Ip-Mac-Port Binding (Impb) - D-Link xStack Reference Manual

®
xStack DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide
Parameter
ServerIndex
InvalidServerAddr
Identifier
ServerAddr
ServerPortNumber
RoundTripTime
Requests
Retransmissions
Responses
MalformedResponses
BadAuthenticators
PendingRequests
Timeouts
UnknownTypes
PacketsDropped

IP-MAC-Port Binding (IMPB)

General Overview
The DGS-3200 Series switches offer IP-MAC-Port Binding (IMPB), a D-Link security application used most often on edge
switches directly connected to network hosts. IMPB is also an integral part of D-Link's End-to-End Security Solution (E2ES). The
primary purpose of IP-MAC-Port Binding is to restrict client access to a switch by enabling administrators to configure pairs of
client MAC and IP addresses that are allowed to access networks through a switch. Specifically, IMPB binds together the four-
byte IP address and the six-byte Ethernet link layer MAC address to allow the transmission of data between the layers.
The IMPB function is port-based, meaning that a user can enable or disable the function on any individual port. Once IMPB is
enabled on a switch port, the switch will restrict or allow client access by checking the pair of IP-MAC addresses with the pre-
configured database, also known as the "IMPB white list". If an unauthorized user tries to access an IMPB-enabled port, the
system will block access by dropping its packet. The creation of authorized users can be manually configured by CLI or Web.
Description
The identification number assigned to each RADIUS Accounting server that the client
shares a secret with.
The number of RADIUS Accounting-Response packets received from unknown addresses.
The NAS-Identifier of the RADIUS accounting client. (This is not necessarily the same as
sysName in MIB II.)
The (conceptual) table listing the RADIUS accounting servers with which the client shares a
secret.
The UDP port the client is using to send requests to this server.
The time interval between the most recent Accounting-Response and the Accounting-
Request that matched it from this RADIUS accounting server.
The number of RADIUS Accounting-Request packets sent. This does not include
retransmissions.
The number of RADIUS Accounting-Request packets retransmitted to this RADIUS
accounting server. Retransmissions include retries where the Identifier and Acct-Delay have
been updated, as well as those in which they remain the same.
The number of RADIUS packets received on the accounting port from this server.
The number of malformed RADIUS Accounting-Response packets received from this
server. Malformed packets include packets with an invalid length. Bad authenticators and
unknown types are not included as malformed accounting responses.
The number of RADIUS Accounting-Response packets, which contained invalid
authenticators, received from this server.
The number of RADIUS Accounting-Request packets sent to this server that have not yet
timed out or received a response. This variable is incremented when an Accounting-
Request is sent and decremented due to receipt of an Accounting-Response, a timeout or a
retransmission.
The number of accounting timeouts to this server. After a timeout the client may retry to the
same server, send to a different server, or give up. A retry to the same server is counted as
a retransmit as well as a timeout. A send to a different server is counted as an Accounting-
Request as well as a timeout.
The number of RADIUS packets of unknown type which were received from this server on
the accounting port.
The number of RADIUS packets, which were received from this server on the accounting
port and dropped for some other reason.
131