Page 1 ® Web UI Reference Guide ® xStack DGS-3600 Series Product Model: Layer 3 Managed Gigabit Ethernet Switch Release 2.8...
Page 2 Corporation. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. D-Link Corporation disclaims any proprietary interest in trademarks and trade names other than its own.
Page 3 xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with this manual, may cause harmful interference to radio communications.
Page 4: Table Of Contents
xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Table of Contents Intended Readers ..................................xiii Typographical Conventions ................................ xiii Notes, Notices, and Cautions ..............................xiii Safety Instructions ..................................xiv Safety Cautions ......................................xiv General Precautions for Rack-Mountable Products ............................
Page 5 xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch TFTP Services ....................................36 File System Services ..................................38 System Boot Information ....................................38 FS Information ......................................39 Directory ........................................40 Rename ......................................... 41 Copy ..........................................
Page 6 xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch sFlow Poller Settings..................................... 78 Single IP Management Settings ..............................79 SIM Settings ........................................80 Topology ........................................82 Firmware Upgrade ......................................88 Configuration File Backup/Restore ................................88 ...
Page 7 xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Basic LLDP Port Settings ................................... 149 802.1 Extension LLDP Port Settings ................................151 802.3 Extension LLDP Port Settings ................................153 LLDP Management Address Settings ................................. 154 LLDP Statistics ......................................
Page 8 xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCP Server Manual Binding ..................................238 DHCPv6 Server ..................................239 DHCPv6 Server Global Settings ................................. 239 DHCPv6 Server Pool Settings ..................................239 DHCPv6 Server Manual Binding Settings ..............................242 ...
Page 9 xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Summary Table ....................................288 BGP Route Table ......................................289 BGP Dampened Route Table ..................................291 BGP Flap Statistics Table ................................... 292 BGP Neighbors List ....................................293 ...
Page 10 xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Authentication RADIUS Server Settings ..............................365 802.1X User Settings ....................................367 Initialize Port(s) ......................................367 Reauthenticate Port(s) ....................................369 Web-based Access Control (WAC)................................370 WAC Global Settings ....................................371 ...
Page 11 xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Monitoring ..............................415 Device Status ..................................... 416 Stacking Information .................................. 416 Stacking Device ..................................416 Module Information ................................... 417 DRAM & Flash Utilization ................................ 417 ...
Page 12 xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Browse DVMRP Routing Table .................................. 455 Browse DVMRP Neighbor Table ................................455 Browse DVMRP Routing Next Hop Table ..............................455 PIM Monitor ....................................456 Browse PIM Neighbor Table ..................................456 ...
Page 13: Intended Readers
xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Intended Readers The DGS-3600 Series Web UI Reference Guide contains information for setup and management of the Switch. The term, “the Switch” will be used when referring to all five switches. This manual is intended for network managers familiar with network management concepts and terminology.
Page 14: Safety Instructions
xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Safety Instructions Use the following safety guidelines to ensure your own personal safety and to help protect your system from potential damage. Throughout this document, the caution icon ( ) is used to indicate cautions and precautions that you need to review and follow. Safety Cautions To reduce the risk of bodily injury, electrical shock, fire, and damage to the equipment, observe the following precautions and service markings:...
Page 15: General Precautions For Rack-Mountable Products
xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Position system cables and power cables carefully; route cables so that they cannot be stepped on or tripped over. Be sure that nothing rests on any cables. Do not modify power cables or plugs. Consult a licensed electrician or your power company for site modifications. Always follow your local/national wiring rules.
Page 16: Protecting Against Electrostatic Discharge
xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch CAUTION: The system chassis must be positively grounded to the rack cabinet frame. Do not attempt to connect power to the system until grounding cables are connected. A qualified electrical inspector must inspect completed power and safety ground wiring. An energy hazard will exist if the safety ground cable is omitted or disconnected.
Page 17: Web-Based Switch Configuration
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Section 1 Web-based Switch Configuration Introduction Login to Web manager Web-Based User Interface Web Pages Introduction All software functions of the Switch can be managed, configured and monitored via the embedded web-based (HTML) interface. The Switch can be managed from remote stations anywhere on the network through a standard browser such as Firefox or Microsoft Internet Explorer.
Page 18: Web-Based User Interface
Area 1 Select the folder or window to be displayed. The folder icons can be opened to display the hyper- linked window buttons and subfolders contained within them. Click the D-Link logo to go to the D-Link Website. Area 2 Presents a graphical near real-time image of the front panel of the Switch.
Page 19: Web Pages
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch NOTICE: Any changes made to the Switch configuration during the current session must be saved in the Save Changes window (explained below) or use the command line interface (CLI) command save. Web Pages When you connect to the management mode of the Switch with a Web browser, a login window is displayed.
Page 20: Administration
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Section 2 Administration Device Information (DGS-3600 Web Management Tool) IP Address IP MTU Settings Stacking Port Configuration User Accounts Password Encryption Mirror System Log System Severity Settings Command Logging Settings SNTP Settings MAC Notification Settings TFTP Services...
Page 21: Device Information
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Device Information This window contains the main settings for all major functions of the Switch and appears automatically when you log on. To return to the Device Information window, click the DGS-3600 Web Management Tool folder.
Page 22 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch System Contact Enter a contact name for the Switch, if so desired. Spanning Tree To configure Spanning Tree Protocol (STP compatible, MSTP, or RSTP) on the Switch, use the STP Bridge Global Settings window (L2 Features > Spanning Tree > STP Bridge Global Settings) or click Detail Settings.
Page 23 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch SNMP Status Use this pull-down menu to enable or disable Simple Network Management Protocol (SNMP) on the Switch. RMON Status Remote monitoring (RMON) of the Switch is Enabled or Disabled here. Link Aggregation The algorithm that the Switch uses to balance the load across the ports that make up the port Algorithm...
Page 24: Ip Address
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch RIP State The user may globally enable or disable the Routing Information Protocol (RIP) function by using the RIP Global Settings window (L3 Features > RIP > RIP Global Settings or click Detail Settings).
Page 25 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description BOOTP The Switch will send out a BOOTP broadcast request when it is powered up. The BOOTP protocol allows IP addresses, network masks, and default gateways to be assigned by a central BOOTP server.
Page 26: Ip Mtu Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Setting the Switch's IP Address using the Console Interface Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP).
Page 27: Stacking
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description IP Interface Specifies the name of the IP Interface to be used. Name IP MTU (512- The user can configure each interface’s IP MTU. If the user does not designate an MTU value 1712) when creating an interface, the default value of 1500 will be used.
Page 28: Stack Switch Swapping
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch remaining switches in the switch stack. The Primary Master can be manually set by assigning this Switch the highest priority (a lower number denotes a higher priority) before physically assembling the stack, or it can be determined automatically by the stack through an election process which determines the lowest MAC address and then will assign that switch as the Primary Master, if all priorities are the same.
Page 29: Force Master Role Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch If both the Primary Master and the Backup Master are removed, the election process is immediately processed and a new Primary Master and Backup Master are determined. Switches in the stack will clear the configurations of the units removed, and dynamically learned databases, such as ARP, will be cleared as well.
Page 30: Ip Interface Setup
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The new box ID of the selected switch in the stack that was selected in the Current Box ID field. New Box ID The user may choose any number between 1 and 12 to identify the switch in the switch stack. Auto will automatically assign a box number to the switch in the switch stack.
Page 31: Port Configuration
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Port Configuration This section contains information for configuring various attributes and properties for individual physical ports, including port speed and flow control. Port Configuration To display the following window, click Administration > Port Configuration > Port Configuration, as shown below: To configure switch ports: 1.
Page 32: Port Error Disabled
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The following parameters can be configured: Parameter Description Unit Use the pull-down menu to select switch unit to configure. From/To Use the pull-down menus to select the port or range of ports to be configured. State Toggle this field to either enable or disable a given port or group of ports.
Page 33: Port Description
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Port Displays the port that has been error disabled. State Describes the current running state of the port, whether enabled or disabled. Connection This field will read the uplink status of the individual ports, whether enabled or disabled. Reason Describes the reason why the port has been error-disabled, such as a STP loopback occurrence.
Page 34: Port Auto Negotiation Information
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Port Auto Negotiation Information The Port Auto Negotiation Information window displays the current configurations of a range of ports. Use the drop-down menu to select the unit you wish to view and the relevant port information will be displayed in the table below. To view this window, click Administration >...
Page 35: Port Details
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Port Details This window is used to view detailed port information for individual ports on a particular unit. Use the drop-down menus to select the specific port of the unit you wish to view and click Find. To view this window, click Administration >...
Page 36: Port Media Type
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Port Media Type This window is used to display the port media type available on each unit. To view a particular switch in the stack use the drop- down menu to select the unit. To view this window, click Administration >...
Page 37: Cable Diagnostics
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Cable Diagnostics This window is used to control the cable diagnostics and determine where and what kind of errors have occurred on the cable. This function is primarily used for administrators to view tests on copper cables. To view this window, click Administration >...
Page 38: User Accounts
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch User Accounts Use the User Account Management window to control user privileges. Any existing User Accounts will be displayed in the table below. To view this window, click Administration > User Accounts, as shown below: Figure 2- 16.
Page 39: Password Encryption
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Password Encryption This window is used to set the password encryption state. To view this window, click Administration > Password Encryption, as shown below: Figure 2- 19. Password Encryption window The following parameters can be configured: Parameter Description...
Page 40: Mirror
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Mirror This section contains information for mirroring port configurations, including Port Mirror Global Settings and Port Mirror Settings. Port Mirror Global Settings This window is used to set the port mirror global state. To view the Port Mirror Global Settings window, click Administration >...
Page 41 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 2- 22. Port Mirror Settings - Add window To modify an existing mirror port, click the Modify button of the corresponding entry, and the window below appears: Figure 2- 23. Port Mirror Settings - Edit window The following parameters are displayed or can be configured: Parameter Description...
Page 42: Mirroring Within The Switch Stack
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch NOTE: You cannot mirror a fast port onto a slower port. For example, if you try to mirror the traffic from a 100 Mbps port onto a 10 Mbps port, this can cause throughput problems. The port you are copying frames from should always support an equal or lower speed than the port to which you are sending the copies.
Page 43: System Log
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch System Log The System log on the Switch can record event information in its own logs, to designated SNMP trap receiving stations, and to the PC connected to the console manager. The System Log folder contains two main windows System Log Host and System Log Save Mode Settings.
Page 44 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Facility Some of the operating system daemons and processes have been assigned Facility values. Processes and daemons that have not been explicitly assigned a Facility may use any of the "local use"...
Page 45: System Log Save Mode Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch System Log Save Mode Settings This window may be used to choose a method for which to save the switch log to the flash memory of the Switch. To view this window, click Administration > System Log > System Log Save Mode Settings, as shown below: Figure 2- 26.
Page 46: System Severity Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch System Severity Settings The Switch can be configured to allow alerts be logged or sent as a trap to an SNMP agent or both. The level at which the alert triggers either a log entry or a trap message can be set as well.
Page 47: Command Logging Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Command Logging Settings This window is used to enable or disable command logging settings. To view this window, click Administration > Command Logging Settings, as shown below: Figure 2- 29. Command Logging Settings window The following parameters are displayed or can be configured: Parameter Description...
Page 48: Sntp Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch SNTP Settings Time Settings This window is used to configure the time settings for the Switch. To view this window, click Administration > SNTP Settings > Time Settings, as shown below: Figure 2- 30.
Page 49: Time Zone And Dst
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Enter the current day to update the system clock. Time in HH MM SS Enter the current time in hours, minutes, and seconds. Click Apply to implement changes made. Time Zone and DST The following are windows used to configure time zones and Daylight Savings time settings for SNTP.
Page 50 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch in +/- HH:MM Mean Time (GMT.) DST Repeating Settings Using repeating mode will enable DST seasonal time adjustment. Repeating mode requires that the DST beginning and ending date be specified using a formula. For example, specify to begin DST on Saturday during the second week of April and end DST on Sunday during the last week of October.
Page 51: Mac Notification Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch MAC Notification Settings MAC Notification is used to monitor MAC addresses learned and entered into the forwarding database. globally notification Switch, click Admininstration > MAC Notification Settings, as shown. Global Settings The following parameters may be viewed and modified: Parameter Description...
Page 52: Tftp Services
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch TFTP Services Trivial File Transfer Protocol (TFTP) services allow the Switch's firmware to be upgraded by transferring a new firmware file from a TFTP server to the Switch. A configuration file can also be loaded into the Switch from a TFTP server. Switch settings can be saved to the TFTP server, and a history log can be uploaded from the Switch to the TFTP server.
Page 53 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Server IPv4 Enter the IPv4 address of the server from which to upload or download firmware and Address configuration and upload log. Server IPv6 Enter the IPv6 address of the server from which to upload or download firmware and Address configuration and upload log.
Page 54: File System Services
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch File System Services The Switch contains a 15-megabyte Flash memory where the user may store files for further use on the Switch. The user may place over 200 re-nameable files on the FAT 16 mode Flash memory, of which the user has the option of setting firmware images and configuration files as boot up files, upon the next reboot of the Switch.
Page 55: Fs Information
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch FS Information This window allows users to view the settings of the Flash Drive in the Switch. This information is read-only and is just a description of the internal Flash memory. To view this window, click Administration >...
Page 56: Directory
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Directory This window allows users to view files stored in the flash memory of the Switch. In future releases, more than one drive may be located in the Flash drive, but for this release, the only drive located on the Flash memory of the Switch is C:. Therefore, to view files located on C:, the user should enter C: into the Drive ID field and click Find.
Page 57: Rename
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Rename The following window is used to rename files that are presently located in the Flash memory of the Switch. To rename a file, simply type the path and name of the current file (ex. c:/triton) into the Old File Name field, and then the new file and path into the New File Name field and click Apply.
Page 58: Rcp
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch RCP (Remote Copy Protocol) is a UNIX Remote Shell service which allows files to be copied between a server and client. RCP is an application that operates above the TCP protocols, and uses port number 514 as the TCP destination port. The RCP application uses client server architecture and the client can be any machine running the RCP client application.
Page 59: Rcp Services
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Type Select to enter the information in IP Address and/or User Name fields. Available options are IP Address, User Name and Both. IP Address Enter the IP address of the global RCP server. User Name Enter the remote user name.
Page 60: Ping Test
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Ping Test Ping is a small program that sends ICMP Echo packets to the IP address you specify. The destination node then responds to or "echoes" the packets sent from the Switch. This is very useful to verify connectivity between the Switch and other nodes on the network.
Page 61: Ipv6 Ping Test
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch IPv6 Ping Test The following window is used to Ping an IPv6 address. To view this window, click Administration > Ping Test > IPv6 Ping Test, as shown below: Figure 2- 43. IPv6 Ping Test window This window allows the following parameters to be configured to ping an IPv6 address.
Page 62: Ipv6 Neighbor
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch IPv6 Neighbor IPv6 neighbors are devices on the link-local network that have been detected as being IPv6 devices. These devices can forward packets and keep track of the reachability of routers, as well as if changes occur within link-layer addresses of nodes on the network or if identical unicast addresses are present on the local link.
Page 63: Dhcp Auto Configuration Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 2- 45. IPv6 Neighbor Settings – Add window The following fields can be set or viewed: Parameter Description Interface Name Enter the name of the Interface associated with this entry, if any. Neighbor IPv6 Address The IPv6 address of the neighbor entry.
Page 64: Dhcp/Bootp Relay
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCP/BOOTP Relay The DHCP/BOOTP Relay Hops Count Limit allows the maximum number of hops (routers) that the DHCP/BOOTP messages can be relayed through to be set. If a packet’s hop count is more than the hop count limit, the packet is dropped. The range is between 1 and 16 hops, with a default value of 4.
Page 65 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch determined based on option 61. The relay servers will be determined based on option 61 and the IPIF configured servers will be ignored. If the relay servers are not determined either by option 60 or option 61, then IPIF configured servers will be used to determine the relay servers.
Page 66 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The Implementation of DHCP Information Option 82 The config dhcp_relay option_82 command configures the DHCP relay agent information option 82 setting of the Switch. The formats for the circuit ID sub-option and the remote ID sub-option are as follows: NOTE: For the circuit ID sub-option of a standalone switch, the module field is always zero.
Page 67: Dhcp/Bootp Relay Interface Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCP/BOOTP Relay Interface Settings This window allows the user to set up a server, by IP address, for relaying DHCP/ BOOTP information to the Switch. The user may enter a previously configured IP interface on the Switch that will be connected directly to the DHCP/BOOTP client using the following window.
Page 68: Dhcp Relay Option 60 Default Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCP Relay Option 60 Default Settings This window allows the user to configure the DHCP Relay Option 60 Default servers. When there are no matching servers found for the packet based on option 60, the relay servers will be determined by the default relay server setting. Similarly, when there is no match found for the packet, the relay servers will be determined based on the default relay servers.
Page 69: Dhcp Relay Option 61 Default Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 2- 52. DHCP Relay Option 60 Add window The following parameters may be configured: Parameter Description String Enter the specified string, up to a maximum of 255 alphanumeric characters. Server IP Enter the relay server IP address.
Page 70: Dhcp Relay Option 61 Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCP Relay Option 61 Settings This command is used to add a rule to the relay server based on option 61. The matching rule can be based on either the MAC address or by using a user-specified string.
Page 71: Dhcp/Bootp Local Relay Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCP/BOOTP Local Relay Settings This window is used to configure the global settings of DHCP/BOOTP local relay. To view this window, click Administration > DHCP/BOOTP Local Relay Settings, as shown below: Figure 2- 56.
Page 72: Dhcpv6 Relay Interface Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Hops Count (1-32) This field allows an entry between 1 and 32 to define the maximum number of router hops DHCPv6 messages can be forwarded across. The default hop count is 4. Click Apply to implement the changes.
Page 73 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 2- 60. DHCPv6 Relay Interface Settings (Add) window The following fields are displayed or can be configured: Parameter Description Interface Name Display the IPv6 relay interface name. DHCPv6 Server Enter the IPv6 destination address to forward DHCPv6 packets.
Page 74: Layer 2 Protocol Tunneling Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Layer 2 Protocol Tunneling Settings The Layer 2 Protocol Tunneling function supports traffic of multiple customers across service provider networks. BPDU Tunneling enables the BPDU’s of the same customer’s network to be multicast over specific VLANs in the service provider’s network, which in turn will ensure the same geographically dispersed customer network can implement consistent spanning tree calculations across the service provider network.
Page 75: Rspan
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch RSPAN RSPAN (Remote Switched Port Analyzer) is a feature used to monitor and analyze the traffic passing through ports. The character ‘R’ is short for ‘Remote’ which means that the mirror source ports and the destination port are not on the same Switch. So a remote mirror session consists of at least two switches.
Page 76 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The following fields can be configured: Parameter Description VLAN Name Enter the name of the VLAN to Add, Find or Delete. VID (1-4094) Enter the VLAN ID of the VLAN to Add, Find or Delete. Mirror Group ID The mirror group identify that specifies which mirror session is used for the RSPAN source function.
Page 77 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch To modify an existing entry of its source settings, click the corresponding Modify button in Modify Source, revealing the following window to configure: Figure 2- 65. RSPAN Source Settings (Edit) window The following fields can be configured: Parameter Description...
Page 78: Snmp Manager
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch SNMP Manager SNMP Settings Simple Network Management Protocol (SNMP) is an OSI Layer 7 (Application Layer) designed specifically for managing and monitoring network devices. SNMP enables network management stations to read and modify the settings of gateways, routers, switches, and other network devices.
Page 79: Snmp Trap Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch SNMP Trap Settings The following window is used to enable and disable trap settings for the SNMP function on the Switch. To view this window for configuration, click Administration > SNMP Manager > SNMP Trap Settings, as shown below: Figure 2- 66.
Page 80: Snmp User Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch SNMP User Table This window displays all of the SNMP users currently configured on the Switch. To view this window, click Administration > SNMP Manager > SNMP User Table, as shown below: Figure 2- 67.
Page 81 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 2- 69. SNMP User Table Configuration window The following parameters can set: Parameter Description User Name Enter an alphanumeric string of up to 32 characters. This is used to identify the SNMP user. Group Name This name is used to specify the SNMP group created can request SNMP messages.
Page 82: Snmp View Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch SNMP View Table This window is used to assign views to community strings that define which MIB objects can be accessed by a remote SNMP manager. To view this window, click Administration > SNMP Manager > SNMP View Table, as shown below: Figure 2- 70.
Page 83: Snmp Group Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch SNMP Group Table An SNMP Group created with this table maps SNMP users (identified in the SNMP User Table) to the views created in the previous menu. To view the SNMP Group Table window, click Administration > SNMP Manager > SNMP Group Table, as shown below: Figure 2- 72.
Page 84 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 2- 74. SNMP Group Table Configuration window The following parameters can set: Parameter Description Group Name Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP group of SNMP users.
Page 85: Snmp Community Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch SNMP Community Table Use this table to create an SNMP community string to define the relationship between the SNMP manager and an agent. The community string acts like a password to permit access to the agent on the Switch. One or more of the following characteristics can be associated with the community string: An Access List of IP addresses of SNMP managers that are permitted to use the community string to gain access to the Switch's SNMP agent.
Page 86: Snmp Host Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch SNMP Host Table Use this window to set up SNMP trap recipients. To delete an existing SNMP Host Table entry, click the corresponding button under the Delete heading. To view this window, click Administration > SNMP Manager > SNMP Host Table, as shown below: Figure 2- 76.
Page 87: Snmp Engine Id
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 2- 78. SNMP Host Table Configuration window for IPv6 The following parameters can set: Parameter Description Host IPv6 Address Type the IPv6 address of the remote management station that will serve as the SNMP host for the Switch.
Page 88: Trap Source Interface Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Trap Source Interface Settings This window is used to configure the trap source interface settings. To view this window, click Administration > Trap Source Interface Settings, as shown below: Figure 2- 80. Trap Source Interface Settings window The following parameters can be configured: Parameter Description...
Page 89: Sflow
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch sFlow sFlow is a feature on the Switch that allows users to monitor network traffic running through the switch to identify network problems through packet sampling and packet counter information of the Switch.
Page 90: Sflow Analyzer Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch This field allows you to globally enable or disable sFlow. sFlow State sFlow Version This displays the current sFlow version. sFlow IPv4 This displays the sFlow IPv4 address. Address sFlow IPv6 This displays the sFlow IPv6 address.
Page 91 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 2- 84. sFlow Analyzer Add window The following fields can be set or modified: Parameter Description Enter an integer from 1 to 4 to denote the sFlow Analyzer to be added. Up to four entries can Analyzer Server (1- be added.
Page 92: Sflow Sampler Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch sFlow Sampler Settings This window will allow users to configure the Switch’s settings for taking sample packets from the network, including the sampling rate and the amount of the packet header to be extracted. To configure the settings for the sFlow Sampler, click Administration >...
Page 93 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 2- 86. sFlow Sampler Add window The following fields may be set: Parameter Description Unit Select the unit to configure. From/To Choose the beginning and ending range of ports to be configured for packet sampling. Analyzer Server ID Enter the previously configured Analyzer Server ID to state the device that will be receiving (1-4)
Page 94: Sflow Poller Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch sFlow Poller Settings The following windows will allow the user to configure the settings for the Switch’s counter poller. This mechanism will take a poll of the IF counters of the Switch and then package them with the other previously mentioned data into a datagram which will be sent to the sFlow Analyzer Server for examination.
Page 95: Single Ip Management Settings
Single IP Management Settings Single IP Management (SIM) Overview D-Link Single IP Management is a concept that stacks switches together over Ethernet instead of using stacking ports or modules. There are some advantages in implementing the "Single IP Management" feature: 1.
Page 96: Sim Settings
It will display the speed and number of Ethernet connections creating this port trunk group, as shown in the adjacent picture. NOTE: For more details regarding improvements made in SIMv1.61, please refer to the D-Link Single IP Management White Paper located on the D-Link website.
Page 97: Parameters Description
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Change the SIM State to Enabled using the pull-down menu and click Apply. The window will then refresh and the SIM Settings window will look like this: Figure 2- 90. SIM Settings window (Enabled) If the Switch Administrator wishes to configure the Switch as a Commander Switch (CS), select commander from the Role State field and click Apply.
Page 98: Topology
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Topology The Topology window will be used to configure and manage the Switch within the SIM group and requires Java script to function properly on your computer. The Java Runtime Environment on your server should initiate and lead you to the topology window, as seen below. Figure 2- 91.
Page 99: Icon Description
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch To view the Topology Map, click the View menu in the toolbar and then Topology, which will produce the following window. The Topology View will refresh itself periodically (20 seconds by default). Figure 2- 92.
Page 100: Tool Tips
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Non-SIM devices Tool Tips In the Topology View window, the mouse plays an important role in configuration and in viewing device information. Setting the mouse cursor over a specific device in the topology window (tool tip) will display the same information about a specific device as the Tree view does.
Page 101 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Group Icon Figure 2- 95. Right-Clicking a Group Icon The following options may appear for the user to configure: Collapse - To collapse the group that will be represented by a single icon. Expand - To expand the SIM group, in detail.
Page 102 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Commander Switch Icon Figure 2- 97. Right-Clicking a Commander Icon The following options may appear for the user to configure: Collapse - To collapse the group that will be represented by a single icon. Expand - To expand the SIM group, in detail.
Page 103: Menu Bar
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Add to group - Add a candidate to a group. Clicking this option will reveal the following window for the user to enter a password for authentication from the Candidate Switch before being added to the SIM group. Click OK to enter the password or Cancel to exit the window.
Page 104: Firmware Upgrade
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 2- 103. About window NOTE: Upon this firmware release, some functions of the SIM can only be configured through the Command Line Interface. See the DGS-3600 Series CLI Refence Guide for more information on SIM and its configurations.
Page 105: Upload Log
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 2- 105. Configuration File Backup/Restore window Upload Log The following window is used to upload log files from SIM member switches to a specified PC. To upload a log file, enter the IP address of the SIM member switch and then enter a path on your PC where you wish to save this file.
Page 106: L2 Features
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Section 3 L2 Features VLAN Trunking IGMP Snooping MLD Snooping Loopback Detection Global Settings Spanning Tree Forwarding & Filtering LLDP Q-in-Q ERPS DULD Settings NLB Multicast FDB Settings The following section will aid the user in configuring security functions for the Switch all functions are discussed in detail in the following section.
Page 107: Notes About Vlans On The Switch
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch VLANs can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains. A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently communicate with each other are assigned to the same VLAN, regardless of where they are physically on the network.
Page 108: Q Vlan Tags
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 802.1Q VLAN Tags The figure below shows the 802.1Q VLAN tag. There are four additional octets inserted after the source MAC address. Their presence is indicated by a value of 0x8100 in the EtherType field. When a packet's EtherType field is equal to 0x8100, the packet carries the IEEE 802.1Q/802.1p tag.
Page 109: Tagging And Untagging
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Prior to the adoption of 802.1Q VLANs, port-based and MAC-based VLANs were in common use. These VLANs relied upon a Port VLAN ID (PVID) to forward packets. A packet received on a given port would be assigned that port's PVID and then be forwarded to the port that corresponded to the packet's destination address (found in the Switch's forwarding table).
Page 110: Vlan Segmentation
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch NOTE: If no VLANs are configured on the Switch, then all packets will be forwarded to any destination port. Packets with unknown source addresses will be flooded to all ports. Broadcast and multicast packets will also be flooded to all ports.
Page 111: Static Vlan Entries
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Static VLAN Entries This window is used to create static VLAN entries on the switch. To view this window, click L2 Features > VLAN > Static VLAN Entries, as shown below: Figure 3- 5.
Page 112: Vlan Trunk
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The following fields can then be set in either the Add or Modify 802.1Q Static VLANs windows: Parameter Description Unit Select the unit you wish to configure. VID (VLAN ID) Allows the entry of a VLAN ID in the Add window, or displays the VLAN ID of an existing VLAN in the Modify window.
Page 113: Gvrp Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch GVRP Settings This window allows you to determine whether the Switch will share its VLAN configuration information with other GARP VLAN Registration Protocol (GVRP) enabled switches. In addition, Ingress Checking can be used to limit traffic by filtering incoming packets whose VID does not match the PVID of the port.
Page 114 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch PVID The read-only field in the 802.1Q Port Table shows the current PVID assignment for each port, which may be manually assigned to a VLAN when created in the 802.1Q Port Settings table. The Switch's default is to assign all ports to the default VLAN with a VID of 1.
Page 115: Double Vlan
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Double VLAN Double or Q-in-Q VLANs allow network providers to expand their VLAN configurations to place customer VLANs within a larger inclusive VLAN, which adds a new layer to the VLAN configuration. This basically lets large ISP's create L2 Virtual Private Networks and also create transparent LANs for their customers, which will connect two or more customer LAN points without over-complicating configurations on the client's side.
Page 116: Regulations For Double Vlans
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Regulations for Double VLANs Some rules and regulations apply with the implementation of the Double VLAN procedure. 1. All ports must be configured for the SPVID and its corresponding TPID on the Service Provider’s edge switch. 2.
Page 117 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 3- 11. Double VLAN State Settings window (Enabled) Parameters shown in the previous window are explained below: Parameter Description Double VLAN Use the pull-down menu to enable or disable the Double VLAN function on this Switch. Enabling State the Double VLAN will return all previous VLAN configurations to the factory default settings and remove Static VLAN configurations from the GUI.
Page 118 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Access Ports These are the ports that are set as access ports on the Switch. Access ports are for connecting Switch VLANs to customer VLANs. Gigabit ports cannot be configured as access ports. Unknown Ports These are the ports that are a part of the VLAN but have yet to be defined as Access or Uplink ports.
Page 119: Pvid Auto Assign
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Delete Ports – Will allow users to remove ports from the Service Provider VLAN configured, using the Port List field below. Config TPID – Will allow users to configure the Tagged Protocol ID of the Service Provider VLAN, in hex form.
Page 120: Protocol Vlan
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The following parameters can be configured Parameter Description MAC Address Specifies the MAC Address of the entry you wish to Add or Find. VLAN Name Specifies the VLAN to be associated with the MAC Address. To delete a specific entry click the corresponding button, to clear all entries click Delete All.
Page 121: Protocol Vlan Port Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 3- 17. Protocol VLAN Group Settings window Click the Add button to reveal the following window for the user to configure: Figure 3- 18. Protocol VLAN Group – Add window The Add and Modify windows of the Protocol VLAN Group hold the following fields to be configured: Parameter Description...
Page 122: Subnet Vlan
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch To view this window, click L2 Features > VLAN > Protocol VLAN > Protocol VLAN Port Settings, as shown below: Figure 3- 19. Protocol VLAN Port Settings window The following fields may be configured: Parameter Description Port List...
Page 123: Subnet Vlan Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 2. To make the subnet VLAN work well, users must add the ingress port to the VLAN member ports. 3. The subnet VLAN may affect the authorization protocol, such as 802.1X, WAC, JWAC, MAC-based access control, and compound authentication.
Page 124: Vlan Precedence Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch VLAN Precedence Settings This window is used to configure VLAN precedence settings. To view this window, click L2 Features > VLAN > Subnet VLAN > VLAN Precedence Settings, as shown below: Figure 3- 21.
Page 125: Super Vlan
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Super VLAN This section is used to create a super VLAN. The specified VLAN must be an 802.1Q VLAN. If the specified VLAN does not exist, the operation will not be successful. NOTE: 1.
Page 126 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Sub VLAN Settings This window is used to configure the sub VLANs of a super VLAN. A sub VLAN only can belong to one super VLAN and users cannot bind an IP interface to it. The maximum number of sub VLANs for a super VLAN is 80. To view this window, click L2 Features >...
Page 127: Trunking
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Trunking Understanding Port Trunk Groups Port trunk groups are used to combine a number of ports together to make a single high-bandwidth data pipeline. The Switch supports this function on all its 10/100/1000 Ethernet Ports and on all its 10G interfaces. The 10/100/1000 ports support up to 32 port trunk groups with 2 to 8 ports in each group.
Page 128 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Link aggregation allows several ports to be grouped together and to act as a single link. This gives a bandwidth that is a multiple of a single link's bandwidth. Link aggregation is most commonly used to link a bandwidth intensive network device or devices, such as a server, to the backbone of a network.
Page 129: Link Aggregation
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Link Aggregation This table is used to configure port trunking on the switch. To view this table, click L2 Features > Trunking > Link Aggregation, as shown below: Figure 3- 27. Link Aggregation Group Entries window To configure port trunk groups, add a new trunk group and use the Link Aggregation Group Configuration window (see example below).
Page 130: Lacp Port Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch trunking group on or off. This is useful for diagnostics, to quickly isolate a bandwidth intensive network device or to have an absolute backup aggregation group that is not under automatic control.
Page 131: Igmp Snooping
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch IGMP Snooping Internet Group Management Protocol (IGMP) snooping allows the Switch to recognize IGMP queries and reports sent between network stations or devices and an IGMP host. When enabled for IGMP snooping, the Switch can open or close a port to a specific device based on an IGMP message passing through the Switch.
Page 132 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 3- 31. IGMP Snooping Settings – Edit window The following parameters may be viewed or modified: Parameter Description VLAN ID This is the VLAN ID that, along with the VLAN Name, identifies the VLAN for which to modify the IGMP Snooping Settings.
Page 133 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 260. Router Timeout (1- This is the maximum amount of time in seconds a router is kept in the forwarding table 16711450 sec) without receiving a membership report. The default is 260. Leave Timer (1- This specifies the maximum amount of time in seconds between the Switch receiving a 16711450 sec)
Page 134: Router Port Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Router Port Settings A static router port is a port that has a multicast router attached to it. Generally, this router would have a connection to a WAN or to the Internet. Establishing a router port will allow multicast packets coming from the router to be propagated through the network, as well as allowing multicast messages (IGMP) coming from the network to be propagated to the router.
Page 135 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 3- 33. Router Port (Modify) window The following parameters can be set: Parameter Description VID (VLAN ID) This is the VLAN ID that, along with the VLAN Name, identifies the VLAN where the multicast router is attached.
Page 136: Igmp Snooping Static Group Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch IGMP Snooping Static Group Settings This table is used to configure the current IGMP snooping static group information on the Switch. To view this window click L2 Features > IGMP Snooping > IGMP Snooping Static Group Settings, as shown below: Figure 3- 34.
Page 137 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The ports that will belong to this group. PortList Action Specifies to Add or Delete the IGMP Static group entry. Click Apply to implement changes made. To modify an entry, click the corresponding Modify button on the IGMP Snooping Static Group Settings window, the following window will be displayed: Figure 3- 36.
Page 138: Ism Vlan Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch ISM VLAN Settings In a switching environment, multiple VLANs may exist. Every time a multicast query passes through the Switch, the switch must forward separate different copies of the data to each VLAN on the system, which, in turn, increases data traffic and may clog up the traffic path.
Page 139 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Enter a name for the ISM VLAN into the VLAN Name field and choose a VID between 2 and 4094. Entries in these two fields must not have been previously configured on the switch or an error message will be prompted to the user. Once these two fields have been filled, click the Apply button, which will automatically adjust the current window to resemble the following window.
Page 140: Ip Multicast Address Range Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 3- 40. IGMP Snooping Multicast VLAN Group List Settings Enter an existing Range Name and click Add. To remove all entries click the Remove All button. IP Multicast Address Range Settings Users can configure the range of multicast addresses that will be accepted by the source port to be forwarded to the receiver ports.
Page 141: Limited Multicast Address Range Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Limited Multicast Address Range Settings This window allows the user to specify which multicast address(es) reports are to be received on specified ports on the Switch. This function will therefore limit the number of reports received and the number of multicast groups configured on the Switch.
Page 142: Mld Snooping
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch MLD Snooping Multicast Listener Discovery (MLD) Snooping is an IPv6 function used similarly to IGMP snooping in IPv4. It is used to discover ports on a VLAN that are requesting multicast data. Instead of flooding all ports on a selected VLAN with multicast traffic, MLD snooping will only forward multicast data to ports that wish to receive this data through the use of queries and reports produced by the requesting ports and the source of the multicast traffic.
Page 143 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 3- 45. MLD Snooping Settings - Edit window The following parameters may be viewed or modified: Parameter Description VLAN ID This is the VLAN ID that, along with the VLAN Name, identifies the VLAN for which to modify the MLD Snooping Settings.
Page 144: Mld Router Port Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch sec) table as a listening node of a multicast group without the Switch receiving a node listener report. The user may specify a time between 1 and 16711450 with a default setting of 260 seconds.
Page 145 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 3- 47. Router Port window (Modify) The following parameters can be set: Parameter Description VID (VLAN ID) This is the VLAN ID that, along with the VLAN Name, identifies the VLAN where the MLD multicast router is attached.
Page 146: Loopback Detection Global Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Loopback Detection Global Settings The Loopback Detection function is used to detect the loop created by a specific port. This feature is used to temporarily shutdown a port on the Switch when a CTP (Configuration Testing Protocol) packet has been looped back to the switch. When the Switch detects CTP, packets are received from a port it signifies a loop on the network.
Page 147 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The following parameters can be configured. Parameter Description Loopdetect Status Use the drop-down menu to enable or disable loopback detection. The default is Disabled. Loopdetect Trap None – The trap will not be sent in any situation. Loop Detected –...
Page 148: Spanning Tree
MSTP. 802.1D-1998 STP will be familiar to most networking professionals. However, since 802.1D-2004 RSTP and 802.1Q- 2005 MSTP have been recently introduced to D-Link managed Ethernet switches, a brief introduction to the technology is provided below followed by a description of how to set up 802.1D-1998 STP, 802.1D-2004 RSTP, and 802.1Q-2005 MSTP.
Page 149: Edge Port
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch states disabled, blocking and listening used in 802.1D-1998 and creates a single state Discarding. In either case, ports do not forward packets. In the STP port transition states disabled, blocking or listening or in the RSTP/MSTP port state discarding, there is no functional difference, the port is not active in the network topology.
Page 150: Stp Bridge Global Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch When the STP Loopback Detection function is enabled, the Switch will be protected against a loop occurring between switches. Once a BPDU packet returns to the Switch, this function will detect that there is an anomaly occurring and will place the receiving port in an error-disabled state.
Page 151 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 3- 50. STP Bridge Global Settings window - MSTP Figure 3- 51. STP Bridge Global Settings – STP Compatible window NOTE: The Hello Time cannot be longer than the Max. Age. Otherwise, a configuration error will occur.
Page 152: Mst Configuration Identification
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch STP Version Use the pull-down menu to choose STP compatible, RSTP, and MSTP. RSTP is the default. Hello Time (1-10 sec) The Hello Time can be set from 1 to 10 seconds. This is the interval between two transmissions of BPDU packets sent by the Root Bridge to tell all other switches that it is indeed the Root Bridge.
Page 153 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 3- 52. MST Configuration Identification window The window above contains the following information: Parameter Description Configuration Name A previously configured name set on the Switch to uniquely identify the MSTI (Multiple Spanning Tree Instance).
Page 154 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch This field is used to specify the VID range from configured VLANs set on the Switch. VID List (1-4094) Supported VIDs on the Switch range from ID number 1 to 4094. Click Apply to implement changes made.
Page 155: Mstp Port Information
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch This field allows the user to choose a desired method for altering the MSTI settings. The Type user has four choices. Add VID - Select this parameter to add VIDs to the MSTI ID, in conjunction with the VID List parameter.
Page 156: Stp Instance Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch This parameter is set to represent the relative cost of forwarding packets to specified ports Internal cost (0=Auto) when an interface is selected within a STP instance. The default setting is 0 (auto). There are two options: 0 (auto) - Selecting this parameter for the internalCost will set quickest route automatically and optimally for an interface.
Page 157: Stp Port Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch CIST (default MSTI). Type The Type field in this window will be permanently set to Set Priority Only. Priority (0-61440) Enter the new priority in the Priority field. The user may set a priority value between 0 and 61440.
Page 158 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch A consecutive group of ports may be configured starting with the selected port. From/To External Cost This defines a metric that indicates the relative cost of forwarding packets to the specified port (0=Auto) list.
Page 159 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch NOTE: If you want to enable Forwarding BPDU on a per port basis, the following settings must first be in effect: 1. STP must be globally disabled and 2. Forwarding BPDU must be globally enabled. These are the default settings configurable in the STP Bridge Global Settings window discussed previously.
Page 160: Forwarding & Filtering
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Forwarding & Filtering The Forwarding & Filtering section is made up of Unicast Forwarding, Multicast Forwarding, and Multicast Filtering Mode. Unicast Forwarding The following window is used to set up unicast forwarding on the Switch. To view this window, click L2 Features >...
Page 161: Multicast Forwarding
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Multicast Forwarding The following window is used to set up multicast forwarding on the Switch. To view this window, click L2 Features > Forwarding & Filtering > Multicast Forwarding, as shown below: Figure 3- 62.
Page 162: Multicast Filtering Mode
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Multicast Filtering Mode To view this window, click L2 Features > Forwarding & Filtering > Multicast Filtering Mode, as shown below: Figure 3- 64. Multicast Filtering Mode Settings window The following parameters can be set: Parameter Description VLAN Name...
Page 163: Lldp
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch LLDP The Link Layer Discovery Protocol (LLDP) allows stations attached to a LAN to advertise, to other stations attached to the same LAN segment, the connectivity and management information necessary to identify, to those management entities, the station's point of attachment to the LAN or network.
Page 164 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The following parameters can be set: Parameter Description LLDP Operation When this function is Enabled, the switch can start to transmit LLDP packets and receive and State process the LLDP packets. The specific function of each port will depend on the per port LLDP setting.
Page 165: Basic Lldp Port Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Basic LLDP Port Settings The following window is used to set up LLDP on individual port(s) on the Switch. To view this window, click L2 Features > LLDP > Basic LLDP Port Settings, as shown below: Figure 3- 66.
Page 166 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Use the drop-down menu to choose: TX_Only, RX_Only, TX_and_RX, or Disabled. Admin Status Port Description Use the drop-down menu to toggle Port Description between Enabled and Disabled. System Name Use the drop-down menu to toggle System Name between Enabled and Disabled. System Description Use the drop-down menu to toggle System Description between Enabled and Disabled.
Page 167: 802.1 Extension Lldp Port Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 802.1 Extension LLDP Port Settings The following window is used to set up 802.1 Extension LLDP on individual port(s) on the Switch. To view this window, click L2 Features > LLDP > 802.1 Extension LLDP Port Settings, as shown below: Figure 3- 67.
Page 168 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Select a port or group of ports using the pull-down menus. From/To Port VLAN ID Use the drop-down menu to toggle Port VLAN ID between Enabled and Disabled. Protocol VLAN ID Use the drop-down menu to toggle among VLAN ID, VLAN Name, and All.
Page 169: Extension Lldp Port Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 802.3 Extension LLDP Port Settings The following window is used to set up 802.3 Extension LLDP on individual port(s) on the Switch. To view this window, click L2 Features > LLDP > 802.3 Extension LLDP Port Settings, as shown below: Figure 3- 68.
Page 170: Lldp Management Address Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch LLDP Management Address Settings The following window is used to set up LLDP management address settings on the Switch. To view this window, click L2 Features > LLDP > LLDP Management Address Settings, as shown below: Figure 3- 69.
Page 171: Lldp Statistics
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch LLDP Statistics The following window is used to display LLDP statistics. To view this window, click L2 Features > LLDP > LLDP Statistics, as shown below: Figure 3- 70. LLDP Statistics System window...
Page 172: Lldp Management Address Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch LLDP Management Address Table The following window is used to make entries to and display the LLDP Management Address Table. To view this window, click L2 Features > LLDP > LLDP Management Address Table, as shown below: Figure 3- 71.
Page 173: Lldp Remote Port Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch LLDP Remote Port Table The following window is used to display the LLDP Remote Port Brief Table. To view this window, click L2 Features > LLDP > LLDP Remote Port Table, as shown below: Figure 3- 73.
Page 174: Q-In-Q
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Q-in-Q Q-in-Q is designed for service providers to carry traffic from multiple users across a network. Q-in-Q is used to maintain customer specific VLAN and Layer 2 protocol configurations even when the same VLAN ID is being used by different customers. This is achieved by inserting SPVLAN tags into the customer’s frames when they enter the service provider’s network, and then removing the tags when the frames leave the network.
Page 175 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch dynamically registered VLAN entries will be cleared, GVRP will be disabled. According 802.1ad, the address 01-80-c2-00-00-08 will be used for STP in the provider’s network. So the user shall disable STP first, and then use the new address for STP state machine. The default setting is Disabled.
Page 176: Vlan Translation Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch VLAN Translation Settings The VLAN translation settings translates the VLAN ID carried in the data packets it receives from private networks into those used in the Service Providers network. To view this window, click L2 Features > Q-in-Q > VLAN Translation Settings, as shown below: Figure 3- 75.
Page 177: Erps
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch ERPS The Switch supports ITU-T G.8032 Ethernet Ring Protection Switching (ERPS) to provide a reliable mechanism of malfunction recovery in an Ethernet ring topology network. ERPS Global Settings This window is used to enable global ERPS function on the Switch. When both the global state and the specified ring ERPS state are enabled, the specified ring will be activated.
Page 178 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Clicking the Add button will reveal the following window to configure: Figure 3- 78. ERPS RAPS VLAN Settings – Add window Enter an R-APS VLAN ID in the field provided and click Apply to make a new entry for the ERPS RAPS VLAN Table. To edit an exisiting ERPS RAPS VLAN Table entry, click the Modify button in the Modify column in the ERPS RAPS VLAN Table.
Page 179 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Click to specify the port as the east ring port. To specify as a Virtual Channel, tick the check East and toggle from Port to Virtual Channel. East Port If Port is set above, enter the port to be configured. RPL Port Tick the check box and use the drop-down menu to select West, East, or None.
Page 180 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 3- 80. ERPS RAPS Sub Ring Settings – Edit window The following fields can be set: Parameter Description Sub-Ring R-APS Toggle between Add or Delete. Add connects the sub-ring to another ring. Delete disconnects VLAN Action the sub-ring from a connected ring.
Page 181: Duld Settings
DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DULD Settings The Switch features a D-Link Unidirectional Link Detection (DULD) module. The unidirectional link detection provides a mechanism that can be used to detect unidirectional link for Ethernet switches whose PHYs do not support unidirectional OAM operation.
Page 182: Nlb Multicast Fdb Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch NLB Multicast FDB Settings The Switch supports Network Load Balancing (NLB). This is a MAC forwarding control for supporting the Microsoft server load balancing application where multiple servers can share the same IP address and MAC address. The requests from clients will be forwarded to all servers, but will only be processed by one of them.
Page 183: L3 Features
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Section 4 L3 Features Interface Settings MD5 Key Settings Route Redistribution Settings Multicast Static Route Settings Static/Default Route Settings Route Preference Settings Static ARP Settings Gratuitous ARP Settings Policy Route Settings ECMP Algorithm Settings IP Tunnel Settings OSPF...
Page 184 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch larger pool of IP addresses was required. IPv6 has addressed that issue, along with other issues that enhance routing over the network, provide better security and improve Quality of Service for Internet users. Some of the improvements made were: Expanding the Capabilites for IP Addressing –...
Page 185: Extension Headers
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch efficiently once the flow class has been identified and the rest of the packet header no longer needs to be fully processed, just the flow label and the source address. All flow label packets must have identical source and destination addresses. Payload Length –...
Page 186: Address Format
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch different than any other fragmented packet recently sent that include the same source and destination address. The original packet is divided into two parts, a fragmentable part and an unfragmentable part. The unfragemntable part of the packet consists of the IPv6 header and any extension headers present, up to the routing extension header.
Page 187: Neighbor Discovery
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Anycast – The anycast address will send messages to the nearest node of a particular group. This address is assigned to multiple interfaces in the group but only the node with the closest proximity will receive the message. These anycast addresses are allocated from the unicast address space and therefore have no real defined prefix to distinguish it from other IPv6 addresses.
Page 188: Assigning Ip Addresses
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 3. Beyond the scope of the source address, when the multicast scope of the source address is smaller than the scope of the destination address (Code 2) 4. The address is unreachable (Code 3) 5.
Page 189: Interface Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Interface Settings The IP Address may initially be set using the console interface prior to connecting to it through the Ethernet. If the Switch IP address has not yet been changed, read the introduction of the DGS-3600 Series CLI Reference Guide or return to Section 4 of this manual for more information.
Page 190 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 3. IPv4 Interface Settings – Edit window Enter a name for the new interface to be added in the Interface Name field (if editing an IP interface, the Interface Name will already be in the top field as seen in the window above).
Page 191: Ipv6 Interface Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch NOTE: The Switch's factory default IP address is 10.90.90.90 with a subnet mask of 255.0.0.0 and a default gateway of 0.0.0.0. IPv6 Interface Settings The following window is used to setup IPv6 interfaces and addresses for the switch. To view this window, click L3 Features >...
Page 192 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 6. IPv6 Interface Settings – Edit window The following fields may be viewed or modified. Click Apply to set changes made. Parameter Description Interface Name This field displays the name for the IP interface or is used to add a new interface or change an existing interface name.
Page 193 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch (ms) Solicitation packets to be sent out over the local network. This is used to discover IPv6 neighbors on the local link. The user may select a time between 0 and 65535 milliseconds.
Page 194: Loopback Interfaces Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch RA Max Router Used to set the maximum interval time between the dispatches of router advertisements AdvInterval (sec) by this interface over the link-local network. This entry must be no less than 4 seconds (4000 milliseconds) and no more than 1800 seconds.
Page 195: Md5 Key Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch MD5 Key Settings This window allows the entry of a 16-character Message Digest − version 5 (MD5) key that can be used to authenticate every packet exchanged between OSPF routers. It is used as a security mechanism to limit the exchange of network topology information to the OSPF routing domain.
Page 196 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The following parameters may be set or viewed: Parameter Description Dst. Protocol Allows for the selection of the protocol for the destination device. Choose among RIP, OSPF, and BGP. Src. Protocol Allows for the selection of the protocol for the source device.
Page 197: Multicast Static Route Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Multicast Static Route Settings This window is used to create an IP multicast static route configuration entry. To access the Multicast Static Route Settings window, click L3 Features > Multicast Static Route Settings, as shown below: Figure 4- 11.
Page 198: Static/Default Route Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Static/Default Route Settings The Switch supports static routing for IPv4 and IPv6 formatted addressing. Users can create up to 256 static route entries for IPv4 and IPv6 combined. For IPv4 static routes, once a static route has been set, the Switch will send an ARP request packet to the next hop router that has been set by the user.
Page 199: Ipv6 Static/Default Route Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 14. IPv4 Static/Default Route Settings – Add window The following fields can be set: Parameter Description IP Address Allows the entry of an IP address that will be a static entry into the Switch’s Routing Table. Subnet Mask Allows the entry of a subnet mask corresponding to the IP address above.
Page 200 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Interface The IP Interface where the static IPv6 route is created. Next Hop Address The corresponding IPv6 address for the next hop Gateway address in IPv6 format. Metric The metric of the IPv6 interface entered into the table representing the number of routers between the Switch and the IPv6 address above.
Page 201: Route Preference Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Route Preference Settings Route Preference is a way for routers to select the best path when there are two or more different routes to the same destination from two different routing protocols. The majority of routing protocols are not compatible when used in conjunction with each other.
Page 202 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 17. Route Preference Settings window The following fields can be set: Parameter Description RIP (1-999) Enter a value between 1 and 999 to set the route preference for RIP. The lower the value, the higher the chance the specified protocol will be chosen as the best path for routing packets.
Page 203: Static Arp Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Static ARP Settings Address Resolution Protocol (ARP) is a TCP/IP protocol that converts IP addresses into physical addresses. This table allows network managers to view, define, modify and delete ARP information for specific devices. Static entries can be defined in the ARP Table.
Page 204: Gratuitous Arp Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Gratuitous ARP Settings An ARP announcement (also known as Gratuitous ARP) is a packet (usually an ARP Request) containing a valid SHA and SPA for the host which sent it, with TPA equal to SPA. Such a request is not intended to solicit a reply, but merely updates the ARP caches of other hosts which receive the packet.
Page 205: Policy Route Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Policy Route Settings Policy Based routing is a method used by the Switch to give specified devices a cleaner path to the Internet. Used in conjunction with the Access Profile feature, the Switch will identify traffic originating from a device using the Access Profile feature and forward it on to a next hop router that has a more direct connection to the Internet than...
Page 206 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 25. Policy Routing – Add window Adjust the following parameters and click Apply to set the new Policy Route, which will be displayed in the Policy Routing Settings window. Click Show All Policy Route Entries to return to the Policy Routing Settings window.
Page 207: Ecmp Algorithm Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch ECMP Algorithm Settings ECMP algorithm settings allow the user to set the ECMP load balance algorithm which makes it effective for ECMP routing. ECMP routing can be adopted by either OSPF dynamic routes or by static routes which are configured with equal cost. The OSPF protocol maintains multiple equal-cost routes to all destinations.
Page 208: Ip Tunnel Settings
IPv6, and the development of transition strategies, tools, and mechanisms has been part of the basic IPv6 design from the start. This IPv6 tunneling mechanism is one of D-Link’s strategies for solving the transition from IPv4 to IPv6. To configure these settings, click L3 Features > IP Tunnel Settings, as shown below: Figure 4- 27.
Page 209 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description Interface Na This is the IPv6 tunnel inte rface name. Interface Admin Enable or disable IP tunneling. State Mode Select from Manual, 6to4, or ISATAP. Manual is used to configure an existing IPv6 tunnel as an IPv6 manual tunnel on the Switch.
Page 210: Rip
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The Routing Information Protocol is a distance-vector routing protocol. There are two types of network devices running RIP - active and passive. Active devices advertise their routes to others through RIP messages, while passive devices listen to these messages.
Page 211: Rip
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch RIP 1 Message RIP is not limited to TCP/IP. Its address format can support up to 14 octets (when using IP, the remaining 10 octets must be zeros). Other network protocol suites can be specified in the Family of Source Network field (IP has a value of 2). This will determine how the address field is interpreted.
Page 212 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 31. RIP Interface Settings window Click the hyperlinked name of the interface to configure the settings for RIP, which will give access to the following window: Figure 4- 32. RIP Interface Settings - Edit window Refer to the table below for a description of the available parameters for RIP interface settings.
Page 213: Ripng
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch RIPng The Switch supports Routing Information Protocol next generation (RIPng). RIPng is a routing protocol that exchanges routing information used to compute routes and is intended for IPv6-based networks. RIPng Global Settings This window allows users to set up RIPng.
Page 214: Ripng Interface Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch RIPng Interface Settings This window allows users to configure RIPng interface settings. To view this window, click L3 Features > RIP > RIPng > RIPng Interface Settings, as shown below: Figure 4- 34.
Page 215: Ospf
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch OSPF The Open Shortest Path First (OSPF) routing protocol uses a link-state algorithm to determine routes to network destinations. A “link” is an interface on a router and the “state” is a description of that interface and its relationship to neighboring routers. The state contains information such as the IP address, subnet mask, type of network the interface is attached to, other routers attached to the network, etc.
Page 216 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 36. Constructing a Shortest Path Tree Figure 4- 37. Constructing a Shortest Path Tree The diagram above shows the network from the viewpoint of Router A. Router A can reach 192.213.11.0 through Router B with a cost of 10 + 5 = 15.
Page 217 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Router A 128.213.0.0 Router B Router C 192.213.11.0 222.211.10.0 Figure 4- 38. Constructing a Shortest Path Tree - Completed Note that this shortest path tree is only from the viewpoint of Router A. The cost of the link from Router B to Router A, for instance is not important to constructing Router A’s shortest path tree, but is very important when Router B is constructing its shortest path tree.
Page 218: Ospf Authentication
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch network. Border Routers also have the responsibility of distributing routing information from the Autonomous System Border Router in order for routers in the network to get and maintain routes to other Autonomous Systems. Network link-state updates are generated by a router elected as the Designated Router on a multi-access segment (with more than one attached router).
Page 219: Designated Router Election
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Authentication − OSPF allows for the configuration of a password for a specific area. Two routers on the same segment and belonging to the same area must also have the same OSPF password before they can become neighbors. Hello and Dead Intervals −...
Page 220 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Database Description packet Link-State Request packet Link-State Update packet Link-State Acknowledgment packet OSPF Packet Header Every OSPF packet is preceded by a common 24-byte header. This header contains the information necessary for a receiving router to determine if the packet should be accepted for further processing.
Page 221 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Hello Packet Version No. Packet Length Router ID Area ID Checksum Authentication Type Authentication Authentication Network Mask Hello Interval Options Router Priority Router Dead Interval Designated Router Backup Designated Router Neighbor Figure 4- 40.
Page 222 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Database Description Packet Packet Length Version No. Router ID Area ID Checksum Authentication Type Authentication Authentication Reserved I M MS Reserved Options DD Sequence No. Link-State Advertisement Header ... Figure 4- 41. Database Description Packet Field Description Options...
Page 223 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Link-State Request Packet Packet Length Version No. Router ID Area ID Checksum Authentication Type Authentication Authentication Link-State Type Link-State ID Advertising Router Figure 4- 42. Link-State Request Packet Each advertisement requested is specified by its Link-State Type, Link-State ID, and Advertising Router. This uniquely identifies the advertisement, but not its instance.
Page 224 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Depending on the state of the sending interface and the source of the advertisements being acknowledged, a Link-State Acknowledgment packet is sent either to the multicast address AllSPFRouters, to the multicast address AllDRouters, or as a unicast packet.
Page 225 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Link-State Advertisement Header Link-State Age Options Link-State Type Link-State ID Advertising Router Link-State Sequence Number Link-State Checksum Length Figure 4- 45. Link State Advertisement Header Field Description Link State Age The time is seconds since the link state advertisement was originated.
Page 226 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Routers Links Advertisements Link-State Age Options Link-State Type Link-State ID Advertising Router Link-State Sequence Number Link-State Checksum Length Reserved Reserved Number of Links Link ID Link Data Type No. Of TOS TOS 0 Metric Metric Metric...
Page 227 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Link ID Identifies the object that this router link connects to. Value depends on the link’s Type. When connecting to an object that also originates a link state advertisement (i.e. another router or a transit network) the Link ID is equal to the neighboring advertisement’s Link State ID.
Page 228 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Field Description Network Mask The IP address mask for the network. Attached Router The Router IDs of each of the routers attached to the network. Only those routers that are fully adjacent to the Designated Router (DR) are listed.
Page 229 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch when no specific route exists to the destination. When describing a default route, the Link State ID is always set with the Default Destination address (0.0.0.0) and the Network Mask is set to 0.0.0.0. The format of the AS External Link Advertisement is shown below: AS External Link Advertisements Link-State Age...
Page 230 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 50. NSSA Area example The NSSA ASBR (Not So Stubby Area Autonomous System Border Router) is receiving External Route information and translating it as an LSA Type-7 packet that will be distributed ONLY to switches within the NSSA (Area 2 in the example above). For this route’s information to enter another area, the LSA Type-7 packet has to be translated into an LSA Type-5 packet by the NSSA ABR (Area Border Router) and then is distributed to other switches within the other OSPF areas (Area 1 and 2 in the example above).
Page 231 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Field Description Link State This field will hold information concerning information regarding the LS Checksum, Packet Header length, LS sequence number, Advertising Router, Link State ID, LS age, the packet type (Type-7), and the options field.
Page 232: Ospf
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch OSPF The Switch supports Open Shortest Path First (OSPF), a dynamic routing protocol used in Internet Protocol (IP) networks. OSPF Global Settings This window allows OSPF to be enabled or disabled on the Switch − without changing the Switch’s OSPF configuration. To enable OSPF, first supply an OSPF Router ID (see below), select Enabled from the State drop-down menu and click the Apply button.
Page 233: Ospf Area Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch OSPF Area Settings This window allows the configuration of OSPF Area IDs and to designate these areas as Normal, Stub or NSSA. Normal OSPF areas allow Link-State Database (LSDB) advertisements of routes to networks that are external to the area. Stub areas do not allow the LSDB advertisement of external routes.
Page 234 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Stub Summary Displays whether or not the selected Area will allow Summary Link-State Advertisements (Summary LSAs) to be imported into the area from other areas. NSSA Summary Use the pull-down menu to enable or disable the importing of OSPF summary routes into the NSSA as Type-3 summary LSAs.
Page 235: Ospf Interface Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch OSPF Interface Settings This window is used to set up OSPF interfaces. If there are no IP interfaces configured (besides the default System interface), only the System interface settings will appear listed. To change settings for an IP interface, click on the hyperlinked name of the interface to see the configuration window for that interface.
Page 236 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Interface Name Displays the IP interface previously configured on the Switch. IP Address Displays the IP address of the IP interface to be edited. Network Medium Displays the network medium type of the IP interface to be edited. Type Area ID Allows the entry of an OSPF Area ID configured above.
Page 237: Ospf Virtual Link Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch OSPF Virtual Link Settings This window shows the current OSPF Virtual Interface Settings. There are no virtual interface settings configured by default, so the first time this table is viewed there will be no interfaces listed. To add a new OSPF virtual interface configuration set to the table, click the Add button.
Page 238: Ospf Area Aggregation Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Password/Auth. Key Enter a case-sensitive password for simple authorization or enter the MD5 key you set in the MD5 Key Settings window. Transmit Delay The number of seconds required to transmit a link state update over this virtual link. Transit delay takes into account transmission and propagation delays.
Page 239: Ospf Host Route Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description Allows the entry the OSPF Area ID for which the routing information will be aggregated. This Area ID Area ID must be previously defined on the Switch. Network Number Sometimes called the Network Address.
Page 240: Ospfv3
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch OSPFv3 The Switch supports Open Shortest Path First (OSPF) version 3, a dynamic routing protocol used in Internet Protocol (IP) version 6 networks. OSPFv3 Global Settings This window allows OSPFv3 to be enabled or disabled on the Switch − without changing the Switch’s OSPFv3 configuration. To enable OSPFv3, first supply an OSPFv3 Router ID (see below), select Enabled from the State drop-down menu and click the Apply button.
Page 241 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 64. OSPFv3 Area Table window To search for an entry by Area ID, click the Find button. To display all Area entries, click the View All button. To remove an entry from the table, click its corresponding under the Delete heading.
Page 242 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Clicking the Modify button on the OSPFv3 Area Table window will reveal the following window to configure: Figure 4- 66. OSPFv3 Area Settings - Edit window The OSPFv3 Area configurable settings are as follows: Parameter Description Area ID...
Page 243 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch OSPFv3 Interface Settings This window is used to set up OSPFv3 interfaces. To change settings for an existing IP interface, click on the hyperlinked name of the interface to see the configuration window for that interface. To view the following window, click L3 Features >...
Page 244 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Interface Name Displays the entry of an IP interface previously configured on the Switch. Area ID Allows the entry of an OSPFv3 Area ID configured above. Priority (0-255) Allows the entry of a number between 0 and 255 representing the OSPFv3 priority of the selected interface.
Page 245 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch OSPFv3 Virtual Interface Settings This window shows the current OSPFv3 Virtual Interface Settings. There are no virtual interface settings configured by default, so the first time this table is viewed there will be no interfaces listed. To add a new OSPFv3 virtual interface configuration set to the table, click the Add button.
Page 246 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 71. OSPFv3 Virtual Interface Settings - Edit window Configure the following parameters if you are adding or changing an OSPFv3 Virtual Interface: Parameter Description Allows the entry of an OSPFv3 Area ID − previously defined on the Switch − that allows a Area ID remote area to communicate with the backbone (area 0).
Page 247 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch OSPFv3 Area Aggregation Settings Area Aggregation allows all of the routing information that may be contained within an area to be aggregated into a summary LSDB advertisement of just the network address and subnet mask. This allows for a reduction in the volume of LSDB advertisement traffic as well as a reduction in the memory overhead in the Switch used to maintain routing tables.
Page 248 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 74. OSPFv3 Area Aggregation Settings - Edit window Specify the OSPFv3 aggregation settings and click the Apply button to add or change the settings. The new settings will appear listed in the OSPFv3 Area Aggregation Settings window.
Page 249: Dhcp Server
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCP Server For this release, the Switch now has the capability to act as a DHCP server to devices within its locally attached network. DHCP, or Dynamic Host Configuration Protocol, allows the Switch to delegate IP addresses, subnet masks, default gateways and other IP parameters to devices that request this information.
Page 250: Dhcp Server Exclude Address Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCP Server Exclude Address Settings The following window will allow the user to set an IP address, or a range of IP addresses that are NOT to be included in the range of IP addresses that the Switch will allot to clients requesting DHCP service.
Page 251 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 78. Config DHCP Pool window The following parameters may be configured or viewed. Parameter Description Pool Name Denotes the name of the DHCP pool for which you are currently adjusting the parameters. IP Address Enter the IP address to be assigned to requesting DHCP Clients.
Page 252 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Enter the IP address of the default router for a DHCP Client. Users must configure at least one Default Router address here, yet up to three IP addresses can be configured for this field. The IP address of the default router must be on the same subnet as the DHCP client.
Page 253: Dhcp Server Dynamic Binding
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCP Server Dynamic Binding The following window will allow users to view dynamically bound IP addresses of the DHCP server. These IP addresses are ones that were allotted to clients on the local network and are now bound to the device stated by its MAC address. To view this window, click L3 Features >...
Page 254: Dhcp Server Manual Binding
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCP Server Manual Binding The following windows will allow users to view and set manual DHCP entries. Manual DHCP entries will bind an IP address with the MAC address of a client within a DHCP pool. These entries are necessary for special devices on the local network that will always require a static IP address that cannot be changed.
Page 255: Dhcpv6 Server
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCPv6 Server DHCPv6 Server Global Settings This window is used to configure DHCPv6 server global settings, including specifying the range of IPv6 network addresses for the DHCPv6 pool. The IPv6 addresses in the range are free to be assigned to the DHCPv6 client. When the DHCPv6 server receives a request from the client, the server will automatically find an available pool to allocate an IPv6 address.
Page 256 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The following parameter may be configured: Parameter Description Pool Name Enter the pool name. Click Apply to set the entry. To remove an entry from the table, click its corresponding under the Delete heading.
Page 257 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Address End Network The ending IPv6 network address of the DHCPv6 pool. Address Domain Name Enter the domain name. The domain name configured here will be used as the default domain name by the client.
Page 258: Dhcpv6 Server Manual Binding Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCPv6 Server Manual Binding Settings This window is used to configure DHCPv6 server manual binding settings. An address binding is a mapping between the IPv6 address and DUID (A DHCPv6 Unique Identifier for a DHCPv6 participant) of a client. The IPv6 address specified in the manual binding entry must be in the range of the DHCPv6 pool.
Page 259: Dhcpv6 Server Dynamic Binding Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCPv6 Server Dynamic Binding Settings This window is used to display the DHCPv6 dynamic binding information. Entering the command without the pool name will display all information regarding DHCPv6 dynamic binding on the switch. This command only displays the dynamic binding information, not including manual binding information.
Page 260: Dhcpv6 Server Interface Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCPv6 Server Interface Settings This window is used to enable the DHCPv6 server global state on the Switch. To view this window, click L3 Features > DHCPv6 Server > DHCPv6 Server Interface Settings, as shown below: Figure 4- 91.
Page 261: Dhcpv6 Server Excluded Address Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DHCPv6 Server Excluded Address Settings This window is used to configure the reserved IPv6 addresses on the DHCPv6 server. To view this window, click L3 Features > DHCPv6 Server > DHCPv6 Server Excluded Address Settings, as shown below: Figure 4- 93.
Page 262: Filter Dhcp Server
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Filter DHCP Server The Dynamic Host Configuration Protocol (DHCP) automates the assignment of IP addresses, subnet masks, default routers, and other IP parameters. The assignment usually occurs when the DHCP configured machine boots up or regains connectivity to the network.
Page 263 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 96. Filter DHCP Server Port State Settings window The following parameters may be configured. Parameter Description State Enable or disable the Filter DHCP Server Port State Settings. PortList Enter the ports that will enable filter DHCP server.
Page 264: Dns Relay
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DNS Relay Computer users usually prefer to use text names for computers for which they may want to open a connection. Computers themselves, require 32 bit IP addresses. Somewhere, a database of network devices’ text names and their corresponding IP addresses must be maintained.
Page 265: Dns Relay Static Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Secondary Name Allows the entry of the IP address of a secondary domain name server (DNS). Server DNSR Cache Status This can be toggled between Disabled and Enabled. This determines if a DNS cache will be enabled on the Switch.
Page 266: Dns Resolver
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DNS Resolver The DNS Resolver provides a solution to translate the domain name to an IP address for application on the switch itself. DNS Resolver Global Settings This window is used to configure the DNS resolver state and name server timeout. To view this window, click L3 Features >...
Page 267: Dns Resolver Dynamic Name Server Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 101. DNS Resolver Static Name Server Settings window The following fields can be set: Parameter Description Primary Tick the check box to indicate the name server is a primary name server. IP Address Enter the DNS resolver name server IP address.
Page 268: Dns Resolver Dynamic Host Name Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 104. DNS Resolver Static Host Name Settings window The following fields can be set: Parameter Description Host Name Enter the host’s host name. IP Address Enter the host’s IP address. Click Apply to implement changes made.
Page 269: Vrrp Virtual Router Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 106. VRRP Global Settings window The following fields can be set: Parameter Description VRRP State Use the pull-down menu to enable or disable VRRP globally on the Switch. The default is Disabled.
Page 270 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 108. VRRP Virtual Router Settings – Add window Or, the user may click the hyperlinked Interface Name to view the same window: The following parameters may be set to configure an existing or new VRRP interface. Parameter Description Interface Name...
Page 271 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch address of a real device on the network. If the connection from the virtual router to this IP address fails, the virtual router will automatically disabled. A new Master will be elected from the backup routers participating in the VRRP group.
Page 272 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Virtual MAC Address The MAC address of the device that holds the Virtual router. Virtual Router State Displays the current status of the virtual router. Possible states include Initialize, Master and Backup.
Page 273 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch This window displays the following information: Parameter Description Interface Name The name of a previously configured IP interface used to create a VRRP entry is displayed. This IP interface must have been assigned to a VLAN on the Switch. VRID (1-255) The value displayed between 1 and 255 to uniquely identify this VRRP group on the Switch.
Page 274: Vrrp Authentication Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch VRRP Authentication Settings This window is used to set the authentication for each Interface configured for VRRP. This authentication is used to identify incoming message packets received by a router. If the authentication is not consistent with incoming packets, they will be discarded.
Page 275: Ip Multicast Routing Protocol
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch IP Multicast Routing Protocol The functions supporting IP multicasting are found in L3 Features > IP Multicast Routing Protocol. IGMP, DVMRP, and PIM- DM/SM/SM-DM can be enabled or disabled on the Switch without changing the individual protocol’s configuration by using the DGS-3600 Web Management Tool.
Page 276: Igmp Version 3
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The states a computer will go through to join or to leave a multicast group are shown below: Figure 4- 115. IGMP State Transitions IGMP Version 3 The current release of the Switch now implements IGMPv3. Improvements of IGMPv3 over version 2 include: •...
Page 277: Igmp Interface Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Timers As previously mentioned, IGMPv3 incorporates filters to include or exclude sources. These filters are kept updated using timers. IGMPv3 utilizes two types of timers, one for the group and one for the source. The purpose of the filter mode is to reduce the reception state of a multicast group so that all members of the multicast group are satisfied.
Page 278: Igmp Check Subscriber Source Network Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch This window allows the configuration of IGMP for each IP interface configured on the Switch. IGMP can be configured as Version 1, 2 or 3 by toggling the Version field using the pull-down menu. The length of time between queries can be varied by entering a value between 1 and 31,744 seconds in the Query Interval field.
Page 279: Dvmrp Global Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 4- 119. IGMP Check Subscriber Source Network Settings (Edit) window DVMRP Interface Configuration The Distance Vector Multicast Routing Protocol (DVMRP) is a hop-based method of building multicast delivery trees from multicast sources to all nodes of a network.
Page 280: Dvmrp Interface Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch DVMRP Interface Settings This window allows the Distance-Vector Multicast Routing Protocol (DVMRP) to be configured for each IP interface defined on the Switch. Each IP interface configured on the Switch is displayed in the below DVMRP Interface Settings window. To configure DVMRP for a particular interface, click the corresponding hyperlink for that IP interface.
Page 281: Pim
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch PIM or Protocol Independent Multicast is a method of forwarding traffic to multicast groups over the network using any pre- existing unicast routing protocol, such as RIP or OSPF, set on routers within a multicast network. The Switch supports three types of PIM, Dense Mode (PIM-DM), Sparse Mode (PIM-SM), and Sparse-Dense Mode (PIM-DM-SM).
Page 282: Pim Global Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch sources to determine which single router will send the receiver the necessary multicast data. The source with the shortest metric (hop count) will be elected as the primary multicast source. This metric value is included within the Assert message. PIM-DM The Protocol Independent Multicast - Dense Mode (PIM-DM) protocol should be used in networks with a low delay (low latency) and high bandwidth as PIM-DM is optimized to guarantee delivery of multicast packets, not to reduce overhead.
Page 283: Pim Interface Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Last Hop SPT This field is used by the last hop router to decide whether to receive multicast data from the Switchover shared tree or switch over to the shortest path tree. When the switchover mode is set to never, the last hope router will always receive multicast data from the shared tree.
Page 284: Pim Candidate Bsr Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description This read-only field denotes the IP interface selected to be configured for PIM. Interface Name This read-only field denotes the IP address of the IP interface selected to be configured for IP Address PIM.
Page 285 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description Enter a hash mask length, which will be used with the IP address of the candidate RP and the Candidate BSR Hash Mask Len (0- multicast group address, to calculate the hash algorithm used by the router to determine which C-RP on the PIM-SM enabled network will be the RP.
Page 286: Pim Candidate Rp Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch PIM Candidate RP Settings The following window is used to set the Parameters for this Switch to become a candidate RP. To view this window, click L3 Features > IP Multicast Routing Protocol > PIM > PIM Candidate RP Settings, as shown below: Figure 4- 129.
Page 287: Pim Static Rp Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description IP Address Enter the IP address of the device to be added as a Candidate RP. Subnet Mask Enter the corresponding subnet mask of the device to be added as a Candidate RP. Interface Enter the IP interface where this device is located.
Page 288: Bgp
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description Enter the IP address of the RP for which the data part will be included when calculating RP Address checksum for registering packets to the RP. Click Apply to add the RP into the checksum including the data list. To remove an entry from the table, click its corresponding under the Delete heading.
Page 289 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch To configure BGP state settings on the Switch, complete the following fields: Parameter Description BGP State Settings BGP State Use the drop-down menu to enable or disable the Border Gateway Protocol state. By disabling the BGP protocol, all peers will be disconnected and dynamic routes will be deleted.
Page 290: Bgp Aggregate Address Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Used to enable or disable AS Path Ignore, Compare Router ID, Med Confed, MED Missing Bestpath Option State As Worst, and Compare Confed Aspath. The default is Disabled. Default Local Enter a default local preference between 0 and 4294967295.
Page 291: Bgp Network Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description IP Address Enter the IP network address to be aggregated. Netmask Enter the netmask of the IP network address to be aggregated. Summary Only Tick this check box to stop more specific routes from being advertised. The default setting is unticked.
Page 292: Bgp Dampening Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Dampening Settings This window is used to configure the Border Gateway Protocol (BGP) process’s dampening settings. The purpose of this feature is to eliminate the dampening of routes and thus to avoid unstable networks caused by flapping routes. To view this window, click L3 Features >...
Page 293: Bgp Peer Group Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Peer Group Settings This window is used to create or delete a Border Gateway Protocol (BGP) neighbor. To view this window, click L3 Features > BGP > BGP Peer Group Settings, as shown below: Figure 4- 137.
Page 294: Bgp Neighbor Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Neighbor Settings This window is used to configure a Border Gateway Protocol (BGP) neighbor. To view this window, click L3 Features > BGP > BGP Neighbor Settings, as shown below: Figure 4- 138.
Page 295 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Neighbor Description Settings IP Address Enter the IP address of the BGP speaking neighbor. Peer Group Name Enter the name of the BGP peer group. Action Toggle between Description and Clear Description. Description associates a description with a neighbor.
Page 296: Bgp Neighbor General & Timer Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Neighbor General & Timer Settings This window is used to configure the BGP neighbor’s general and timer settings. To view this window, click L3 Features > BGP > BGP Neighbor General & Timer Settings, as shown below: Figure 4- 139.
Page 297 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch setting is Disabled. If no number is supplied, the default value of three times is used. Allowas In Value (1- Enter an Allowas In Value between 1 and 10. Default Originate Enable or disable the default originate function.
Page 298: Bgp Neighbor Map & Filter Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Neighbor Map & Filter Settings This window is used to configure BGP neighbor map and filter settings. To view this window, click L3 Features > BGP > BGP Neighbor Map & FilterSettings, as shown below: Figure 4- 140.
Page 299: Bgp Reflector Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Enter the IP address of the neighbor to be configured. IP Address Peer Group Name Enter the peer group to be configured. Filter List Type Toggle between In and Out to apply to either inbound or outbound traffic. Filter List Action Toggle between Add and Delete.
Page 300: Bgp Confederation Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch To configure BGP reflector settings on the Switch, complete the following fields: Parameter Description BGP Reflector Settings Route Reflector Enter the IP address of the cluster ID. The route reflector and its clients together form a Cluster ID cluster.
Page 301: Bgp As Path Access List Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch To configure BGP confederation settings on the Switch, complete the following fields: Parameter Description Confederation Enter an Autonomous System number which is used to specify a BGP confederation. If it is Identifier (0-65535) set to zero, the BGP confederation number is deleted.
Page 302: Bgp Community List Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Community List Settings This window is used to configure the matching rules for a BGP community list. To view this window, click L3 Features > BGP > BGP Community List Settings, as shown below: Figure 4- 144.
Page 303: Bgp Clear
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Clear This window is used to reset the Border Gateway Protocol (BGP) connections using hard or soft reconfigurations. To view this window, click L3 Features > BGP > BGP Clear, as shown below: Figure 4- 146.
Page 304: Bgp Summary Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Summary Table To view this read-only window, click L3 Features > BGP > BGP Summary Tables, as shown below: Figure 4- 147. BGP Summary Information window The BGP summary information parameters are described below: Parameter Description BGP Summary Information...
Page 305: Bgp Route Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Route Table To view this window, click L3 Features > BGP > BGP Route Table, as shown below: Figure 4- 148. BGP Route Information window The BGP route information parameters are described below: Parameter Description Regexp...
Page 306 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch This is used to display the host route that matches the specified IP address. IP Address Netmask This field works with the above IP address and is used to display the route that matches the specified network address.
Page 307: Bgp Dampened Route Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Dampened Route Table This read-only window displays BGP dampened route information. To view this window, click L3 Features > BGP > BGP Dampened Route Table, as shown below: Figure 4- 149. BGP Dampened Route Information window The BGP dampened route information parameters are described below: Parameter Description...
Page 308: Bgp Flap Statistics Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Flap Statistics Table This read-only window displays BGP flap statistics information. To view this window, click L3 Features > BGP > BGP Flap Statistics Table, as shown below: Figure 4- 150. BGP Flap Statistics Information window The BGP flap statistics table information parameters are described below: Parameter Description...
Page 309: Bgp Neighbors List
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch BGP Neighbors List To view this window, click L3 Features > BGP > BGP Neighbors List, as shown below: Figure 4- 151. Show BGP Neighbor window The BGP neighbor list parameters are described below: Parameter Description Show BGP Neighbor...
Page 310: Ip Route Filter
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch IP Route Filter IP Prefix List Settings This window is used to create and configure an IP prefix list. To view this window, click L3 Features > IP Route Filter > IP Prefix List Settings, as shown below: Figure 4- 152.
Page 311: Ip Standard Access List Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch IP Standard Access List Settings This window is used to create an access list used to filter routes. To view this window, click L3 Features > IP Route Filter > IP Standard Access List Settings, as shown below: Figure 4- 153.
Page 312: Qos
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Section 5 802.1p Settings Bandwidth Control HOL Prevention Settings Schedule Settings The Switch supports 802.1p priority queuing Quality of Service. The following section discusses the implementation of QoS (Quality of Service) and benefits of using 802.1p priority queuing. Advantages of QoS QoS is an implementation of the IEEE 802.1p standard that allows network administrators a method of reserving bandwidth for important functions that require a large bandwidth or have a high priority, such as VoIP (voice-over Internet Protocol), web...
Page 313: Understanding Qos
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch the Switch. Then in turn, the administrator will set a priority for this queue so that will be emptied before any other packet is forwarded. This results in the end user receiving all packets sent as quickly as possible, thus prioritizing the queue and allowing for an uninterrupted stream of packets, which optimizes the use of bandwidth available for the video conference.
Page 314: 802.1P Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 802.1p Settings The 802.1p Settings section includes 802.1p Default Priority Settings and 802.1p User Priority Settings. 802.1p Default Priority Settings The Switch allows the assignment of a default 802.1p priority to each port on the Switch.
Page 315 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 5- 3. 802.1p User Priority Settings window Once a priority to the port groups on the Switch has been assigned, users can then assign this Class to each of the eight levels of 802.1p priorities.
Page 316: Bandwidth Control
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Bandwidth Control The Bandwidth Control section includes Bandwidth Control Settings and Per Queue Bandwith Control Settings. Bandwidth Control Settings The bandwidth control settings are used to place a ceiling on the transmitting and receiving data rates for any selected port. To view the Bandwidth Control Settings window, click QoS >...
Page 317: Per Queue Bandwidth Control Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Per Queue Bandwidth Control Settings This window is used to sets the bandwidth control for each specific queue on specified ports. To view the Per Queue Bandwidth Control Settings window, click QoS > Bandwidth Control > Per Queue Bandwidth Control Settings, as shown below: Figure 5- 5.
Page 318: Hol Prevention Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Click Apply to set the per queue bandwidth control for the selected ports. Results of configured per queue bandwidth settings will be displayed in the Queue Bandwidth Table. HOL Prevention Settings This window is used to enable or disable Head of Line (HOL) prevention.
Page 319 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 5- 7. QoS Output Scheduling Settings window The following values may be assigned to the QoS classes to set the scheduling. Parameter Description Select the unit to configure. Unit A consecutive group of ports may be configured starting with the selected port.
Page 320 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch the maximum number of packets a given priority class of service can transmit per weighted round-robin (WRR) scheduling cycle to be selected. This provides for a controllable CoS behavior while allowing other classes to empty as well. A value between 0 and 15 packets can be specified per priority class of service to create the combination queue.
Page 321: Qos Scheduling Mechanism Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch QoS Scheduling Mechanism Settings Changing the output scheduling used for the hardware queues in the Switch can customize QoS. As with any changes to QoS implementation, careful consideration should be given to how network traffic in lower priority queues is affected. Changes in scheduling may result in unacceptable levels of packet loss or significant transmission delay.
Page 322: Acl
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Section 6 Time Range Access Profile Table ACL Flow Meter CPU Interface Filtering Time Range The Time Range window is used in conjunction with the Access Profile feature to determine a starting point and an ending point, based on days of the week, when an Access Profile configuration will be enabled on the Switch.
Page 323: Access Profile Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Click Apply to implement changes made. Currently configured entries will be displayed in the Time Range Information table in the bottom half of the window shown above. Access profiles allow users to establish criteria to determine whether or not the Switch will forward packets based on the information contained in each packet's header.
Page 324 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch header. Select IP to instruct the Switch to examine the IP address in each frame's header. Select Packet Content Mask to specify a mask to hide the content of the packet header.
Page 325 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The following parameters can be set, for IP: Parameter Description Profile ID (1-14) Type in a unique identifier number for this profile set. This value can be set from 1 to 14. Type Select profile based on Ethernet (MAC Address), IP address, Packet Content Mask, or IPv6 address.
Page 326 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch protocol ID mask in hex form (hex 0x0-0xff) or a user value. Click Apply to implement changes made. The window shown below is the Access Profile Configuration window for Packet Content Mask.
Page 327 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The window shown below is the Access Profile Configuration window for IPv6. Figure 6- 6. Access Profile Configuration window (IPv6) This screen will aid the user in configuring the Switch to mask packet headers beginning with the offset value specified. The following fields are used to configure the IPv6: Parameter Description...
Page 328 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 0x0-0xffff) which you wish to filter. Select UDP to use the IPv6 UDP port number contained in an incoming packet as the forwarding criterion. Selecting IPv6 UDP requires that you specify a source port mask and/or a destination port mask.
Page 329 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 6- 9. Access Rule Table window Click Add Rule to add a new Rule for an existing profile. The Access Rule Configuration window will appear. To remove a previously created rule, select it and click the button.
Page 330 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Select Deny to specify that packets that do not match the access profile are not forwarded by the Switch and will be filtered. Select Mirror to specify that packets that match the access profile are mirrored to a port defined in the Port Mirroring window.
Page 331 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch configured in the Time Range Settings window. This will set specific times when this access rule will be implemented on the Switch. Counter Tick the check box and use the pull-down menu to employ the Counter that will count the packets identified with this rule.
Page 332 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 6- 12. Access Rule Configuration window (IP) Configure the following Access Rule Configuration settings for IP: Parameter Description Profile ID This is the identifier number for this profile set. Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below).
Page 333 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch This parameter is specified to re-write the 802.1p default priority previously set in the Switch, which Priority (0-7) is used to determine the CoS queue to which packets are forwarded to. Once this field is specified, packets accepted by the Switch that match this priority are forwarded to the CoS queue specified previously by the user.
Page 334 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The window shown below will appear. Figure 6- 14. Access Rule Display window (IP) The following window is the Access Rule table for Packet Content. Figure 6- 15. Access Rule Table window (Packet Content Mask) To remove a previously created rule, select it and click the button.
Page 335 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 6- 16. Access Rule Configuration window (Packet Content Mask) To set the Access Rule for the Packet Content Mask, adjust the following parameters and click Apply. Parameter Description Profile ID This is the identifier number for this profile set.
Page 336 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch This parameter is specified to re-write the 802.1p default priority previously set in the Switch, Priority (0-7) which is used to determine the CoS queue to which packets are forwarded to. Once this field is specified, packets accepted by the Switch that match this priority are forwarded to the CoS queue specified previously by the user.
Page 337 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 6- 17. Access Rule Display window (Packet Content Mask) NOTE: When using the ACL Mirror function, ensure that the Port Mirroring function is enabled and a target mirror port is set. To configure the Access Rule for IPv6, open the Access Profile Table window and click Modify for an IPv6 entry.
Page 338 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 6- 19. Access Rule Configuration window (IPv6) To set the Access Rule for the IPv6, adjust the following parameters and click Apply. Parameter Description Profile ID This is the identifier number for this profile set. Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below).
Page 339 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch command, before forwarding it on to the specified CoS queue. Otherwise, a packet will have its incoming 802.1p user priority re-written to its original value before being forwarded by the Switch. For more information on priority queues, CoS queues and mapping for 802.1p, see the QoS section of this manual.
Page 340: Acl Flow Meter
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch ACL Flow Meter Before configuring the ACL Flow Meter, here is a list of acronyms and terms users will need to know. trTCM – Two Rate Three Color Marker. This, along with the srTCM, are two methods available on the switch for metering and marking packet flow.
Page 341 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 6- 21. ACL Flow Meter Table window The previous window allows users to view the ACL profile and rule that is utilizing the ACL Flow Meter function, and the mode associated with that profile and rule.
Page 342 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch following parameters to determine the color rate of the IP packet flow. CIR – The Committed Information Rate can be set between 0 and 156249. IP flow rates at or below this level will be considered green.
Page 343: Cpu Interface Filtering
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 6- 23. ACL Flow Meter Display window CPU Interface Filtering Due to a chipset limitation and the need for extra switch security, the Switch incorporates CPU Interface filtering. This added feature increases the running security of the Switch by enabling the user to create a list of access rules for packets destined for the Switch’s CPU interface.
Page 344 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch To view this windw, click ACL > CPU Interface Filtering > CPU Interface Filtering Table, as shown below: Figure 6- 25. CPU Interface Filtering Table window To add an entry to the CPU Interface Filtering Table, click the Add Profile button. This will open the CPU Interface Filtering Profile Configuration window, as shown below: There are four CPU Access Profile Configuration windows;...
Page 345 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The window shown below is the CPU Interface Filtering Configuration for IP window. Figure 6- 27. CPU Interface Filtering Configuration window (IP) The following parameters can be modified: Parameter Description Profile ID (1-5) Type in a unique identifier number for this profile set.
Page 346 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch header. Users must then specify what protocol(s) to include according to the following guidelines: Select ICMP to instruct the Switch to examine the Internet Control Message Protocol (ICMP) field in each frame's header. Select Type to further specify that the access profile will apply an ICMP type value, or specify Code to further specify that the access profile will apply an ICMP...
Page 347 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The window shown below is the CPU Interface Filtering Configuration window for the Packet Content Mask. Figure 6- 28. CPU Interface Filtering Configuration window (Packet Content) This window will aid the user in configuring the Switch to mask packet headers beginning with the offset value specified. The following fields are used to configure the Packet Content Mask: Parameter Description...
Page 348 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch This field will instruct the Switch to mask the packet header beginning with the offset value Offset specified: value (0-15) – Enter a value in hex form to mask the packet from the beginning of the packet to the 15th byte.
Page 349 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Address the IP address mask, in hex form. Click Apply to implement changes made. To establish the rule for a previously created CPU Access Profile: To view this window, click ACL > CPU Interface Filtering > CPU Interface Filtering Table, as shown below: Figure 6- 30.
Page 350 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 6- 32. CPU Interface Filtering Rule Configuration window (Ethernet) To set the CPU Access Rule for Ethernet, adjust the following parameters and click Apply. Parameters Description Profile ID This is the identifier number for this profile set. Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below).
Page 351 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Click the check box and enter the name of the Time Range settings that has been previously Time Range configured in the Time Range Settings window. This will set specific times when this CPU access rule will be implemented on the Switch.
Page 352 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 6- 35. CPU Interface Filtering Rule Configuration window (IP) Configure the following Access Rule Configuration settings for IP: Parameter Description Profile ID This is the identifier number for this profile set. Mode Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below).
Page 353 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch access rule will be implemented on the Switch. To view the settings of a previously correctly configured rule, click in the Access Rule Table to view the following window: Figure 6- 36. CPU Interface Filtering Rule Display window (IP) The following window is the CPU Interface Filtering Rule Table for Packet Content.
Page 354 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 6- 38. CPU Interface Filtering Rule Configuration window (Packet Content Mask) To set the Access Rule for Ethernet, adjust the following parameters and click Apply. Parameters Description Profile ID This is the identifier number for this profile set.
Page 355 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Selected profile based on Ethernet (MAC Address), IP address, Packet Content Mask, or IPv6. Type Ethernet instructs the Switch to examine the layer 2 part of each packet header. IP instructs the Switch to examine the IP address in each frame's header. Packet Content Mask instructs the Switch to examine the packet header.
Page 356 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The following window is the CPU Access Rule Table for IPv6. Figure 6- 40. CPU Access Rule Table window (IPv6) To create a new rule set for an access profile click the Add button. A new window is displayed. To remove a previously created rule, click the corresponding button.
Page 357 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Packet Content Mask instructs the Switch to examine the packet header. IPv6 instructs the Switch to examine the IPv6 part of each packet header. Class (0-255) Entering a value between 0 and 255 will instruct the Switch to examine the class field of the IPv6 header.
Page 358: Security
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Section 7 Security Authorization Attributes State Settings Traffic Control Port Security IP-MAC-Port Binding 802.1X Web-based Access Control (WAC) Trust Host BPDU Attack Protection Settings ARP Spoofing Prevention Settings Access Authentication Control MAC based Access Control Safeguard Engine Traffic Segmentation...
Page 359 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch has been detected (that is, once the packet threshold set below has been exceeded), the Switch will shutdown the port to all incoming traffic with the exception of STP BPDU packets, for a time period specified using the CountDown field. To view this window, click Security >...
Page 360 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Traffic Control Global Settings Traffic Control Enable sending of Storm Trap messages when the type of action taken by the Traffic Control Trap function in handling a Traffic Storm is one of the following: None –...
Page 361 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch NOTE: Traffic Control cannot be implemented on ports that are set for Link Aggregation (Port Trunking). NOTE: Ports that are in the Shutdown forever mode will be seen as Discarding in Spanning Tree windows and implementations though these ports will still be forwarding BPDUs to the Switch’s CPU.
Page 362: Port Security
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Port Security Port Security Settings A given ports’ (or a range of ports') dynamic MAC address learning can be locked such that the current source MAC addresses entered into the MAC address forwarding table can not be changed once the port lock is enabled. Setting the Admin State pull- down menu to Enabled, and clicking Apply can lock the port.
Page 363: Port Security Entries
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The number of MAC addresses that will be in the MAC address-forwarding table for the Max. Addr. (0-64) selected switch and group of ports. This pull-down menu allows you to select how the MAC address table locking will be Mode implemented on the Switch, for the selected group of ports.
Page 364: Ip-Mac-Port Binding
Switch features IP-MAC-Port Binding (IMPB), a D-Link security application used most often on edge switches directly connected to network hosts. IMPB is also an integral part of D-Link’s End-to-End Security Solution (E2ES). The primary purpose of IP-MAC-Port Binding is to restrict client access to a switch by enabling administrators to configure pairs of client MAC and IP addresses that are allowed to access networks through a switch.
Page 365: Arp Inspection
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Strict and Loose State Other than ACL and ARP mode, users can also configure the state on a port for granular control. There are two states: Strict and Loose, and only one state can be selected per port. If a port is set to Strict state, all packets entering the port are denied (dropped) by default.
Page 366: Impb Global Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 7. ARP Cache Poisoning When the user configures strict mode and enables IMPB on a port, ARP inspection is enabled. For an ARP inspection active port: All ARP packets should be captured to the CPU (including broadcast ARP and unicast ARP packets) and the CPU will make the decision to either forward or drop.
Page 367: Impb Port Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 9. IMPB Global Settings window The following parameters can be set: Parameter Description Trap / Log This field will enable and disable the sending of trap log messages for IP-MAC binding. When Enabled, the Switch will send a trap log message to the SNMP agent and the Switch log when address binding module detects illegal IP and MAC addresses.
Page 368 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 10. IMPB Port Settings window The following fields can be set or modified: Parameter Description Unit Choose the Switch ID number of the Switch in the switch stack to be modified. From/To Select a port or range of ports to set for IP-MAC-port binding.
Page 369 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch until a legal IP packet is detected. Enabled (Strict+IPv6) - Enable the IPv6 packet checking in strict mode. All packets are dropped by default until a legal IP packet is detected. Enabled (Strict+All) - Enable both IPv6 and IPv4 packet checking in strict mode.
Page 370: Impb Entry Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch IMPB Entry Settings The table on this window, which is also known as the “IMPB white list,” is used to create Static IP-MAC-Port Binding entries on the Switch. To view this window click, Security > IP-MAC-Port Binding > IMPB Entry Settings, as shown below: Figure 7- 11.
Page 371: Mac Block List
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch the port on the Switch. Ports (e.g: 1, 5, 7- Specify the switch ports or tick the All Ports check box to select all ports. Clear Type Use the pull-down menu to select the IPv4, IPv6 or All type. To view particular port settings, choose the unit - port number and click Find.
Page 372: 356
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 802.1X 802.1X Port-Based and MAC-Based Access Control The IEEE 802.1X standard is a security measure for authorizing and authenticating users to gain access to various wired or wireless devices on a specified Local Area Network by using a Client and Server based access control model. This is accomplished by using a RADIUS server to authenticate users trying to access a network by relaying Extensible Authentication Protocol over LAN (EAPOL) packets between the Client and the Server.
Page 373 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 17. The Authentication Server Authenticator The Authenticator (the Switch) is an intermediary between the Authentication Server and the Client. The Authenticator serves two purposes when utilizing 802.1X. The first purpose is to request certification information from the Client through EAPOL packets, which is the only information allowed to pass through the Authenticator before access is granted to the Client.
Page 374: Authentication Process
Figure 7- 20. The 802.1X Authentication Process The D-Link implementation of 802.1X allows network administrators to choose between two types of Access Control used on the Switch, which are: 1. Port-Based Access Control – This method requires only one user to be authenticated per port by a remote RADIUS server to allow the remaining users on the same port access to the network.
Page 375 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Port-Based Network Access Control RADIUS Server Ethernet Switch … 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X Client Client Client Client Client Client Client Client Client Network access controlled port Network access uncontrolled port Figure 7- 21.
Page 376 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch MAC-Based Network Access Control RADIUS Server Ethernet Switch … 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X Client Client Client Client Client Client Client Client Client Client Client Client...
Page 377 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Guest VLANs On 802.1x security enabled networks, there is a need for non 802.1x supported devices to gain limited access to the network, due to lack of the proper 802.1x software or incompatible devices, such as computers running Windows 98 or lower operating systems, or the need for guests to gain access to the network without full authorization.
Page 378: 802.1X Port Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 802.1X Port Settings To view this window, click Security > 802.1X > 802.1X Port Settings, as shown below: Figure 7- 24. 802.1X Port Table window To configure the settings by port, click on its corresponding Modify button, which will display the following table to configure:...
Page 379 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 25. 802.1X Port Settings window (Modify) This window allows users to set the following features: Parameter Description Unit Select the unit to configure. From/To Enter the port or ports to be set. AdmDir Sets the administrative-controlled direction to either in or both.
Page 380 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The default setting is Auto. TXPeriod (1-65535) This sets the TX Period of time for the authenticator PAE state machine. This value determines the period of an EAP Request/Identity packet transmitted to the client. The default setting is 30 seconds.
Page 381: Guest Vlan Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Guest VLAN Settings To set a Guest 802.1X VLAN, the user must first configure a normal VLAN which can be enabled here for Guest VLAN status. To view this window, click Security > 802.1X > Guest VLAN Settings, as shown below: Figure 7- 26.
Page 382 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 27. Authentication RADIUS Server Settings window This window displays the following information: Parameter Description Index Choose the desired RADIUS server to configure: First, Second or Third. Click the radio button and enter the RADIUS server IPv4 address. IPv4 Address IPv6 Address Click the radio button and enter the RADIUS server IPv6 address.
Page 383: 802.1X User Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 802.1X User Settings This window allows the user to set different local users on the Switch and set a global limitation on the maximum number of users that can be learned via 802.1X authentication. To view this window, click Security >...
Page 384 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 29. Initialize Port window (Port-based 802.1X) This window allows initialization of a port or group of ports. The Initialize Port Table in the bottom half of the window displays the current status of the port(s).
Page 385: Reauthenticate Port(S)
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch NOTE: The user must first globally enable 802.1X in the DGS-3600 Web Management Tool window before initializing ports. Information in the Initialize Ports Table cannot be viewed before enabling 802.1X. Reauthenticate Port(s) This window allows reauthentication of a port or group of ports by using the pull-down menus From and To and clicking Apply.
Page 386: Web-Based Access Control (Wac)
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch The port number of the reauthenticated port. Port Auth PAE State The Authenticator State will display one of the following: Initialize, Disconnected, Connecting, Authenticating, Authenticated, Aborting, Held, ForceAuth, ForceUnauth, and N/A. BackendState The Backend State will display one of the following: Request, Response, Success, Fail, Timeout, Idle, Initialize, and N/A.
Page 387: Wac Global Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Conditions and Limitations 1. The subnet of the authentication VLAN’s IP interface must be the same as that of the client. If no t configured properly, the authentication will be permanently denied by the authenticator. It cannot be a Guest VLAN. 2.
Page 388: Wac Port Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Toggle the State field to either Enabled or Disabled for the Web-based Access Control WAC Global State settings of the Switch. WAC Settings Method Use the pull-down menu to choose the authenticator for Web-based Access Control. The user may choose: Local –...
Page 389 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 35. WAC Port Settings window The following parameters can be configured: Parameter Description Unit Use the drop-down menu to select the unit to configure. From/To Enter the range of ports to configure. State Enable or disable the WAC port settings on the specified ports.
Page 390: Wac User Account
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch WAC User Account This window is used to set up user accounts for the Web-based Access Control. To view this window, click Security > Web-based Access Control (WAC) > WAC User Account, as shown below: Figure 7- 36.
Page 391: Wac Authentication State
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 38. Web-based Access Control Authentication Login window After successfully logging in, the user will be prompted with this window, verifying that the user has successfully authenticated the WAC port. Figure 7- 39.
Page 392: Trust Host
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description Port List Enter the ports you wish to Find or Clear. Tick the All Ports check box to select all ports. State Select the state of the ports. Choose between Authenticated, Authenticating or Blocked. Click Find to display the Host table entries or click Clear to remove an entry.
Page 393: Bpdu Attack Protection Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Use the Security IP Management to permit remote stations to manage the Switch. If you choose to define one or more designated management stations, only the chosen stations, as defined by IP address, will be allowed management privilege through the web manager or Telnet session.
Page 394: Arp Spoofing Prevention Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 42. BPDU Attack Protection Global Settings window The following parameters can be configured: Parameter Description Global State Enable or disable the BPDU attack protection global state. Trap State Enable or disable the BPDU attack trap state.
Page 395 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description Gateway IP Address Enter the gateway IP address. Gateway MAC Enter the gateway MAC address. Address Enter the port or range of ports to be configured. Alternatively, tick the All Ports check box Ports to configure all of the ports.
Page 396: Access Authentication Control
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Access Authentication Control The TACACS/XTACACS/TACACS+/RADIUS commands allow users to secure access to the Switch using the TACACS/XTACACS/TACACS+/RADIUS protocols. When a user logs in to the Switch or tries to access the administrator level privilege, he or she is prompted for a password.
Page 397: Authentication Policy And Parameter Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Authentication Policy and Parameter Settings This command will enable an administrator-defined authentication policy for users trying to access the Switch. When enabled, the device will check the Login Method List and choose a technique for user authentication upon login. To view this window, click Security >...
Page 398: Authentication Server Group
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch List and Enable Method List for authentication for users utilizing the Console (Command Line Interface) application, the Telnet application, SSH and the WEB (HTTP) application. Login Method List Using the pull-down menu, configure an application for normal login on the user level, utilizing a previously configured method list.
Page 399: Authentication Server Host
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch To add an Authentication Server Host to the list, enter its IP address in the IP Address field, choose the protocol associated with the IP address of the Authentication Server Host and click Add to Group to add this Authentication Server Host to the group. To add a user-defined group to the list, click the Add button in the Authentication Server Group window, which will display the following window.
Page 400 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 50. Authentication Server Host Setting – Add window To edit an Authentication Server Host, click the IP address hyperlink. Configure the following parameters to add or edit an Authentication Server Host: Parameter Description IP Address...
Page 401: Login Method Lists
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Login Method Lists This command will configure a user-defined or default Login Method List of authentication techniques for users logging on to the Switch. The sequence of techniques implemented in this command will affect the authentication result. For example, if a user enters a sequence of techniques, for example TACACS –...
Page 402: Enable Method Lists
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch xtacacs - Adding this parameter will require the user to be authenticated using the XTACACS protocol from a remote XTACACS server. tacacs+ - Adding this parameter will require the user to be authenticated using the TACACS+ protocol from a remote TACACS+ server.
Page 403 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 54. Enable Method List - Add window To define an Enable Login Method List, set the following parameters and click Apply: Parameter Description Method List Name Enter a method list name defined by the user of up to 15 characters. Method 1, 2, 3, 4 The user may add one, or a combination of up to four of the following authentication methods to this method list:...
Page 404: Configure Local Enable Password
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Configure Local Enable Password This window will configure the locally enabled password for the Enable Admin command. When a user chooses the "local_enable" method to promote user level privileges to administrator privileges, he or she will be prompted to enter the password configured here that is locally set on the Switch.
Page 405: Radius Accounting Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch RADIUS Accounting Settings The Accounting feature of the Switch uses a remote RADIUS server to collect information regarding events occurring on the Switch. The following is a list of information that will be sent to the RADIUS server when an event triggers the Switch to send these informational packets.
Page 406: Mac-Based Access Control
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch MAC-based Access Control The MAC-based Access Control feature will allow users to configure a list of MAC addresses, either locally or on a remote RADIUS server, to be authenticated by the Switch and given access rights based on the configurations set on the Switch of the target VLAN where these authenticated users are placed.
Page 407 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 59. MAC-based Access Control Global Settings window The following parameters may be viewed or set: Parameter Description MAC-based Access Control Global Settings Use the pull-down menu to globally enable or disable the MAC-based Access Control State function on the Switch.
Page 408: Mac-Based Access Control Local Mac Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Select the method of identification, Guest VLAN name, before entering the name of Guest VLAN Name the Guest VLAN being used for this function. Guest VLAN ID Select the method of identification, Guest VLAN ID, before entering the ID of the Guest VLAN being used for this function.
Page 409 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 7- 60. MAC-based Access Control Local MAC Settings window To set the following parameters: Parameter Description MAC Address To search for a previously configured MAC address, enter the address and click Find By MAC.
Page 410: Safeguard Engine
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Safeguard Engine Periodically, malicious hosts on the network will attack the Switch by utilizing packet flooding (ARP Storm) or other methods. These attacks may increase the Safeguard Engine beyond its capability. To alleviate this problem, the Safeguard Engine function was added to the Switch’s software.
Page 411: Safeguard Engine Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch NOTICE: When Safeguard Engine is enabled, the Switch will allot bandwidth to various traffic flows (ARP, IP) using the FFP (Fast Filter Processor) metering table to control the CPU utilization and limit traffic. This may limit the speed of routing traffic over the network. Safeguard Engine Settings To window is used to enable Safeguard Engine or configure advanced Safeguard Engine settings for the Switch.
Page 412: Traffic Segmentation
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Traffic Segmentation Traffic segmentation is used to limit traffic flow from a single port to a group of ports on either a single switch or a group of ports on another switch in a switch stack. This method of segmenting the flow of traffic is similar to using VLANs to limit traffic, but is more restrictive.
Page 413: Ssl
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description Unit/Port Use the drop-down menu to select the desired unit and port to transmit packets. Forward Port Tick the check boxes to select which of the ports on the Switch will be able to forward packets. These ports will be allowed to receive packets from the port specified above.
Page 414 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch begin with https://. (Ex. https://10.90.90.90) Any other method will result in an error and no access can be authorized for the web- based management. To view the windows for Download Certificate and Ciphersuite, click Security > SSL, as shown below: Figure 7- 66.
Page 415 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch This field will set the time between a new key exchange between a client and a host using Cache Timeout (60- 86400 sec) the SSL function. A new SSL session is established every time the client and host go through a key exchange.
Page 416: Ssh
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch SSH is an abbreviation of Secure Shell, which is a program allowing secure remote login and secure network services over an insecure network. It allows a secure login to remote host computers, a safe method of executing commands on a remote end node, and will provide secure encrypted and authenticated communication between two non-trusted hosts.
Page 417 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch To configure the SSH server on the Switch, modify the following parameters and click Apply: Parameter Description SSH Server Status Use the pull-down menu to enable or disable SSH on the Switch. The default is Disabled. Max Session (1-8) Enter a value between 1 and 8 to set the number of users that may simultaneously access the Switch.
Page 418: Ssh Authentication Mode And Algorithm Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch SSH Authentication Mode and Algorithm Settings The SSH Algorithm window allows the configuration of the desired types of SSH algorithms used authentication encryption. There are four categories of algorithms listed and specific algorithms of each may be enabled or disabled by using their corresponding pull-down menus.
Page 419: Ssh User Authentication Mode
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch encryption algorithm with Cipher Block Chaining. The default is Enabled. AES192-CBC Use the pull-down to enable or disable the Advanced Encryption Standard AES192 encryption algorithm with Cipher Block Chaining. The default is Enabled. AES256-CBC Use the pull-down to enable or disable the Advanced Encryption Standard AES-256 encryption algorithm with Cipher Block Chaining.
Page 420: Compound Authentication
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Parameter Description User Name Enter a User Name of no more than 15 characters to identify the SSH user. This User Name must be a previously configured user account on the Switch. Auth.
Page 421: Compound Authentication Global Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 802.1X & IMPB Mode This mode adds an extra layer of security by checking the IP MAC-Binding Port Binding (IMPB) table before trying one of the supported authentication methods. The IMPB Table is used to create a “white list”...
Page 422: Compound Authentication Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Compound Authentication Settings This window is used to configure the authorization mode and authentication method of individual ports. To view this window, click Security > Compound Authentication > Compound Authentication Settings, as shown below: Figure 7- 75.
Page 423: Authentication Guest Vlan Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Methods None – Specifies that multiple authentication is not enabled. Any – Specifies that a client will gain access if it passes any of the authentication methods (802.1X, MAC, or JWAC). 802.1X+IMPB –...
Page 424: Japanese Web-Based Access Control (Jwac)
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Japanese Web-based Access Control (JWAC) The JWAC folder contains six windows: JWAC Global Configuration, JWAC Port Settings, JWAC User Account, JWAC Host Information, JWAC Customize Page Language Settings and JWAC Customize Page. JWAC Global Settings Use this window to enable and configure Japanese Web-based Access Control on the Switch.
Page 425 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch To set JWAC for the Switch, complete the following fields: Parameter Description JWAC Global Settings JWAC Global State Use this drop-down menu to either enable or disable JWAC on the Switch. JWAC Settings Forcible Logout This parameter enables or disables JWAC Forcible Logout.
Page 426: Jwac Port Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch This parameter is used to set the Quarantine Server Error Timeout. When the Quarantine Error Timeout (5-300 sec) Server Monitor is enabled, the JWAC Switch will periodically check if the Quarantine works okay.
Page 427 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch To configure individual JWAC port settings, click the Add button, the following window will be displayed. Figure 7- 80. JWAC Port Settings window (Add) To configure the settings by port, click on the corresponding Modify button, which will display the following window: Figure 7- 81.
Page 428: Jwac User Account
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Host (0-50) allowed on each port at the same time. Aging Time This parameter specifies the period of time a host will keep in authenticated state after it successes to authenticate. Enter a value between 1 and 1440 minutes. The default setting is (1-1440 min) 1440 minutes.
Page 429: Jwac Authentication State
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch New Password Enter the password of the user. This field is case-sensitive and must be a complete alphanumeric string. Confirm New Retype the password entered in the previous field. Password Click Apply to implement changes made.
Page 430: Jwac Customize Page
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch JWAC Customize Page This window is used to customize the JWAC feature. To view this window, click Security > Japanese Web-based Access Control (JWAC) > JWAC Customize Page, as shown below: Figure 7- 86.
Page 431: Monitoring
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Section 8 Monitoring Device Status Stacking Information Stacking Device Module Information DRAM & Flash Utilization CPU Utilization Port Utilization Packets Errors Packet Size Browse Router Port Browse MLD Router Port VLAN Status VLAN Status Port Port Access Control...
Page 432: Device Status
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Device Status This window displays status information for Internal Power, External Power, Side Fan, and Back Fan. To view the Device Status window, click Monitoring > Device Status, as shown below: Figure 8- 1.
Page 433: Module Information
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Module Information This window displays module information of the Switch, including the module name, Revision Number, Serial Number and description. To view the Module Information window, click Monitoring > Module Information, as shown below: Figure 8- 4.
Page 434: Cpu Utilization
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch CPU Utilization This window displays the percentage of the CPU being used, expressed as an integer percentage and calculated as a simple average by time interval. To view this window, click Monitoring > CPU Utilization, as shown below: Figure 8- 6.
Page 435: Port Utilization
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Port Utilization This window displays the percentage of the total available bandwidth being used on the port. To view the port utilization, click Monitoring > Port Utilization, as shown below: Figure 8- 7.
Page 436: Packets
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Packets The Web Manager allows various packet statistics to be viewed as either a line graph or a table. Six windows are offered. Received (RX) To view the Received (RX) window, click Monitoring > Packets > Received (RX), as shown below: Figure 8- 8.
Page 437 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 9. RX Packets Analysis window (table for Bytes and Packets) The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.
Page 438: Umb_Cast (Rx)
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch UMB_cast (RX) To view the UMB_cast (RX) window, click Monitoring > Packets > UMB_cast (RX), as shown below: Figure 8- 10. RX Packets Analysis window (line graph for Unicast, Multicast, and Broadcast Packets) To view the UMB Cast Table, click the View Table link, which will show the following table:...
Page 439 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 11. RX Packets Analysis window (table for Unicast, Multicast, and Broadcast Packets) The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.
Page 440: Transmitted (Tx)
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Transmitted (TX) To view this window, click Monitoring > Packets > Transmitted (TX), as shown below: Figure 8- 12. TX Packets Analysis window (line graph for Bytes and Packets) To view the Transmitted (TX) Table, click the link View Table, which will show the following table:...
Page 441 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 13. TX Packets Analysis window (table for Bytes and Packets) The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.
Page 442: Errors
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Errors The Web Manager allows port error statistics compiled by the Switch's management agent to be viewed as either a line graph or a table. Four windows are offered. Received (RX) To view this window, click Monitoring >...
Page 443 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 15. RX Error Analysis window (table) The following fields can be set: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.
Page 444: Transmitted (Tx)
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Incremented for each multicast packet that is discared. MultiDr VLANIngDr Incremented for each packet that is discarded by VLAN ingress checking. Show/Hide Check whether or not to display CRC Error, Under Size, Over Size, Fragment, Jabber, and Drop errors.
Page 445 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 17. TX Error Analysis window (table) The following fields may be set or viewed: Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.
Page 446: Packet Size
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Packet Size The Web Manager allows packets received by the Switch, arranged in six groups and classed by size, to be viewed as either a line graph or a table. Two windows are offered. To view this table, click Monitoring >...
Page 447 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 19. TX/RX Packet Size Analysis window (table) The following fields can be set or viewed: Parameter Description Select the desired setting between 1s and 60s, where "s" stands for seconds. The default Time Interval value is one second.
Page 448: Browse Router Port
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch octets in length inclusive (excluding framing bits but including FCS octets). 1024-1518 The total number of packets (including bad packets) received that were between 1024 and 1518 octets in length inclusive (excluding framing bits but including FCS octets). Show/Hide Check whether or not to display 64, 65-127, 128-255, 256-511, 512-1023, and 1024-1518 packets received.
Page 449: Browse Mld Router Port
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Browse MLD Router Port This displays which of the Switch’s ports are currently configured as router ports in IPv6. A router port configured by a user (using the console or Web-based management interfaces) is displayed as a static router port, designated by S. A router port that is dynamically configured by the Switch is designated by D and a Forbidden port is designated by F.
Page 450: Vlan Status
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch VLAN Status This allows the VLAN status for each of the Switch's ports to be viewed by VLAN. This window displays the ports on the Switch that are currently Egress (E) or Tag (T) ports. To view the next VLAN in the list, click the Next button. To view this window, click Monitoring >...
Page 451: Port Access Control
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Port Access Control The following windows are used to monitor 802.1X statistics of the Switch, on a per port basis. To view the Port Access Control windows, click monitoring > Port Access Control. There are six windows to monitor. NOTE: The Authenticator State cannot be viewed on the Switch unless 802.1X is enabled by port or by MAC address.
Page 452: Authenticator Statistics
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Authenticator Statistics This table contains the statistics objects for the Authenticator PAE associated with a port. Enter a port or range of ports, or tick the All Ports check box. To view the Authenticator Statistics, click Monitoring >...
Page 453 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 26. Authenticator Statistics Detail Table window The following fields can be viewed: Parameter Description The identification number assigned to the Port by the System in which the Port resides. Port/Port Number MAC Address EapolFramesRX...
Page 454: Authenticator Session Statistics
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Authenticator Session Statistics This table contains the session statistics objects for the Authenticator PAE associated with each port. An entry appears in this table for each port that supports the Authenticator function. Enter a port or range of ports, or tick the All Ports check box. To view the Authenticator Session Statistics, click Monitoring >...
Page 455 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 28. Authenticator Session Statistics Detail Table window The following fields can be viewed: Parameter Description Port/Port Number The identification number assigned to the Port by the System in which the Port resides. MAC Address The MAC address of the Switch where the port resides.
Page 456: Authenticator Diagnostics
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 7) Port Administratively Disabled 8) Not Terminated Yet SessionUserName The User-Name representing the identity of the Supplicant PAE. Authenticator Diagnostics This table contains the diagnostic information regarding the operation of the Authenticator associated with each port. An entry appears in this table for each port that supports the Authenticator function.
Page 457 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 30. Authenticator Diagnostics Detail Table window The following fields can be viewed: Parameter Description Port/Port Number The identification number assigned to the Port by the System in which the Port resides. MAC Address The MAC address of the Switch where the port resides.
Page 458 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Counts the number of times that the state machine transitions from FailWhileAuthenticating AUTHENTICATING to HELD, as a result of the Backend Authentication state machine indicating authentication failure (authFail = TRUE). ReauthsWhileAuthenticating Counts the number of times that the state machine transitions from AUTHENTICATING to ABORTING, as a result of a reauthentication...
Page 459: Radius Authentication
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Reject message from the Authentication Server (i.e., aFail becomes TRUE, causing a transition from RESPONSE to FAIL). Indicates that the Supplicant has not authenticated to the Authentication Server. RADIUS Authentication This table contains information concerning the activity of the RADIUS authentication client on the client side of the RADIUS authentication protocol.
Page 460: Radius Account Client
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch AccessRejects The number of RADIUS Access-Reject packets (valid or invalid) received from this server. AccessChallenges The number of RADIUS Access-Challenge packets (valid or invalid) received from this server. AccessResponses The number of malformed RADIUS Access-Response packets received from this server. Malformed packets include packets with an invalid length.
Page 461 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch ServerIndex The identification number assigned to each RADIUS Accounting server that the client shares a secret with. InvalidServerAddr The number of RADIUS Accounting-Response packets received from unknown addresses. Identifier The NAS-Identifier of the RADIUS accounting client. (This is not necessarily the same as sysName in MIB II.) ServerAddress The (conceptual) table listing the RADIUS accounting servers with which the client shares a...
Page 462: Mac Address Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch MAC Address Table This allows the Switch's dynamic MAC address forwarding table to be viewed. When the Switch learns an association between a MAC address and a port number, it makes an entry into its forwarding table. These entries are then used to forward packets through the Switch.
Page 463: Igmp Snooping Group
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch IGMP Snooping Group IGMP Snooping allows the Switch to read the Multicast Group IP address and the corresponding MAC address from IGMP packets that pass through the Switch. To view this window, click Monitoring > IGMP Snooping Group, as shown below: Figure 8- 34.
Page 464: Mld Snooping Group
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch MLD Snooping Group The following window allows the user to view MLD Snooping Groups present on the Switch. MLD Snooping is an IPv6 function comparable to IGMP Snooping for IPv4. The user may browse this table by VLAN Name present in the switch by entering that VLAN Name in the empty field shown below, and clicking the Find button.
Page 465: Trace Route
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Trace Route The following window will aid the user in back tracing the route taken by a packet before arriving at the Switch. When initiated, the Trace Route program will display the IP addresses of the previous hops a packet takes from the Target IP Address entered in the window, until it reaches the Switch.
Page 466: Trace Route Ipv6 Route
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Trace Route IPv6 Route To view this window, click Monitoring > Trace Route > Trace IPv6 Route, as shown below: Figure 8- 37. Trace IPv6 Route window To trace the route of a packet, set the following parameters located in this window, and click Start. Parameter Description Enter the IP address of the computer to be traced.
Page 467: Igmp Snooping Forwarding
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch IGMP Snooping Forwarding The IGMP Snooping Forwarding table displays the current multicast traffic that the device has received and which ports it should forward. To view this window, click Monitoring > IGMP Snooping Forwarding, as shown below: Figure 8- 38.
Page 468: Mld Snooping Forwarding
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch MLD Snooping Forwarding The MLD Snooping Forwarding table displays the current multicast traffic entries that the device has received and which ports it should be forwarded to. To view this window, click Monitoring > MLD Snooping Forwarding, as shown below: Figure 8- 39.
Page 469: Routing Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Routing Table Browse Routing Table This window shows the current IP routing table of the Switch. To find a specific IP route, enter an IP address along with a proper subnet mask in the two fields offered and click Find.
Page 470: Browse Ip Multicast Interface Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 43. IP Multicast Forwarding Table window Browse IP Multicast Interface Table This window will show current IP multicasting interfaces located on the Switch. To search a specific entry, enter a multicast interface name into the Interface Name field or choose a Protocol from the pull down list and click Find.
Page 471: Browse Dvmrp Routing Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Browse DVMRP Routing Table Multicast routing information is gathered and stored by DVMRP in the DVMRP Routing Table, this window, contains one row for each port in a DVMRP mode. Each routing entry contains information about the source and multicast group, and incoming and outgoing interfaces.
Page 472: Pim Monitor
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 48. DVMRP Routing Next Hop Table window PIM Monitor Multicast routers use Protocol Independent Multicast (PIM) to determine which other multicast routers should receive multicast packets. To find out more information concerning PIM and its configuration on the Switch, see the IP Multicast Routing Protocol chapter of Section 6, Configuration.
Page 473: Ospf Monitor
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 51. PIM RP Set Table window OSPF Monitor This section offers windows regarding OSPF (Open Shortest Path First) information on the Switch, including the OSPF LSDB Table, OSPF Neighbor Table and the OSPF Virtual Neighbor Table. OSPF Browse OSPF LSDB Table The OSPF LSDB Table displays the current link-state database in use by the OSPF routing protocol on a per-OSPF area basis.
Page 474: Browse Ospf Neighbor Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch (Summary), Autonomous System link (ASSummary), Autonomous System external link (ASExternal), and NSSA_EXT (Not So Stubby Area external) Link State ID This field identifies the portion of the Internet environment that is being described by the advertisement.
Page 475: Ospfv3
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Allows the entry of an OSPF Area ID − previously defined on the Switch − that allows a Transit Area ID remote area to communicate with the backbone (area 0). A Transit Area cannot be a Stub Area or a Backbone Area.
Page 476 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 57. OSPFv3 LSDB Link LSA Interface Table window Browse OSPFv3 Neighbor Table Routers that are connected to the same area or segment become neighbors in that area. Neighbors are elected via the Hello protocol.
Page 477: Switch Logs
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Switch Logs The Web manager allows the Switch's history log, as compiled by the Switch's management agent, to be viewed. To view the Switch history log, click Monitoring > Switch Logs, as shown below: Figure 8- 60.
Page 478: Session Table
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 61. ARP Table window Session Table This window is used to display the current session table. To view this window, click Monitoring > Session Table, as shown below: Figure 8- 62.
Page 479 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Figure 8- 63. MAC-based Access Control Authentication State Table Settings window The The following fields can be configured: Parameter Description Enter the range of ports you wish to clear and click Clear, to clear all ports check the All Ports Ports (e.g:1,5,7- check box before clicking Clear.
Page 480: Switch Maintenance
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Section 9 Switch Maintenance Reset Reboot System Save Services Logout Reset The Reset function has several options when resetting the Switch. Some of the current configuration parameters can be retained while resetting all other configuration parameters to their factory defaults.
Page 481: Save Services
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Save Services The following three windows will aid the user in saving configurations to the Switch’s memory. Save Changes The Switch has two levels of memory, normal RAM and non-volatile or NV-RAM. Configuration changes are made effective clicking the Save button.
Page 482: Current Configuration Settings
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Current Configuration Settings The Current Configuration Settings window allows users to manipulate configuration images saved in the Flash memory of the Switch. To view this window, click Save Services > Current Configuration Settings, as shown below: Figure 9- 5.
Page 483: Technical Specifications
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Appendix A Technical Specifications General IEEE 802.3 10BASE-T Ethernet Protocols IEEE 802.3u 100BASE-TX Fast Ethernet IEEE 802.3ab 1000BASE-T Gigabit Ethernet IEEE 802.3z 1000BASE-T (SFP “Mini GBIC”) IEEE 802.1D Spanning Tree IEEE 802.1s Multiple Spanning Tree IEEE 802.1w Rapid Spanning Tree IEEE 802.1Q VLAN...
Page 484 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch 3 available slots for optional 10GE modules DGS-3650: 48 x 10/100/1000 Mbps ports 4 x 1000Mbps Combo SFP Ports 2 available slots for optional 10GE modules DGS-3612G: 12 x 100/1000Mbps SFP ports 4 x Combo 10/100/1000Mbps ports DGS-3612: 12 x 10/100/1000Mbps copper ports...
Page 485 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch MAC Address Learning Automatic update. Supports 16K MAC address. Priority Queues 8 Priority Queues per port. Forwarding Table Age Time Max age: 10-1000000 seconds. Default = 300.
Page 486: Cables And Connectors
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Appendix B Cables and Connectors When connecting the Switch to another switch, a bridge or hub, a normal cable is necessary. Please review these products for matching cable pin assignment. The following diagrams and tables show the standard RJ-45 receptacle/connector and their pin assignments.
Page 487: System Log Entries
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Appendix C System Log Entries The following table lists all possible entries and their corresponding meanings that will appear in the System Log of this Switch. Category Event Description Log Content Severity Remark System warm start...
Page 488 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark (Username: , shown in log string, which IP: ) means if the user logs in through the console, no IP or MAC address information will be included in the log.
Page 489 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark If the user logs in through the Successful login through Successful login console, no IP or MAC Console (Username: Informational Console through Console address information will be ) included in the log.
Page 490 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark SNMP request received SNMP request from with invalid received with invalid Informational SNMP community string! community string Topology changed [([Instance:], Topology changed Informational port:<[unitID:] portNum>, MAC: )
Page 491 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark Spanning Tree MST configuration ID VLAN Spanning Tree MST mapping table changed configuration ID Informational (instance: VLAN mapping add vlan [- table added ]) Spanning Tree MST...
Page 492 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark Login failed through Web Login failed through from Web authenticated authenticated by AAA local Warning by AAA local method (Username: method ) Successful login through Successful login Web (SSL) from ...
Page 493 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark Successful login through Successful login Telnet from through Telnet authenticated by AAA none Informational authenticated by method (Username: AAA none method ) Successful login through Successful login SSH from ...
Page 494 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark Login failed through Login failed through Web(SSL) from Web (SSL) due to due to AAA server timeout AAA server timeout Warning or improper configuration or improper (Username: ) configuration...
Page 495 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark Enable Admin failed Enable Admin failed through Web from through Web authenticated by AAA authenticated by Warning local_enable method AAA local_enable (Username: ) method Successful Enable Admin Successful Enable...
Page 496 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark Successful Enable Admin Successful Enable through Telnet from Admin through authenticated by Telnet authenticated Informational AAA none method by AAA none (Username: ) method Successful Enable Admin Successful Enable...
Page 497 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark Enable Admin failed Enable Admin failed through Web (SSL) from through Web (SSL) due to AAA due to AAA server Warning server timeout or improper timeout or improper configuration (Username: configuration...
Page 498 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark Safeguard Engine enters Safeguard Engine is Safeguard Informational NORMAL mode in normal mode Engine Safeguard Engine is Safeguard Engine enters in filtering packet Warning EXHAUSTED mode mode...
Page 499 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark user limit in a time interval. JWAC authenticated user (Username: , IP: When a client host has , MAC: JWAC authenticated Warning , Port: successfully.
Page 500 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Category Event Description Log Content Severity Remark Dynamic IMPB entry is conflict with static FDB(IP: Dynamic IMPB , MAC: entry is in conflict Warning , Port with static FDB <[unitID:]portNum>) Dynamic IMPB entry is conflict with static ARP(IP: Dynamic IMPB...
Page 501: Module Specs And Cable Lengths
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Appendix D Module Specs and Cable Lengths Use the following table to as a guide for the module specs and maximum cable lengths. Standard Media Type Maximum Distance Mini-GBIC 1000BASE-LX, Single-mode fiber module 10km 1000BASE-SX, Multi-mode fiber module 550m / 2km...
Page 502: Password Recovery Procedure
This section will explain how the Password Recovery feature can help network administrators reach this goal. The following steps explain how to use the Password Recovery feature on D-Link devices to easily recover passwords. Complete these steps to reset the password: For security reasons, the Password Recovery feature requires the user to physically access the device.
Page 503 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch In the “Password Recovery Mode” only the following commands can be used. Command Parameters reset config This command resets the whole configuration back to the default values. reboot This command exits the Reset Password Recovery Mode and restarts the switch.
Page 504: Radius Attributes Assignment
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Appendix F RADIUS Attributes Assignment The RADIUS Attributes Assignment on the Switch is used in the following modules: 802.1X (Port-based and MAC-based), Web- based Access Control (WAC), Japanese Web-based Access Control (JWAC), and MAC-based Access Control. The description that follows explains the following RADIUS Attributes Assignment types: Ingress/Egress Bandwidth 802.1p Default Priority...
Page 505 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch To assign 802.1p default priority by RADIUS Server, the proper parameters should be configured on the RADIUS Server. The tables below show the parameters for 802.1p default priority. The parameters of the Vendor-Specific attributes are: Vendor-Specific Attribute Description Value...
Page 506 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch If the user has configured the VLAN attribute of the RADIUS server (for example, VID 3) and the 802.1X, or MAC-based Access Control authentication is successful, the port will be added to VLAN 3. However, if the user does not configure the VLAN attribute and authenticates successfully, the port will be kept in its original VLAN.
Page 507: Glossary
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Glossary 1000BASE-SX: A short laser wavelength on multimode fiber optic cable for a maximum length of 2000 meters 1000BASE-LX: A long wavelength for a "long haul" fiber optic cable for a maximum length of 10 kilometers 100BASE-FX: 100Mbps Ethernet implementation over fiber.
Page 508 ® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch latency: The delay between the time a device receives a packet and the time the packet is forwarded out of the destination port. line speed: See baud rate. main port: The port in a resilient link that carries data traffic in normal operating conditions. MDI - Medium Dependent Interface: An Ethernet port connection where the transmitter of one device is connected to the receiver of another device.
Page 509 The customer must submit with the product as part of the claim a written description of the Hardware defect or Software nonconformance in sufficient detail to allow D-Link to confirm the same, along with proof of purchase of the product (such as a copy of the dated purchase invoice for the product) if the product is not registered.
Page 510 DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch D-Link may reject or return any product that is not packaged and shipped in strict compliance with the foregoing requirements, or for which an RMA number is not visible from the outside of the package. The product owner agrees to pay D-Link’s reasonable handling and return shipping charges for any product that is not packaged and shipped in accordance with the foregoing requirements, or that is determined by D-Link not to be defective or non-conforming.
Page 511: Product Registration
® xStack DGS-3600 Series Layer 3 Managed Gigabit Ethernet Switch Product Registration Register your D-Link product online at Hhttp://support.dlink.com/register/ Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights.
Page 512 D-Link will then provide you with a Limited Lifetime Warranty reference number for this product. Please retain your original dated proof of purchase with a note of the serial number, and Limited Lifetime Warranty reference number together with this warranty statement and place each document in a safe location. When you make a warranty claim on a defective product, you may be asked to provide this information.
Page 513: Limited Warranty
To the extent allowed by local law, the remedies in this warranty statement are customer’s sole and exclusive remedies. Except as indicated above, in no event will D-Link or its suppliers be liable for loss of data or for indirect, special, incidental, consequential (including lost profit or data), or other damage, whether based in a contract, tort, or otherwise.
Page 514 D-Link at an Authorized D-Link Service Office. The replacement Hardware need not be new or of an identical make, model or part; D-Link may in its discretion may replace the defective Hardware (or any part thereof) with any reconditioned product that D-Link reasonably determines is substantially equivalent (or superior) in all material respects to the defective Hardware.
Page 515 The packaged product shall be insured and shipped to Authorized D-Link Service Office with all shipping costs prepaid. D-Link may reject or return any product that is not packaged and shipped in strict compliance with the foregoing requirements, or for which an RMA number is not visible from the outside of the package.
Page 516: Copyright Statement
D-Link Corporation/D-Link Systems, Inc. All other trademarks belong to their respective proprietors. Copyright Statement No part of this publication may be reproduced in any form or by any means or used to make any derivative such as translation, transformation, or adaptation without permission from D-Link Corporation/D-Link Systems Inc., as...
Page 517: Technical Support
Technical Support 16B15B14B13B12B11B10B9B8B7B6B5B4B3B2B1B0B Technical Support You can find software updates and user documentation on the D-Link website. D-Link provides free technical support for customers within the United States and within Canada for the duration of the service period, and warranty confirmation service, during the warranty period on this product.
Page 518 BT 10ppm (UK Pence per minute), other carriers may vary. Times Mon-Fri 9.00am - 6.00pm Sat 10.00am - 2.00pm +1890 886 899 (Ireland) € 0.05ppm peak, €0.045ppm off peak Times Mon-Fri 9.00am - 6.00pm Sat 10.00am - 2.00pm D-Link UK & Ireland Technical Support over the Internet: http://www.dlink.co.uk ftp://ftp.dlink.co.uk...
Page 519 Technische Unterstützung Aktualisierte Versionen von Software und Benutzerhandbuch finden Sie auf der Website von D-Link. D-Link bietet kostenfreie technische Unterstützung für Kunden innerhalb Deutschlands, Österreichs, der Schweiz und Osteuropas. Unsere Kunden können technische Unterstützung über unsere Website, per E-Mail oder telefonisch anfordern.
Page 520: Assistance Technique
Vous trouverez la documentation et les logiciels les plus récents sur le site web D-Link. Vous pouvez contacter le service technique de D-Link par notre site internet ou par téléphone. Assistance technique D-Link par téléphone: 0 820 0803 03 0,12 €/min...
Page 521 Puede encontrar las últimas versiones de software así como documentación técnica en el sitio web de D-Link. D-Link ofrece asistencia técnica gratuita para clientes residentes en España durante el periodo de garantía del producto. Asistencia Técnica de D-Link por teléfono: +34 902 30 45 45 0,067 €/min...
Page 522 Supporto tecnico Gli ultimi aggiornamenti e la documentazione sono disponibili sul sito D-Link. Supporto Tecnico dal lunedì al venerdì dalle ore 9.00 alle ore 19.00 con orario continuato Telefono: 199400057 Web: http://www.dlink.it/support...
Page 523 Technical Support You can find software updates and user documentation on the D-Link website. D-Link provides free technical support for customers within Benelux for the duration of the warranty period on this product. Benelux customers can contact D-Link technical support through our website, or by phone.
Page 524: Pomoc Techniczna
Pomoc techniczna Najnowsze wersje oprogramowania i dokumentacji użytkownika można znaleźć w serwisie internetowym firmy D-Link. D-Link zapewnia bezpłatną pomoc techniczną klientom w Polsce w okresie gwarancyjnym produktu. Klienci z Polski mogą się kontaktować z działem pomocy technicznej firmy D-Link za pośrednictwem Internetu lub telefonicznie.
Page 525 Technická podpora Aktualizované verze software a uživatelských příruček najdete na webové stránce firmy D-Link. D-Link poskytuje svým zákazníkům bezplatnou technickou podporu Zákazníci mohou kontaktovat oddělení technické podpory přes webové stránky, mailem nebo telefonicky Telefon: 225 281 553 Land Line 1,78 CZK/min - Mobile 5.40 CZK/min Telefonická...
Page 526 Technikai Támogatás Meghajtó programokat és frissítéseket a D-Link Magyarország weblapjáról tölthet le. Tel: 06 1 461-3001 Fax: 06 1 461-3004 Land Line 14,99 HUG/min - Mobile 49.99,HUF/min Web: http://www.dlink.hu E-mail: [email protected]...
Page 527 Teknisk Support Du kan finne programvare oppdateringer og bruker dokumentasjon på D-Links web sider. D-Link tilbyr sine kunder gratis teknisk support under produktets garantitid. Kunder kan kontakte D-Links teknisk support via våre hjemmesider, eller på tlf. D-Link Teknisk telefon Support:...
Page 528 Teknisk Support Du finder software opdateringer og bruger- dokumentation på D-Link’s hjemmeside. D-Link tilbyder gratis teknisk support til kunder i Danmark i hele produktets garantiperiode. Danske kunder kan kontakte D-Link’s tekniske support via vores hjemmeside eller telefonisk. D-Link teknisk support over telefonen: Tlf.
Page 529 Teknistä tukea asiakkaille Suomessa D-Link tarjoaa teknistä tukea asiakkailleen. Tuotteen takuun voimassaoloajan. Tekninen tuki palvelee seuraavasti: numerosta : 0800-114 677 Arkisin klo. 9 - 21 Internetin kautta: Web: http://www.dlink.fi...
Page 530 Teknisk Support På vår hemsida kan du hitta mer information om mjukvaru uppdateringar och annan användarinformation. D-Link tillhandahåller teknisk support till kunder i Sverige under hela garantitiden för denna produkt. D-Link Teknisk Support via telefon: 0770-33 00 35 Vardagar 08.00-20.00 D-Link Teknisk Support via Internet: Web: http://www.dlink.se...
Page 531 Você pode encontrar atualizações de software e documentação de utilizador no site de D-Link Portugal http://www.dlink.pt. A D-Link fornece suporte técnico gratuito para clientes no Portugal durante o período de vigência de garantia deste produto. Assistência Técnica da D-Link na Internet: Web: http://www.dlink.pt...
Page 532 Τεχνική Υποστήριξη Μπορείτε να βρείτε software updates και πληροφορίες για τη χρήση των προϊόντων στις ιστοσελίδες της D-Link Η D-Link προσφέρει στους πελάτες της δωρεάν υποστήριξη στον Ελλαδικό χώρο Μπορείτε να επικοινωνείτε με το τμήμα τεχνικής υποστήριξης μέσω της ιστοσελίδας ή μέσω τηλεφώνου...
Page 533 Tehnička podrška Hvala vam na odabiru D-Link proizvoda. Za dodatne informacije, podršku i upute za korištenje uređaja, molimo vas da posjetite D-Link internetsku stranicu na www.dlink.eu Web: www.dlink.biz/hr...
Page 534 Tehnična podpora Zahvaljujemo se vam, ker ste izbrali D-Link proizvod. Za vse nadaljnje informacije, podporo ter navodila za uporabo prosimo obiščite D-Link - ovo spletno stran www.dlink.eu Web: www.dlink.biz/sl...
Page 535 Suport tehnica Vă mulţumim pentru alegerea produselor D-Link. Pentru mai multe informaţii, suport şi manuale ale produselor vă rugăm să vizitaţi site-ul D- Link www.dlink.eu Web: www.dlink.ro...
Page 536 Technical Support You can find software updates and user documentation on the D-Link website. Tech Support for customers in Australia: Tel: 1300-766-868 Monday to Friday 8:00am to 8:00pm EST Saturday 9:00am to 1:00pm EST http://www.dlink.com.au e-mail: [email protected] India: Tel: 1800-222-002 Monday to Friday 9:30AM to 7:00PM http://www.dlink.co.in/support/productsupport.aspx...
Page 537 Technical Support You can find software updates and user documentation on the D-Link website. Tech Support for customers in Egypt: Tel: +202-2919035 or +202-2919047 Sunday to Thursday 9:00am to 5:00pm http://support.dlink-me.com e-mail: [email protected] Iran: Tel: +98-21-88822613 Sunday to Thursday 9:00am to 6:00pm http://support.dlink-me.com...
Page 538 Техническая поддержка Обновления программного обеспечения и документация доступны на Интернет-сайте D-Link. D-Link предоставляет бесплатную поддержку для клиентов в течение гарантийного срока. Клиенты могут обратиться в группу технической поддержки D-Link по телефону или через Интернет. Техническая поддержка D-Link: +495-744-00-99 Техническая поддержка через Интернет...
Page 539 El servicio de soporte técnico tiene presencia en numerosos países de la Región Latino América, y presta asistencia gratuita a todos los clientes de D-Link, en forma telefónica e internet, a través de la casilla [email protected] Soporte Técnico Help Desk Argentina: Teléfono: 0800-12235465 Lunes a Viernes 09:00 am a 22:00 pm...
Page 540 Você pode encontrar atualizações de software e documentação de usuário no site da D-Link Brasil www.dlinkbrasil.com.br. A D-Link fornece suporte técnico gratuito para clientes no Brasil durante o período de vigência da garantia deste produto. Suporte Técnico para clientes no Brasil: Telefone São Paulo +11-2185-9301...
Page 541 D-Link 友訊科技台灣分公司技術支援資訊如果您還有任何本使用手冊無法協助您解決的產品相關問題，台灣地區用戶可以透過我們的網站、電子郵件或電話等方式與D-Link台灣地區技術支援工程師聯絡。 D-Link 免付費技術諮詢專線 0800-002-615 服務時間：週一至週五，早上8:30到晚上9:00 (不含周六、日及國定假日) 網站：http://www.dlink.com.tw 電子郵件：[email protected] 如果您是台灣地區以外的用戶，請參考D-Link網站全球各地分公司的聯絡資訊以取得相關支援服務。產品保固期限、台灣區維修據點查詢，請參考以下網頁說明： http://www.dlink.com.tw...
Page 542 Dukungan Teknis Update perangkat lunak dan dokumentasi pengguna dapat diperoleh pada situs web D-Link. Dukungan Teknis untuk pelanggan: Dukungan Teknis D-Link melalui telepon: Tel: +62-21-5731610 Dukungan Teknis D-Link melalui Internet: Email : [email protected] Website : http://support.dlink.co.id...
Page 543 技术支持您可以在 D-Link 的官方網站找到產品的軟件升級和使用手冊办公地址：北京市东城区北三环东路 36 号环球贸易中心 B 座 26F 02- 05 室邮编: 100013 技术支持中心电话：8008296688/ (028)66052968 技术支持中心传真：(028)85176948 维修中心地址：北京市东城区北三环东路 36 号环球贸易中心 B 座 26F 02-05 室邮编: 100013 维修中心电话：(010) 58257789 维修中心传真：(010) 58257790 网址：http://www.dlink.com.cn 办公时间：周一到周五，早09:00到晚18:00...
Page 544: International Offices
FAX: +46 (0)8 564 619 01 P.O.B. 2148, Hertzelia-Pituach Europe (U. K.) URL: www.dlink.gr URL: www.dlink.se 46120 D-Link (Europe) Ltd Israel D-Link House, Abbey Road Hungary Switzerland TEL: +972-9-9715700 Park Royal, London NW10 7BX Rákóczi út 70-72 Glatt Tower, 2.OG FAX: +972-9-9715601...
Page 545: Registration Card
8. What category best describes your company? Aerospace Engineering Education Finance Hospital Legal Insurance/Real Estate Manufacturing Retail/Chainstore/Wholesale Government Transportation/Utilities/Communication System house/company Other________________________________ 9. Would you recommend your D-Link product to a friend? Don't know yet 10.Your comments on this product? ______________________________________________________________________...
Page 546 Optional Optional Module Module Slots Slots...

This manual is also suitable for:

Xstack dgs-3627 series Xstack dgs-3627g series Xstack dgs-3650 series Xstack dgs-3600 series Xstack dgs-3612 series

D-Link DGS-3612G - xStack Switch Reference Manual

Web-Based Switch Configuration

Administration

L2 Features

L3 Features

Qos

Acl

Security

Quick Links

Related Manuals for D-Link DGS-3612G - xStack Switch

Summary of Contents for D-Link DGS-3612G - xStack Switch