Ir para a página of
Manuais similares
-
Switch
TP-Link TL-SL2428
28 páginas 2.81 mb -
Switch
TP-Link TL-SG1016D
28 páginas 4.66 mb -
Switch
TP-Link TL-SL3226P
22 páginas 1.07 mb -
Switch
TP-Link TL-SG5412F
32 páginas 4.63 mb -
Switch
TP-Link TL-SL1226
24 páginas 4.91 mb -
Switch
TP-Link TD-8816
55 páginas 1.08 mb -
Switch
TP-Link TL-SL2226P
32 páginas 2.7 mb -
Switch
TP-Link Tl-SB2216
32 páginas 3.15 mb
Bom manual de uso
As regras impõem ao revendedor a obrigação de fornecer ao comprador o manual com o produto TP-Link TL-SG3424P. A falta de manual ou informações incorretas fornecidas ao consumidor são a base de uma queixa por não conformidade do produto com o contrato. De acordo com a lei, pode anexar o manual em uma outra forma de que em papel, o que é frequentemente utilizado, anexando uma forma gráfica ou manual electrónicoTP-Link TL-SG3424P vídeos instrutivos para os usuários. A condição é uma forma legível e compreensível.
O que é a instrução?
A palavra vem do latim "Instructio" ou instruir. Portanto, no manual TP-Link TL-SG3424P você pode encontrar uma descrição das fases do processo. O objetivo do manual é instruir, facilitar o arranque, a utilização do equipamento ou a execução de determinadas tarefas. O manual é uma coleção de informações sobre o objeto / serviço, um guia.
Infelizmente, pequenos usuários tomam o tempo para ler o manual TP-Link TL-SG3424P, e um bom manual não só permite conhecer uma série de funcionalidades adicionais do dispositivo, mas evita a formação da maioria das falhas.
Então, o que deve conter o manual perfeito?
Primeiro, o manual TP-Link TL-SG3424P deve conte:
- dados técnicos do dispositivo TP-Link TL-SG3424P
- nome do fabricante e ano de fabricação do dispositivo TP-Link TL-SG3424P
- instruções de utilização, regulação e manutenção do dispositivo TP-Link TL-SG3424P
- sinais de segurança e certificados que comprovam a conformidade com as normas pertinentes
Por que você não ler manuais?
Normalmente, isso é devido à falta de tempo e à certeza quanto à funcionalidade específica do dispositivo adquirido. Infelizmente, a mesma ligação e o arranque TP-Link TL-SG3424P não são suficientes. O manual contém uma série de orientações sobre funcionalidades específicas, a segurança, os métodos de manutenção (mesmo sobre produtos que devem ser usados), possíveis defeitos TP-Link TL-SG3424P e formas de resolver problemas comuns durante o uso. No final, no manual podemos encontrar as coordenadas do serviço TP-Link na ausência da eficácia das soluções propostas. Atualmente, muito apreciados são manuais na forma de animações interessantes e vídeos de instrução que de uma forma melhor do que o o folheto falam ao usuário. Este tipo de manual é a chance que o usuário percorrer todo o vídeo instrutivo, sem ignorar especificações e descrições técnicas complicadas TP-Link TL-SG3424P, como para a versão papel.
Por que ler manuais?
Primeiro de tudo, contem a resposta sobre a construção, as possibilidades do dispositivo TP-Link TL-SG3424P, uso dos acessórios individuais e uma gama de informações para desfrutar plenamente todos os recursos e facilidades.
Após a compra bem sucedida de um equipamento / dispositivo, é bom ter um momento para se familiarizar com cada parte do manual TP-Link TL-SG3424P. Atualmente, são cuidadosamente preparados e traduzidos para sejam não só compreensíveis para os usuários, mas para cumprir a sua função básica de informação
Índice do manual
-
Página 1
TL-S G3210/T L - SG3216/ TL - SG34 24/TL - SG3424P JetS tream L2 Managed Sw itch R EV 3.0.0 191001 10 91[...]
-
Página 2
COPYRIGH T & TRA DEM ARKS S peci fications are subject to change w ithout n otice. is a registere d tradem ark of TP - LIN K TECHNOLOG IES CO., L TD. Ot her brands and product names are trade marks or registered t rademar ks of their respect ive holder s. No par t of the spe cificatio ns may be repro duced in any form or by any means or used to[...]
-
Página 3
Safe ty Informati on When pro duct has power button, the pow er button is one of the way to shut off the prod uct; W hen th ere i s no pow er butt on, the only way to co mpletely shut of f power is t o discon nect the product or the pow er adap ter from the power s ource. Don ’t disasse mble the pro duct, or make repa irs your self. Y ou [...]
-
Página 4
CONT ENT S Package Cont ents ............................................................................................................................ 1 Chapter 1 About This Guide ........................................................................................................... 2 1.1 Intended Readers ....................................[...]
-
Página 5
4.4.1 Access Control .................................................................................................. 32 4.4.2 S SL Config ........................................................................................................ 34 4.4.3 SSH Confi g ...................................................................................[...]
-
Página 6
Chapter 7 S p anning T ree .............................................................................................................. 88 7.1 STP Co nfig ................................................................................................................... 93 7.1.1 STP Co nfig ........................................................[...]
-
Página 7
9.1.1 Po rt Priority ...................................................................................................... 141 9.1.2 DSCP Pr iorit y .................................................................................................. 142 9.1.3 802.1P/CoS mapping ........................................................................[...]
-
Página 8
1 1.4.1 Binding T able ................................................................................................... 170 1 1.4.2 Port Binding ..................................................................................................... 171 1 1.4.3 VLAN Bind ing ..........................................................................[...]
-
Página 9
14.1.3 NDP Config ...................................................................................................... 224 14.2 NTDP .......................................................................................................................... 225 14.2.1 Device T able ...................................................................[...]
-
Página 10
16.4.2 Tr a cert ............................................................................................................. 258 Ap pendi x A: S pe cifi cati ons ........................................................................................................... 259 Appendix B: Configur ing the PCs .........................................[...]
-
Página 11
Package Content s The follow ing items shou ld be found in your box: One JetStream L2 Managed Sw itch One power cord One consol e cable Two mount ing brackets a nd other fitting s Installatio n Guide Resource CD for TL -S G3210/ TL - SG3 216/TL - SG 3424/TL - SG 3424P switch , in clu ding: • This User G uide • The CLI Re[...]
-
Página 12
Chapter 1 Abo ut This Guide This User G uide cont ains informati on for setup a nd manage ment of TL -S G32 10/TL - SG32 16/ TL - SG342 4/TL - SG34 24P JetS tream L2 Manage d Switch. Please read t his guide carefully before operation. 1.1 Intende d Reade rs This Guide is intended for networ k managers famil iar with IT concept s and netw ork termin[...]
-
Página 13
Chapter Introduction Chapter 3 Login to the Sw itch Int roduces how t o log on to the Web management p age. Chapter 4 Sys tem This module is used to c onfigure sy stem properti es of the switc h. Here mainly introdu ces: Sys tem Info : Con figure the descr iption, sy stem ti me and networ k para meters of the sw itch. User Manag e ment : Co[...]
-
Página 14
Chapter Introduction Chapter 9 QoS This module is u sed to config ure QoS funct ion to provide dif ferent quality of s ervice for various netw ork applic ations and require ments. Here mainly introduces: Diff Serv: Confi gure priorities, port priori ty , 802.1P priority and DSCP prior ity . Bandwid th Contr ol: Confi gure rate lim it featur[...]
-
Página 15
Chapter Introduction Chapter 14 Cluster This modu le is used to configure c luster funct ion to central ma nage the scatter ed devices in t he network. Here mainly intr oduces: NDP : Con figu re ND P funct i on to get the information of the directly connected neighbor dev ices. NTDP: Con figure N TDP f unction for t he command er switch t o[...]
-
Página 16
Chapter 2 Introduction Thanks for choosing t he TL -S G32 10/TL - SG3216 /TL - SG3424/T L - SG 3424P Je tS tream L2 Managed Sw itch ! 2.1 Over vie w of the Swi tch Designed for workgroup s and department s, TL - S G3210/TL - SG3216/ TL - SG 3424/TL - SG 3424P fr om TP - LIN K provides w ire - speed p erformanc e and full set o f layer 2 mana gement[...]
-
Página 17
+ Support s T elnet, CLI, S NMP v 1/v2c/v 3, RMON and web acc ess. + Port Mirror ing enables mo nitoring sel ected ingres s/egress tr affi c. + Simple Network and M anagement Protocol ( SNMP) can be c onfigured ov er IPv6 t ransport . + IPv6 support s statele ss autocon figuration to m anage link, subn et, and site addres sing changes . + DHCPv6 en[...]
-
Página 18
SFP Por t s: Desig ned to install the SFP module. TL - SG32 16 / TL - SG3424 / TL - SG342 4P switch features so me SFP transceiv er slot s that are shar ed with the a ssociate d RJ45 p ort s. The associate d two port s are referred to as “ Comb o ” ports, which mean s they cannot be used simult aneously , otherwise only SF P port s wor k. T[...]
-
Página 19
When the S peed LE D is on, the port LED is indicatin g the dat a transmiss ion rate. Na me S ta t u s Indicat ion Power On The switch is pow ered on. Off The switch is p owered off or pow er supply is abn ormal. Fl ashin g Power su pply is abnorm al. Sys tem F lashi ng The switch wor ks properly . On/Off The switch wor ks improper ly. 10/100/1 000[...]
-
Página 20
Grounding T e rminal: The switch alrea dy comes with Lightning Prot ection Mecha nism. Y ou can also gr ound the swit ch through th e PE (Prote cting Eart h) cable of AC c ord or with Gr ound Ca bl e. A C Pow er Soc ket: Con nect the female co nnector of the pow er cord here, and t he male con nector t o the AC po wer outlet. M ake sure th [...]
-
Página 21
Chapter 3 Login to the Switch 3.1 Login T o access the configura tion utility , open a web - brow ser and ty pe in the default ad dress http:/ /192.168.0.1 in the a ddress fiel d of the browser , then press t he Enter k e y. Figure 3-1 W eb - browser Tips : T o log in to the switch , the IP address of y our PC shou ld be set in the sa me subnet add[...]
-
Página 22
No te: Clic king Apply can only make the new con figurati ons ef fective befor e the switch is reboot ed . If you want to keep the configurat ions ef fective ev en the switch is reboot ed, please cl ick Sav e Con fig . Y ou are suggested to click Sav e Config before cutt ing off the po wer or reboot ing the switch to av oid losing the new configura[...]
-
Página 23
Chapter 4 System The Sys tem m odul e is main ly for syst em configur ation of the s witch, in cluding four su bmenus: System Info , User Manage ment , System T ools and A ccess Security . 4.1 System I nfo The S yste m Info, mainly for basic propert ies conf i guration , can be imple mented on Sy stem Summary , Device Descri ption , System Time , D[...]
-
Página 24
Indicates t he SFP por t is not conn ected to a devic e. Indicates t he SFP por t is at the speed o f 1000Mbp s. Indicates t he SFP por t is at the speed o f 100Mbp s. When the cur sor move s on the port, the det ailed inf ormation of the p ort will be display ed . Fi gure 4-2 P ort Infor mation Port Info Po rt: Disp lays the port nu mber of th[...]
-
Página 25
Bandwidth Utiliza tion Rx: Select Rx to d isplay the bandwi dth uti lization of rec eiving pac ket s on this port . Tx: Select Tx to d isplay the bandw idth ut ilization o f sending p acket s on this port . 4.1.2 Device Descrip tion On this page you can configure the description of the switch, includi ng dev ice nam e, dev ice location and syst[...]
-
Página 26
Choose the menu Sys te m → System Info → System T ime to load the foll owing p age. Fi gure 4-5 System T ime The following entries ar e displayed o n this screen: Time Info Current System Da te: Displays the current date and time of the sw itch. Current Time Sou rce : Displays the current ti me Source of the sw i tch. Time Config Manu a[...]
-
Página 27
Choose the menu Sys te m → System Info → Day l ight Sa ving T ime to load the follow ing pa ge. Figure 4-6 Daylight Savin g Ti me The follow ing entries are disp layed on t his screen: DST Co nfig DST St atus : Enable or dis able the DST . Predef ined Mo de : Select a pred efined DST config uration : USA : Sec ond S unda y in March , 02[...]
-
Página 28
No te: 1. W he n the DST is disab led, the predefined mode, recurri ng mode and date mode can not be configured. 2. When the DST is e nabled, t he default daylight saving time is o f Europe in pre define d mode. 4.1.5 System IP Each device in the netw ork possesses a unique IP Address. Y ou can log on t o the Web manage ment pag e to ope rate the s[...]
-
Página 29
3. If the switch get s the IP address from DH CP serv er , you can see the configuratio n of the switch in the DHCP server ; if DHCP option is s elected but no DHCP serv er exists in the networ k, a few minutes l ater , the switch w ill restore the sett ing to the defau lt . 4. If DHCP or BOOTP option is selec ted, the switch w ill get network p ar[...]
-
Página 30
6. Enha nced n eighb or discov ery mechanis m: Th e IPv6 neighbor disc overy pr otocol is a group of Inter net control messa ge protocol v ersion 6 (ICMPv 6) messages that manages the informati on exchange be tween neighbor no des on the same lin k. The group of ICMPv 6 messages t akes the pl ace of Addres s Resolutio n Protocol (A RP) message, Int[...]
-
Página 31
Multicast addr ess: An identifier for a set of interfaces (typically belon ging to dif ferent node s), similar to an IPv 4 multic ast address. A packet se nt to a multicas t address is delivered t o all interface s identif ied by that address. Ther e are no broad cast addres ses in I Pv6. Their function is su perseded by multicast addr esses. ?[...]
-
Página 32
For all IEEE 8 02 interface types (for exa mple, Ether net and FD DI interfaces) , Int erface IDs in the modified EUI - 6 4 format are constructed in t he following w ay: T he firs t thre e octets (2 4 bit s) are ta ken from the O rganizat ionally Uniq ue Identi fier (OUI) of t he 48 - bit l ink - lay er address (the M AC addres s) of the interface[...]
-
Página 33
Figure 4-9 Link - local Addres s Format IPv6 dev ices must not forwar d packet s that h ave link - local source or destinat ion addr esses to other lin ks. No te: Y ou can configure mult iple IPv 6 addresses per inter face, but only one lin k - local addre ss. IPv6 Neig hbor Discov ery The IPv6 neighb or discov ery process uses I CMP messages a[...]
-
Página 34
Neighbor R eachabil ity Detecti on After node A acquires t he link - layer address of it s ne ighbor node B, nod e A can v erify whether node B is reacha ble accor ding to NS and NA messages. Node A sends an NS m essage whos e destination a ddress is the I Pv6 addres s of node B. If node A receives an NA message from node B, node A consider[...]
-
Página 35
RAs are also sent in resp onse to dev ice solicit ation messages. D evice soli c itation messa ges, which hav e a value of 133 in t he T ype field of the ICMP packet header , are sent by hosts at system st artup or anytime neede d so that the host can imme diately autoc onfigure w ithout needing t o wait for the next scheduled RA message. Hosts dis[...]
-
Página 36
Y ou can configure the sy stem ’ s admin istrative IPv 6 address on this p age. Choose the menu Sys te m → System Info → Sy stem IP v6 to load the follow ing page. Figure 4- 10 System IP v6 The follow ing entries are disp layed on t his screen: Global Config IPv6 : Enable/D isable IPv6 func tion globa lly on the s witch . Link - lo ca[...]
-
Página 37
S ta t u s : Displays the status o f the link - local address . No rma l: Indicates that the link - local address is normal. Tr y : Indicates that t he link - local address may be new ly configured . Repeat: Ind icates that th e link - loca l address is dupli cate. It is illegal to ac cess the switch us ing the IPv6 ad dress(inc luding [...]
-
Página 38
S ta t u s : Displays t he status o f the global addre ss . No rma l: Indicates that the global ad dress is nor mal. Tr y : Indicates that t he global address may be new ly configured. Repeat: Indic ates that the correspond ing address i s duplic ate. It is illegal to acce ss the sw itch using this addr ess. Tips : After adding a global[...]
-
Página 39
Choose the menu Sys te m → User Manag e men t → User Confi g to load the following p age. Fi gure 4- 12 Us er Con fig The follow ing entries are disp layed on t his screen: User Info User Name: Create a name for users ’ login. Access Lev el: Select th e access level to login. Admin: Ad min can edit, modify and view all the sett ings o[...]
-
Página 40
4.3 System T o ols Th e Sys tem T ool s f uncti on , allowing you to manag e the configurat ion file of the switch, can be impleme nted on Config Resto re , Config Backup , Firmware Upgrade , System Reb oot and Syst em Reset p ages. 4.3.1 Config Rest ore On this p age you c an upload a b ackup conf iguration fil e to restore y our switc h to this p[...]
-
Página 41
Choose the menu S yst e m → System T ools → Confi g Backup to load the following p age. Fi gure 4- 14 Conf ig B ackup The follow ing entries a re display ed on t his screen: Con fig Ba ckup Backu p Confi g: Clic k t he Backup Con fig button to sav e the current conf iguration as a file to your computer . Y ou are suggested to t ake this mea[...]
-
Página 42
4.3.4 System Reboot On this pag e you can reboot t he switch and return to the login pag e. Please sa ve the current configurat ion before re booting to av oid los ing the co nfiguration uns aved Choose the menu Sys te m → System T ools → System Reboot to load the follow ing page. Fi gure 4- 16 Syste m R eboot No te: T o avoid damag e, please d[...]
-
Página 43
Choose the menu Sys te m → A ccess Security → Access Control to load the follow ing pa ge. Fi gure 4- 18 Access Contr ol The follow ing entries are disp layed on t his screen: Access Control Config Control Mode: Select the cont rol mode for users to log on to the Web manage ment page. IP - based: Select this opt ion to limit the I P - r[...]
-
Página 44
Sessi on Config Sessi on Ti meout : If you do nothing wit h the Web manage ment p age within the timeout ti me, the system w ill log out automat ically . If you want to reconfigure, please logi n again. Access Us er Number Nu mber Control ; Select Enab le/Disab le the Number Control funct ion. Adm in Number : Enter the maximum nu mber of [...]
-
Página 45
Choose the menu S yst e m → A ccess Sec urity → SSL Confi g to load t he following p age. Fi gure 4- 19 SSL Conf ig The follow ing entries are disp layed on t his screen: Global Co n f ig SSL : Select Enable/Dis able the SS L function on t he switch. Certificate D o wnl oad Certific ate File: Select the de sired certi ficate to downl oa[...]
-
Página 46
an insecure netw ork environ ment. It can encry pt all the transmission dat a and prevent the inf or mation in a remote manag ement being leak ed. Compris ing server and cli ent, SSH has two v ersions, V1 and V2 wh ich are not co mpatib le with each other . In the communication, S SH server and client can auto - negot iate the SSH v ersion and the [...]
-
Página 47
Ke y Dow nloa d K ey T yp e : Select the t ype of SSH Key t o down load. The s witch support s three ty pes: SSH - 1 RSA, S SH - 2 RSA and SSH - 2 DSA. Key File: Select t he desired key file to downlo ad. Dow nload : Cli ck the Downl oad butt on to down lo ad the des ired key file to the switch. No te: 1. Please e nsure t he key length of the d[...]
-
Página 48
2. Cli ck t he Open button in the abov e figure t o log on to t he switch. Ent er the login user na me and passw ord, and then y ou can cont inue to configur e the switch. A ppl ication Example 2 f or SSH : Network R equireme nts 1. Log on t o the switch via p assword aut henticat ion using S SH and the SSH fun ction is ena bled on the switch. [...]
-
Página 49
2. Aft er the key is successf ully generate d, pleas e save the pub lic key and privat e key to the computer . 3. On the W eb manage ment p age of the switch, download the pub lic key file saved in t he computer to t he switch. Note: 1. The key t ype should acc ord with the t ype of the key file. 2. The SSH key downloa ding cannot be interr upted. [...]
-
Página 50
4. Aft er the public key is downloaded, please l og on to the interface of PuTTY and enter the IP address for l ogin. 5. Clic k Brow se to down load t he private key file to SSH client software a nd click Open . 40[...]
-
Página 51
After successfu l authent ication, ple ase enter t he login us er name. If you log on to t he switc h without enter ing pas sword , it indicates that the key has bee n successfu lly downloade d. No te: Following the st eps abov e, you hav e already entere d the User EXEC Mo de of the switc h. However , to configur e the switch, you need a p assword[...]
-
Página 52
Chapter 5 Switching Switching module is used to configure t he basic func tions of the switch, includin g four submenus : Port , L AG , T raffic Mon itor and M AC Ad d r es s . 5.1 Port The Port funct ion, allowin g you to configur e the basic featur es for the port , is implemented o n the Port Config , Port M irror , Port S e curity , Port Isolat[...]
-
Página 53
Port : Displays the port number . Descrip tion : Give a descri ption to the por t for identificat ion. S ta t u s : Allows you t o Enab le/Disable th e po rt. W hen E nabl e is selected, t he port can for ward the p ackets normally . Spe ed and D uplex : Select the S peed a nd Duplex mode for the por t. The dev ice connected to the switc h should b[...]
-
Página 54
Choose the menu Switc hing → Port → Port Mirror to load the f ollowing p age. Figure 5-2 M irro r Group List The following entries are displayed on t his screen. Mirror Group Li st Grou p: Displays the mirror grou p number . Mirroring: Dis pla ys the mirror ing port num ber . Mode : Dis plays the mirror mode , the value will be "Ingr e[...]
-
Página 55
Clic k Edit to display the following fi gure. Figure 5-3 Port Mirror Confi g The follow ing entries are displayed on thi s screen. Mirror Group Nu mbe r: Select the mirror group numb er you want t o config ure . Mirroring Port Mirroring Port : Select the mirroring port number . Mirrored Port Port Select : Click the Sele ct button to qui[...]
-
Página 56
Eg ress: Select Enab le/Disab le the Egress feature. W he n the Egre ss is enabled, the outgoing p ackets sent by the mirrore d port will be copied to the mirroring por t. L AG : Displays the LAG numbe r which the port bel ongs to. The LAG member cannot be selected as the mirror ed port or mirrorin g port. No te: 1. The LAG mem ber cann ot be selec[...]
-
Página 57
Choose the menu Switc hing → Port → Port Security to load the following page. Figure 5-4 P ort Securit y The following entries are displayed on t his screen: Port Security Select : Select the d esired port for Port Sec urity config uration. I t i s mul ti - op tion al. Port : Displays the port number . Max Lea rned M A C : S pecify the max [...]
-
Página 58
No te: 1. The Port Security functio n is disabled for t he LAG por t member . Only the port is removed from the LAG , will the Port Sec urity function be av ailable for t he port. 2. The Port Security funct ion is disab led when the 802. 1X function is ena bled. 5.1.4 Port Isolat ion Port Isolati on provides a method of restrict ing traf fic flow t[...]
-
Página 59
Port Is olation List Port : Display t he port number . Forwar d Portl ist : Display the F orward Port l ist . 5.1.5 Loopback D etection With loopbac k detection f eature enabl ed, the switc h can det ect loops using loopback detect ion pac kets. W he n a loop i s detected, the switch w ill display an a lert or f urth er bl ock the co rres pondi[...]
-
Página 60
The following entries are displayed on t his screen: Global Config Loopbac kDetectio n S ta t u s : Here you can en able or disab le Loopback Detection funct ion globally . Detection Inte rval : Set a L oopback Det ection inter val between 1 and 1 000 seconds. By defa ult , it ’ s 30 secon ds . Automatic Recovery Tim e : T ime a fter whic h t[...]
-
Página 61
For the m ember port s in an ag gregatio n group, the ir basic con figurat ion must be t he same. T he basic conf iguration i ncludes STP , QoS , GV RP , VL AN , po rt attributes , MAC A ddress Learni ng mode and oth er a ssociate d settings. More d eta ils are explained b elow : If the port s, which are ena bled for the GVRP , 802 .1Q VL A N ,[...]
-
Página 62
The following entries are displayed on t his screen: Global Co nfig Hash A lgorit hm : Select the app lied scope of Aggregate Arit hmetic, w hich result s in choosing a port to transf er the pac kets. • SRC MA C + DST MA C: When this opt ion is selected, the Aggregat e Arithm etic will app ly to the source and destinatio n MAC address es of t[...]
-
Página 63
Choose the menu Switc hing → L AG → St atic LAG to load the following p age. Figure 5-8 St a t i c L A G Co nfig The following entries are displayed on t his screen: LAG Config Grou p Number : Select a Group Number fo r the LAG . Descrip tion : Give a descri ption to the LAG for identificat i on. LAG T able Member Port : Select the port[...]
-
Página 64
group. In an aggre gation group, the port w ith smaller port prior ity will be consider ed as the preferred on e. If the tw o port priorities are e qual; the por t with smaller p ort number is preferred. After an aggregation gro up is establ ished, the selec ted port s can be aggregated t ogether as one port to tra nsmit p ackets. On this pa ge, yo[...]
-
Página 65
Select : Select the des ired port for LACP con figurat ion. It is multi - option al. Port : Displays the por t number . Adm in Key : S pecify an Admin Key for the por t. The member port s in a dynamic aggregatio n group must have the sam e Admin Key . Port Priority : S pecify a Port Pr iority for t he port. This v alue deter mines the pr iority of [...]
-
Página 66
Choose the menu Switc hing → T raffic Mon itor → T ra ffic Summary to load the followi ng page. Figure 5- 10 T raffic Summary The following entries are displayed on t his screen: Auto Refresh Aut o Refresh : Allows you t o Enab le/Disable re freshing t he T raffic S ummary automati cally . Refresh Ra te : Enter a value in seconds to s pecif[...]
-
Página 67
St atistics : Click the St a tistics button to view the det ailed traff ic stat istics of the port. 5.3.2 T raffic St atistics T raf fic S tatist ics scree n displays t he deta iled traf fic information of each p ort, whic h facilit ates you to monitor the t raf fic and locate fau lts prom ptly . Choose the menu Switc hing → T raffic Mon itor →[...]
-
Página 68
transmitt ed on the port. The error frames are not co unted in. Mult icast : Displays the number of go od multicast p acket s recei ved or transmitt ed on the port. The error frames are not co unted in. Unicast : Displays the number of go od unicast p acket s received or transmitt ed on the port. The error frames are not co unted in. Alignment Erro[...]
-
Página 69
T able 5-1 T ypes and fe atures of Address T able This function inc ludes four subme nus: Address T able , St atic A ddress , Dynami c Address and Filte ring A ddress . 5.4.1 Address T able On this pa ge, you can v iew all the infor mation o f the Add ress T able. Choose the menu Switc hing → M AC Ad d re s s → Address T able to load the follow[...]
-
Página 70
Dynami c: This option all ows the addr ess tab le to display the dynamic a ddress entrie s only . Filterin g: This opt ion allow s the address t able to dis pla y the filtering ad dress entries o nly . Address T able M AC Ad d r es s : Displays the MAC addres s learned by the switch. V L AN ID : Displays the cor respondin g VLAN ID of t[...]
-
Página 71
V L AN ID : Enter the corres ponding VLA N ID of the MAC ad dress. Port : Se lect a port from the p ull - dow n list to be bound. Search Opti on Search Opti on : Select a Search Opt ion from t he pull - down l ist and click the Search button to find y our desired entry in t he S tat ic Address T able. • M AC : Enter t he MAC addr ess of your [...]
-
Página 72
Choose the menu Switc hing → M AC Ad d re s s → D ynami c A ddress to load the fo llowing pa ge. Figure 5- 14 Dynam ic A ddres s The following entries are displayed on t his screen: Agi ng Config Aut o A ging : Allows you t o Enable/Disa ble the Auto Aging feat ure. Agi ng Ti me : Enter the Aging T ime for the dy namic addre ss. Search [...]
-
Página 73
Dynami c Addr ess T able Select : Select the ent ry to delete the dy namic address o r to bind the MA C address t o the correspond ing port st atically . It is mult i - optiona l. M AC Ad d r es s : Displays the dynamic M AC Addre ss. V L AN ID : Displays the cor respondin g VLAN ID of the M AC address. Port : Di splays the cor respondin g port[...]
-
Página 74
Choose the menu Switc hing → M AC Ad d re s s → F ilt ering A ddress to load the follow ing pa ge. Figure 5- 15 Filteri ng Addres s The following entries are displayed on t his screen: Create Filtering A ddress M AC Ad d r es s : Enter the MA C Address to be filter ed. V L AN ID : Enter the corres ponding VLA N ID of the MAC ad dress. S[...]
-
Página 75
No te: 1. The MA C address in th e Filter ing Addres s T able cannot be added t o the S tati c Address T able or bound to a por t dynami cally . 2. This MA C address filter ing funct ion is not availab le if the 802.1X feature is en abled. Return to CONTEN TS 65[...]
-
Página 76
Chapter 6 VLAN The tradition al Ethernet is a dat a networ k communicat ion technology based on CSMA/CD (Carrier Sense Mu ltiple Access/ Collis ion Detect) via shared comm unication medi um. Throug h the traditiona l Ethernet, the over full hosts i n LAN will r esult in s erious collis ion, floodin g broadcas ts, poor perfor mance or even brea kdow[...]
-
Página 77
packe ts o f dif ferent VLA Ns. The sw itch can ana lyze t he received unt agged pac kets o n the port and match the pac kets w ith the MA C VLAN, Prot ocol VLA N and 802.1Q VLA N in turn. I f a pac ket is matched, t he switch will add a correspon ding VLAN tag to it and forward it in the corresponding VLAN. 6.1 802.1Q VL A N VLAN ta gs in the p ac[...]
-
Página 78
( 2 ) TRUNK: The TRUNK port c an be added in multiple VLAN s, and the egres s rule of the p ort is T AG . The TRUNK port i s generally used to con nect t he casc aded netw ork devices for it can receiv e and forwar d the p acket s of multi ple VL ANs. W hen t he p acket s are forwar ded by the T RUNK port , its VL AN tag wil l not be change d. [...]
-
Página 79
IEEE 802.1Q VLAN funct ion is imple mented on the VLA N Config and Port Conf ig p ages. 6.1.1 VLAN Config On this pa ge, you can v iew the cur rent created 80 2.1Q VLAN. Choose the menu VL AN → 802.1Q VLA N → VLAN C onfig to l oad the follo wing p age. Figure 6-3 VLAN T abl e T o ensure the nor mal comm unication o f the factory switch, t he de[...]
-
Página 80
Clic k Edit button to modify t he settings of the c orrespond ing VLAN. Cl ick Create button to create a new VLA N. Figure 6-4 Create or Mo dify 802.1Q VL AN The following entries are displayed on t his screen: VLA N Config VLA N ID: Ent er the ID number of VLAN. Descrip tion: Give a descri ption to the VL AN for identi fication. Check: Cl ick [...]
-
Página 81
Link T ype: Displays the Link T ype of the port. It can be reset on Port Config screen. Eg ress Rul e: Select the E gress Rule for the VLAN port member . The default egress rule i s UNT AG . • T AG: A ll packe t s forwarded by the port are t agged. The pac kets cont ain VL AN informat ion. • UNT AG: Pac kets forwar ded by the port are unt agged[...]
-
Página 82
Link T ype: Se lect the Lin k T ype from the pull - down list for the por t. • ACC ESS: Th e ACCES S port can be added i n a single VLAN, and the egress rule of the port is UNT AG . The PVID is sa me as the current VLAN ID. If the current VLA N is deleted, t he PVID will be s et to 1 by defau lt. • TRUNK: The TRU NK port can be added in multipl[...]
-
Página 83
Step Ope ration Description 3 Modify/ View V LAN. Optional. On the V L AN → 802.1Q VLA N → VLA N C onf ig page, click the Edit/Detail butt on to modi fy/v iew the information o f the correspond ing VLAN. 4 Delete VLA N Optional . On the V L AN → 802.1Q VLA N → VLA N C onf ig page, select the des ired entry to delete the corr espondi ng VLAN[...]
-
Página 84
The following entries are displayed on t his screen: VLA N T able M AC Ad d r es s : Enter t he MAC address. Descrip tion: Give a descri ption to t he MAC address f or identificat ion. VLA N ID: Enter the ID nu mber of the MAC VLAN. Th is VLAN shoul d be one of the 802.1Q VLA Ns the ingres s port belongs t o. M AC V L AN T ab l e MAC Select[...]
-
Página 85
the dat a of specific protocol ca n be automati cally assigned to t he correspondin g VLAN for transmis sion. T he network admin istrator can man age networ k clients base d on their specific applicatio ns and serv ices through prot ocol VL AN. Enca ps ulation Form at of Et hernet D at a This section si mply intro duces the comm on used enca ps[...]
-
Página 86
The Proced ure for the S witch to Identi fy Packet Prot oco l The Im pleme ntat ion of P rotoc ol VLA N This switch can match pac kets through pr otoco l templat e and tran smit pa ckets in t he specific VLAN accord ing to the protocol. Protocol t emplate, compris ing encap sulation for mat and prot ocol type, is the standar d to deter mine[...]
-
Página 87
The packet i n Protocol VL AN is process ed in the follow ing way: VLA N packets are proce ssed i n the foll owing way : 1. When re ceiving an unt agged packet, the switch matches the pac ket with the c urrent Protoc ol VLAN. If the pac ket is matched, the sw itch will add a correspond ing Protocol V LAN tag to it. If no Protocol VL AN is matched, [...]
-
Página 88
Choose the menu VL AN → Protoc ol VLA N → Protocol Group to load t he followin g page. Figure 6-9 Create Protoco l VLAN The following entries are displayed on t his screen: Protoc ol Group Co nfig Protoc ol: Select the de fined protoco l templa te . VLA N ID: Enter the ID nu mber of the Prot ocol VLAN. Th is VLAN should be o ne of the 802.1[...]
-
Página 89
The follow ing entries are displayed on thi s screen: Create Prot ocol T emplate Protoc ol Name: Give a na me for the Proto col T emplate. Ether T ype: Enter the Eth ernet protoc ol type field in the pr otocol t emplate. Frame T ype: Select a Fra me T ype for the Protoc ol T empla te. Protoc ol T emplate T able Select: Select the des ired e[...]
-
Página 90
Switch B is co nnecting t o PC B and Server A; P C A and Server A i s in the s ame VLAN; PC B and Server B is in the sa me VLAN; PCs in the two VL ANs cannot co mmunicat e with each other . Network Di agram Confi gurati on Proced ure Configur e Switc h A Step Ope ration Description 1 Configur e the Li nk T ype of th e po[...]
-
Página 91
6.5 Applic ation Exa mple for M A C V L AN Network R equireme nts S w i t c h A and switch B are conne cted to meeti ng room A a nd meeting roo m B respect ive ly , and the two r ooms are for all dep artment s; Noteboo k A an d Noteb ook B, special for meeting roo m, are of two dif ferent depart ments; The two dep artment s are in V[...]
-
Página 92
Configur e Switch B Step Ope ration Description 1 Configur e the Li nk T ype of the ports Required. On VL AN → 802.1Q VLA N → Port Conf ig page, configure the link type of Port 21 and Port 22 as GENERAL and TRUNK respect ively . 2 Create VLAN10 Required. On VL AN → 802.1Q VLA N → VLA N Confi g page , cre ate a VLAN w ith it s VLA N ID a[...]
-
Página 93
Network Di agram Confi gurati on Proced ure Configur e Switc h A Step Ope ration Description 1 Configur e the Li nk T ype of the ports Required. On VL AN → 802.1Q VLA N → Port Conf ig page, configure the link type of P ort 1 1 a nd Port 13 as ACCE SS, and configur e the link type of Port 12 as G ENER AL. 2 Create VLAN10 Required. On[...]
-
Página 94
Step Ope ration Description 4 Create Prot ocol T em pla te Required. On V L AN → Protoc ol VLA N → Pro tocol T e mplate p age, conf igu re the protoco l template pr actically . E.g. the IP network pac kets are enc apsul ated in Ethernet II format and it s Ether T ype is 0800; the AppleT alk network pac ket s are encap sulated in S NAP for mat a[...]
-
Página 95
• Join Ti mer: To t ransmit the Joi n messages r eliably to other entities, a GARP entity s ends each Join mess age two times. The Joi n timer is used to define the int erval between the two sending oper ations of eac h Join messa ge. • Leave Timer : When a GARP ent ity expects to der egister a piece of att ribute infor mation, it sends out a L[...]
-
Página 96
Choose the menu VL AN → GVRP to load the following p age. Figure 6- 11 GV RP Co nfig No te: If the GVRP feature i s enabled for a member por t of LAG , please ensure all t he member por ts of this LAG are set to be in the sa me stat us and registr ation mode. The follow ing entries are displayed on thi s screen: Global Co nfig GVRP: Allows yo[...]
-
Página 97
• Forbi dden: I n this mode, a port cannot register/der egister VLANs. I t only prop agates VLA N 1 informati on. LeaveA ll T imer: Once the L eaveAll T imer is set, t he port with GV RP enab led can sen d a LeaveAll messa ge after the timer times out , so that other GARP ports c an re - register al l the attr ibute information. After that, the L[...]
-
Página 98
Chapter 7 S p anning T ree STP (S pannin g Tr ee Protocol), subject to I EEE 802.1D standard, is to disbranch a ring netw ork in the Data Lin k l ayer in a local network. Devices running STP discover loops in the net work and block ports by exchanging information, in that way , a ring network can be disbranched to for m a tree - topological ring - [...]
-
Página 99
Figure 7-1 Basic ST P diagr am STP T imer s Hello T ime: Hello T ime ranges fro m 1 to 10 seconds. It specifie s the interv al to send BP DU p ackets. It is used to test the link s. Max. Age: Max. Age ra nges from 6 t o 40 seconds. It specifies the maximu m time the sw itch can wait wit hout receiving a B PDU before attempting to r econfigur e.[...]
-
Página 100
Compar ing BPDUs Each switch s ends out co nfiguration BPDUs and re ceives a conf iguration B PDU on one o f its por ts from another switch. The follow ing tab le shows the c ompar ing operat ions. Step Ope ration 1 I f the priority of the BP DU received on the port is lower than that of the BPDU if of the port it self, the switc h discards the[...]
-
Página 101
The condit ion for the root port to transit it s port st ate rapidly: The old root port of the switch stops forw arding dat a and the desig nated port of the ups tream switc h begins to forw ard data. The condit ion for the designated por t to transit it s port st ate rapidly: The des ignated port is an edge port or connecti ng to a point -[...]
-
Página 102
The follow ing figure show s the netw ork diagram in M STP . F igure 7-2 Basic M STP diag ram M STP MSTP divides a netw ork into sever al MST r egions. The C ST is gener ated betw een these MST regions, and multiple sp anning trees can be ge nerated in e ach MST region. Each sp annin g tre e is called an ins tance. As well as S TP , MSTP uses B[...]
-
Página 103
The follow ing diagram sh ows the dif ferent port roles. Figure 7-3 P ort roles The S panni ng T ree module is m ainly for sp anning tree conf iguration o f the sw itch, includi ng four submenus: STP Config , Port Config , MSTP I nsta nce and STP Security . 7.1 STP Config The STP Config funct ion, for global conf iguration of sp anning tr ees on th[...]
-
Página 104
Choose the menu Sp anni ng T ree → STP Config → STP Config to load t he following p age. Figure 7-4 S TP Conf ig The follow ing entries are disp layed on t his screen: Global Co nfig STP: Select Enable/Dis able ST P funct ion globally on t he switch. V ersio n: Select the des ired STP vers ion on the switch. STP: S panning T ree P roto [...]
-
Página 105
Max Hops: Enter a value fro m 1 to 40 to set the maximum nu mber of h ops that occur in a spec ific region befor e the BPDU is discarde d. The default v alue is 20 hop s. No te: 1. The forwar d delay paramet er and the net work diameter are corre lated. A too small forw ard delay p arameter may result in te mporary loops. A too large forw ard delay[...]
-
Página 106
Choose the menu S pa nning T ree → STP Co nfig → STP Summary to load t he following p age. Figure 7-5 S TP Summary 7.2 Port Co nfig On this page y ou can configure the parameters of the port s for CIST 96[...]
-
Página 107
Choose the menu S pa nning T ree → Port Config to load the followin g page. Figure 7-6 P ort C onfig The follow ing entries are disp layed on t his screen: Port Config Port Select : Clic k t he Select butt on to quic k - select the c orrespond ing port base d on the port nu mber you enter ed. Select: Select the desire d port for STP conf igur[...]
-
Página 108
Desig nated Port: I ndicates the port that forwards pac kets t o a downstrea m networ k segment or swit ch. Master Port: Indic ates the por t that co nnects a MST regio n to the common r oot. The p ath from th e master port to the common r oot is the shortest p ath between this MST region an d the common root. Alternate Por t: Indicat e[...]
-
Página 109
Choose the m enu S pa nning T ree → MSTP Inst ance → Re gion Co nfig to lo ad the follow ing page . Figure 7-7 Regio n Con fig The follow ing entries are disp layed on t his screen: Region C onfig Region Nam e: Create a name for MST region id entification us ing up t o 32 character s. Revisio n: Enter t he revision fr om 0 to 65535 for M ST[...]
-
Página 110
Choose the menu S pann ing T ree → MSTP Inst ance → Inst ance Co nfig to load t he followi ng page . Figure 7-8 I nsta nce Config The follow ing entries a re display ed on t his screen: Inst ance T able Inst ance I D Select: Click the Sele ct button to quick -se lect the corre sponding Ins tance I D based on the I D number you ent ered. Sel[...]
-
Página 111
V L AN - Inst ance Mapping VLA N ID: Ent er the desired VL AN ID. After modificatio n here, the new VLAN ID will be added to t he correspondin g instance I D and the previous V LAN ID won ’ t be rep laced. Inst ance I D: Enter the corres ponding ins tance I D. No te: In a networ k with both GVRP and MS TP ena bled, GVRP pac kets are forw arde[...]
-
Página 112
The follow ing entries are disp layed on t his screen: Port Config Inst ance I D: Sel ec t the des ired inst ance ID for it s port con figuration. Port Select : Cli ck the Select but ton to quic k - select the c orrespond ing port base d on the port nu mber you enter ed. Select: Select the d esired por t to specify it s prior ity and p ath cost[...]
-
Página 113
7.4 STP Security Configur ing protectio n function for devices can prev ent devices fr om any malic ious attac k against STP feat ures. The STP Security function can b e implement ed on Port Protect and TC P rotect page s. Port Protect function is t o prevent the dev ices from any malicious at tac k against STP featur es. 7.4.1 Port Protect On this[...]
-
Página 114
Normally these port s do not receive BPDU s, but if a user malicious ly att ack s the switch by sending BPDUs, netw ork topolo gy jitter occ urs. T o prevent t his attac k, MSTP prov ides BPD U protect function. W ith this fun ction enabled on t he switch, t he switch shut s down t he edge port s that receiv e BPDUs an d repor t s these cases to t [...]
-
Página 115
Po rt: Disp lays the port nu mber of the switc h. Loop Prot ect: Loop Prot ect is to pr event the lo ops in th e networ k brought by recalculat ing STP because of lin k failures an d network cong estions. Root Protect: Root Protect is to prevent w rong networ k topology chan ge caused by the role chang e of the current legal root bridge. T C Protec[...]
-
Página 116
Network Di agram Confi gurati on Proced ure Configur e Switc h A: Step Ope ration Description 1 Configur e ports On V L AN →802.1Q VLA N page, conf igure the lin k type of the related ports as T runk, a nd add the por ts to VLAN101 - VLAN 106 . The deta iled instructi ons can be found in the sect ion 802.1 Q VLAN. 2 Enable STP f unct [...]
-
Página 117
Step Ope ration Description 3 Configur e the region name and the revisio n of MST r egion On Sp anni ng T ree →MSTP In stance→R egion Con fig page, co nfigure the r egion as TP - LI NK and keep the def ault revision s etting. 4 Configur e VLAN - to - Inst ance mapping t able of the MST region On Sp anning T ree →MST P Instance→ Instance Con[...]
-
Página 118
Configur e Switch D: Step Ope ration Description 1 Configur e ports On VL AN →80 2.1Q V LAN page, configure t he link type of the r elated ports a s T runk, and add t he ports to VLAN101 - VL AN106 . The d etaile d instruction s can be found i n the sectio n 802.1Q VLA N . 2 Enable STP f unct ion On Sp anning T r ee →STP C onfig →STP Con [...]
-
Página 119
Sugge st ion for C onfigur ation Enable TC Protect function for all t he ports o f switches. Enable Ro ot Protect funct ion for all the por ts of root bridges. Enable Loo p Protect funct ion for the no n - edge port s. Enable BPDU Prote ct function or BPD U Filter function fo r t he edge port s wh ich are conn ected to the PC and se[...]
-
Página 120
Chapter 8 Multicast Multicas t Overview In the netw ork, pac kets are sent in three modes: un icast, br oadcast and multicast. I n unicast, the so urce serv er sends se par ate copy infor mation to e ach receiv er . When a larg e number o f users require this informat ion, the serv er must sen d many pieces of in formation with the same content[...]
-
Página 121
IPv4 Multica st A ddress 1. IPv4 Multicast IP Address: As specified by IANA (Internet Assigned Numbers Aut hority) , Class D IP ad dresses are use d as destinatio n addresses of multic ast packet s. The multicast IP addresses range fr om 224.0.0.0~ 239.255. 255.255. The foll owing t able displays the r ange and description o f several special m[...]
-
Página 122
0X FF at t he start of the a ddress i dentifies the a ddress as being a mu lticast addr ess. Flags have 4 b its: (1) The high - or der fla g is re s erv ed, and must be initia lized to 0. (2) R : Set t o 0 to indicate this IPv 6 multicast a ddres s does not c ontain an embedded RP address; set to 1 to indicat e this IPv6 mult icast addre ss[...]
-
Página 123
Reserv ed Multicast Addresses : Address Indication FF01::1 All i nter face - loca l IPv6 nodes FF02::1 A ll link - loca l IPv6 node s FF01::2 All i nter face - loca l IPv6 rou ters FF02::2 A ll link - loca l IPv6 routers FF05::2 All site - local IPv6 router s FF0X:: X ranges fro m 0 to F . These mult icast address es are reserved and sha ll never b[...]
-
Página 124
Multicast Addres s T able The switch is forwardin g multicast p acket s based on the multicast ad dress t able. As the transmis sion of multicast p acket s cannot span t he VLAN, the first p art of th e multicast addre ss table is VLA N ID, based on which the received mu lticast p ackets ar e forwarded in the VL AN owning the r eceiving port. T[...]
-
Página 125
if the mult icast group s cont ain any m ember . W hen receiving I GMP le ave me ssage, the rec eiving port of the rout er will sen d IGMP group - speci fic - qu ery message t o the multi cast group and t he switch will forw ard IGMP group -speci fic- query message to check if other members in the multic ast group of the port need this mu lticast. [...]
-
Página 126
The IGMP Snooping fun ction can be implement ed on the following p ages : Snoopin g Conf ig , VLA N Config , Port Config , IP - Range , Multic a st V L AN , St atic M ulticast IP and P acket St atistics . 8.1.1 Snooping Confi g T o configure the I GMP Snooping on the switch, please firstly config ure IGMP global configur ation and related p aramete[...]
-
Página 127
Ch oose the menu Multicast → IGMP S nooping → V LA N Config to load the follow ing page. Figure 8-6 V LAN Con fig The follow ing entries are disp layed on t his screen: VLA N Config VLA N ID: Ent er the VLAN I D to enab le IGMP Snoopin g for the des ired VLAN. Router Port Time: S pecify the aging time of t he router port. W ithin this t ime[...]
-
Página 128
Member Port Time: Disp lays the member port time of the VLAN. Leave T ime: Displays the leav e time of t he VLAN. Router Port: Displays the router port of the VLAN. No te: The settings h ere will be i nvalid when multicast VL AN is enable d Config uration proce dure: Step Ope ration Description 1 Enable IG MP Snoop ing fu ncti on Required. Enable I[...]
-
Página 129
The follow ing entries are disp layed on t his screen: Port Config Port Select : Click t he Select butt on to quick - select th e corres ponding por t based on the port number you entered. Select: Select the desire d port for IGMP Snooping feature c onfigurati on. It is mult i - optional. Po rt: Disp lays the port of the switch . IG MP Snoopi n[...]
-
Página 130
Choose the menu Multicast → IGM P Snoopi ng → IP - Ran ge to load the follow ing pag e. Figure 8-8 Mu lti cast Filter The follow ing entries are disp layed on t his screen: Create IP - Range IP Range ID: Enter the IP - ran ge ID. St art Multicast IP: E nter s tart mult icast IP of the IP - r ange you set . End M ulticast IP: Enter en d mult[...]
-
Página 131
Before con figuring a multicast VLA N, you shou ld firstly conf igure a VLAN as multicast V LAN an d add the correspo nding port s to the VLAN on the 802.1Q VLAN p age . If the m ulticast V LAN is enabled, the multicast con figuration f or other VLANs on the VLA N Config page w ill be invalid, that is, the multic ast streams will be transm itted on[...]
-
Página 132
4. Configur e the link ty pe of the router por t in the multica st VLAN as T RUNK or con figure the egress rule as T AG and the link type as GENERA L otherwise a ll the member port s in the mul tica st V LAN cannot re ceive multicast streams. 5. Aft er a multicast VL AN is creat ed, all the IGM P p ackets wi ll be processe d only wit hin the mul ti[...]
-
Página 133
Network Dia gram Confi gurati on Proced ure Step Ope ration Description 1 Create VL ANs Create three VL ANs with t he VLAN ID 3, 4 and 5 respectively , and spec ify the descript ion of VLA N 3 as Mult icast VLAN o n V L AN →802.1Q VLA N page. 2 Conf igure port s On V LAN →802.1Q VLA N function p ages. For port 3, conf igure its li nk ty[...]
-
Página 134
Choose the menu Multicast → IGM P Snoopi ng →S t atic Multicast IP to loa d the followi ng page. Figure 8- 10 S tat ic Multicast I P T able The follow ing entries are disp layed on t his screen: Create S tati c Multicast Multicas t IP: Enter st atic multi cast IP address. VLA N ID: Ent er the VLA N ID of the multi cast IP . Forwar d Port: E[...]
-
Página 135
Choose the menu Mu lticast → IGMP Snoo ping → Packet St atistics to load t he following p age. Figure 8- 11 Pac ket S tat istics The follow ing entries are disp layed on t his screen: Auto Refresh Auto Refresh: Select Enable/ Disable aut o refresh feat ure. Refresh Period: Enter the ti me from 3 to 300 in s econds to sp ecify the auto r efr[...]
-
Página 136
Error Packet: Displays the nu mber of error packet s the port r eceived. 8.2 MLD Sn ooping MLD Snoop ing Multicast L istener Discove ry ( MLD ) snooping is applied for eff icient distr ibution o f IPv6 multica st data t o clients and rout ers in a Layer 2 net work. W ith MLD snoop ing, IPv 6 multicast data i s selectiv ely forwarded t o a l[...]
-
Página 137
MLD Snoop ing P rocess 1. Genera l Query The MLD router regular ly sends MLD general queries to query if the mu lticast gr oups cont ain a ny member s . W hen rec eivi ng MLD general quer ies , the switch wil l forward them to all other port s in the VLAN. T he receiving port will be proce ssed: if the rece iving port is not a r outer port y et[...]
-
Página 138
Chose the menu Mu lticast → MLD S noopi ng → Global Config to load t he following p age. The follow ing entries are disp layed on t his screen: Global Co nfig MLD Snoop ing : Ena ble or disabl e MLD Snoop ing function glo bally . Rep ort Mes sage Suppressi on : Enable or disa ble Report M essage Suppre ssion fun ction globally . If this fun[...]
-
Página 139
Multicas t VLAN : Enable or disab le multicast VLAN function. W hen multicast VLAN is enabl ed, all multicast data w ill fo rward in t his VLAN if this port be longs to the VLAN. Multicas t VLAN ID: Enter the mul ticast V LAN ID. No te: 1. When Unknow n Multicast Fil ter is conf igured , the Unk nown Mul ticast fun ction i n IGMP Snooping is also c[...]
-
Página 140
The follow ing entries are disp layed on t his screen: V L AN Config V L AN ID : Enter the VLA N ID you wa nt to configure. Router Port A ging Tim e : Enter the rout er port aging t ime for this VLAN. It w ill override the global con figured aging t im e. Member Port Aging Tim e : Enter the memb er port aging time for t his VLAN. It will overri[...]
-
Página 141
Dynamic Router P o r ts : Displays the dynamic rout er port s of this VLAN. No te: 1. T he MLD snoopi ng func tion in a VLA N will take effect when gl obal MLD Snoo ping func tion is enable d in 8. 2.1 Gl oba l Config and th e VLAN i s creat ed in Chapter 6 VLAN . 2. W hen the router po rt aging time or m ember por t aging time is set for a VLAN [...]
-
Página 142
8.2.4 Port Confi g On this pa ge you can c onfigure M LD Snooping function with e ach single por t. Choose the menu Multicast → M LD Snoop ing → Port Config to load the follow ing p age. The follow ing entries are disp layed on t his screen: Port Config Select : Se lect the port y ou want to con figure. Port : Displays the port number . Fil[...]
-
Página 143
Choose the menu Multicast → M LD Snoop ing → St atic Multicast t o load the foll owing pa ge. The follow ing entries are disp layed on t his screen: St atic Multicast Confi g V L AN ID : Enter the VLA N ID. Multicas t IP : Enter the multicast IP address. Member Ports : Enter the member port s of the static mult icast group. St atic Mult[...]
-
Página 144
The fol low ing entri es are di splayed o n this screen: Querier Config V L AN ID : Enter the VLA N ID which you want to s tart Q uerier . Max imum Resp onse Tim e : Enter the v alue of Maxim um Response T ime field of the Query message. Query Interval : Enter the Quer y messag e in terval t ime. The Q uerier will send Ge neral Query Message wi[...]
-
Página 145
Choose the menu Multicast → M LD Snoop ing → Packet S tat istics to l oad the follow ing page. The follow ing entries are disp layed on t his screen: Aut o Fresh Aut o Fresh: Selec t Ena b le/Dis able auto fresh feature. Fresh Per iod : Enter the ti me from 3 to 300 second s to specify the auto fresh per iod. MLD Packet St atistics Rece[...]
-
Página 146
Error Packet: Displays the number o f error pac kets which t he switch has receiv ed. 8.3 Multicast T able In a networ k, receivers can join dif f er ent multicast g roups a ppropriate t o their needs. Th e switch forwards m ulticast str eams based on IPv4/IPv6 multicast address t able. The Multi cast T able function is imple mented on th e IPv4 M [...]
-
Página 147
8.3.2 IPv6 Multicast Ta b l e Th is page d isp lays the mu lticast group s which alre ady on the switch. Choose the menu Multicast→ M ulticast T able → IPv6 Multicast T able to load the follow ing page. The follow ing entries are disp layed on t his screen: Search Opti on Multicas t IP : Enter the multic ast IP address the desired e ntry mu[...]
-
Página 148
Chapter 9 QoS QoS (Qua lity of Service) functions to prov ide dif ferent qua lity of service for various netwo rk appli catio ns and requ irement s and opti mize the ban dwidth re source dist ribution so as t o prov ide a networ k service experi ence of a better qu ality . QoS This switch cla ssifies the ingres s pac kets, ma ps the pac kets to[...]
-
Página 149
2. 802.1P Priority Figure 9-2 8 02.1Q f rame As shown in the f igure abov e, each 802.1Q T ag has a Pri field, co mprising 3 bit s. The 3 - b it pr iorit y field is 802.1 p priority in the range o f 0 to 7. 802.1P priority deter mines the prior ity of the pac kets based on the Pri v alue. On the We b management page of the sw itch, you can conf igu[...]
-
Página 150
Figure 9-4 SP - Mode 2. W RR - Mode: Weight Round Robin Mode. In this mode, p ackets in all the que ues are sent in orde r based o n the we ight value for each queue and every queue can be as sured of a cert ai n service ti me. The we ight value indic ates the oc cupied proport ion of the res ource. W RR queue overcomes t he disadv ant age of SP qu[...]
-
Página 151
The QoS module is mainl y for traf fic contro l and priority configurat ion, includi ng three sub menus: DiffServ , Ban dwidth Contr ol and V oice VLAN . 9.1 DiffServ This switch cla ssifies the ingres s pac kets, ma ps the pac kets to dif ferent priority queues and t hen forwards the packet s acco rding to spec ified scheduling algorithms t o impl[...]
-
Página 152
Config uration Proc edure: Step Ope ration Description 1 Select the port priority Required. On QoS → DiffSe rv → Port Pri ority page , configure t he port prior ity . 2 Configur e the mapping relation b etween the CoS priority and TC Required. On QoS → DiffServ → 802.1P/CoS m apping page, configure the mapp ing relation betw een the CoS and[...]
-
Página 153
The follow ing entries are disp layed on t his screen: DSCP Priority Con fig DSCP Priority: Select En able or Disabl e DSCP Priority . Priority L evel DSCP: Indicates t he priorit y determine d by the DS region of IP dat agra m. It ranges fro m 0 to 63. Priority: Indicates t he 802.1P priority the pac kets with t ag ar e mapped t o. The pri[...]
-
Página 154
The follow ing entries are disp layed on t his screen: Priority and CoS - m appi ng Confi g Ta g - id/Cos - id : Indicates the prece dence level defined by I EEE802.1P and the CoS I D. Que ue TC - id : Indicates t he priority level of egres s queue the p ackets with t ag and CoS - id are mappe d to. The pr iority levels of egr ess queue are lab[...]
-
Página 155
SP+W RR - Mode: St r i c t - Prior ity + We ight Round Rob in Mode. In t his mode, this sw itch provides tw o schedul ing group s, SP group an d WRR gro up. Queues in SP group an d WRR group ar e scheduled str ictly based on strict- priority mode while the queues inside W RR group fol low the WRR mode. In SP+ WRR mode, TC3 is in the SP g roup; TC0,[...]
-
Página 156
The follow ing entries are disp layed on t his screen: Rate Limit Config Port Select : Click t he Se lect but ton to quick - select th e corres ponding por t based on the port number you entered. Select: Select the desire d port for Rat e configurat ion. It is mult i - optional. Po rt: Disp lays the port nu mber of the swi tch . Ingress R ate ([...]
-
Página 157
Choose the menu QoS → Bandw i d th Contro l → Stor m Contr ol to l oad the follow ing pa ge. Figure 9- 11 S torm Control The follow ing entries are disp layed on t his screen: St orm Contr ol Co nfig Port Select : Click t he Select butt on to quick - select th e corre sponding p ort based on the port number you entered. Select: Select the d[...]
-
Página 158
9.3 V oice VL A N Vo ice VLANs are con figured spe cially for v oice data stream. By con figuring V oice VLANs and adding the p orts wit h voice dev ices atta ched to voice VL ANs, you can per form Qo S - related configurat ion for voice dat a, ensuring the trans mission prior ity of voice dat a stream and v oice quality . OUI Address (O rganiz[...]
-
Página 159
Port V oice VLA N Mode V oice Stream T ype Link ty pe of the port and pr ocessin g mode Automat ic Mode T AG vo ice str eam ACCE SS: Not supported. TRUNK: Supported. T he defau lt VLAN of the por t cann ot be voi ce V LAN. GENERA L: Supporte d. The defa ult VLAN o f the port cannot be voice V LAN and th e egress ru le of the a ccess por t in the vo[...]
-
Página 160
No te: Do not trans mit voice stream toget her with ot her business pac kets in the v oice VLAN except for some speci al require ments. The V oice VLA N function can be implement ed on Gl obal Confi g, Port C onfi g and OUI Config page s. 9.3.1 Global Confi g On this pa ge, you can co nfigure the g lobal p aramete rs of the voice VLAN, includi ng V[...]
-
Página 161
Choose the menu QoS → V o ice V LAN → Por t Conf ig to load the following pa ge. Figure 9- 13 Por t Config No te: T o enable v oice VLAN fun ction for the L AG mem ber port, please ensure it s member st ate a ccords with its por t mode. If a port is a member port of voice VLA N, changing its port mode t o be “Auto” w ill make the port leave[...]
-
Página 162
Se curit y Mod e: Configur e the security mode for forwar ding pac kets. Disable: All packet s are fo rwarded. Enabl e: Only v oice data are forw arded. Member St ate: Disp lays the st ate of the port in the c urrent voice VLAN. L AG : Display s the LAG number which the p ort belongs to. 9.3.3 OUI Confi g The switch sup ports O UI creatio n[...]
-
Página 163
Descrip tion: Display s the descripti on of the O UI. Config uration Pr ocedu re of V oice VLAN : Step Ope ration Description 1 Configur e the link type of the por t Required. On VLA N→802.1 Q VLA N→Port Confi g page , configure t he link type of por ts of the v oice device. 2 Create VLAN Req uired. On VLA N→802.1Q VLA N→Port Confi g page ,[...]
-
Página 164
Chapter 10 PoE No te: Onl y TL - SG3424P su pport s PoE f unct ion. PoE (Power ov er Ethernet ) technology describes a sy stem to transmit electr ical power al ong with data t o remote devic es over standard tw isted - p air cable in a n Ethernet net work. It is especially useful for su pplying pow er to IP telephones, w ireless LAN acce ss point s[...]
-
Página 165
PoE Con fig, mainly f or PoE attri butes con figuratio n , i s impl emen ted on PoE Config and PoE Tim e - R ange ages. 10.1.1 PoE Config On this pa ge, you can co nfigure the p arameters to imple ment PoE funct ion. Choose the menu PoE → Po E Config → PoE C onfig to load the foll owing pa ge . Figure 10 - 1 PoE Conf ig The following item s are[...]
-
Página 166
Port : Displays the port number . PoE S ta tus : Select to disab le/enable the Po E feature for the corr espondin g port. If set enable, the correspo nding port ca n supply pow er to the linked PD ( Powered Devi ce). PoE Priority : The priority levels includ e High, Middle an d Low in descend ing order . W hen the su pply pow er exceeds the sy stem[...]
-
Página 167
The following item s are d isplayed on t his screen: Create PoE Pr ofile Profile Name: Enter the nam e of the profile . PoE S ta tus : Select to the enabl e/disable P oE feature for t he co rrespond ing port. If set enable, the port may supply power t o the linked PD (Power Dev ice). PoE Priority : The priority levels includ e High, Middle and [...]
-
Página 168
The following item s are di splayed on this scr een: Tim e - Range T able Select: Select the desir ed entry to delete the corresp onding time - range. Index : Displays t he index of the ti me - range. Tim e - R ange N ame: D isp lays the na me of the time - ran ge. Slice: Displays the t ime - slice of t he time - range. Mode : Display s the mod[...]
-
Página 169
W eek: Sele ct W eek to co nfigure wee k time - range. T he port bas ed on this time - range will sup ply pow er based on this time - range when the system time is within the week tim e - range . Create T ime - Slice St art Time: Set t he start time of the time - slice. En d Ti me : Set the end time of th e time - slice. Tim e - Slic e T ab[...]
-
Página 170
Holiday Name: Disp lays the name o f the holiday . St art Date: Display s the star t date of the ho liday . End Date: Disp lays the end date o f the holiday . Return to CONTEN TS 160[...]
-
Página 171
Chapter 11 ACL ACL (Access C ontrol List) is used t o filter packet s by configuring match rules and proc ess policie s of pac kets in order to control the access of the il legal users to t he networ k. Besides, ACL functions to control tr affic flows and sav e network resource s. It prov ides a flexible and secured acce ss control pol icy and faci[...]
-
Página 172
11.1.2 Ti me - Range Cr eate On this pa ge you can cre ate time - ranges . Choose the menu AC L → Time - Ran ge → Tim e - Range Create t o load the follo wing page. Figure 11 -2 Ti m e - Range Create No te: T o success fully configure t ime - ran ges, please f irstly specify time - slices an d then time - ran ges. The following entri es ar e di[...]
-
Página 173
En d Ti me : Displays the end t ime of the t ime - slic e. Delete: Cl ick the Delete button to del ete the corres ponding ti me - sli ce. 11.1.3 Holida y Confi g Holiday m ode is app lied as a dif ferent se cured acc ess contro l policy fro m the w eek mode. On this page y ou can define ho lidays ac cording to your work arrange ment. Choose the men[...]
-
Página 174
11.2.1 ACL Summar y On this pa ge, you can v iew the cur rent ACLs config ured in the s wit ch . Choose the menu AC L → A CL Config → A C L Summary to load the followi ng page. Figure 11 -4 ACL Summar y The follow ing entries are disp layed on t his screen: Search Opti on Select A CL: Select the ACL you have c reated A C L Ty p e : Displays[...]
-
Página 175
11.2.3 M AC ACL MAC ACLs a nalyz e and process pac kets bas ed on a serie s of match condit ions, w hich can be t he source MA C addresses , destinatio n MAC addres ses, VL AN ID, and Ether T ype carried in t he packe ts. Choose the me nu ACL → A CL Config →M AC AC L to load the foll owing pa ge. Fi gure 11 -6 Create M AC Rule The follow ing en[...]
-
Página 176
11.2.4 S tandard - IP A CL S tandard - IP ACL s analyz e and process data p acket s based on a ser ies of match conditio ns, whic h can be the sour ce IP ad dresses a nd destinatio n IP addresses car ried in the p ackets. Choose the menu AC L → A CL Config → St andard - IP ACL to load the follow ing pag e. Fi gure 11 -7 Create S tanda rd - IP R[...]
-
Página 177
Choose the menu AC L → A CL Config →Ex tend - IP AC L to load the following page. Fi gure 11 -8 Create Exten d - IP Rule The follow ing entries are disp layed on t his screen: Create Exte nd - IP AC L A CL I D: Select the des ired Exten d - IP ACL for configur ation. Rule I D: Enter t he rule ID. Ope ration: S ele ct t he oper ation for t h[...]
-
Página 178
I P To S : Enter the I P - T oS cont ained in the r ule. IP P re : Enter the IP Precedence c ontained in the rule. Tim e - R ange: S elect the tim e - range for the rule to t ake ef fect. 11.3 Poli cy Confi g A Policy is use d to cont rol the dat a pac kets th ose match the cor respondi ng ACL rules by configuri ng ACLs and actions toget her for ef[...]
-
Página 179
Choose the menu AC L → Policy Config →Policy Create to load the f ollowing page. Figure 11 - 10 Create Policy The follow ing entries are disp layed on t his screen: Create Poli cy Polic y Name: Enter the na me of the poli cy . 11.3.3 A ct ion Creat e On this pa ge you can a dd ACLs and create corr esponding act ions for the po licy . Choose[...]
-
Página 180
S- Condi tion: Sel ect S - Conditio n to limit t he transmissi on rate of t he dat a pac kets in the policy . Rate: S pecify the forward ing rate o f the dat a p acket s those match the corresp onding ACL. Out of Ba nd: S peci fy the disposa l way of the data packet s those are trans mitted beyond t he rate. Redirect : Select Redirect to ch[...]
-
Página 181
Index : Displays t he index of the bin ding policy . Policy Name: Display s the name of the binding policy . Interface: Displays t he port number or VLAN ID bound t o the policy . Dir ection: D isp lays the bindi ng direction. 11.4.2 Port Bindi ng On this pa ge you can b ind a policy to a por t. Choose the menu AC L → Policy Binding →Port Bindi[...]
-
Página 182
Choose the menu AC L → Policy Binding → V L AN Binding to load the follow ing pag e. Fi gure 11 - 14 Bind the policy to the VLAN The follow ing entries are disp layed on t his screen: V L AN - Bind Co nfig Policy Name: Select the nam e of the policy y ou want to bind. VLA N ID: Ent er the ID of the VL AN you w ant to bind. V L AN - Bind[...]
-
Página 183
3. The staf f of the m ar keting dep artment can acce ss to the Internet all day but cann ot visit th e forum durin g the working t ime. 4. The R & D dep artment and marketin g depar tment canno t com municate with eac h other . Network Di agram Confi gurati on Proced ure Step Ope ration De scription 1 Conf igure Ti me - range On AC L ?[...]
-
Página 184
Step Ope ration De scription 3 Configur e for require ment 2 and 4 On AC L →ACL Config →A CL Creat e p age, create ACL 100. On AC L →A CL Confi g→S t andar d - I P AC L page, select ACL 100, create Rul e 1, configur e operation a s Deny , configure S -I P as 10.10 .70.1 a nd mask as 255.25 5.255.0, con figure D - IP as 10.10 .50.1 and mask [...]
-
Página 185
Chapter 12 Network Security Networ k Security mo dule is to prov ide the mu ltiple protect ion measur es for the net work secur ity , in cludi ng f our subme nus: IP - MA C Bindi ng , A RP I nspecti on , DoS Def end and 802.1X . Ple ase configure t he function s appropriat e to your need. 12.1 IP- M A C Bi nding The IP - MA C Binding function allow[...]
-
Página 186
The following entries are displayed on t his screen: Search Opti on Sou rce: Select a Source from th e pull - down list and c lick the Searc h button to v iew your desire d entry in the Bin ding T able. • All : All the boun d entries will be di splayed. • Manu al: Only the manually added e ntries will be displayed. • Scanni ng: Only the e[...]
-
Página 187
2. Among t he conflicting entr ies with the sa me Source priority , only the last added or edited o ne will t ake ef fect . 12.1.2 Manual Bi nding Y ou can manually bind the I P address, MAC address, VLAN I D and the Port number t ogether in the conditio n that you hav e got the relate d informat ion of the Host s in the LA N. Choose the menu Netwo[...]
-
Página 188
Protect T ype: Displays the Protect T ype of the entry . Collis ion: Displays the Collision st atus of the entry . • W arning: Indicates t hat the coll ision may be caused by the MSTP function. • Critical: Indicates t hat the entry has a collisio n with the other entries. 12.1.3 ARP Scanning ARP (Address Re solution Protocol) i s used to analy [...]
-
Página 189
Figure 12 - 4 AR P Scanni ng The following entries are displayed on t his screen: Scanni ng Opti on St art IP A ddre ss: S pecify the S tart I P A ddre ss. End IP A ddress: S pecify the End IP Address. VLA N ID: Enter the VLAN ID. If blank, the swit ch will s end the unt agged pac kets for scan ning. Sc an: Click the Scan button to scan the H o[...]
-
Página 190
networ k configuration prot ocol optimized an d developed bas ed on the BOOTP , functions to solv e the above ment ioned prob lems. DHCP W ork ing Principle DHCP works via t he “Client /Server” co mmunicatio n mode. The Client appli es to the Serv er for configurat ion. The Serv er assigns t he configur ation infor mation, such as t he IP a[...]
-
Página 191
The most Cl ients obt ain th e IP addr esses dyna mically , which is illustrated in t he following figure. Figure 12 - 6 Interact ion betw een a DHCP cl ient and a D HCP ser ver ( 1 ) DHCP - DISC OVER Stage: The Client broad casts t he DHC P - DISC OVER packet t o fi nd t he DHCP Server . ( 2 ) DHCP - OFFE R Stage: Upon r eceiving the DHC P[...]
-
Página 192
supported O ption 82 also can set the distributi on policy of IP addresses and the other paramet ers accordin g to the Option 8 2, providing mor e flexible addr ess distr ibution way . Option 82 ca n cont ain 255 su b - options at most. If Opt ion 82 is de fined, at least a sub - op tion should be de fined. Th is swi tch supports tw o sub - optio n[...]
-
Página 193
DHCP Snooping feat ure prev ents the netw ork from the DHCP Server Che ating Att ack by discarding t he DHCP pac kets on the distrusted p ort, so as to enh ance the netw ork security . Choose the menu Netwo rk Security → IP - MAC Bin ding → DH CP S noopin g to load the follow ing page . Figure 12 - 8 DHCP Snooping No te: If you want to enable t[...]
-
Página 194
The following entries are displayed on t his screen: DHCP Snoo ping Config DHCP Snoo ping: Enable/D isable the D HCP Snooping functi on globall y . Global Flow Control : Select the v alue to spe cify the maxi mum amount of D HCP messages t hat c an be forw arded by the sw itch per second. Th e excessive massages will be discarded. Decline T hre[...]
-
Página 195
Decline Pr otect: Select Enab le/Disab le the Decline Prot ect featur e. L AG : Displays the LAG to which the port belo ngs to. 12.2 ARP Inspec tion According t o the ARP I mplement ation Proc edure st ated i n 12.1.3 ARP Sca nning , it can be foun d that ARP protocol ca n facilitate the Hosts in the same net work segme nt to communi cate with one [...]
-
Página 196
Figure 12 - 10 AR P A tta ck – Cheating G ateway As the abov e figure sh own, the at tac ker sends the fake ARP pac kets o f Host A to the Gateway , and then the Gat eway will autom atically update its ARP tab le after receiving t he ARP p acket s. When the Gatew ay tries to commun icate with Host A in LA N, it will encapsu late this fals e desti[...]
-
Página 197
Figure 12 - 11 AR P At tack – Cheat ing T erminal Hosts As the abov e figure show n, the att acker se nds the fa ke ARP pac kets o f Host A to Host B, and then Host B will auto matically update its ARP tab le after receiving the A RP pa ckets. W hen Host B tries to commun icate with Hos t A, it will encaps ulate this false de stination M AC addre[...]
-
Página 198
Figure 12 - 12 Man - In - The - Middl e At tack Suppose t here are three Hosts in L AN connected with one another through a switch. Host A: IP address is 192. 168.0.10 1; MAC addr ess is 00 - 00 - 00 - 11 - 11 - 11 . Host B: IP address i s 192.168.0.10 2; MAC addr ess is 00 - 00 - 00 - 22 - 22 - 22. Attac ker: IP address is 19 2.168.0.10 3; MAC add[...]
-
Página 199
The IP - MA C Binding function a llows the sw itch to bind the IP addre ss, MAC a ddress, VL AN ID and the conn ected Port number of t he Host toget her when t he Host conne cts to the switch. Bas ed on the prede fined IP - M AC Binding entries, the ARP Inspect ion functi ons to det ect the ARP p acket s and filter t he illegal ARP pac ket so as to[...]
-
Página 200
Configuration Proce dure: Step Ope ration Description 1 Bind the IP addr ess, MAC address, VLAN ID and t he connected Port nu mber of the Host toget her . Required. On the IP - MAC B inding page, bind the IP address, MAC address, VLA N ID and the connected Port number of the Host together via Manual Bind ing, ARP Scanning or D HCP Snooping. 2 Enabl[...]
-
Página 201
The following entries are displayed on t his screen: A RP Defend Port Select : Cli ck the Select butt on to quick - select the c orrespon ding port based on the port number you entered. Select: Sel ect y our desired port for configuration. I t is multi - optional. Po rt: Displays the port number . De fend: Select Enab le/Disab le the ARP Def en[...]
-
Página 202
Choose the menu Network Security → A RP Ins pection →A RP St atistics to load the follow ing page . Figure 12 - 15 ARP S tatist ics The following entries are displayed on t his screen: Auto Refresh Auto Refresh: Enable/D isable the Auto Refresh featur e. Ref resh Interval: S peci fy the refresh int erval to disp lay the ARP S tatist ics. ?[...]
-
Página 203
DoS A tt ack T y pe De scription Land Att ack T he attacker se nds a specifi c fake SY N packet to the destin ation Host. Since both the source I P add ress and th e destinati on IP address of the SYN packet are set t o be the IP address of the Host, the Host will be trapped in an endless cir cle for buildin g the initial conn ection. The per forma[...]
-
Página 204
Choose the menu Networ k Security → D oS Defe nd → DoS D efen d to load the following p age. Figure 12 - 16 DoS Def end The following entries are displayed on t his screen: Con fig ure DoS Defend: Enable/D isable DoS D efend functi on. Defend T able Select: Select the ent ry to enable t he correspond ing Defend T ype. Defend T ype : Dis[...]
-
Página 205
Archi tecture of 802.1 X Authent ication 802.1X adopt s a client/serv er architecture w ith three entities: a supplicant sy stem, an authent icator syste m, and an authent ication serv er system, as show n in the f ollowing figur e. Figure 12 - 17 Architecture of 802.1X aut henticati on ( 1 ) S upplicant System: The supplic ant system is an[...]
-
Página 206
802.1 X A uthenticat ion Proce dure An 802.1X authenticat ion can b e initiated by supplic ant system or authentic ator syst em. When th e authent icator system det ects an un authenticate d supplicant in L AN, it will initiat e the 802.1X authent ication by sending EAP - Req uest/Identit y pac kets to t he supplicant. The supplicant system can[...]
-
Página 207
4. Upon rec eiving the user n ame from the switch, th e RADI US server retrieves t he user na me, finds the corres ponding p assword by matching t he user name in its dat abas e, encrypt s the passw ord using a rando mly - generate d key , and sends the key t o the switch through an RADI US Acc ess - Cha llenge pac ket. The sw itch then sends the k[...]
-
Página 208
further aut hentication. Whereas the r andomly - generated key i n EAP - M D5 relay mode is generat ed by the aut henticat ion serv er , and the switc h is respons ible to en capsu late the aut henticat ion pac ket and forward it t o the RADIUS s erver . 802.1X T imer In 802.1 x authentic ation, t he following t imers ar e used to ensure that t[...]
-
Página 209
Choose the menu Networ k Security → 802.1X → Global Con fig to load the following p age. Figure 12 - 20 Glob al C onfig The following entries are displayed on t his screen: Global Co nfig 802.1X : Enable/D isable the 802. 1X function. Aut henticati on Meth od: Select the Authenticatio n Method fro m the pull - dow n list. • E AP - MD5: IE[...]
-
Página 210
Quiet Pe riod: S pecify a value for Qui et Period. Once t he supplicant fai led to the 802.1X Authe ntication, then the switc h will not respond t o the authe ntication r equest fr om the sa me supplicant dur ing the Qu iet Period. Retry T imes: S pecify the max imum trans fer times o f the repeated authent ication request . Suppli cant T imeo ut: [...]
-
Página 211
Po rt: Displays the port number . S ta t u s : Select Enabl e/Disable th e 802.1X authent ication featur e for the port. Guest VLA N: Sel ect E nabl e/Di sab le the Guest VL AN feature for t he port. Control Mode: S pecify the Contro l Mode for the port . • A uto: In this mode, the port will nor mally work only af ter pass ing the 802.1X Authenti[...]
-
Página 212
The following entries are displayed on t his screen: Aut henticati on Config Primary IP: Enter the IP addre ss of the authent ication serv e r. Secondary IP: Enter the IP addre ss of the alternate a uthenticat ion serv er . Aut henticati on Port: Set the UDP port of auth entication serv er(s). The def ault port is 1812 Key Modify : Select to [...]
-
Página 213
Step Ope ration Description 5 C onf igure the 802.1X for the port. Required. On the Netwo rk Sec uri ty → 802.1 X → Po rt Confi g page, configure the 802. 1X feature for t he port of the switch ba sed on the a ctual netw ork. Return to CONTEN TS 203[...]
-
Página 214
Chapter 13 SNMP SNM P Overvie w SNMP (Simple Network M anagement Prot ocol) has gai ned the most ex tensiv e application on th e UDP/IP networ ks. SNMP provides a manage ment frame to monitor a nd mainta in the netw ork devices. It is used for aut omatically managing the v arious networ k devices no matter the physica l dif ferences of the d ev[...]
-
Página 215
SN MP v1: SNM P v1 adopt s Commun ity Name aut henticatio n. The co mmunity name is used to define the r elation betw een SNMP Mana gement S tation and SN MP A gent. The SNMP pac kets failing to p ass commun ity name authent ication ar e discarded. Th e community name can limit access to SN MP Agent from SNM P NMS, functionin g as a pas sword. SNMP[...]
-
Página 216
3. Create SNM P User The User con figured in a n SNMP Gro up can m anage the switc h via the client progra m on manage ment st ation. The specif ied User Name and the Auth/ Privacy Password are used for SNMP Manage ment S tation t o access the S NMP Agent, functionin g as the p assword. SNMP module is used to c onfigure the S NMP funct ion of the s[...]
-
Página 217
No te: The amount o f Engine ID characters m ust be even. 13.1.2 S NM P Vi ew The OID (O bject Ide ntifier) of the SNMP p ackets is used to des cribe the m anaged object s of the switch, and t he MIB (Manageme nt Information Ba se) is the set of t he OIDs. The SNMP View is created for t he SNMP ma nagement st ation to mana ge MIB objects. Choose th[...]
-
Página 218
13.1.3 SNMP Group On this p age, y ou can configur e SNMP Grou p to control the net work acce ss by prov iding the user s in various gr oups w ith diff erent manage ment right s via the Read V iew , Write V iew and Not ify V iew . Choose the menu SNMP → SNM P C on fi g →SN M P G ro up to load t he followin g page. Figure 13 - 5 SNMP Group The f[...]
-
Página 219
Re ad View: Select the V iew t o be the Read V iew . The manage ment a ccess is restricted t o read - only , and cha nges cannot be made to the assigned S NMP V iew . Write Vie w: Select the View t o be the Write Vi ew . The mana gement acc ess is writing only and changes can be made to t he assigned SNM P View . The V iew def ined both as t he Rea[...]
-
Página 220
Choose the menu SNMP → SNM P C on fi g →SNMP User to l oad the foll owing pag e. Figure 13 - 6 SN MP U se r The following entries are displayed on t his screen: User Config User Name: Enter the User Name here . User T y pe: Select the t ype for the U s e r. • Local User: Indicates tha t the user is co nnected to a local SNMP engine. • R[...]
-
Página 221
Privacy Password : Enter the Pr ivacy Passwo rd. User T able Select: Select the d esired entry to delete t he correspo nding User . It is mul ti - op tion al. User Name: Displays the name of the User . User T y pe: Displays the User T ype. Gro up N ame: Displays the Group Na me of the User . Se curit y Mod el: Displays the Security Model of the[...]
-
Página 222
Access: Def ines the a ccess rights of the commun ity. • read - onl y: Management right of the Com munity is restricted t o read - on ly, and change s cannot be made to the correspond ing View. • read - write: Manage ment right of t he Community is read - write a nd chan ges can be made to the c orrespond ing View. M IB Vi ew : Select the MI B [...]
-
Página 223
If SNMPv1 or SNMPv2c is employed, p lease ta ke the follow ing steps: Step Ope ration Description 1 Enabl e SNMP f unction glo bally . Required. On the SNMP → SNM P Co nf ig →Global Confi g page, enable SNMP funct ion global ly . 2 Create SNM P Vi ew . Required. On the SNMP → SNM P C on fi g →S NMP View page, create SNM P V iew of the m[...]
-
Página 224
Cho ose the menu SNMP → N otific ation → Notification to lo ad the followi ng page. Figure 13 - 8 Notificat ion Config The following entries are displayed on t his screen: Create Not ification IP M ode : Select the IP Mode . IP Address : Enter the IP Address o f the manageme nt Host. UDP Port: Enter the nu mber of the UDP port used to send [...]
-
Página 225
Notific ation T a ble Select: Select the des ired ent ry to delete the correspon ding manage ment st ation. IP Address : Displays the IP Address of the manage ment host. IP M o de: Displays the IP Mode of the manag ement host. UDP Port: Displays the UDP por t used to send n otificatio ns. User: Displays the User name o f the manage ment stat io[...]
-
Página 226
RM ON Gro up Func tion Alarm Group Alarm Gr oup is confi gured t o monitor the sp ecific ala rm variabl es. When the value of a monitor ed variab le exceeds the thresh old, an alarm ev ent is generated, which triggers the switch t o act in the set w ay . The RMO N Groups can b e configured on the Hi story C ontrol , Event Config and Alarm Config pa[...]
-
Página 227
Choose the menu SNMP → RM ON → Event Config to load the fo llowing page. Figure 13 - 10 Event C onfig The following entries are displayed on t his screen: Event T able Select: Select the des ired entry for configurat ion. Index : Displays the index numbe r of the entry . User: Enter the name of the User or t he commu nity to which th e even[...]
-
Página 228
Choose the menu SNMP → RM ON → Alarm Config to load the following pag e. Figure 13 - 11 Alar m Conf ig The following entries are displayed on t his screen: Alarm T able Select: Select the des ired entry for configurat ion. Index : Displays the index numbe r of the entry . V ar iable: Select the al arm variab les f ro m the pull -d own li st[...]
-
Página 229
• Falling: When the sam pled value is und er the Falli ng Thresho ld, an alarm ev ent is triggered. Interval: Enter the alar m interval ti me in secon ds. Ow ner: Enter the na me of the device or user that def ined the ent ry . S ta t u s : Select Enab le/Disab le the correspo nding alar m entry . No te: W hen alarm v ariables exceed the Thres ho[...]
-
Página 230
Chapter 14 Cluster With the dev elopment of n etwork techno logy , the netw ork scale is getti ng larger and m ore networ k devices are re quired, whic h may result in a mor e complicated n etwor k management s ystem. As a large number of dev ices need t o be assigned dif ferent network addresse s and every management device need s to be res pectiv[...]
-
Página 231
The current switch you cr eate cluster is specified a s the commander switch. The command er switch d iscovers and det ermines cand idate switc hes by collect ing related informati on. After being added to t he cluster , the candidate sw itch becom es to be the mem ber switch, After being remov ed from the clu ster , the me mber swi[...]
-
Página 232
Choose the menu Cluster → NDP → Neigh bor Inf o to load the fo llowing p age. Figure 14 - 2 Neighbor I nformat ion The follow ing entries are disp layed on t his screen: Ne ighbor Search Opti on: Se lect the informat ion the desire d entry should co ntain and then click the Sea rch button to display the desired entry in the following Neighb[...]
-
Página 233
Choose the menu Cluster → NDP → NDP Summary to load the followin g page. Figure 14 - 3 ND P Sum m ary The follow ing entries are disp layed on t his screen: Global Co nfig NDP: Displays the global NDP status (en abled or disabled) for the switch. Agi ng Ti me: Displays the period for the neighb or switch to keep the N DP packe ts fr om thi [...]
-
Página 234
Det ail : Click the Det ail button to v iew t he complete in formation co llected for the port. 14.1.3 NDP Confi g On this pa ge you can c onfigure the NDP f unction for the switch. Choose the menu Cluster → NDP → NDP Config to l oad the follow ing page. Figure 14 - 4 NDP Con f ig The follow ing entries are disp layed on t his screen: Glo[...]
-
Página 235
Dis ab le: Click the Disable button to disa ble NDP for the port you select. No te: 1. NDP function is effectiv e only w hen NDP function is enab led globa lly and for the port . 2. The aging t ime should be set over the hello time val ue; otherwise this settin g will be inv alid and w ill not take effect. 14.2 NTDP NTDP ( Neighbor T opology Discov[...]
-
Página 236
Ro le: Displays the r ole this devic e plays in the clust er . Command er: Indicat es the device t hat can con figure and manage all t he devices in a clust er . Me mber: Indicates the d ev ice that is managed in a cluster . Candidate: Indicates the device that do es not belo ng to any cluster tho ugh it can be added t o a cluster . [...]
-
Página 237
Choose the menu Cluster → NTDP → NTDP Summa ry to load the following page. Figure 14 - 7 NTDP S ummary The follow ing entries are disp layed on t his screen: Global Co nfig NTDP: Displays the NTDP statu s (enable d or disabled) of the switch globally . NTDP Interval Time: Displays t he interval to co llect topo logy informat ion. NTDP Hop s[...]
-
Página 238
14.2.3 NTDP Confi g On this pa ge you can c onfigure NT DP global ly . Choose the menu Cluster → NTDP → NTDP Confi g to load the followin g page. Figure 14 - 8 NTDP Config The follow ing entries are disp layed on t his screen: Global Co nfig NTDP: Select Enab le/Disable N TDP for the switch glob ally . NTDP Interval T ime: Enter the interva[...]
-
Página 239
Select: Select the desire d port for NT DP st atus con figuratio n. Po rt: Disp lays the port nu mber of the switc h. NTDP: Disp lays NTDP stat us (enabled or di sabled) of the c urrent port . Ena ble: C lic k the Enab le button to enable NTDP fea ture fo r the port y ou select. Dis able: Click the Disable button to disab le NTDP fe ature for t he [...]
-
Página 240
For a memb er switch, the following p age is disp layed: Figure 14 - 10 Cluster Summary for Member Switch The follow ing entries a re display ed on t his screen: Global Co nfig Cluster: Displays the clust er st atus (enabl ed or disabled) of the switch. Cluster R ole: Display s the role the switc h plays in the cluster . Clus te r Nam e: Di[...]
-
Página 241
Choose the menu Cluster → Cluster → Cluster Config to load the following pa ge. For a candidat e switch, the following p age is disp layed. Figure 14 - 12 Cluster Co nfiguration for Candid ate Switch The follow ing entries are disp layed on t his screen: Current Role Ro le: Displays the r ole the curre nt switch plays i n the cluster . [...]
-
Página 242
For an indiv idual switch, t he followi ng page is dis play ed. Figure 14 - 14 Cluster Co nfiguration for Indivi dual Switch The follow ing entries a re display ed on t his screen: Current Role Ro le: Displays the r ole the curre nt switch plays i n the cluster . Ro le Cha nge Can dida te: Select this opt ion to chan ge th e role of t h[...]
-
Página 243
Network Di agram Figure 14 - 15 Netw ork diagra m Confi gurati on Proced ure Configur e the member switch Step Ope ration Description 1 Enable NDP function on t he switch and for por t 1 On Cluster →NDP→NDP Co nfig page, enable NDP fu ncti on. 2 Enable NTDP funct ion on the switch and for por t 1 On C lust er →NTDP→NTDP C onfig [...]
-
Página 244
Step Ope ration Description 4 Conf igure the me mber switc h On Cluster → Cluster→Member C onfig page, select the member sw itch and cl ick the Manag e button to log on to its W eb managemen t page. Or On Cluster → Cluste r→Clu ster T opology page, double - cli ck the switch icon to view its det ail ed informati on; clic k the switch i con [...]
-
Página 245
Chapter 15 LLDP No te: Onl y TL - SG3424P su pport s LLDP function. LLDP (Link Layer Discovery Protocol) is a Layer 2 protocol that is us ed for networ k devices to advertise t heir own dev ice infor mation perio dically to nei ghbors on th e same IEEE 802 local area networ k. The advertised infor mation, includi ng det ails such as device identi f[...]
-
Página 246
or to allow t he port t o both trans mit and r eceive LL DPDUs. Four LL DP admin stat uses are supported by each port. Tx&Rx: t he port can both t ransmit and rec eive LLDP DUs. Rx_Only : the port can r eceive LL DPDUs only . Tx_On ly: the port c an transmit LLDP DUs only . Disable: the port cannot transmit or receive LLD PDUs. [...]
-
Página 247
The follow ing tabl e shows the det ails about the current ly defined TL Vs. T LV t y p e T LV N a m e Descr iption Usage in LLDPDU 0 End of LLDP DU Mark the end o f the TL V sequence in LL DPDUs. Any infor mation follow ing an End Of LL DPDU TL V shall be ignored. Mandatory 1 Ch assi s ID Identifies the Chassis address o f the connec ted device. M[...]
-
Página 248
No te: For deta iled introdu ction of TL V , please refer to I EEE 802.1 AB stand ard and ANSI/T IA - 105 7 . In TP - L INK switch , the f ollowing L LDP opt ional TL Vs are supported. T LV Ty pe Description Port Description TLV The Port Descr iption TLV allow s network man agement to advertise t he IEEE 802 L AN station's port descript ion. S[...]
-
Página 249
The LLDP modu le is main ly for LLDP fun ction con figuration o f the swit ch, includi ng three submenus: Basic Confi g , Device Info , Device St atistics and LLDP - MED . 15.1 Basic Conf ig LLDP is configured o n the Globa l Config and Port Config pa ges. 15.1.1 Global Confi g On this pa ge you can c onfigure the L LDP p ara meters of the dev ice [...]
-
Página 250
Fast St art Ti me s : W hen th e port's LL DP st ate t ransforms fro m Disable (or Rx_On ly) to Tx&Rx (or Tx_Only ), the fast st art mechan ism wi ll be enabled, that is, the t ransmit interv al will be shorten to a second, and several LL DPDUs will b e sent out (the nu mber of LL DPDUs equals this p aramet er). The default v alue is 3. 15[...]
-
Página 251
15.2 De vice Info Y ou can view the LL DP infor mation o f the local dev ice and its neighbor s on the Loc al Info and Neighb or Info pages r espectively . 15.2.1 Local I nfo On this pa ge you can s ee all port s' config uration and sy stem informat ion. Choose the menu LLDP → Devi ce Info → Loca l Info to load the fo llowing pa ge. Figure[...]
-
Página 252
Refr es h Ra te: S pecify the auto refresh r ate. Local Info Enter the des ired port number and click Select to display t he information of th e correspond ing port. 15.2.2 Neighbor I nfo On this pa ge you can g et the inform ation of the neig hbors. Choose the menu LLDP → Devi ce Info → Neighbo r Info to load the follow ing page. Figure 15[...]
-
Página 253
Choose the menu LLDP → Devi ce St atisti cs → Stat i s tic Info to load the follow ing page. Figure 15 -5 LLDP S tatistic Inform ation The following entries are displayed on t his screen : Auto Refresh Auto Refresh: Enable/Disab le the auto refres h function. Refresh Ra te: S peci fy the auto refre sh rate. Global Statistics Last Up dat[...]
-
Página 254
Neighbor S t atistics Port Select : Click the Select button to quick - select the corr esponding por t based on the port number you entered. Po rt: Disp lays local devic e's port number . T ransmit T otal: Di splays the nu mber of LLDPD Us sent by t his port. Receiv e T ot al: Dis plays the nu mber of LLDPD Us received by this port. Discar[...]
-
Página 255
TLV Ty pe Func tion Locati on Ident ificat ion TLV The Locati on Identific ation TLV prov ides for adv ertisement of location ide ntifier infor mation to Co mmunicatio n Endpoint Devices, bas ed on configur ation of the Networ k Connectivity Device it's connecte d to. Y ou can set the Locatio n Identificat ion content in Location Ident ificat [...]
-
Página 256
15.4.2 Port Confi g On this pa ge you can c onfigure al l ports' L LDP - MED p arameters. Choose the menu LLDP → LLDP - M ED → Port Config to load the f ollowing p age. Figure 15 -7 LLDP - MED P ort Conf iguration The following entries are displayed on t his screen : LLDP - MED Port Config Port Select : Select t he desired port to conf[...]
-
Página 257
Includ ed TL Vs Select TL Vs to be include d in outgoing LL DPDU. Location Id entificati on Paramet ers Configur e the Location Id entificatio n TLV's content in outgoing L LDPDU of the por t. Emerge ncy Numb er : Emergency number is E mergency Call Service E LIN identifier , which is use d during eme rgency call set up to a tradit ion[...]
-
Página 258
Choose the menu LLDP → LLDP - M ED → Local Info to load the follow ing pa ge. Figure 15 -8 LLDP - MED L ocal Inf ormation Th e following entries are displayed on t his screen : Auto Refresh Auto Refresh: Enable/Disab le the auto refres h function. Refresh Ra te: S pecify t he auto refresh ra te. Local Info Enter the des ired port number[...]
-
Página 259
Choose the menu LLDP → LLDP - M ED → Nei ghbor Info t o load the follow ing page. Figure 15 -9 LLDP - MED Ne ighbor I nformation The following entries are displayed on t his screen : Auto Refresh Auto Refresh: Enable/Disab le the auto refres h f unction. Refresh Ra te: S pecify t he auto refresh ra te. Neighb or Info Port Select : Click[...]
-
Página 260
Chapter 16 Maintenance Maintenan ce module, assemblin g the common ly used syst em tools to ma nage the switc h, provides the c onvenient method to lo cate and solve t he networ k problem. ( 1 ) Syst em Monitor: Mon itor the ut ilization st atus of the me mory and the C PU of switch. ( 2 ) Log: V iew the c onfigurati on para meters of the s[...]
-
Página 261
Cli ck the Monitor but ton to enable t he switch to monitor and dis play it s CPU utiliz ation rate ever y four secon ds. 16.1.2 Memor y Moni tor Ch oose the menu Mainte nance → Sy stem M onitor → Memory Mo nitor to load the following pa ge. Figure 16 - 2 Memory Monitor Clic k the Monit or button to enable the switch t o monitor and dis play it[...]
-
Página 262
notificatio ns 5 Nor m al but sig nificant c onditions informati onal 6 Inf ormational m essages debugging 7 Debu g - level m essages T able 16 -1 L og Level The Log function is implemented o n the Log T able , Local Lo g , Remot e Log and B ackup Log page s. 16.2.1 Log T able The switch suppor ts logs out put to two directions, n amely , log buf f[...]
-
Página 263
No te: 1. The logs are c lassified into eight levels based on sev erity . The higher the informat ion severity is, the lower the c orrespo nding level is. 2. This p age display s logs in the log bu ffer , and at most 512 logs are display ed. 253[...]
-
Página 264
16.2.2 Local Log Loca l Log is the log infor mation saved in switc h. By default, all system logs from level _0 to level_6 are saved in log buf fer . On this pa ge, you can set t he output cha nnel for logs. Choose the menu Maint enance → Log →Loca l Log to load the follow ing page . Figure 16 - 4 Local Log The following entries are displayed o[...]
-
Página 265
Choose the menu Maint enance → Log →Rem ote Log t o load the follow ing p age. Figure 16 - 5 Log Host The following entries are displayed on t his screen: Log Host Index : Displays the index of the log host . The switch su pport s 4 log hosts. Hos t IP : Configur e the IP for the log host. UD P Po rt : Displays the UDP por t used for receiv[...]
-
Página 266
The following entry is displayed on this screen: Ba ckup Log Ba ckup Log : Click the Backup Lo g button t o save the log as a fil e to your comp uter . No te: It will t ake a few minut es to backup the lo g file. Pleas e wait without any operation. 16.3 De vice Dia gnostics This switch prov ides Cab le T est function for device diagnos tics . 1[...]
-
Página 267
No te: 1. The Length d isplayed h ere is the length o f pair cab le not that of the phy sical cable. 2. The test resu lt is just for y our referenc e. 16.4 Net w ork D iagnostics This switch prov ides Pin g test and T racert test functions for networ k diagnos tics . 16.4.1 Ping Ping test f unction, test ing the co nnectivit y between t he switch a[...]
-
Página 268
Inte rval : S pecify the interv al to send ICMP request packet s. The defa ult value is recommend ed. 16.4.2 T racert T racert test function is us ed to test the connect ivity of the gateways dur ing its jour ney from the source to dest ination of the t est data. When malfu nctions occur t o the netw ork, you can locat e trouble spot of the networ [...]
-
Página 269
Appendix A: S pecifications Standar ds IEEE802. 3 10Base - T Eth ernet IEEE 802. 3u 100Base - TX/100 Base - FX Fast Eth ernet IEEE802. 3ab 1000Ba se - T Gigabit Ethernet IEEE802. 3z 1000Base - X Gigabit Ethernet IEEE802. 3x Flow Contr ol IEEE802. 1p QoS IEEE802. 1q VLAN IEEE802. 1X Port - bas ed Access Aut henticat ion IEEE 802.3 a f/at (for TL - S[...]
-
Página 270
Operating Envir onment Operatin g Temperature: 0 ℃ ~ 40 ℃ Storage Te mperature: - 40 ℃ ~ 70 ℃ Operatin g Humidity : 10% ~ 90% RH Non - con dens ing Sto rage Humi dity: 5% ~ 9 0 % RH Non - condensing Return to CONTEN TS 260[...]
-
Página 271
Appendix B: Configuring the PCs In this sectio n, we’ll introd uce how to inst all and conf igure the TCP/I P corr ectly in W in dows 2000 and TCP/IPv 6 in WIN7. First make sur e your Ethernet Adapter is working, r efer to the adapter’s man ual if ne cessary . 1. In IPv4 netw ork : 1) On the W in dows tas kbar , click the Sta r t button, and [...]
-
Página 272
4) In the prom pt page t hat showed be low , double clic k on the Internet Protocol (TCP/IP) . Figure B-2 5) The followin g TCP/IP Prope rties window wi ll displa y and the IP Address t ab is open on this window by default. Figure B-3 262[...]
-
Página 273
6) Sel ect Use the following IP address. And the fo llowing ite ms will be available. I f the switch's IP address is 1 92.168.0. 1, specify IP addr ess as 192.168.0. x (x is from 2 to 254), and the Subnet mask as 255.25 5.255.0. 2. In IPv6 netw ork : 1) On the W in dows tas kba r , click the Sta r t button, and then clic k Control Panel . 2)[...]
-
Página 274
5) The following TCP/ IP v6 Properties w indow will dis play and the IP Address t ab is open on this window by default. 264[...]
-
Página 275
6) Sel ect Use the foll owi ng IP v6 address . And the following items will be av ailable. If the switch's IP address is 30 01::1/64 , specify IP address as 3001::14 fo r exam ple , and the Subnet prefix length as 64 . Now : Clic k OK to sav e your sett ings. Return to CONTEN TS 265[...]
-
Página 276
Appendix C: Load Sof tware U sing FTP If there is someth ing wrong w ith the firmware of the switch and t he switch can not be launche d, you can load firmw are to the switch via FTP funct ion. FTP (File Tran sfer Protoc ol), a protocol in th e applicatio n layer, is main ly used to transfer f iles between the remote serv er and the local PCs. It i[...]
-
Página 277
Figure C- 2 Open Hyper T erminal 2 ) The Connection Descripti on Window wi ll prompt sh own as Figure C -3 . E nter a name int o the Name f ield and click OK . Figure C- 3 Connectio n Description 3 ) Select the port to conn ect in the follow ing figure and then c lick OK . 267[...]
-
Página 278
Figure C- 4 Select the p ort to connect 4 ) Configure the port select ed in the step above s hown as t he followi ng figur e. Con figu re B its p er se cond as 384 00, D a ta b i ts as 8, Parit y as None, S top bi t s as 1, Flo w control as None, and the n click OK . Figure C- 5 Port Sett ings 3. Dow nload Firmw are v ia boot U til menu T o downl[...]
-
Página 279
Figure C- 6 bootUtil M enu As the prom pt is displayed for a shor t time, y ou are suggest ed not to r elease the CTRL - B key until you enter into bootUtil menu after p owering on the sw itch. 3 ) After enterin g into bootUti l menu, please fir stly confi gure the IP para meters of the switch. The format is: ifconf ig ip xxx.xxx. xxx.xxx mask 25[...]
-
Página 280
7 ) Please power of f and restar t the switch show n as the following figure. Now you are in the User EXEC mode and ca n manage the swit ch via CLI co mmand. [ TP - LINK ] : Press CT RL - B to ent er the b ootUti l S ta r t ing . . . TL - SG34 24 > Return to CONTEN TS 270[...]
-
Página 281
Appendix D : 802.1X Client Sof tw are In 802.1X mecha nism, the sup plicant C lient shou ld be equ ipped with t he correspo nding clien t soft ware compl ied with 802. 1X protoco l standar d for 802.1X authentic ation. W hen t he switc h works as the aut henticat or system, plea se take t he following instr uctions to inst all the TpSuppl icant pro[...]
-
Página 282
Figure D- 3 Welc ome to the I nstallS hield W izard 4) T o continue, cho ose the destinat ion locatio n for the install ation files and cl ick Next on t he followin g screen. Figure D- 4 Choose D estination Locat ion By defau lt, the inst allat ion files ar e saved on t he Progra m Files folder of system d isk. Click the Cha nge button t o modify t[...]
-
Página 283
Figure D- 5 Instal l the Program 6) The Inst allShie ld Wizard is inst alling TpSu pplicant shown as the followi ng screen. P lease wait. Figure D- 6 Setup S tatus 7) On the fo llowing scree n, click Finish to complete t he insta llation. 273[...]
-
Página 284
Figure D- 7 Instal lShi eld Wizard Complete No te: Please pay at tention to t he tips o n the abov e screen. If you have not inst alled W in Pcap 4.0. 2 or the higher ver sion on your co mputer , the 802.1X Cl ient Soft ware TpSup plicant cannot work. It’s recomme nded to go t o http: //www .winpcap.org to dow nload the l atest vers ion of W in P[...]
-
Página 285
2) Then the fo llowing scree n will app ear . If you want t o stop the remove proc ess, clic k Cancel . Figure D- 9 Prepar ing Setu p 3) On the cont inued scree n, clic k Ye s to rem ove the applicat ion from your PC. Figure D- 10 Uninst all the Appli cation 4) Clic k Finish to complete. Fi gure D- 1 1 Uninst all Complete 3. Configura tion 1) Aft e[...]
-
Página 286
Fi gure D- 12 TP - LINK 802. 1X Client Enter the Nam e and the Passwo rd specified in t he Authent ication Ser ver . The length of N ame and Pass word shou ld be less than 1 6 characters. 2) Click the Properties but ton on Figure D - 12 to l oad t he following scr een for configur ing the connectio n properties. Figure D- 13 Connecti on Propertie s[...]
-
Página 287
3) T o continue, cli ck Conne ct button after ent ering the Name and Pa ssword on Figure D - 12 . Then the foll owing scree n will appear to prompt that the Radius serv er is being sear ched. Fi gure D- 14 Authenticati on Dialog 4) W hen passi ng th e a uthentication, the following s creen will ap pear . Fi gure D- 15 Suc cessf ull y Aut henti ca t[...]
-
Página 288
A1: It’s bec ause the suppor ted DLL file is missing. Y ou are suggeste d to go to http:/ /www .winpcap.org t o download W inPcap 4. 0.2 or the higher v ersion for instal lation, and run the client so ftwar e again. Q2: Is th is TP - LINK 802.1X Client Sof tware co mpliable with the sw itches of t he other manufactur ers? A2: No. This TP - LINK 8[...]
-
Página 289
Appendix E : Glossary Access C ontrol List (AC L) ACLs can lim it networ k traffic and restri ct access t o certain users or devices by checking each packet for cer tain IP or MAC ( i.e., Layer 2) information. Boot Pr otocol (BOOT P) BOOTP is use d to provide bootup i nformation for network devi ces, including I P address informati on, the address [...]
-
Página 290
Generi c Multi cast Re gistr ation Pr otocol (GMRP) GMRP allow s networ k devices to r egister end stat ions with mu lticast grou ps. GMRP re quires that any partici pating networ k devices or e nd stations co mply with the IEEE 802.1 p standard. Grou p Att ribute Regis trat ion Proto col (GA RP) See Generi c Attribute Re gistratio n Protocol. IEEE[...]
-
Página 291
Layer 2 Data Link lay er in the ISO 7 - Lay er Data Communi cations Protoc ol. This is relate d directly to the hardware int erface for net work dev ices and passes on traffic bas ed on MAC a ddresses. Link A ggregation See Port Trunk. Link A ggregation Cont rol Pr otocol ( LA CP) Allows por ts to automat ically negotiate a trun ked link wit h LACP[...]
-
Página 292
Secure Shel l (SSH) A secure repla cement for rem ote access funct ions, inclu ding Telnet . SSH can authent icate users with a cry ptographic key , and encrypt data conne ctions betw een management cli ents and th e switch. Simple Network Manageme nt Protoc ol (SNMP) The appli cation proto col in the I nternet su ite of pr otocols whic h offers ne[...]