D-Link DGS-3600 Series User Manual
  1. Manuals
  2. Brands
  3. D-Link Manuals
  4. Switch
  5. xStack DGS-3600 Series
  6. User manual
D-Link DGS-3600 Series User Manual

D-Link DGS-3600 Series User Manual

Layer 3 gigabit ethernet managed switch
Hide thumbs Also See for DGS-3600 Series:
1
2
3
Table Of Contents
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
Table of Contents

Advertisement

Quick Links

Download this manual See also: Reference Manual, Cli Manual
®

User Manual

®
xStack
DGS-3600 Series
Product Model:
Layer 3 Gigabit Ethernet Managed Switch
Release 2.5
©Copyright 2009. All rights reserved.

Advertisement

Table of Contents
loading

Related Manuals for D-Link DGS-3600 Series

Summary of Contents for D-Link DGS-3600 Series

  • Page 1: User Manual

    ® User Manual ® xStack DGS-3600 Series Product Model: Layer 3 Gigabit Ethernet Managed Switch Release 2.5 ©Copyright 2009. All rights reserved.
  • Page 2 Corporation. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. D-Link Corporation disclaims any proprietary interest in trademarks and trade names other than its own.
  • Page 3 DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with this manual, may cause harmful interference to radio communications.

  • Page 4: Table Of Contents

    DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Table of Contents Preface ......................................xii Intended Readers..................................xiii Typographical Conventions ................................ xiii Notes, Notices, and Cautions ..............................xiii Safety Instructions ..................................xiv Safety Cautions ......................................xiv General Precautions for Rack-Mountable Products ............................xv Protecting Against Electrostatic Discharge ..............................xvi...
  • Page 5 DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Introduction....................................25 Login to Web Manager ....................................25 Web-based User Interface .....................................26 Web Pages........................................27 Administration ...............................28 Device Information ..................................29 IP Address....................................31 IP MTU Settings ..................................33 Stacking ....................................... 34 Port Configuration..................................38 Port Configuration......................................38...
  • Page 6 DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch SNMP User Table ......................................65 SNMP View Table ......................................67 SNMP Group Table.......................................68 SNMP Community Table....................................69 SNMP Host Table ......................................70 SNMP Engine ID ......................................72 sFlow......................................72 sFlow Global Settings ....................................73 sFlow Analyzer Settings....................................73 sFlow Sampler Settings....................................75...
  • Page 7 DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch STP Instance Settings....................................131 STP Port Settings ......................................132 Forwarding & Filtering ................................134 Unicast Forwarding.....................................134 Multicast Forwarding ....................................136 Multicast Filtering Mode.....................................137 LLDP ......................................138 LLDP Global Settings ....................................138 Basic LLDP Port Settings ...................................139 802.1 Extension LLDP Port Settings................................141...
  • Page 8 DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch DHCP/BOOTP Relay ................................201 DHCP / BOOTP Relay Global Settings ..............................201 DHCP/BOOTP Relay Interface Settings..............................203 DHCP Server ..................................... 205 DHCP Server Global Settings ..................................205 DHCP Server Exclude Address Settings ..............................206 DHCP Server Pool Settings..................................206 DHCP Server Dynamic Binding .................................209...
  • Page 9 DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Security .................................277 Traffic Control ................................... 277 Port Security....................................281 Port Security Settings....................................281 Port Security Entries .................................. 282 IP-MAC-Port Binding................................283 IMP Global Settings....................................283 IMP Port Settings ......................................283 IMP Entry Settings......................................285 DHCP Snooping Entries .....................................286 MAC Block List......................................286...
  • Page 10 DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Device Status ..................................... 331 Stacking Information.................................. 331 Module Information ................................... 331 CPU Utilization..................................332 Port Utilization................................... 333 Packets ....................................... 334 Received (RX)......................................334 UMB_cast (RX) ......................................336 Transmitted (TX) ......................................338 Errors ......................................340 Received (RX)......................................340...
  • Page 11 DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch OSPF Monitor.................................... 368 Browse OSPF LSDB Table..................................368 Browse OSPF Neighbor Table ..................................369 Browse OSPF Virtual Neighbor Table................................370 Switch Logs ....................................371 Browse ARP Table ..................................371 MAC Based Access Control Authentication..........................372 Switch Maintenance.............................373...

  • Page 12: Introduction

    Preface ® The xStack DGS-3600 Series User Manual is divided into sections that describe the system installation and operating instructions with examples. Section 1, Introduction - Describes the Switch and its features. Section 2, Installation - Helps you get started with the basic installation of the Switch and also describes the front panel, rear panel, side panels, and LED indicators of the Switch.

  • Page 13: Intended Readers

    ® The xStack DGS-3600 Series User Manual contains information for setup and management of the Switch. The term, “the Switch” will be used when referring to all five switches. This manual is intended for network managers familiar with network management concepts and terminology.

  • Page 14: Safety Instructions

    DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Safety Instructions Use the following safety guidelines to ensure your own personal safety and to help protect your system from potential damage. Throughout this document, the caution icon ( ) is used to indicate cautions and precautions that you need to review and follow.
  • Page 15 DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch  To help protect your system from sudden, transient increases and decreases in electrical power, use a surge suppressor, line conditioner, or uninterruptible power supply (UPS).  Position system cables and power cables carefully; route cables so that they cannot be stepped on or tripped over. Be sure that nothing rests on any cables.

  • Page 16: Protecting Against Electrostatic Discharge

    DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CAUTION: The system chassis must be positively grounded to the rack cabinet frame. Do not attempt to connect power to the system until grounding cables are connected. A qualified electrical inspector must inspect completed power and safety ground wiring. An energy hazard will exist if the safety ground cable is omitted or disconnected.

  • Page 17: Gigabit Ethernet Technology

    The following manual describes the installation, maintenance and configurations concerning members of the D-Link DGS-3600 Series, including the DGS-3612, DGS-3612G, DGS-3627, DGS-3627G, and the DGS-3650. These five switches are identical in configurations and very similar in basic hardware and consequentially, most of the information in this manual will be universal to the total group of Switches.
  • Page 18 DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Switch has four 1000Mbps SFP combo ports located on the front panel. These gigabit combo ports are ideal for connecting to a server or network backbone. The DGS-3627G contains twenty-four 1000Mbps SFP (Small Form Factor Portable) ports, in addition to four 1000BASE-T located on the front panel.

  • Page 19: Xstack ® Dgs-3600 Series

    DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch IEEE 802.3x flow control in full duplex mode  IEEE 802.1p Priority Queues  IEEE 802.3u 100BASE-TX compliant  RS-232 DCE console port for Switch management  Provides parallel LED display for port status such as link/act, speed, etc.

  • Page 20: Front-Panel Components

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch 200 Redundant Power *DGS-3612 & DGS-3612G only Supply NOTE: The SFP combo ports on the Switch cannot be used simultaneously with the corresponding 1000BASE-T ports. If both ports are in use at the same time (ex. port 1 of the SFP and port 1 of the 1000BASE-T), the SFP ports will take priority over the combo ports and render the 1000BASE-T ports inoperable.

  • Page 21: Ports

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 1- 4. Front Panel of the DGS-3627G DGS-3650  Forty-eight 10/100/1000BASE-T ports  Four Combo SFP ports located to the right  One female DCE RS -232 DB-9 console port ...

  • Page 22: Rear Panel Description

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 1- 6. DGS-3612G LEDs Figure 1- 7. DGS-3627 LEDs Figure 1- 8. DGS-3627G LEDs Figure 1- 9. DGS-3650 LEDs Figure 1- 10. DGS-3612 LEDs Rear Panel Description The rear panels of the DGS-3612, DGS-3612G, DGS-3627, DGS-3627G and the DGS-3650 are described below.

  • Page 23: Side Panel Description

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 1- 12. Rear panel view of the DGS-3612G DGS-3627 and DGS-3627G The rear panel of DGS-3627 and DGS-3627G contain an AC power connector, an outlet for an optional external RPS, and three slots for additional 10GE optional modules.
  • Page 24 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 1- 17. Side Panels of the DGS-3627 Figure 1- 18. Side Panels of the DGS-3627G Figure 1- 19. Side Panels of the DGS-3650...

  • Page 25: Ge Uplink Modules

    ® At the rear of the xStack DGS-3600 Series switches reside optional module slots. This slot may be equipped with the DEM- 410X single-port 10GE XFP uplink module, or a DEM-410CX single-port 10GE CX4 uplink module, both sold separately. Adding the DEM-410X optional module will allow the administrator to add a single-port 10GE stacking module which will transmit information at a rate of ten gigabits a second.

  • Page 26: Installing The Sfp Ports

    ® The xStack DGS-3600 Series switches are equipped with SFP (Small Form Factor Portable) ports, which are to be used with fiber-optical transceiver cabling in order to uplink various other networking devices for a gigabit link that may span great distances.

  • Page 27: Installation

    DCE RS-232 console cable  If any item is missing or damaged, please contact your local D-Link Reseller for replacement. Before You Connect to the Network The site where you install the Switch may greatly affect its performance. Please follow these guidelines for setting up the Switch.

  • Page 28: Installing The Switch Without The Rack

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Installing the Switch without the Rack When installing the Switch on a desktop or shelf, the rubber feet included with the Switch should first be attached. Attach these cushioning feet on the bottom at each corner of the device. Allow enough ventilation space between the Switch and any other objects in the vicinity.

  • Page 29: Mounting The Switch In A Standard 19" Rack

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Mounting the Switch in a Standard 19" Rack CAUTION: Installing systems in a rack without the front and side stabilizers installed could cause the rack to tip over, potentially resulting in bodily injury under certain circumstances. Therefore, always install the stabilizers before installing components in the rack.

  • Page 30: Features

    ® The xStack DGS-3600 Series switches are equipped with a redundant power supply feature. Follow the instructions below to connect a RPS power supply (DPS-500) to the DGS-3627/DGS-3627G/DGS-3612G/DGS-3650. The DPS-500 is a redundant power-supply unit designed to conform to the voltage requirements of the switches being supported. DPS-500 can be installed into the DPS-900, or DPS-800.
  • Page 31 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Connect to RPS The DPS-500 is connected to the Master Switch using a 14-pin DC power cable. A standard, three-pronged AC power cable connects the redundant power supply to the main power source.
  • Page 32 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch DPS-200 ® The xStack DGS-3612 switch can connect an RPS power supply to the Switch (DPS-200) redundant power-supply unit designed to conform to the voltage requirements of the switches being supported. The DPS-200 is a redundant power-supply unit designed to conform to the voltage requirements of the switches being supported.
  • Page 33 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch DPS-800 The DPS-800 is a standard-size rack mount (1 standard unit in height) designed to hold up to two DPS-200 redundant power supplies. Figure 2 - 8. Install DPS-200 in DPS-800 The RPS can be mounted in a standard 19"...

  • Page 34: Connecting The Switch

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Section 3 Connecting the Switch Switch to End Node Switch to Hub or Switch Connecting to Network Backbone or Server NOTE: All 10/100/1000Mbps NWay Ethernet ports can support both MDI- II and MDI-X connections.

  • Page 35: Switch To Hub Or Switch

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Switch to Hub or Switch These connections can be accomplished in a number of ways using a normal cable. A 10BASE-T hub or switch can be connected to the Switch via a twisted-pair Category 3, 4 or 5 UTP/STP cable.

  • Page 36: Connecting To Network Backbone Or Server

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Connecting To Network Backbone or Server The two Mini-GBIC combo ports are ideal for uplinking to a network backbone or server. The copper ports operate at a speed of 1000, 100, or 10Mbps in full duplex mode. The fiber optic ports can operate at 1000Mbps in full duplex mode. Connections to the Gigabit Ethernet ports are made using fiber optic cable or Category 5 copper cable, depending on the type of port.

  • Page 37: Introduction To Switch Management

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Section 4 Introduction to Switch Management Management Options Web-based Management Interface SNMP-Based Management Managing User Accounts Command Line Console Interface through the Serial Port Connecting the Console Port (RS-232 DCE)

  • Page 38: Command Line Interface

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch 7. Under Properties, select VT100 for Emulation mode. 8. Select Terminal keys for Function, Arrow, and Ctrl keys. Ensure that you select Terminal keys (not Windows keys). NOTE: When you use HyperTerminal with the Microsoft® Windows® 2000 operating sys- tem, ensure that you have Windows 2000 Service Pack 2 or later installed.

  • Page 39: First Time Connecting To The Switch

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch First Time Connecting to the Switch The Switch supports user-based security that can allow you to prevent unauthorized users from accessing the Switch or changing its settings. This section tells how to log onto the Switch.

  • Page 40: Snmp Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The switch will then prompt the user for a password. Type the <password> used for the administrator account being  created and press the Enter key. Again, the user will be prompted to enter the same password again to verify it. Type the same password and press ...

  • Page 41: Ip Address Assignment

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch SNMP v.3 uses a more sophisticated authentication process that is separated into two parts. The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers. The second part describes what each user on that list can do as an SNMP manager.
  • Page 42 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch MLD Snooping : Disabled : Disabled DVMRP : Disabled : Disabled OSPF : Disabled TELNET : Enabled (TCP 23) CTRL+C ESC q Quit SPACE n Next Page ENTER Next Entry a All Figure 4- 4.

  • Page 43: Web-Based Switch Configuration

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Section 5 Web-based Switch Configuration Introduction Login to Web manager Web-Based User Interface Web Pages Introduction All software functions of the Switch can be managed, configured and monitored via the embedded web-based (HTML) interface.

  • Page 44: Web-Based User Interface

    Select the folder or window to be displayed. The folder icons can be opened to display the hyper- Area 1 linked window buttons and subfolders contained within them. Click the D-Link logo to go to the D- Link website. Area 2 Presents a graphical near real-time image of the front panel of the Switch.

  • Page 45: Web Pages

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Web Pages When you connect to the management mode of the Switch with a web browser, a login window is displayed. Enter a user name and password to access the Switch's management mode.

  • Page 46: Administration

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Section 6 Administration Device Information (DGS-3600 Web Management Tool) IP Address IP MTU Settings Stacking Port Configuration User Accounts Port Mirroring System Log System Severity Settings SNTP Settings MAC Notification Settings...

  • Page 47: Device Information

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Device Information This window contains the main settings for all major functions of the Switch and appears automatically when you log on. To return to the Device Information window, click the DGS-3600 Web Management Tool folder.
  • Page 48 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Serial Port Auto Select the logout time used for the console interface. This automatically logs the user out after Logout an idle period of time, as defined. Choose from the following options: 2 Minutes, 5 Minutes, 10 Minutes, 15 Minutes or Never.

  • Page 49: Ip Address

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch HOL Prevention If this option is enabled it prevents the forwarding of data to a port that is blocked. Traffic that would normally be sent to the buffer memory of the Switch’s TX queue is dropped so that memory usage is conserved and performance across all ports remains high.
  • Page 50 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch 4. If no VLANs have been previously configured on the Switch, you can use the default VLAN Name. The default VLAN contains all of the Switch ports as members. If VLANs have been previously configured on the Switch, you will need to enter the VLAN Name of the VLAN that contains the port connected to the management station that will access the Switch.

  • Page 51: Ip Mtu Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Setting the Switch's IP Address using the Console Interface Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP).

  • Page 52: Stacking

    From firmware release v2.00 of this Switch, the xStack DGS-3600 Series now supports switch stacking, where a set of twelve switches can be combined to be managed by one IP address through Telnet, the GUI interface (web), the console port or through SNMP.

  • Page 53: Stack Switch Swapping

    The stacking feature of the xStack DGS-3600 supports “hot swapping” of switches in and out of the running stack. Users may remove or add switches to the stack without powering down or largely affecting the transfer of data between switches in the stack, with a few minor provisions.

  • Page 54: Stacking Mode Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch If both the Primary Master and the Backup Master are removed, the election process is immediately processed and a new Primary Master and Backup Master is determined. Switches in the stack will clear the configurations of the units removed, and dynamically learned databases, such as ARP, will be cleared as well.

  • Page 55: Ip Interface Setup

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch IP Interface Setup Each VLAN must be configured prior to setting up the VLAN’s corresponding IP interface. An example is presented below: VLAN Name Switch Ports System (default) 5, 6, 7, 8, 21, 22, 23, 24...

  • Page 56: Port Configuration

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Port Configuration This section contains information for configuring various attributes and properties for individual physical ports, including port speed and flow control. Port Configuration To display the following window, click Administration > Port Configuration > Port Configuration, as shown below.

  • Page 57: Port Error Disabled

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Parameter Description From…. To Use the pull-down menus to select the port or range of ports to be configured. State Toggle this field to either enable or disable a given port or group of ports.

  • Page 58: Port Description

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Connection This field will read the uplink status of the individual ports, whether enabled or disabled. Reason Describes the reason why the port has been error-disabled, such as a STP loopback occurrence.

  • Page 59: User Accounts

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 11. Port Auto Negotiation Information window User Accounts Use the User Account Management window to control user privileges. Any existing User Accounts will be displayed in the table below.
  • Page 60 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 13. User Account Add Table window Add a new user by typing in a User Name, and New Password and retype the same password in the Confirm New Password.

  • Page 61: Port Mirroring

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Port Mirroring The Switch allows you to copy frames transmitted and received on a port and redirect the copies to another port. You can attach a monitoring device to the mirrored port, such as a sniffer or an RMON probe, to view details about the packets passing through the first port.

  • Page 62: System Log

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch System Log The System log on the Switch can record event information in its own logs, to designated SNMP trap receiving stations, and to the PC connected to the console manager. The System Log folder contains two main windows System Log Host and System Log Save Mode Settings.

  • Page 63: System Log Save Mode Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Facility Some of the operating system daemons and processes have been assigned Facility values. Processes and daemons that have not been explicitly assigned a Facility may use any of the "local use"...

  • Page 64: System Severity Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch On Demand – Users who choose this method will only save log files when they manually tell the Switch to do so, using the Save Changes window. On Trigger – Users who choose this method will have log files saved to the Switch every time a log event occurs on the Switch.

  • Page 65: Sntp Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch SNTP Settings Time Settings This window is used to configure the time settings for the Switch. To view this window, click Administration > SNTP Settings > Time Settings, as shown below.

  • Page 66: Time Zone And Dst

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Enter the current day, if you would like to update the system clock. Time in HH MM SS Enter the current time in hours, minutes, and seconds. Click Apply to implement changes made.
  • Page 67 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch in +/- HH:MM Mean Time (GMT.) DST Repeating Settings Using repeating mode will enable DST seasonal time adjustment. Repeating mode requires that the DST beginning and ending date be specified using a formula. For example, specify to begin DST on Saturday during the second week of April and end DST on Sunday during the last week of October.

  • Page 68: Mac Notification Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch MAC Notification Settings MAC Notification is used to monitor MAC addresses learned and entered into the forwarding database. globally notification Switch, click Admininstration > MAC Notification Settings, as shown. Global Settings...
  • Page 69 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 23. TFTP Services window The following parameters can be configured: Parameter Description Operation Select a service for the TFTP server to perform from the drop down window: Download Firmware - Enter the IP address of the TFTP server and specify the ...

  • Page 70: File System Services

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch File System Services The Switch contains a 15-megabyte Flash memory where the user may store files for further use on the Switch. The user may place over 200 re-nameable files on the FAT 16 mode Flash memory, of which the user has the option of setting firmware images and configuration files as boot up files, upon the next reboot of the Switch.

  • Page 71: Directory

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 25. Media Information window This window offers the following information about the internal Flash Drive. Parameter Description Drive ID The name of the drive of the memory. There is only one drive in the Flash and it is named C:.

  • Page 72: Rename

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 26. Directory window The previous window contains the following information: Parameter Description Unit Use the drop down menu to select the unit you wish to configure. Drive ID Enter the name of the drive located on the Flash memory.

  • Page 73: Copy

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 27. Rename window Copy This window is used to copy a directory located within the Flash memory of the switch. To view this window, click Administration > File System Services > Copy, as shown below.

  • Page 74: Ping Test

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Ping Test Ping is a small program that sends ICMP Echo packets to the IP address you specify. The destination node then responds to or "echoes" the packets sent from the Switch. This is very useful to verify connectivity between the Switch and other nodes on the network.

  • Page 75: Ipv6 Ping Test

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch IPv6 Ping Test The following window is used to Ping an IPv6 address. To view this window, click Administration > Ping Test > IPv6 Ping Test, as shown below. Figure 6- 30. IPv6 Ping Test window This window allows the following parameters to be configured to ping an IPv6 address.

  • Page 76: Ipv6 Neighbor

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch IPv6 Neighbor IPv6 neighbors are devices on the link-local network that have been detected as being IPv6 devices. These devices can forward packets and keep track of the reachability of routers, as well as if changes occur within link-layer addresses of nodes on the network or if identical unicast addresses are present on the local link.

  • Page 77: Dhcp Auto Configuration Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 32. IPv6 Neighbor Settings – Add window The following fields can be set or viewed: Parameter Description Interface Name Enter the name of the Interface associated with this entry, if any.

  • Page 78: Rspan

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 34. BPDU Tunneling Settings window The following fields can be configured: Parameter Description BPDU Tunneling State Use the drop down menu to Enable or Disable the BPDU state.

  • Page 79: Rspan State Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Source switch – The switch which has the monitored ports or VLANs on it is the source switch. All packets on the source ports or VLANs are copied and sent to the destination switch. When the mirrored packets are sent out from the source switch, an RSPAN VLAN tag is added to every packet.
  • Page 80 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch VID (1-4094) Enter the VLAN ID of the VLAN you wish to Add Find or Delete. The goal of Rx source ports is to monitor as much as possible all the packets received...

  • Page 81: Snmp Manager

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch SNMP Manager SNMP Settings Simple Network Management Protocol (SNMP) is an OSI Layer 7 (Application Layer) designed specifically for managing and monitoring network devices. SNMP enables network management stations to read and modify the settings of gateways, routers, switches, and other network devices.

  • Page 82: Snmp Trap Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch SNMP Trap Settings The following window is used to enable and disable trap settings for the SNMP function on the Switch. To view this window for configuration, click Administration > SNMP Manager > SNMP Trap Settings, as shown below.

  • Page 83: Snmp User Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch To enable or disable linkchange trap settings for individual ports, select the ports using the From and To drop-down menus, enable State using the drop-down menu, and then click Apply.
  • Page 84 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 41. SNMP User Table Configuration window The following parameters can set: Parameter Description User Name Enter an alphanumeric string of up to 32 characters. This is used to identify the SNMP user.

  • Page 85: Snmp View Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch SNMP View Table This window is used to assign views to community strings that define which MIB objects can be accessed by a remote SNMP manager. To view this window, click Administration > SNMP Manager > SNMP View Table, as shown below.

  • Page 86: Snmp Group Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch To implement your new settings, click Apply. To return to the SNMP View Table window, click the Show All SNMP View Table Entries link. SNMP Group Table An SNMP Group created with this table maps SNMP users (identified in the SNMP User Table) to the views created in the previous menu.

  • Page 87: Snmp Community Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 46. SNMP Group Table Configuration window The following parameters can set: Parameter Description Group Name Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP group of SNMP users.

  • Page 88: Snmp Host Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch To view this window, click Administration > SNMP Manager > SNMP Community Table, as shown below. Figure 6- 47. SNMP Community Table window The following parameters can set: Parameter Description...
  • Page 89 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 49. SNMP Host Table Configuration window for IPv4 The following parameters can set: Parameter Description Host IPv4 Address Type the IPv4 address of the remote management station that will serve as the SNMP host for the Switch.

  • Page 90: Snmp Engine Id

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch level. Community String or Type in the community string or SNMP V3 user name as appropriate. SNMP V3 User Name To implement your new settings, click Apply. To return to the SNMP Host Table window, click the...

  • Page 91: Sflow Global Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch sFlow Global Settings The following window is used to globally enable the sFlow feature for the Switch. Simply use the pull-down menu and click Apply to enable or disable sFlow. This window will also display the sFlow version currently being utilized by the Switch, along with the sFlow Address that is the Switch’s IP address.
  • Page 92 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Countdown Time Displays the current time remaining before this Analyzer server times out. When the server times out, all sFlow samples and counter polls associated with this server will be deleted.

  • Page 93: Sflow Sampler Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch (300-1400) sFlow datagram. Users may select a value between 300 and 1400 bytes with a default setting of 1400 bytes. Click Apply to save changes made. sFlow Sampler Settings This window will allow users to configure the Switch’s settings for taking sample packets from the network, including the sampling rate and the amount of the packet header to be extracted.

  • Page 94: Sflow Poller Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 57. sFlow Sampler Add window The following fields may be set: Parameter Description Select the unit you wish to configure. Unit From… To Choose the beginning and ending range of ports to be configured for packet sampling.
  • Page 95 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The following fields are displayed: Parameter Description Port Displays the port from which packet counter samples are being taken. Analyzer Server ID Displays the ID of the Analyzer Server where datagrams, containing the packet counter polling information taken using this polling mechanism, will be sent.

  • Page 96: Single Ip Management Settings

    Single IP Management Settings Single IP Management (SIM) Overview D-Link Single IP Management is a concept that stacks switches together over Ethernet instead of using stacking ports or modules. There are some advantages in implementing the "Single IP Management" feature: 1.

  • Page 97: Sim Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The Upgrade to v1.61 To better improve SIM management, the Switch has been upgraded to version 1.61 in this release. Many improvements have been made, including: 1. The Commander Switch (CS) now has the capability to automatically rediscover member switches that have left the SIM group, either through a reboot or web malfunction.
  • Page 98 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 61. SIM Settings window (Enabled) If the Switch Administrator wishes to configure the Switch as a Commander Switch (CS), select commander from the Role State field and click Apply.

  • Page 99: Topology

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Topology The Topology window will be used to configure and manage the Switch within the SIM group and requires Java script to function properly on your computer. The Java Runtime Environment on your server should initiate and lead you to the topology window, as seen below.
  • Page 100 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch To view the Topology Map, click the View menu in the toolbar and then Topology, which will produce the following window. The Topology View will refresh itself periodically (20 seconds by default).

  • Page 101: Tool Tips

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Non-SIM devices Tool Tips In the Topology View window, the mouse plays an important role in configuration and in viewing device information. Setting the mouse cursor over a specific device in the topology window (tool tip) will display the same information about a specific device as the Tree view does.

  • Page 102: Group Icon

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Group Icon Figure 6- 66. Right-Clicking a Group Icon The following options may appear for the user to configure: Collapse - To collapse the group that will be represented by a single icon.

  • Page 103: Commander Switch Icon

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Commander Switch Icon Figure 6- 68. Right-Clicking a Commander Icon The following options may appear for the user to configure: Collapse - To collapse the group that will be represented by a single icon.

  • Page 104: Menu Bar

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Add to group - Add a candidate to a group. Clicking this option will reveal the following window for the user to  enter a password for authentication from the Candidate Switch before being added to the SIM group. Click OK to enter the password or Cancel to exit the window.

  • Page 105: Firmware Upgrade

    DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch NOTE: Upon this firmware release, some functions of the SIM can only be configured through the Command Line Interface. See the DGS-3600 Series CLI Manual for more information on SIM and its configurations.

  • Page 106: Upload Log File

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 6- 75. Configuration File Backup/Restore window Upload Log File The following window is used to upload log files from SIM member switches to a specified PC. To upload a log file, enter the IP address of the SIM member switch and then enter a path on your PC where you wish to save this file.

  • Page 107: L2 Features

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Section 7 L2 Features VLAN Trunking IGMP Snooping MLD Snooping Loopback Detection Global Settings Spanning Tree Forwarding & Filtering LLDP QinQ The following section will aid the user in configuring security functions for the Switch all functions are discussed in detail in the following section.
  • Page 108 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Notes About VLANs on the Switch No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership, packets cannot cross VLANs without a network device performing a routing function between the VLANs.

  • Page 109: Q Vlan Tags

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch 802.1Q VLAN Tags The figure below shows the 802.1Q VLAN tag. There are four additional octets inserted after the source MAC address. Their presence is indicated by a value of 0x8100 in the EtherType field. When a packet's EtherType field is equal to 0x8100, the packet carries the IEEE 802.1Q/802.1p tag.

  • Page 110: Tagging And Untagging

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Prior to the adoption of 802.1Q VLANs, port-based and MAC-based VLANs were in common use. These VLANs relied upon a Port VLAN ID (PVID) to forward packets. A packet received on a given port would be assigned that port's PVID and then be forwarded to the port that corresponded to the packet's destination address (found in the Switch's forwarding table).

  • Page 111: Vlan Segmentation

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch NOTE: If no VLANs are configured on the Switch, then all packets will be forwarded to any destination port. Packets with unknown source addresses will be flooded to all ports.

  • Page 112: Static Vlan Entries

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Static VLAN Entries This window is used to create static VLAN entries on the switch. To view this window, click L2 Features > VLAN > Static VLAN Entries, as shown below.
  • Page 113 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch NOTE: When the PVID Auto Assign function is disabled, users must manually configure the PVID for untagged ports or the host may not connect to the Switch correctly. The following fields can then be set in either the Add or Modify 802.1Q Static VLANs windows:...

  • Page 114: Gvrp Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch GVRP Settings This window allows you to determine whether the Switch will share its VLAN configuration information with other GARP VLAN Registration Protocol (GVRP) enabled switches. In addition, Ingress Checking can be used to limit traffic by filtering incoming packets whose VID does not match the PVID of the port.
  • Page 115 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch From…To These two fields allow you to specify the range of ports that will be included in the Port-based VLAN that you are creating using the 802.1Q Port Settings window.

  • Page 116: Double Vlan

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Double VLAN Double or Q-in-Q VLANs allow network providers to expand their VLAN configurations to place customer VLANs within a larger inclusive VLAN, which adds a new layer to the VLAN configuration. This basically lets large ISP's create L2 Virtual Private Networks and also create transparent LANs for their customers, which will connect two or more customer LAN points without over-complicating configurations on the client's side.

  • Page 117: Regulations For Double Vlans

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Regulations for Double VLANs Some rules and regulations apply with the implementation of the Double VLAN procedure. 1. All ports must be configured for the SPVID and its corresponding TPID on the Service Provider’s edge switch.
  • Page 118 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 10. Double VLAN State Settings window (Enabled) Parameters shown in the previous window are explained below: Parameter Description Double VLAN Use the pull-down menu to enable or disable the Double VLAN function on this Switch. Enabling...
  • Page 119 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Access Ports These are the ports that are set as access ports on the Switch. Access ports are for connecting Switch VLANs to customer VLANs. Gigabit ports cannot be configured as access ports.

  • Page 120: Pvid Auto Assign

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Delete Ports – Will allow users to remove ports from the Service Provider VLAN configured, using the Port List field below. Config TPID – Will allow users to configure the Tagged Protocol ID of the Service Provider VLAN, in hex form.

  • Page 121: Protocol Vlan

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The following parameters can be configured Parameter Description MAC Address Specifies the MAC Address of the entry you wish to Add or Find. VLAN Name Specifies the VLAN to be associated with the MAC Address.

  • Page 122: Protocol Vlan Group Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Protocol VLAN Group Settings This window is used to begin the Protocol Group VLAN configurations. To view this window, click L2 Features > VLAN > Protocol VLAN > Protocol VLAN Group Settings, as shown below.

  • Page 123: Protocol Vlan Port Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Protocol VLAN Port Settings The following window is used to add a Protocol VLAN Group profile to a port or list of ports and adjust the tags for incoming untagged packets before being relayed through the Switch.

  • Page 124: Trunking

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Trunking Understanding Port Trunk Groups Port trunk groups are used to combine a number of ports together to make a single high-bandwidth data pipeline. The Switch supports this function on all its 10/100/1000 Ethernet Ports and on all its 10G interfaces. The 10/100/1000 ports support up to 32 port trunk groups with 2 to 8 ports in each group.

  • Page 125: Link Aggregation

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Link aggregation allows several ports to be grouped together and to act as a single link. This gives a bandwidth that is a multiple of a single link's bandwidth. Link aggregation is most commonly used to link a bandwidth intensive network device or devices, such as a server, to the backbone of a network.
  • Page 126 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 21. Link Aggregation Group Configuration window The user-changeable parameters are as follows: Parameter Description Group ID Select an ID number for the group, between 1 and 32. Type This pull-down menu allows you to select between Static and LACP (Link Aggregation Control Protocol).

  • Page 127: Lacp Port Settings

    IGMP messages passing through the Switch. In order to use IGMP Snooping it must first be enabled for the entire Switch (see the DGS-3600 Web Management Tool). You may then fine-tune the settings for each VLAN using the IGMP Snooping link in the L2 Features folder. When enabled for IGMP snooping, the Switch can open or close a port to a specific multicast group member based on IGMP messages sent from the device to the IGMP host or vice versa.
  • Page 128 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 23. IGMP Snooping Settings window Clicking the Modify button will open the IGMP Snooping Settings – Edit window, shown below: Figure 7- 24. IGMP Snooping Settings – Edit window...
  • Page 129 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch increased packet loss. This entry field allows an entry of 1 to 255. Default = 2. Last Member Query This field specifies the maximum amount of time between group-specific query messages, Interval (1-25 sec) including those sent in response to leave group messages.

  • Page 130: Router Port Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Router Port Settings A static router port is a port that has a multicast router attached to it. Generally, this router would have a connection to a WAN or to the Internet. Establishing a router port will allow multicast packets coming from the router to be propagated through the network, as well as allowing multicast messages (IGMP) coming from the network to be propagated to the router.
  • Page 131 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 26. Router Port – Modify window The following parameters can be set: Parameter Description VID (VLAN ID) This is the VLAN ID that, along with the VLAN Name, identifies the VLAN where the multicast router is attached.

  • Page 132: Ism Vlan Settings Window

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch ISM VLAN Settings window In a switching environment, multiple VLANs may exist. Every time a multicast query passes through the Switch, the switch must forward separate different copies of the data to each VLAN on the system, which, in turn, increases data traffic and may clog up the traffic path.
  • Page 133 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 29. IGMP Snooping Multicast VLAN Settings – Add/Modify window Both the Add and Modify windows of the IGMP Multicast VLAN Settings have the following configurable fields. Parameter Description VLAN Name Enter the name of the new Multicast VLAN to be created.

  • Page 134: Ip Multicast Address Range Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch IP Multicast Address Range Settings Users can configure the range of multicast addresses that will be accepted by the source port to be forwarded to the receiver ports. The following window will be displayed for the user.

  • Page 135: Limited Multicast Address Range Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Limited Multicast Address Range Settings The Limited IP Multicast Range window allows the user to specify which multicast address(es) reports are to be received on specified ports on the Switch. This...

  • Page 136: Mld Snooping

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch MLD Snooping Multicast Listener Discovery (MLD) Snooping is an IPv6 function used similarly to IGMP snooping in IPv4. It is used to discover ports on a VLAN that are requesting multicast data. Instead of flooding all ports on a selected VLAN with multicast traffic, MLD snooping will only forward multicast data to ports that wish to receive this data through the use of queries and reports produced by the requesting ports and the source of the multicast traffic.
  • Page 137 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 35. MLD Snooping Settings - Edit window The following parameters may be viewed or modified: Parameter Description VLAN ID This is the VLAN ID that, along with the VLAN Name, identifies the VLAN for which to modify the MLD Snooping Settings.

  • Page 138: Mld Router Port Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch listener report. The user may specify a time between 1 and 16711450 with a default setting of 260 seconds. Done Timer (1-16711450 sec) Specifies the maximum amount of time a router can remain in the Switch after receiving a done message from the group without receiving a node listener report.
  • Page 139 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 37. Router Port window (Modify) The following parameters can be set: Parameter Description VID (VLAN ID) This is the VLAN ID that, along with the VLAN Name, identifies the VLAN where the MLD multicast router is attached.

  • Page 140: Loopback Detection Global Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Loopback Detection Global Settings The Loopback Detection function is used to detect the loop created by a specific port. This feature is used to temporarily shutdown a port on the Switch when a CTP (Configuration Testing Protocol) packet has been looped back to the switch. When the Switch detects CTP, packets are received from a port it signifies a loop on the network.
  • Page 141 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The following parameters can be configured. Parameter Description Loopdetect Status Use the drop-down menu to enable or disable loopback detection. The default is Disabled. Loopdetect Trap None – The trap will not be sent in any situation.

  • Page 142: Spanning Tree

    STP will be familiar to most networking professionals. However, since 802.1w RSTP and 802.1s MSTP has been recently introduced to D-Link managed Ethernet switches, a brief introduction to the technology is provided below followed by a description of how to set up 802.1D STP, 802.1w RSTP and 802.1s MSTP.

  • Page 143: Edge Port

    Switch, such as BPDU packets looped back from an unmanaged switch connected to a DGS-3600 Series switch. To maintain the consistency of the throughput, the DGS-3600 Series switch implements the STP Loopback Detection function.

  • Page 144: Stp Bridge Global Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Regulations and Restrictions for the Loopback Detection Function All three versions of STP (STP, RSTP and MSTP) can enable this feature.  May be configured globally (STP Global Bridge Settings), or per port (MSTP Port Information).
  • Page 145 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 41. STP Bridge Global Settings – STP Compatible window NOTE: The Hello Time cannot be longer than the Max. Age. Otherwise, a configuration error will occur. Observe the following formulas when setting the above parameters: Max.

  • Page 146: Mst Configuration Identification

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Loopback Detection This feature is used to temporarily shutdown a port on the Switch when a BPDU packet has been looped back to the switch. When the Switch detects its own BPDU packet coming back, it signifies a loop on the network.
  • Page 147 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch 65535) the Switch. The user may choose a value between 0 and 65535 with a default setting of 0. MSTI ID This field shows the MSTI IDs currently set on the Switch. This field will always have the CIST MSTI, which may be configured but not deleted.

  • Page 148: Mstp Port Information

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Remove VID - Select this parameter to remove VIDs from the MSTI ID, in con-  junction with the VID List parameter. VID List (1-4094) This field is used to specify the VID range from configured VLANs set on the Switch. Supported VIDs on the Switch range from ID number 1 to 4094.

  • Page 149: Stp Instance Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 46. MSTP Port Information window To view the MSTI settings for a particular port, select the Port number, located in the top left hand corner of the screen and click Apply.

  • Page 150: Stp Port Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 48. STP Instance Settings window The following information is displayed: Parameter Description Instance Type Displays the instance type(s) currently configured on the Switch. Each instance type is classified by a MSTI ID.
  • Page 151 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 50. STP Port Settings window The following STP Port Settings fields can be set: Parameter Description Unit Select the unit you wish to configure. From…To A consecutive group of ports may be configured starting with the selected port.

  • Page 152: Forwarding & Filtering

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The default is 2 seconds. This field is only operable when the Switch is enabled for MSTP. Migration When operating in RSTP mode, selecting yes forces the port that has been selected to transmit RSTP BPDUs.
  • Page 153 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 51. Unicast Forwarding Table window To add or edit an entry, define the following parameters and then click Add: Parameter Description VLAN ID (VID) The VLAN ID number of the VLAN on which the above Unicast MAC address resides.

  • Page 154: Multicast Forwarding

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Multicast Forwarding The following window is used to set up multicast forwarding on the Switch. To view this window, click L2 Features > Forwarding & Filtering > Multicast Forwarding, as shown below.

  • Page 155: Multicast Filtering Mode

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Multicast Filtering Mode To view this window, click L2 Features > Forwarding & Filtering > Multicast Filtering Mode, as shown below. Figure 7- 54. Multicast Filtering Mode Settings window The following parameters can be set:...

  • Page 156: Lldp

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch LLDP The Link Layer Discovery Protocol (LLDP) allows stations attached to a LAN to advertise, to other stations attached to the same LAN segment, the connectivity and management information necessary to identify, to those management entities, the station's point of attachment to the LAN or network.

  • Page 157: Basic Lldp Port Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The following parameters can be set: Parameter Description LLDP Operation When this function is Enabled, the switch can start to transmit LLDP packets and receive and process the LLDP packets. The specific function of each port will depend on the per port State LLDP setting.
  • Page 158 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 7- 56. Basic LLDP Port Settings window The following parameters can be set or displayed: Parameter Description Unit Select the desired stacking unit, if applicable. From…To Select a port or group of ports using the pull-down menus.

  • Page 159: Extension Lldp Port Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch System Description Use the drop-down menu to toggle System Description between Enabled and Disabled. System Capabilities Use the drop-down menu to toggle System Capabilities between Enabled and Disabled. Click Apply to implement changes made.

  • Page 160: Extension Lldp Port Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The following parameters can be set or displayed: Parameter Description Unit Select the desired stacking unit, if applicable. From…To Select a port or group of ports using the pull-down menus.

  • Page 161: Lldp Management Address Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The following parameters can be set or displayed: Parameter Description Unit Select the desired stacking unit, if applicable. From…To Select a port or group of ports using the pull-down menus.

  • Page 162: Lldp Statistics

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Parameter Description Unit Select the desired stacking unit, if applicable. From…To Select a port or group of ports using the pull-down menus. Address Type Use the drop-down menu to toggle between IPV4 Address and IPV6 Address.

  • Page 163: Lldp Management Address Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch LLDP Management Address Table The following window is used to make entries to and display the LLDP Management Address Table. To view this window, click L2 Features > LLDP > LLDP Management Address Table, as shown below.

  • Page 164: Lldp Remote Port Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch LLDP Remote Port Table The following window is used to display the LLDP Remote Port Brief Table. To view this window, click L2 Features > LLDP > LLDP Remote Port Table, as shown below.

  • Page 165: Qinq Global Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch QinQ Global Settings This function allows the user to enable or disable the QinQ function. To view this window click L2 Features > QinQ > Global Settings, as shown. Figure 7- 64. QinQ Global Settings window...

  • Page 166: Vlan Translation Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch tagged packet will be dropped if the VLAN translation look up misses. When disabled the packet will not be dropped if the VLAN translation loop up misses. If VLAN translation table lookup misses, the packet can be either dropped or add an outer VLAN based on MAC/SUBNET/PROTOCOL/PORT based VLAN configuration.

  • Page 167: L3 Features

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Section 8 L3 Features Interface Settings MD5 Key Settings Route Redistribution Settings Multicast Static Route Settings Static/Default Route Settings Route Preference Settings Static ARP Settings Gratuitous ARP Settings Policy Route Settings...

  • Page 168: Packet Format

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Expanding the Capabilites for IP Addressing – IPv6 has increased the size of the IP address from 32 bits to 128 bits. As a result, the addressing hierarchy has been greatly expanded, more nodes now have the capability of having a unique IP address and the method of assigning an IP address to an interface has become cleaner and quicker.

  • Page 169: Extension Headers

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Payload Length – Known as the datagram length in IPv4, this 16-bit field specifies the length of the IPv6 data carried after the header of the packet. Extension headers are considered part of the payload and are included in the length specified here.

  • Page 170: Address Format

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch extension headers that must be processed by the final destination node. This part will be divided into multiple packets that are of a size that can be accepted by the Path MTU. The IPv6 header is then included with this fragmented part and sent to its destination.

  • Page 171: Neighbor Discovery

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch main purpose of the anycast address is to identify a set of routers owned by an organization providing Internet service. It could also be used to identify a set of routers connected to a particular subnet or permitting entrance to a specific routing domain.

  • Page 172: Assigning Ip Addresses

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch 4. The address is unreachable (Code 3) 5. The port is unreachable (Code 4) Duplicate Address Detection (DAD) DAD messages are used to specify that there is more than one node on a local link possessing the same IP address. IPv6 addresses are only leased for a defined period of time.

  • Page 173: Interface Settings

    DGS-3600 Series CLI Manual or return to Section 4 of this manual for more information. To change IP settings using the web manager users must access the IP Address window located in the Administration folder.

  • Page 174: Ipv6 Interface Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 3. IPv4 Interface Settings – Edit window Enter a name for the new interface to be added in the Interface Name field (if editing an IP interface, the Interface Name will already be in the top field as seen in the window above).
  • Page 175 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch To view this window, click Interface Settings > IPv6 Interface Settings, as shown below. Figure 8- 4. IPv6 Interface Settings window To add a new IPv6 interface, click the Add button, which will display the following window.
  • Page 176 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 6. IPv6 Interface Settings – Edit window The following fields may be viewed or modified. Click Apply to set changes made. Parameter Description Interface Name This field displays the name for the IP interface or is used to add a new interface or change an existing interface name.
  • Page 177 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch and 255 with a default value of 64. IPv6 Address Use this field to set a Global Unicast Address for the Switch. This address will be used to access the network outside of the local link.

  • Page 178: Md5 Key Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch RA Max Router Used to set the maximum interval time between the dispatch of router advertisements by AdvInterval (s) this interface over the link-local network. This entry must be no less than 4 seconds (4000 milliseconds) and no more than 1800 seconds.
  • Page 179 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 8. Route Redistribution Settings window The following parameters may be set or viewed: Parameter Description Allows for the selection of the protocol for the destination device. Choose between RIP and Dst.

  • Page 180: Multicast Static Route Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Multicast Static Route Settings This window is used to create an IP multicast static route configuration entry. To access the Multicast Static Route Settings window, click L3 Features > Multicast Static Route Settings, as shown below.

  • Page 181: Static/Default Route Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Static/Default Route Settings The Switch supports static routing for IPv4 and IPv6 formatted addressing. Users can create up to 256 static route entries for IPv4 and IPv6 combined. For IPv4 static routes, once a static route has been set, the Switch will send an ARP request packet to the next hop router that has been set by the user.

  • Page 182: Ipv6 Static/Default Route Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 12. IPv4 Static/Default Route Settings – Add window The following fields can be set: Parameter Description IP Address Allows the entry of an IP address that will be a static entry into the Switch’s Routing Table.
  • Page 183 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Interface The IP Interface where the static IPv6 route is created. Next Hop Address The corresponding IPv6 address for the next hop Gateway address in IPv6 format. Metric (1-65535) The metric of the IPv6 interface entered into the table representing the number of routers between the Switch and the IPv6 address above.

  • Page 184: Route Preference Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Route Preference Settings Route Preference is a way for routers to select the best path when there are two or more different routes to the same destination from two different routing protocols. The majority of routing protocols are not compatible when used in conjunction with each other.
  • Page 185 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 15. Route Preference Settings window The following fields can be viewed or set: Parameter Description RIP (1-999) Enter a value between 1 and 999 to set the route preference for RIP. The lower the value, the higher the chance the specified protocol will be chosen as the best path for routing packets.

  • Page 186: Static Arp Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Static ARP Settings The Address Resolution Protocol (ARP) is a TCP/IP protocol that converts IP addresses into physical addresses. This table allows network managers to view, define, modify and delete ARP information for specific devices.

  • Page 187: Gratuitous Arp Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Gratuitous ARP Settings An ARP announcement (also known as Gratuitous ARP) is a packet (usually an ARP Request) containing a valid SHA and SPA for the host which sent it, with TPA equal to SPA. Such a request is not intended to solicit a reply, but merely updates the ARP caches of other hosts which receive the packet.
  • Page 188 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Trap & Log Disabled and event log is also disabled. Gratuitous ARP This is used to configure the interval for the periodical sending of gratuitous ARP request Periodical Send packets. By default, the interval is 0.

  • Page 189: Policy Route Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Policy Route Settings Policy Based routing is a method used by the Switch to give specified devices a cleaner path to the Internet. Used in conjunction with the Access Profile feature, the Switch...
  • Page 190 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 23. Policy Routing – Add window Adjust the following parameters and click Apply to set the new Policy Route, which will be displayed in the Policy Routing Settings window. Click Show All Policy Route Entries to return to the Policy Routing Settings window.

  • Page 191: Ecmp Algorithm Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch ECMP Algorithm Settings ECMP algorithm settings allow the user to set the ECMP load balance algorithm which makes it effective for ECMP routing. ECMP routing can be adopted by either OSPF dynamic routes or by static routes which are configured with equal cost. The OSPF protocol maintains multiple equal-cost routes to all destinations.
  • Page 192 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The Routing Information Protocol is a distance-vector routing protocol. There are two types of network devices running RIP - active and passive. Active devices advertise their routes to others through RIP messages, while passive devices listen to these messages.

  • Page 193: Rip Global Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch RIP 1 Message RIP is not limited to TCP/IP. Its address format can support up to 14 octets (when using IP, the remaining 10 octets must be zeros). Other network protocol suites can be specified in the Family of Source Network field (IP has a value of 2). This will determine how the address field is interpreted.

  • Page 194: Rip Interface Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch RIP Interface Settings RIP settings are configured for each IP interface on the Switch. This window appears in table form listing settings for IP interfaces currently on the Switch. To configure RIP settings for an individual interface, click on the hyperlinked Interface Name.

  • Page 195: Ospf

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Interface Metric A read only field that denotes the Metric value of the current IP Interface setting. Click Apply to implement changes made. OSPF The Open Shortest Path First (OSPF) routing protocol uses a link-state algorithm to determine routes to network destinations. A “link”...
  • Page 196 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 28. Constructing a Shortest Path Tree Figure 8- 29. Constructing a Shortest Path Tree The diagram above shows the network from the viewpoint of Router A. Router A can reach 192.213.11.0 through Router B with a cost of 10 + 5 = 15.
  • Page 197 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Router A 128.213.0.0 Router B Router C 192.213.11.0 222.211.10.0 Figure 8- 30. Constructing a Shortest Path Tree - Completed Note that this shortest path tree is only from the viewpoint of Router A. The cost of the link from Router B to Router A, for instance is not important to constructing Router A’s shortest path tree, but is very important when Router B is constructing its...

  • Page 198: Ospf Authentication

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch network. Border Routers also have the responsibility of distributing routing information from the Autonomous System Border Router in order for routers in the network to get and maintain routes to other Autonomous Systems.

  • Page 199: Designated Router Election

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Authentication  OSPF allows for the configuration of a password for a specific area. Two routers on the same  segment and belonging to the same area must also have the same OSPF password before they can become neighbors.
  • Page 200 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Database Description packet  Link-State Request packet  Link-State Update packet  Link-State Acknowledgment packet  OSPF Packet Header Every OSPF packet is preceded by a common 24-byte header. This header contains the information necessary for a receiving router to determine if the packet should be accepted for further processing.
  • Page 201 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Hello Packet Version No. Packet Length Router ID Area ID Checksum Authentication Type Authentication Authentication Network Mask Hello Interval Options Router Priority Router Dead Interval Designated Router Backup Designated Router Neighbor Figure 8- 32.
  • Page 202 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Database Description Packet Packet Length Version No. Router ID Area ID Checksum Authentication Type Authentication Authentication Reserved I M MS Reserved Options DD Sequence No. Link-State Advertisement Header ... Figure 8- 33. Database Description Packet...
  • Page 203 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Link-State Request Packet Packet Length Version No. Router ID Area ID Checksum Authentication Type Authentication Authentication Link-State Type Link-State ID Advertising Router Figure 8- 34. Link-State Request Packet Each advertisement requested is specified by its Link-State Type, Link-State ID, and Advertising Router. This uniquely identifies the advertisement, but not its instance.
  • Page 204 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Depending on the state of the sending interface and the source of the advertisements being acknowledged, a Link-State Acknowledgment packet is sent either to the multicast address AllSPFRouters, to the multicast address AllDRouters, or as a unicast packet.

  • Page 205: Router Links Advertisements

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Link-State Advertisement Header Link-State Age Options Link-State Type Link-State ID Advertising Router Link-State Sequence Number Link-State Checksum Length Figure 8- 37. Link State Advertisement Header Field Description Link State Age The time is seconds since the link state advertisement was originated.
  • Page 206 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Routers Links Advertisements Link-State Age Options Link-State Type Link-State ID Advertising Router Link-State Sequence Number Link-State Checksum Length Reserved Reserved Number of Links Link ID Link Data Type No. Of TOS...

  • Page 207: Network Links Advertisements

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Link ID Identifies the object that this router link connects to. Value depends on the link’s Type. When connecting to an object that also originates a link state advertisement (i.e. another router or a transit network) the Link ID is equal to the neighboring advertisement’s Link...

  • Page 208: Summary Link Advertisements

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Field Description Network Mask The IP address mask for the network. Attached Router The Router IDs of each of the routers attached to the network. Only those routers that are fully adjacent to the Designated Router (DR) are listed.
  • Page 209 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch when no specific route exists to the destination. When describing a default route, the Link State ID is always set with the Default Destination address (0.0.0.0) and the Network Mask is set to 0.0.0.0.
  • Page 210 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 42. NSSA Area example The NSSA ASBR (Not So Stubby Area Autonomous System Border Router) is receiving External Route information and translating it as an LSA Type-7 packet that will be distributed ONLY to switches within the NSSA (Area 2 in the example above).
  • Page 211 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Field Description Link State This field will hold information concerning information regarding the LS Checksum, Packet Header length, LS sequence number, Advertising Router, Link State ID, LS age, the packet type (Type-7), and the options field.

  • Page 212: Ospf Global Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch OSPF Global Settings This window allows OSPF to be enabled or disabled on the Switch  without changing the Switch’s OSPF configuration. To enable OSPF, first supply an OSPF Route ID (see below), select Enabled from the State drop-down menu and click the Apply button.
  • Page 213 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch To remove an Area ID configuration set, simply click in the Delete column for the configuration. To change an existing set in the list, type the Area ID of the set you want to change, make the changes and click the Add/Modify button.

  • Page 214: Ospf Interface Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch OSPF Interface Settings This window is used to set up OSPF interfaces. If there are no IP interfaces configured (besides the default System interface), only the System interface settings will appear listed. To change settings for in IP interface, click on the hyperlinked name of the interface to see the configuration window for that interface.
  • Page 215 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Router Priority (0- Allows the entry of a number between 0 and 255 representing the OSPF priority of the 255) selected area. If a Router Priority of 0 is selected, the Switch cannot be elected as the Designated Router for the network.

  • Page 216: Ospf Virtual Link Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch OSPF Virtual Link Settings This window shows the current OSPF Virtual Interface Settings. There are no virtual interface settings configured by default, so the first time this table is viewed there will be no interfaces listed. To add a new OSPF virtual interface configuration set to the table, click the Add button.

  • Page 217: Ospf Area Aggregation Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Password/Auth. Key Enter a case-sensitive password for simple authorization or enter the MD5 key you set in the MD5 Key Settings window. Transmit Delay The number of seconds required to transmit a link state update over this virtual link. Transit delay takes into account transmission and propagation delays.

  • Page 218: Ospf Host Route Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Use the following parameters to configure the following settings for OSPF Area Aggregation Settings: Parameter Description Area ID Allows the entry the OSPF Area ID for which the routing information will be aggregated. This Area ID must be previously defined on the Switch.

  • Page 219: Dhcp/Bootp Relay

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The following fields are configured for OSPF host route: Parameter Description Host Address The IP address of the OSPF host. Metric A value between 1 and 65535 that will be advertised for the route.
  • Page 220 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Enabled – When this field is toggled to Enabled the relay agent will insert and remove DHCP relay information (option 82 field) in messages between DHCP servers and clients. When the relay agent receives the DHCP request, it adds the option 82 information, and the IP address of the relay agent (if the relay agent is configured), to the packet.

  • Page 221: Dhcp/Bootp Relay Interface Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Circuit ID sub-option format: VLAN Module Port 1 byte 1 byte 1 byte 1 byte 2 bytes 1 byte 1 byte Sub-option type b. Length Circuit ID type d. Length VLAN: the incoming VLAN ID of DHCP client packet.
  • Page 222 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Parameter Description Interface The IP interface on the Switch that will be connected directly to the Client. Server IP Enter the IP address of the DHCP/BOOTP server. Up to four server IPs can be configured per IP...

  • Page 223: Dhcp Server

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch DHCP Server For this release, the Switch now has the capability to act as a DHCP server to devices within its locally attached network. DHCP, or Dynamic Host Configuration Protocol, allows the switch to delegate IP addresses, subnet masks, default gateways and other IP parameters to devices that request this information.

  • Page 224: Dhcp Server Exclude Address Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch DHCP Server Exclude Address Settings The following window will allow the user to set an IP address, or a range of IP addresses that are NOT to be included in the range of IP addresses that the Switch will allot to clients requesting DHCP service.
  • Page 225 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 61. Config DHCP Pool window The following parameters may be configured or viewed. Parameter Description Pool Name Denotes the name of the DHCP pool for which you are currently adjusting the parameters.
  • Page 226 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch NetBIOS Node This field will allow users to set the type of node server for the previously configured Net BIOS Type Name server. Using the pull-down menu, the user has four node type choices: Broadcast, Peer to Peer, Mixed, and Hybrid.

  • Page 227: Dhcp Server Dynamic Binding

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch DHCP Server Dynamic Binding The following window will allow users to view dynamically bound IP addresses of the DHCP server. These IP addresses are ones that were allotted to clients on the local network and are now bound to the device stated by its MAC address.
  • Page 228 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 64. DHCP Server Manual Binding Table window Users may view statically bound DHCP entries within a DHCP pool by entering the Pool Name and clicking Find. Results will be displayed in the window above.

  • Page 229: Filter Dhcp Server

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Filter DHCP Server The Dynamic Host Configuration Protocol (DHCP) automates the assignment of IP addresses, subnet masks, default routers, and other IP parameters. The assignment usually occurs when the DHCP configured machine boots up or regains connectivity to the network.
  • Page 230 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 67. Filter DHCP Server Port State Settings window The following parameters may be configured. Parameter Description Used to Enable or Disable the Filter DHCP Server Port State Settings.

  • Page 231: Dns Relay

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch DNS Relay Computer users usually prefer to use text names for computers for which they may want to open a connection. Computers themselves, require 32 bit IP addresses. Somewhere, a database of network devices’ text names and their corresponding IP addresses must be maintained.

  • Page 232: Dns Relay Static Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Secondary Name Allows the entry of the IP address of a secondary domain name server (DNS). Server DNSR Cache Status This can be toggled between Disabled and Enabled. This determines if a DNS cache will be enabled on the Switch.

  • Page 233: Vrrp

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch VRRP VRRP or Virtual Routing Redundancy Protocol is a function on the Switch that dynamically assigns responsibility for a virtual router to one of the VRRP routers on a LAN. The VRRP router that controls the IP address associated with a virtual router is called the Master, and will forward packets sent to this IP address.
  • Page 234 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Name Interface on the network. Interface Name - An IP interface name that has been enabled for VRRP. This entry must have been previously set in the IP Interfaces table.
  • Page 235 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Priority (1-254) Enter a value between 1 and 254 to indicate the router priority. The VRRP Priority value may determine if a higher priority VRRP router overrides a lower priority VRRP router. A higher priority will increase the probability that this router will become the Master router of the group.
  • Page 236 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch This window displays the following information: Parameter Description Interface Name An IP interface name that has been enabled for VRRP. This entry must have been previously set in the IP Interface Settings table.
  • Page 237 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 74. VRRP Virtual Router Settings window Click the hyperlink VRID / Interface Name that you want to edit to display the following window: Figure 8- 75. VRRP Virtual Router Settings window...
  • Page 238 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Preempt Mode This entry will determine the behavior of backup routers within the VRRP group by controlling whether a higher priority backup router will preempt a lower priority Master router.

  • Page 239: Vrrp Authentication Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch VRRP Authentication Settings This window is used to set the authentication for each Interface configured for VRRP. This authentication is used to identify incoming message packets received by a router. If the authentication is not consistent with incoming packets, they will be discarded.

  • Page 240: Ip Multicast Routing Protocol

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch IP Multicast Routing Protocol The functions supporting IP multicasting are found in L3 Features > IP Multicast Routing Protocol. IGMP, DVMRP, and PIM- DM/SM/SM-DM can be enabled or disabled on the Switch without changing the individual protocol’s configuration by using the DGS-3600 Web Management Tool.

  • Page 241: Igmp Version

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The states a computer will go through to join or to leave a multicast group are shown below: Figure 8- 79. IGMP State Transitions IGMP Version 3 The current release of the Switch now implements IGMPv3. Improvements of IGMPv3 over version 2 include: The introduction of the SSM or Source Specific Multicast.

  • Page 242: Igmp Interface Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Timers As previously mentioned, IGMPv3 incorporates filters to include or exclude sources. These filters are kept updated using timers. IGMPv3 utilizes two types of timers, one for the group and one for the source. The purpose of the filter mode is to reduce the reception state of a multicast group so that all members of the multicast group are satisfied.
  • Page 243 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch This window allows the configuration of IGMP for each IP interface configured on the Switch. IGMP can be configured as Version 1, 2 or 3 by toggling the Version field using the pull-down menu. The length of time between queries can be varied by entering a value between 1 and 31,744 seconds in the Query Interval field.

  • Page 244: Dvmrp Global Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch DVMRP Interface Configuration The Distance Vector Multicast Routing Protocol (DVMRP) is a hop-based method of building multicast delivery trees from multicast sources to all nodes of a network. Because the delivery trees are ‘pruned’ and ‘shortest path’, DVMRP is relatively efficient.
  • Page 245 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 8- 84. DVMRP Interface Settings - Edit window The following fields can be set: Parameter Description Interface Name Displays the name of the IP interface for which DVMRP is to be configured. This must be a previously defined IP interface.
  • Page 246 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch mechanism can also determine the RP. Multiple Candidate BSRs (C-BSR) can be set on the network but only one BSR will be elected to process RP information. If it is not explicitly apparent which C-BSR is to be the BSR, all C-BSRs will emit Boot Strap Messages (BSM) out on the PIM-SM enabled network to determine which C-BSR has the higher priority and once determined, will be elected as the BSR.

  • Page 247: Pim Global Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch interface list if RP is not found. In other words, the PIM Sparse-Dense mode is treated in either the sparse mode or dense mode of the operation; it depends on which mode the multicast group operates. When an interface receives multicast traffic, if there is a known RP for the group, then the current operation mode on the interface is sparse mode, otherwise the current operation mode on the interface will be dense mode.

  • Page 248: Pim Interface Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch NOTE: The Probe time value must be less than half of the Register Suppression Time value. If not, the administrator will be presented with an error message after clicking Apply.

  • Page 249: Pim Candidate Bsr Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Join/Prune Interval This field will set the interval time between the sending of Join/Prune packets stating which (1-18724 sec) multicast groups are to join the PIM enabled network and which are to be removed or “pruned”...

  • Page 250: Pim Candidate Rp Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch To view the CBSR settings for an IP interface and set its BSR priority, click its corresponding Modify button, which will lead you to the following window. Figure 8- 90. PIM Candidate BSR Settings – Edit window...

  • Page 251: Pim Static Rp Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch advertisement that states to the BSR that it should be immediately removed from CRP status on the PIM-SM network. Candidate RP Enter a priority value to determine which CRP will become the RP for the distribution tree.

  • Page 252: Pim Register Checksum Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Parameter Description Group Address Enter the multicast group address for this Static RP. This address must be a class D address. Group Mask Enter the mask for the multicast group address stated above.
  • Page 253 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Section 9 Bandwidth Control QoS Scheduling Mechanism QoS Output Scheduling 802.1p Default Priority 802.1p User Priority The Switch supports 802.1p priority queuing Quality of Service. The following section discusses the implementation of QoS (Quality of Service) and benefits of using 802.1p priority queuing.

  • Page 254: Understanding Qos

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch administrator instructs the Switch to examine packets for this tag, acquires the tagged packets and maps them to a class queue on the Switch. Then in turn, the administrator will set a priority for this queue so that will be emptied before any other packet is forwarded.

  • Page 255: Bandwidth Control

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Bandwidth Control The bandwidth control settings are used to place a ceiling on the transmitting and receiving data rates for any selected port. To view the Bandwidth Control window, click QoS > Bandwidth Control, as shown below.

  • Page 256: Qos Scheduling Mechanism

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Both. This setting will determine whether the bandwidth ceiling is applied to receiving, transmitting, or both receiving and transmitting packets. No Limit This drop-down menu allows you to specify that the selected port will have no bandwidth limit.

  • Page 257: Configuring The Combination Queue

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 9- 4. QoS Output Scheduling window The following values may be assigned to the QoS classes to set the scheduling. Parameter Description Max. Packets Specifies the maximum number of packets the above specified hardware priority class of service will be allowed to transmit before allowing the next lowest priority queue to transmit its packets.
  • Page 258 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 9- 5. QoS Output Scheduling window – Combination queue example...

  • Page 259: P Default Priority

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch 802.1p Default Priority The Switch allows the assignment of a default 802.1p priority to each port on the Switch. This window allows users to assign a default 802.1p priority to any given port on the Switch.

  • Page 260: Time Range

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Section 10 Time Range Access Profile Table ACL Flow Meter CPU Interface Filtering Time Range The Time Range window is used in conjunction with the Access Profile feature to determine a starting point and an ending point, based on days of the week, when an Access Profile configuration will be enabled on the Switch.

  • Page 261: Access Profile Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Click Apply to implement changes made. Currently configured entries will be displayed in the Time Range Information table in the bottom half of the window shown above. Access profiles allow users to establish criteria to determine whether or not the Switch will forward packets based on the information contained in each packet's header.
  • Page 262 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch header. Select IP to instruct the Switch to examine the IP address in each frame's  header. Select Packet Content Mask to specify a mask to hide the content of the packet ...
  • Page 263 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The following parameters can be set, for IP: Parameter Description Profile ID (1-14) Type in a unique identifier number for this profile set. This value can be set from 1 to 14.
  • Page 264 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch protocol id - Enter a value defining the protocol ID in the packet header to mask. Specify the protocol ID mask in hex form (hex 0x0-0xff) or a user value.
  • Page 265 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The window shown below is the Access Profile Configuration window for IPv6. Figure 10- 6. Access Profile Configuration window (IPv6) This screen will aid the user in configuring the Switch to mask packet headers beginning with the offset value specified. The...
  • Page 266 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 10- 7. Access Profile Entry Display window (Ethernet) To establish the rule for a previously created Access Profile: To view this window, click ACL > Access Profile Table > Access Profile Table, as shown below.

  • Page 267: Parameters Description

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch To remove a previously created rule, select it and click the button. To add a new Access Rule, click the Add Rule button, and the Access Rule Configuration window will appear: Figure 10- 10.
  • Page 268 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch This parameter is specified to re-write the 802.1p default priority previously set in the Switch, Priority (0-7) which is used to determine the CoS queue to which packets are forwarded. Once this field is specified, packets accepted by the Switch that match this priority are forwarded to the CoS queue specified previously by the user.
  • Page 269 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 10- 11. Access Rule Display window (Ethernet) Figure 10- 12. Access Rule Configuration window (IP)
  • Page 270 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Configure the following Access Rule Configuration settings for IP: Parameter Description Profile ID This is the identifier number for this profile set. Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below).
  • Page 271 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch rate is 640kbit/sec.) The user many select a value between 1 and 156249 or No Limit. The default setting is No Limit. Time Range Tick the check box and enter the name of the Time Range settings that has been previously configured in the Time Range Settings window.
  • Page 272 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 10- 15. Access Rule Table window (Packet Content Mask) To remove a previously created rule, select it and click the button. To add a new Access Rule, click the Add button: Figure 10- 16.
  • Page 273 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Auto Assign – Ticking this check box will instruct the Switch to automatically assign  an Access ID for the rule being created. Type Selected profile based on Ethernet (MAC Address), IP address, Packet Content Mask or IPv6.
  • Page 274 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 10- 17. Access Profile Entry Display window (Packet Content Mask) NOTE: When using the ACL Mirror function, ensure that the Port Mirroring function is enabled and a target mirror port is set.
  • Page 275 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 10- 19. Access Rule Configuration window (IPv6) To set the Access Rule for the IPv6, adjust the following parameters and click Apply. Parameter Description Profile ID This is the identifier number for this profile set.
  • Page 276 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch incoming 802.1p user priority re-written to its original value before being forwarded by the Switch. For more information on priority queues, CoS queues and mapping for 802.1p, see the QoS section of this manual.

  • Page 277: Acl Flow Meter

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch ACL Flow Meter Before configuring the ACL Flow Meter, here is a list of acronyms and terms users will need to know. trTCM – Two Rate Three Color Marker. This, along with the srTCM, are two methods available on the switch for metering and marking packet flow.
  • Page 278 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 10- 21. ACL Flow Meter Table window The previous window allows users to view the ACL profile and rule that is utilizing the ACL Flow Meter function, and the mode associated with that profile and rule.
  • Page 279 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch following parameters to determine the color rate of the IP packet flow. CIR – The Committed Information Rate can be set between 1 and 156249. IP flow rates at or below this level will be considered green.

  • Page 280: Cpu Interface Filtering

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 10- 23. ACL Flow Meter Display window CPU Interface Filtering Due to a chipset limitation and the need for extra switch security, the Switch incorporates CPU Interface filtering. This added feature increases the running security of the Switch by enabling the user to create a list of access rules for packets destined for the Switch’s CPU interface.
  • Page 281 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch To view this windw, click ACL > CPU Interface Filtering > CPU Interface Filtering Table, as shown below. Figure 10- 25. CPU Interface Filtering Table window To add an entry to the CPU Interface Filtering Table, click the Add Profile button. This will open the CPU Interface Filtering Profile Configuration window, as shown below.
  • Page 282 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The window shown below is the CPU Interface Filtering Configuration for IP window. Figure 10- 27. CPU Interface Filtering Configuration window (IP) The following parameters can be modified: Parameter Description Profile ID (1-5) Type in a unique identifier number for this profile set.
  • Page 283 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch header and use this as the, or part of the criterion for forwarding. Protocol Selecting this option instructs the Switch to examine the protocol type value in each frame's header. You must then specify what protocol(s) to include according to the following...
  • Page 284 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The window shown below is the CPU Interface Filtering Configuration window for the Packet Content Mask. Figure 10- 28. CPU Interface Filtering Configuration window (Packet Content) This window will aid the user in configuring the Switch to mask packet headers beginning with the offset value specified. The...
  • Page 285 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Select IPv6 t instruct the Switch to examine the IPv6 address in each frame's  header. Offset This field will instruct the Switch to mask the packet header beginning with the offset value specified: value (0-15) –...
  • Page 286 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Source IPv6 Address The user may specify an IP address mask for the source IPv6 address by entering the IP address mask, in hex form. Destination IPv6 The user may specify an IP address mask for the destination IPv6 address by and entering Address the IP address mask, in hex form.
  • Page 287 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 10- 32. CPU Interface Filtering Rule Configuration window (Ethernet) To set the CPU Access Rule for Ethernet, adjust the following parameters and click Apply. Parameters Description Profile ID This is the identifier number for this profile set.
  • Page 288 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Port The CPU Access Rule may be configured on a per-port basis by entering the port number of the Switch. Time Range Click the check box and enter the name of the Time Range settings that has been previously configured in the Time Range Settings window.
  • Page 289 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 10- 35. CPU Interface Filtering Rule Configuration window (IP) Configure the following Access Rule Configuration settings for IP: Parameter Description Profile ID This is the identifier number for this profile set.
  • Page 290 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch access rule will be implemented on the Switch. To view the settings of a previously correctly configured rule, click in the Access Rule Table to view the following window: Figure 10- 36. CPU Interface Filtering Rule Display window (IP) The following window is the CPU Interface Filtering Rule Table for Packet Content.
  • Page 291 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 10- 38. CPU Interface Filtering Rule Configuration window (Packet Content Mask) To set the Access Rule for Ethernet, adjust the following parameters and click Apply. Parameters Description Profile ID This is the identifier number for this profile set.
  • Page 292 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Access ID Type in a unique identifier number for this access. This value can be set from 1 to 100. Type Selected profile based on Ethernet (MAC Address), IP address, Packet Content Mask, or IPv6.
  • Page 293 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The following window is the CPU Access Rule Table for IPv6. Figure 10- 40. CPU Access Rule Table window (IPv6) To create a new rule set for an access profile click the Add button. A new window is displayed. To remove a previously created rule, click the corresponding button.
  • Page 294 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Packet Content Mask instructs the Switch to examine the packet header.  IPv6 instructs the Switch to examine the IPv6 part of each packet header.  Class (0-255) Entering a value between 0 and 255 will instruct the Switch to examine the class field of the IPv6 header.

  • Page 295: Security

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Section 11 Security Traffic Control Port Security IP-MAC-Port Binding 802.1X Web Authentication Trust Host Access Authentication Control MAC Based Access Control Safeguard Engine Traffic Segmentation Traffic Control On a computer network, packets such as Multicast packets and Broadcast packets continually flood the network as normal procedure.
  • Page 296 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 11- 1. Traffic Control Recover window If this field times out and the packet storm continues, the port will be placed in a Shutdown Forever mode which will produce a warning message to be sent to the Trap Receiver.
  • Page 297 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch From…To Select the ports to be recovered. Traffic Trap Settings Traffic Trap Enable sending of Storm Trap messages when the type of action taken by the Traffic Control Settings function in handling a Traffic Storm is one of the following: None –...
  • Page 298 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch NOTE: Ports that are in the Shutdown forever mode will be seen as Discarding in Spanning Tree windows and implementations though these ports will still be forwarding BPDUs to the Switch’s CPU.

  • Page 299: Port Security

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Port Security Port Security Settings A given ports’ (or a range of ports') dynamic MAC address learning can be locked such that the current source MAC addresses entered into the MAC address forwarding table can not be changed once the port lock is enabled. Setting the Admin State pull- down menu to Enabled, and clicking Apply can lock the port.

  • Page 300: Port Security Entries

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Parameter Description Unit Select the unit you wish to configure. From…To A consecutive group of ports may be configured starting with the selected port. Admin State This pull-down menu allows users to enable or disable Port Security (locked MAC address table for the selected ports).

  • Page 301: Ip-Mac-Port Binding

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch IP-MAC-Port Binding The IP network layer uses a four-byte address. The Ethernet link layer uses a six-byte MAC address. Binding these two address types together allows the transmission of data between the layers. The primary purpose of IP-MAC-Port binding is to restrict the access to a switch to a number of authorized users.
  • Page 302 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 11- 5. IMP Port Settings window The following fields can be set or modified: Parameter Description Unit Enter the unit you wish to configure. From…To Select a port or range of ports to set for IP-MAC-Port Binding.

  • Page 303: Imp Entry Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Forward DHCP By default, the DHCP packet with broadcast DA will be flooded. When set to disable in strict Packet mode, the broadcast DHCP packet received by the specified port will not be forwarded. This function will only take effect in Strict mode.

  • Page 304: Dhcp Snooping Entries

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch DHCP Snooping Entries This table is used to view dynamic entries on specific ports. To view particular port settings, select the unit, enter the port number and click Find. To view all entries click View All, and to delete an entry, click Clear.

  • Page 305: Authentication Server

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch 802.1X 802.1X Port-Based and MAC-Based Access Control The IEEE 802.1X standard is a security measure for authorizing and authenticating users to gain access to various wired or wireless devices on a specified Local Area Network by using a Client and Server based access control model. This is accomplished by using a RADIUS server to authenticate users trying to access a network by relaying Extensible Authentication Protocol over LAN (EAPOL) packets between the Client and the Server.
  • Page 306 Three steps must be implemented on the Switch to properly configure the Authenticator. 1. The 802.1X State must be Enabled. (DGS-3600 Web Management Tool) 2. The 802.1X settings must be implemented by port (Security / 802.1X / Configure 802.1X Authenticator Parameter) 3.

  • Page 307: Authentication Process

    Figure 11- 14. The 802.1X Authentication Process The D-Link implementation of 802.1X allows network administrators to choose between two types of Access Control used on the Switch, which are: 1. Port-Based Access Control – This method requires only one user to be authenticated per port by a remote RADIUS server to allow the remaining users on the same port access to the network.
  • Page 308 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Port-Based Network Access Control RADIUS Server Ethernet Switch … 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X Client Client Client Client Client Client Client Client Client Network access controlled port Network access uncontrolled port Figure 11- 15.
  • Page 309 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch MAC-Based Network Access Control RADIUS Server Ethernet Switch … 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X Client Client Client Client Client Client Client Client Client...

  • Page 310: Guest Vlans

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Guest VLANs On 802.1x security enabled networks, there is a need for non 802.1x supported devices to gain limited access to the network, due to lack of the proper 802.1x software or incompatible...

  • Page 311: Configure 802.1X Guest Vlan

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Configure 802.1X Guest VLAN To set a Guest 802.1X VLAN, the user must first configure a normal VLAN which can be enabled here for Guest VLAN status. To view this window, click Security > 802.1X > Configure 802.1X Guest VLAN, as shown below.

  • Page 312: Configure 802.1X Authenticator Parameter

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Configure 802.1X Authenticator Parameter To configure the 802.1X Authenticator Settings, click Security > 802.1X > Configure 802.1X Authenticator Parameter, as shown below. Figure 11- 19. Configure 802.1X Authenticator Parameter window...
  • Page 313 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 11- 20. 802.1X Authenticator Settings window (Modify) This window allows users to set the following features: Parameter Description Unit Select the unit you wish to configure. From…To Enter the port or ports to be set.
  • Page 314 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch default setting is 30 seconds. QuietPeriod This allows you to set the number of seconds that the Switch remains in the quiet state following a failed authentication exchange with the client. The default setting is 60 seconds.

  • Page 315: X User

    This window allows initialization of a port or group of ports. The Initialize Port Table in the bottom half of the window displays the current status of the port(s). To initialize ports for the MAC side of 802.1X, the user must first enable 802.1X by MAC address in the DGS-3600 Web Management Tool window.

  • Page 316: Reauthenticate Port(S)

    Management Tool window before initializing ports. Information in the Initialize Ports Table cannot be viewed before enabling 802.1X. To reauthenticate ports for the MAC side of 802.1X, the user must first enable 802.1X by MAC address in the DGS-3600 Web Management Tool window.
  • Page 317 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 11- 25. Reauthenticate Port(s) window (MAC-based 802.1X) To reauthenticate ports, first choose the switch in the switch stack by using the pull-down menu and then choose the range of ports in the From and To field.

  • Page 318: Authentic Radius Server

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Authentic RADIUS Server The RADIUS feature of the Switch allows you to facilitate centralized user administration as well as providing protection against a sniffing, active hacker. The Web Manager offers three windows.

  • Page 319: Web Authentication

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Web Authentication Web-based Access Control is another port based access control method implemented similarly to the 802.1x port based access control method previously stated. This function will allow user authentication through a RADIUS server or...

  • Page 320: Web Authentication Control

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Web Authentication Control This window is used to configure the Switch for WAC Configuration. To view this window, click Security > Web Authentication > Web Authentication Configuration, as shown below.

  • Page 321: User Account Management

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Control can be enabled. Click Apply to implement changes made. NOTE: To enable the Web-based Access Control function, the redirection path field must have the URL of the website that users will be directed to once they enter the limited resource, pre-configured VLAN.
  • Page 322 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 11- 29. User Account Creation window To set the User Account settings for the Web-based Access Control by the Switch, complete the following fields. Parameter Description User Account Creation...

  • Page 323: Trust Host

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 11- 30. Web-based Access Control Authentication Login window After successfully logging in, the user will be prompted with this window, verifying that the user has successfully authenticated the WAC port.

  • Page 324: Access Authentication Control

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Access Authentication Control The TACACS/XTACACS/TACACS+/RADIUS commands allow users to secure access to the Switch using the TACACS/XTACACS/TACACS+/RADIUS protocols. When a user logs in to the Switch or tries to access the administrator level privilege, he or she is prompted for a password.

  • Page 325: Authentication Policy And Parameter Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Authentication Policy and Parameter Settings This command will enable an administrator-defined authentication policy for users trying to access the Switch. When enabled, the device will check the Login Method List and choose a technique for user authentication upon login.

  • Page 326: Authentication Server Group

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Line Interface) application, the Telnet application, SSH and the WEB (HTTP) application. Login Method List Using the pull-down menu, configure an application for normal login on the user level, utilizing a previously configured method list. The user may use the default Method List or other Method List configured by the user.

  • Page 327: Authentication Server Host

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch To add a user-defined group to the list, click the Add button in the Authentication Server Group window, which will display the following window. Figure 11- 37. Authentication Server Group Table Add Settings window Simply enter a group name of no more than 15 alphanumeric characters to define the user group to add.
  • Page 328 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 11- 39. Authentication Server Host Setting – Add window To edit an Authentication Server Host, click the IP address hyperlink. Configure the following parameters to add or edit an Authentication Server Host:...

  • Page 329: Login Method Lists

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Login Method Lists This command will configure a user-defined or default Login Method List of authentication techniques for users logging on to the Switch. The sequence of techniques implemented in this command will affect the authentication result. For example, if a user enters a sequence of techniques, for example TACACS –...

  • Page 330: Enable Method Lists

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch xtacacs - Adding this parameter will require the user to be authenticated using  the XTACACS protocol from a remote XTACACS server. tacacs+ - Adding this parameter will require the user to be authenticated using ...
  • Page 331 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 11- 43. Enable Method List - Add window To define an Enable Login Method List, set the following parameters and click Apply: Parameter Description Method List Name Enter a method list name defined by the user of up to 15 characters.

  • Page 332: Configure Local Enable Password

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Configure Local Enable Password This window will configure the locally enabled password for the Enable Admin command. When a user chooses the "local_enable" method to promote user level privileges to administrator privileges, he or she will be prompted to enter the password configured here that is locally set on the Switch.

  • Page 333: Mac Based Access Control

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch MAC Based Access Control The MAC-based Access Control feature will allow users to configure a list of MAC addresses, either locally or on a remote RADIUS server, to be authenticated by the Switch and given access rights based on the configurations set on the Switch of the target VLAN where these authenticated users are placed.
  • Page 334 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 11- 47. MAC Based Access Control Global Settings window The following parameters may be viewed or set: Parameter Description Settings State Use the pull-down menu to globally enable or disable the MAC-based Access Control...

  • Page 335: Mac-Based Access Control Local Mac Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch function on the Switch. Method Use the pull-down menu to choose the type of authentication to be used when authentication MAC addresses on a given port. The user may choose between the following methods: Local –...
  • Page 336 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 11- 48. MAC Based Access Control Local MAC Settings To set the following parameters: Parameter Description To search for a previously configured MAC address, enter the address and click Find MAC Address By MAC.

  • Page 337: Safeguard Engine

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Safeguard Engine Periodically, malicious hosts on the network will attack the Switch by utilizing packet flooding (ARP Storm) or other methods. These attacks may increase the Safeguard Engine beyond its capability. To alleviate this problem, the Safeguard Engine function was added to the Switch’s software.

  • Page 338: Safeguard Engine Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch NOTICE: When Safeguard Engine is enabled, the Switch will allot bandwidth to various traffic flows (ARP, IP) using the FFP (Fast Filter Processor) metering table to control the CPU utilization and limit traffic. This may limit the speed of routing traffic over the network.

  • Page 339: Traffic Segmentation

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Traffic Segmentation Traffic segmentation is used to limit traffic flow from a single port to a group of ports on either a single switch or a group of ports on another switch in a switch stack. This method of segmenting the flow of traffic is similar to using VLANs to limit traffic, but is more restrictive.
  • Page 340 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Parameter Description Unit – Port Use the drop-down menu to select the desired unit and port to transmit packets. Forward Port Tick the check boxes to select which of the ports on the Switch will be able to forward packets.

  • Page 341: Download Certificate

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Secure Sockets Layer or SSL is a security feature that will provide a secure communication path between a host and client through the use of authentication, digital signatures and encryption. These security functions are implemented through the use of a...
  • Page 342 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 11- 54. Download Certificate window To download certificates, set the following parameters and click Apply. Parameter Description Certificate Type Enter the type of certificate to be downloaded. This type refers to the server responsible for issuing certificates.
  • Page 343 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Ciphersuite RSA with RC4 128 This ciphersuite combines the RSA key exchange, stream cipher RC4 encryption with 128- bit keys and the MD5 Hash Algorithm. Use the pull-down menu to enable or disable this ciphersuite.

  • Page 344: Ssh Server Configuration

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch SSH is an abbreviation of Secure Shell, which is a program allowing secure remote login and secure network services over an insecure network. It allows a secure login to remote host computers, a safe method of executing commands on a remote end node, and will provide secure encrypted and authenticated communication between two non-trusted hosts.

  • Page 345: Ssh Authentication Mode And Algorithm Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Parameter Description SSH Server Status Use the pull-down menu to enable or disable SSH on the Switch. The default is Disabled. Max Session Enter a value between 1 and 8 to set the number of users that may simultaneously access the Switch.
  • Page 346 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The following algorithms may be set: Parameter Description SSH Authentication Mode and Algorithm Settings Password This parameter may be enabled if the administrator wishes to use a locally configured password for authentication on the Switch. The default is Enabled.

  • Page 347: Ssh User Authentication

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch SSH User Authentication The following windows are used to configure parameters for users attempting to access the Switch through SSH. To view this window, click Security > SSH > SSH User Figure 11- 57.

  • Page 348: Monitoring

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Section 12 Monitoring Device Status Stacking Information Module Information CPU Utilization Port Utilization Packets Errors Packet Size Browse Router Port Browse MLD Router Port VLAN Status VLAN Status Port Port Access Control...

  • Page 349: Device Status

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Device Status This window displays status information for Internal Power, External Power, Side Fan, and Back Fan. To view the Device Status window, click Monitoring > Device Status, as shown below.

  • Page 350: Cpu Utilization

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch CPU Utilization This window displays the percentage of the CPU being used, expressed as an integer percentage and calculated as a simple average by time interval. To view this window, click Monitoring > CPU Utilization, as shown below.

  • Page 351: Port Utilization

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Port Utilization This window displays the percentage of the total available bandwidth being used on the port. To view the port utilization, click Monitoring > Port Utilization, as shown below.

  • Page 352: Packets

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Packets The Web Manager allows various packet statistics to be viewed as either a line graph or a table. Six windows are offered. Received (RX) To view the Received (RX) window, click Monitoring > Packets > Received (RX), as shown below.
  • Page 353 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 7. Rx Packets Analysis window (table for Bytes and Packets) The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.

  • Page 354: Umb_Cast (Rx)

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch UMB_cast (RX) To view the UMB_cast (RX) window, click Monitoring > Packets > UMB_cast (RX), as shown below. Figure 12- 8. Rx Packets Analysis window (line graph for Unicast, Multicast, and Broadcast Packets)
  • Page 355 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 9. Rx Packets Analysis window (table for Unicast, Multicast, and Broadcast Packets) The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.

  • Page 356: Transmitted (Tx)

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Transmitted (TX) To view this window, click Monitoring > Packets > Transmitted (TX), as shown below. Figure 12- 10. Tx Packets Analysis window (line graph for Bytes and Packets) To view the Transmitted (TX) Table, click the link...
  • Page 357 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 11. Tx Packets Analysis window (table for Bytes and Packets) The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.

  • Page 358: Errors

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Errors The Web Manager allows port error statistics compiled by the Switch's management agent to be viewed as either a line graph or a table. Four windows are offered. Received (RX) To view this window, click Monitoring >...
  • Page 359 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 13. Rx Error Analysis window (table) The following fields can be set: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.

  • Page 360: Transmitted (Tx)

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch VLANIngDr Incremented for each packet that is discarded by VLAN ingress checking. Show/Hide Check whether or not to display Crc Error, Under Size, Over Size, Fragment, Jabber, and Drop errors.
  • Page 361 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 15. Tx Error Analysis window (table) The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.

  • Page 362: Packet Size

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Packet Size The Web Manager allows packets received by the Switch, arranged in six groups and classed by size, to be viewed as either a line graph or a table. Two windows are offered.
  • Page 363 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 17. Tx/Rx Packet Size Analysis window (table) The following fields can be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.

  • Page 364: Browse Router Port

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Browse Router Port This displays which of the Switch's ports are currently configured as router ports. A router port configured by a user (using the console or Web-based management interfaces) is displayed as a static router port, designated by S. D designates a router port that is dynamically configured by the Switch and a forbidden port is designated by F.

  • Page 365: Vlan Status

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch VLAN Status This allows the VLAN status for each of the Switch's ports to be viewed by VLAN. This window displays the ports on the Switch that are currently Egress (E) or Tag (T) ports. To view the next VLAN in the list, click the Next button.

  • Page 366: Port Access Control

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Port Access Control The following windows are used to monitor 802.1X statistics of the Switch, on a per port basis. To view the Port Access Control windows, click monitoring > Port Access Control. There are six windows to monitor.
  • Page 367 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The user may also view this window if MAC Base is chosen for 802.1X. The window displays the same information, except that it is by MAC address and not port.
  • Page 368 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 23. Authenticator State window – MAC-Based 802.1X...

  • Page 369: Authenticator Statistics

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Authenticator Statistics This table contains the statistics objects for the Authenticator PAE associated with each port. An entry appears in this table for each port that supports the Authenticator function.

  • Page 370: Authenticator Session Statistics

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch by this Authenticator. Rx Invalid The number of EAPOL frames that have been received by this Authenticator in which the frame type is not recognized. Rx Error The number of EAPOL frames that have been received by this Authenticator in which the Packet Body Length field is invalid.

  • Page 371: Authenticator Diagnostics

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Octets Rx The number of octets received in user data frames on this port during the session. Octets Tx The number of octets transmitted in user data frames on this port during the session.
  • Page 372 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 26. Authenticator Diagnostics window The user may select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds. The default value is one second.

  • Page 373: Radius Authentication

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch (authFail = TRUE). Auth Reauth Counts the number of times that the state machine transitions from AUTHENTICATING to ABORTING, as a result of a reauthentication request (reAuthenticate = TRUE). Auth Start Counts the number of times that the state machine transitions from AUTHENTICATING to ABORTING, as a result of an EAPOL-Start message being received from the Supplicant.
  • Page 374 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 27. RADIUS Authentication window The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds. The default value is one second. To clear the current statistics shown, click the Clear button in the top left hand corner.

  • Page 375: Radius Account Client

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch PendingRequests The number of RADIUS Access-Request packets destined for this server that have not yet timed out or received a response. This variable is incremented when an Access-Request is sent and decremented due to receipt of an Access-Accept, Access-Reject or Access- Challenge, a timeout or retransmission.
  • Page 376 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Requests The number of RADIUS Accounting-Request packets sent. This does not include retransmissions. Retransmissions The number of RADIUS Accounting-Request packets retransmitted to this RADIUS accounting server. Retransmissions include retries where the Identifier and Acct-Delay have been updated, as well as those in which they remain the same.

  • Page 377: Mac Address Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch MAC Address Table This allows the Switch's dynamic MAC address forwarding table to be viewed. When the Switch learns an association between a MAC address and a port number, it makes an entry into its forwarding table. These entries are then used to forward packets through the Switch.

  • Page 378: Igmp Snooping Group

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch The VLAN ID of the VLAN the port is a member of. MAC Address The MAC address entered into the address table. Unit – Port The Unit and port that the MAC address above corresponds to.

  • Page 379: Mld Snooping Group

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch MLD Snooping Group The following window allows the user to view MLD Snooping Groups present on the Switch. MLD Snooping is an IPv6 function comparable to IGMP Snooping for IPv4. The user may browse this table by VLAN Name present in the switch by entering that VLAN Name in the empty field shown below, and clicking the Find button.

  • Page 380: Trace Route

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Trace Route The following window will aid the user in back tracing the route taken by a packet before arriving at the Switch. When initiated, the Trace Route program will display the IP addresses of the previous hops a packet takes from the Target IP Address entered in the window, until it reaches the Switch.

  • Page 381: Igmp Snooping Forwarding

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch IGMP Snooping Forwarding The IGMP Snooping Forwarding table displays the current multicast traffic that the device has received and which ports it should forward. To view this window, click Monitoring > IGMP Snooping Forwarding, as shown below.

  • Page 382: Mld Snooping Forwarding

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch MLD Snooping Forwarding The MLD Snooping Forwarding table displays the current multicast traffic entries that the device has received and which ports it should be forwarded to. To view this window, click Monitoring > MLD Snooping Forwarding, as shown below.

  • Page 383: Browse Routing Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Browse Routing Table This window shows the current IP routing table of the Switch. To find a specific IP route, enter an IP address along with a proper subnet mask in the two fields offered and click Find.

  • Page 384: Browse Igmp Group Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Browse IGMP Group Table This window will show current IGMP group entries on the Switch. To search a specific IGMP group entry, enter an interface name into the Interface Name field or a Multicast Group IP address and click Find.

  • Page 385: Browse Dvmrp Routing Next Hop Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 41. DVMRP Neighbor Table window Browse DVMRP Routing Next Hop Table The DVMRP Routing Next Hop Table contains information regarding the next-hop for forwarding multicast packets on outgoing interfaces.

  • Page 386: Browse Pim Ip Multicast Route Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 43. PIM Neighbor Address Table window Browse PIM IP Multicast Route Table The PIM IP Multicast Route Table is used to view information regarding the multicast data route entries in the Switch.

  • Page 387: Browse Ospf Neighbor Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 46. OSPF LSDB Table window The user may search for a specific entry by entering the following information into the fields at the top of the screen: To browse the OSPF LSDB Table window, you first must select which browse method you want to use in the Search Type field.

  • Page 388: Browse Ospf Virtual Neighbor Table

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch To view this table, click Monitoring > OSPF Monitor > Browse OSPF Neighbor Table as shown below. Figure 12- 47. OSPF Neighbor Table window To search for OSPF neighbors, enter an IP address and click Find. Valid OSPF neighbors will appear in the OSPF Neighbor Table below.

  • Page 389: Switch Logs

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Switch Logs The Web manager allows the Switch's history log, as compiled by the Switch's management agent, to be viewed. To view the Switch history log, click Monitoring > Switch Logs, as shown below.

  • Page 390: Mac Based Access Control Authentication

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Figure 12- 50. ARP Table window MAC Based Access Control Authentication This window is used to clear previously configured MAC Based Access Control Authentication entries. To view the Browse ARP table, click Monitoring > MAC Based Access Control Authentication, as shown below.

  • Page 391: Switch Maintenance

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Section 13 Switch Maintenance Reset Reboot System Save Services Logout Reset The Reset function has several options when resetting the Switch. Some of the current configuration parameters can be retained while resetting all other configuration parameters to their factory defaults.

  • Page 392: Save Services

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Save Services The following three windows will aid the user in saving configurations to the Switch’s memory. Save Changes The Switch has two levels of memory, normal RAM and non-volatile or NV-RAM. Configuration changes are made effective clicking the Save button.

  • Page 393: Current Configuration Settings

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Current Configuration Settings The Current Configuration Settings window allows users to manipulate configuration images saved in the Flash memory of the Switch. To view this window, click Save Services > Current Configuration Settings, as shown below.

  • Page 394: Technical Specifications

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Appendix A Technical Specifications General IEEE 802.3 10BASE-T Ethernet Protocols IEEE 802.3u 100BASE-TX Fast Ethernet IEEE 802.3ab 1000BASE-T Gigabit Ethernet IEEE 802.3z 1000BASE-T (SFP “Mini GBIC”) IEEE 802.1D Spanning Tree IEEE 802.1s Multiple Spanning Tree...
  • Page 395 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch 3 available slots for optional 10GE modules DGS-3650: 48 x 10/100/1000 Mbps ports 4 x 1000Mbps Combo SFP Ports 2 available slots for optional 10GE modules DGS-3612G: 12 x 100/1000Mbps SFP ports...
  • Page 396 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch MAC Address Learning Automatic update. Supports 16K MAC address. Priority Queues 8 Priority Queues per port. Forwarding Table Age Time Max age: 10-1000000 seconds. Default = 300.

  • Page 397: Cables And Connectors

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Appendix B Cables and Connectors When connecting the Switch to another switch, a bridge or hub, a normal cable is necessary. Please review these products for matching cable pin assignment.

  • Page 398: System Log Entries

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Appendix C System Log Entries The following table lists all possible entries and their corresponding meanings that will appear in the System Log of this Switch. Category Event Description Log Content...
  • Page 399 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Category Event Description Log Content Severity Remark (Username: <username>, shown in log string, which IP: <ipaddr>, MAC: means if the user logs in <macaddr>) through the console, no IP or MAC address information will be included in the log.
  • Page 400 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Category Event Description Log Content Severity Remark If the user logs in through the Successful login through Successful login console, no IP or MAC Console Console (Username: Informational through Console address information will be <username>)
  • Page 401 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Category Event Description Log Content Severity Remark Telnet IP: <ipaddr>, MAC: <macaddr>) Telnet session timed out Telnet session timed (Username: <username>, Informational IP: <ipaddr>, MAC: <macaddr>) SNMP request SNMP request received...
  • Page 402 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Category Event Description Log Content Severity Remark Successful login Successful login through through Console Console authenticated by Informational authenticated by AAA local method AAA local method (Username: <username>) Login failed through...
  • Page 403 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Category Event Description Log Content Severity Remark Login failed through SSH Login failed through from <userIP> SSH authenticated authenticated by AAA local Warning by AAA local method (Username: method <username>, MAC: <macaddr>)
  • Page 404 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Category Event Description Log Content Severity Remark (Username: <username>, MAC: <macaddr>) Login failed through Web from <userIP> Login failed through authenticated by AAA Web authenticated Warning server <serverIP> by AAA server (Username: <username>,...
  • Page 405 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Category Event Description Log Content Severity Remark Successful login through Successful login SSH from <userIP> through SSH authenticated by AAA Informational authenticated by server <serverIP> AAA server (Username: <username>, MAC: <macaddr>) Login failed through SSH from <userIP>...
  • Page 406 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Category Event Description Log Content Severity Remark MAC: <macaddr>) Successful Enable Admin Successful Enable through Telnet from Admin through <userIP> authenticated by Telnet authenticated Informational AAA local_enable method by AAA (Username: <username>,...
  • Page 407 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Category Event Description Log Content Severity Remark Successful Enable Admin Successful Enable through SSH from <userIP> Admin through SSH authenticated by AAA none Informational authenticated by method (Username: AAA none method <username>, MAC:...
  • Page 408 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Category Event Description Log Content Severity Remark Enable Admin failed Enable Admin failed through Web (SSL) from through Web (SSL) <userIP> due to AAA due to AAA server server timeout or improper...
  • Page 409 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Category Event Description Log Content Severity Remark Unauthenticated IP-MAC address and discarded by IP-MAC- Unauthenticated IP ip mac port binding (IP: PORT address discarded by Warning <ipaddr>, MAC: Binding IP mac port binding <macaddr>, Port...

  • Page 410: Cable Lengths

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Appendix D Cable Lengths Use the following table to as a guide for the maximum cable lengths. Standard Media Type Maximum Distance Mini-GBIC 1000BASE-LX, Single-mode fiber module 10km 1000BASE-SX, Multi-mode fiber module...

  • Page 411: Glossary

    ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch Glossary 1000BASE-SX: A short laser wavelength on multimode fiber optic cable for a maximum length of 2000 meters 1000BASE-LX: A long wavelength for a "long haul" fiber optic cable for a maximum length of 10 kilometers 100BASE-FX: 100Mbps Ethernet implementation over fiber.
  • Page 412 ® xStack DGS-3600 Series Layer 3 Gigabit Ethernet Managed Switch latency: The delay between the time a device receives a packet and the time the packet is forwarded out of the destination port. line speed: See baud rate. main port: The port in a resilient link that carries data traffic in normal operating conditions.
  • Page 413 The customer must submit with the product as part of the claim a written description of the Hardware defect or Software nonconformance in sufficient detail to allow D-Link to confirm the same, along with proof of purchase of the product (such as a copy of the dated purchase invoice for the product).
  • Page 414 D-Link Corporation/D-Link Systems, Inc., as stipulated by the United States Copyright Act of 1976 and any amendments thereto. Contents are subject to change without prior notice. Copyright 2009 by D-Link Corporation/D-Link Systems, Inc.

  • Page 415: Product Registration

    Product Registration Register your D-Link product online at http://support.dlink.com/register/ Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights.
  • Page 416 Such repair or replacement will be rendered by D-Link at an Authorized D-Link Service Office. The replacement Hardware need not be new or of an identical make, model or part; D-Link may in its discretion may replace the defective Hardware (or any part thereof) with any reconditioned product that D-Link reasonably determines is substantially equivalent (or superior) in all material respects to the defective Hardware.
  • Page 417 Submitting A Claim. Any claim under this limited warranty must be submitted in writing before the end of the Warranty Period to an Authorized D-Link Service Office. The claim must include a written description of the Hardware defect or Software nonconformance in sufficient detail to allow D-Link to confirm the same.

  • Page 418: Fcc Warning

    Trademarks Copyright .2002 D-Link Corporation. Contents subject to change without prior notice. D-Link is a registered trademark of D-Link Corporation/D-Link Systems, Inc. All other trademarks belong to their respective proprietors.

  • Page 419: Tech Support

    You can find software updates and user documentation on the D- Link website. D-Link provides free technical support for customers within the United States and within Canada for the duration of the service period, and warranty confirmation service, during the warranty period on this product.

  • Page 420: Technical Support

    Technical Support United Kingdom (Mon-Fri) Home Wireless/Broadband 0871 873 3000 (9.00am–06.00pm, Sat 10.00am-02.00pm) Managed, Smart, & Wireless Switches, or Firewalls 0871 873 0909 (09.00am – 05.30pm) (BT 10ppm, other carriers may vary.) Ireland (Mon-Fri) All Products 1890 886 899 (09.00am-06.00pm, Sat 10.00am-02.00pm) €0.05ppm peak, €0.045ppm off peak Times Internet http://www.dlink.co.uk...

  • Page 421: Assistance Technique

    Assistance technique Assistance technique D-Link par téléphone : 0 820 0803 03 0,12 €/min la minute : Lundi – Vendredi de 9h à 13h et de 14h à 19h Samedi 9h à 13h et de 14h à 16h Assistance technique D-Link sur internet : http://www.dlink.fr...
  • Page 422 Pomoc techniczna Telefoniczna pomoc techniczna firmy D-Link: 0 801 022 021 Pomoc techniczna firmy D-Link świadczona przez Internet: URL: http://www.dlink.pl e-mail: serwis@dlink.pl Technická podpora Web: http://www.dlink.cz/suppport/ E-mail: support@dlink.cz Telefon: 225 281 553 Telefonická podpora je v provozu: PO- PÁ od 09.00 do 17.00 Land Line 1,78 CZK/min - Mobile 5.40 CZK/min...
  • Page 423 Teknistä tukea asiakkaille Suomessa: Arkisin klo. 9 - 21 numerosta : 06001 5557 Internetin kautta : http://www.dlink.fi Teknisk Support D-Link Teknisk Support via telefon: 0900-100 77 00 Vardagar 08.00-20.00 D-Link Teknisk Support via Internet: http://www.dlink.se Assistência Técnica Assistência Técnica da D-Link na Internet: http://www.dlink.pt...
  • Page 424 D-Link - ovo spletno stran www.dlink.eu www.dlink.biz/sl Suport tehnica Vă mulţumim pentru alegerea produselor D-Link. Pentru mai multe informaţii, suport şi manuale ale produselor vă rugăm să vizitaţi site-ul D-Link www.dlink.eu www.dlink.ro...
  • Page 425 Technical Support You can find software updates and user documentation on the D-Link website. Tech Support for customers in Australia: Tel: 1300-766-868 24/7(24Hrs, 7days a week) technical support http://www.dlink.com.au e-mail: support@dlink.com.au India: Tel: 1800-222-002 9.00 AM to 9.00 PM. All days http://www.dlink.co.in/support/productsupport.aspx...
  • Page 426 Technical Support You can find software updates and user documentation on the D-Link website. Tech Support for customers in Egypt: Tel: +202-2919035 or +202-2919047 Sunday to Thursday 9:00am to 5:00pm http://support.dlink-me.com Email: support.eg@dlink-me.com Iran: Te: +98-21-88880918,19 Saturday to Thursday 9:00am to 5:00pm http://support.dlink-me.com...
  • Page 427 Техническая поддержка Обновления программного обеспечения и документация доступны на Интернет-сайте D-Link. D-Link предоставляет бесплатную поддержку для клиентов в течение гарантийного срока. Клиенты могут обратиться в группу технической поддержки D-Link по телефону или через Интернет. Техническая поддержка D-Link: +7(495) 744-00-99 Техническая поддержка через Интернет...
  • Page 428 SOPORTE TÉCNICO Usted puede encontrar actualizaciones de softwares o firmwares y documentación para usuarios a través de nuestro sitio www.dlinkla.com SOPORTE TÉCNICO PARA USUARIOS EN LATINO AMERICA Soporte técnico a través de los siguientes teléfonos de D-Link PAIS NUMERO HORARIO...
  • Page 429 Você pode encontrar atualizações de software e documentação de usuário no site da D-Link Brasil. A D-Link fornece suporte técnico gratuito para clientes no Brasil durante o período de vigência da garantia deste produto. Suporte Técnico para clientes no Brasil: Telefone São Paulo +11-2185-9301...
  • Page 430 D-Link D-Link...
  • Page 431 Dukungan Teknis Update perangkat lunak dan dokumentasi pengguna dapat diperoleh pada situs web D-Link. Dukungan Teknis untuk pelanggan: Dukungan Teknis D-Link melalui telepon: Tel: +62-21-5731610 Dukungan Teknis D-Link melalui Internet: Email : support@dlink.co.id Website : http://support.dlink.co.id...
  • Page 432 Technical Support この度は弊社製品をお買い上げいただき、誠にありがとうご ざいます。 下記弊社 Web サイトからユーザ登録及び新製品登録を 行っていただくと、ダウンロードサービスにて サポート情報、ファームウェア、ユーザマニュアルを ダウンロードすることができます。 ディーリンクジャパン Web サイト URL:http://www.dlink-jp.com...
  • Page 433 技术支持 您可以在 D-Link 的官方網站找到產品的軟件升級和使用手冊 办公地址:北京市东城区北三环东路 36 号 环球贸易中心 B 座 26F 02-05 室 邮编: 100013 技术支持中心电话:8008296688/ (028)66052968 技术支持中心传真:(028)85176948 维修中心地址:北京市东城区北三环东路 36 号 环球贸易中心 B 座 26F 02-05 室 邮编: 100013 维修中心电话:(010) 58257789 维修中心传真:(010) 58257790 网址:http://www.dlink.com.cn 办公时间:周一到周五,早09:00到晚18:00...

Table of Contents