24-port fast ethernet plus 2-port gigabit module layer 3 switch (425 pages)
Summary of Contents for D-Link xStack DES-3200 Series
Page 2
Reproduction of this document in any manner whatsoever without the written permission of D-Link Corporation is strictly forbidden. Trademarks used in this text: D-Link and the D-LINK logo are trademarks of D-Link Corporation; Microsoft and Windows are registered trademarks of Microsoft Corporation.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Intended Readers Typographical Conventions Notes, Notices and Cautions Safety Instructions General Precautions for Rack-Mountable Products Protecting Against Electrostatic Discharge The DES-3200 Series Web UI Reference Guide contains information for setup and management of the Switch. This manual is intended for network managers familiar with network management concepts and terminology.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Chapter 1 Web-based Switch Configuration Introduction Login to the Web Manager Web-based User Interface Web Pages Introduction All software functions of the DES-3200 Series switches can be managed, configured and monitored via the embedded web-based (HTML) interface.
Select the menu or window to display. Open folders and click the hyperlinked menu buttons Area 1 and subfolders contained within them to display menus. Click the D-Link logo to go to the D- Link website. Presents a graphical near real-time image of the front panel of the Switch. This area displays the Switch's ports, console and management port, showing port activity.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Web Pages When connecting to the management mode of the Switch with a web browser, a login screen is displayed. Enter a user name and password to access the Switch's management mode. Below is a list of the main folders available in the Web interface: System Configuration - In this section the user will be able to configure features regarding the Switch’s configuration.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Chapter 2 System Configuration Device Information System Information Settings Port Configuration Serial Port Settings Warning Temperature Settings System Log configuration Time Range Settings Time Settings User Accounts Settings Command Logging Settings Device Information This window contains the main settings for all the major functions for the Switch.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 2-2 System Information Settings window The fields that can be configured are described below: Parameter Description System Name Enter a system name for the Switch, if so desired. This name will identify it in the Switch network.
Page 15
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 2-3 Port Settings window To configure switch ports: 1. Choose the port or sequential range of ports using the From Port and To Port drop-down menus. 2. Use the remaining drop-down menus to configure the parameters described below: The fields that can be configured are described below: Parameter Description...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch of a gigabit connection. The master setting (1000M Full_Master) will allow the port to advertise capabilities related to duplex, speed and physical layer type. The master setting will also determine the master and slave relationship between the two connected physical layers.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 2-4 Port Description Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the appropriate port range used for the configuration here. Medium Type Specify the medium type for the selected ports.
48 VDC power to Powered Devices (PDs) over Category 5 or Category 3 UTP Ethernet cables. The Switch follows the standard Power Sourcing Equipment (PSE) pinout Alternative A, whereby power is sent out over pins 1, 2, 3 and 6. The Switches work with all D-Link 802.3af capable devices. Alternative...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Class Usage Minimum output power levels of PSE devices Default 15.4 Watt Optional 4.0 Watt Optional 7.0 Watt Optional 15.4 Watt Reserved Treat as Class 0 For 802.3at capable devices, evaluate the table below, containing the correct power level per class and their respective usage options.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 2-7 PoE System Settings window The following parameters can be configured: Parameter Description Power Limit Sets the limit of power to be used from the Switch’s power source to PoE ports. The user may configure a Power Limit between 37W and 188W for the DES-3200-28P, and between 37W and 370W for DES-3200-52P.
Page 21
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 2-8 PoE Port Settings window The following parameters can be configured: Parameter Description From Port / To Port Select a range of ports from the drop-down menus to be enabled or disabled for PoE. State Use the drop-down menu to enable or disable ports for PoE.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The following is the power limit applied to the port for these five classes. For each class, the power limit is a little more than the power consumption range for that class. This takes into account any power loss on the cable.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 2-10 Warning Temperature Settings window The fields that can be configured are described below: Parameter Description Traps State Use the drop-down menu to enable or disable the traps state option of the warning temperature setting.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Apply button to accept the changes made for each individual section. System Log Server Settings The Switch can send System log messages to up to four designated servers using the System Log Server. To view the following window, click System Configuration >...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 2-13 System Log window The fields that can be configured or displayed are described below: Parameter Description Log Type In the drop-down menu the user can select the log type that will be displayed. Severity - When selecting Severity from the drop-down menu, a secondary tick must be made.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Parameter Description Interface Name Enter the IP interface name used. IPv4 Address Enter the IPv4 address used. Click the Apply button to accept the changes made for each individual section. Click the Clear button to clear all the information entered in the fields. System Severity Settings The Switch can be configured to allow alerts be logged or sent as a trap to an SNMP agent.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The fields that can be configured are described below: Parameter Description Range Name Enter a name of no more than 32 alphanumeric characters that will be used to identify this time range on the Switch. This range name will be used in the Access Profile table to identify the access profile and associated rule to be enabled during this time range.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 2-18 User Accounts Settings window To add a new user, type in a User Name and New Password and retype the same password in the Confirm New Password field. Choose the level of privilege (Admin, Operator, Power User or User) from the Access Right drop- down menu.
Page 29
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch To view this window, click System Configuration > Command Logging Settings, as shown below: Figure 2-19 Command Logging Settings window The fields that can be configured are described below: Parameter Description Command Logging State Use the radio buttons to enable or disable the function.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Chapter 3 Management Gratuitous ARP IPv6 Neighbor Settings IP Interface Management Settings Session Table Single IP Management SNMP Settings Telnet Settings Web Settings Static ARP Settings The Address Resolution Protocol is a TCP/IP protocol that converts IP addresses into physical addresses. This table allows network managers to view, define, modify, and delete ARP information for specific devices.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 3-2 ARP Table window The fields that can be configured are described below: Parameter Description Interface Name Enter or view the Interface name used. IP Address Enter or view the IP Address used. MAC Address Enter or view the MAC Address used.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch with the system. In order to reclaim the correct host of this IP address, the system can send out the gratuitous ARP request packets for this duplicate IP address. Gratuitous ARP Normally, the system will only learn the ARP reply packet or a normal ARP request Learning packet that asks for the MAC address that corresponds to the system’s IP address.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 3-5 IPv6 Neighbor Settings window The fields that can be configured are described below: Parameter Description Interface Name Enter the interface name of the IPv6 neighbor. Neighbor IPv6 Address Enter the neighbor IPv6 address. Link Layer MAC Enter the link layer MAC address.
Page 34
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch To view the following window, click Management > IP Interface > System IP Address Settings, as show below: Figure 3-6 System IP Address Settings window The fields that can be configured are described below: Parameter Description Static...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch as an IP gateway. If your network is not part of an intranet, or you do not want the Switch to be accessible outside your local network, you can leave this field unchanged.
Page 36
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Interface Admin State Use the drop-down menu to enable or disable the Interface Admin State. Click the Apply button to accept the changes made. Click the <<Back button to discard the changes made and return to the previous page. Click the IPv4 Edit button to see the following window.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The fields that can be configured or displayed are described below: Parameter Description Interface Name Display the IPv6 interface name. IPv6 State Use the drop-down menu to enable or disable IPv6 State. Interface Admin State Use the drop-down menu to enable or disable the Interface Admin State.
Being enabled, will allow the user to perform a password recovery of the running configuration. Click the Apply button to accept the changes made. To learn more about the D-Link Green Technologies, go to http://green.dlink.com/ for more details. Session Table Users can display the management sessions since the Switch was last rebooted.
DES-3200 Series Layer 2 Managed Fast Ethernet Switch Single IP Management D-Link Single IP Management is a concept that will stack switches together over Ethernet instead of using stacking ports or modules. There are some advantages in implementing the “Single IP Management” feature: 1.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch • The user can manually configure a CaS to become a CS • The CaS can be configured through the CS to become a MS. After configuring one switch to operate as the CS of a SIM group, additional DES-3200 Series switches may join the group by manually configuring the Switch to be a MS.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 3-14 Single IP Settings window The fields that can be configured are described below: Parameter Description SIM State Use the drop-down menu to either enable or disable the SIM state on the Switch. Disabled will render all SIM functions on the Switch inoperable.
Page 42
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 3-15 Single IP Management window - Tree View The Topology window holds the following information on the Data tab: Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user.
Page 43
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 3-16 Topology view This window will display how the devices within the Single IP Management Group connect to other groups and devices. Possible icons on this window are as follows: Icon Description Icon...
Page 44
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 3-17 Device Information Utilizing the Tool Tip Setting the mouse cursor over a line between two devices will display the connection speed between the two devices, as shown below. Figure 3-18 Port Speed Utilizing the Tool Tip Right-Click Right-clicking on a device will allow the user to perform various functions, depending on the role of the Switch in the SIM group and the icon associated with it.
Page 45
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 3-19 Right-Clicking a Group Icon The following options may appear for the user to configure: • Collapse – To collapse the group that will be represented by a single icon. •...
Page 46
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch • Property – To pop up a window to display the group information. Member Switch Icon Figure 3-22 Right-clicking a Member icon The following options may appear for the user to configure: •...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Group • Add to group – Add a candidate to a group. Clicking this option will reveal the following dialog box for the user to enter a password for authentication from the Candidate Switch before being added to the SIM group.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Configuration File Backup/Restore This screen is used to download/upload configuration files from the Commander Switch to the Member Switch, using a TFTP server. Member Switches will be listed in the table and will be specified by ID, Port (port on the CS where the MS resides), MAC Address, Model Name and Firmware Version.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch • public – Allows authorized management stations to retrieve MIB objects. • private – Allows authorized management stations to retrieve and modify MIB objects. SNMPv3 uses a more sophisticated authentication process that is separated into two parts. The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The fields that can be configured are described below: Parameter Description SNMP State Enable this option to use the SNMP feature. Click the Apply button to accept the changes made. SNMP Traps Settings Users can enable and disable the SNMP trap support function of the switch and SNMP authentication failure trap support, respectively.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 3-33 SNMP Linkchange Traps Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the starting and ending ports to use. State Use the drop-down menu to enable or disable the SNMP link change Trap.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The fields that can be configured are described below: Parameter Description View Name Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP view being created. Subtree OID Type the Object Identifier (OID) Subtree for the view.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch SNMP Group Table Settings An SNMP Group created with this table maps SNMP users (identified in the SNMP User Table) to the views created in the previous window. To view the following window, click Management > SNMP Settings > SNMP Group Table Settings, as show below: Figure 3-36 SNMP Group Table Settings window The fields that can be configured are described below:...
SNMP management private enterprise number as assigned by IANA (D-Link is 171). The fifth octet is 03 to indicate the rest is the MAC address of this device. The sixth to eleventh octets is the MAC address.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Auth-Protocol MD5 – Specify that the HMAC-MD5-96 authentication level will be used. This field is only operable when V3 is selected in the SNMP Version field and the Encryption field has been checked. This field will require the user to enter a password. SHA –...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch RMON Settings On this page the user can enable or disable remote monitoring (RMON) for the rising and falling alarm trap feature for the SNMP function on the Switch. To view the following window, click Management > SNMP Settings > RMON Settings, as show below: Figure 3-40 RMON Settings window The fields that can be configured are described below: Parameter...
Page 57
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 3-42 Web Settings window The fields that can be configured are described below: Parameter Description Web Status Web-based management is Enabled by default. If you choose to disable this by clicking Disabled, you will lose the ability to configure the system through the web interface as soon as these settings are applied.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Chapter 4 L2 Features VLAN QinQ Layer 2 Protocol Tunneling Settings Spanning Tree Link Aggregation L2 Multicast Control Multicast Filtering ERPS Settings LLDP NLB FDB Settings VLAN Understanding IEEE 802.1p Priority Priority tagging is a function defined by the IEEE 802.1p standard designed to provide a means of managing traffic on a network where many different types of data may be transmitted simultaneously.
Page 59
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch VLANs can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains. A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently communicate with each other are assigned to the same VLAN, regardless of where they are physically on the network.
Page 60
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The main characteristics of IEEE 802.1Q are as follows: 1. Assigns packets to VLANs by filtering. 2. Assumes the presence of a single global spanning tree. 3. Uses an explicit tagging scheme with one-level tagging.
Page 61
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-3 Adding an IEEE 802.1Q Tag Port VLAN ID Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact. This allows 802.1Q VLANs to span network devices (and indeed, the entire network, if all network devices are 802.1Q compliant).
Page 62
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch If a packet has previously been tagged, the port will not alter the packet, thus keeping the VLAN information intact. Other 802.1Q compliant devices on the network to make packet-forwarding decisions can then use the VLAN information in the tag.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch On port-based VLANs, NICs do not need to be able to identify 802.1Q tags in packet headers. NICs send and receive normal Ethernet packets. If the packet’s destination lies on the same segment, communications take place using normal Ethernet protocols.
Page 64
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-5 802.1Q VLAN Settings – Add/Edit VLAN Tab window The fields that can be configured are described below: Parameter Description Allow the entry of a VLAN ID or displays the VLAN ID of an existing VLAN in the Add/Edit VLAN tab.
Page 65
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-6 802.1Q VLAN Settings – Find VLAN Tab window Enter the VLAN ID number in the field offered and then click the Find button. You will be redirected to the VLAN List tab.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch the port as forbidden. Click the Apply button to accept the changes made. NOTE: The Switch supports up to 4k static VLAN entries. 802.1v Protocol VLAN 802.1v Protocol Group Settings The user can create Protocol VLAN groups and add protocols to that group. The 802.1v Protocol VLAN Group Settings support multiple VLANs for each protocol and allows the user to configure the untagged ports of different protocols on the same physical port.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch NOTE: The Group name value should be less than 33 characters. 802.1v Protocol VLAN Settings The user can configure Protocol VLAN settings. The lower half of the table displays any previously created settings. To view the following window, click L2 Features >...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Delete All button to remove all the entries listed. Click the Edit button to re-configure the specific entry. Click the Delete button to remove the specific entry. GVRP GVRP Global Settings Users can determine whether the Switch will share its VLAN configuration information with other GARP VLAN Registration Protocol (GVRP) enabled switches.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-11 GVRP Port Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the starting and ending ports to use. PVID (1-4094) This field is used to manually assign a PVID to a VLAN.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch To view the following window, click L2 Features > VLAN > MAC-based VLAN Settings, as show below: Figure 4-12 MAC-based VLAN Settings The fields that can be configured are described below: Parameter Description MAC Address...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-14 Example of VLAN Trunk Users can combine a number of VLAN ports together to create VLAN trunks. To view the following window, click L2 Features > VLAN > VLAN Trunk Settings, as show below: Figure 4-15 VLAN Trunk Settings window The fields that can be configured are described below: Parameter...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch NOTE: The abbreviations used on this page are Tagged Port (T), Untagged Port (U) and Forbidden Port (F). Show VLAN Ports Users can display the VLAN ports of the Switch's viewed by VID. Enter a Port or a Port List in the field at the top of the window and click the Find button.
Page 73
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-18 QinQ example window In this example, the Service Provider Access Network switch (Provider edge switch) is the device creating and configuring Double VLANs. Both CEVLANs (Customer VLANs), 10 and 11, are tagged with the SPVID 100 on the Service Provider Access Network and therefore belong to one VLAN on the Service Provider’s network, thus being a member of two VLANs.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch QinQ Settings This window is used to configure the Q-in-Q parameters. To view the following window, click L2 Features > QinQ > QinQ Settings, as show below: Figure 4-19 QinQ Settings Window The fields that can be configured are described below: Parameter Description...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch configured rule. On egress at this port, the SP-VLAN tag will be recovered to C-VLAN tag or be striped. The priority will be the priority in the SP-VLAN tag if the inner priority flag is disabled for the receipt port. To view the following window, click L2 Features >...
802.1Q-2005 MSTP. 802.1D-1998 STP will be familiar to most networking professionals. However, since 802.1D-2004 RSTP and 802.1Q-2005 MSTP have been recently introduced to D-Link managed Ethernet switches, a brief introduction to the technology is provided below followed by a description of how to set up 802.1D-1998 STP, 802.1D-2004 RSTP, and 802.1Q-2005 MSTP.
Page 77
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch 3. VLANs that will be shared must be added to the MSTP Instance ID (defined here as a VID List in the MST Configuration Identification window when configuring an MSTI ID settings). 802.1D-2004 Rapid Spanning Tree The Switch implements three versions of the Spanning Tree Protocol, the Multiple Spanning Tree Protocol (MSTP) as defined by the IEEE 802.1Q-2005, the Rapid Spanning Tree Protocol (RSTP) as defined by the IEEE 802.1D-...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch 802.1D-1998/802.1D-2004/802.1Q-2005 Compatibility MSTP or RSTP can interoperate with legacy equipment and is capable of automatically adjusting BPDU packets to 802.1D-1998 format when necessary. However, any segment using 802.1D-1998 STP will not benefit from the rapid transition and rapid topology change detection of MSTP or RSTP.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Bridge Forward Delay The Forward Delay can be from 4 to 30 seconds. Any port on the Switch spends (4-30) this time in the listening state while moving from the blocking state to the forwarding state.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch value is 0 (auto). Setting 0 for the external cost will automatically set the speed for forwarding packets to the specified port(s) in the list for optimal efficiency. The default port cost for a 100Mbps port is 200000 and the default port cost for a Gigabit port is 20000.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The fields that can be configured are described below: Parameter Description Configuration Name This name uniquely identifies the MSTI (Multiple Spanning Tree Instance). If a Configuration Name is not set, this field will show the MAC address to the device running MSTP.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch MSTP Port Information This window displays the current MSTI configuration information and can be used to update the port configuration for an MSTI ID. If a loop occurs, the MSTP function will use the port priority to select an interface to put into the forwarding state.
Page 83
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch 4-27 Example of Port Trunk Group The Switch treats all ports in a trunk group as a single port. Data transmitted to a specific host (destination address) will always be transmitted over the same port in a trunk group. This allows packets in a data stream to arrive in the same order they were sent.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch NOTE: If any ports within the trunk group become disconnected, packets intended for the disconnected port will be load shared among the other linked ports of the link aggregation group. Port Trunking Settings On this page the user can configure the port trunk settings for the switch.
Page 85
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-29 LACP Port Settings window The fields that can be configured are described below: Parameter Description From Port / To Port A consecutive group of ports may be configured starting with the selected port. Activity Active - Active LACP ports are capable of processing and sending LACP control frames.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Static FDB Settings Unicast Static FDB Settings Users can set up static unicast forwarding on the Switch. To view the following window, click L2 Features > FDB > Static FDB Settings > Unicast Static FDB Settings, as show below: Figure 4-30 Unicast Static FDB Settings window The fields that can be configured are described below:...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-31 Multicast Static FDB Settings window The fields that can be configured are described below: Parameter Description The VLAN ID of the VLAN the corresponding MAC address belongs to. Multicast MAC Address The static destination MAC address of the multicast packets.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-32 MAC Notification Settings window The fields that can be configured are described below: Parameter Description State Enable or disable MAC notification globally on the Switch Interval (1-2147483647) The time in seconds between notifications. Value range to use is 1 to 2147483647. History Size (1-500) The maximum number of entries listed in the history log used for notification.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Time (10-1000000) forwarding table without being accessed (that is, how long a learned MAC Address is allowed to remain idle). To change this option, type in a different value representing the MAC address’ age-out time in seconds. The MAC Address Aging Time can be set to any value between 10 and 1000000 seconds.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-35 ARP & FDB Table window The fields that can be configured are described below: Parameter Description Port Select the port number to use for this configuration. MAC Address Enter the MAC address to use for this configuration. IP Address Enter the IP address the use for this configuration.
Page 91
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-36 IGMP Snooping Settings window The fields that can be configured are described below: Parameter Description IGMP Snooping State Click to enable or disable the IGMP Snooping state. Max Learned Entry Enter the maximum learning entry value.
Page 92
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Querier State Specify to enable or disable the querier state. Fast Leave Enable or disable the IGMP snooping fast leave function. If enabled, the membership is immediately removed when the system receive the IGMP leave message.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Apply button to accept the changes made. Click the <<Back button to discard the changes made and return to the previous page. IGMP Snooping Rate Limit Settings On this page the user can configure the IGMP snooping rate limit parameters. To view the following window, click L2 Features >...
Page 94
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Parameter Description VLAN Name Enter the VLAN name of the multicast group. VID List Enter the VID list or of the multicast group. IPv4 Address Enter the IPv4 address. Click the Find button to locate a specific entry based on the information entered. Click the Create button to add a new entry based on the information entered.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch NOTE: The abbreviations used on this page are Static Router Port (S), Dynamic Router Port (D) and Forbidden Router Port (F). IGMP Snooping Group Users can view the Switch’s IGMP Snooping Group Table. IGMP Snooping allows the Switch to read the Multicast Group IP address and the corresponding MAC address from IGMP packets that pass through the Switch.
Page 96
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-44 IGMP Snooping Forwarding Table window The fields that can be configured are described below: Parameter Description VLAN Name The VLAN Name of the multicast group. VID List The VLAN ID list of the multicast group. Click the Find button to locate a specific entry based on the information entered.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-46 Browse IGMP Snooping Counter window Click the Clear Counter button to clear all the information displayed in the fields. Click the Refresh button to refresh the display table so that new information will appear. Click the <<Back button to return to the previous page.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The fields that can be configured are described below: Parameter Description From Port / To Port Select the a range of ports to be configured. State Use the drop-down menu to enable or disable the filtering function IGMP Query Tick to enable or disable filtering IGMP Query protocol packets.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The Switch allows you to implement data driven learning for MLD snooping groups. If data-driven learning, also known as dynamic IP multicast learning, is enabled for a VLAN, when the Switch receives IP multicast traffic on the VLAN, an MLD snooping group is created.
Page 100
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-49 MLD Snooping Parameters Settings window The fields that can be configured are described below: Parameter Description Query Interval (1-65535) Specify the amount of time in seconds between general query transmissions. The default setting is 125 seconds.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch After clicking the Modify Router Port link, the following page will appear: Figure 4-50 MLD Snooping Router Port Settings window The fields that can be configured are described below: Parameter Description Static Router Port This section is used to designate a range of ports as being connected to multicast- enabled routers.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Port List Enter the Port List here. VID List Enter the VID List value here. Rate Limit Configure the rate limit of MLD control packet that the switch can process on a specific port/VLAN.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Parameter Description Ports Tick the check boxes to select the ports to be configured. Click the Select All button to select all the ports for configuration. Click the Clear All button to unselect all the ports for configuration. Click the Apply button to accept the changes made.
Page 104
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-55 MLD Snooping Group window The fields that can be configured are described below: Parameter Description VLAN Name Click the radio button and enter the VLAN name of the multicast group. VID List Click the radio button and enter a VLAN list of the multicast group.
Page 105
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch MLD Snooping Counter This page displays the statistics counter for MLD protocol packets that are received by the switch since MLD Snooping is enabled. To view the following window, click L2 Features > L2 Multicast Control > MLD Snooping > MLD Snooping Counter, as show below: Figure 4-57 MLD Snooping Counter window The fields that can be configured are described below:...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Multicast VLAN In a switching environment, multiple VLANs may exist. Every time a multicast query passes through the Switch, the switch must forward separate different copies of the data to each VLAN on the system, which, in turn, increases data traffic and may clog up the traffic path.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Delete button to remove the corresponding entry. After clicking the Group List link, the following page will appear: Figure 4-60 Multicast Group Profile Multicast Address Settings window The fields that can be configured are described below: Parameter Description Multicast Address List...
Page 108
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Apply button to accept the changes made for each individual section. Click the Add button to add a new entry based on the information entered. Click the Profile List link to configure the IGMP Snooping Multicast VLAN Settings for the specific entry.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch After clicking the Profile List link, the following page will appear: Figure 4-63 IGMP Snooping Multicast VLAN Group List Settings window The fields that can be configured are described below: Parameter Description Profile Name Use the drop-down menu to select the IGMP Snooping Multicast VLAN Group Profile...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Group List link to configure the multicast address group list settings for the specific entry. Click the Edit button to re-configure the specific entry. Click the Delete button to remove the specific entry. After clicking the Group List link, the following page will appear:...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Add button to add a new entry based on the information entered. Click the Delete button to remove the specific entry. Click the Find button to locate a specific entry based on the information entered. Enter a page number and click the Go button to navigate to a specific page when multiple pages exist.
Page 112
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-68 IPv4 Multicast Profile Settings window The fields that can be configured are described below: Parameter Description Profile ID (1-24) Enter a Profile ID between 1 and 24. Profile Name Enter a name for the IP Multicast Profile.
Page 113
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-70 IPv6 Limited Multicast Range Settings window The fields that can be configured are described below: Parameter Description Ports / VID List Select the appropriate port(s) or VLAN IDs used for the configuration here. Access Assign access permissions to the ports selected.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Find button to locate a specific entry based on the information entered. Enter a page number and click the Go button to navigate to a specific page when multiple pages exist. Multicast Filtering Mode Users can configure the multicast filtering mode.
Page 115
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch RPL Owner – Node connected to RPL that blocks traffic on RPL during Idle state and unblocks during Protected state R-APS (Ring – Automatic Protection Switching) - Protocol messages defined in Y.1731 and G.8032 used to coordinate the protection actions over the ring through RAPS VLAN (R-APS Channel).
Page 116
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-74 ERPS Settings - Detail Information window Click on the Edit button to re-configure the specific entry. Click on the <<Back button to return to the ERPS settings page. After click the Edit button, the following window will appear: Figure 4-75 ERPS Settings - Edit Detail Information window The fields that can be configured or displayed are described below: Parameter...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Operational East Port Display the operational east port value. Admin RPL Port Specify the RPL port used. Options to choose from are West Port, East Port, and None. Operational RPL Port Display the operational RPL port value.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch LLDP Global Settings On this page the user can configure the LLDP global parameters. To view the following window, click L2 Features > LLDP > LLDP > LLDP Global Settings, as show below: Figure 4-77 LLDP Global Settings window The fields that can be configured are described below: Parameter...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-78 LLDP Port Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menu to select the ports used for this configuration. Notification Use the drop-down menu to enable or disable the status of the LLDP notification.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch To view the following window, click L2 Features > LLDP > LLDP > LLDP management Address List, as show below: Figure 4-79 LLDP Management Address List window The fields that can be configured are described below: Parameter Description IPv4 / IPv6...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-80 LLDP Basic TLVs Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the port range to use for this configuration. Port Description Use the drop-down menu to enable or disable the Port Description option.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-81 LLDP Dot1 TLVs Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menu to select the port range to use for this configuration. Dot1 TLV PVID Use the drop-down menu to enable or disable and configure the Dot1 TLV PVID option.
Page 123
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-82 LLDP Dot3 TLVs Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menu to select the port range to use for this configuration. MAC / PHY This TLV optional data type indicates that the LLDP agent should transmit the Configuration Status...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 4-83 LLDP Statistics System window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select a port. Click the Find button to locate a specific entry based on the information entered. LLDP Local Port Information The LLDP Local Port Information page displays the information on a per port basis currently available for populating outbound LLDP advertisements in the local port brief table shown below.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch After clicking the Show Normal button, the following page will appear: Figure 4-85 LLDP Local Port Information – Show Normal window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select a port.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Port Use the drop-down menu to select a port. Click the Find button to locate a specific entry based on the information entered. To view the normal LLDP Remote Port information page per port, click the Show Normal button. After clicking the Show Normal button, the following page will appear: Figure 4-88 LLDP Remote Port Information –...
Page 127
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Clear All button to remove all the entered information in the fields. Click the Edit button to update the information of the corresponding entry. Click the Delete button to delete the corresponding entry.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Chapter 5 L3 Features IPv4 Static/Default Route Settings IPv4 Route Table IPv6 Static/Default Route Settings IPv4 Static/Default Route Settings The Switch supports static default routing for IPv4 formatted addressing. Users can create a gateway for IPv4. Once the gateway has been set, the Switch will send an ARP request packet to the next hop router that has been set by the user.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 5-2 IPv4 Route Table window The fields that can be configured are described below: Parameter Description Network Address Click the radio button and enter the destination network address of the route to be displayed.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Chapter 6 802.1p Settings Bandwidth Control Traffic Control Settings DSCP Scheduling Settings The Switch supports 802.1p priority queuing Quality of Service. The following section discusses the implementation of QoS (Quality of Service) and benefits of using 802.1p priority queuing. Advantages of QoS QoS is an implementation of the IEEE 802.1p standard that allows network administrators a method of reserving bandwidth for important functions that require a large bandwidth or have a high priority, such as VoIP (voice-over...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Understanding QoS The Switch supports 802.1p priority queuing. The Switch has eight priority queues. These priority queues are numbered from 7 (Class 7) — the highest priority queue — to 0 (Class 0) — the lowest priority queue. The eight priority tags specified in IEEE 802.1p (p0 to p7) are mapped to the Switch’s priority queues as follows: •...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 6-2 Default Priority Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the starting and ending ports to use. Priority Use the drop-down menu to select a value from 0 to 7.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Apply button to accept the changes made. 802.1p Map Settings This window is used to the mapping of 802.1p to the packet’s initial color. To view the following window, click QoS > 802.1p Settings > 802.1p Map Settings, as show below: Figure 6-4 802.1p Map Settings window The fields that can be configured are described below: Parameter...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 6-5 Bandwidth Control Settings window The fields that can be configured or displayed are described below: Parameter Description From Port / To Port Use the drop-down menu to select the port range to use for this configuration. Type This drop-down menu allows a selection between RX (receive), TX (transmit), and Both.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch To view the following window, click QoS > Bandwidth Control > Queue Bandwidth Control Settings, as show below: Figure 6-6 Queue Bandwidth Control Settings window The fields that can be configured are described below: Parameter Description From Port / To Port...
Page 136
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch until the storm has subsided. This method can be utilized by selecting the Drop option of the Action parameter in the window below. The Switch will also scan and monitor packets coming into the Switch by monitoring the Switch’s chip counter. This method is only viable for Broadcast and Multicast storms because the chip only has counters for these two types of packets.
Page 137
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch the Packet Storm occurring. Once detected, the port will deny all incoming traffic to the port except STP BPDU packets, which are essential in keeping the Spanning Tree operational on the Switch. If the Count Down timer has expired and yet the Packet Storm continues, the port will be placed in Shutdown Forever mode and is no longer operational until the port recovers after 5 minutes automatically or the user manually resets the port using the Port Settings window (Configuration>...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch NOTE: Ports that are in Shutdown Forever mode will be seen as link down in all windows and screens until the user recovers these ports. NOTE: The minimum granularity of storm control on each port is 1pps. DSCP DSCP Trust Settings This page is to configure the DSCP trust state of ports.
Page 139
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The DSCP-to-DSCP mapping is used in the swap of DSCP of the packet when the packet is ingresses to the port. The remaining processing of the packet will base on the new DSCP. By default, the DSCP is mapped to the same DSCP.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 6-11 DSCP Map Settings - DSCP Color window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menu to select a range of port to configure. DSCP Map Use the drop-down menu to select one of two options: DSCP Priority –...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch QoS Scheduling This window allows the user to configure the way the Switch will map an incoming packet per port based on its 802.1p user priority, to one of the eight available hardware priority queues available on the Switch. To view this window, click QoS >...
Page 142
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 6-13 QoS Scheduling Mechanism The following parameters can be configured: Parameter Description From Port / To Port Enter the port or port list you wish to configure. Scheduling Mechanism Strict – The highest class of service is the first to process traffic. That is, the highest class of service will finish before other queues empty.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Chapter 7 ACL Configuration Wizard Access Profile List CPU Access Profile List ACL Finder ACL Flow Meter ACL Configuration Wizard The ACL Configuration Wizard will aid the user in the creation of access profiles and ACL Rules automatically by simply inputting the address or service type and the action needed.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch IPv4 Address – Selecting this option will allow the user to enter a range of IPv4 addresses for this rule. IPv6 – Selecting this option will allow the user to enter a range of IPv6 addresses for this rule.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Delete All button to remove all access profiles from this table. Click the Show Details button to display the information of the specific profile ID entry. Click the Add/View Rules button to view or add ACL rules within the specified profile ID. Click the Delete button to remove the specific entry.
Page 146
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch type of profile. Select Ethernet ACL to instruct the Switch to examine the layer 2 part of each packet header. Select IPv4 ACL to instruct the Switch to examine the IPv4 address in each frame's header.
Page 147
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 7-6 Add Access Rule window (Ethernet ACL) The fields that can be configured are described below: Parameter Description Access ID (1-256) Type in a unique identifier number for this access. This value can be set from 1 to 256.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch a packet to the value entered in the Priority field, which meets the criteria specified previously in this command, before forwarding it on to the specified CoS queue. Otherwise, a packet will have its incoming 802.1p user priority re-written to its original value before being forwarded by the Switch.
Page 149
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 7-8 Add ACL Profile window (IPv4 ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-4) Enter a unique identifier number for this profile set. This value can be set from 1 to Select ACL Type Select profile based on Ethernet (MAC Address), IPv4 address, IPv6 address, or packet content.
Page 150
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch the following guidelines: Select ICMP to instruct the Switch to examine the Internet Control Message Protocol (ICMP) field in each frame's header. Select Type to further specify that the access profile will apply an ICMP type value, or specify Code to further specify that the access profile will apply an ICMP code value.
Page 151
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch After clicking the Add/View Rules button, the following page will appear: Figure 7-10 Access Rule List window (IPv4 ACL) Click the Add Rule button to create a new ACL rule in this profile. Click the <<Back button to return to the previous page.
Page 152
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Source IP Address Select and enter the source IP address mask. Mask Destination IP Enter the destination IP address. Address Destination IP Select and enter the destination IP address mask. Address Mask DSCP Enter the DSCP value.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch by the Switch and will be filtered. Select Mirror to specify that packets that match the access profile are mirrored to a port defined in the config mirror port command. Port Mirroring must be enabled and a target port must be set.
Page 154
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 7-13 Add ACL Profile window (IPv6 ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-4) Enter a unique identifier number for this profile set. This value can be set from 1 to Select ACL Type Select profile based on Ethernet (MAC Address), IPv4 address, IPv6 address, or packet content.
Page 155
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Select ICMP to instruct the Switch to examine the Internet Control Message ICMP Protocol (ICMP) field in each frame's header. Select Type to further specify that the access profile will apply an ICMP type value, or specify Code to further specify that the access profile will apply an ICMP code value.
Page 156
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 7-16 Add Access Rule (IPv6 ACL) The fields that can be configured are described below: Parameter Description Access ID (1-256) Type in a unique identifier number for this access. This value can be set from 1 to 256.
Page 157
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch both the priority and DSCP are set to be modified. Replace ToS Specify that the IP precedence of the outgoing packet is changed with the new value. Precedence (0-7) If used without an action priority, the packet is sent to the default TC. Time Range Name Tick the check box and enter the name of the Time Range settings that has been previously configured in the Time Range Settings window.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch After clicking the Show Details button in the Access Rule List, the following page will appear: Figure 7-17 Access Rule Detail Information (IPv6 ACL) Click the Show All Rules button to navigate back to the Access Rule List. Adding a Packet Content ACL Profile The window shown below is the Add ACL Profile window for Packet Content: To use specific filtering masks in this ACL profile, click the packet filtering mask field to highlight it red.
Page 159
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Type content. This will change the window according to the requirements for the type of profile. Select Ethernet ACL to instruct the Switch to examine the layer 2 part of each packet header.
Page 160
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 7-20 Access Rule List (Packet Content ACL) Click the Add Rule button to create a new ACL rule in this profile. Click the <<Back button to return to the previous page. Click the Show Details button to view more information about the specific rule created.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch forwarded by the Switch and will be filtered. Select Mirror to specify that packets that match the access profile are mirrored to a port defined in the config mirror port command. Port Mirroring must be enabled and a target port must be set.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch feature for the CPU Filtering, the Switch allows the CPU filtering mechanism to be enabled or disabled globally, permitting the user to create various lists of rules without immediately enabling them. NOTE: CPU Interface Filtering is used to control traffic access to the switch directly such as protocols transition or management access.
Page 163
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch After clicking the Add CPU ACL Profile button, the following page will appear: Figure 7-24 Add CPU ACL Profile (Ethernet ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-5) Enter a unique identifier number for this profile set.
Page 164
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch After clicking the Show Details button, the following page will appear: Figure 7-25 CPU Access Profile Detail Information (Ethernet ACL) Click the Show All Profiles button to navigate back to the CPU ACL Profile List Page. After clicking the Add/View Rules button, the following page will appear: Figure 7-26 CPU Access Rule List (Ethernet ACL) Click the Add Rule button to create a new CPU ACL rule in this profile.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Parameter Description Access ID (1-100) Type in a unique identifier number for this access. This value can be set from 1 to 100. Auto Assign – Select this check box will instruct the Switch to automatically assign an Access ID for the rule being created.
Page 166
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 7-29 Add CPU ACL Profile (IPv4 ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-5) Enter a unique identifier number for this profile set. This value can be set from 1 to 5. Select ACL Type Select profile based on Ethernet (MAC Address), IPv4 address, IPv6 address, or packet content mask.
Page 167
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch specify Code to further specify that the access profile will apply an ICMP code value. Select IGMP to instruct the Switch to examine the Internet Group Management Protocol (IGMP) field in each frame's header. Select Type to further specify that the access profile will apply an IGMP type value.
Page 168
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Add Rule button to create a new CPU ACL rule in this profile. Click the <<Back button to return to the previous page. Click the Show Details button to view more information about the specific rule created. Click the Delete Rules button to remove the specific entry.
Page 169
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Select IGMP to instruct the Switch to examine the Internet Group Management Protocol (IGMP) field in each frame's header. Type – Enter the IGMP packet type value. Select TCP to use the TCP port number contained in an incoming packet as the forwarding criterion.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Adding a CPU IPv6 ACL Profile The window shown below is the Add CPU ACL Profile window for IPv6. To use specific filtering masks in this ACL profile, click the packet filtering mask field to highlight it red. This will add more filed to the mask. After clicking the Add CPU ACL Profile button, the following page will appear: Figure 7-34 Add CPU ACL Profile (IPv6 ACL) The fields that can be configured are described below:...
Page 171
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch IPv6 Source Mask The user may specify an IP address mask for the source IPv6 address by checking the corresponding box and entering the IP address mask. IPv6 Destination Mask The user may specify an IP address mask for the destination IPv6 address by checking the corresponding box and entering the IP address mask.
Page 172
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 7-37 Add CPU Access Rule (IPv6 ACL) The fields that can be configured are described below: Parameter Description Access ID (1-100) Enter a unique identifier number for this access. This value can be set from 1 to 100. Auto Assign –...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 7-38 CPU Access Rule Detail Information (IPv6 ACL) Click the Show All Rules button to navigate back to the CPU Access Rule List. Adding a CPU Packet Content ACL Profile The window shown below is the Add CPU ACL Profile window for Packet Content.
Page 174
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Select Ethernet to instruct the Switch to examine the layer 2 part of each packet header. Select IPv4 to instruct the Switch to examine the IPv4 address in each frame's header. Select IPv6 to instruct the Switch to examine the IPv6 address in each frame's header.
Page 175
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 7-42 Add CPU Access Rule (Packet Content ACL) The fields that can be configured are described below: Parameter Description Access ID (1-100) Type in a unique identifier number for this access. This value can be set from 1 to 100. Auto Assign –...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 7-43 CPU Access Rule Detail Information (Packet Content ACL) Click the Show All Rules button to navigate back to the CPU Access Rule List. ACL Finder The ACL rule finder helps you to identify any rules that have been assigned to a specific port and edit existing rules quickly.
Page 177
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch CBS – Committed Burst Size. Measured in bytes, the CBS is associated with the CIR and is used to identify packets that exceed the normal boundaries of packet size. The CBS should be configured to accept the biggest IP packet that is expected in the IP flow.
Page 178
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Profile Name Use the drop-down menu to select it and enter the Profile Name for the flow meter. Access ID (1-256) Here the user can enter the Access ID for the flow meter. Click the Find button to locate a specific entry based on the information entered.
Page 179
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch equal or less than PIR. PIR – Specify the Peak information Rate. The unit is Kbps. PIR should always be equal to or greater than CIR. CBS – Specify the Committed Burst Size. The unit is in kilobyte. PBS –...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Chapter 8 Security 802.1X RADIUS IP-MAC-Port Binding (IMPB) MAC-based Access Control (MAC) Compound Authentication Port Security ARP Spoofing Prevention Settings BPDU Attack Protection Traffic Segmentation Settings NetBIOS Filtering Settings DHCP Server Screening Access Authentication Control SSL Settings Trusted Host Settings...
Page 181
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Authentication Server The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator, must be running a RADIUS Server program and must be configured properly on the Authenticator (Switch).
Page 182
Figure 8-6 The 802.1X Authentication Process The D-Link implementation of 802.1X allows network administrators to choose between two types of Access Control used on the Switch, which are: • Port-Based Access Control – This method requires only one user to be authenticated per port by a remote RADIUS server to allow the remaining users on the same port access to the network.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Host-Based Network Access Control In order to successfully make use of 802.1X in a shared media LAN segment, it would be necessary to create “logical” Ports, one for each attached device that required access to the LAN. The Switch would regard the single physical Port connecting it to the shared media segment as consisting of a number of distinct logical Ports, each logical Port...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch 802.1X Port Settings Users can configure the 802.1X authenticator port settings. To view this window, click Security > 802.1X > 802.1X Port Settings as shown below: Figure 8-10 802.1X Port Settings The fields that can be configured are described below: Parameter Description...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch client. The default setting is 30 seconds. ReAuthPeriod (1-65535) A constant that defines a nonzero number of seconds between periodic re- authentication of the client. The default setting is 3600 seconds. ReAuthentication Determines whether regular re-authentication will take place on this port.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-11 802.1X User Settings window The fields that can be configured are described below: Parameter Description 802.1X User The user can enter an 802.1X user’s username in here. Password The user can enter an 802.1X user’s password in here. Confirm Password The user can re-enter an 802.1X user’s password in here.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch 2. A port cannot be a member of a Guest VLAN and a static VLAN simultaneously. 3. Once a client has been accepted into the target VLAN, it can no longer access the Guest VLAN. Remember, to set an 802.1X guest VLAN, the user must first configure a normal VLAN, which can be enabled here for guest VLAN status.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Authenticator Statistics This window is used to display the authenticator statistics information. To view this window, click Security > 802.1X > Authenticator Statistics as shown below: Figure 8-15 Authenticator Statistics window The fields that can be configured are described below: Parameter Description...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-16 Authenticator Session Statistics window The fields that can be configured are described below: Parameter Description Time Interval Use the drop-down menu to select the interval to update the statistics. Click the OK button to accept the changes made.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-17 Authenticator Diagnostics window The fields that can be configured are described below: Parameter Description Time Interval Use the drop-down menu to select the interval to update the statistics. Click the OK button to accept the changes made. NOTE: The user must first globally enable Authentication Mode in the 802.1X Global Settings window before initializing ports.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-19 Initialize Port(s) - MAC-based window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports to be configured. MAC Address Tick the check box and enter the authenticated MAC address of the client connected to the corresponding port.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch RADIUS Authentication RADIUS Server Settings The RADIUS feature of the Switch allows the user to facilitate centralized user administration as well as providing protection against a sniffing, active hacker. To view this window, click Security > RADIUS > Authentication RADIUS Server Settings as shown below: Figure 8-22 Authentication RADIUS Server Settings window The fields that can be configured are described below: Parameter...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-23 RADIUS Accounting Settings window The fields that can be configured are described below: Parameter Description Network When enabled, the Switch will send informational packets to a remote RADIUS server when 802.1X port access control events occur on the Switch.
Page 194
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-24 RAIUS Authentication window The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds. The default value is one second. The fields that can be displayed are described below: Parameter Description...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch this server. AccessResponses The number of malformed RADIUS Access-Response packets received from this server. Malformed packets include packets with an invalid length. Bad authenticators or Signature attributes or known types are not included as malformed access responses.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds. The default value is one second. The fields that can be configured are described below: Parameter Description ServerIndex...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch IMPB Global Settings Users can enable or disable the Trap/Log State and DHCP Snoop state on the Switch. The Trap/Log field will enable and disable the sending of trap/log messages for IP-MAC-port binding. When enabled, the Switch will send a trap message to the SNMP agent and the Switch log when an ARP packet is received that doesn’t match the IP- MAC-port binding configuration set on the Switch.
Page 198
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-27 IMPB Port Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports to set for IP-MAC-port binding. ARP Inspection When the ARP inspection function is enabled, the legal ARP packets are forwarded, while the illegal packets are dropped.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch IMPB Entry Settings This window is used to create static IP-MAC-binding port entries and view all IMPB entries on the Switch. To view this window, click Security > IP-MAC-Port Binding (IMPB) > IMPB Entry Settings as shown below: Figure 8-28 IMPB Entry Settings window The fields that can be configured are described below: Parameter...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Find button to find an unauthorized device that has been blocked by the IP-MAC binding restrictions Click the View All button to display all the existing entries. Click the Delete All button to remove all the entries listed. DHCP Snooping DHCP Snooping Maximum Entry Settings Users can configure the maximum DHCP snooping entry for ports on this page.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-31 DHCP Snooping Entry window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select the desired port. Ports Specify the ports for which to view DHCP snooping entries. Tick the All Ports check box to clear entries for all ports.
Page 202
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-32 MAC-based Access Control Settings window The fields that can be configured are described below: Parameter Description MAC-based Access Toggle to globally enable or disable the MAC-based access control function on the Control State Switch.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Member Ports Enter the list of ports that have been configured for the Guest VLAN. From Port / To Port Use the drop-down menus to select a range of ports to be configured for MAC-based access control.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-34 MAC-based Access Control Local Settings – Edit by Name window To change the selected MAC address’ VID value, the user can click the Edit by ID button. Figure 8-35 MAC-based Access Control Local Settings – Edit by ID window Click the Apply button to accept the changes made.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Compound Authentication Settings Users can configure Authorization Network State Settings and compound authentication methods for a port or ports on the Switch. To view this window, click Security > Compound Authentication > Compound Authentication Settings as shown below: Figure 8-37 Compound Authentication Settings window The fields that can be configured are described below:...
Page 206
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-38 Port Security Settings window The fields that can be configured are described below: Parameter Description Port Security Click to enable or disable Port Security Traps and Logs on the Switch. Trap/Log Settings System Maximum Enter the system maximum address.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-39 Port Security Port-VLAN Settings window The fields that can be configured are described below: Parameter Description VLAN Name Click the button and enter the name of the VLAN that the port security settings will be displayed for.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Port Security Entries Users can remove an entry from the port security entries learned by the Switch and entered into the forwarding database. To view this window, click Security > Port Security > Port Security Entries as shown below: Figure 8-41 Port Security Entries window The fields that can be configured or displayed are described below: Parameter...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The fields that can be configured are described below: Parameter Description Gateway IP Address Enter the gateway IP address to help prevent ARP Spoofing. Gateway MAC Address Enter the gateway MAC address to help prevent ARP Spoofing. Ports Enter the port numbers that this feature applies to.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-43 BPDU Attack Protection window The fields that can be configured are described below: Parameter Description BPDU Attack Click the radio buttons to enable or disable the BPDU Attack Protection state. Protection State Trap State Specify when a trap will be sent.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Loopback Detection port will restart (change to normal state) when the Loopback Detection Recover Time times out. The Loopback Detection function can be implemented on a range of ports at a time. The user may enable or disable this function using the drop-down menu.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch To view this window, click Security > Traffic Segmentation Settings as shown below: Figure 8-45 Traffic Segmentation Settings window The fields that can be configured are described below: Parameter Description Port List Enter a list of ports to be included in the traffic segmentation setup.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-46 NetBIOS Filtering Settings window The fields that can be configured are described below: Parameter Description NetBIOS Filtering Ports Select the appropriate port to include in the NetBIOS filtering configuration. Extensive NetBIOS Select the appropriate port to include in the Extensive NetBIOS filtering Filtering Ports...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-47 DHCP Server Screening Port Settings window The fields that can be configured are described below: Parameter Description DHCP Server Screening Click to enable or disable filtering DHCP server trap and log. Trap Log State Illegitimate Server Log Choose an illegal server log suppress duration of 1 minute, 5 minutes, or 30...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The fields that can be configured are described below: Parameter Description Server IP Address The IP address of the DHCP server to be permitted. Ports The port numbers of the filter DHCP server. Tick the All Ports check box to include all the ports on this switch for this configuration.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch returned, the Switch will then go to the next technique listed in the server group for authentication, until the authentication has been verified or denied, or the list is exhausted. Users granted access to the Switch will be granted normal user privileges on the Switch. To gain access to administrator level privileges, the user must access the Enable Admin window and then enter a password, which was previously configured by the administrator of the Switch.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Authentication Policy Settings Users can enable an administrator-defined authentication policy for users trying to access the Switch. When enabled, the device will check the Login Method List and choose a technique for user authentication upon login. To view this window, click Security >...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Login Method List Using the drop-down menu, configure an application for normal login on the user level, utilizing a previously configured method list. The user may use the default Method List or other Method List configured by the user.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-54 Authentication Server Group Settings – Edit Server Group window To add an Authentication Server Host to the list, enter its name in the Group Name field, IP address in the IP Address field, use the drop-down menu to choose the Protocol associated with the IP address of the Authentication Server Host, and then click Add to add this Authentication Server Host to the group.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Parameter Description IP Address The IP address of the remote server host to add. Protocol The protocol used by the server host. The user may choose one of the following: TACACS - Enter this parameter if the server host utilizes the TACACS protocol. XTACACS - Enter this parameter if the server host utilizes the XTACACS protocol.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The Switch contains one Method List that is set and cannot be removed, yet can be modified. To delete a Login Method List defined by the user, click the Delete button corresponding to the entry desired to be deleted. To modify a Login Method List, click on its corresponding Edit button.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-57 Enable method Lists Settings window To delete an Enable Method List defined by the user, click the Delete button corresponding to the entry desired to be deleted. To modify an Enable Method List, click on its corresponding Edit button. The fields that can be configured are described below: Parameter Description...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-58 Local Enable Password Settings window The fields that can be configured are described below: Parameter Description Old Local Enable If a password was previously configured for this entry, enter it here in order to change Password it to a new password New Local Enable...
Page 224
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The SSL Settings window located on the next page will allow the user to enable SSL on the Switch and implement any one or combination of listed cipher suites on the Switch. A cipher suite is a security string that determines the exact cryptographic parameters, specific encryption algorithms and key sizes to be used for an authentication session.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch RC4_128_MD5 with 128-bit keys and the MD5 Hash Algorithm. Use the radio buttons to enable or disable this cipher suite. This field is Enabled by default. RSA with 3DES EDE This cipher suite combines the RSA key exchange, CBC Block Cipher 3DES_EDE CBC SHA encryption and the SHA Hash Algorithm.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch After completing the preceding steps, a SSH Client on a remote PC can be configured to manage the Switch using a secure, in band connection. SSH Settings Users can configure and view settings for the SSH server. To view this window, click Security >...
Page 227
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-61 SSH Authentication Method and Algorithm Settings window The fields that can be configured for SSH Authentication Mode are described below: Parameter Description Password This may be enabled or disabled to choose if the administrator wishes to use a locally configured password for authentication on the Switch.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Apply button to accept the changes made. The fields that can be configured for the Data Integrity Algorithm are described below: Parameter Description HMAC-MD5 Use the check box to enable or disable the HMAC (Hash for Message Authentication Code) mechanism utilizing the MD5 Message Digest encryption algorithm.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Host Name Enter an alphanumeric string of no more than 32 characters to identify the remote SSH user. This parameter is only used in conjunction with the Host Based choice in the Auth.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Click the Edit button to re-configure the specific entry. Click the Delete button to remove an entry. Click the Delete All button to remove all the entries listed. Safeguard Engine Settings Periodically, malicious hosts on the network will attack the Switch by utilizing packet flooding (ARP Storm) or other methods.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-65 Safeguard Engine Settings window The fields that can be configured are described below: Parameter Description Safeguard Engine Use the radio button to globally enable or disable Safeguard Engine settings for the State Switch.
Page 232
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 8-66 DoS Attack Prevention Settings window The fields that can be configured are described below: Parameter Description Land Attack Tick to check whether the source address is equal to destination address of a received IP packet.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch IGMP Access Control Settings Users can set IGMP authentication, otherwise known as IGMP access control, on individual ports on the Switch. When the Authentication State is Enabled, and the Switch receives an IGMP join request, the Switch will send the access request to the RADIUS server to do the authentication.
Page 234
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Chapter 9 Network Application DHCP PPPoE Circuit ID Insertion Settings SMTP Settings SNTP Flash File System Settings DHCP DHCP Relay DHCP Relay Global Settings This window is used to enable and configure DHCP Relay Global Settings. The relay hops count limit allows the maximum number of hops (routers) that the DHCP messages can be relayed through to be set.
Page 236
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Enabled –When this field is toggled to Enabled, the relay agent will insert and remove DHCP relay information (option 82 field) in messages between DHCP servers and clients. When the relay agent receives the DHCP request, it adds the option 82 information, and the IP address of the relay agent (if the relay agent is configured), to the packet.
Page 237
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch servers. enable – Select this option to enable the DHCP Relay Option 61 state, in order to relay DHCP packets. disable - Select this option to disable the DHCP Relay Option 61 state. Click the Apply button to accept the changes made for each individual section.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch • MAC address: The Switch’s system MAC address. DHCP Relay Interface Settings This window is used to set up a server, by IP address, for relaying DHCP information to the Switch. The user may enter a previously configured IP interface on the Switch that will be connected directly to the DHCP server using this window.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch NOTE: When there is no matching server found for the packet based on option 60, the relay servers will be determined by the default relay server setting. DHCP Relay Option 60 Settings This option decides whether the DHCP Relay will process the DHCP option 60 or not To view this window, click Network Application >...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 9-7 DHCP Relay Option 61 Settings window The fields that can be configured are described below: Parameter Description DHCP Relay Option Here the user can select the DHCP Relay Option 61 default action. 61 Default Drop –...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Parameter Description DHCP Local Relay Enable or disable the DHCP Local Relay Global State. The default is Disabled. State DHCP Local Relay Enter a user-defined remote ID, or tick the Default check box to use the Switch’s Agent Information system MAC address as the remote ID.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Replace – Replace the existing option 82 field in the packet. Drop – Discard if the packet has option 82 field. Keep – Retain the existing option 82 field in the packet. Click the Apply button to accept the changes made.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 9-11 SMTP Settings window The fields that can be configured are described below: Parameter Description SMTP State Use the radio button to enable or disable the SMTP service on this device. SMTP Server Enter the IP address of the SMTP server on a remote device.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch To view this window, click Network Application > SNTP > SNTP Settings as shown below: Figure 9-12 SNTP Settings window The fields that can be configured are described below: Parameter Description SNTP State Use this radio button to enable or disable SNTP.
Page 245
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 9-13 Time Zone Settings window The fields that can be configured are described below: Parameter Description Daylight Saving Time Use this drop-down menu to enable or disable the DST Settings. State Daylight Saving Time Use this drop-down menu to specify the amount of time that will constitute your...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch To: Time In HH:MM Enter the time DST will end. Parameter Description DST Annual Settings Using annual mode will enable DST seasonal time adjustment. Annual mode requires that the DST beginning and ending date be specified concisely. For example, specify to begin DST on April 3 and end DST on October 14.
Page 247
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 9-15 Flash File System Setting – Search for Drive window Click the Previous button to return to the previous page. Click the Create Directory to create a new directory within the file system of the switch. Click the Copy button to copy a specific file to the switch.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Chapter 10 Ethernet OAM DULD Settings Cable Diagnostics CFM Settings This window is used to configure the CFM parameters. To view this window, click OAM > CFM > CFM Settings, as shown below: Figure 10-1 CFM Settings Window The fields that can be configured are described below: Parameter...
Page 249
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch address information. Click the Apply button to accept the changes made for each individual section. Click the Edit button to re-configure the specific entry. Click the Delete button to remove the specific entry. Click the Add MA button to add a maintenance association (MA).
Page 250
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 10-4 CFM MA Settings - Edit Window The fields that can be configured are described below: Parameter Description This is the control creation of MIPs. None - Don’t create MIPs. Auto - MIPs can always be created on any ports in this MA, if that port is not configured with a MEP of that MA.
Page 251
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 10-5 CFM MEP Settings Window The fields that can be configured are described below: Parameter Description MEP Name MEP name. It is unique among all MEPs configured on the device. MEP ID (1-8191) MEP MEPID.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 10-7 CFM MEP Information - Edit Window The fields that can be configured are described below: Parameter Description MEP State This is the MEP administrative state. Enable - MEP is enabled. Disable - MEP is disabled.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 10-8 CFM Port Settings Window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to be configuration. State Use the drop-down menu to enable or disable the state of specific port regarding the CFM configuration.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 10-10 CFM Loopback Settings Window The fields that can be configured are described below: Parameter Description MEP Name Select and enter the Maintenance End Point name used. MEP ID (1-8191) Select and enter the Maintenance End Point ID used.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 10-11 CFM Linktrace Settings Window The fields that can be configured are described below: Parameter Description MEP Name Select and enter the Maintenance End Point name used. MEP ID (1-8191) Select and enter the Maintenance End Point ID used.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 10-12 CFM Packet Counter Window The fields that can be configured are described below: Parameter Description Port List Enter a list of ports to be displayed. Tick the All Ports check box to display all ports. Type Transmit –...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch MD Index Select and enter the Maintenance Domain index used. MA Name Select and enter the Maintenance Association name used. MA Index Select and enter the Maintenance Association index used. Click the Find button to locate a specific entry based on the information entered. CFM MP Table To view this window, click OAM >...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 10-15 Ethernet OAM Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports you wish to configure. Mode Use the drop-down menu to select to operate in either Active or Passive.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 10-16 Ethernet OAM Configuration Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports you wish to configure. Link Event Use the drop-down menu to select the link events, Link Monitor or Critical Link Event.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 10-17 Ethernet OAM Event Log window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select the port number to view. Port List Enter a list of ports.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 10-18 Ethernet OAM Statistics window The fields that can be configured are described below: Parameter Description Port List Enter a list of ports. Tick the All Ports check box to select all ports. Click the Clear button to clear all the information entered in the fields.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 10-19 DULD Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports you wish to configure. Admin State Use the drop-down menu to enable or disable the selected ports unidirectional link detection status.
Page 263
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The fields that can be configured are described below: Parameter Description Port Select a port you wish to display. Click the Test button to view the cable diagnostics for a particular port. NOTE: Cable diagnostic function limitations.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Chapter 11 Monitoring Utilization Statistics Mirror Ping Test Trace Route Peripheral Utilization CPU Utilization Users can display the percentage of the CPU being used, expressed as an integer percentage and calculated as a simple average by time interval.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 11-2 DRAM & Flash Utilization window Port Utilization Users can display the percentage of the total available bandwidth being used on the port. To view this window, click Monitoring > Utilization > Port Utilization as shown below: Figure 11-3 Port Utilization window The fields that can be configured are described below: Parameter...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Port Statistics Packets The Web manager allows various packet statistics to be viewed as either a line graph or a table. Six windows are offered. Received (RX) To select a port to view these statistics for, select the port by using the Port drop-down menu. The user may also use the real-time graphic of the Switch at the top of the web page by simply clicking on a port.
Page 267
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 11-5 RX Packets Analysis Table window The fields that can be configured or displayed are described below: Parameter Description Port Use the drop-down menu to choose the port that will display statistics. Time Interval Select the desired setting between 1s and 60s, where "s"...
Page 268
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 11-6 UMB_cast (RX) window (for Unicast, Multicast, and Broadcast Packets) Click the View Table link to display the information in a table rather than a line graph. Figure 11-7 RX Packets Analysis window (table for Unicast, Multicast, and Broadcast Packets) The fields that can be configured or displayed are described below: Parameter Description...
Page 269
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Multicast Counts the total number of good packets that were received by a multicast address. Broadcast Counts the total number of good packets that were received by a broadcast address. Show/Hide Check whether or not to display Multicast, Broadcast, and Unicast Packets.
Page 270
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 11-9 TX Packets Analysis window (table for Bytes and Packets) The fields that can be configured or displayed are described below: Parameter Description Port Use the drop-down menu to choose the port that will display statistics. Time Interval Select the desired setting between 1s and 60s, where "s"...
Page 271
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 11-10 Received (RX) window (for errors) Click the View Table link to display the information in a table rather than a line graph. Figure 11-11 RX Error Analysis window (table) The fields that can be configured or displayed are described below: Parameter Description...
Page 272
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch of 64 bytes and have a good CRC. Undersize packets usually indicate collision fragments, a normal network occurrence. OverSize Counts valid packets received that were longer than 1518 octets and less than the MAX_PKT_LEN.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 11-13 TX Error Analysis window (table) The fields that can be configured or displayed are described below: Parameter Description Port Use the drop-down menu to choose the port that will display statistics. Time Interval Select the desired setting between 1s and 60s, where "s"...
Page 274
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 11-14 Packet Size window Click the View Table link to display the information in a table rather than a line graph. Figure 11-15 RX Size Analysis window (table) The fields that can be configured or displayed are described below: Parameter Description Port...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The total number of packets (including bad packets) received that were 64 octets in length (excluding framing bits but including FCS octets). 65-127 The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets).
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch RX (Ingress) Click the radio buttons to select whether the port should include incoming traffic. Both Click the radio buttons to select whether the port should include both incoming and outgoing traffic. None Click the radio buttons to select whether the port should not include any traffic.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch destination. If the packet fails to find the IP address in this specified time, the Ping packet will be dropped. Click the Start button to initiate the Ping Test. After clicking the Start button, the following page will appear: Figure 11-18 Ping Test Result window Click the Stop button to halt the Ping Test.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Port (30000-64900) The port number. The value range is from 30000 to 64900. Timeout (1-65535) Defines the timeout period while waiting for a response from the remote device. A value of 1 to 65535 seconds can be specified. The default is 5 seconds. Probe (1-9) The number of probing.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Chapter 12 Save and Tools Save Configuration / Log Download firmware Upload Firmware Download Configuration Upload Configuration Upload Log File Reset Reboot System Save Configuration / Log To view this window, click Save > Save Configuration / Log, as shown below. Save Configuration allows the user to backup the configuration of the Switch.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 12-4 Download Firmware – TFTP window The fields that can be configured are described below: Parameter Description TFTP Server IP Enter the TFTP server IP address used. IPv4 Click the radio button to enter the TFTP server IP address used. Source File Enter the file name for the TFTP server to download, e.g.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Download Firmware From HTTP This window is used to download firmware from a computer to the Switch and updates the switch. Figure 12-6 Download Firmware – HTTP window The fields that can be configured are described below: Parameter Description Destination File...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 12-8 Upload Firmware – FTP window The fields that can be configured are described below: Parameter Description FTP Server IP Enter the FTP Server IP Address used. User Name Enter the appropriate Username used. Password Enter the appropriate Password used.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Download Configuration From FTP This window is used to download the configuration file from a FTP Server to the Switch and updates the switch. Figure 12-10 Download Configuration – FTP window The fields that can be configured are described below: Parameter Description...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Upload Configuration The following window is used to upload the configuration file from the Switch. Upload Configuration To TFTP This window is used to upload the configuration file from the Switch to a TFTP Server. Figure 12-12 Upload Configuration –...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The fields that can be configured are described below: Parameter Description FTP Server IP Enter the FTP Server IP Address used. User Name Enter the appropriate Username used. Password Enter the appropriate Password used. TCP Port (1-65535) Enter the TCP Port number used.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch The fields that can be configured are described below: Parameter Description TFTP Server IP Enter the TFTP server IP address used. IPv4 Click the radio button to enter the TFTP server IP address used. Destination File Enter the file name that will be stored in the TFTP server, e.g.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 12-17 Upload Log – HTTP window The fields that can be configured are described below: Parameter Description Log Type Select the type of log to be transferred. Selecting the Common Log option here will upload the common log entries.
Page 288
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Figure 12-19 Reboot System Window Selecting the Yes radio button will instruct the Switch to save the current configuration to non-volatile RAM before restarting the Switch. Selecting the No radio button instructs the Switch not to save the current configuration before restarting the Switch. All of the configuration information entered from the last time Save was executed will be lost.
This document will explain how the Password Recovery feature can help network administrators reach this goal. The following steps explain how to use the Password Recovery feature on D-Link devices to easily recover passwords.
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Appendix B System Log Entries The following table lists all possible entries and their corresponding meanings that will appear in the System Log of this Switch. Category Event Description Log Information Severity system System started up...
Page 291
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Successful login through Successful login through Console (Username: Console Informational Console <username>) Login failed through Console (Username: Login failed through Console Warning <username>) Logout through Console Logout through Console (Username: <username>) Informational Console session timed out Console session timed out (Username: <username>)
Page 292
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Spanning Tree instance created Spannnig Tree instance created Informational (Instance:<InstanceID>) Spanning Tree instance deleted Spannnig Tree instance deleted Informational (Instance:<InstanceID>) Spanning Tree version changed (new Spanning Tree Version changed Informational version:<new_version>) Spanning Tree MST Spanning Tree MST configuration ID name and configuration ID name and...
Page 293
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch method <username>, ) Login failed through Telnet Login failed through Telnet from <userIP> authenticated by AAA local authenticated by AAA local method (Username: Warning method <username> ) Successful login through SSH Successful login through SSH from <userIP>...
Page 294
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch improper configuration <username>) Successful login through SSH from <userIP> Successful login through SSH authenticated by AAA server <serverIP> (Username: Informational authenticated by AAA server <username> ) Login failed through SSH Login failed through SSH from <userIP> authenticated Warning authenticated by AAA server by AAA server <serverIP>...
Page 295
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Enable Admin failed through Enable Admin failed through Console authenticated by Console authenticated by AAA Warning AAA server <serverIP> (Username: <username>) server Enable Admin failed through Enable Admin failed through Console due to AAA Console due to AAA server server timeout or improper configuration (Username: Warning...
Page 296
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch with static FDB <ipaddr>, MAC: <macaddr>, Port <portNum>) Dynamic IMPB entry conflicts Dynamic IMPB entry conflicts with static IMPB(IP: Warning with static IMPB <ipaddr>, MAC: <macaddr>, Port <portNum>) Creating IMPB entry failed due to no ACL rule being Creating IMPB entry failed due to available(IP:<ipaddr>, MAC: <macaddr>, Port Warning...
Page 297
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Level:<mdlevel>, Port <portNum>, Direction:<mepdirection>) Remote(MEPID:<mepid>, MAC:<macaddr>) CFM error ccm. MD Level:<mdlevel>, VLAN:<vlanid>, Error CFM CCM packet is Local(Port <portNum>, Direction:<mepdirection>) Warning detected Remote(MEPID:<mepid>, MAC:<macaddr>) CFM remote down. MD Level:<mdlevel>, Can not receive remote MEP's VLAN:<vlanid>, Local(Port <portNum>, Warning CCM packet...
Page 298
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Diagnostic Diagnostic: Burn in start Diagnostic: Burn in start at %S Informational Diagnostic: Burn in end Diagnostic: Burn in end at %S Informational Diagnostic: Burn in result Diagnostic: Burn in result is %S Informational A unidirectional link has been Port: <portNum>...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Appendix C Trap Log Entries This table lists the trap logs found on the Switch. Trap Name Variable Bind Format MIB Name coldStart None V1/v2 SNMPv2-MIB warmStart None V1/V2 SNMPv2-MIB linkDown ifIndex V1/V2 IF-MIB...
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch Appendix D RADIUS Attributes Assignment The RADIUS Attributes Assignment on the DES-3200 is used in the following modules: 802.1X (Port-based and Host-based), and MAC-based Access Control. The description that follows explains the following RADIUS Attributes Assignment types: ...
Page 303
xStack® DES-3200 Series Layer 2 Managed Fast Ethernet Switch to be used (in the case of a tunnel initiator) or the tunneling protocol in use (in the case of a tunnel terminatior). Tunnel-Medium-Type This attribute indicates the transport medium 6 (802) Required being used.