Page 2
Reproduction of this document in any manner whatsoever without the written permission of D-Link Corporation is strictly forbidden. Trademarks used in this text: D-Link and the D-LINK logo are trademarks of D-Link Corporation; Microsoft and Windows are registered trademarks of Microsoft Corporation.
General Precautions for Rack-Mountable Products Protecting Against Electrostatic Discharge The DGS-3000 Series Web UI Reference Guide contains information for setup and management of the Switch. This manual is intended for network managers familiar with network management concepts and terminology. Typographical Conventions...
Web Pages Introduction Most software functions of the DGS-3000 Series switches can be managed, configured and monitored via the embedded web-based (HTML) interface. Manage the Switch from remote stations anywhere on the network through a standard browser. The browser acts as a universal access tool and can communicate directly with the Switch using the HTTP protocol.
Select the menu or window to display. Open folders and click the hyperlinked menu buttons Area 1 and subfolders contained within them to display menus. Click the D-Link logo to go to the D- Link website. Presents a graphical near real-time image of the front panel of the Switch. This area displays the Switch's ports, console and management port, showing port activity.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Web Pages When connecting to the management mode of the Switch with a web browser, a login screen is displayed. Enter a user name and password to access the Switch's management mode.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 2 System Configuration Device Information System Information Settings Port Configuration Serial Port Settings Warning Temperature Settings System Log configuration Time Range Settings Time Settings User Accounts Settings Command Logging Settings Device Information This window contains the main settings for all the major functions for the Switch.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-2 System Information Settings window The fields that can be configured are described below: Parameter Description System Name Enter a system name for the Switch, if so desired. This name will identify it in the Switch network.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-3 DDM Settings window The fields that can be configured are described below: Parameter Description Trap State Specify whether to send the trap, when the operating parameter exceeds the alarm or warning threshold.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-4 DDM Temperature Threshold Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports to be configured.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-5 DDM Voltage Threshold Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports to be configured.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-6 DDM Bias Current Threshold Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports to be configured.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-7 DDM TX Power Threshold Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports to be configured.
Page 20
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-8 DDM RX Power Threshold Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports to be configured.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-9 DDM Status Table window Port Settings This page used to configure the details of the switch ports. To view the following window, click System Configuration > Port Configuration > Port Settings, as show below:...
Page 22
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-10 Port Settings window To configure switch ports: 1. Choose the port or sequential range of ports using the From Port and To Port drop-down menus. 2. Use the remaining drop-down menus to configure the parameters described below:...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide the two physical layers. The timing control is set on a master physical layer by a local source. The slave setting (1000M Full_Slave) uses loop timing, where the timing comes from a data stream received from the master.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-11 Port Description Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the appropriate port range used for the configuration here.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Port State Describe the current running state of the port, whether enabled or disabled. Connection Status Display the uplink status of the individual ports, whether enabled or disabled. Reason Describe the reason why the port has been error-disabled, such as it has become a shutdown port for storm control.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be displayed are described below: Parameter Description Port Display the port number. Type Display the port media type. EEE Settings Energy Efficient Ethernet (EEE) is defined in IEEE 802.3az. It is designed to reduce the energy consumption of a link when no packets are being sent.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-16 Serial Port Settings window The fields that can be configured or displayed are described below: Parameter Description Baud Rate Specify the baud rate for the serial port on the Switch. There are four possible baud rates to choose from, 9600, 19200, 38400 and 115200.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide System Log Configuration System Log Settings The Switch allows users to choose a method for which to save the switch log to the flash memory of the Switch. To view the following window, click System Configuration > System Log Configuration > System Log Settings,...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Severity Use the drop-down menu to select the higher level of messages that will be sent. All messages which level is higher than selecting level will be sent. The options are Emergency (0), Alert (1), Critical (2), Error (3), Warning (4), Notice (5), Informational (6) and Debug (7).
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Clear Log button to clear the entries from the log in the display section. Click the Clear Attack Log button to clear the entries from the attack log in the display section.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description System Severity Choose how the alerts are used from the drop-down menu. Select Log to send the alert of the Severity Type configured to the Switch’s log for analysis. Choose Trap to send it to an SNMP agent for analysis, or select All to send the chosen alert type to an SNMP agent and the Switch’s log for analysis.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 2-24 Time Settings window The fields that can be configured are described below: Parameter Description Date (DD / MM / YYYY) Enter the current day, month, and year to update the system clock.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide User Name Enter a new user name for the Switch. Password Enter a new password for the Switch. Confirm Password Re-type in a new password for the Switch. Access Right Specify the access right for this user.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 3 Management Gratuitous ARP IPv6 Neighbor Settings IP Interface Management Settings Session Table Single IP Management SNMP Settings Telnet Settings Web Settings Power Saving Static ARP Settings The Address Resolution Protocol is a TCP/IP protocol that converts IP addresses into physical addresses. This table allows network managers to view, define, modify, and delete ARP information for specific devices.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view the following window, click Management > ARP > ARP Table, as show below: Figure 3-2 ARP Table window The fields that can be configured are described below:...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide case, the system knows that somebody out there uses an IP address that is conflict with the system. In order to reclaim the correct host of this IP address, the system can send out the gratuitous ARP request packets for this duplicate IP address.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-5 IPv6 Neighbor Settings window The fields that can be configured are described below: Parameter Description Interface Name Enter the interface name of the IPv6 neighbor. Neighbor IPv6 Address Enter the neighbor IPv6 address.
Page 38
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view the following window, click Management > IP Interface > System IP Address Settings, as show below: Figure 3-6 System IP Address Settings window The fields that can be configured are described below:...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Switch to be accessible outside your local network, you can leave this field unchanged. Click the Apply button to accept the changes made. Interface Settings Users can display the Switch’s current IP interface settings.
Page 40
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Apply button to accept the changes made. Click the <<Back button to discard the changes made and return to the previous page. Click the IPv4 Edit button to see the following window.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description Interface Name Display the IPv6 interface name. IPv6 State Use the drop-down menu to enable or disable IPv6 State. Interface Admin State Use the drop-down menu to enable or disable the Interface Admin State.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-12 Management Settings window The fields that can be configured are described below: Parameter Description CLI Paging State Command Line Interface paging stops each page at the end of the console. This allows you to stop the scrolling of multiple pages of text beyond the limits of the console.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Single IP Management D-Link Single IP Management is a concept that will stack switches together over Ethernet instead of using stacking ports or modules. There are some advantages in implementing the “Single IP Management” feature: 1.
6. The CaS can be configured through the CS to become a MS. After configuring one switch to operate as the CS of a SIM group, additional DGS-3000 Series switches may join the group by manually configuring the Switch to be a MS. The CS will then serve as the in band entry point for access to the MS.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-14 Single IP Settings window The fields that can be configured are described below: Parameter Description SIM State Use the drop-down menu to either enable or disable the SIM state on the Switch. Disabled will render all SIM functions on the Switch inoperable.
Page 46
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-15 Single IP Management window - Tree View The Topology window holds the following information on the Data tab: Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user.
Page 47
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-16 Topology view This window will display how the devices within the Single IP Management Group connect to other groups and devices. Possible icons on this window are as follows:...
Page 48
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-17 Device Information Utilizing the Tool Tip Setting the mouse cursor over a line between two devices will display the connection speed between the two devices, as shown below.
Page 49
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-19 Right-Clicking a Group Icon The following options may appear for the user to configure: • Collapse – To collapse the group that will be represented by a single icon.
Page 50
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Member Switch Icon Figure 3-22 Right-clicking a Member icon The following options may appear for the user to configure: • Collapse – To collapse the group that will be represented by a single icon.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Group 1. Add to group – Add a candidate to a group. Clicking this option will reveal the following dialog box for the user to enter a password for authentication from the Candidate Switch before being added to the SIM group.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide configuration file, enter the Server IP Address where the file resides and enter the Path/Filename of the configuration file. Click Restore to initiate the file transfer from a TFTP server to the Switch. Click Backup to backup the configuration file to a TFTP server.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide SNMPv3 uses a more sophisticated authentication process that is separated into two parts. The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers. The second part describes what each user on that list can do as an SNMP manager.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Apply button to accept the changes made. SNMP Traps Settings Users can enable and disable the SNMP trap support function of the switch and SNMP authentication failure trap support, respectively.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-33 SNMP Linkchange Traps Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the starting and ending ports to use.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description View Name Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP view being created.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide SNMP Group Table Settings An SNMP Group created with this table maps SNMP users (identified in the SNMP User Table) to the views created in the previous window. To view the following window, click Management > SNMP Settings > SNMP Group Table Settings, as show...
SNMP management private enterprise number as assigned by IANA (D-Link is 171). The fifth octet is 03 to indicate the rest is the MAC address of this device. The sixth to eleventh octets is the MAC address.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide SHA – Specify that the HMAC-SHA authentication protocol will be used. This field is only operable when V3 is selected in the SNMP Version field and the Encryption field has been checked.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 3-40 SNMP v6Host Table Settings The fields that can be configured are described below: Parameter Description Host IPv6 Address Type the IPv6 address of the remote management station that will serve as the SNMP host for the Switch.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Telnet Settings Users can configure Telnet Settings on the Switch. To view the following window, click Management > Telnet Settings, as show below: Figure 3-42 Telnet Settings window The fields that can be configured are described below:...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 3-44 LED State Settings window The fields that can be configured are described below: Parameter Description LED State Click the radio buttons to enable or disable the port LED state.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Time Range Name Specify the name of the schedule. Click the Apply button to accept the changes made for each individual section. Click the Clear Time Range to remove all the entries.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 4 L2 Features VLAN QinQ Layer 2 Protocol Tunneling Settings Spanning Tree Link Aggregation L2 Multicast Control Multicast Filtering ERPS Settings LLDP NLB FDB Settings VLAN Understanding IEEE 802.1p Priority Priority tagging is a function defined by the IEEE 802.1p standard designed to provide a means of managing traffic...
Page 65
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide VLANs can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains. A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently communicate with each other are assigned to the same VLAN, regardless of where they are physically on the network.
Page 66
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The main characteristics of IEEE 802.1Q are as follows: • Assigns packets to VLANs by filtering. • Assumes the presence of a single global spanning tree. • Uses an explicit tagging scheme with one-level tagging.
Page 67
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-3 Adding an IEEE 802.1Q Tag Port VLAN ID Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact. This allows 802.1Q VLANs to span network devices (and indeed, the entire network, if all network devices are 802.1Q compliant).
Page 68
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide If a packet has previously been tagged, the port will not alter the packet, thus keeping the VLAN information intact. Other 802.1Q compliant devices on the network to make packet-forwarding decisions can then use the VLAN information in the tag.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide On port-based VLANs, NICs do not need to be able to identify 802.1Q tags in packet headers. NICs send and receive normal Ethernet packets. If the packet’s destination lies on the same segment, communications take place using normal Ethernet protocols.
Page 70
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-5 802.1Q VLAN Settings – Add/Edit VLAN Tab window The fields that can be configured are described below: Parameter Description Allow the entry of a VLAN ID or displays the VLAN ID of an existing VLAN in the Add/Edit VLAN tab.
Page 71
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-6 802.1Q VLAN Settings – Find VLAN Tab window Enter the VLAN ID number in the field offered and then click the Find button. You will be redirected to the VLAN List tab.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide the port as forbidden. Click the Apply button to accept the changes made. NOTE: The Switch supports up to 4k static VLAN entries. 802.1v Protocol VLAN 802.1v Protocol Group Settings The user can create Protocol VLAN groups and add protocols to that group.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide NOTE: The Group name value should be less than 33 characters. 802.1v Protocol VLAN Settings The user can configure Protocol VLAN settings. The lower half of the table displays any previously created settings.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Delete All button to remove all the entries listed. Click the Edit button to re-configure the specific entry. Click the Delete button to remove the specific entry.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-11 GVRP Port Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the starting and ending ports to use.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-12 MAC-based VLAN Settings The fields that can be configured are described below: Parameter Description MAC Address Specify the MAC address. VID (1-4094) Select this option and enter the VLAN ID.
Page 77
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-13 Private VLAN Settings window The fields that can be configured are described below: Parameter Description VLAN Name Enter a VLAN name. VID (2-4094) Enter a VID value.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide PVID Auto Assign Settings Users can enable or disable PVID Auto Assign Status. The default setting is enabled. To view the following window, click L2 Features > VLAN > PVID Auto Assign Settings, as show below: Figure 4-15 PVID Auto Assign Settings window Click the Apply button to accept the changes made.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide reset and stop. Log State Used to enable or disable sending of issue of voice VLAN log. Click the Apply button to accept the changes made for each individual section.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-18 Voice VLAN OUI Settings window The fields that can be configured are described below: Parameter Description OUI Address User defined OUI MAC address. Mask User defined OUI MAC address mask.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide VLAN Trunk Settings Enable VLAN on a port to allow frames belonging to unknown VLAN groups to pass through that port. This is useful if you want to set up VLAN groups on end devices without having to configure the same VLAN groups on intermediary devices.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-23 Browse VLAN window Click the Find button to locate a specific entry based on the information entered. Enter a page number and click the Go button to navigate to a specific page when multiple pages exist.
Page 83
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Double VLANs are basically VLAN tags placed within existing IEEE 802.1Q VLANs which we will call SPVIDs (Service Provider VLAN IDs). These VLANs are marked by a TPID (Tagged Protocol ID), configured in hex form to be encapsulated within the VLAN tag of the packet.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 5. The switch cannot have both double and normal VLANs co-existing. Once the change of VLAN is made, all Access Control lists are cleared and must be reconfigured. 6. Once Double VLANs are enabled, GVRP must be disabled.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Outer TPID Enter an Outer TPID in SP-VLAN tag here. Add Inner Tag Specifies that an Inner Tag will be added to the entry. By default the Disabled option is selected.
802.1Q-2005 MSTP. 802.1D-1998 STP will be familiar to most networking professionals. However, since 802.1D-2004 RSTP and 802.1Q-2005 MSTP have been recently introduced to D-Link managed Ethernet switches, a brief introduction to the technology is provided below followed by a description of how to set up 802.1D-1998 STP, 802.1D-2004 RSTP, and 802.1Q-2005 MSTP.
Page 87
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide established regions on the network, continuing to allow simple and full processing of frames, regardless of administrative errors in defining VLANs and their respective spanning trees. Each switch utilizing the MSTP on a network will have a single MSTP configuration that will have the following three attributes: 1.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide RSTP is capable of a more rapid transition to a forwarding state - it no longer relies on timer configurations - RSTP compliant bridges are sensitive to feedback from other RSTP compliant bridge links. Ports do not need to wait for the topology to stabilize before transitioning to a forwarding state.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide STP State Use the radio button to globally enable or disable STP. STP Version Use the drop-down menu to choose the desired version of STP: STP - Select this parameter to set the Spanning Tree Protocol (STP) globally on the switch.
Page 90
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-30 STP Port Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the starting and ending ports to be configured.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Choosing the False parameter indicates that the port does not have edge port status. Alternatively, the Auto option is available. Restricted Role Use the drop-down menu to toggle Restricted Role between True and False. If set to True, the port will never be selected to be the Root port.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-32STP Instance Settings window The fields that can be configured are described below: Parameter Description MSTI ID Enter the MSTI ID in this field. An entry of 0 denotes the CIST (default MSTI).
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Priority Enter a value between 0 and 240 to set the priority for the port interface. A higher priority will designate the interface to forward packets first. A lower number denotes a higher priority.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide and 802.1X must not be enabled on the trunk group. Further, the LACP aggregated links must all be of the same speed and should be configured as full duplex.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Apply button to accept the changes made. Click the Clear All button to clear out all the information entered. Click the Add button to add a new entry based on the information entered.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Static FDB Settings Unicast Static FDB Settings Users can set up static unicast forwarding on the Switch. To view the following window, click L2 Features > FDB > Static FDB Settings > Unicast Static FDB Settings, as...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-38 Multicast Static FDB Settings window The fields that can be configured are described below: Parameter Description The VLAN ID of the VLAN the corresponding MAC address belongs to.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-39 MAC Notification Settings window The fields that can be configured are described below: Parameter Description State Enable or disable MAC notification globally on the Switch Interval (1-2147483647) The time in seconds between notifications.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide is allowed to remain idle). To change this option, type in a different value representing the MAC address’ age-out time in seconds. The MAC Address Aging Time can be set to any value between 10 and 1000000 seconds. The default setting is 300 seconds.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-42 ARP & FDB Table window The fields that can be configured are described below: Parameter Description Port Select the port number to use for this configuration. MAC Address Enter the MAC address to use for this configuration.
Page 101
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-43 IGMP Snooping Settings window The fields that can be configured are described below: Parameter Description IGMP Snooping State Click to enable or disable the IGMP Snooping state.
Page 102
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Expiry Time (1-65535) Proxy Reporting Source Enter the source IP of proxy reporting integrated report. Proxy Reporting State Use the drop-down menu to enable or disable the proxy reporting. If enabled, multiple IGMP reports or leave for a specific (S, G) will be integrated into one report only before sending to the router port.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide propagate routing packets out. Dynamic Router Port Displays router ports that have been dynamically configured. Ports Select the appropriate ports individually to include them in the Router Port configuration.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-47 IGMP Snooping Static Group Settings window The fields that can be configured are described below: Parameter Description VLAN Name Enter the VLAN name of the multicast group.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-49 IGMP Router Port window The fields that can be configured are described below: Parameter Description Enter the VLAN ID of the multicast group. Click the Find button to locate a specific entry based on the information entered.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Clear Data Driven button to delete the specific IGMP snooping group which is learned by the Data Driven feature of the specified VLAN. Click the View All button to display all the existing entries.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Port List The Port List of the multicast group. Click the Find button to locate a specific entry based on the information entered. Click the View All button to display all the existing entries.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide VID List Enter the VLAN ID or the list of VLAN IDs. Port List Enter the port or the list of ports. Group Address Enter the group address. Click the Find button to locate a specific entry based on the information entered.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide MLD Snooping Multicast Listener Discovery (MLD) Snooping is an IPv6 function used similarly to IGMP snooping in IPv4. It is used to discover ports on a VLAN that are requesting multicast data. Instead of flooding all ports on a selected VLAN with multicast traffic, MLD snooping will only forward multicast data to ports that wish to receive this data through the use of queries and reports produced by the requesting ports and the source of the multicast traffic.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide MLD Snooping Settings Users can configure the settings for MLD snooping. To view the following window, click L2 Features > L2 Multicast Control > MLD Snooping > MLD Snooping...
Page 111
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Group listener interval - Amount of time that must pass before a multicast router decides there are no more listeners of a group on a network. Other Querier present interval - Amount of time that must pass before a multicast router decides that there is no longer another multicast router that is the Querier.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Static Router Port This section is used to designate a range of ports as being connected to multicast- enabled routers. This will ensure that all packets with such a router as its destination will reach the multicast-enabled router regardless of the protocol.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-60 MLD Snooping Static Group Settings window The fields that can be configured are described below: Parameter Description VLAN Name The name of the VLAN on which the static group resides.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-62 MLD Router Port window Parameter Description Enter a VLAN ID. Click the Find button to locate a specific entry based on the information entered. Enter a page number and click the Go button to navigate to a specific page when multiple pages exist.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide MLD Snooping Forwarding Table This page displays the switch’s current MLD snooping forwarding table. It provides an easy way for user to check the list of ports that the multicast group comes from and specific sources that it will be forwarded to. The packet comes from the source VLAN.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the View All button to display all the existing entries. Click the Packet Statistics link to view the MLD Snooping Counter Settings for the specific entry. After clicking the...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Find button to locate a specific entry based on the information entered. Click the View All button to display all the existing entries. Multicast VLAN In a switching environment, multiple VLANs may exist. Every time a multicast query passes through the Switch, the switch must forward separate different copies of the data to each VLAN on the system, which, in turn, increases data traffic and may clog up the traffic path.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Delete All button to remove all the entries listed. Click the View All button to display all the existing entries. Click the Group List link to configure the Multicast Group Profile Address Settings for the specific entry.
Page 119
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide is None. Replace Priority Specify that the packet’s priority will be changed by the switch, based on the remap priority. This flag will only take effect when the remap priority is set.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Apply button to accept the changes made. Click the <<Back button to discard the changes made and return to the previous page. After clicking the Profile List...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Find button to locate a specific entry based on the information entered. Click the Delete All button to remove all the entries listed. Click the Group List link to configure the multicast address group list settings for the specific entry.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Name Permit or Deny access to them. Click the Apply button to accept the changes made. Click the Add button to add a new entry based on the information entered.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-77 IPv6 Multicast Profile Settings window The fields that can be configured are described below: Parameter Description Profile ID (1-24) Enter a Profile ID between 1 and 24.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-79 IPv6 Limited Multicast Range Settings window The fields that can be configured are described below: Parameter Description Ports / VID List Select the appropriate port(s) or VLAN IDs used for the configuration here.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Find button to locate a specific entry based on the information entered. Enter a page number and click the Go button to navigate to a specific page when multiple pages exist.
Page 126
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide RPL Owner – Node connected to RPL that blocks traffic on RPL during Idle state and unblocks during Protected state R-APS (Ring – Automatic Protection Switching) - Protocol messages defined in Y.1731 and G.8032 used to coordinate the protection actions over the ring through RAPS VLAN (R-APS Channel).
Page 127
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-83 ERPS Settings - Detail Information window Click on the Edit button to re-configure the specific entry. Click on the <<Back button to return to the ERPS settings page.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Operational East Port Display the operational east port value. Admin RPL Port Specify the RPL port used. Options to choose from are West Port, East Port, and None. Operational RPL Port Display the operational RPL port value.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide LLDP Forward When LLDP is disabled this function controls the LLDP packet forwarding message Message based on individual ports. If LLDP is enabled on a port it will flood the LLDP packet to all ports that have the same port VLAN and will advertise to other stations attached to the same IEEE 802 LAN.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menu to select the ports used for this configuration. Notification Use the drop-down menu to enable or disable the status of the LLDP notification.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide advertisements. The mandatory data type includes four basic types of information (end of LLDPDU TLV, chassis ID TLV, port ID TLV, and Time to Live TLV). The mandatory data types cannot be disabled. There are also four data types which can be optionally selected.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-89 LLDP Dot1 TLVs Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menu to select the port range to use for this configuration.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-90 LLDP Dot3 TLVs Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menu to select the port range to use for this configuration.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-91 LLDP Statistics System window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select a port. Click the Find button to locate a specific entry based on the information entered.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-93 LLDP Local Port Information – Show Normal window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select a port.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide After clicking the Show Normal button, the following page will appear: Figure 4-96 LLDP Remote Port Information – Show Normal window Click the <<Back button to return to the previous page.
Page 137
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-98 LLDP-MED Port Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the port range to use for this configuration.
Page 138
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 4-99 LLDP-MED Local Port Information window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select a port. Click the Find button to locate a specific entry based on the information entered.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide NLB FDB Settings The Switch supports Network Load Balancing (NLB). This is a MAC forwarding control for supporting the Microsoft server load balancing application where multiple servers can share the same IP address and MAC address. The requests from clients will be forwarded to all servers, but will only be processed by one of them.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 5-2 IPv4 Route Table window The fields that can be configured are described below: Parameter Description Network Address Click the radio button and enter the destination network address of the route to be displayed.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 6 802.1p Settings Bandwidth Control Traffic Control Settings DSCP Scheduling Settings The Switch supports 802.1p priority queuing Quality of Service. The following section discusses the implementation of QoS (Quality of Service) and benefits of using 802.1p priority queuing.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Understanding QoS The Switch supports 802.1p priority queuing. The Switch has eight priority queues. These priority queues are numbered from 7 (Class 7) — the highest priority queue — to 0 (Class 0) — the lowest priority queue. The eight priority tags specified in IEEE 802.1p (p0 to p7) are mapped to the Switch’s priority queues as follows:...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 6-2 Default Priority Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select the starting and ending ports to use.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 802.1p Map Settings This window is used to the mapping of 802.1p to the packet’s initial color. To view the following window, click QoS > 802.1p Settings > 802.1p Map Settings, as show below: Figure 6-4 802.1p Map Settings window...
Page 146
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 6-5 Bandwidth Control Settings window The fields that can be configured or displayed are described below: Parameter Description From Port / To Port Use the drop-down menu to select the port range to use for this configuration.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Queue Bandwidth Control Settings To view this window, click QoS > Bandwidth Control > Queue Bandwidth Control Settings, as shown below. To view the following window, click QoS > Bandwidth Control > Queue Bandwidth Control Settings, as show...
Page 148
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide affect the overall performance of the switch network. To help rectify this packet storm, the Switch will monitor and control the situation. Packet storms are monitored to determine if too many packets are flooding the network based on threshold levels provided by the user.
Page 149
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide drop packets until the issue is resolved. Shutdown – Utilizes the Switch’s software Traffic Control mechanism to determine the Packet Storm occurring. Once detected, the port will deny all incoming traffic to the port except STP BPDU packets, which are essential in keeping the Spanning Tree operational on the Switch.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide NOTE: Ports that are in Shutdown Forever mode will be seen as link down in all windows and screens until the user recovers these ports. NOTE: The minimum granularity of storm control on each port is 1pps.
Page 151
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The DSCP-to-DSCP mapping is used in the swap of DSCP of the packet when the packet is ingresses to the port. The remaining processing of the packet will base on the new DSCP. By default, the DSCP is mapped to the same DSCP.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 6-11 DSCP Map Settings - DSCP Color window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menu to select a range of port to configure.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click QoS > Scheduling Settings > QoS Scheduling as shown below: Figure 6-12 QoS Scheduling window The following parameters can be configured: Parameter Description From Port / To Port Enter the port or port list you wish to configure.
Page 154
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 6-13 QoS Scheduling Mechanism The following parameters can be configured: Parameter Description From Port / To Port Enter the port or port list you wish to configure. Scheduling Mechanism Strict –...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 7 ACL Configuration Wizard Access Profile List CPU Access Profile List ACL Finder ACL Flow Meter ACL Configuration Wizard The ACL Configuration Wizard will aid the user in the creation of access profiles and ACL Rules automatically by simply inputting the address or service type and the action needed.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide IPv4 Address – Selecting this option will allow the user to enter a range of IPv4 addresses for this rule. IPv6 – Selecting this option will allow the user to enter a range of IPv6 addresses for this rule.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Delete All button to remove all access profiles from this table. Click the Show Details button to display the information of the specific profile ID entry. Click the Add/View Rules button to view or add ACL rules within the specified profile ID.
Page 158
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide packet content. This will change the window according to the requirements for the type of profile. Select Ethernet ACL to instruct the Switch to examine the layer 2 part of each packet header.
Page 159
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-6 Add Access Rule window (Ethernet ACL) The fields that can be configured are described below: Parameter Description Access ID (1-256) Type in a unique identifier number for this access. This value can be set from 1 to 256.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide a packet to the value entered in the Priority field, which meets the criteria specified previously in this command, before forwarding it on to the specified CoS queue. Otherwise, a packet will have its incoming 802.1p user priority re-written to its original value before being forwarded by the Switch.
Page 161
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-8 Add ACL Profile window (IPv4 ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-512) Enter a unique identifier number for this profile set. This value can be set from 1 to 512.
Page 162
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide the following guidelines: Select ICMP to instruct the Switch to examine the Internet Control Message Protocol (ICMP) field in each frame's header. Select Type to further specify that the access profile will apply an ICMP type value, or specify Code to further specify that the access profile will apply an ICMP code value.
Page 163
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-10 Access Rule List window (IPv4 ACL) Click the Add Rule button to create a new ACL rule in this profile. Click the <<Back button to return to the previous page.
Page 164
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Destination IP Enter the destination IP address. Address Destination IP Select and enter the destination IP address mask. Address Mask DSCP Enter the DSCP value. Protocol Selecting this option instructs the Switch to examine the protocol type value in each frame's header.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide defined in the config mirror port command. Port Mirroring must be enabled and a target port must be set. Priority (0-7) Tick the corresponding check box if you want to re-write the 802.1p default priority of a packet to the value entered in the Priority field, which meets the criteria specified previously in this command, before forwarding it on to the specified CoS queue.
Page 166
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-13 Add ACL Profile window (IPv6 ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-512) Enter a unique identifier number for this profile set. This value can be set from 1 to 512.
Page 167
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Select ICMP to instruct the Switch to examine the Internet Control Message ICMP Protocol (ICMP) field in each frame's header. Select Type to further specify that the access profile will apply an ICMP type value, or specify Code to further specify that the access profile will apply an ICMP code value.
Page 168
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-16 Add Access Rule (IPv6 ACL) The fields that can be configured are described below: Parameter Description Access ID (1-256) Type in a unique identifier number for this access. This value can be set from 1 to 256.
Page 169
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide both the priority and DSCP are set to be modified. Replace ToS Specify that the IP precedence of the outgoing packet is changed with the new value. Precedence (0-7) If used without an action priority, the packet is sent to the default TC.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide After clicking the Show Details button in the Access Rule List, the following page will appear: Figure 7-17 Access Rule Detail Information (IPv6 ACL) Click the Show All Rules button to navigate back to the Access Rule List.
Page 171
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Type content. This will change the window according to the requirements for the type of profile. Select Ethernet ACL to instruct the Switch to examine the layer 2 part of each packet header.
Page 172
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-20 Access Rule List (Packet Content ACL) Click the Add Rule button to create a new ACL rule in this profile. Click the <<Back button to return to the previous page.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Select Mirror to specify that packets that match the access profile are mirrored to a port defined in the config mirror port command. Port Mirroring must be enabled and a target port must be set.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide NOTE: CPU Interface Filtering is used to control traffic access to the switch directly such as protocols transition or management access. A CPU interface filtering rule won’t impact normal L2/3 traffic forwarding.
Page 175
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-24 Add CPU ACL Profile (Ethernet ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-5) Enter a unique identifier number for this profile set. This value can be set from 1 to 5.
Page 176
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-25 CPU Access Profile Detail Information (Ethernet ACL) Click the Show All Profiles button to navigate back to the CPU ACL Profile List Page. After clicking the Add/View Rules button, the following page will appear: Figure 7-26 CPU Access Rule List (Ethernet ACL) Click the Add Rule button to create a new CPU ACL rule in this profile.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 100. Auto Assign – Select this check box will instruct the Switch to automatically assign an Access ID for the rule being created. VLAN Name Enter the VLAN name.
Page 178
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-29 Add CPU ACL Profile (IPv4 ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-5) Enter a unique identifier number for this profile set. This value can be set from 1 to 5.
Page 179
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide specify Code to further specify that the access profile will apply an ICMP code value. Select IGMP to instruct the Switch to examine the Internet Group Management Protocol (IGMP) field in each frame's header.
Page 180
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-31 CPU Access Rule List (IPv4 ACL) Click the Add Rule button to create a new CPU ACL rule in this profile. Click the <<Back button to return to the previous page.
Page 181
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide the following guidelines: Select this option to specify that the rule will be applied to ICMP traffic. Type – Enter the ICMP packet type value. Code – Enter the ICMP code value.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-33 CPU Access Rule Detail Information (IPv4 ACL) Click the Show All Rules button to navigate back to the CPU Access Rule List. Adding a CPU IPv6 ACL Profile The window shown below is the Add CPU ACL Profile window for IPv6.
Page 183
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Select Ethernet to instruct the Switch to examine the layer 2 part of each packet header. Select IPv4 to instruct the Switch to examine the IPv4 address in each frame's header.
Page 184
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-37 Add CPU Access Rule (IPv6 ACL) The fields that can be configured are described below: Parameter Description Access ID (1-100) Enter a unique identifier number for this access. This value can be set from 1 to 100.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-38 CPU Access Rule Detail Information (IPv6 ACL) Click the Show All Rules button to navigate back to the CPU Access Rule List. Adding a CPU Packet Content ACL Profile The window shown below is the Add CPU ACL Profile window for Packet Content.
Page 186
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Select IPv4 to instruct the Switch to examine the IPv4 address in each frame's header. Select IPv6 to instruct the Switch to examine the IPv6 address in each frame's header.
Page 187
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-42 Add CPU Access Rule (Packet Content ACL) The fields that can be configured are described below: Parameter Description Access ID (1-100) Type in a unique identifier number for this access. This value can be set from 1 to 100.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 7-43 CPU Access Rule Detail Information (Packet Content ACL) Click the Show All Rules button to navigate back to the CPU Access Rule List. ACL Finder The ACL rule finder helps you to identify any rules that have been assigned to a specific port and edit existing rules quickly.
Page 189
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide CBS – Committed Burst Size. Measured in bytes, the CBS is associated with the CIR and is used to identify packets that exceed the normal boundaries of packet size. The CBS should be configured to accept the biggest IP packet that is expected in the IP flow.
Page 190
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Access ID (1-256) Here the user can enter the Access ID for the flow meter. Click the Find button to locate a specific entry based on the information entered.
Page 191
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide PIR – Specify the Peak information Rate. The unit is Kbps. PIR should always be equal to or greater than CIR. CBS – Specify the Committed Burst Size. The unit is in kilobyte.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 8 Security 802.1X RADIUS IP-MAC-Port Binding (IMPB) MAC-based Access Control (MAC) Compound Authentication Port Security ARP Spoofing Prevention Settings BPDU Attack Protection Traffic Segmentation Settings NetBIOS Filtering Settings...
Page 193
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Authentication Server The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator, must be running a RADIUS Server program and must be configured properly on the Authenticator (Switch).
Page 194
Figure 8-6 The 802.1X Authentication Process The D-Link implementation of 802.1X allows network administrators to choose between two types of Access Control used on the Switch, which are: 1. Port-Based Access Control – This method requires only one user to be authenticated per port by a remote RADIUS server to allow the remaining users on the same port access to the network.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Host-Based Network Access Control In order to successfully make use of 802.1X in a shared media LAN segment, it would be necessary to create “logical” Ports, one for each attached device that required access to the LAN.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 802.1X Port Settings Users can configure the 802.1X authenticator port settings. To view this window, click Security > 802.1X > 802.1X Port Settings as shown below: Figure 8-10 802.1X Port Settings...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide ReAuthPeriod (1-65535) A constant that defines a nonzero number of seconds between periodic re- authentication of the client. The default setting is 3600 seconds. ReAuthentication Determines whether regular re-authentication will take place on this port. The default setting is Disabled.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-11 802.1X User Settings window The fields that can be configured are described below: Parameter Description 802.1X User The user can enter an 802.1X user’s username in here.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide A port cannot be a member of a Guest VLAN and a static VLAN simultaneously. Once a client has been accepted into the target VLAN, it can no longer access the Guest VLAN.
Page 200
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click Security > 802.1X > Authenticator Statistics as shown below: Figure 8-15 Authenticator Statistics - Port-based window Figure 8-16 Authenticator Statistics - MAC-based window...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Time Interval Use the drop-down menu to select the interval to update the statistics. Click the OK button to accept the changes made.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-18 Authenticator Session Statistics - MAC-based window The fields that can be configured are described below: Parameter Description Time Interval Use the drop-down menu to select the interval to update the statistics.
Page 203
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-19 Authenticator Diagnostics - Port-based window Figure 8-20 Authenticator Diagnostics - MAC-based window The fields that can be configured are described below:...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description Time Interval Use the drop-down menu to select the interval to update the statistics. Click the OK button to accept the changes made. NOTE: The user must first globally enable Authentication Mode in the 802.1X Global Settings window before initializing ports.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-23 Reauthenticate Port(s) - Port-based window If MAC-based is selected in the Authentication Mode drop-down menu in 802.1X Global Settings window, the following window appears. Figure 8-24 Reauthentiate Port(s) - MAC-based window...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description Index Choose the desired RADIUS server to configure: 1, 2 or 3. Server IP Set the RADIUS server IP address. Authentication Port (1- Set the RADIUS authentic server(s) UDP port which is used to transmit 65535) RADIUS data between the Switch and the RADIUS server.
Page 207
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click Security > RADIUS > RADIUS Authentication as shown below: Figure 8-27 RAIUS Authentication window The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide server. AccessChallenges The number of RADIUS Access-Challenge packets (valid or invalid) received from this server. AccessResponses The number of malformed RADIUS Access-Response packets received from this server. Malformed packets include packets with an invalid length. Bad authenticators or Signature attributes or known types are not included as malformed access responses.
Page 209
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-28 RADIUS Account Client window The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds. The default value is 1s.
DHCPv4, DHCPv6, and ND packets and saving them to the IMPB white list. If an unauthorized user tries to access an IP-MAC binding enabled port, the system will block the access by dropping its packet. For the DGS-3000 series of switches, active and inactive entries use the same database. The maximum number of entries that can be created is 510 for IPv4 and 255 for IPv6, by which only a maximum of 127 entries can be active at any given time.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide MAC-port binding configuration set on the Switch. The default is Disabled. DHCP Snooping (IPv4) Click the radio buttons to enable or disable DHCP snooping (IPv4) for IP-MAC-Port binding. The default is Disabled.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide ARP packet is detected. The default value is Disabled. IP Inspection When both ARP and IP inspections are enabled, all IP packets are checked. The legal IP packets are forwarded, while the illegal IP packets are dropped. When IP Inspection is enabled, and ARP Inspection is disabled, all non-IP packets (Ex.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Delete button to remove the specified entry. Enter a page number and click the Go button to navigate to a specific page when multiple pages exist. MAC Block List This window is used to view unauthorized devices that have been blocked by IP-MAC binding restrictions.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-33 DHCP Snooping Max Entry Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to use.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Ports Specify the ports for DHCP snooping entries. Tick the All Ports check box to select all entries for all ports. Tick the IPv4 check box to select IPv4 DHCP snooping learned entries.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click Security > IP-MAC-Port Binding (IMPB) > ND Snooping > ND Snooping Entry as shown below: Figure 8-36 ND Snooping Entry window The fields that can be configured are described below:...
Page 217
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-37 MAC-based Access Control Settings window The fields that can be configured are described below: Parameter Description MAC-based Access Toggle to globally enable or disable the MAC-based access control function on the Control State Switch.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Member Ports Enter the list of ports that have been configured for the Guest VLAN. From Port / To Port Use the drop-down menus to select a range of ports to be configured for MAC-based access control.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-39 MAC-based Access Control Local Settings – Edit by Name window To change the selected MAC address’ VID value, the user can click the Edit by ID button.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Japanese Web-based Access Control (JWAC) JWAC Global Settings This window is used to enable and configure Japanese Web-based Access Control on the Switch. To use the JWAC feature, computer users need to pass through two stages of authentication. The first stage is to do the authentication with the quarantine server and the second stage is the authentication with the Switch.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide to the quarantine server when it tries to access a random URL. When the redirect JWAC login page is enabled, the unauthenticated host will be redirected to the JWAC login page in the Switch to finish authentication. When redirect is disabled, only access to the quarantine server and the JWAC login page from the unauthenticated host are allowed, all other web access will be denied.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-43 JWAC Port Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to be enabled as JWAC ports.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-44 JWAC User Settings window The fields that can be configured are described below: Parameter Description User Name Enter the user name of up to 15 alphanumeric characters of the guest wishing to access the Web through this process.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Find button to locate a specific entry based on the information entered. Click the Clear button to remove entry based on the port list entered. Click the View All Hosts button to display all the existing entries.
Page 225
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-47 JWAC Customize Page - Japanese window Figure 8-48 JWAC Customize Page - English window...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Complete the JWAC authentication information in this window to set the JWAC page settings. Click the Apply button to implement the changes made. Click the Set to default button to go back to the default settings of all elements.
Page 227
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Port Security is a security feature that prevents unauthorized computers (with source MAC addresses) unknown to the Switch prior to locking the port (or ports) from connecting to the Switch's locked ports and gaining access to the network.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-51 Port Security Port-VLAN Settings window The fields that can be configured are described below: Parameter Description VLAN Name Click the button and enter the name of the VLAN that the port security settings will be displayed for.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Port Security Entries Users can remove an entry from the port security entries learned by the Switch and entered into the forwarding database. To view this window, click Security > Port Security > Port Security Entries as shown below:...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Gateway IP Address Enter the gateway IP address to help prevent ARP Spoofing. Gateway MAC Address Enter the gateway MAC address to help prevent ARP Spoofing.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-55 BPDU Attack Protection window The fields that can be configured are described below: Parameter Description BPDU Attack Click the radio buttons to enable or disable the BPDU Attack Protection state.
Page 232
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Loopback Detection port will restart (change to normal state) when the Loopback Detection Recover Time times out. The Loopback Detection function can be implemented on a range of ports at a time. The user may enable or disable this function using the drop-down menu.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Traffic Segmentation Settings Traffic segmentation is used to limit traffic flow from a single or group of ports, to a group of ports. This method of segmenting the flow of traffic is similar to using VLANs to limit traffic, but is more restrictive. It provides a method of directing traffic that does not increase the overhead of the master switch CPU.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click Security > NetBIOS Filtering Settings as shown below: Figure 8-58 NetBIOS Filtering Settings window The fields that can be configured are described below: Parameter...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-59 DHCP Server Screening Port Settings window The fields that can be configured are described below: Parameter Description DHCP Server Screening Click to enable or disable filtering DHCP server trap and log.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Server IP Address The IP address of the DHCP server to be permitted. Client’s MAC Address Enter the client’s MAC address. Leave it blank to received packets from all client’s MAC address.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide order preferable, and defined by the user for normal user authentication on the Switch, and may contain up to eight authentication techniques. When a user attempts to access the Switch, the Switch will select the first technique listed for authentication.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-62 Log-in Page Authentication Policy Settings Users can enable an administrator-defined authentication policy for users trying to access the Switch. When enabled, the device will check the Login Method List and choose a technique for user authentication upon login.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Application Authentication Settings Users can configure Switch configuration applications (Console, Telnet, SSH, HTTP) for login at the user level and at the administration level (Enable Admin) utilizing a previously configured method list.
Page 240
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-65 Authentication Server Group Settings – Server Group List window This window displays the Authentication Server Groups on the Switch. The Switch has four built-in Authentication Server Groups that cannot be removed but can be modified. To add a new Server Group, enter a name in the Group Name field and then click the Add button.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide NOTE: The three built-in server groups can only have server hosts running the same TACACS daemon. TACACS/XTACACS/TACACS+ protocols are separate entities and are not compatible with each other. Authentication Server Settings User-defined Authentication Server Hosts for the TACACS / XTACACS / TACACS+ / RADIUS security protocols can be set on the Switch.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Login Method Lists Settings User-defined or default Login Method List of authentication techniques can be configured for users logging on to the Switch. The sequence of techniques implemented in this command will affect the authentication result. For example, if a user enters a sequence of techniques, for example TACACS - XTACACS- local, the Switch will send an authentication request to the first TACACS host in the server group.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Enable Method Lists Settings Users can set up Method Lists to promote users with user level privileges to Administrator (Admin) level privileges using authentication methods on the Switch. Once a user acquires normal user level privileges on the Switch, he or she must be authenticated by a method on the Switch to gain administrator privileges on the Switch, which is defined by the Administrator.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide none - Adding this parameter will require no authentication needed to access the Switch. Click the Apply button to accept the changes made. Click the Edit button to re-configure the specific entry.
Page 245
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide CBC Block Ciphers – CBC refers to Cipher Block Chaining, which means that a portion of the previously encrypted block of encrypted text is used in the encryption of the current block. The Switch supports the 3DES EDE encryption code defined by the Data Encryption Standard (DES) to create the encrypted text.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description SSL Status Use the radio buttons to enable or disable the SSL status on the Switch. The default is Disabled. Cache Timeout (60- This field will set the time between a new key exchange between a client and a host 86400) using the SSL function.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The steps required to use the SSH protocol for secure communication between a remote PC (the SSH client) and the Switch (the SSH server) are as follows: Create a user account with admin-level access using the User Accounts window. This is identical to creating any other admin-level User Account on the Switch, including specifying a password.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Apply button to accept the changes made for each individual section. SSH Authentication Method and Algorithm Settings Users can configure the desired types of SSH algorithms used for authentication encryption. There are three categories of algorithms listed and specific algorithms of each may be enabled or disabled by ticking their corresponding check boxes.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide is enabled. Blow-fish CBC Use the check box to enable or disable the Blowfish encryption algorithm with Cipher Block Chaining. The default is enabled. Twofish128 Use the check box to enable or disable the twofish128 encryption algorithm. The default is enabled.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Authentication Method The administrator may choose one of the following to set the authorization for users attempting to access the Switch. Host Name – This parameter should be chosen if the administrator wishes to use a remote host name for authentication purposes.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-75 Trusted Host window When the user clicks the Edit button, one will be able to edit the service allowed to the selected host. The fields that can be configured are described below:...
Page 252
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide stop period. This doubling of time for stopping these packets will continue until the maximum time has been reached, which is 320 seconds and every stop from this point until a return to normal ingress flow would be 320 seconds.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Rising Threshold (20% Used to configure the acceptable level of CPU utilization before the Safeguard - 100%) Engine mechanism is enabled. Once the CPU utilization reaches this percentage level, the Switch will move into Exhausted mode, based on the parameters provided in this window.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide TCP Null Scan Tick to check whether a received TCP packet contains a sequence number of 0 and no flags TCP Xmascan Tick to check whether a received TCP packet contains URG, Push and FIN flags.
Page 255
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 8-80 IGMP Access Control Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to be enabled as compound authentication ports.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 9 Network Application DHCP DNS Resolver PPPoE Circuit ID Insertion Settings SMTP Settings SNTP Flash File System Settings DHCP DHCP Relay DHCP Relay Global Settings This window is used to enable and configure DHCP Relay Global Settings. The relay hops count limit allows the maximum number of hops (routers) that the DHCP messages can be relayed through to be set.
Page 257
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Enabled –When this field is toggled to Enabled, the relay agent will insert and remove DHCP relay information (option 82 field) in messages between DHCP servers and clients. When the relay agent receives the DHCP request, it adds the option 82 information, and the IP address of the relay agent (if the relay agent is configured), to the packet.
Page 258
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide servers. enable – Select this option to enable the DHCP Relay Option 61 state, in order to relay DHCP packets. disable - Select this option to disable the DHCP Relay Option 61 state.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide • Length • MAC address: The Switch’s system MAC address. DHCP Relay Interface Settings This window is used to set up a server, by IP address, for relaying DHCP information to the Switch. The user may enter a previously configured IP interface on the Switch that will be connected directly to the DHCP server using this window.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide DHCP Relay Option 60 Server Settings This window is used to configure the DHCP relay option 60 server parameters. To view this window, click Network Application > DHCP > DHCP Relay > DHCP Relay Option 60 Server...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The system will relay the packet to all the matching servers. Server IP Address Here the user can enter the DHCP Relay Option 60 Server IP address. Match Type Here the user can enter the DHCP Relay Option 60 Match Type value.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Click the Delete button to remove the specific entry based on the information entered. Click the Delete All button to remove all the entries listed. DHCP Local Relay Settings The DHCP local relay settings allows the user to add option 82 into DHCP request packets when the DHCP client gets an IP address from the same VLAN.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 9-10 DHCP Local Relay Option 82 Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to use.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description DNS Resolver State Click the radio buttons to enable or disable the DNS resolver state. Name Server Timeout The maximum time waiting for a response from a specified name server.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The window is used to create the static host name entry of the switch. To view this window, click Network Application > DNS Resolver > DNS Resolver Static Host Name Settings as...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 9-16 PPPoE Circuit ID Insertion Settings window The fields that can be configured are described below: Parameter Description PPPoE Circuit ID Click the radio buttons to enable or disable the PPPoE circuit ID insertion on the Insertion Switch.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 9-17 SMTP Settings window The fields that can be configured are described below: Parameter Description SMTP State Use the radio button to enable or disable the SMTP service on this device.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click Network Application > SNTP > SNTP Settings as shown below: Figure 9-18 SNTP Settings window The fields that can be configured or displayed are described below:...
Page 269
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 9-19 Time Zone Settings window The fields that can be configured are described below: Parameter Description Daylight Saving Time Use this drop-down menu to enable or disable the DST Settings.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description DST Annual Settings Using annual mode will enable DST seasonal time adjustment. Annual mode requires that the DST beginning and ending date be specified concisely. For example, specify to begin DST on April 3 and end DST on October 14.
Page 271
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 9-21 Flash File System Setting – Search for Drive window Click the Previous button to return to the previous page. Click the Create Directory to create a new directory within the file system of the switch.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 10 Ethernet OAM DULD Settings Cable Diagnostics CFM Settings This window is used to configure the CFM parameters. To view this window, click OAM > CFM > CFM Settings, as shown below:...
Page 273
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide address information. Click the Apply button to accept the changes made for each individual section. Click the Edit button to re-configure the specific entry. Click the Delete button to remove the specific entry.
Page 274
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-4 CFM MA Settings - Edit Window The fields that can be configured are described below: Parameter Description This is the control creation of MIPs. None - Don’t create MIPs.
Page 275
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-5 CFM MEP Settings Window The fields that can be configured are described below: Parameter Description MEP Name MEP name. It is unique among all MEPs configured on the device.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-7 CFM MEP Information - Edit Window The fields that can be configured are described below: Parameter Description MEP State This is the MEP administrative state. Enable - MEP is enabled.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-8 CFM Port Settings Window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to be configuration.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-10 CFM Loopback Settings Window The fields that can be configured are described below: Parameter Description MEP Name Select and enter the Maintenance End Point name used. MEP ID (1-8191) Select and enter the Maintenance End Point ID used.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-11 CFM Linktrace Settings Window The fields that can be configured are described below: Parameter Description MEP Name Select and enter the Maintenance End Point name used. MEP ID (1-8191) Select and enter the Maintenance End Point ID used.
Page 280
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-12 CFM Packet Counter Window The fields that can be configured are described below: Parameter Description Port List Enter a list of ports to be displayed. Tick the All Ports check box to display all ports.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-13 CFM Packet Counter Window CFM Fault Table This window is used to show the MEPs that have faults. To view this window, click OAM > CFM > CFM Fault Table, as shown below:...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click OAM > CFM > CFM MP Table, as shown below: Figure 10-15 CFM MP Table Window The fields that can be configured are described below:...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-16 Ethernet OAM Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports you wish to configure.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-17 Ethernet OAM Configuration Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports you wish to configure.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-18 Ethernet OAM Event Log window The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to select the port number to view.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-19 Ethernet OAM Statistics window The fields that can be configured are described below: Parameter Description Port List Enter a list of ports. Tick the All Ports check box to select all ports.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-20 DULD Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Select a range of ports you wish to configure.
Page 288
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 10-21 Cable Diagnostics window The fields that can be configured are described below: Parameter Description Port Select a port you wish to display. Click the Test button to view the cable diagnostics for a particular port.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 11 Monitoring Utilization Statistics Mirror Ping Test Trace Route Peripheral Utilization CPU Utilization Users can display the percentage of the CPU being used, expressed as an integer percentage and calculated as a simple average by time interval.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-2 DRAM & Flash Utilization window Port Utilization Users can display the percentage of the total available bandwidth being used on the port. To view this window, click Monitoring > Utilization > Port Utilization as shown below:...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Port Statistics Packets The Web manager allows various packet statistics to be viewed as either a line graph or a table. Six windows are offered. Received (RX) To select a port to view these statistics for, select the port by using the Port drop-down menu. The user may also use the real-time graphic of the Switch at the top of the web page by simply clicking on a port.
Page 292
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-5 RX Packets Analysis Table window The fields that can be configured or displayed are described below: Parameter Description Port Use the drop-down menu to choose the port that will display statistics.
Page 293
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-6 UMB_cast (RX) window (for Unicast, Multicast, and Broadcast Packets) Click the View Table link to display the information in a table rather than a line graph. Figure 11-7 RX Packets Analysis window (table for Unicast, Multicast, and Broadcast Packets)
Page 294
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Multicast Counts the total number of good packets that were received by a multicast address. Broadcast Counts the total number of good packets that were received by a broadcast address.
Page 295
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-9 TX Packets Analysis window (table for Bytes and Packets) The fields that can be configured or displayed are described below: Parameter Description Port Use the drop-down menu to choose the port that will display statistics.
Page 296
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-10 Received (RX) window (for errors) Click the View Table link to display the information in a table rather than a line graph. Figure 11-11 RX Error Analysis window (table)
Page 297
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide of 64 bytes and have a good CRC. Undersize packets usually indicate collision fragments, a normal network occurrence. OverSize Counts valid packets received that were longer than 1518 octets and less than the MAX_PKT_LEN.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-13 TX Error Analysis window (table) The fields that can be configured or displayed are described below: Parameter Description Port Use the drop-down menu to choose the port that will display statistics.
Page 299
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 11-14 Packet Size window Click the View Table link to display the information in a table rather than a line graph. Figure 11-15 RX Size Analysis window (table)
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide 65-127 The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). 128-255 The total number of packets (including bad packets) received that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide outgoing traffic. None Click the radio buttons to select whether the port should not include any traffic. Click the Apply button to accept the changes made. NOTE: You cannot mirror a fast port onto a slower port. For example, if you try to mirror the traffic from a 100 Mbps port onto a 10 Mbps port, this can cause throughput problems.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Timeout Select a timeout period between 1 and 99 seconds for this Ping message to reach its destination. If the packet fails to find the IP address in this specified time, the Ping packet will be dropped.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide seeking the network path between two devices. The range for the TTL is 1 to 60 hops. Port (30000-64900) The port number. The value range is from 30000 to 64900.
Page 304
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide To view this window, click Monitoring > Peripheral > External Alarm Settings as shown below: Figure 11-22 External Alarm Settings window Click the Refresh button to refresh the display table so that new entries will appear.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Chapter 12 Save and Tools Save Configuration / Log Download firmware Upload Firmware Download Configuration Upload Configuration Upload Log File Reset Reboot System Save Configuration / Log To view this window, click Save > Save Configuration / Log, as shown below.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 12-4 Download Firmware – TFTP window The fields that can be configured are described below: Parameter Description TFTP Server IP Enter the TFTP server IP address used. IPv4 Click the radio button to enter the TFTP server IP address used.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Destination File Enter the file name that will be stored in the flash of the Switch, e.g. C:/runtime.had. Boot Up Select this option to use this firmware as the boot-up firmware.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide IPv4 Click the radio button to enter the TFTP server IP address used. IPv6 Click the radio button to enter the TFTP server IPv6 address used. Domain Name Click the radio button to enter the domain name.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Parameter Description Source File Enter the location and name of the Source File. Click Upload to initiate the upload. Download Configuration The following window is used to download the configuration file for the Switch.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 12-11 Download Configuration – FTP window The fields that can be configured are described below: Parameter Description FTP Server IP Enter the FTP Server IP Address used. User Name Enter the appropriate Username used.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Upload Configuration To TFTP This window is used to upload the configuration file from the Switch to a TFTP Server. Figure 12-13 Upload Configuration – TFTP window The fields that can be configured are described below:...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description FTP Server IP Enter the FTP Server IP Address used. User Name Enter the appropriate Username used. Password Enter the appropriate Password used.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Upload Log File The following window is used to upload the log file from the Switch. To view this window, click Tools > Upload Log File, as shown below.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description FTP Server IP Enter the FTP Server IP Address used. User Name Enter the appropriate Username used. Password Enter the appropriate Password used.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 12-19 Reset System window The fields that can be configured are described below: Parameter Description Reset Selecting this option will factory reset the Switch but not the IP address, log, user account and banner.
Page 316
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Figure 12-22 System Rebooting window...
This document will explain how the Password Recovery feature can help network administrators reach this goal. The following steps explain how to use the Password Recovery feature on D-Link devices to easily recover passwords.
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Appendix B System Log Entries The following table lists all possible entries and their corresponding meanings that will appear in the System Log of this Switch. Category Event Description...
Page 319
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Log message successfully uploaded Log message successfully uploaded by Informational console (Username: <username>, IP: <ipaddr> ) Log message upload was unsuccessful Log message upload by console was Warning unsuccessful! (Username: <username>, IP: <ipaddr>...
Page 320
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide <macaddr> Priority :<value>) New root bridge CIST Region New Root bridge selected Informational ( MAC: <macaddr> Priority :<value>) New root bridge MSTI Region New Root bridge selected Informational (Instance:<InstanceID>, MAC: <macaddr>...
Page 321
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Authentication Policy is disabled Authentication Policy is disabled (Module: Informational AAA) Successful login through Console Successful login through Console Informational authenticated by AAA local method authenticated by AAA local method (Username: <username>)
Page 322
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Successful login through Web authenticated Successful login through Web from <userIP> Informational by AAA server authenticated by AAA server <serverIP> (Username: <username>) Login failed through Web authenticated by Login failed through Web from <userIP>...
Page 323
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide authenticated by AAA local_enable method from <userIP> authenticated by AAA local_enable method (Username: <username> ) Enable Admin failed through Telnet Enable Admin failed through Telnet from Warning authenticated by AAA local_enable method <userIP>...
Page 324
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Successful Enable Admin through Telnet Successful Enable Admin through Telnet Informational authenticated by AAA server from <userIP> authenticated by AAA server <serverIP> (Username: <username>) Enable Admin failed through Telnet...
Page 325
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Multicast storm occurrence Port <portNum> Multicast storm is occurring Warning Multicast storm cleared Port <portNum> Multicast storm has cleared Informational Port shut down due to a packet storm Port <portNum> is currently shut down due...
Page 326
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide <ipaddr>, Port: <portNum>) COMMAND LOGGING Command Logging <username>: execute command "<string>" Informational MBAC A host passes the authentication MAC-based Access Control host login Informational successful (MAC: <macaddr>, port: <[unitID]portNum>, VID: <vid>)
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Appendix C Trap Log Entries This table lists the trap logs found on the Switch. Trap Name Trap Description The SNMP trap that is generated when an alarm entry crosses its rising threshold and generates an event that is configured for sending SNMP traps.
Page 328
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide included value of ifOperStatus. Binding: 1.ifIndex 2.ifAdminStatus 3.ifOperStatus The newRoot trap indicates that the sending agent has become the new root of the Spanning Tree; the trap is sent by a bridge soon after its election as the new root, newRoot 1.3.6.1.2.1.17.0.1...
Page 329
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide This trap is sent when a packet storm is detected by a packet storm mechanism and a shutdown action is swPktStormOccurred 1.3.6.1.4.1.171.12.25.5.0.1 taken. Binding: 1: swPktStormCtrlPortIndex The trap is sent when the packet storm is cleared by the swPktStormCleared packet storm mechanism.
Page 330
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide attack state, a trap will be sent out. Binding: 1.swBpduProtectionPortIndex 2.swBpduProtectionPortMode When the BPDU Protection trap is enabled, if the specific port changes from an under attack state to a swBpduProtectionRecoveryTr normal state, a trap will be sent out.
Page 331
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide authentation failure notification. Binding: 1: swSingleIPMSID 2: swSingleIPMSMacAddr Commander switch will send swSingleIPMSnewRoot notification to indicated swSingleIPMSnewRoot host when it Member generate new root notification. 1.3.6.1.4.1.171.12.8.6.0.16 Binding: 1: swSingleIPMSID...
Page 332
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide disconnect -> overCurrent. disconnect -> working. disconnect -> connect. Binding : 1: swPowerUnitIndex 2: swPowerID 3: swPowerStatus Power Failure notification. The notification is issued when the swPowerStatus changes in the following cases: lowVoltage ->...
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide Appendix D RADIUS Attributes Assignment The RADIUS Attributes Assignment on the DGS-3000 is used in the following modules: 802.1X (Port-based and Host-based), and MAC-based Access Control. The description that follows explains the following RADIUS Attributes Assignment types: ...
Page 334
DGS-3000 Series Layer 2 Managed Gigabit Switch Web UI Reference Guide The table below shows the parameters for a VLAN: RADIUS Tunnel Attribute Description Value Usage Tunnel-Type This attribute indicates the tunneling protocol(s) 13 (VLAN) Required to be used (in the case of a tunnel initiator) or the tunneling protocol in use (in the case of a tunnel terminatior).