Page 1 Stackable Gigabit Layer 3 Switch Manual D-Link ™ xStack Release IV High Density Layer 3 Stackable Gigabit Switch Manual...
Page 2 Microsoft Corporation. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. D-Link Computer Corporation disclaims any proprietary interest in trademarks and trade names other than its own.
Page 3: Table Of Contents
xStack Stackable Gigabit Layer 3 Switch Manual Table of Contents Preface ..............................9 Intended Readers....................................10 Typographical Conventions ................................10 Notes, Notices, and Cautions................................10 Safety Instructions....................................11 Safety Cautions....................................11 General Precautions for Rack-Mountable Products..........................12 Protecting Against Electrostatic Discharge ............................13 Introduction............................14 Ethernet Technology.....................................14 Fast Ethernet .......................................14 Gigabit Ethernet Technology ................................14 Switching Technology ..................................15...
Page 4 xStack Stackable Gigabit Layer 3 Switch Manual Stacking In a Star Topology ................................35 Introduction to Switch Management....................36 Management Options....................................36 Web-based Management Interface..............................36 SNMP-Based Management .................................36 Command Line Console Interface through the Serial Port .........................36 Connecting the Console Port (RS-232 DCE) ..........................36 First Time Connecting to the Switch ..............................38 Password Protection....................................39 SNMP Settings ....................................40...
Page 5 xStack Stackable Gigabit Layer 3 Switch Manual Edge Port .......................................71 P2P Port ......................................71 802.1d / 802.1w / 802.1s Compatibility............................71 STP Bridge Global Settings ................................71 MST Configuration Table...................................74 MSTP Port Information ..................................76 STP Instance Settings..................................78 STP Port Settings ....................................81 Forwarding & Filtering ..................................83 Unicast Forwarding.....................................83 Static Multicast Forwarding................................84 VLANs ........................................85...
Page 6 xStack Stackable Gigabit Layer 3 Switch Manual Time Settings ....................................114 Time Zone and DST ..................................116 Access Profile Table ...................................118 Configuring the Access Profile Table ...............................118 System Severity Settings..................................136 Port Access Entity (802.1X)................................137 802.1x Port-Based and MAC-Based Access Control........................137 Authentication Server ..................................137 Authenticator....................................138 Client......................................139 Authentication Process................................140...
Page 7 xStack Stackable Gigabit Layer 3 Switch Manual DHCP / BOOTP Relay ..................................192 DHCP / BOOTP Relay Information............................192 DHCP/BOOTP Relay Interface Settings .............................192 DNS Relay ......................................193 Configuring DNS Relay Information ............................194 DNS Relay Static Settings ................................194 VRRP ........................................195 VRRP Global Settings .................................195 VRRP Virtual Router Settings ..............................196 VRRP Authentication Settings ..............................199 IP Multicast Routing Protocol................................200...
Page 8 xStack Stackable Gigabit Layer 3 Switch Manual SNMP User Table.....................................232 SNMP View Table....................................234 SNMP Group Table ..................................235 SNMP Community Table..................................237 SNMP Host Table.....................................238 SNMP Engine ID ....................................239 Monitoring ............................240 Port Utilization ....................................240 CPU Utilization ....................................241 Packets ........................................242 Received (RX)....................................242 UMB Cast (RX)....................................244 Transmitted (TX)....................................246 Errors ........................................248...
Page 9 FS Commands ....................................291 Format......................................291 Copy......................................292 Md/Mkdir.....................................292 Rd/Rmdir .....................................292 Dir........................................293 Rename ......................................293 Ping Test.......................................294 Save Changes.......................................294 Reset........................................295 Reboot System.....................................296 Logout........................................296 D-Link Single IP Management ......................297 Single IP Management (SIM) Overview............................297 SIM Using the Web Interface ................................298 Topology.......................................299 Tool Tips.......................................302 Right Click ......................................303...
Page 10 xStack Stackable Gigabit Layer 3 Switch Manual Group Icon....................................303 Commander Switch Icon ................................304 Member Switch Icon..................................305 Candidate Switch Icon .................................306 Menu Bar......................................307 Group......................................308 Device ......................................308 View ......................................308 Firmware Upgrade ....................................309 Configuration File Backup/Restore..............................309 Appendix A ............................310 Appendix B............................312 Cables and Connectors ................................312 Appendix C ............................
Page 11: Preface
xStack Stackable Gigabit Layer 3 Switch Manual Preface The xStack Manual is divided into sections that describe the system installation and operating instructions with examples. Section 1, Introduction - Describes the Switch and its features. Section 2, Installation- Helps you get started with the basic installation of the Switch and also describes the front panel, rear panel, side panels, and LED indicators of the Switch.
Page 12: Intended Readers
xStack Stackable Gigabit Layer 3 Switch Manual Intended Readers The xStack Manual contains information for setup and management of the Switch. This man ual is intended for network managers familiar with network management concepts and terminology. Typographical Conventions Convention Description In a command line, square brackets indicate an optional entry.
Page 13: Safety Instructions
xStack Stackable Gigabit Layer 3 Switch Manual Safety Instructions Use the following safety guidelines to ensure your own personal safety and to help protect your system from potential damage. Throughout this safety section, the caution icon ( ) is used to indicate cautions and precautions that you need to review and follow.
Page 14: General Precautions For Rack-Mountable Products
xStack Stackable Gigabit Layer 3 Switch Manual To help prevent electric shock, plug the system and peripheral power cables into properly grounded electrical outlets. These cables are equipped with three-prong plugs to help ensure proper grounding. Do not use adapter plugs or remove the grounding prong from a cable.
Page 15: Protecting Against Electrostatic Discharge
xStack Stackable Gigabit Layer 3 Switch Manual Do not overload the AC supply branch circuit that provides power to the rack. The total rack load should not exceed 80 percent of the branch circuit rating. Ensure that proper airflow is provided to components in the rack. Do not step on or stand on any component when servicing other components in a rack.
Page 16: Introduction
xStack Stackable Gigabit Layer 3 Switch Manual Section 1 Introduction Ethernet Technology Switch Description Features Ports Front-Panel Components Side Panel Description Rear Panel Description Gigabit Combo Ports Ethernet Technology Fast Ethernet Technology The following manual describes the installation, maintenance and configurations concerning members of the xStack family. These four switches, the DGS -3324SRi, DGS-3324SR, DXS-3326GSR and the DXS-3350SR are all very similar in configurations and basic hardware and consequentially, most of the information in this manual will be universal to the whole xStack family.
Page 17: Switching Technology
312 gigabit ports. Other switches of the xStack family may utilize these ports for stacking in a ring topology or in combination with the DGS-3324SRi master switch in a star topology.
Page 18: Features
xStack Stackable Gigabit Layer 3 Switch Manual Features IEEE 802.3z compliant IEEE 802.3x Flow Control in full-duplex compliant IEEE 802.3u compliant IEEE 802.3ab compliant IEEE 802.3ae compliant (for optional XFP module) IEEE 802.1p Priority Queues IEEE 802.3ad Link Aggregation Control Protocol support. IEEE 802.1x Port-based and MAC-based Access Control IEEE 802.1Q VLAN IEEE 802.1D Spanning Tree, IEEE 802.1W Rapid Spanning Tree and IEEE 802.1s Multiple Spanning Tree...
Page 19: Ports
One open slot to add slot a 2-port 10-gigabit a 2-port 10-gigabit Uplink Module Uplink Module NOTE: For customers interested in D-View, D-Link Corporation's proprietary SNMP management soft ware, go to the D-Link Website (www.dlink.com.cn) and download the software and manual.
Page 20: Installing The Sfp Ports
Link/Act for each port on the Switch. The front panel may also include a seven-segment LED (not supported for the DGS- 3324SRi) indicating the Stack ID number, as well as gigabit Ethernet ports and SFP ports. DGS-3324SRi Figure 1- 2. Front Panel View of the DGS-3324SRi as shipped DGS-3324SR Figure 1- 3. Front Panel View of the DGS-3324SR as shipped DXS-3326GSR Figure 1- 4.
Page 21: Led Indicators
Stacking Ports There are six LEDs in the front of the DGS-3324SRi marked SIO 1-6, and they relate to the (SIO) six 10-gigabit stacking ports at the rear of the Switch. For the DGS-3324SR, DXS -3326GSR and the DXS -3350SR, there are only two stacking ports and therefore only two SIO LEDs, marked 1 and 2.
Page 22: Rear Panel Description
Rear Panel Description DGS-3324SRi The rear panel of the DGS-3324SRi contains an AC power connector, six 10-gigabit stacking ports, a redundant power supply connector and an available slot to insert the CompactFlash card (storage media accessory). Figure 1- 7. Rear panel view of DGS-3324SRi...
Page 23: Side Panel Description
Stackable Gigabit Layer 3 Switch Manual Side Panel Description DGS-3324SRi & DGS-3324SR The right-hand side panel of the Switch contains two system fans, while the left hand panel includes a heat vent. The system fans are used to dissipate heat. The sides of the system also provide heat vents to serve the same purpose. Do not block these openings, and leave at least 6 inches of space at the rear and sides of the Switch for proper ventilation.
Page 24: Installation
One Generic QIG Registration card & China Warranty Card (for China only) If any item is found missing or damaged, please contact your local D-Link Reseller for replacement. Before You Connect to the Network The site where you install the Switch may greatly affect its performance. Please follow these guidelines for setting up the Switch.
Page 25: Installing The Switch Without The Rack
xStack Stackable Gigabit Layer 3 Switch Manual When installing the Switch on a level surface, attach the rubber feet to the bottom of the device. The rubber feet cushion the Switch, protect the casing from scratches and prevent it from scratching other surfaces. Installing the Switch without the Rack When installing the Switch on a desktop or shelf, the rubber feet included with the Switch should first be attached.
Page 26: Mounting The Switch In A Standard 19" Rack
xStack Stackable Gigabit Layer 3 Switch Manual Mounting the Switch in a Standard 19" Rack Figure 2- 3. Installing Switch in a rack Power On Plug one end of the AC power cord into the power connector of the Switch and the other end into the local power source outlet.
Page 27 xStack Stackable Gigabit Layer 3 Switch Manual Optional Module Slot Figure 2- 4. Optional Module slot at the rear of the DXS-3350SR Optional Module Slot Figure 2- 5. Optional Module slot at the rear of the DXS-3326GSR After removing the faceplate, remove the DEM -420X optional module from its box. The front panel should resemble the drawing represented in the following figure.
Page 28: The Media Accessory
The Media Accessory At the rear of the DGS-3324SRi is an open slot for a CompactFlash card. This 32MB PCMCIA flash card provides high capacity solid-state flash memory for storing information for and from the Switch, such as firmware, configuration files and even save log information kept on the Switch.
Page 29 Stackable Gigabit Layer 3 Switch Manual Figure 2- 11. The DGS-3324SRi with the DPS-900 chassis RPS NOTE: See the DPS-500 documentation for more information. CAUTION: Do not use the Switch with any redundant power system other than the DPS-500.
Page 30: Connecting The Switch
xStack Stackable Gigabit Layer 3 Switch Manual Section 3 Connecting the Switch Switch To End Node Switch to Hub or Switch Connecting To Network Backbone or Server Stacking and the xStack Family of Switches NOTE: All high-performance N-Way Ethernet ports can support both MDI- II and MDI-X connections.
Page 31: Connecting To Network Backbone Or Server
xStack Stackable Gigabit Layer 3 Switch Manual Figure 3- 2. Switch connected to a port on a hub or switch using a straight or crossover cable Figure 3- 3. Switch connected to switch using fiber-optic cabling Connecting To Network Backbone or Server The combo SFP ports and the 1000BASE-T ports are ideal for uplinking to a network backbone, server or server farm.
Page 32: Stacking And The Xstack
The DGS-3324SR, DXS-3326GSR and the DXS-3350SR are equipped with two 10-gigabit stacking ports at the rear of the device, as seen below. The DGS-3324SRi has six 10-gigabit stacking ports at the rear of the Switch, also shown below. These stacking ports may be used to stack to a master switch to be used in a switch stack.
Page 33 The seven-segment LED Stack ID to the left of the SIO LEDs (not supported for the DGS-3324SRi) on the front of the Switch will display the Stack ID number of the Switch in a switch stack.
Page 34 Gigabit stacking ports of the slave switch will be in use. This port will be connected to the master switch of the switch stack (DGS-3324SRi) and will act as a slave switch of the stack. The administrator may use either of the two available stacking ports to achieve this architecture.
Page 35: Stacking Limitations Utilizing A Ring Or Star Topology
There is an additional limitation in that a maximum of 12 Switch boxes can be included in a given switch stack, using a ring topology. The DGS-3324SRi cannot be used in a ring topology. For the Star topology, the maximum number of...
Page 36 xStack Stackable Gigabit Layer 3 Switch Manual Adding a different switch type to an existing stack In this example, there are three different switch types, each with different token costs. There is one DGS-3324SR (Token Cost = 2), two DXS-3350SR (Token Cost = 4), and three DXS-3326GSR (Token Cost = 2). In this case the total Token Cost would be: (1 * 2) + (2 * 4) + (3 * 2) = 16 If you then wanted to add the maximum number of DGS-3324SR Switches (Token Cost = 2) to this stack:...
Page 37: Stacking In A Star Topology
Stackable Gigabit Layer 3 Switch Manual Stacking In a Star Topology In this case, the DGS-3324SRi is the Master Switch in a star topology and up to six slave switches can be stacked with Master Stackable Switch. Check the following examples as a reference guide.
Page 38: Introduction To Switch Management
xStack Stackable Gigabit Layer 3 Switch Manual Section 4 Introduction to Switch Management Management Options Web-based Management Interface SNMP-Based Management Managing User Accounts Command Line Console Interface through the Serial Port Connecting the Console Port (RS-232 DCE) First Time Connecting to the Switch Password Protection SNMP Settings IP Address Assignment...
Page 39 xStack Stackable Gigabit Layer 3 Switch Manual To connect a terminal to the console port: Connect the female connector of the RS-232 cable directly to the console port on the Switch, and tighten the captive retaining screws. Connect the other end of the cable to a terminal or to the serial connector of a computer running terminal emulation software.
Page 40: First Time Connecting To The Switch
xStack Stackable Gigabit Layer 3 Switch Manual Figure 4- 1. Initial screen after first connection. First Time Connecting to the Switch The Switch supports user-based security that can allow you to prevent unauthorized users from accessing the Switch or changing its settings. This section tells how to log onto the Switch. NOTE: The passwords used to access the Switch are case-sensitive;...
Page 41: Password Protection
xStack Stackable Gigabit Layer 3 Switch Manual Figure 4- 2. Initial screen, first time connecting to the Switch Press Enter in both the Username and Password fields. You will be given access to the command prompt DGS -3324SRi:4#, DGS-3324SR:4#, DXS-3326GSR:4# or DXS-3350SR:4# as shown below: There is no initial username or password.
Page 42: Snmp Settings
NOTE: Passwords are case sensitive. User names and passwords can be up to 15 characters in length. The sample below illustrates a successful creation of a new administrator-level account with the user name "newmanager". DGS-3324SRi:4#create account admin newmanager Command: create account admin newmanager Enter a case -sensitive new password:******** Enter the new password again for confirmation:******** Success.
Page 43: Traps
xStack Stackable Gigabit Layer 3 Switch Manual In SNMP v.1 and v.2, user authentication is accomplished using 'community strings', which function like passwords. The remote user SNMP application and the Switch SNMP must use the same community string. SNMP packets from any station that has not been authenticated are ignored (dropped).
Page 44 xStack Stackable Gigabit Layer 3 Switch Manual Figure 4- 4. “show switch” command The Switch's MAC address can also be found from the Web management program on the Switch Information (Basic Settings) window on the Configuration menu. The IP address for the Switch must be set before it can be managed with the Web-based manager. The Switch IP address can be automatically set using BOOTP or DHCP protocols, in which case the actual address assigned to the Switch must be known.
Page 45: Connecting Devices To The Switch
xStack Stackable Gigabit Layer 3 Switch Manual In the above example, the Switch was assigned an IP address of 10.53.13.144 with a subnet mask of 255.0.0.0. The system message Success indicates that the command was executed successfully. The Switch can now be configured and managed via Telnet and the CLI or via the Web-based management.
Page 46: Introduction To Web-Based Switch Configuration
xStack Stackable Gigabit Layer 3 Switch Manual Section 5 Introduction to Web-based Switch Configuration Introduction Logging on to the Web Manager Web-Based User Interface Basic Setup Reboot Basic Switch Setup Network Management Switch Utilities Network Monitoring IGMP Snooping Status Introduction All software functions of the xStack family of switches can be managed, configured and monitored via the embedded web- based (HTML) interface.
Page 47: Web-Based User Interface
xStack Stackable Gigabit Layer 3 Switch Manual Figure 5- 2. Enter Network Password window Leave both the User Name field and the Password field blank and click OK. This will open the Web-based user interface. The Switch management features available in the web-based manager are explained below. Web-based User Interface The user interface provides access to various Switch configuration and management screens, allows you to view performance statistics, and permits you to graphically monitor the system status.
Page 48 Select the menu or window to be displayed. The folder icons can be opened to display the hyperlinked menu buttons and subfolders contained within them. Click the D-Link logo to go to the D-Link website. Area 2 Presents a graphical near real-time image of the front panel of the Switch. This area...
Page 49: Web Pages
xStack Stackable Gigabit Layer 3 Switch Manual mode, or flow control, depending on the specified mode. Various areas of the graphic can be selected for performing management functions, including port configuration. Area 3 Presents switch information based on your selection and the entry of configuration data.
Page 50: Configuring The Switch
xStack Stackable Gigabit Layer 3 Switch Manual Section 6 Configuring the Switch Switch Information IP Address Box Information Advanced Settings Port Configuration Port Description Port Mirroring Link Aggregation LACP Port Settings MAC Notification IGMP Snooping Spanning Tree Forward & Filtering VLANs Traffic Control Port Security...
Page 51 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 1. Switch Information - Basic Settings...
Page 52: Ip Address
xStack Stackable Gigabit Layer 3 Switch Manual The Switch Information window shows the Switch's MAC Address (assigned by the factory and unchangeable), the Boot PROM, Firmware Version, and Hardware Version. This information is helpful to keep track of PROM and firmware updates and to obtain the Switch's MAC address for entry into another network device's address table, if necessary.
Page 53 xStack Stackable Gigabit Layer 3 Switch Manual The IP Address Settings options are: Parameter Description BOOTP The Switch will send out a BOOTP broadcast request when it is powered up. The BOOTP protocol allows IP addresses, network masks, and default gateways to be assigned by a central BOOTP server.
Page 54: Setting The Switch's Ip Address Using The Console Interface
xStack Stackable Gigabit Layer 3 Switch Manual Setting the Switch's IP Address using the Console Interface Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch's default IP address is 10.90.90.90. You can change the default Switch IP address to meet the specification of your networking address scheme.
Page 55: Advanced Settings
xStack Stackable Gigabit Layer 3 Switch Manual Advanced Settings The Advanced Settings window contains the main settings for all major functions for the Switch. To view the Advanced Settings window, click its link in the Configuration folder. This will enable the following window to be viewed and configured.
Page 56 xStack Stackable Gigabit Layer 3 Switch Manual IGMP Snooping To enable system-wide IGMP Snooping capability select Enabled. IGMP snooping is Disabled by default. Enabling IGMP snooping allows you to specify use of a multicast router only (see below). To configure IGMP Snooping for individual VLANs, use the IGMP Snooping page under the IGMP folder.
Page 57: Box Information
Information configured in this screen may be found in the Monitoring folder under Stack Information. NOTE: Configured box priority settings will not be implemented until the next power cycle of the stack. NOTE: In a star topology, the DGS-3324SRi will be the master switch of the stack, regardless of priority settings implemented.
Page 58: Port Configurations
xStack Stackable Gigabit Layer 3 Switch Manual Port Configurations This section contains information for configuring various attributes and properties for individual physical ports, including port speed and address learning. Clicking on Port Configurations in the Configuration menu will display the following window for the user: Figure 6- 5.
Page 59 xStack Stackable Gigabit Layer 3 Switch Manual Speed/Duplex <Auto> Toggle the Speed/Duplex field to either select the speed and duplex/half-duplex state of the port. Auto denotes auto-negotiation between 10 and 100 Mbps devices, in full- or half-duplex. The Auto setting allows the port to a utomatically determine the fastest settings the device the port is connected to can handle, and then to use those settings.
Page 60: Port Description
xStack Stackable Gigabit Layer 3 Switch Manual Port Description The xStack family of switches supports a port description feature where the user may name various ports on the Switch. To assign names to various ports, click the Port Description on the Configuration menu: Figure 6- 6.
Page 61: Port Mirroring
xStack Stackable Gigabit Layer 3 Switch Manual Port Mirroring The Switch allows you to copy frames transmitted and received on a port and redirect the copies to another port. You can attach a monitoring device to the mirrored port, such as a sniffer or an RMON probe, to view details about the packets passing through the first port.
Page 62: Link Aggregation
xStack Stackable Gigabit Layer 3 Switch Manual Link Aggregation Understanding Port Trunk Groups Port trunk groups are used to combine a number of ports together to make a single high-bandwidth data pipeline. The xStack family of switches supports up to 32 port trunk groups with 2 to 8 ports in each group. A potential bit rate of 8000 Mbps can be achieved.
Page 63 xStack Stackable Gigabit Layer 3 Switch Manual The Spanning Tree Protocol will treat a link aggregation group as a single link, on the switch level. On the port level, the STP will use the port parameters of the Master Port in the calculation of port cost and in determining the state of the link aggregation group.
Page 64 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 11. Link Aggregation Group Configuration window - Modify The user-changeable parameters are as follows: Parameter Description Group ID Select an ID number for the group, between 1 and 32. Type This pull-down menu allows you to select between Static and LACP (Link Aggregation Control Protocol).
Page 65: Lacp Port Setting
xStack Stackable Gigabit Layer 3 Switch Manual LACP Port Setting The LACP Port Settings window is used in conjunction with the Link Aggregation window to cre ate port trunking groups on the Switch. Using the following window, the user may set which ports will be active and passive in processing and sending LACP control frames.
Page 66: Mac Notification
xStack Stackable Gigabit Layer 3 Switch Manual From/To A consecutive group of ports may be configured starting with the selected port. Mode Active - Active LACP ports are capable of processing and sending LACP control frames. This allows LACP compliant devices to negotiate the aggregated link so the group may be changed dynamically as needs require.
Page 67: Mac Notification Port Settings
xStack Stackable Gigabit Layer 3 Switch Manual MAC Notification Port Settings To change MAC notification settings for a port or group of ports on the Switch, click Port Settings in the MAC Notification folder, which will display the following screen: Figure 6- 14.
Page 68: Igmp Snooping
xStack Stackable Gigabit Layer 3 Switch Manual Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. From… To Select a port or group of ports to enable for MAC notification using the pull-down menus.
Page 69 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 16. IGMP Snooping Settings-Edit window The following parameters may be viewed or modified: Parameter Description VLAN ID This is the VLAN ID that, along with the VLAN Name, identifies the VLAN for whichto modify the IGMP Snooping Settings.
Page 70: Static Router Ports
xStack Stackable Gigabit Layer 3 Switch Manual Router Timeout This is the maximum amount of time in seconds a route is kept in the forwarding table without receiving a membership report. Default = 260. Leave Timer This specifies the maximum amount of time in seconds between the Switch receiving a leave group message from a host, and the Switch issuing a group membership query.
Page 71: Spanning Tree
xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 17. Static Router Ports Settings window The Static Router Ports Settings page (shown above) displays all of the current entries to the Switch's static router port table. To modify an entry, click the Modify button. This will open the Static Router Ports Settings - Edit page, as shown below.
Page 72: 802.1S Mstp
xStack Stackable Gigabit Layer 3 Switch Manual 802.1s MSTP Multiple Spanning Tree Protocol, or MSTP, is a standard defined by the IEEE community that allows multiple VLANs to be mapped to a single spanning tree instance, which will provide multiple pathways across the network. Therefore, these MSTP configurations will balance the traffic load, preventing wide scale disruptions when a single spanning tree instance fails.
Page 73: Edge Port
xStack Stackable Gigabit Layer 3 Switch Manual 802.1d MSTP 802.1w RSTP 802.1d STP Forwarding Learning Discarding Discarding Disabled Discarding Discarding Blocking Discarding Discarding Listening Learning Learning Learning Forwarding Forwarding Forwarding Table 6- 1. Comparing Port States RSTP is capable of a more rapid transition to a forwarding state - it no longer relies on timer config urations - RSTP compliant bridges are sensitive to feedback from other RSTP compliant bridge links.
Page 74 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 19. STP Bridge Global Settings – STP compatible Figure 6- 20. STP Bridge Global Settings - RSTP (default) Figure 6- 21. STP Bridge Global Settings - MSTP The following parameters can be set:...
Page 75 xStack Stackable Gigabit Layer 3 Switch Manual Parameter Description STP Status Use the pull-down menu to enable or disable STP globally on the Switch. The default is Disabled. STP Version Use the pull-down menu to choose the desired version of STP to be implemented on the Switch.
Page 76: Mst Configuration Table
xStack Stackable Gigabit Layer 3 Switch Manual MST Configuration Table The following screens in the MST Configuration Table window allow the user to configure a MSTI instance on the Switch. These settings will uniquely identify a multiple spanning tree instance set on the Switch. The Switch initially possesses one CIST or Common Internal Spanning Tree of which the user may modify the parameters for but cannot change the MSTI ID for, and cannot be deleted.
Page 77 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 23. Instance ID Settings window- Add The user may configure the following parameters to create a MSTI in the Switch. Parameter Description MSTI ID Enter a number between 1 and 15 to set a new MSTI on the Switch. Type Create is selected to create a new MSTI.
Page 78: Mstp Port Information
xStack Stackable Gigabit Layer 3 Switch Manual Click Apply to implement changes made. To configure the parameters for a previously set MSTI, click on its hyperlinked MSTI ID number, which will reveal the following screen for configuration. Figure 6- 25. Instance ID Settings window - Modify The user may configure the following parameters for a MSTI on the Switch.
Page 79 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 26. MSTP Port Information window To view the MSTI settings for a particular port, select the Port number, located in the top left hand corner of the screen and click Apply. To modify the settings for a particular MSTI Instance, click on its hyperlinked MSTI ID, which will reveal the following window.
Page 80: Stp Instance Settings
xStack Stackable Gigabit Layer 3 Switch Manual STP Instance Settings The following window displays MSTIs currently set on the Switch. To view the following table, click Configuration > Spanning Tree > STP Instance Settings: Figure 6- 28. STP Instance Settings The following information is displayed: Parameter Description...
Page 81 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 30. STP Instance Operational Status – Previously Configured MSTI The following parameters may be viewed in the STP Instance Operational Status windows: Parameter Description Designated Root This field will show the priority and MAC address of the Root Bridge. Bridge External Root Cost This defines a metric that indicates the relative cost of forwarding packets to the...
Page 82 xStack Stackable Gigabit Layer 3 Switch Manual Switch has spanning tree configuration values consistent with other devices on the bridged LAN. If the value ages out and a BPDU has still not been received from the Root Bridge, the Switch will start sending its own BPDU to all other switches for permission to become the Root Bridge.
Page 83: Stp Port Settings
xStack Stackable Gigabit Layer 3 Switch Manual STP Port Settings STP can be set up on a port per port basis. To view the following window click Configuration > Spanning Tree > STP Port Settings: Figure 6- 31. STP Port Settings and Table window...
Page 84 xStack Stackable Gigabit Layer 3 Switch Manual In addition to setting Spanning Tree parameters for use on the switch level, the Switch allows for the configuration of groups of ports, each port-group of which will have its own spanning tree, and will require some of its own configuration settings.
Page 85: Forwarding & Filtering
xStack Stackable Gigabit Layer 3 Switch Manual (for example if the port is forced to half-duplex operation) the p2p status changes to operate as if the p2p value were False. The default setting for this parameter is True. State This drop-down menu allows you to enable or disable STP for the selected group of ports.
Page 86: Static Multicast Forwarding
xStack Stackable Gigabit Layer 3 Switch Manual Static Multicast Forwarding The following figure and table describe how to set up Multicast Forwarding on the Switch. Open the Forwarding & Filtering folder in the Configuration menu, and click on the Multicast Forwarding link to see the entry screen below: Figure 6- 33.
Page 87: Vlans
xStack Stackable Gigabit Layer 3 Switch Manual Click Apply to implement the changes made. To delete an entry in the Static Multicast Forwarding Table, click the corresponding under the Delete heading. Click the Show All Multicast Forwarding Entries link to return to the Static Multicast Forwarding Settings window.
Page 88: Ieee 802.1Q Vlans
xStack Stackable Gigabit Layer 3 Switch Manual The "default" VLAN has a VID = 1. The member ports of Port-based VLANs may overlap, if desired. IEEE 802.1Q VLANs Some relevant terms: Tagging - The act of putting 802.1Q VLAN information into the header of a packet. Untagging - The act of stripping 802.1Q VLAN information out of the packet header.
Page 89: 802.1Q Vlan Tags
xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 35. IEEE 802.1Q Packet Forwarding 802.1Q VLAN Tags The figure below shows the 802.1Q VLAN tag. There are four additional octets inserted after the source MAC address. Their presence is indicated by a value of 0x8100 in the EtherType field. When a packet's EtherType field is equal to 0x8100, the packet carries the IEEE 802.1Q/802.1p tag.
Page 90: Port Vlan Id
xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 36. IEEE 802.1Q Tag The EtherType and VLAN ID are inserted after the MAC source address, but before the original EtherType/Length or Logical Link Control. Because the packet is now a bit longer than it was originally, the Cyclic Redundancy Check (CRC) must be recalculated.
Page 91: Tagging And Untagging
xStack Stackable Gigabit Layer 3 Switch Manual Within the Switch, different PVIDs mean different VLANs (remember that two VLANs cannot communicate without an external router). So, VLAN identification based upon the PVIDs cannot create VLANs that extend outside a given switch (or switch stack).
Page 92: Port-Based Vlans
xStack Stackable Gigabit Layer 3 Switch Manual NOTE: If no VLANs are configured on the Switch, then all packets will be forwarded to any destination port. Packets with unknown source addresses will be flooded to all ports. Broadcast and multicast packets will also be flooded to all ports.
Page 93: Protocol Vlans
xStack Stackable Gigabit Layer 3 Switch Manual Protocol VLANs The xStack family of switches incorporates the idea of protocol-based VLANs. This standard, defined by the IEEE 802.1v standard maps packets to protocol-defined VLANs by examining the type octet within the packet header to discover the type of protocol associated with it.
Page 94: Static Vlan Entry
xStack Stackable Gigabit Layer 3 Switch Manual Static VLAN Entry In the Configuration folder, open the VLAN folder and click the Static VLAN Entry link to open the following window: Figure 6- 38. Current 802.1Q Static VLANs Entries window The 802.1Q Static VLANs menu lists all previously configured VLANs by VLAN ID and VLAN Name. To delete an existing 802.1Q VLAN, click the corresponding button under the Delete heading.
Page 95 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 40. 802.1Q Static VLANs Entry Settings - Modify The following fields can then be set in either the Add or Modify 802.1Q Static VLANs menus: Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. VID (VLAN ID) Allows the entry of a VLAN ID in the Add dialog box, or displays the VLAN ID of an existing VLAN in the Modify dialog box.
Page 96 xStack Stackable Gigabit Layer 3 Switch Manual ip – Using this parameter will instruct the Switch to forward packets to this VLAN if the tag in the packet header is concurrent with this protocol. This packet header information is based on the Ethernet protocol. rarp - Using this parameter will instruct the Switch to forward packets to this VLAN if the tag in the packet header is concurrent with this protocol.
Page 97: Gvrp Settings
xStack Stackable Gigabit Layer 3 Switch Manual entry, in the hexadecimal form (ffff) to define the packet identification. (The user only need enter the final four integers of the hexadecimal format to define the packet ID – {hex 0x0 0xffff}) This field is only operable if userDefined is selected in the Protocol ID field.
Page 98 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 41. GVRP Settings and GVRP Table window The following fields can be set: Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. From/To These two fields allow you to specify the range of ports that will be included in the Port-based VLAN that you are creating using the GVRP Settings page.
Page 99 xStack Stackable Gigabit Layer 3 Switch Manual Ingress Check This field can be toggled using the space bar between Enabled and Disabled. Enabled enables the port to compare the VID tag of an incoming packet with the PVID number assigned to the port. If the two are different, the port filters (drops) the packet.
Page 100: Traffic Control
xStack Stackable Gigabit Layer 3 Switch Manual Traffic Control Use the Traffic Control menu to enable or disable storm control and adjust the threshold for multicast and broadcast storms, as well as DLF (Destination Look Up Failure). Traffic control settings are applied to individual Switch modules. To view the following window, click Configuration >...
Page 101 xStack Stackable Gigabit Layer 3 Switch Manual every second. If the broadcast, multicast or unknown unicast storm control is enabled, the port will discard all broadcast, multicast or unknown unicast packets received when the counter exceeds or equals the Threshold specified. The Threshold value is the upper threshold at which the specified traffic control is switched on.
Page 102: Port Security
xStack Stackable Gigabit Layer 3 Switch Manual Port Security A given ports’ (or a range of ports') dynamic MAC address learning can be locked such that the current source MAC addresses entered into the MAC address forwarding table can not be changed once the port lock is enabled. The port can be locked by using the Admin State pull-down menu to Enabled, and clicking Apply.
Page 103 xStack Stackable Gigabit Layer 3 Switch Manual Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. From/To A consecutive group of ports may be configured starting with the selected port. Admin State This pull-down menu allows you to enable or disable Port Security (locked MAC address table for the selected ports).
Page 104: Port Lock Entries
xStack Stackable Gigabit Layer 3 Switch Manual Port Lock Entries The Port Lock Entry Delete window is used to remove an entry from the port security entries learned by the Switch and entered into the forwarding database. To view the following window, click Configuration > Port Lock Entries: Figure 6- 44.
Page 105: Qos
xStack Stackable Gigabit Layer 3 Switch Manual permanently learned by the Switch. MAC Address The MAC address of the entry in the forwarding database table that has been permanently learned by the Switch. Unit The ID number of the Switch in the switch stack that has permanently learned the MAC address.
Page 106: Understanding Qos
xStack Stackable Gigabit Layer 3 Switch Manual header of a packet to see if it has the proper identifying tag. Then the user may forward these tagged packets to designated classes of service on the Switch where they will be emptied, based on priority. For example, lets say a user wishes to have a video conference between two remotely set computers.
Page 107 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 46. Bandwidth Settings and Port Bandwidth Table window The following parameters can be set or are displayed: Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. From/To A consecutive group of ports may be configured starting with the selected port.
Page 108: Qos Scheduling Mechanism
xStack Stackable Gigabit Layer 3 Switch Manual bandwidth limit. Enabled disables the limit. Rate This field allows you to enter the data rate, in Mbit/s, that will be the limit for the selected port. The user may choose a rate between 1 and 9999 Mbit/s. Click Apply to set the bandwidth control for the selected ports.
Page 109: Qos Output Scheduling
xStack Stackable Gigabit Layer 3 Switch Manual QoS Output Scheduling QoS can be customized by changing the output scheduling used for the hardware classes of service in the Switch. As with any changes to QoS implementation, careful consideration should be given to how network traffic in lower priority classes of service is affected.
Page 110 xStack Stackable Gigabit Layer 3 Switch Manual The example window below displays an example of the combination queue where Class-1 will have a strict priority for emptying its class, while the other classes will follow a weight fair scheduling. Figure 6- 49. QoS Output Scheduling window – Combination queue example...
Page 111: 802.1P Default Priority
xStack Stackable Gigabit Layer 3 Switch Manual 802.1p Default Priority The Switch allows the assignment of a default 802.1p priority to each port on the Switch. In the Configuration folder open the QoS folder and click 802.1p Default Priority, to view the screen shown below. Figure 6- 50.
Page 112: 802.1P User Priority
xStack Stackable Gigabit Layer 3 Switch Manual 802.1p User Priority The xStack family of switches allows the assignment of a class of service to each of the 802.1p priorities. In the Configuration folder open the QoS folder and click 802.1p User Priority, to view the screen shown below. Figure 6- 51.
Page 113: System Log Host
xStack Stackable Gigabit Layer 3 Switch Manual Click on the Setup button to open the Setup Forwarding ports page, as shown below. Figure 6- 53. Setup Forwarding Ports window This page allows you to determine which port on a given switch in a switch stack will be allowed to forward packets to other ports on that switch.
Page 114 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 55. Configure System Log Server - Edit The following parameters can be set: Parameter Description Index Syslog server settings index (1-4). Server IP The IP address of the Syslog server. Severity This drop-down menu allows you to select the level of messages that will be sent.
Page 115 xStack Stackable Gigabit Layer 3 Switch Manual clock daemon local use 0 (local0) local use 1 (local1) local use 2 (local2) local use 3 (local3) local use 4 (local4) local use 5 (local5) local use 6 (local6) local use 7 (local7) UDP Port (514 or Enter the UDP port number used for sending Syslog messages.
Page 116: Sntp Settings
xStack Stackable Gigabit Layer 3 Switch Manual SNTP Settings Time Settings To configure the time settings for the Switch, open the Configuration folder, then the SNTP folder and click on the Time Settings link, revealing the following screen for the user to configure. Figure 6- 56.
Page 117 xStack Stackable Gigabit Layer 3 Switch Manual SNTP Poll Interval in The interval, in seconds, between requests for updated SNTP information. Seconds (30-99999) Time Settings - Set Current Time Year Enter the current year, if you want to update the system clock. Month Enter the current month, if you would like to update the system clock.
Page 118: Time Zone And Dst
xStack Stackable Gigabit Layer 3 Switch Manual Time Zone and DST The following are screens used to configure time zones and Daylight Savings time settings for SNTP. Open the Configuration folder, then the SNTP folder and click on the Time Zone and DST link, revealing the following screen. Figure 6- 57.
Page 119 xStack Stackable Gigabit Layer 3 Switch Manual DST Repeating Settings - Using repeating mode will enable DST seasonal time adjustment. Repeating mode requires that the DST beginning and ending date be specified using a formula. For example, specify to begin DST on Saturday during the second week of April and end DST on Sunday during the last week of October.
Page 120: Access Profile Table
xStack Stackable Gigabit Layer 3 Switch Manual Access Profile Table Configuring the Access Profile Table Access profiles allow you to establish criteria to determine whether the Switch will forward packets based on the information contained in each packet's header. These criteria can be specified on a basis of VLAN, MAC address, IP address and now IPv6.
Page 121 xStack Stackable Gigabit Layer 3 Switch Manual Parameter Description Profile ID (1-8) Type in a unique identifier number for this profile set. This value can be set from 1 - 8. Type Select profile based on Ethernet (MAC Address), IP address, packet content mask or IPv6.
Page 122 xStack Stackable Gigabit Layer 3 Switch Manual The page shown below is the IP Access Profile Configuration page. Figure 6- 60. Access Profile Configuration (IP) The following parameters can be set, for IP: Parameter Description Profile ID (1-8) Type in a unique identifier number for this profile set. This value can be set from 1 - 8. Type Select profile based on Ethernet (MAC Address), IP address, Packet Content Mask or IPv6.
Page 123 xStack Stackable Gigabit Layer 3 Switch Manual Destination IP Mask Enter an IP address mask for the destination IP address. DSCP Selecting this option instructs the Switch to examine the DiffServ Code part of each packet header and use this as the, or part of the criterion for forwarding. Protocol Selecting this option instructs the Switch to examine the protocol type value in each frame's header.
Page 124 xStack Stackable Gigabit Layer 3 Switch Manual The page shown below is the Packet Content Mask configuration window. Figure 6- 61. Access Profile Configuration window (Packet Content Mask) This screen will aid the user in configuring the Switch to mask packet headers beginning with the offset value specified. The following fields are used to configure the Packet Content Mask: Parameter Description...
Page 125 xStack Stackable Gigabit Layer 3 Switch Manual Offset This field will instruct the Switch to mask the packet header beginning with the offset value specified: value (0-15) - Enter a value in hex form to mask the packet from the beginning of the packet to the 15th byte.
Page 126 xStack Stackable Gigabit Layer 3 Switch Manual Service (ToS) or Precedence bits field in IPv4. Flowlabel Checking this field will instruct the Switch to examine the flow label field of the IPv6 header. This flow label field is used by a source to label sequences of packets such as non-default quality of service or real time service packets.
Page 127 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 64. Access Rule Configuration window (IP) Configure the following Access Rule Configuration settings for IP: Parameter Description Profile ID This is the identifier number for this profile set. Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below).
Page 128 xStack Stackable Gigabit Layer 3 Switch Manual Replace priority with Click the corresponding box if you want to re-write the 802.1p default priority of a packet to the value entered in the Priority field, which meets the criteria specified previously in this command, before forwarding it on to the specified CoS queue.
Page 129 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 65. Access Rule Display window (IP) To configure the Access Rule for Ethernet, open the Access Profile Table and click Modify for an Ethernet entry. This will open the following screen: Figure 6- 66.
Page 130 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 67. Access Rule Configuration window - Ethernet. To set the Access Rule for Ethernet, adjust the following parameters and click Apply. Parameters Description Profile ID This is the identifier number for this profile set. Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below).
Page 131 xStack Stackable Gigabit Layer 3 Switch Manual Replace priority with Click the corresponding box if you want to re-write the 802.1p default priority of a packet to the value entered in the Priority field, which meets the criteria specified previously in this command, before forwarding it on to the specified CoS queue.
Page 132 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 68. Access Rule Display window (Ethernet) To configure the Access Rule for Packet Content Mask, open the Access Profile Table and click Modify for a Packet Content Mask entry. This will open the following screen: Figure 6- 69.
Page 133 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 70. Access Rule Configuration - Packet Content Mask To set the Access Rule for the Packet Content Mask, adjust the following parameters and click Apply. Parameter Description Profile ID This is the identifier number for this profile set.
Page 134 xStack Stackable Gigabit Layer 3 Switch Manual Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below). Select Deny to specify that packets that do not match the access profile are not forwarded by the Switch and will be filtered.
Page 135 xStack Stackable Gigabit Layer 3 Switch Manual numerical order. Entering all will denote all ports on the Switch. To view the settings of a previously correctly configured rule, click in the Access Rule Table to view the following screen: Figure 6- 71. Access Rule Display window (Packet Content Mask) To configure the Access Rule for IPv6, open the Access Profile Table and click Modify for an IPv6 entry.
Page 136 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 73. Access Rule Configuration – IPv6 To set the Access Rule for the Packet Content Mask, adjust the following parameters and click Apply. Parameter Description Profile ID This is the identifier number for this profile set. Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below).
Page 137 xStack Stackable Gigabit Layer 3 Switch Manual CoS queue. Otherwise, a packet will have its incoming 802.1p user priority re-written to its original value before being forwarded by the Switch. For more information on priority queues, CoS queues and mapping for 802.1p, see the QoS section of this manual.
Page 138: System Severity Settings
xStack Stackable Gigabit Layer 3 Switch Manual System Severity Settings The System Severity Window allows users to configure where and when events occurring on the Switch will be recorded. These events are classified by the Switch into the following three categories: Information –...
Page 139: Port Access Entity (802.1X)
xStack Stackable Gigabit Layer 3 Switch Manual warning – Entering this parameter along with the proper destination, stated above, will instruct the Switch to send critical and warning events to the Switch’s log and/or SNMP agent. information – Entering this parameter along with the proper destination, stated above, will instruct the Switch to send informational, warning and critical events to the Switch’s log and/or SNMP agent.
Page 140: Authenticator
xStack Stackable Gigabit Layer 3 Switch Manual to a port on the Switch must be authenticated by the Authentication Server (RADIUS) before attaining any services offered by the Switch on the LAN. The role of the Authentication Server is to certify the identity of the Client attempting to access the network by exchanging secure information between the RADIUS server and the Client through EAPOL packets and, in turn, informs the Switch whether or not the Client is granted access to the LAN and/or switches services.
Page 141: Client
xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 79. The Authenticator Client The Client is simply the endstation that wishes to gain access to the LAN or switch services. All endstations must be running software that is compliant with the 802.1x protocol. For users running Windows XP, that software is included within the operating system.
Page 142: Authentication Process
Figure 6- 81. The 802.1x Authentication Process The D-Link implementation of 802.1x allows network administrators to choose between two types of Access Control used on the Switch, which are: Port-Based Access Control –...
Page 143: Understanding 802.1X Port-Based And Mac-Based Network Access Control
xStack Stackable Gigabit Layer 3 Switch Manual Understanding 802.1x Port-based and MAC-based Network Access Control The original intent behind the development of 802.1X was to leverage the characteristics of point-to-point in LANs. As any single LAN segment in such infrastructures has no more than two devices attached to it, one of which is a Bridge Port. The Bridge Port detects events that indicate the attachment of an active device at the remote end of the link, or an active device becoming inactive.
Page 144: Mac-Based Network Access Control
xStack Stackable Gigabit Layer 3 Switch Manual MAC-Based Network Access Control RADIUS Server Ethernet Switch … 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X Client Client Client Client Client Client Client Client Client Client Client Client Network access controlled port Network access uncontrolled port Figure 6- 83.
Page 145: Configure Authenticator
xStack Stackable Gigabit Layer 3 Switch Manual Configure Authenticator To configure the 802.1X authenticator settings, click Configuration > Port Access Entity > Configure 802.1x Authenti- cator Parameter: Figure 6- 84. Configure 802.1X Authenticator Parameter window To view the 802.1X authenticator settings on a different switch in the switch stack, use the Unit pull-down menu to select that switch by its ID number in the switch stack.
Page 146 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 85. 802.1X Authenticator Settings – Modify window This screen allows you to set the following features: Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. From [ ] To [ ] Enter the port or ports to be set.
Page 147: 802.1X User
xStack Stackable Gigabit Layer 3 Switch Manual TxPeriod This sets the TxPeriod of time for the authenticator PAE state machine. This value determines the period of an EAP Request/Identity packet transmitted to the client. The default setting is 30 seconds. QuietPeriod This allows you to set the number of seconds that the Switch remains in the quiet state following a failed authentication exchange w ith the client.
Page 148: Pae System Control
xStack Stackable Gigabit Layer 3 Switch Manual PAE System Control Existing 802.1x port and MAC settings are displayed and can be configured using the windows below. Port Capability Click Port Access Entity > PAE System Control > 802.1x Capability Settings to view the following window: Figure 6- 87.
Page 149 xStack Stackable Gigabit Layer 3 Switch Manual Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. From and To Ports being configured for 802.1x settings. Capability Two role choices can be selected: Authenticator - A user must pass the authentication process to gain access to the network.
Page 150: Initializing Ports For Port Based 802.1X
xStack Stackable Gigabit Layer 3 Switch Manual Initializing Ports for Port Based 802.1x Existing 802.1x port and MAC settings are displayed and can be configured using the window below. Click Port Access Entity > PAE System Control > Initialize Port(s) to open the following window: Figure 6- 88.
Page 151: Initializing Ports For Mac Based 802.1X
xStack Stackable Gigabit Layer 3 Switch Manual MAC Address The MAC address of the Switch connected to the corresponding port, if any. Auth PAE State The Authenticator PAE State will display one of the following: Initialize, Discon- nected, Connecting, Authenticating, Authenticated, Aborting, Held, ForceAuth, ForceUnauth, and N/A.
Page 152: Reauthenticate Port(S) For Port Based 802.1X
xStack Stackable Gigabit Layer 3 Switch Manual Reauthenticate Port(s) for Port Based 802.1x This window allows you to reauthenticate a port or group of ports by choosing a port or group of ports by using the pull down menus From and To and clicking Apply. The Reauthenticate Port Table displays the current status of the reauthenticated port(s) once you have clicked Apply.
Page 153: Reauthenticate Port(S) For Mac-Based 802.1X
xStack Stackable Gigabit Layer 3 Switch Manual NOTE: The user must first globally enable 802.1X in the Advanced Settings window in the Configuration folder before reauthenticating ports. Information in the Reauthenticate Ports Table cannot be viewed before enabling 802.1X. Reauthenticate Port(s) for MAC-based 802.1x To reauthenticate ports for the MAC side of 802.1x, the user must first enable 802.1x by MAC address in the Advanced Settings window.
Page 154: Radius Server
xStack Stackable Gigabit Layer 3 Switch Manual RADIUS Server The RADIUS feature of the Switch allows you to facilitate centralized user administration as well as providing protection against a sniffing, active hacker. The Web Manager offers three windows. Click Configuration > Port Access Entity > RADIUS Server > Authentic RADIUS Server to open the Authentic RADIUS Server Setting window shown below: Figure 6- 92.
Page 155: Layer 3 Ip Networking
xStack Stackable Gigabit Layer 3 Switch Manual Layer 3 IP Networking Layer 3 Global Advanced Settings The L3 Global Advanced Settings window allows the user to enable and disable Layer 3 settings and functions from a single window. The full settings and descriptions for these functions will appear later in this section. To view this window, open the Configuration folder and then the Layer 3 IP Networking folder and click on the L3 Global Advanced Settings link to access the following window.
Page 156: Ip Interface Setup
xStack Stackable Gigabit Layer 3 Switch Manual creates multiple interfaces for a specified VLAN (primary and secondary), that set IP interface cannot be changed to another VLAN. Application Limitation: A multicast router cannot be connected to IP interfaces that are utilizing the IP Multinetting function. NOTE: Only the primary IP interface will support the BOOTP relay agent.
Page 157 xStack Stackable Gigabit Layer 3 Switch Manual Marketing 10.96.0.0 10.96.0.1 Finance 10.128.0.0 10.128.0.1 Sales 10.160.0.0 10.160.0.1 Backbone 10.192.0.0 10.192.0.1 Table 6- 5. VLAN Example - Assigned IP Interfaces The six IP interfaces, each with an IP address (listed in the table above), and a subnet mask of 255.224.0.0 can be entered into the Setup IP Interface window.
Page 158 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 96. IP Interface Settings – Edit window Enter a name for the new interface to be added in the Interface Name field (if you are editing an IP interface, the Interface Name will already be in the top field as seen in the window above). Enter the interface’s IP address and subnet mask in the corresponding fields.
Page 159: Md5 Key Table Configuration
xStack Stackable Gigabit Layer 3 Switch Manual MD5 Key Table Configuration The MD5 Key Table Configuration menu allows the entry of a sixteen character Message Digest version 5 (MD5) key which can be used to authenticate every packet exchanged between OSPF routers. It is used as a security mechanism to limit the exchange of network topology information to the OSPF routing domain.
Page 160 xStack Stackable Gigabit Layer 3 Switch Manual ExtType1 ExtType2 Inter-E1 Inter-E2 0 to 16777214 Type 1 Type 2 Static 0 to 16777214 Type 1 Type 2 Local 0 to 16777214 Type 1 Type 2 Table 6- 6. Route Redistribution Source table Entering the Type combination internal type_1 type_2 is functionally equivalent to all.
Page 161: Static/Default Route Settings
xStack Stackable Gigabit Layer 3 Switch Manual Static/Default Route Settings Entries into the Switch’s forwarding table can be made using both MAC addresses and IP addresses. Static IP forwarding is accomplished by the entry of an IP address into the Switch’s Static IP Routing Table. To view the following window, click Configuration >...
Page 162: Route Preference Settings
xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 100. Static/Default Route Settings – Add window The following fields can be set: Parameter Description IP Address Allows the entry of an IP address that will be a static entry into the Switch’s Routing Table.
Page 163 xStack Stackable Gigabit Layer 3 Switch Manual Route Type Validity Range Default Value Local 0 - Permanently set on the Switch and not configurable. Static 1 - 999 OSPF Intra 1 - 999 OSPF Inter 1 - 999 1 - 999 OSPF ExtT1 1 - 999 OSPF ExtT2...
Page 164 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 101. Current and New Route Preference Settings window The following fields can be viewed or set: Parameter Description RIP (1-999) Enter a value between 1 and 999 to set the route preference for RIP. The lower the value, the higher the chance the specified protocol will be chosen as the best path for routing packets.
Page 165: Static Arp Table
xStack Stackable Gigabit Layer 3 Switch Manual OSPF ExtT2 (1-999) Enter a value between 1 and 999 to set the route preference for OSPF ExtT2. The lower the value, the higher the chance the specified protocol will be chosen as the best path for routing packets.
Page 166: Rip
xStack Stackable Gigabit Layer 3 Switch Manual Parameter Description IP Address The IP address of the ARP entry. This field cannot be edited in the Static ARP Settings – Edit window. MAC Address The MAC address of the ARP entry. After entering the IP Address and MAC Address of the Static ARP entry, click Apply to implement the new entry.
Page 167: Rip 1 Message
xStack Stackable Gigabit Layer 3 Switch Manual Command Meaning Request for partial or full routing information Response containing network-distance pairs from sender’s routing table Turn on trace mode (obsolete) Turn off trace mode (obsolete) Reserved for Sun Microsystem’s internal use Update Request Update Response Update Acknowledgement...
Page 168: Rip Global Settings
xStack Stackable Gigabit Layer 3 Switch Manual RIP Global Settings To setup RIP for the IP interfaces configured on the Switch, the user must first globally enable RIP and then configure RIP settings for the individual IP interfaces. To globally enable RIP on the Switch, open the Configuration folder to Layer 3 Networking and then open the RIP folder and click on the RIP Global Settings link to access the following screen: Figure 6- 105.
Page 169: Ospf
xStack Stackable Gigabit Layer 3 Switch Manual Parameter Description Interface Name The name of the IP interface on which RIP is to be setup. This interface must be previously configured on the Switch. IP Address The IP address corresponding to the Interface Name showing in the field above. TX Mode Toggle among Disabled, V1 Only, V1 Compatible, and V2 Only.
Page 170: Ospf Cost
xStack Stackable Gigabit Layer 3 Switch Manual This link-state advertisement is flooded to all router in the area. Each router that receives the link-state advertisement will store the advertisement and then forward a copy to other routers. When the link-state database of each router is updated, the individual routers will calculate a Shortest Path Tree to all destinations with the individual router as the root.
Page 171 xStack Stackable Gigabit Layer 3 Switch Manual Router A 128.213.0.0 Router B Router C 192.213.11.0 Router D 222.211.10.0 Figure 6- 108. Constructing a Shortest Path Tree The diagram above shows the network from the viewpoint of Router A. Router A can reach 192.213.11.0 through Router B with a cost of 10 + 5 = 15.
Page 172: Ospf Authentication
xStack Stackable Gigabit Layer 3 Switch Manual Areas and Border Routers OSPF link-state updates are forwarded to other routers by flooding to all routers on the network. OSPF uses the concept of areas to define where on the network routers that need to receive particular link-state updates are located. This helps ensure that routing updates are not flooded throughout the entire network and to reduce the amount of bandwidth consumed by updating the various router’s routing tables.
Page 173: Virtual Links
xStack Stackable Gigabit Layer 3 Switch Manual Simple Password Authentication A password (or key) can be configured on a per-area basis. Routers in the same area that participate in the routing domain must be configured with the same key. This method is possibly vulnerable to passive attacks where a link analyzer is used to obtain the password.
Page 174: Designated Router Election
xStack Stackable Gigabit Layer 3 Switch Manual Adjacencies Adjacent routers go beyond the simple Hello exchange and participate in the link-state database exchange process. OSPF elects one router as the Designated Router (DR) and a second router as the Backup Designated Router (BDR) on each multi-access segment (the BDR is a backup in case of a DR failure).
Page 175 xStack Stackable Gigabit Layer 3 Switch Manual OSPF Packet Header Every OSPF packet is preceded by a common 24-byte header. This header contains the information necessary for a receiving router to determine if the packet should be accepted for further processing. The format of the OSPP packet header is shown below: OSPF Packet Header Type...
Page 176 xStack Stackable Gigabit Layer 3 Switch Manual Hello Packet Version No. Packet Length Router ID Area ID Checksum Authentication Type Authentication Authentication Network Mask Hello Interval Options Router Priority Router Dead Interval Designated Router Backup Designated Router Neighbor Figure 6- 111. Hello Packet Field Description Network Mask...
Page 177 xStack Stackable Gigabit Layer 3 Switch Manual Database Description Packet Database Description packets are OSPF packet type 2. These packets are exchanged when an adjacency is being initialized. They describe the contents of the topological database. Multiple packets may be used to describe the database. For this purpose, a poll-response procedure is used.
Page 178 xStack Stackable Gigabit Layer 3 Switch Manual A router that sends a Link-State Request packet has in mind the precise instance of the database pieces it is requesting, defined by LS sequence number, LS checksum, and LS age, although these fields are not specified in the Link-State Request packet itself.
Page 179 xStack Stackable Gigabit Layer 3 Switch Manual Link-State Update Packet Packet Length Version No. Router ID Area ID Checksum Authentication Type Authentication Authentication Number of Advertisements Link-State Advertisements ... Figure 6- 114. Link-State Update Packet The body of the Link-State Update packet consists of a list of link-state advertisements. Each advertisement begins with a common 20-byte header, the link-state advertisement header.
Page 180 xStack Stackable Gigabit Layer 3 Switch Manual Link-State Advertisement Formats There are five distinct types of link-state advertisements. Each link-state advertisement begins with a standard 20-byte link- state advertisement header. Succeeding sections then diagram the separate link-state advertisement types. Each link-state advertisement describes a piece of the OSPF routing domain. Every router originates a router links advertisement.
Page 181 xStack Stackable Gigabit Layer 3 Switch Manual Advertising Router The Router ID of the router that originated the Link State Advertisement. For example, in network links advertisements this field is set to the Router ID of the network’s Designated Router. Link State Sequence Detects old or duplicate link state advertisements.
Page 182 xStack Stackable Gigabit Layer 3 Switch Manual In router links advertisements, the Link State ID field is set to the router’s OSPF Router ID. The T - bit is set in the advertisement’s Option field if and only if the router is able to calculate a separate set of routes for each IP Type of Service (TOS).
Page 183 xStack Stackable Gigabit Layer 3 Switch Manual For each link, separate metrics may be specified for each Type of Service (TOS). The metric for TOS 0 must always be included, and was discussed above. Metrics for non-zero TOS are described below. Note that the cost for non-zero TOS values that are not specified defaults to the TOS 0 cost.
Page 184 xStack Stackable Gigabit Layer 3 Switch Manual Type 3 link state advertisements are used when the destination is an IP network. In this case, the advertisement’s Link State ID field is an IP network number. When the destination is an AS boundary router, a Type 4 advertisement is used, and the Link State ID field is the AS boundary router’s OSPF Router ID.
Page 185 xStack Stackable Gigabit Layer 3 Switch Manual AS External Link Advertisements Link-State Age Options Link-State ID Advertising Router Link-State Sequence Number Link-State Checksum Length Network Mask Metric Forwarding Address External Route Tag Figure 6- 120. AS External Link Advertisements Field Description Network Mask The IP address mask for the advertised destination.
Page 186: Ospf Global Settings
xStack Stackable Gigabit Layer 3 Switch Manual OSPF Global Settings The OSPF Global Settings menu allows OSPF to be enabled or disabled on the Switch without changing the Switch’s OSPF configuration. To view the following window, click Configuration > Layer 3 IP Networking > OSPF > OSPF Global Settings. To enable OSPF, first supply an OSPF Route ID (see below), select Enabled from the State drop-down menu and click the Apply button.
Page 187: Ospf Interface Settings
xStack Stackable Gigabit Layer 3 Switch Manual To add an OSPF Area to the table, type a unique Area ID (see below) select the Type from the drop-down menu. For a Stub type, choose Enabled or Disabled from the Stub Import Summary LSA drop-down menu and determine the Stub Default Cost.
Page 188 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 125. OSPF Interface Settings - Edit window Configure each IP interface individually using the OSPF Interface Settings - Edit menu. Click the Apply button when you have entered the settings. The new configuration appears listed in the OSPF Interface Settings table. To return to the OSPF Interface Settings table, click the Show All OSPF Interface Entries link.
Page 189: Ospf Virtual Link Settings
xStack Stackable Gigabit Layer 3 Switch Manual State Allows the OSPF interface to be disabled for the selected area without changing the configuration for that area. Auth Type This field can be toggled between None, Simple, and MD5 using the space bar. This allows a choice of authorization schemes for OSPF packets that may be exchanged over the OSPF routing domain.
Page 190 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 126. OSPF Virtual Link Settings The status of the virtual interface appears (Up or Down) in the Status column. Figure 6- 127. OSPF Virtual Link Settings – Add Configure the following parameters if you are adding or changing an OSPF Virtual Interface: Parameter Description Transit Area ID...
Page 191: Ospf Area Aggregation Settings
xStack Stackable Gigabit Layer 3 Switch Manual Password/Auth. Key Enter a case-sensitive password for simple authorization or enter the MD5 key you set in the MD5 Key settings menu. Transmit Delay The number of seconds required to transmit a link state update over this virtual link. Transit delay takes into account transmission and propagation delays.
Page 192: Ospf Host Route Settings
xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 129. OSPF Area Aggregation Settings – Add window Specify the OSPF aggregation settings and click the Apply button to add or change the settings. The new settings will appear listed in the OSPF Area Aggregation Configuration table. To view the table, click the Show All OSPF Aggregation Entries link to return to the previous window.
Page 193 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 130. OSPF Host Route Settings table Use the menu below to set up OSPF host routes. Figure 6- 131. OSPF Host Route Settings – Add window Specify the host route settings and click the Apply button to add or change the settings. The new settings will appear listed in the OSPF Host Route Settings list.
Page 194: Dhcp / Bootp Relay
xStack Stackable Gigabit Layer 3 Switch Manual DHCP / BOOTP Relay The BOOTP hops count limit allows the maximum number of hops (routers) that the BOOTP messages can be relayed through to be set. If a packet’s hop count is more than the hop count limit, the packet is dropped. The range is between 1 and 16 hops, with a default value of 4.
Page 195: Dns Relay
xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 133. DHCP/BOOTP Relay Interface Settings and DHCP/BOOTP Relay Interface Table window The following parameters may be configured or viewed. Parameter Description Interface The IP interface on the Switch that will be connected directly to the Server. Server IP Enter the IP address of the DHCP/BOOTP server.
Page 196: Configuring Dns Relay Information
xStack Stackable Gigabit Layer 3 Switch Manual Configuring DNS Relay Information To configure the DNS function on the Switch, click Configuration > Layer 3 IP Networking > DNS Relay > DNS Relay Global Settings, which will open the DNS Relay Global Settings window, as seen below: Figure 6- 134.
Page 197: Vrrp
xStack Stackable Gigabit Layer 3 Switch Manual To add an entry into the DNS Relay Static Table, simply enter a Domain Name with its corresponding IP address and click Add under the Apply heading. A successful entry will be presented in the table below, as shown in the example above.
Page 198: Vrrp Virtual Router Settings
xStack Stackable Gigabit Layer 3 Switch Manual VRRP Virtual Router Settings The following window will allow the user to view the parameters for the VRRP function on the Switch. To view this window, click Configuration > Layer 3 IP Networking > VRRP > VRRP Virtual Router Settings: Figure 6- 137.
Page 199 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 138. VRRP Virtual Router Settings – Add window Or, the user may click the hyperlinked Interface Name to view the same window: The following parameters may be set to configure an existing or new VRRP virtual router. Parameter Description Interface Name...
Page 200 xStack Stackable Gigabit Layer 3 Switch Manual Critical IP Address Enter the IP address of the physical device that will provide the most direct route to the Internet or other critical network connections from this virtual router. This must be a real IP address of a real device on the network.
Page 201: Vrrp Authentication Settings
xStack Stackable Gigabit Layer 3 Switch Manual VRRP packets received by a virtual router, for authentication. IP Authentication Header - An MD5 message digest algorithm has been selected to compare VRRP packets received by a virtual router, for authentication. VRID Displays the virtual router ID set by the user.
Page 202: Ip Multicast Routing Protocol
xStack Stackable Gigabit Layer 3 Switch Manual To configure the authentication for a pre-created interface, click its hyperlinked name, revealing the following window to configure: Figure 6- 141. VRRP Authentication Settings – Edit window The following parameters may be viewed or configured: Parameter Description Interface Name...
Page 203: Igmp Versions 1 And 2
xStack Stackable Gigabit Layer 3 Switch Manual In the case where there is more than one multicast router on a subnetwork, one router is elected as the ‘querier’. This router then keeps track of the membership of the multicast groups that have active members. The information received from IGMP is then used to determine if multicast packets should be forwarded to a given subnetwork or not.
Page 204: Igmp Version 3
xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 143. IGMP State Transitions IGMP Version 3 The current release of the xStack family of switches now implements IGMPv3. Improvements of IGMPv3 over version 2 include: The introduction of the SSM or Source Specific Multicast. In previous versions of IGMP, the host would receive all packets sent to the multicast group.
Page 205 xStack Stackable Gigabit Layer 3 Switch Manual Timers As previously mentioned, IGMPv3 incorporates filters to include or exclude sources. These filters are kept updated using timers. IGMPv3 utilizes two types of timers, one for the group and one for the source. The purpose of the filter mode is to reduce the reception state of a multicast group so that all members of the multicast group are satisfied.
Page 206: Igmp Interface Configuration
xStack Stackable Gigabit Layer 3 Switch Manual IGMP Interface Configuration The Internet Group Multicasting Protocol (IGMP) can be configured on the Switch on a per-IP interface basis . To view the IGMP Interface Table, open the IP Multicast Routing Protocol folder under Configuration and click IGMP Interface Settings.
Page 207: Dvmrp Interface Configuration
xStack Stackable Gigabit Layer 3 Switch Manual varied by entering a value between 1 and 31,744 seconds in the Query Interval field. The maximum length of time between the receipt of a query and the sending of an IGMP response report can be varied by entering a value in the Max Response Time field.
Page 208: Dvmrp Global Settings
xStack Stackable Gigabit Layer 3 Switch Manual The higher the route cost, the lower the probability that the current route will be chosen to be an active branch of the multicast delivery tree (not ‘pruned’) - if there is an alternative route. DVMRP Global Settings To enable DVMRP globally on the Switch, click Configuration >...
Page 209: Pim-Dm Interface Configuration
xStack Stackable Gigabit Layer 3 Switch Manual Neighbor Timeout This field allows an entry between 1 and 65,535 seconds and defines the time period Interval (1-65535) DVMRP will hold Neighbor Router reports before issuing poison route messages. The default is 35 seconds. Probe Interval (1- This field allows an entry between 1 and 65,535 seconds and defines the interval 65535)
Page 210 xStack Stackable Gigabit Layer 3 Switch Manual Figure 6- 150. PIM-DM Interface Settings window To view the configuration window for a specific entry, click its hyperlinked name, revealing the following window. Figure 6- 151. PIM-DM Interface Settings - Edit window The following fields can be set or viewed: Parameter Description...
Page 211: Security Management
xStack Stackable Gigabit Layer 3 Switch Manual Section 7 Security Management Security IP User Accounts Access Authentication Control (TACACS) Secure Sockets Layer (SSL) Secure Shell (SSH) The following section will aid the user in configuring security functions for the Switch. The Switch includes various functions for security, including TACACS, Security IPs, SSL, and SSH, all discussed in detail in the following section.
Page 212: Admin And User Privileges
xStack Stackable Gigabit Layer 3 Switch Manual Figure 7- 4. User Accounts Add Table Add a new user by typing in a User Name , and New Password and retype the same password in the Confirm New Password. Choose the level of privilege (Admin or User) from the Access Right drop-down menu. Figure 7- 5.
Page 213: Access Authentication Control
xStack Stackable Gigabit Layer 3 Switch Manual Factory Reset User Account Management Add/Update/Delete User Accounts View User Accounts Table 7- 1. Admin and User Privileges After establishing a User Account with Admin-level privileges, be sure to save the changes by opening the Maintenance folder, opening the Save Changes window and clicking the Save Configuration button.
Page 214: Authentication Policy & Parameters
xStack Stackable Gigabit Layer 3 Switch Manual Switch will then go to the next technique listed in the server group for authentication, until the authentication has been verified or denied, or the list is exhausted. Please note that users granted access to the Switch will be granted normal user privileges on the Switch. To gain access to administrator level privileges, the user must access the Enable Admi n window and then enter a password, which was previously configured by the administrator of the Switch.
Page 215: Application's Authentication Settings
xStack Stackable Gigabit Layer 3 Switch Manual Application's Authentication Settings This window is used to configure switch configuration applications (console, Telnet, SSH, web) for login at the user level and at the administration level (Enable Admin) utilizing a previously configured method list. To view the following window, click Security Management >...
Page 216 xStack Stackable Gigabit Layer 3 Switch Manual Figure 7- 8. Authentication Server Group window This screen displays the Authentication Server Groups on the Switch. The Switch has four built-in Authentication Server Groups that cannot be removed but can be modified. To modify a partic ular group, click its hyperlinked Group Name, which will then display the following window.
Page 217: Authentication Server Host
xStack Stackable Gigabit Layer 3 Switch Manual NOTE: The user must configure Authentication Server Hosts using the Authentication Server Hosts window before adding hosts to the list. Authentication Server Hosts must be configured for their specific protocol on a remote centralized server before this function can work properly. NOTE: The three built in server groups can only have server hosts running the same TACACS daemon.
Page 218: Login Method Lists
xStack Stackable Gigabit Layer 3 Switch Manual Parameter Description IP Address The IP address of the remote server host the user wishes to add. Protocol The protocol used by the server host. The user may choose one of the following: TACACS - Enter this parameter if the server host utilizes the TACACS protocol.
Page 219 xStack Stackable Gigabit Layer 3 Switch Manual Figure 7- 13. Login Method Lists window The Switch contains one Method List that is set and cannot be removed, yet can be modified. To delete a Login Method List defined by the user, click the under the Delete heading corresponding to the entry desired to be deleted.
Page 220: Enable Method Lists
xStack Stackable Gigabit Layer 3 Switch Manual authentication methods to this method list: tacacs - Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server. xtacacs - Adding this parameter will require the user to be authenticated using the XTACACS protocol from a remote XTACACS server.
Page 221 xStack Stackable Gigabit Layer 3 Switch Manual To delete an Enable Method List defined by the user, click the under the Delete heading corre sponding to the entry desired to be deleted. To modify an Enable Method List, click on its hyperlinked Method List Name . To configure a Method List, click the Add button.
Page 222: Configure Local Enable Password
xStack Stackable Gigabit Layer 3 Switch Manual xtacacs - Adding this parameter will require the user to be authenticated using the XTACACS protocol from a remote XTACACS server. tacacs+ - Adding this parameter will require the user to be authenticated using the TACACS protocol from a remote TACACS server.
Page 223 xStack Stackable Gigabit Layer 3 Switch Manual Figure 7- 20. Enable Admin Screen When this screen appears, click the Enable Admin button revealing a window for the user to enter authentication (password, username), as seen below. A successful entry will promote the user to Administrator level privileges on the Switch.
Page 224: Secure Socket Layer (Ssl)
xStack Stackable Gigabit Layer 3 Switch Manual Secure Socket Layer (SSL) Secure Sockets Layer or SSL is a security feature that will provide a secure communication path between a host and client through the use of authentication, digital signatures and encryption. These security functions are implemented through the use of a ciphersuite, which is a security string that determines the exa ct cryptographic parameters, specific encryption algorithms and key sizes to be used for an authentication session and consists of three levels: 1.
Page 225: Configuration
xStack Stackable Gigabit Layer 3 Switch Manual To download certificates, set the following parameters and click Apply. Parameter Description Certificate Type Enter the type of certificate to be downloaded. This type refers to the server responsible for issuing certificates. This field has been limited to Local for this firmware release.
Page 226 xStack Stackable Gigabit Layer 3 Switch Manual Cache Timeout (60- This field will set the time between a new key exchange between a client and a host 86400) using the SSL function. A new SSL session is established every time the client and host go through a key exchange.
Page 227: Secure Shell (Ssh)
xStack Stackable Gigabit Layer 3 Switch Manual Secure Shell (SSH) SSH is an abbreviation of Secure Shell, which is a program allowing secure remote login and secure network services over an insecure network. It allows a secure login to remote host computers, a safe method of executing commands on a remote end node, and will provide secure encrypted and authenticated communication between two non-trusted hosts.
Page 228: Ssh Authentication Mode And Algorithm Settings
xStack Stackable Gigabit Layer 3 Switch Manual Parameter Description SSH Server Status Use the pull-down menu to enable or disable SSH on the Switch. The default is Disabled. Max Session (1-3) Enter a value between 1 and 3 to set the number of users that may simultaneously access the Switch.
Page 229 xStack Stackable Gigabit Layer 3 Switch Manual Figure 7- 25. SSH Algorithms window The following algorithms may be set: Parameter Description SSH Authentication Mode and Algorithm Settings Password This field may be enabled or disabled to choose if the administrator wishes to use a locally configured password for authentication on the Switch.
Page 230 xStack Stackable Gigabit Layer 3 Switch Manual Encryption Algorithm 3DES-CBC Use the pull-down to enable or disable the Triple Data Encryption Standard encryption algorithm with Cipher Block Chaining. The default is Enabled. Blow-fish CBC Use the pull-down to enable or disable the Blowfish encryption algorithm with Cipher Block Chaining.
Page 231: Ssh User Authentication Mode
xStack Stackable Gigabit Layer 3 Switch Manual SSH User Authentication Mode The following windows are used to configure parameters for users attempting to access the Switch through SSH. To access the following window, click Security Management > Secure Shell > SSH User Authentication Mode. Figure 7- 26.
Page 232 xStack Stackable Gigabit Layer 3 Switch Manual Host IP Enter the corresponding IP address of the SSH user. This parameter is only used in conjunction with the Host Based choice in the Auth. Mode field. Click Apply to implement changes made. NOTE: To set the SSH User Authentication parameters on the Switch, a User Account must be previously configured.
Page 233: Snmp Manager
xStack Stackable Gigabit Layer 3 Switch Manual Section 8 SNMP Manager SNMP Settings Simple Network Management Protocol (SNMP) is an OSI Layer 7 (Application Layer) designed specifically for managing and monitoring network devices. SNMP enables network management stations to read and modify the settings of gateways, routers, switches, and other network devices.
Page 234: Snmp User Table
xStack Stackable Gigabit Layer 3 Switch Manual The xStack family of switches incorporates a flexible SNMP management for the switching environment. SNMP management can be customized to suit the needs of the networks and the preferences of the network administrator. Use the SNMP V3 menus to select the SNMP version used for specific tasks.
Page 235 xStack Stackable Gigabit Layer 3 Switch Manual SNMP Version V1 - Indicates that SNMP version 1 is in use. V2 - Indicates that SNMP version 2 is in use. V3 - Indicates that SNMP version 3 is in use. Auth-Protocol None - Indicates that no authorization protocol is in use.
Page 236: Snmp View Table
xStack Stackable Gigabit Layer 3 Switch Manual DES - Specifies that DES 56-bit encryption is in use, based on the CBC-DES (DES- 56) standard. This field is only operable when V3 is selected in the SNMP Version field and the Encryption field has been checked. This field will require the user to enter a password between 8 and 16 alphanumeric characters.
Page 237: Snmp Group Table
xStack Stackable Gigabit Layer 3 Switch Manual The following parameters can set: Parameter Description View Name Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP view being created. Subtree OID Type the Object Identifier (OID) Subtree for the view. The OID identifies an object tree (MIB tree) that will be included or excluded from access by an SNMP manager.
Page 238 xStack Stackable Gigabit Layer 3 Switch Manual Figure 8- 7. SNMP Group Table Display – View window To add a new entry to the Switch's SNMP Group Table, click the Add button in the upper left-hand corner of the SNMP Group Table page.
Page 239: Snmp Community Table
xStack Stackable Gigabit Layer 3 Switch Manual SNMPv3 - Specifies that the SNMP version 3 will be used. SNMPv3 provides secure access to devices through a combination of authentication and encrypt ing packets over the network. Security Level The Security Level settings only apply to SNMPv3. NoAuthNoPriv - Specifies that there will be no authorization and no encryption of packets sent between the Switch and a remote SNMP manager.
Page 240: Snmp Host Table
xStack Stackable Gigabit Layer 3 Switch Manual View Name Type an alphanumeric string of up to 32 characters that is used to identify the group of MIB objects that a remote SNMP manager is allowed to access on the Switch. The view name must exist in the SNMP View Table.
Page 241: Snmp Engine Id
xStack Stackable Gigabit Layer 3 Switch Manual SNMP Version V1 - To specifies that SNMP version 1 will be used. V2 - To specify that SNMP version 2 will be used. V3-NoAuth-NoPriv - To specify that the SNMP version 3 will be used, with a NoAuth-NoPriv security level.
Page 242: Monitoring
xStack Stackable Gigabit Layer 3 Switch Manual Section 9 Monitoring Port Utilization CPU Utilization Packets Errors Size MAC Address Switch History Log IGMP Snooping Group IGMP Snooping Forward Browse Router Port Port Access Control Layer 3 Feature Port Utilization The Port Utilization page displays the percentage of the total available bandwidth being used on the port. To view the port utilization, open the Monitoring folder and then the Port Utilization link: Figure 9- 1.
Page 243: Cpu Utilization
xStack Stackable Gigabit Layer 3 Switch Manual To select a port to view these statistics for, first select the Switch in the switch stack by using the Unit pull-down menu and then select the port by using the Port pull down menu. The user may also use the real-time graphic of the Switch and/or switch stack at the top of the web page by simply clicking on a port.
Page 244: Packets
xStack Stackable Gigabit Layer 3 Switch Manual default value is one second. Record Number [200] Select number of times the Switch will be polled between 20 and 200. The default value is 200. Utilization Check whether or not to display Utilization. Packets The Web Manager allows various packet statistics to be viewed as either a line graph or a table.
Page 245 xStack Stackable Gigabit Layer 3 Switch Manual Figure 9- 4. Rx Packets Analysis Table The following fields may be set or viewed: Parameter Description Time Interval [1s ] Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.
Page 246: Umb Cast (Rx)
xStack Stackable Gigabit Layer 3 Switch Manual UMB Cast (RX) Click the UMB Cast (RX) link in the Packets folder of the Monitoring menu to view the following graph of UMB cast packets received on the Switch. To select a port to view these statistics for, first select the Switch in the switch stack by using the Unit pull-down menu and then select the port by using the Port pull down menu.
Page 247 xStack Stackable Gigabit Layer 3 Switch Manual Figure 9- 6. Rx Packets Analysis window (table for Unicast, Multicast, and Broadcast Packets) The following fields may be set or viewed: Parameter Description Time Interval [1s] Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.
Page 248: Transmitted (Tx)
xStack Stackable Gigabit Layer 3 Switch Manual Transmitted (TX) Click the Transmitted (TX) link in the Packets folder of the Monitoring menu to view the following graph of packets transmitted from the Switch. To select a port to view these statistics for, first select the Switch in the switch stack by using the Unit pull-down menu and then select the port by using the Port pull down menu.
Page 249 xStack Stackable Gigabit Layer 3 Switch Manual Figure 9- 8. Tx Packets Analysis window (table for Bytes and Packets) The following fields may be set or viewed: Parameter Description Time Interval [1s] Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.
Page 250: Errors
xStack Stackable Gigabit Layer 3 Switch Manual Errors The Web Manager allows port error statistics compiled by the Switch's management agent to be viewed as either a line graph or a table. Four windows are offered. Received (RX) Click the Received (RX) link in the Error folder of the Monitoring menu to view the following graph of error packets received on the Switch.
Page 251 xStack Stackable Gigabit Layer 3 Switch Manual Figure 7- 31. Rx Error Analysis window (table) The following fields can be set: Parameter Description Time Interval [1s] Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.
Page 252: Transmitted (Tx)
xStack Stackable Gigabit Layer 3 Switch Manual Transmitted (TX) Click the Transmitted (TX) link in the Error folder of the Monitoring menu to view the following graph of error packets received on the Switch. To select a port to view these statistics for, first select the Switch in the switch stack by using the Unit pull-down menu and then select the port by using the Port pull down menu.
Page 253 xStack Stackable Gigabit Layer 3 Switch Manual Figure 7- 33. Tx Error Analysis window (table) The following fields may be set or viewed: Parameter Description Time Interval [1s ] Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.
Page 254: Size
xStack Stackable Gigabit Layer 3 Switch Manual Size The Web Manager allows packets received by the Switch, arranged in six groups and classed by size, to be viewed as either a line graph or a table. Two windows are offered. To select a port to view these statistics for, first select the Switch in the switch stack by using the Unit pull-down menu and then select the port by using the Port pull down menu.
Page 255 xStack Stackable Gigabit Layer 3 Switch Manual The following fields can be set or viewed: Parameter Description Time Interval [1s] Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second. Record Number [200] Select number of times the Switch will be polled between 20 and 200.
Page 256: Stacking Information
Displays the priority ID of the Switch. The lower the number, the higher the priority. The box (switch) with the lowest priority number in the stack denotes the Master switch. The DGS-3324SRi will always be the master switch in a Star topology.
Page 257: Module Information
DXS-3326GSR and the DXS-3350SR members of the xStack family have the capability to add the optional DEM- 420X module. Although the DGS-3324SR and the DGS-3324SRi do not support the optional module, information about the module can be viewed on these switches if they are stacked with one of the switches that support the optional module.
Page 258: Device Status
xStack Stackable Gigabit Layer 3 Switch Manual Rev. No. The hardware revision number of the optional module. Serial The serial number associated with this particular optional module. Description A brief description of the optional module including port count and module type. Device Status The Device Status window can be found in the Monitoring menu by clicking the Device Status link.
Page 259: Mac Address
xStack Stackable Gigabit Layer 3 Switch Manual MAC Address This allows the Switch's dynamic MAC address forwarding table to be viewed. When the Switch learns an association between a MAC address and a port number, it makes an entry into its forwarding table. These entries are then used to forward packets through the Switch.
Page 260 xStack Stackable Gigabit Layer 3 Switch Manual The following fields can be viewed or set: Parameter Description VLAN Name Enter a VLAN Name for the forwarding table to be browsed by. MAC Address Enter a MAC address for the forwarding table to be browsed by. Unit –...
Page 261: Switch History Log
xStack Stackable Gigabit Layer 3 Switch Manual Switch History Log The Web manager allows the Switch's history log, as compiled by the Switch's management agent, to be viewed. To view the Switch history log, open the Maintenance folder and click the Switch History Log link. Figure 9- 14.
Page 262: Igmp Snooping Group
xStack Stackable Gigabit Layer 3 Switch Manual IGMP Snooping Group This window allows the Switch’s IGMP Snooping Group Table to be viewed. IGMP Snooping allows the Switch to read the Multicast Group IP address and the corresponding MAC address from IGMP packets that pass through the Switch. The number of IGMP reports that were snooped is displayed in the Reports field.
Page 263: Igmp Snooping Forwarding
xStack Stackable Gigabit Layer 3 Switch Manual IGMP Snooping Forwarding This window will display the current IGMP snooping forwarding table entries currently config ured on the Switch. To view the following screen, open the Monitoring folder and click the IGMP Snooping Forwarding link. Figure 9- 16.
Page 264: Port Access Control
xStack Stackable Gigabit Layer 3 Switch Manual Port Access Control The following screens are used to monitor 802.1x statistics of the Switch, on a per port basis. To view the Port Access Control screens, open the monitoring folder and click the Port Access Control folder. There are six screens to monitor. NOTE: The Authenticator State, Authenticator Statistics, Authenticator Session Statistics and Authenticator Diagnostics windows in this section cannot be viewed on the xStack family of switches unless 802.1x...
Page 265 xStack Stackable Gigabit Layer 3 Switch Manual Figure 9- 19. Authenticator State window – MAC-Based 802.1x This window displays the Authenticator State for individual ports on a selected device. To select unit within the switch stack, use the pull-down menu at the top of the window and click Apply. A polling interval between 1 and 60 seconds can be set using the drop-down menu at the top of the window and clicking OK.
Page 266: Authenticator Statistics
xStack Stackable Gigabit Layer 3 Switch Manual Authenticator Statistics This table contains the statistics objects for the Authenticator PAE associated with each port. An entry appears in this table for each port that supports the Authenticator function. To view the Authenticator Statistics, click Monitoring > Port Access Control >...
Page 267: Authenticator Session Statistics
xStack Stackable Gigabit Layer 3 Switch Manual been received by this Authenticator. Rx Invalid The number of EAPOL frames that have been received by this Authenticator in which the frame type is not recognized. Rx Error The number of EAPOL frames that have been received by this Authenticator in which the Packet Body Length field is invalid.
Page 268 xStack Stackable Gigabit Layer 3 Switch Manual Frames Tx The number of user data frames transmitted on this port during the session. A unique identifier for the session, in the form of a printable ASCII string of at least three characters.
Page 269: Authenticator Diagnostics
xStack Stackable Gigabit Layer 3 Switch Manual Authenticator Diagnostics This table contains the diagnostic information regarding the operation of the Authenticator associated with each port. An entry appears in this table for each port that supports the Authenticator function. To view the Authenticator Diagnostics, click Monitoring >...
Page 270 xStack Stackable Gigabit Layer 3 Switch Manual Auth Start Counts number times that state machine transitions from AUTHENTICATING to ABORTING, as a result of an EAPOL-Start message being received from the Supplicant. Auth LogOff Counts number times that state mac hine transitions from AUTHENTICATING to ABORTING, as a result of an EAPOL-Logoff message being...
Page 271: Radius Authentication
xStack Stackable Gigabit Layer 3 Switch Manual RADIUS Authentication This table contains information concerning the activity of the RADIUS authentication client on the client side of the RADIUS authentication protocol. It has one row for each RADIUS authentication server that the client shares a secret with. To view the RADIUS Authentication, click Monitoring >...
Page 272: Radius Accounting
xStack Stackable Gigabit Layer 3 Switch Manual BadAuthenticators The number of RADIUS Access-Response packets containing invalid authenticators or Signature attributes received from this server. PendingRequests The number of RADIUS Access-Request packets destined for this server that have not yet timed out or received a response. This variable is incremented when an Access-Request is sent and decremented due to receipt of an Access-Accept, Access-Reject or Access-Challenge, a timeout or retransmission.
Page 273 xStack Stackable Gigabit Layer 3 Switch Manual RoundTripTime The time interval between the most recent Accounting-Response and the Accounting- Request that matched it from this RADIUS accounting server. Requests The number of RADIUS Accounting-Request packets sent. This does not include retransmissions.
Page 274: Layer 3 Feature
xStack Stackable Gigabit Layer 3 Switch Manual Layer 3 Feature This folder in the Monitoring section will display information concerning settings configured in Layer 3 IP Networking of the Configuration folder. These settings and parameters have been previously described in Section 6 of this manual, under Layer 3 IP Networking.
Page 275: Browse Routing Table
xStack Stackable Gigabit Layer 3 Switch Manual Browse Routing Table The Browse Routing Table window may be found in the Monitoring menu in the Layer 3 Feature folder. This screen shows the current IP routing table of the Switch. To find a specific IP route, enter an IP address into the Destination Address field along with a proper subnet mask into the Mask field and click Find.
Page 276: Browse Ip Multicast Forwarding Table
xStack Stackable Gigabit Layer 3 Switch Manual Browse IP Multicast Forwarding Table The Browse IP Multicast Forwarding Table window may be found in the Monitoring menu in the Layer 3 Feature folder. This window will show current IP multicasting information on the Switch. To search a specific entry, enter an multicast group IP address into the Multicast Group field or a Source IP address and click Find.
Page 277 xStack Stackable Gigabit Layer 3 Switch Manual To view the specific details for an entry, click the corresponding icon revealing the following window: Figure 7- 36. IGMP Group Detail and Source List Table window This window holds the following information: Parameter Description IGMP Group Detail...
Page 278 xStack Stackable Gigabit Layer 3 Switch Manual down until a group report is received which has information pertaining to the source. If no group report packet is received, all source timers will time out and the group record is deleted. V1 Host Timer This timer is based on a host within the multicast group that is running IGMPv1.
Page 279: Ospf Monitoring
xStack Stackable Gigabit Layer 3 Switch Manual OSPF Monitoring This section offers windows regarding OSPF (Open Shortest Path First) information on the Switch, including the OSPF LSDB Table, OSPF Neighbor Table and the OSPF Virtual Neighbor Table. To view these tables, open the Monitoring folder and click OSPF Monitoring.
Page 280: Browse Ospf Neighbor Table
xStack Stackable Gigabit Layer 3 Switch Manual If Adv. Router ID is selected, you must enter the IP address in the Advertisement Router ID field, and then click Find. If LSDB is selected, you must select the type of link state (RtrLink, NetLink, Summary, ASSummary and ASExtLink) in the LSDB Type field, and then click Find.
Page 281: Ospf Virtual Neighbor
xStack Stackable Gigabit Layer 3 Switch Manual To search for OSPF neighbors, enter an IP address and click Find. Valid OSPF neighbors will appear in the OSPF Neighbor Table below. OSPF Virtual Neighbor This table can be found in the OSPF Monitoring folder by clicking on the Browse OSPF Virtual Neighbor Table link. This table displays a list of Virtual OSPF Neighbors of the Switch.
Page 282: Dvmrp Monitoring
Switch. This folder, found in the Monitoring folder, offers 3 screens for monitoring; Browse DVMRP Routing Table, Browse DVMRP Neighbor Address Table and Browse DVMRP Routing Next Hop Table. Information on DVMRP and its features in relation to the DGS-3324SRi can be found in Section 6, under IP Multicast Routing Protocol. Browse DVMRP Routing Table Multicast routing information is gathered and stored by DVMRP in the DVMRP Routing Table, which may be found in the Monitoring folder under Browse DVMRP Monitoring, contains one row for each port in a DVMRP mode.
Page 283: Browse Dvmrp Neighbor Table
xStack Stackable Gigabit Layer 3 Switch Manual Browse DVMRP Neighbor Table This table, found in the Monitoring menu under DVMRP Monitor > Browse DVMRP Neighbor Table contains information about DVMRP neighbors of the Switch. To search this table, enter either an Interface Name or Neighbor Address into the respective field and click the Find button.
Page 284 xStack Stackable Gigabit Layer 3 Switch Manual Figure 9- 35. DVMRP Routing Next Hop Table...
Page 285: Pim Monitoring
xStack Stackable Gigabit Layer 3 Switch Manual PIM Monitoring Multicast routers use Protocol Independent Multicast (PIM) to determine which other multicast routers should receive multicast packets. To find out more information concerning PIM and its configuration on the Switch, see the IP Multicast Routing Protocol chapter of Section 6, Configuration.
Page 286: Switch Maintenance
xStack Stackable Gigabit Layer 3 Switch Manual Section 10 Switch Maintenance TFTP Services Multiple Image Services CF Services Ping Test Save Changes Reset Reboot Services Logout TFTP Services Trivial File Transfer Protocol (TFTP) services allow the Switch’s firmware to be upgraded by transferring a new firmware file from a TFTP server to the Switch.
Page 287: Download Configuration File
xStack Stackable Gigabit Layer 3 Switch Manual Click Start to record the IP address of the TFTP server and initiate the file transfer. Download Configuration File To download a configuration file from a TFTP server, click on the TFTP Service folder in the Maintenance folder and then the Download Configuration File link: Figure 10- 2.
Page 288: Multiple Image Services
xStack Stackable Gigabit Layer 3 Switch Manual Multiple Image Services The Multiple Image Services folder allows users of the xStack family of switches to configure and view information regarding firmware located on the Switch. The Switch allows two firmware images to be stored in its memory and either can be configured to be the boot up firmware for the Switch.
Page 289: Config Firmware Image
CompactFlash Services At the rear of the DGS-3324SRi Switch only, there is an open slot for a CompactFlash card. This 32MB PCMCIA flash card provides high capacity solid-state flash memory for storing information for and from the Switch, such as firmware, configuration files and even save log information kept on the Switch.
Page 290: Cf Card Information
xStack Stackable Gigabit Layer 3 Switch Manual Figure 10- 7. CompactFlash Card Installation NOTE: This CompactFlash Card is hot swappable, and therefore it is unnecessary to power down the Switch when changing CompactFlash cards. CF Card Information The CF Card Information window allows the user to view information about the CompactFlash card located at the back of the Switch.
Page 291: Download Configuration From Cf
xStack Stackable Gigabit Layer 3 Switch Manual Enter the file name, path and Image ID where the user wishes to place the firmware, into the space provided. The Image ID field has three options, Active, 1 and 2. Choosing Active will download the firmware to the Boot Up Image ID, depending on the user’s configuration.
Page 292: Upload Firmware To Cf
xStack Stackable Gigabit Layer 3 Switch Manual Upload Firmware to CF To upload firmware to the CompactFlash card, first open the Upload Firmware to CF window by clicking Maintenance > CF Services > Download & Upload > Upload Firmware to CF. Figure 10- 13.
Page 293: Fs Commands
The windows of this section are used for formatting and changing the settings for the CompactFlash card located at the back of the Switch. These commands relate only to the CompactFlash card and cannot be used for the Switch’s internal memory. Therefore, it will only be used with the DGS-3324SRi member of the xStack family. Format The following window is used to format the CompactFlash card.
Page 294: Copy
xStack Stackable Gigabit Layer 3 Switch Manual accessory. full denotes a full format. full_with_MBR – Denotes that a f u ll format will occur and all sectors of the card will be cleared, including the Master Boot Record. No information will remain on the storage media accessory after a full format. Label Enter a previously set name associated with this storage media accessory.
Page 295: Dir
xStack Stackable Gigabit Layer 3 Switch Manual To remove a directory, enter the full name and path into the space provided and click Apply. This window is used to view directories and files located on the CompactFlash card. To view this window, click Maintenance >...
Page 296: Ping Test
xStack Stackable Gigabit Layer 3 Switch Manual Ping Test Ping is a small program that sends ICMP Echo packets to the IP address you specify. The destination node then responds to or "echoes" the packets sent from the Switch. This is very useful to verify connectivity between the Switch and other nodes on the network.
Page 297: Reset
xStack Stackable Gigabit Layer 3 Switch Manual Parameter Description Save (Only save Clicking the radio button for this entry will save only the current switch configuration to config) NV-RAM. Save Log (Only save Clicking the radio button for this entry will save only the current log file to NV- RAM. log) Save All (Save config Clicking the radio button for this entry will save both the current switch configuration...
Page 298: Reboot System
xStack Stackable Gigabit Layer 3 Switch Manual Reboot System The following menu is used to restart the Switch. Figure 10- 27. Reboot System window Clicking the Yes click-box will instruct the Switch to save the current configuration to non-volatile RAM before restarting the Switch.
Page 299: D-Link Single Ip Management
Configuration Backup/Restore Single IP Management (SIM) Overview Simply put, D-Link Single IP Management is a concept that will stack switches together over Ethernet instead of using stacking ports or modules. There are some advantages in implementing the "Single IP Management" feature: SIM can simplify management of small workgroups or wiring closets while scaling the network to handle increased bandwidth demand.
Page 300: Sim Using The Web Interface
xStack Stackable Gigabit Layer 3 Switch Manual It is connected to the CS through the CS management VLAN. Candidate Switch (CaS) - This is a switch that is ready to join a SIM group but is not yet a member of the SIM group.
Page 301: Topology
xStack Stackable Gigabit Layer 3 Switch Manual Figure 11- 2. SIM Settings window (enabled) The following parameters can be set: Parameters Description SIM State Use the pull down menu to either enable or disable the SIM state on the Switch. Dis- abled will render all SIM functions on the Switch inoperable.
Page 302 xStack Stackable Gigabit Layer 3 Switch Manual Clicking the here link will setup the Java Runtime Environment on your server and lead you to the topology window, as seen below. Figure 11- 4. Single IP Management window - Tree View The Tree View window holds the following information under the Data tab: Parameter Description...
Page 303 xStack Stackable Gigabit Layer 3 Switch Manual Figure 11- 5. Topology view This screen will display how the devices within the Single IP Management Group are connected to other groups and devices. Possible icons in this screen are as follows: Icon Description Group...
Page 304: Tool Tips
xStack Stackable Gigabit Layer 3 Switch Manual Layer 2 candidate switch Layer 3 candidate switch Unknown device Non-SIM devices Tool Tips In the Topology view window, the mouse plays an important role in configuration and in viewing device information. Setting the mouse cursor over a specific device in the topology window (tool tip) will display the same information about a specific device as the Tree view does.
Page 305: Right Click
xStack Stackable Gigabit Layer 3 Switch Manual Figure 11- 7. Port Speed Utilizing the Tool Tip Right Click Right clicking on a device will allow the user to perform various functions, depending on the role of the Switch in the SIM group and the icon associated with it.
Page 306: Commander Switch Icon
xStack Stackable Gigabit Layer 3 Switch Manual Figure 11- 9. Property window Commander Switch Icon Figure 11- 10. Right Clicking a Commander Icon The following options may appear for the user to configure: Collapse - to collapse the group that will be represented by a single icon. Expand - to expand the SIM group, in detail.
Page 307: Member Switch Icon
xStack Stackable Gigabit Layer 3 Switch Manual Figure 11- 11. Property window Member Switch Icon Figure 11- 12. Right Clicking a Member icon The following options may appear for the user to configure: Collapse - to collapse the group that will be represented by a single icon. Expand - to expand the SIM group, in detail.
Page 308: Candidate Switch Icon
xStack Stackable Gigabit Layer 3 Switch Manual Figure 11- 13. Property window Candidate Switch Icon Figure 11- 14. Right Clicking a Candidate icon The following options may appear for the user to configure: Collapse - to collapse the group that will be represented by a single icon. Expand - to expand the SIM group, in detail.
Page 309: Menu Bar
xStack Stackable Gigabit Layer 3 Switch Manual Figure 11- 16. Device Property window. This window holds the following information: Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user. If no Device Name is configured by the name, it will be given the name default and tagged with the last six digits of the MAC Address to identify it.
Page 310: Group
xStack Stackable Gigabit Layer 3 Switch Manual Group Add to group - add a candidate to a group. Clicking this option will reveal the following screen for the user to enter a password for authentication from the Candidate Switch before being added to the SIM group. Click OK to enter the password or Cancel to exit the window.
Page 311: Firmware Upgrade
xStack Stackable Gigabit Layer 3 Switch Manual Firmware Upgrade This screen is used to upgrade firmware from the Commander Switch to the Member Switch. To access the following window, click Single IP Management > Firmware Upgrade. Member Switches will be listed in the table and will be specified by Port (port on the CS where the MS resides), MAC Address, Model Name and Version.
Page 312: Appendix A
xStack Stackable Gigabit Layer 3 Switch Manual Appendix A General IEEE 802.3u 100BASE-TX Fast Ethernet IEEE 802.3ab 1000BASE-T Gigabit Ethernet IEEE 802.1D Spanning Tree IEEE 802.1w Rapid Spanning Tree IEEE 802.1s Multiple Spanning Tree Standards IEEE 802.1 P/Q VLAN IEEE 802.1p Priority Queues IEEE 802.1x Port and MAC Based Access Control IEEE 802.3ad Link Aggregation Control IEEE 802.3x Full-duplex Flow Control...
Page 313 Dimensions: DXS -3326GSR / DXS -3350SR – 441 mm x 430 mm x 44 mm (1U), 19 inch rack- mount width DGS-3324SR and DGS-3324SRi – 3.15kg Weight: DXS-3326GSR – 6.5kg DXS-3350SR – 6.41kg FCC Part 15 Class A/ ICES-003 Class (Canada)
Page 314: Appendix B
xStack Stackable Gigabit Layer 3 Switch Manual Appendix B Cables and Connectors When connecting the Switch to another switch, a bridge or hub, a normal cable is necessary. Please review these products for matching cable pin assignment. The following diagrams and tables show the standard RJ-45 receptacle/connector and their pin assignments. Appendix 1- 1.
Page 315: Appendix C
xStack Stackable Gigabit Layer 3 Switch Manual Appendix C Cable Lengths Use the following table to as a guide for the maximum cable lengths. Standard Media Type Maximum Distance Mini-GBIC 1000BASE-LX, Single-mode fiber module 10km 1000BASE-SX, Multi-mode fiber module 550m 1000BASE-LHX, Single-mode fiber module 40km 1000BASE-ZX, Single-mode fiber module...
Page 316: Glossary
xStack Stackable Gigabit Layer 3 Switch Manual Glossary 1000BASE-LX: A short laser wavelength on multimode fiber optic cable for a maximum length of 550 meters 1000BASE-SX: A long wavelength for a "long haul" fiber optic cable for a maximum length of 10 kilometers 100BASE-FX: 100Mbps Ethernet implementation over fiber.
Page 317 xStack Stackable Gigabit Layer 3 Switch Manual IP address: Internet Protocol address. A unique identifier for a device attached to a network using TCP/IP. The address is written as four octets separated with full-stops (periods), and is made up of a network section, an optional subnet section and a host section.
Page 318 xStack Stackable Gigabit Layer 3 Switch Manual UDP - User Datagram Protocol: An Internet standard protocol that allows an application program on one device to send a datagram to an application program on another device. VLAN - Virtual LAN: A group of location- and topology-independent devices that communicate as if they are on a common physical LAN.
Page 319: International Offices
D-Link at an Authorized D-Link Service Office. The replacement Hardware need not be new or of an identical make, model or part; D-Link may in its discretion may replace the defective Hardware (or any part thereof) with any reconditioned product that D-Link reasonably determines is substantially equivalent (or superior) in all material respects to the defective Hardware.
Page 320 The packaged product shall be insured and shipped to Authorized D-Link Service Office with all shipping costs prepaid. D-Link may reject or return any product that is not packaged and shipped in strict compliance with the foregoing requirements, or for which an RMA number is not visible from the outside of the package.
Page 321: Fcc Warning
- Trademarks Copyright 2005 D-Link Corporation. Contents subject to change without prior notice. D-Link is a registered trademark of D-Link Corporation/ D-Link Systems Inc. All other trademarks belong to their respective proprietors. - Copyright statement...
Page 322 Any repair or replacement will be rendered by D-Link at an Authorized D-Link Service Office. The replacement hardware need not be new or have an identical make, model or part. D-Link may, at its option, replace the defective Hardware or any part thereof with any reconditioned product that D-Link reasonably determines is substantially equivalent (or superior) in all material respects to the defective Hardware.
Page 323 D-Link; and Products that have been purchased from inventory clearance or liquidation sales or other sales in which D-Link, the sellers, or the liquidators expressly disclaim their warranty obligation pertaining to the product. While necessary maintenance or repairs on your Product can be performed by any company, we recommend that you use only an Authorized D-Link Service Office.
Page 324 Product Registration Register online your D-Link product at http://support.dlink.com/register/ Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights.
Page 325: General Terms
Limited Product Warranty Period The Limited Product Warranty Period starts on the date of purchase from D-LINK. Your dated sales or delivery receipt, showing the date of purchase of the product, is your proof of the purchase date. You may be required to provide proof of purchase as a condition of receiving warranty service.
Page 326: Product Type
The replacement part or product takes on the remaining limited warranty status of the removed part or product. The replacement product need not be new or of an identical make, model or part; D-LINK may in its discretion replace the defective product (or any part thereof) with any reconditioned equivalent (or superior) product in all material respects to the defective product.
Page 327 Produkt entsprechend dem Benutzerhandbuch und den weiteren Dokumentationen, die der Benutzer beim Kauf (oder später) erhalten hat, genutzt und gewartet wird. D-LINK garantiert nicht, dass die Produkte störungs- oder fehlerfrei arbeiteten oder dass alle Mängel, Fehler, Defekte oder Kompatibilitätsstörungen beseitigt werden können. Diese Garantie gilt nicht für Probleme wegen: (a) unerlaubter Veränderung oder Hinzufügung, (b) Fahrlässigkeit, Missbrauch oder Zweckentfremdung, einschließlich des Gebrauchs des...
Page 328 Ein (1) Jahr Die oben aufgeführten Garantielaufzeiten gelten für alle D-LINK-Produkte, die in europäischen Staaten ab dem 1. Januar 2004 von D- LINK oder einem autorisierten Fachhändler oder Distributor verkauft werden. Alle vor dem 1. Januar 2004 von D-LINK oder einem autorisierten Vertragshändler oder Distributor verkauften Produkte haben eine Gewährleistung von 5 Jahren;...
Page 329 ; ou (f) du feu, de l’eau, d’une catastrophe naturelle ou autre. La présente garantie ne s’applique pas non plus à un produit dont le numéro de série D-LINK aurait été retiré ou altéré de quelque manière que ce soit.
Page 330 Exécution de la Garantie Produit Limitée En cas de défaut ou d’erreur d’un produit, l’unique obligation de D-LINK se limite à la réparation ou au remplacement gratuit du produit défectueux, au bénéfice de l’acheteur initial, sous réserve que le produit soit rapporté à un Centre de Service Agréé D-LINK pendant la période de garantie.
Page 331 Período de la garantía limitada del producto El período de la garantía limitada del producto se inicia en la fecha en que se realizó la compra a D-LINK. Para el comprador, el comprobante de la fecha de la compra es el recibo de la venta o de la entrega, en el que figura la fecha de la compra del producto. Puede ser necesario tener que presentar el comprobante de la compra a fin de que se preste el servicio de garantía.
Page 332 1 de enero del 2004. Todos los productos comprados en países europeos a D-LINK o a uno de sus proveedores o distribuidores autorizados antes del 1 de enero del 2004 cuentan con 5 años de garantía, excepto las fuentes de alimentación, los ventiladores y los accesorios, que cuentan con 2 años de garantía.
Page 333 (c) movimentazione impropria; (d) guasto di prodotti o servizi non forniti da D-LINK o non soggetti a una garanzia successiva di D-LINK o a un accordo di manutenzione;...
Page 334 1 (Un) anno Il periodo di garanzia sopra specificato relativamente a tutti i prodotti D-LINK venduti nei Paesi europei da D-LINK o da qualsiasi suo rivenditore o distributore autorizzato decorre dal 1° gennaio 2004. Tutti i prodotti venduti nei Paesi europei da D-LINK o da uno qualsiasi dei suoi rivenditori o distributori autorizzati prima del 1°...
Page 335: Technical Support
Technical Support You can find software updates and user documentation on the D-Link website. Tech Support for customers within Australia: D-Link Technical Support over the Telephone: 1300-766-868 Monday to Friday 8:00am to 8:00pm EST Saturday 9:00am to 1:00pm EST D-Link Technical Support over the Internet: http://www.dlink.com.au...
Page 336 You can find software updates and user documentation on the D-Link website. Tech Support for customers within South Eastern Asia and Korea: D-Link South Eastern Asia and Korea Technical Support over the Telephone: +65-6895-5355 Monday to Friday 9:00am to 12:30pm, 2:00pm-6:00pm...
Page 337 Technical Support You can find software updates and user documentation on the D-Link website. Tech Support for customers within India D-Link Technical Support over the Telephone: +91-22-26526741 +91-22-26526696 –ext 161 to 167 Monday to Friday 9:30AM to 7:00PM D-Link Technical Support over the Internet: http://ww.dlink.co.in...
Page 338 Technical Support You can find software updates and user documentation on the D-Link website. D-Link provides free technical support for customers for the duration of the warranty period on this product. Customers can contact D-Link technical support through our web site or by phone.
Page 339 Technical Support You can find software updates and user documentation on the D-Link website. Tech Support for customers within the U.A.E & North Africa: D-Link Technical Support over the Telephone: (971) 4-391-6480 (U.A.E) Sunday to Wednesday 9:00am to 6:00pm GMT+4 Thursday 9:00am to 1:00pm GMT+4 D-Link Middle East &...
Page 340 You can find software updates and user documentation on the D-Link website. Tech Support for customers within South Africa and Sub Sahara Region: D-Link South Africa and Sub Sahara Technical Support over the Telephone: +27-12-665-2165 08600 DLINK ( For South Africa only )
Page 341 Technical Support You can find updates and user documentation on the D-Link website Tech Support for Latin America customers: D-Link Technical Support over the followings Telephones: Argentina: 0800-666 1442 Monday to Friday 09:00am to 22:00pm Chile: 800-214 422 Monday to Friday 08:00am to 21:00pm...
Page 342 Обновления программного обеспечения и документация доступны на Интернет-сайте D-Link. D-Link предоставляет бесплатную поддержку для клиентов в течение гарантийного срока. Клиенты могут обратиться в группу технической поддержки D-Link по телефону или через Интернет. Техническая поддержка D-Link: (095) 744-00-99 Техническая поддержка через Интернет http://www.dlink.ru...
Page 343 El servicio de soporte técnico tiene presencia en numerosos países de la Región Latino América, y presta asistencia gratuita a todos los clientes de D-Link, en forma telefónica e internet, a través de la casilla soporte@dlinkla.com Soporte Técnico Help Desk Argentina: Teléfono: 0800-6661442 Lunes a Viernes 09:00 am a 22:00 pm...
Page 344 Você pode encontrar atualizações de software e documentação de usuário no site da D-Link Brasil www.dlinkbrasil.com.br. A D-Link fornece suporte técnico gratuito para clientes no Brasil durante o período de vigência da garantia deste produto. Suporte Técnico para clientes no Brasil: Telefone São Paulo (11) 2185-9301...
Page 346 Technical Support You can find software updates and user documentation on the D-Link websites. D-Link provides free technical support for customers within Canada, the United Kingdom, and Ireland. Customers can contact D-Link technical support through our websites, or by phone.
Page 347 Technische Unterstützung Aktualisierte Versionen von Software und Benutzerhandbuch finden Sie auf der Website von D-Link. D-Link bietet kostenfreie technische Unterstützung für Kunden innerhalb Deutschlands, Österreichs, der Schweiz und Osteuropas. Unsere Kunden können technische Unterstützung über unsere Website, per E-Mail oder telefonisch anfordern.
Page 348: Assistance Technique
Assistance technique Vous trouverez la documentation et les logiciels les plus récents sur le site web D-Link. Le service technique de D-Link est gratuit pour les clients Etats-Unis durant la période de garantie. Ceux-ci peuvent contacter le service technique de D-Link par notre site internet ou par téléphone.
Page 349 D-Link . D-Link ofrece asistencia técnica gratuita para clientes dentro de España durante el periodo de garantía del producto. Los clientes españoles pueden ponerse en contacto con la asistencia técnica de D-Link a través de nuestro sitio web o por teléfono. Asistencia Técnica de D-Link por teléfono:...
Page 350 Supporto tecnico Gli ultimi aggiornamenti e la documentazione sono disponibili sul sito D-Link. Supporto tecnico per i clienti residenti in Italia D-Link Mediterraneo S.r.L. Via N. Bonnet 6/B 20154 Milano Supporto Tecnico dal lunedì al venerdì dalle ore 9.00 alle ore 19.00 con orario continuato...
Page 351 Technical Support You can find software updates and user documentation on the D-Link website. D-Link provides free technical support for customers within Benelux for the duration of the warranty period on this product. Benelux customers can contact D-Link technical support through our website, or by phone.
Page 352: Pomoc Techniczna
Pomoc techniczna Najnowsze wersje oprogramowania i dokumentacji użytkownika można znaleźć w serwisie internetowym firmy D-Link. D-Link zapewnia bezpłatną pomoc techniczną klientom w Polsce w okresie gwarancyjnym produktu. Klienci z Polski mogą się kontaktować z działem pomocy technicznej firmy D-Link za pośrednictwem Internetu lub telefonicznie.
Page 353 Technická podpora Aktualizované verze software a uživatelských příruček najdete na webové stránce firmy D-Link. D-Link poskytuje svým zákazníkům bezplatnou technickou podporu Zákazníci mohou kontaktovat oddělení technické podpory přes webové stránky, mailem nebo telefonicky Web: http://www.dlink.de E-Mail: support@dlink.de Telefon: +49 (1805)-2787 Telefonická...
Page 354 Technikai Támogatás Meghajtó programokat és frissítéseket a D-Link Magyarország weblapjáról tölthet le. Telefonon technikai segítséget munkanapokon hétfőtől- csütörtökig 9.00 – 16.00 óráig és pénteken 9.00 – 14.00 óráig kérhet a (1) 461-3001 telefonszámon vagy a support@dlink.hu emailcímen. Magyarországi technikai támogatás : D-Link Magyarország...
Page 355 Teknisk Support Du kan finne programvare oppdateringer og bruker dokumentasjon på D-Links web sider. D-Link tilbyr sine kunder gratis teknisk support under produktets garantitid. Kunder kan kontakte D-Links teknisk support via våre hjemmesider, eller på tlf. Teknisk Support: D-Link Teknisk telefon Support:...
Page 356 Teknisk Support Du finder software opdateringer og bruger- dokumentation på D-Link’s hjemmeside. D-Link tilbyder gratis teknisk support til kunder i Danmark i hele produktets garantiperiode. Danske kunder kan kontakte D-Link’s tekniske support via vores hjemmeside eller telefonisk. D-Link teknisk support over telefonen: Tlf.
Page 357 Teknistä tukea asiakkaille Suomessa: D-Link tarjoaa teknistä tukea asiakkailleen. Tuotteen takuun voimassaoloajan. Tekninen tuki palvelee seuraavasti: Arkisin klo. 9 - 21 numerosta 0800-114 677 Internetin kautta Ajurit ja lisätietoja tuotteista. http://www.dlink.fi Sähköpostin kautta voit myös tehdä kyselyitä. support@dlink.fi...
Page 358 Teknisk Support På vår hemsida kan du hitta mer information om mjukvaru uppdateringar och annan användarinformation. D-Link tillhandahåller teknisk support till kunder i Sverige under hela garantitiden för denna produkt. Teknisk Support för kunder i Sverige: D-Link Teknisk Support via telefon: 0770-33 00 35 Vardagar 08.00-20.00...
Page 359 技术支持办公地址：北京市朝阳区建国路 71 号惠通时代广场 C1 座 202 室邮编: 100025 技术支持中心电话：8008868192/(028)85176977 技术支持中心传真：(028)85176948 维修中心地址：北京市海淀区中关村南大街 9 号理工大厦 1107 室邮编:100081 维修中心电话：(010)68477035/68477036/68477037 维修中心传真：(010)68477036 网址：http://www.dlink.com.cn 办公时间：周一到周五，早09:00到晚18:00...
Page 360 Technical Support You can find software updates and user documentation on the D- Link website. D-Link provides free technical support for customers within the United States and within Canada for the duration of the warranty period on this product. U.S. and Canadian customers can contact D-Link technical support through our website, or by phone.
Page 361 URL: www..d-link.co.za URL: www.dlink.com.au Weena 290 3012 NJ Rotterdam Russia India Netherlands Grafsky per., 14, floor 6 D-Link House, Kurla Bandra Complex Road, Tel: +31-10-282-1445 Moscow Off CST Road, Santacruz (East), Mumbai - Fax: +31-10-282-1331 129626 Russia 400098. URL: www.dlink-benelux.com...
Page 362: Registration Card
8. What category best describes your company? Aerospace Engineering Education Finance Hospital Legal Insurance/Real Estate Manufacturing Retail/Chainstore/Wholesale Government Transportation/Utilities/Communication System house/company Other________________________________ 9. Would you recommend your D-Link product to a friend? Don't know yet 10.Your comments on this product? ______________________________________________________ ________________________ ____________________________ ________________________________________________...

This manual is also suitable for:

Dgs-3324sr Dxs-3326gsr Dxs-3350sr

D-Link DGS-3324SRi User Manual

Preface

Introduction

Installation

Connecting the Switch

Introduction to Switch Management

Introduction to Web-Based Switch Configuration

Configuring the Switch

Security Management

SNMP Manager

Monitoring

Switch Maintenance

D-Link Single IP Management

Quick Links

Related Manuals for D-Link DGS-3324SRi

Summary of Contents for D-Link DGS-3324SRi