet ,
2- .
IP ,
IP- .
.
Packet Content Mask ,

111

VLAN

Source IP Mask
Destination IP
Mask
DSCP

Protocol

, .
,
VLAN

.
, ,
.
, ,
.
DiffServ Code

.

. ,
:
ICMP-
Internet Control Message Protocol (ICMP)
Type, ,
ICMP type .
Code,
ICMP code.
IGMP
Internet Group Management Protocol (IGMP)
Type, ,
IGMP type.
TCP
TCP-, .
, /
.
( , ).

TCP,
. ,

:
urg
(urgent),
ack
(acknowledgement), psh (push), rst (reset), syn (synchronize), fin (finish).
.
src port mask (0x0-0xffff)
TCP- ,
.
dest port mask - (0x00xffff) TCP- ,
.
UDP
UDP-, .
,
/ .

src port mask (0x0-0xffff)


UDP- ,
.
dest port mask - (0x00xffff) UDP- ,
.

protocol id ,
.

(0x0-0xffffffff).

112

Apply .
CPU Interface Filtering Profile Configuration Type
Packet Content Mask.

6- 78. CPU Interface Filtering Profile Configuration (Packet Content Mask)

,
. Type Packet Content Mask
:

113


Profile ID (1-5)


. 1 5.

Type

: Ethernet (), IP- .



:
Ethernet ,
2- .
IP ,
IP- .
Packet Content Mask ,
, .
.
Offset
,
.
value (0-15)
15- .
value (16-31)
16 31 .
value (32-47) -
32 47 .
value (48-63) -
48 63 .
value (64-79) -
64 79 .
Apply.
CPU:
Configuraion CPU Interface Filtering, CPU Interface
Filtering Profile Table.
CPU Add Rule Ethernet,
IP- (Packet Content Mask).

6- 79. CPU Interface Filtering Rule Table


Add Rule, CPU Interface Filtering Rule
Table. .
, CPU Access Profile Rule:
,
Modify.

114

6- 80. CPU Interface Filtering

CPU Interface Filtering Rule Table.


.
Ethernet.

6- 81. CPU Interface filtering rule Configuration (Ethernet)

CPU Ethernet
:

Profile ID
Mode

Access ID (165535)

, .
Permit , , ,
,
(. ).
Deny , , ,
, .
.
1 65 535.

115

Type

VLAN Name

: Ethernet (-),
IP- .
Ethernet ,
2- .
IP ,
IP- .
Packet Content Mask ,
,
.
VLAN.

Source IP

IP- .

Destination IP

IP- .

802.1p (0-7)

802.1p ( 0 7),
802.1p.
Ethernet type 802.1Q (hex 0x0-0xffff)
,
. Ethernet type
hex 0x0-0xffff, ,
a-f 0-9999.

Ethernet type


Rule Table. :

CPU Interface Filtering

6- 82. CPU Interface Filtering Rule Display (Ethernet)

CPU Interface Filtering Rule Configuration IP.

116

6- 83. CPU Interface Filtering Rule Configuration (IP)

Profile ID
Mode

, .

VLAN Name

Permit , , ,
,
(. ).
Deny , , ,
, .
.
1 65 535.
Auto Assign ,
.
: Ethernet (-),
IP- .
Ethernet ,
2- .
IP ,
IP- .
Packet Content Mask ,
,
.
VLAN.

Source IP

IP- .

Destination IP

IP- .

Access ID (165535)

Type

117

DSCP (0-63)

Protocol

DSCP.
DiffServ Code

. 0 63.
,
CPU Interface Filtering Rule Table,
CPU Interface Filtering Profile Table.


Interface Filtering Rule Table. :

CPU

6- 84. CPU Interface Filtering Rule Display (IP)

CPU Interface Filtering Rule Configuration Type


Packet Content.

118

6- 85. CPU Interface Filtering Rule Configuration (Packet Content Mask)

CPU Packet Content Mask


:

Profile ID
Mode

Access ID
Type

, .
Permit , , ,
,
(. ).
Deny , , ,
, .
.
1 65 535.
: Ethernet (-),
IP- .
Ethernet ,

119

Offset

2- .
IP ,
IP- .
Packet Content Mask ,
,
.
,
.
value (0-15)
15- .
value (16-31)
16 31 .
value (32-47) -
32 47 .
value (48-63) -
48 63 .
value (64-79) -
64 79 .


Rule Table. :

120

Access

6- 86. CPU Interface Filtering Rule Display (Packet Contenet Mask)

121

Port Access Entity (802.1X)


802.1 MAC-
IEEE 802.1

, -.
RADIUS, ,
, Extensible Authentication Protocol over LAN
(EAPOL) .
EAPOL.

6.87 EAPOL

,
EAPOL.
802.1 , : ,
.

6.88 802.1
.


,
.
RADIUS-.
().
(RADIUS) , , ,
- , .
,
. ( EAPOL)

122

RADIUS . ,
/
.

6.89

()
. 802.1x :
EAPOL,
.
, .
.
1. 802.1 (Configuration Switch Information Advanced
Settings 802.1x Status).
2. 802.1x (Port Access Entity PAE System Control Port Capability
Capability).
3. RADIUS- (Port Access Entity RADIUS
Server Authentic RADIUS Server).

6.90

123


,
.
802.1. Windows XP
, .
EAPOL .

6.91 -


, , 802.1
,
.
EAPOL.
,
( MAC- 802.1 MAC-).
, .
802.1x D-Link
:

1.
, , ,
.
2. -
RADIUS ,
MAC-. ,
MAC- .


C 802.1 -
. ,

, Bridge Port. Bridge Port



.

, .
(Port-Based Network Access Control).

124

6- 92. Port-Based ( )


,
. , ,
. ,
,

. , .

125

MAC-

6- 93. MAC-Based ( -)

802.1x LAN,
LAN,
LAN. ,
LAN, ,
. -
.
LAN .

126


802.1X PAE Access Entity >
Configure Authenticator:

6- 94. 802.1X Authenticator Settings


Port, :

6- 95. 802.1X Authenticator Settings ()

127

From [ ] To [ ]

AdmCtrlDir

PortControl

TxPeriod

QuietPeriod

SuppTimeout
ServerTimeout

MaxReq
ReAuthPeriod

ReAuth

( )
.
,
. : in both.
in
.
both ,
.
.
forceAuthorized 802.1X ,

802.1X, .
forceUnauthorized

.
.
Auto 802.1X ,
,
EAPOL-.
EAPOL.

.
- Auto.
TxPeriod PAE.
EAP
Request/Identity. 30 .
,

. 60
.

. 30 .

.
30 .
EAP ,
. 2.

.
3600 .
(Enabled)
(Disabled) .
Disabled.

Apply.
802.1X 802.1X Authenticator Settings.

128

PAE
, ,
802.1 .

Port Capability
Port Access Entity > PAE System Control >
Port Capability:

6- 96. 802.1x Capability Settings


802.1x
From To .
, Authenticator
Capability. Apply.
:

129


From and To
Capability

802.1x.
:
Authenticator
802.1.
None 802.1x
.

802.1

802.1 -
.
Port Access Entity > PAE System Control > Initialize Port(s):

6- 97. Initialize Port


.
Initialize Port Table ().
:

From and To

Port

, , .

MAC Address

- , .

130

Auth PAE State

Backend State

Port Status

Auth PAE State :


Initialize, Disconnected,Connecting, Authenticating, Authenticated, Aborting,
Held, ForceAuth, ForceUnauth N/A.
Backend Authentication State
: Request, Response,Success, Fail, Timeout, Idle, Initializ,
N/A.
Authorized, Unauthorize, N/A.

802.1 MAC-
802.1 MAC-
802.1x by MAC address Advanced Settings.

Configuration > Port Access Entity > PAE System Control > Initialize Port(s):

6- 98. Initialize Port(s) (MAC based 802.1x)


From To. - ,
MAC Address .
Apply.
:
802.1X Configuration Switch Information
(Advanced Settings). 802.1X
Initialize Ports Table.

802.1

. ,
From To, Apply. Reauthenticate Port
().
Configuration > Port Access Entity > PAE System Control > Reauthenticate
Port(s), Reauthenticate Port(s):

131

6- 99. Reauthenticate Port

Port

MAC Address

MAC- , .

Auth State

Authenticator State
: Initialize, Disconnected, Connecting, Authenticating, Authenticated,
Aborting, Held, ForceAuth, ForceUnauth N/A.

BackendState

Backend State :
Request, Response, Success, Fail, Timeout, Idle, Initialize N/A.

both (
) in ( ).
Authorized, Unauthorized,
N/A.

OpenDir

PortStatus

RADIUS-
RADIUS
,
. RADIUS Server Authentication Setting, ,
Port Access Entity > RADIUS Server > Authentic Radius Server:

132

6- 100. RADIUS Server Authentication Setting

Succession

RADIUS-: First, Second


Third.

RADIUS Server

IP- RADIUS-.

Authentic Port

Key

UDP- () RADIUS.
1812.
UDP- RADIUS-().
1813.
, RADIUS-.

Confirm Key

, .

Accounting Method

, (Add/Modify Delete)
RADIUS-.

Accounting Port

Guest VLAN
802.1 ,
(, , , Windows 98
),
. , ()
, .
Guest VLAN 802.1x. ,
, VLAN
. Guest 802.1 VLAN VLAN
, Guest VLAN 802.1.
, ,
Guest VLAN .
VLAN
, RADIUS.

133

target VLAN (VLAN )


. ,
VLAN. ,
Guest VLAN, .
, Guest VLAN.

6- 101 Guest VLAN

Guest VLAN
1. Guest VLAN VLAN . VLAN Guest VLAN.
2. , Guest VLAN, GVRP
.
3. Guest VLAN Static VLAN( VLAN) .
4. Target VLAN (VLAN ), Guest
VLAN.
5. VLAN, Guest VLAN

134

IP-MAC Binding ( IP-MAC)


IP IP-, . Ethernet -.
. IP- Binding
. ,
IP- MAC- ,
.
IP-MAC Binding, ,
. IP-
Binding ( , ARP)
. DES-3500 xStack
IP- Binding 512.
CLI Web-.
, ..
.

ACL
, IP-MAC binding,
ACL IP-MAC Binding. IP-MAC Binding Port
, .
, , ,
. , ACL Mode,
. ACL Mode IP , IP-MAC Binding Setting.
.
, ,
Profile ID. :

6- 103. Access Profile Entry Display IP-MAC Binding ACL

Access Profile Table,


:

6- 104. IP-MAC ( ACL)

135

, ACL Mode IP-MAC Binding


Port.
.
ACL- ACL Modify Access
Profile Table, Access Rule Table. ,
Flow Meter , Owner ACL.

6- 105. IP-MAC Binding

: ACL IP-MAC binding,


, ACL.
ACL ID
ACL, ACL
, ACL.
, ACL, ,
. ACL
.
: ,
ACL- ACL.

.
:
ACL,
ACL. .

,
View Display.
, . ,
. Next
.
Access ID ID Find.

136

6- 106 Access Rule Table IP-MAC Binding ()

137

IP-MAC Binding
IP- Binding
IP-MAC Binding Ports Setting. Configuration Menu
IP-MAC Binding IP-MAC Binding Port.
FromTo. IP-MAC
Binding State. (Enable) (Disable)
IP- Allow Zero IP.
ACL IP-MAC Binding, ,
. Apply .

6- 107. IP-MAC Binding Ports

IP-MAC Binding
IP-MAC Binding Setting IP-MAC
Binding. Configuration, IP-MAC
Binding IP-MAC Binding Table.
138

IP- - Add.
IP- - - ,
Modify.
IP-MAC Binding IP- -, Find.
Delete.
, Delete All.

6- 108. IP-MAC Binding Table


:

IP Address

MAC Address
All Ports
Ports
Mode

IP-, -,

-, IP-,
.
IP-MAC Binding (IP-+-)
, .
, IP-
Binding (IP-+-)

IP-MAC Binding. :
ARP IP-Mac
Binding, IP- MAC-.
ACL ,
, IP- MAC- IP-MAC
Binding. .
, ACL
IP-MAC Binding Ports, .

139

- IP-MAC
, -
IP-MAC, IP-MAC Binding Blocked, .
, Configuration, IP-MAC Blocked
IP-MAC Binding Blocked.

6- 109. IP-MAC Binding Blocked


, -
IP-MAC, VLAN - ,
Find.
Delete. IP-MAC Binding Blocked Table
Detete All.

IP-

Limited IP Multicast Range ,
. ,

140


. IP- IP-,
(Permit) (Deny)
.

IP
IP- , Configuration >
Limited IP Multicast Range. Limited IP Multicast Range Profile
Settings, . IP- ,
IP- From Multicast IP To Multicast
IP .
Apply . IP The Port Information Table.
The Port Information Table,
Delete.

6- 110. Limited Multicast Range Setting

Name

From Multicast IP

IP- .

To Multicast IP

IP- .

IP-

IP-

, Limited IP Multicast Range Status, .
Configuration > Limited IP Multicast Range.

141

6- 111 Limited Multicast Range Status

142


FromTo
State

.
State (Enabled) (Disabled)
.

Access

: Permit ( ) Deny.
Permit , , IP .
Deny , , IP-
.
Apply.

IP-

, Configuration >
Limited IP Multicast Range. Limited IP Multicast Range,
.

6- 112 Limited IP Multicast Range

Add, Limited IP Multicast


Range Setting. From To
, Limited IP Multicast Range Profile Settings, Name of
Multicast Range. Apply,
.

6- 113 Limited Multicast Range Setting ()

Limited IP Multicast Range IP-


. Port

143

Find, The Port Information Table.


, Delete.

144

IP- 3
ARP
Address Resolution Protocol (ARP) /IP-,
IP- (MAC-). ARP
(, , ) ARP, .
ARP- IP-
-.
Static ARP Table Configuration, Layer
3 IP Networking Static ARP Table.

6- 114. Static ARP Settings


Add,
:

6- 115. Static ARP Table .


Modify,
.

6- 116. Static ARP Table -


:

145


IP Address

IP- ARP-.

MAC Address

- ARP-.

IP- - ARP-
Apply . ARP Clear All.
: 255 ARP-.

146

DHCP/BOOTP Relay
Relay Hops Count Limit ( )
(hop, ) DHCP/BOOTP. , ,
. 1 16 ,
4. Relay Time Threshold ( ),
BOOTREQUEST-.
, , .
0 65 536 , 0.

DHCP / BOOTP Relay


DHCP/BOOTP Relay Global Settings Configuration >
Layer 3 Networking >DHCP/BOOTP Relay > DHCP/BOOTP Relay Global Settings:

6- 117. DHCP/ BOOTP Relay Global Settings


:

Relay State

Relay Hops Count


Limit (1-16)
Relay Time
Threshold
(0-65535)

DHCP Agent
Information Option
82 State


Enabled () Disabled ().
( 1 16)
DHCP/BOOTP-. 4.
0 65535
DHCP/BOOTP-.
0,
BOOTP- DHCP-. , 0,

BOOTP- DHCP.
(Enabled)
(Disabled) Option 82 .
Disabled.

Enabled
Relay Agent (
) option 82
DHCP- . DHCP-.
DHCP .
option-82, remote ID / circuit ID

147

IP- ,
IP-, remote ID circuit ID.
DHCP option-82 DHCP .
option 82,
.
DHCP - Unicast
. , ,
IP .

DHCP Agent
Information Option
82 Check

DHCP Agent
Information Option
82 Policy

option-82 ,
DHCP - , DHCP
.
Disabled- option 82.
(Enabled Disabled)
/
option 82 .
Enabled Enabled,
option 82. ,
, option 82, DHCP-,
.
Disabled- Disabled,
option 82 .


Replace, Drop Keep.
,
DHCP Agent Information Option 82 Check Disabled
(). Replace.
Replace- option 82
, DHCP-.
Drop- DHCP-
option 82, .
Keep- option 82
, DHCP-.

Apply.
: DHCP- ,
option-82, DHCP Agent Information Option 82 Check
, .
option 82 .
DHCP Agent Information Option 82 Check. DHCP Agent Information
Option 82 Policy ,
, option-82.

148

Option 82 DES-3500 xStack


config dhcp_relay option_82 option-82
DHCP . circuit ID sub-option remote
ID sub-option :
: circuit ID sub-option
Module .
Circuit ID sub-option:

. Sub-option
.
. Circuit ID
. VLAN: VLAN ID DHCP-.
. Module: 0;
Unit ID.
. Port: DHCP-, 1.

Remote ID sub-option:

1. Sub-option
2.
3. Remote ID
4.
5. MAC-: - .

6- 118. Circuit ID sub-option Remote ID Sub-option

149

DHCP/BOOTP
DHCP/ BOOTP Relay Interface Settings IP-
DHCP/ BOOTP- .
, IP-,
DHCP/BOOTP-.
BOOTP Relay Table ,
Add Apply.
IP- IP- .


DHCP/BOOTP Relay Global Settings
Configuration > Layer 3 Networking > DHCP/BOOTP Relay > DHCP/BOOTP Relay
Interface Settings:

6-92. DHCP/BOOTP Relay Interface Settings DHCP/BOOTP Relay


Interface Table
:

Interface
Server IP

IP- , .
IP- DHCP/BOOTP-.
IP- .

150

7 -
IP-

(TACACS)
Secure Sockets Layer (SSL)
Secure Shell (SSH)
SNMP-

.
, TAACS,
IP-, SSL SNMP. .

IP-
Management Security IP, :

7.1 Security IP Management


Security IP Management
. IP- ,
Web- Telnet.
IP- IP Submask Apply .

IP-

Delete.
.


User Account Management
.

151

Security Management User Accounts. User Account


Management, .

7.2 User Account Management


, Add.
Modify
.

7.3 User Accounts Modify Table Add


User Name
New Password, Confirm New Password
. (Admin, Operator User)
Access Right.
: , ,
D-Link, .

7.4 User Account Modify Table -



User Account Modify Table.
Delete. New Password Confirm
New Password. (Admin, Operator User) Access
Right.

152

Admin, Operator User


: Admin (), Operator () User
(). , Admin,
User. C
Admin, Operator User:


Community
String
Trap

/
/

Admin

Operator

User

7.1 Admin, Operator User


Admin, ,
. Maintenance Save
Configuration.


TACACS/XTACACS/TACACS+/RADIUS
.

TACACS/XTACACS/TACACS+/RADIUS

TACACS/XTACACS/TACACS+/RADIUS .
, .
TACACS.
:
TACACS (Terminal Access Controller Access Control System)
,
TACACS-,
UDP- .
Extended TACACS (XTACACS) TACACS

, TACACS. XTACACS
UDP.
TACACS+ (Terminal Access Controller Access Control System plus)
. TACACS+

. TACACS+
TACACS+- TCP .
TACACS/XTACACS/TACACS+/RADIUS
TACACS/XTACACS/TACACS+/RADIUS-
.

153

,
TACACS/XTACACS/TACACS+/RADIUS-, :

,
.

,
.

.
.

Authentication Server Groups, TACACS, XTACACS, TACACS+,
RADIUS. ,
.
.
, .
, ..
, .
, TACACS TACACS.

(TACACS/XTACACS/TACACS+/RADIUS/local/none).
. 8
. ,
.
,
.
, ,
User. Admin,
Enable Admin ,
.
: TACACS, XTACACS TACACS+
.
. (,
TACACS,
TACACS).



, .
, (Login Method List)
.
Security Management Access Authentication Control Policy & Parameters:

7.5 Policy&Parameters Settings


:

Authentification (Enabled)
(Disabled) e .
Policy
Response
Timeout (0


. 0 255 .

154

255)
User Attempts
(1 255)

30.

.
,
,
.
CLI 60
. Telnet
Web- .
1 255 ( 3).

Apply, .


,
(, Telnet, SSH, Web-),
(Enable Admin),
. :
Security Management Access Authentication Control Application Authentication Settings

7.6 Application's Authentication Settings


:

Application

.
Login Method List Enable Method List
, , Telnet, SSH
WEB (HTTP)-.
Login Method List
, .
(default)
, .
Login Method Lists .
Enable
Method
, .
List
(default)
, .
Enable Method Lists .
Apply, .



(Authentication Server Groups). ,
TACACS/XTACACS/TACACS+/RADIUS-

155

.
,
. ,
, .
8 . , Security
Management Access Authentication Control Authentication Server Group:

7.7 Authentication Server Group Settings




.
. , .
, .

7.8 Add a Server Host to Server Group (tacacs)


IP- IP Address,
, IP- , Add
to Group.
Add, .

7.9 Authen Server Group Table Add Settings

156


15 - Apply.
( , Trinity), , Authentication
Server Group Settings, .

7.10 Authentication Server Group Settings


, ,
. , , ,
, ,
(, tacacs xtacacs tacacs+).
: ,
Authentication Server Hosts, .
,
.
.
: TACACS/XTACACS/TACACS+
.
TACACS/XTACACS/TACACS+
. ..
, TACACS,
XTACACS.




Authentication Server Hosts
TACACS/XTACACS/TACACS+/RADIUS
.
,
TACACS/XTACACS/TACACS+/RADIUS-. TACACS/XTACACS/TACACS+/RADIUS-
.
,
, TACACS/XTACACS/TACACS+/RADIUS
. 16.
Security Management Access Authentication
Control Authentication Server Host:

157

7.11 Authentication Server Host Settings


Add,
:

7.12 - Authentication Server Host Settings Add


:

IP Address
Protocol

Port (1-65535)

Timeout
Retransmit (1-255)
Key

IP- ,
.
,
. :
TACACS ,
TACACS.
XTACACS - ,
XTACACS.
TACACS+ - ,
TACACS+.
RADIUS - ,
RADIUS.
.
1-65535.

TACACS/XTACACS/TACACS+- 49,
RADIUS- 1813.
.
( ),
.
5 .
,
, TACACS- .

TACACS RADIUS. -

158

254 .
Apply, .
:

,
,

TACACS/XTACACS/TACACS+/RADIUS


.

(Login Metod Lists)



(Login Metod Lists),
.
. ,
TACACS-XTACACSlocal,
TACACS .
, TACACS-
.., .
, XTACACS
( , ). XTACACS,
,
. ,
.
User.
Admin Enable Admin,
, . (
, Enable Admin, , ,
).
Security Management Access
Authentication Control Login Method Lists:

7.13 Login Method Lists Settings


(default), ,
. ,
, X Delete
.
Method List Name.
Add. :

159

7.14 Login Method List Edit ( )

7.15 Login Method List Add


Apply:

Method List Name


Method 1, 2, 3,4

, ,
15 .

( 4) :

tacacs
TACACS TACACS-.

tacacs+ -
TACACS+ TACACS+-.

Radius -
RADIUS RADIUS-.

server_group
,
.

local
, .

none .

160

Enable Method Lists


Enable Method List Settings
(Admin),
.
User ,
Admin, .
Enable Method List, .
Enable Method List , .

.
, TACACS XTACACS Local
Enable TACACS-
, , , TACACS-
.., . XTACACS.
XTACACS ,
Local Enable ( ), .

Admin.
:
.
Security Management Access Authentication Control
Enable Method Lists:

7.16 Enable Method List Settings


Enable Method List, , X
Delete , .
Enable Method List Method List Name.
Enable Method List, Add.
:

7.17 Enable Method List - Edit

161

7.18 Enable Method List - Add


:

Method List Name


Method 1, 2, 3, 4

, ,
15 .
( 4)
:
local_enablel -
.
none .
Radius -
RADIUS RADIUS-
tacacs
TACACS TACACS-.
tacacs+ -
TACACS+ TACACS+-.
server_group
,
.


(locally enable password),

(Enable Admin). local_enable
(Admin) ,
. , Security
Management Access Authentication Control Local Enable Password:

7.19 Configure Local Enable Password

162


Apply.

Old Local Enabled


New Local Enabled
Confirm Local
Enabled

,
.

15 .
. ,
New Local Enabled,
.

Enable Admin (
)
Enable Admin ,
User, Admin.
.

TACACS/XTACACS/TACACS+/RADIUS, .
(
) . XTACACS
TACACS
enable , , enable.
, .
Security Management Access Authentication Control
Enable Admin:

7.20 Enable Admin


, Enable Admin,
,
.
.

163

7.21 Enter Network Password

Secure Socket Layer (SSL)


Secure Sockets Layer (SSL) ,
,
. ciphersuite. Ciphersuite
, , ,
. Ciphersuite :
1. (Key Exchange): cyphersuite
. Rivest Shamir Adleman (RSA) Digital Signature Algorithm (DSA) -
DHE DSS Diffie-Hellman (DHE).
, ,
,
.
2. (Encryption): cyphersuite ,
.
:
- Steam Ciphers. Steam Ciphers RC4 c 40 RC4 128- .

.
- CBC Block Cliphers.
. 3
DES EDE, Data Encryption Standart (DES).
3. Hash Algoritm. cyphersuite Message Authentification Code
( ).
,
. Hash algoritm:
MD5 (Message Diggest 5) SHA (Secure Hash Algoritm).

.
cyphersuite, . cyphersuite
. ,
cyphersuite, .
, .
TFTP-. SSLv3 TLSv1. SSL

.

164


SSL- TFPT-.
.
, .
SSL-
. .der.
,
.
Configuration >Secure Socket Layer (SSL) > Download Certificate:

7.22 Download Certificate


Apply.

Certificate Type
Server IP
Certificate File Name
Key File Name

,
.
local
IP- TFPT-,
.
.
.der (, c:/cert.der).
.
.der (, c:/cert.der).

Ciphersuite
SSL ciphersuite
. Ciphersuite , ,
, .
Ciphersuite.
SSL, WEB- .
Web- SSL, WEB-
SSL- (URL) http// (,
http://10.90.90.90). .
Configuration > Secure Socket Layer (SSL) >
Configuration:

165

7.23 iphersuite
SSL
Apply.

RSA with
MD5

RC4 128 RSA, 128 RC4 MD5 Hash Algorithm.



. Enabled ().

RSA,
RSA with 3DES EDE
CBC Block Cipher 3DES_EDE MD5
CBC SHA
Hash Algorithm.
. Enabled
().
DHS Diffie
DHS DSS with 3DES
Hellman, CBC Block Cipher 3DES_EDE
EDE CBC SHA
SHA Hash Algorithm.
.
Enabled ().
RSA, 40RSA EXPORT with
RC4.
RC4 40 MD5
.
Enabled ().
/ SSL-
SSL Status
. Disabled
().
: SSL Web-
. .
SSL
DES-3500,
CD-.
: SSL Web-
. ,
(URL) http// (, http://10.90.90.90).
Web- .

166

Secure Shell (SSH)


SSH ( . Secure Shell) - ,
.
SSH
,
. SSH, ,
.
,
(SSH-) (SSH-):
1. , User
Accounts Security Management.

.
SSH.
2. User,
SSH- , SSH User
Authentication. : ,
(public key).
3. SSH Algoritm ,
SSH- SSH,
4. SSH , SSH Configuration.
SSH-
.

SSH
SSH-.
Security Management > Secure Shell (SSH) > SSH Configuration:

167

7.24 Current SSH Configuration Settings


SSH- Apply:

SSH Server Status


Max Session (1-8)

Time Out (120-600)

Auth. Fail (2-20)

Session Rekeying

/
SSH . Disabled.
1 8 ,
.
8.
- .
120 600 . 300
.

, SSH-.

, ().
2 20. 2.
,
SSH.
: Never, 10min, 30min 60min. Never.

SSH Algorithm (SSH-)


SSH Algorithm SSH-,
. ,
, .
, (Enabled). Security
Management > Secure Shell (SSH) > SSH Algorithm:

168

7.25 Encryption Algorithm


:

Encryption Algorithm
3DES-CBC

Blow-fish CBC

AES128-CBC

AES192-CBC

AES256-CBC

ARC4


Triple Data Encryption Standard Cipher Block
Chaining. Enabled ().

Blowfish with Cipher Block
Chaining. Enabled ().

Advanced Encryption Standard AES128
encryption algorithm with Cipher Block Chaining.
Enabled ().

Advanced Encryption Standard AES192
Cipher Block Chaining. Enabled ().

Advanced Encryption Standard AES-256
Cipher Block Chaining. Enabled ().

Arcfour encryption algorithm with Cipher Block
Chaining. Enabled ().

169

Cast128-CBC

Twofish128

Twofish192

Twofish256


Cast128 encryption algorithm with Cipher Block
Chaining. Enabled ().

twofish128. Enabled
().

twofish192. Enable
().

twofish256. Enabled
().
Data Integrity Algorithm

HMAC-SHA1

HMAC-MD5


HMAC (Hash for Message Authentication Code)
Secure Hash algorithm. Enabled
().

HMAC (Hash for Message Authentication Code)
MD5 Message Digest Enabled
().
Public Key Algorithm

HMAC-RSA

HMAC-DSA


HMAC (Hash for Message Authentication Code)
RSA.
Enabled ().
HMAC
(Hash for Message Authentication Code)
Digital Signature ( ).
Enabled ().
Authentication Algorithm

Password


.
Enabled ().
Public Key
,
,
SSH-. Enabled.
Host-based
,
.
Linux
SSH. Enabled.
Apply .

SSH-

SSH. Security Management > Secure Shell >
SSH User Authentication.

7.26 Current Accounts

170

. Trinity User Accounts


Security Management. SSH-,
. SSH-
Current Accounts,
.

7.27 User Accounts Modify Table


:

User Name
SSH-
15 .

.
Auth. Mode

.
Host Based SSH-
.
:
Host Name 31
SSH-.
Host IP IP- SSH-.
Password ,
.
( ).
Public Key
SSH- .
Host Name
31
SSH-.
Host Based Auth. Mode.
Host IP
IP- SSH-.
Host Based Auth. Mode.
Apply .
: SSH-
, .


.

SNMP-
SNMP
Simple Network Management Protocol (SNMP)
( ) OSI,
. SNMP

171

, ,
. SNMP
,
, .
SNMP (
), .
SNMP .
MIB (Management Information Base),
, SNMP-.
SNMP MIB
.
DES-3500 SNMP : 1, 2 3.
, SNMP .
SNMP
.
SNMP v.1 v.2
(community string), .
SNMP
community string. SNMP ,
().
community strings , v.1 v.2
SNMP, :
public MIB.
private
MIB.
SNMP v.3 ,
. ,
SNMP-. ,
SNMP-.

. SNMP
SNMP-. , SNMP,
, SNMP v.1,
/, SNMP v3.
SNMP-, SNMP
v.3,
SNMP. (OID
Object Identifier), MIB.
SNMP v.3, SNMP .
SNMP v.3 ,
.

Traps
Traps - , ,
. , (-
), , , .
traps (
). traps
(Authentication Failure), (Topology Change) /
(Broadcast\Multicast Storm).

172

MIB
MIB
. MIB-II. ,
MIB
, SNMP. MIB-II,
MIB,
. MIB,
MIB. MIB , .
DES-3500 SNMP-.
SNMP .
SNMP V3 SNMP,
.
DES-3500 Simple Network Management Protocol
(SNMP) 1, 2c 3. SNMP,
. SNMP
.
SNMP SNMP V3 Web-.
, SNMP-, Management Station IP
Address.

SNMP-
SNMP User Table SNMP. , , : Security Management SNMP
Manager SNMP User Table.

7.28 SNMP User Table


SNMP User Table X
Delete , .
,
, , :

7.29 SNMP User Table Display


:

173


User Name
Group Name
SNMP Version
Auth-Protocol

Priv-Protocol

-
32 ,
SNMP-.
, SNMP-
SNMP -.
V1 , SNMP 1.
V2 , SNMP 2.
V3 , SNMP 3.
None , .
MD5 ,
HMAC-MD5-96.
SHA , HMACSHA.
None , .
DES , 56-
. DES CBC-DES (DES-56).

SNMP User Table, Show All SNMP User Table Entries.


Add SNMP User Table Configuration.

7.30 SNMP User Table Configuration


:

User Name
Group Name
SNMP Version
Auth-Protocol

-
32 ,
SNMP.
, SNMP-
SNMP -.
V1 , SNMP 1.
V2 , SNMP 2.
V3 , SNMP 3.
MD5 ,
HMAC-MD5-96. , SNMP
Version V3 Encryption,
.
SHA , HMACSHA. , SNMP Version V3
Encryption,
.

Priv-Protocol

None , .
DES , 56- DES,
CBC-DES (DES-56). , SNMP

174

Version V3 Encryption.
, 8-16 .
Encrypted


SNMP V3. SNMP V3.

, Apply. SNMP
User Table Show All SNMP User Table Entries.

SNMP (SNMP View Table)


SNMP View Table community strings,
MIB SNMP-.
: Security Management SNMP Manager SNMP View Table.

7.31 - SNMP View Table


, X Delete ,
. , Add,
.

7.32 SNMP View Table Configuration


SNMP , , SNMP- (
SNMP- (SNMP User Table)) ,
.
:

-
View Name
32 .
SNMP.
Object Identifier Subtree (OID) . OID
Subtree OID

175

View Type

MIB tree, SNMP-.


(Included) , SNMP-
.
(Excluded) , SNMP-
.

, Apply.
SNMP View Table, Show All SNMP View Table Entries.

SNMP (SNMP Group Table)


SNMP , , SNMP- (
SNMP- (SNMP User Table) ) ,
.
: Security Management SNMP Manager SNMP Group
Table.

7.33 SNMP Group Table


SNMP Group Table, X
Delete. SNMP Group Table,
Group Name.

7.34 SNMP Group Table Display


SNMP Group Table, Add
SNMP Group Table, SNMP Group Table
Configuration, :

176

7.35 SNMP Group Table Configuration


:

Group Name
Read View Name
Write View Name
Notify View Name
Security Model

Security Level

, -
32 .
SNMP- SNMP-.
SNMP-,
SNMP-.
SNMP- ,
SNMP- .
SNMP- ,
trap- SNMP, SNMP- .
SNMP v1 , SNMP
1.
SNMP v2 , SNMP
2. SNMP v.2
.
(Structure of Management
Information, SMI), .
SNMP v3 , SNMP
3. SNMP v3 ,
,
.
SNMP v.3.
NoAuthNoPriv ,
, ,
SNMP-.
AuthNoPriv , ,
,
SNMP-.
AuthPriv ,
, SNMP, .

, Apply.
SNMP Group Table, Show All SNMP Group Table Entries.

SNMP Community
SNMP community string,
SNMP. Community string ,
.
community string:

177


IP- SNMP-,
ommunity string SNMP- .

MIB, MIB,
SNMP community.

/ SNMP community
MIB.
SNMP Community, : Administration SNMP
Manager SNMP Community Table.

7.36 SNMP Community Table Configuration


:

Community Name

View Name

Access Right

, -
33 .
MIB SNMP SNMP-
SNMP-.
, -
32 ,
MIB, SNMP
. View Name
SNMP View Table.
Read Only , SNMP community,
community string,
MIB .
Read Write , SNMP community,
community string,
MIB .

, Apply.
SNMP Community Table, X Delete ,
.

SNMP
SNMP Host Table SNMP-
(SNMP trap). SNMP Host Table, : Administration SNMP
Manager SNMP Host Table Configuration SNMP Host Table.
SNMP Host Table, X Delete
, .
SNMP Group Table, Host IP Address.

178

7.37 - SNMP Host Table


SNMP Host Table, Add
, , SNMP Host Table Configuration.

7.38 SNMP Host Table Configuration


:

Host IP Address
SNMP Version

Community
String/SNMP
User Name

IP- ,
SNMP- .
V1 , SNMP 1.
V2 , SNMP 2.
V3-NoAuth-NoPriv , SNMP
3 NoAuth-NoPriv.
V3-Auth-NoPriv , SNMP
3 Auth-NoPriv.
V3-Auth-Priv , SNMP 3
Auth-Priv.
community string SNMP V3 .

V3

Apply. SNMP Host


Table Show All SNMP Host Table Entries.

SNMP Engine ID
Engine ID , SNMP v3.
- SNMP .

SNMP Engine ID , Administration SNMP Manger SNMP


Engine ID, SNMP Engine ID Configuration, .

179

7.39 SNMP Engine ID Configuration


Engine ID, Engine ID Apply.

Safeguard Engine
,
( . flooding , ARP-) .
Safeguard Engine .

Safeguard Engine.
Safeguard Engine
,
.
Sfeguard Engine )
) , Exhausted ( ).
ARP- IP-
.
-. -
ARP-, ARP-
IP- 5 . 5
. ,
. - -,
, ARP- IP-
(10). 320 ,
.
Safeguard Engine.

7- 40. Safeguard Engine

180

, , , ARP IP-.
ARP- IP-,
5 -. ( = 5 , =
10 , = 20 ). , ARP- IP- 5
, .
,
. ,
, 25%,
.
Safeguard Engine Security> Safeguard Engine,
:

7- 41. Safeguard Engine

Safeguard Engine
State Enabled. Safeguard Engine, Advanced
Settings. :

7- 42. Safeguard Engine - Advanced Settings

State

(Enabled)
(Disabled) Safeguard Engine.

181

Rising Threshold

Falling Threshold

Trap/Log

<20-100>
CPU, Safeguard
Engine.
CPU , Safeguard Engine
.
<20-100>
CPU, Safeguard
Engine.
CPU , Safeguard
Engine .
/
Safeguard Engine / SNMP.

182


DHCP-
DHCP, DHCP- DHCP. , DHCP-,
DHCP- . DHCP ,
. DHCP. DHCP
, MAC- DHCP- MAC- ,
IP- IP- DHCP- (UDP- 67).
DHCP Client Screening Setting.
DHCP-.
DHCP- DHCP Server Screening Setting
DHCP- .

7- 43. DHCP Server Screening Setting

183

From/To
State


.
(Enabled) (Disabled)
DHCP- .

Apply.
DHCP Server Screening Status.

DHCP-
IP- MAC . , , DHCP DHCP Server Screening Setting. DHCP-
, DHCP- ,
, IP- MAC- ,
DHCP Client Screening Setting.

7- 44. DHCP Client Filtering Setting

, :

Server IP Address

IP- .

Client MAC Address

MAC- .

All Ports
Ports

, .
.

184

Apply Modify
. DHCP Client Filtering Status
.
Delete.

NetBIOS
NetBIOS- NetBIOS
. NetBIOS-
( UDP- 137 138, TCP- 139).
Extensive NetBIOS Filter NetBIOS 802.3
.
NetBIOS-. Extensive
NetBIOS filter
(DSAP (Destination Service Access Point) =F0 SASP (Source Service Access Point) =F0).

185

7- 45. NetBIOS Filtering Setting Extensive NetBIOS Filter Setting

, , :

From/To

186

State

(Enable)
(Disable) NetBIOS- .
Disable.

Extensive State

(Enable)
(Disable) Extensive NetBIOS- .
Disable.

Apply.
NetBIOS Filtering Status.

187

8 -

CPU

MAC-

IGMP Snooping
IGMP Snooping Forwarding
VLAN


3
Safeguard Engine


Port Utilization ( )
. Utilization
, .
: Monitoring Port
Utilization.

8.1 Utilization
Apply
.

188


Time Interval

Record Number

1s 60s, s
. 1.
,
.
20 200 (
200). ,
(Time
Interval). ,

Clear . Apply ,
.

CPU
CPU Utilization
CPU. : Monitoring CPU Utilization.

8.2 CPU Utilization


Apply , .
, :

Time Interval
Record Number
Utilization

1s 60s, s
. 1s.
20 200.
200.
,
.

189


Web- ,
, . ,
, , ,
, .
.

(RX)
, , : Monitoring
Packets Received (RX).

8.3 Rx Packets Analysis (


)
View Table:

190

8.4 Rx Packets Analysis (


)
:

Time Interval
Record Number
Bytes
Packets
Show/Hide
Clear
View Table
View Line Chart

1s 60s, s
. 1.
.
,
(Time Interval).
20.
, .
, .
, .

.
.

.

,
(RX)
, ,
, : Monitoring Packets UMB Cast (RX).

191

8.5 Rx Packets Analysis ( ,


, )
View Table:

8.6 Rx Packets Analysis ( ,


, )
:

192

Time Interval

1s 60s, s
. 1.
.
,
(Time Interval). ,
. 20.
, , ,
.

Record Number
Unicast
Multicast

, , ,
, .

Broadcast

,
.

Show/Hide

, :
(Multicast), (Broadcast) / (Unicast).
.
.

.

Clear
View Table
View Line Chart

(TX)
, , :
Monitoring Packets Transmitted (TX).

8.7 Tx Packets Analysis (


)

193

TX ,
View Table:

8.8 Tx Packets Analysis (


)
:

Time Interval
Record Number

Bytes
Packets
Show/Hide
Clear
View Table
View Line Chart

1s 60s, s
. 1.
.
,
(Time Interval). ,
. 20. 20
200. 20.
, .
, .
, .

.
.

.

Web- ,
, , .
.

194

(RX)
,
, : Monitoring Error Received (RX).

8.9 Rx Error Analysis ( )


, View Table:

195

8.10 Rx Error Analysis ()


:

Time Interval
Record Number
Crc Error
Under Size

Over Size
Fragment
Jabber
Drop
Show/Hide
Clear
View Table
View Line Chart

1s 60s, s
. 1.
,
(Time Interval).
20.
,
.
,
64 CRC
.
.
, 1518 , VLAN,
MAX_PKT_LEN, 1522 .
, 64 ,
CRC, .
, MAX_PKT_LEN, 1522
.
,
.
, Crc Error, Under Size, Over
Size, Fragment, Jabber Drop.

.
.

.

196

(TX)

, : Monitoring Error Transmitted (TX).

8.11 Tx Error Analysis ( )


,
View Table:

197

8.12 Tx Error Analysis ()


:

Time Interval
Record Number
ExDefer
LateColl
ExColl
SingColl
Coll
Show/Hide
Clear
View Table
View Line Chart

1s 60s, s
. 1.
,
(Time Interval).
20.
, ,
- ,
.
, ,
, 512 .
Excessive Collisions . ,
-
Single Collision Frames .
,
- , .
.
,
ExDefer, LateColl, ExColl, SingColl Coll.

.
.

.

198


Web- ,
, .
6 .

8.13 Rx Size Analysis( )


, View Table:

199

8.14 Rx Size Analysis ()


:

Time Interval
Record Number
64
65-127
128-255
256-511
512-1023
1024-1518
Show/Hide
Clear
View Table
View Line Chart

1s 60s, s
. 1s.
20 200.
200.
( ), 64
( , FCS).
( ),
65 127 ( , FCS).
( ),
128 255 ( , FCS).
( ),
256 511 ( , FCS).
( ),
512 1023 ( , FCS).
( ),
1024 1518 ( , FCS).
, 64, 65-127, 128255, 256-511, 512-1023 1024-1518 .

.
.

.

MAC-
MAC- , .
MAC- ,
. .

200

MAC- : Monitoring MAC Address Table.

8.15 MAC Address Table


:

VLAN ID
MAC Address
Find
VID
MAC Address
Port
Learned
Next
View All Entry
Delete All Entry


VLAN ID.

MAC-.
VLAN ID MAC-
Find, .
VLAN ID VLAN, .
MAC- .
, MAC-,
.
, MAC-.
: Dynamic, Self, Static.
.
,
.
,
.

201

(Switch Log)
Web- ,
. , Monitoring
Switch Log.

8.16 Switch History


,
SNMP trap
. Next .
Clear .

Sequence
Time
Log Text

, 1 ,
.
.
- , ,
.
.

:
, ,
.

202

IGMP Snooping
IGMP Snooping IP-
MAC- IGMP-, .
IGMP-, , Reports.
IGMP Snooping Table : Monitoring IGMP Snooping Group.

8- 17. IGMP Snooping Table

IGMP Snooping Table


VLAN ID (VID). VID
Search.
: 128 IGMP Snooping.
:

VLAN ID
Multicast Group
MAC Address
Queries
Reports
Port Map

VLAN ID (VID) .
IP- .
MAC- .
, ,
. Disabled ,
IGMP Snooping, Enabled ,
, .
.

: IGMP Snooping DES-3500


: Configuration IGMP. , ,
IGMP Snooping, 6 .

203

IGMP Snooping Forwarding


IGMP Snooping Forwarding Table,
: Monitoring IGMP Snooping Forwarding.

8.18 IGMP Snooping Forwarding Table



IGMP Snooping Forwarding Table VLAN ID (VID) VID
Search.
:

VLAN ID
Multicast Group
MAC Address
Port Map

VLAN ID (VID) .
IP- .
MAC- .
.

VLAN
VLAN
. Egress- .
: Monitoring VLAN Status.

204

8.19 VLAN Status


Router Port ,
. ,
Web- ,
S. D , .
: Monitoring Router Port.

8.20 Router Port

205


Port Access Control 802.1x
. : Monitoring Port Access Control.


802.1x . Authenticator
State Monitoring Port Access Control Authenticator State.

8.21 Authenticator State - 802.1x

206

8.22 Show Authenticator State - 802.1x MAC


(Authenticator State)
.
Apply.
1 60 .,
, OK.
, , :

Auth PAE State

Backend State
Port Status

Initialize, Disconnected, Connecting,


Authenticating, Authenticated, Aborting, Held, Force_Auth, Force_Unauth N/A.
N/A (Not available ) ,
.
Request, Response, Success, Fail, Timeout, Idle,
Initialize N/A. N/A (Not available ) ,
.
: Authorized, Unauthorized N/A.

207

3
ARP
ARP Table : Monitoring Layer 3 Feature.
ARP-, . ARP Interface Name IP- IP Address
Find.

8.23 - ARP Table

Safeguard Engine
Safeguard Engine Safeguard Engine,
CPU. CPU
, STP, SNMP, WEB- .. CPU
, ARP-,
IP- , IP- ..
. CPU
( ARP- ).
CPU. D-Link Safeguard Engine

208

CPU
.

8- 24. Safeguard Engine Status CPU Utilization Information

State
Current Status
Interval
Rising Threshold

Falling Threshold

Trap/log

Safeguard
Engine: (Enabled) (Disabled).
CPU.
,
CPU Rising
Threshold Falling Threshold. 5 .
<20-100>
CPU, Safeguard Engine.
CPU , Safeguard Engine
.
- <20-100>
CPU, Safeguard
Engine.
CPU , Safeguard Engine
.

Safeguard Engine / SNMP.

209

9
TFTP


Ping-

TFTP
(Trivial File Transfer Protocol ,TFTP)
TFTP- .
TFTP-.
.

TFTP-
: Maintenance TFTP Services
Download Firmware.

9.1 Download/Update Firmware from TFTP Server


,
Type, Update
Image 1 Image 2 .
Start.

Server IP
File Name
Type

IP- , .
.
,

:
Download:
.

210

.
Update:
, .
(Section 1 Section 2).

Firmware Management. :

ID
Boot Status
Version
Size
Date
From
User
Set Boot
Delete

ID ,
.

Boot.
.
.
.
IP- , .
, .
Apply
,
.

.


TFTP-, Maintenance TFTP Services
Download Configuration File:

9.2 Download Settings from TFTP Server


IP- TFTP-
TFTP-. Start IP- TFTP- .

TFTP-
TFTP-,
Maintenance TFTP Services, Upload Configuration:

9.3 Upload Settings to TFTP Server

211

IP- TFTP-, TFTP-.


Start TFTP-.

TFTP-
TFTP-, Maintenance TFTP
Services, Upload Log:

9.4 Upload Log to TFTP Server


IP- TFTP-, TFTP-.
Start TFTP-.


Multiple Image Services
.
,
, .. .
Firmware Information.

, Image 1,
Config Firmware Image.



. Maintenance MULTIPLE IMAGE Services
Firmware Information.

212

9.5 Firmware Information


:

BOX
ID

Version
Size
Update Time
From

User

.
ID .
.

Image ID 1, .
.
.
.
IP- ,
. IP- :
R
(RS-232).
T
Telnet.
S
SNMP (Simple Network Management Protocol).
W
Web- .
SIM
Single IP Management.
, .

Anonymous Unknown.


Config Firmware Image
, . ,
Maintenance MULTIPLE IMAGE Services Config Firmware Image.

213

9.6 Config Firmware Image


:

Image
Action

,
.
.
.
Delete
, Image.
Boot
, ,
.
ID 1.

, Apply.

Ping Test
Ping test , - ICMP IP-.
- .
.

9.7 Ping Test


Infinite times Repeat Pinging for,
ICMP - IP- .
ping IP 1 255. Start ping.

214


: RAM
() NV-RAM. RAM
Apply ().
NV-RAM,
, , NV-RAM.
NVRAM Save Changes Maintenance. .

9.8 Save Configuration


NV-RAM Save
Configuration. , :

9.9 ,
OK.
NV-RAM,
.

( Reset)
Reset .
, .
: Reset System

.
, . Reset System
,
.
Reset
,
. Reset, ,
Save Changes ,
.

215

9- 10. Reset

Reset System
Reset System
NV-RAM. .
Reset Config
Save Changes.

9.11 Reset System

Reset Config
Reset Config
. , Reset system,
NV-RAM. ,
Save Changes,
.

9.12 Reset Config


. ,
, .
Reboot .

216

9.13 - Reboot

(Logout)

, Log Out.

Web-

9.14 Logout Web Setup

217

10 - D-Link Single IP Management


Single IP Management (SIM)


/

Single IP Management (SIM)


D-Link Single IP Management ( IP-) ,
Ethernet
.
Single IP
Management:
1.
SIM
, .
2.
SIM IP-.
3.
SIM
,
.
, D-Link Single IP Management (SIM),
:
SIM ,
Web-.
SIM
.
,
SIM. Commander Switch (CS) ,
Member Switch (MS) ,
CS SIM- Candidate Switch (CaS )
, SIM-,
CS SIM-.
SIM- Commander
Switch (CS).
SIM- IP-
( ). SIM- .
SIM- 33 ( 0 32),
( 0).
SIM- IP- ( ),
.
VLAN, SIM-
VLAN default.
SIM , , SIM.
,
hop () CS.
SIM- , .
:
1.Commander Switch (CS) ,
:
IP-.
CS SIM-.
, ,
VLAN.

218

2.Member Switch (MS) , SIM- ,


CS,
:
IP-.
CS VLAN
.
3.Candidate Switch (CaS) , SIM-,
. Candidate Switch
SIM-. , CaS,
SIM- :
IP-.
CS VLAN
.
SIM-,
.
CaS,
. IP-
,
CS / .
SIM ,
.
,
.
, .
, SIM-,
SNMP- ( / ),
. MS
IP-, SNMP-, SIM-
.

SIM v1.6
xStack DES-3500
SIM 1.6.
, :
1. CS MS,
SIM- Web.
Discover Maintain, SIM- . MAC-
MS CS. MS, CS
MS MS
MS SIM.
.
, MS
. , ,
, CS.
2. ,
. Ethernet-,
, .

219

3. TFTP-:
TFTP-
MS.

MS / TFTP-.
TFTP- MS.
4. ,
.

SIM Web-
CaS
, Single IP Management .
SIM Web-, : Single IP Management SIM Settings,
.

10.1 SIM Settings (disabled )


SIM (SIM State) Enabled ()
Apply, , :

10.2 SIM Settings (enabled )


:

SIM State
Role State

Discovery Interval

SIM-
. Disabled SIM
.
SIM. :
Candidate Candidate Switch (CaS) SIM-,
Commander Switch (CS).
SIM- .
Commander ,
CS.
Ethernet, SIM. ,
SIM.

220

Holdtime

Group Name

(discovery packets) .
CS ,
(, MS, CaS).
Discovery Interval 30 90 .
;
,
.
holdtime 100 255 .
64 .

, Apply.
CS, Single IP
Management SIM Web-
: Topology, Firmware Upgrade Configuration Backup/Restore Upload Log File.


Topology SIM-
Java- .
Topology Single IP Management (Single IP Management Topology),
.

10.3 Java
here, Java Runtime Environment ,
Topology, .

10.4 Single IP Management Tree View


Tree View :

221


Device Name

Local Port
Speed
Remote Port
MAC Address
Model Name

, .. , SIM, . ,
(default),
MAC-.
CS,
MS CaS.
.
MS
CaS.
MS CaS,
.
.
MAC- .
.

Topology Map, View Topology,


. Topology View ( 20 .
).

10.5 Topology View


, Single IP Management
. :



CS
MS

222

MS
MS,
CaS
CaS

, SIM-


Topology view
. ,
, .
.

10.6 ,
, ,
, .

223

10.7 ,



SIM-.

10.8
:
Collapse , .
Expand SIM- .
Property .

224

10.9 Property

10.10
:
Collapse , .
Expand SIM- .
Property .

10.11 Property

225

10.12 -
:

Collapse , .
Expand SIM- .
Remove from group MS SIM-.
Configure Web- .
Property .

10.13 Property

CaS

10.14 - CaS
:
Collapse , .
Expand SIM- .
Add to group CaS.
,

226

CaS SIM-,
Cancel .

10.15 Input password

Property .

10.16 - Property
:

Device Name

Module Name
MAC Address
Remote Port No.
Local Port No.
Port Speed

, .. , SIM, . ,
(default),
MAC-.
,
.
MAC- .
MS CaS,
.
.
CS,
MS CaS.
.
MS
CaS.

Property Close.


Single IP Management ,

227

10.17 Topology View


.

File
Print Setup .
Print Topology - .
Preference , ,
SIM.

Group
Add to group CaS. Add to group
, CaS
SIM-, Cancel
.

10.18 - Input password


Remove from Group MS SIM-.

Device
Configure Web- .

View
Refresh .
Topology ( Topology View)

Help
About SIM, SIM.

228

:
SIM CLI (Command
Line Interface). SIM
,
DES-3500 .

SIM
Firmware Upgrade
, SIM-, CS.
, MS, ,
MS, MAC-, .
,
Port, IP- ,
, .
Download.

10.19 Firmware Upgrade

/
Configuration File Backup/Restore
, SIM-, CS
TFTP-. , MS,
, MS, MAC-, .
,
Port, IP- ,
, .
Download.
( Upload).

229

10.20 Configuration File Backup/Restore


,
SIM- . Single IP
Management > Upload Log File. IP- , SIM, .
Upload.

10- 21. Upload Log File

230

NWay IEEE 802.3


IEEE 802.3 10BASE-T Ethernet
IEEE 802.3u 100BASE-TX Fast Ethernet
IEEE 802.3ab 1000BASE-T Gigabit Ethernet
IEEE 802.3z 1000BASE-T (SFP Mini GBIC)
IEEE 802.1D Spanning Tree
IEEE 802.1W Rapid Spanning Tree
IEEE 802.1S Multiple Spanning Tree
IEEE 802.1Q VLAN
IEEE 802.1p
IEEE 802.3ad
IEEE 802.3x
CSMA/CD

Ethernet
Fast Ethernet
Gigabit Ethernet
Fiber Optic

10 /
20/
100/
200/
n/a
2000/
SFP (Mini GBIC)
IEEE 802.3z 1000BASE-LX ( DEM-310GT)
IEEE 802.3z 1000BASE-SX ( DEM-311GT)
IEEE 802.3z 1000BASE-LH ( DEM-314GT)
IEEE 802.3z 1000BASE-ZX ( DEM-315GT)

Cat.5 Enhanced 1000BASE-T


UTP Cat.5, Cat. 5 Enhanced 100BASE-TX
UTP Cat.3, 4, 5 10BASE-T
EIA/TIA-568 100-ohm (STP)(100)
24 10/100/1000 / ( DES-3526/DES-3526DC)
48 10/100/1000 / ( DES-3550)
2 - 1000BASE-T/SFP

DC

DES-3526/DES-3550

: 100 120;
200 240 , 50/60

DES-3526 DC 60W

: 48
: 12
DES-3526/DES-3526DC 23 (.)
DES-3550 40 (.)
DES-3526/DES-3526DC: 40
DES-3550: 40
0 40
-40 70
5% 95%
DES-3526/DES-3526DC: 441 207 44 ,
19
DES-3550: 441 309 44
DES-3526 2.56
DES-3526DC 2.5
DES-3550 5
CE class A, FCC Class A, C-Tick

231

(EMI)

CSA International

MAC

Store-and-forward

: 10-1000000 . 300 .

16 MB
. 1,488,095 pps (
1000)

. 8 -
4 .

232



,
. , , pin- .
RJ-45 pin.

-1. RJ-45
RJ-45

1
2
3
4
5
6
7
8

MDI-X
RD+ ()
RD- ()
TD+ ()


TD- (transmit)

MDI-II
TD+ ()
TD- ()
RD+ ()


RD- ()

-1. RJ-45

233

system


Flash-

System warm start

Critical

System cold start

Critical

Configuration and log


saved to flash by
console
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)

Informational

Internal Power failed

Critical

Internal Power is
recovered

Critical

Redundant Power
failed

Critical

Redundant Power is
working

Critical

Firmware upgraded
by onsole
successfully
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)

Informational

Firmware upgrade by
console was
unsuccessful!
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)

Warning

system

up /
download

234

by console IP:
<ipaddr>, MAC:
<macaddr>
XOR
( ).
,


,
IP-
MAC-

.

by console IP:
<ipaddr>, MAC:
<macaddr>
XOR
( ).
,


,
IP-
MAC-

.
by console IP:
<ipaddr>, MAC:
<macaddr>
XOR
( ).
,

Configuration
successfully
downloaded by
console (Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)

Informational

Configuration
download by console
was unsuccessful!
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)

Warning

Configuration
successfully
uploaded by console
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)

Informational

Configuration upload
by console was
unsuccessful!
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)

Warning

235


,
IP-
MAC-

.
by console IP:
<ipaddr>, MAC:
<macaddr>
XOR
( ).
,


,
IP-
MAC-

.
by console IP:
<ipaddr>, MAC:
<macaddr>
XOR
( ).
,


,
IP-
MAC-

.
by console IP:
<ipaddr>, MAC:
<macaddr>
XOR
( ).
,


,
IP-
MAC-

.
by console IP:
<ipaddr>, MAC:
<macaddr>
XOR
( ).
,


,
IP-

Log message
successfully
uploaded by console
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)

Informational

Log message upload


by console was
unsuccessful!
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)

Warning

Port <portNum> link


up, <link state>

Informational

Port <portNum> link


down

Informational

Successful login
through Console
(Username:
<username>)

Informational

Login failed through


Console

Warning

Logout through
Console (Username:
<username>)

Informational

Interface

Console

236

MAC-

.
by console IP:
<ipaddr>, MAC:
<macaddr>
XOR
( ).
,


,
IP-
MAC-

.
by console IP:
<ipaddr>, MAC:
<macaddr>
XOR
( ).
,


,
IP-
MAC-

.
link state: ,
100Mbps FULL
duplex.



,
IP-
MAC-

.


,
IP-
MAC-

.


,
IP-
MAC-

Web

Console session
timed out (Username:
<username>)

Informational


Web-

Successful login
through Web
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)
Login failed through
Web (Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)
Logout through Web
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)
Successful login
through Web (SSL)
(Username: <string>,
IP: <ip>, MAC: <mac>)
Logout through Web
(SSL) Username:
<string>, IP: <ip>,
MAC: <mac>)
Login failed through
Web (SSL)
(Username: <string>,
IP: <ip>, MAC: <mac>)
Successful login
through Telnet
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)
Login failed through
Telnet (Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)
Logout through
Telnet (Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)
Telnet session timed
out (Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)
SNMP request
received from

Informational

Web

Web


SSL

SSL

SSL

Telnet


Telnet

Telnet


Telnet

Telnet

SNMP

SNMP

237

Warning

Informational

Informational

Informational

Warning

Informational

Warning

Informational

Informational

Informational

.


,
IP-
MAC-

.

STP

SSH

community string

<ipAddress> with
invalid community
string!
Topology changed

Informational

New Root selected

Informational

BPDU Loop Back on


Port <portNum>
Spanning Tree
Protocol is enabled

Warning

BPDU Loop Back

Spanning
Tree

Spanning
Tree


SSH

SSH


SSH

SSH

AAA

SSH-

SSH-



(local)

Informational

Spanning Tree
Protocol is disabled

Informational

Successful login
through SSH
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)
Login failed through
SSH (Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)
Logout through SSH
(Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)
SSH session timed
out (Username:
<username>, IP:
<ipaddr>, MAC:
<macaddr>)
SSH server is enabled

Informational

SSH server is
disabled
Authentication Policy
is enabled (Module:
AAA)

Informational

Warning

Informational

Informational

Informational

Informational

Authentication Policy
is disabled (Module:
AAA)

Informational

Successful login
through Console
authenticated by AAA
local method
(Username:
<username>)

Informational

Login failed through


Console
authenticated by AAA
local method

Warning

238



,
IP-
MAC-

.


,



(local)

(Username:
<username>)


Web-



(local)

Successful login
through Web from
<userIP>
authenticated by AAA
local method
(Username:
<username>, MAC:
<macaddr>)
Login failed through
Web from <userIP>
authenticated by AAA
local method
(Username:
<username>, MAC:
<macaddr>)
Successful login
through Web (SSL)
from <userIP>
authenticated by AAA
local method
(Username:
<username>, MAC:
<macaddr>)
Login failed through
Web (SSL) from
<userIP>
authenticated by AAA
local method
(Username:
<username>, MAC:
<macaddr>)
Successful login
through Telnet from
<userIP>
authenticated by AAA
local method
(Username:
<username>, MAC:
<macaddr>)
Login failed through
Telnet from <userIP>
authenticated by AAA
local method
(Username:
<username>, MAC:
<macaddr>)
Successful login
through SSH from
<userIP>
authenticated by AAA
local method
(Username:
<username>, MAC:
<macaddr>)
Login failed through
SSH from <userIP>


Web-



(local)

Web (SSL)



(local)

Web (SSL)



(local)

Telnet



(local)

Telnet



(local)

SSH



(local)

IP-
MAC-

.

239

Informational

Warning

Informational

Warning

Informational

Warning

Informational

Warning

SSH



(local)


none

authenticated by AAA
local method
(Username:
<username>, MAC:
<macaddr>)


Web-


none

Web(SSL)


none


Telnet


none


SSH


none

Successful login
through Console
authenticated by AAA
none method
(Username:
<username>)
Successful login
through Web from
<userIP>
authenticated by AAA
none method
(Username:
<username>,
Successful login
through Web
(SSL) from <userIP>
authenticated by AAA
none
method (Username:
<username>, MAC:
<macaddr>)
Successful login
through
Telnet from <userIP>
authenticated by AAA
none
method (Username:
<username>, MAC:
<macaddr>)
Successful login
through SSH
from <userIP>
authenticated
by AAA none method
(Username:
<username>,
MAC: <macaddr>)
Successful login
through
Console
authenticated by
AAA server
<serverIP>
(Username:
<username>)
Login failed through
Console
authenticated by AAA
server
<serverIP>
(Username:
<username>)
Login failed through
Console

240

Informational

Informational

Informational

Informational

Informational

Informational

Warning

Warning


Web-

due to AAA server


timeout or
improper
configuration
(Username:
<username>)


Web-


Web-


Web (SSL)


Web (SSL)


Web (SSL)

Successful login
through Web
from <userIP>
authenticated
by AAA server
<serverIP>
(Username:
<username>,
MAC: <macaddr>)
Login failed through
Web
from <userIP>
authenticated
by AAA server
<serverIP>
(Username:
<username>,
MAC: <macaddr>)
Login failed through
Web
from <userIP> due to
AAA
server timeout or
improper
configuration
(Username:
<username>, MAC:
<macaddr>)
Successful login
through Web
(SSL) from <userIP>
authenticated by AAA
server
<serverIP>
(Username:
<username>, MAC:
<macaddr>)
Login failed through
Web
(SSL) from <userIP>
authenticated by AAA
server
<serverIP>
(Username:
<username>, MAC:
<macaddr>)
Login failed through
Web(SSL) from
<userIP> due
to AAA server timeout
or
improper
configuration

241

Informational

Warning

Warning

Informational

Warning

Warning

(Username:
<username>,
MAC: <macaddr>)
Successful login
through
Telnet from <userIP>
authenticated by AAA
server
<serverIP>
(Username:
<username>, MAC:
<macaddr>)
Login failed through
Telnet
from <userIP>
authenticated
by AAA server
<serverIP>
(Username:
<username>,
MAC: <macaddr>)
Login failed through
Telnet
from <userIP> due to
AAA
server timeout or
improper
configuration
(Username:
<username>, MAC:
<macaddr>)
Successful login
through SSH
from <userIP>
authenticated
by AAA server
<serverIP>
(Username:
<username>,
MAC: <macaddr>)
Login failed through
SSH from
<userIP>
authenticated by
AAA server
<serverIP>
(Username:
<username>,
MAC: <macaddr>)
Login failed through
SSH from
<userIP> due to AAA
server
timeout or improper
configuration
(Username:
<username>, MAC:
<macaddr>)
Successful Enable
Admin


Telnet


Telnet


Telnet


SSH


SSH


SSH

Enable

242

Informational

Warning

Warning

Informational

Warning

Warning

Informational

Admin

local_enable
( )

Enable
Admin

local_enable
( )

Enable
Admin Web

local_enable
( )

Enable
Admin Web

local_enable
( )

Enable
Admin Web
(SSL)

local_enable
( )

through Console
authenticated by AAA
local_enable method
(Username:
<username>)

Enable
Admin Web
(SSL)

local_enable
( )

Enable
Admin Telnet

local_enable

Enable Admin failed


through
Console
authenticated by
AAA local_enable
method
(Username:
<username>)

Warning

Successful Enable
Admin
through Web from
<userIP>
authenticated by AAA
local_enable method
(Username:
<username>,
MAC: <macaddr>)
Enable Admin failed
through
Web from <userIP>
authenticated by AAA
local_enable method
(Username:
<username>,
MAC: <macaddr>)

Informational

Successful Enable
Admin
through Web (SSL)
from
<userIP>
authenticated by
AAA local_enable
method
(Username:
<username>,
MAC: <macaddr>)
Enable Admin failed
through
Web (SSL) from
<userIP>
authenticated by AAA
local_enable method
(Username:
<username>,
MAC: <macaddr>)
Successful Enable
Admin
through Telnet from
<userIP>
authenticated by AAA
local_enable method
(Username:

Informational

243

Warning

Warning

Informational

( )

<username>,
MAC: <macaddr>)
Enable Admin failed
through
Telnet from <userIP>
authenticated by AAA
local_enable method
(Username:
<username>,
MAC: <macaddr>)

Enable
Admin Telnet

local_enable
( )

Enable
Admin SSH

local_enable
( )

Enable
Admin SSH

local_enable
( )

Enable
Admin

none

Enable
Admin Web

none

Enable
Admin Web
(SSL)

none

Enable
Admin Telnet

none

Successful Enable
Admin
through SSH from
<userIP>
authenticated by AAA
local_enable method
(Username:
<username>,
MAC: <macaddr>)
Enable Admin failed
through SSH from
<userIP>
authenticated by
AAA local_enable
method
(Username:
<username>,
MAC: <macaddr>)
Successful Enable
Admin
through Console
authenticated by AAA
none
method (Username:
<username>)
Successful Enable
Admin
through Web from
<userIP>
authenticated by AAA
none
method (Username:
<username>, MAC:
<macaddr>)
Successful Enable
Admin
through Web (SSL)
from
<userIP>
authenticated by
AAA none method
(Username:
<username>, MAC:
<macaddr>)
Successful Enable
Admin
through Telnet from
<userIP>
authenticated by AAA

244

Warning

Informational

Warning

Informational

Informational

Informational

Informational

Enable
Admin SSH

none

Enable
Admin

Enable
Admin

Enable
Admin

Enable
Admin Web

Enable
Admin Web

none
method (Username:
<username>, MAC:
<macaddr>)
Successful Enable
Admin
through SSH from
<userIP>
authenticated by AAA
none
method (Username:
<username>, MAC:
<macaddr>)
Successful Enable
Admin
through Console
authenticated by AAA
server
<serverIP>
(Username:
<username>)
Enable Admin failed
through
Console
authenticated by
AAA server
<serverIP>
(Username:
<username>)
Enable Admin failed
through
Console due to AAA
server
timeout or improper
configuration
(Username:
<username>)

Successful Enable
Admin
through Web from
<userIP>
authenticated by AAA
server
<serverIP>
(Username:
<username>, MAC:
<macaddr>)
Enable Admin failed
through
Web from <userIP>
authenticated by AAA
server
<serverIP>
(Username:
<username>, MAC:

245

Informational

Informational

Warning

Warning

Informational

Warning

Enable
Admin Web

Enable
Admin Web
(SSL)

Enable
Admin Web
(SSL)

Enable
Admin Web
(SSL)

Enable
Admin Telnet

<macaddr>)
Enable Admin failed
through
Web from <userIP>
due to
AAA server timeout or
improper
configuration
(Username:
<username>,
MAC: <macaddr>)

Warning

Successful Enable
Admin
through Web (SSL)
from
<userIP>
authenticated by
AAA server
<serverIP>
(Username:
<username>,
MAC: <macaddr>)
Enable Admin failed
through
Web (SSL) from
<userIP>
authenticated by AAA
server
<serverIP>
(Username:
<username>, MAC:
<macaddr>)
Enable Admin failed
through
Web (SSL) from
<userIP> due
to AAA server timeout
or
improper
configuration
(Username:
<username>,
MAC: <macaddr>)

Informational

Successful Enable
Admin
through Telnet from
<userIP>
authenticated by AAA
server
<serverIP>
(Username:
<username>, MAC:
<macaddr>)
Enable Admin failed
through

Informational

246

Warning

Warning

Warning

Enable
Admin Telnet

Telnet from <userIP>


authenticated by AAA
server
<serverIP>
(Username:
<username>, MAC:
<macaddr>)
Enable Admin failed
through
Telnet from <userIP>
due to
AAA server timeout or
improper
configuration
(Username:
<username>,
MAC: <macaddr>)

Enable
Admin Telnet

Enable
Admin SSH

Enable
Admin SSH

Enable
Admin SSH

Port
Security


Port

Successful Enable
Admin
through SSH from
<userIP>
authenticated by AAA
server
<serverIP>
(Username:
<username>, MAC:
<macaddr>)
Enable Admin failed
through
SSH from <userIP>
authenticated by AAA
server
<serverIP>
(Username:
<username>, MAC:
<macaddr>)
Enable Admin failed
through
SSH from <userIP>
due to
AAA server timeout or
improper
configuration
(Username:
<username>,
MAC: <macaddr>)

Warning

Informational

Warning

Warning

AAA server
<serverIP>
(Protocol: <protocol>)
connection failed

Warning

Port security violation


(Port:
<portNum>, MAC:

Warning

247

<protocol>

TACACS, XTACACS,
TACACS+
RADIUS

<macaddr>)

IPMACPORT
Binding

Security
,

.
IP-

IP-MAC Port
Binding

Safeguaard
Safeguar Engine
d Engine
Safeguaard
Engine

Packet

storm


Security


, MAC
MAC

Unauthenticated IPMAC
address and
discarded by ip
mac port binding (IP:
<ipaddr>, MAC:
<macaddr>,
Port <portNum>)
SafeGuard Engine
enters
NORMAL mode

Warning

SafeGuard Engine
enters
EXHAUSTED mode

Warning

Broadcast storm is
occurring
(port: <id>)

Warning

Broadcast storm has


cleared
(port: <id>)
Multicast storm is
occurring
(port: <id>)

Informational

Multicast storm has


cleared
(port: <id>)
Possible spoofing
attack from
<mac> port <u16>

Informational

248

Informational

Warning

Critical

D

.

Mini-GBIC

1000BASE-LX,

1000BASE-SX,

1000BASE-LHX,

1000BASE-ZX,

UTP- 5e
UTP- 5 (1000 /)
UTP- 5 (100 /)

100

UTP- 3 (10 /)

100

1000BASET
100BASETX
10Base-T

249

10
550
40
80
100


1000BASE-LX: Gigabit Ethernet, ,
550 .
1000BASE-SX: Gigabit Ethernet, ,
10 .
100BASE-FX: Fast Ethernet .
100BASE-TX: IEEE 802.3u Ethernet 100 /
2- 5.
10BASE-T: IEEE 802.3i Ethernet
(" ").
aging: ,
.
ATM: Asynchronous Transfer Mode ( ). ,
()
. ATM , , .
(auto-negotiation): ,
, . ,
,
.
(backbone port): , ,
.
. downlink-.
(backbone): ,
.
(bandwidth): ,
, . Ethernet
10/, Fast Ethernet 100/.
baud rate: , .
BOOTP: BOOTP IP- MAC . ,
.
(bridge): ,
OSI.
(broadcast): .

(broadcast
storm):

, , ,
.
(console port): ,
.

250

, .
.
CSMA/CD: Carrier sense multiple access/collision detection. ,
Ethernet IEEE 802.3, ,
.
, .

.
(data center switching):
,
,
.
Ethernet: (LAN) Xerox, Intel
Digital Equipment Corporation. Ethernet 10/
CSMA/CD .
Fast Ethernet: 100 , Ethernet.
CSMA/CD .
(Flow Control): (IEEE 802.3z). ,

.
(forwarding):
.

(full duplex): ,
.
(half duplex): , ,
.
IP- (IP address): ,
CP/IP. 4- ,
, .
IPX: , NetWare
(LAN): , , ,
, ( ).
.
(latency): , ,
, .
(line speed): baud rate.
(main port): ,
.
MDI - Medium Dependent Interface: Ethernet,
.

251

MDI-X - Medium Dependent Interface Cross-over: Ethernet,


.
(MIB): ,
.
SNMP. MIB.
(multicast):
. (Destination address field).
(protocol): , .
, , .
(resilient link): , ,
, .
(main port) standby port.
RJ-45: 8- IEEE 802.3 10BASE-T
(RMON): SNMP MIB II,
, 10 .
(RPS): ,
.
SLIP - Serial Line Internet Protocol: , IP-
.
SNMP - Simple Network Management Protocol: ,
TCP/IP. SNMP

.
Spanning Tree Protocol (STP): ,
. STP
, , .
(stack): , ,
.
standby port: ,
.
(switch): , , ,
. ,
, .
, .
TCP/IP: , Telnet, FTP
.
telnet: TCP/IP, ,
,
.

252

TFTP - Trivial File Transfer Protocol: , (


) ,
.
UDP - User Datagram Protocol: ,
.
VLAN ( LAN):
.
LAN.
LAN (VLT): -,
VLAN- .
VT100: , ASCII. VT100-
.

253