Web UI Reference Guide Product Model: xStack ® DGS-3120 Series Layer 2 Managed Stackable Gigabit Switch Release 1.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Information in this document is subject to change without notice. © 2010 D-Link Corporation. All rights reserved. Reproduction of this document in any manner whatsoever without the written permission of D-Link Corporation is strictly forbidden. Trademarks used in this text: D-Link and the D-LINK logo are trademarks of D-Link Corporation; Microsoft and Windows are registered trademarks of Microsoft Corporation.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Table of Contents Intended Readers ............................................................................................................................ 1 Typographical Conventions ............................................................................................................................................. 1 Notes, Notices and Cautions........................................................................
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Gratuitous ARP Settings............................................................................................................................................ 29 IPv6 Neighbor Settings (EI Mode Only) ........................................................................................................................ 29 IP Interface ..........................................................................................
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide VLAN Trunk Settings ................................................................................................................................................. 77 Browse VLAN ............................................................................................................................................................ 77 Show VLAN Ports ...........................................................................
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Multicast Filtering ........................................................................................................................................................ 118 IPv4 Multicast Filtering ............................................................................................................................................ 118 IPv4 Multicast Profile Settings ....................................................
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide CPU Access Profile List .............................................................................................................................................. 171 ACL Finder .................................................................................................................................................................. 186 ACL Flow Meter.....................................................................
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide ARP Spoofing Prevention Settings ............................................................................................................................. 242 BPDU Attack Protection .............................................................................................................................................. 243 Loopback Detection Settings .......................................................................
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Port Statistics ........................................................................................................................................................... 283 Packets ................................................................................................................................................................ 283 Errors ...........................................................................
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Intended Readers Typographical Conventions Notes, Notices and Cautions Safety Instructions General Precautions for Rack-Mountable Products Protecting Against Electrostatic Discharge The DGS-3120 Series Web UI Reference Guide contains information for setup and management of the Switch. This manual is intended for network managers familiar with network management concepts and terminology.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Chapter 1 Web-based Switch Configuration Introduction Login to the Web Manager Web-based User Interface Web Pages Introduction All software functions of the DGS-3120 Series switches can be managed, configured and monitored via the embedded web-based (HTML) interface. Manage the Switch from remote stations anywhere on the network through a standard browser.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Web-based User Interface The user interface provides access to various Switch configuration and management windows, allows you to view performance statistics, and permits you to graphically monitor the system status. Areas of the User Interface The figure below shows the user interface. Three distinct areas divide the user interface, as described in the table.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Web Pages When connecting to the management mode of the Switch with a web browser, a login screen is displayed. Enter a user name and password to access the Switch's management mode. Below is a list of the main folders available in the Web interface: System Configuration - In this section the user will be able to configure features regarding the Switch’s configuration.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Chapter 2 System Configuration Device Information System Information Settings Port Configuration PoE Serial Port Settings Warning Temperature Settings System Log configuration Time Range Settings Port Group Settings (EI Mode Only) Time Settings User Accounts Settings Command Logging Settings Stacking Device Information This window contains the main settings for all the major functions for the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 2-1 Device Information window Click the Settings link to navigate to the appropriate feature page for configuration. System Information Settings The user can enter a System Name, System Location, and System Contact to aid in defining the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description System Name Enter a system name for the Switch, if so desired. This name will identify it in the Switch network. System Location Enter the location of the Switch, if so desired. System Contact Enter a contact name for the Switch, if so desired. Click the Apply button to implement changes made. Port Configuration Port Settings This page used to configure the details of the switch ports.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description Unit Select the unit you wish to configure. From Port / To Port Select the appropriate port range used for the configuration here. State Toggle the State field to either enable or disable a given port or group of ports. Speed/Duplex Toggle the Speed/Duplex field to select the speed and full-duplex/half-duplex state of the port.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Port Description Settings The Switch supports a port description feature where the user may name various ports. To view the following window, click System Configuration > Port Configuration > Port Description Settings, as show below: Figure 2-4 Port Description Settings window The fields that can be configured are described below: Parameter Description Unit Select the unit you wish to configure.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 2-5 Port Error Disabled The fields that can be displayed are described below: Parameter Description Port Display the port that has been error disabled. Port State Describe the current running state of the port, whether enabled or disabled. Connection Status Display the uplink status of the individual ports, whether enabled or disabled.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide • Auto-discovery recognizes the connection of a PD (Powered Device) and automatically sends power to it. • The Auto-disable feature occurs under two conditions: firstly, if the total power consumption exceeds the system power limit; and secondly, if the per port power consumption exceeds the per port power limit. • Active circuit protection automatically disables the port if there is a short. Other ports will remain active.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 2-7 PoE System Settings window The following parameters can be configured: Parameter Description Unit Select the unit you wish to configure. Tick the All check box to select all units. Power Limit (1-370) Sets the limit of power to be used from the Switch’s power source to PoE ports. The user may configure a Power Limit between 1 and 370W for the DGS-3120-24PC and DGS-312048PC. The default setting is 370W.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 2-8 PoE Port Settings window The following parameters can be configured: Parameter Description Unit Select the unit you wish to configure. From Port / To Port Select a range of ports from the pull-down menus to be enabled or disabled for PoE. State Use the pull-down menu to enable or disable ports for PoE. Time Range Select a range of the time to the port set as POE.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 2-9 Serial Port Settings window The fields that can be configured are described below: Parameter Description Baud Rate Specify the baud rate for the serial port on the Switch. There are four possible baud rates to choose from, 9600, 19200, 38400 and 115200. For a connection to the Switch using the console port, the baud rate must be set to 115200, which is the default setting.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide High Threshold Enter the high threshold value of the warning temperature setting. Low Threshold Enter the low threshold value of the warning temperature setting. Click the Apply button to implement changes made. System Log configuration System Log Settings The Switch allows users to choose a method for which to save the switch log to the flash memory of the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 2-12 System Log Server Settings (SI Mode Only) Figure 2-13 System Log Server Settings (EI Mode Only) The fields that can be configured are described below: Parameter Description Server ID Syslog server settings index (1 to 4). Server IPv4 Address The IPv4 address of the Syslog server. Server IPv6 Address (EI Mode Only) The IPv6 address of the Syslog server.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 2-14 System Log window The Switch can record event information in its own log. Click Go to go to the next page of the System Log window. The fields that can be configured are described below: Parameter Description Log Type In the drop-down menu the user can select the log type that will be displayed. Severity - When selecting Severity from the drop-down menu, a secondary tick must be made.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 2-15 System Log & Trap Settings window (SI Mode Only) Figure 2-16 System Log & Trap Settings window (EI Mode Only) The fields that can be configured are described below: Parameter Description Interface Name Enter the IP interface name used. IPv4 Address Enter the IPv4 address used. IPv6 Address (EI Mode Only) Enter the IPv6 address used. Click the Apply button to accept the changes made.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 2-17 System Severity Settings window The fields that can be configured are described below: Parameter Description System Severity Choose how the alerts are used from the drop-down menu. Select Log to send the alert of the Severity Type configured to the Switch’s log for analysis.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide End Time - Use this parameter to identify the ending time of the time range, in hours, minutes and seconds, based on the 24-hour time system. Weekdays Use the check boxes to select the corresponding days of the week that this time range is to be enabled. Tick the Select All Days check box to configure this time range for every day of the week. Click the Apply button to accept the changes made.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description Date (DD/MM/YYYY) Enter the current day, month, and year to update the system clock. Time (HH:MM:SS) Enter the current time in hours, minutes, and seconds. Click the Apply button to accept the changes made. User Accounts Settings The Switch allows the control of user privileges.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Apply button to accept the changes made. NOTICE: In case of lost passwords or password corruption, please refer to the appendix chapter entitled, “Password Recovery Procedure,” which will guide you through the steps necessary to resolve this issue. NOTE: The username and password should be less than 16 characters. Command Logging Settings This window is used to enable or disable the command logging settings.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 2-23 Switches stacked in a Duplex Chain Figure 2-24 Switches stacked in a Duplex Ring Within each of these topologies, each switch plays a role in the Switch stack. These roles can be set by the user per individual Switch, or if desired, can be automatically determined by the Switch stack. Three possible roles exist when stacking with the Switch. Primary Master – The Primary Master is the leader of the stack.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Synchronization State – Once the Primary Master and the Backup Master have been established, the Primary Master will assign Stacking Unit IDs to switches in the stack, synchronize configurations for all switches and then transmit commands to the rest of the switches based on the users configurations of the Primary Master. Once these steps have been completed, the switch stack will enter a normal operating mode.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Stacking Mode Settings To begin the stacking process, users must first enable this device for stacking by using the Stacking Mode Settings window.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Chapter 3 Management ARP Gratuitous ARP IPv6 Neighbor Settings (EI Mode Only) IP Interface Management Settings Session Table Single IP Management SNMP Settings Telnet Settings Web Settings ARP Static ARP Settings The Address Resolution Protocol is a TCP/IP protocol that converts IP addresses into physical addresses. This table allows network managers to view, define, modify, and delete ARP information for specific devices.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Delete All button to remove all the entries listed. Click the Edit button to re-configure the specific entry. Click the Delete button to remove the specific entry. Proxy ARP Settings (EI Mode Only) The Proxy ARP (Address Resolution Protocol) feature of the Switch will allow the Switch to reply to ARP requests destined for another device by faking its identity (IP and MAC Address) as the original ARP responder.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide IP Address Enter or view the IP Address used. MAC Address Enter or view the MAC Address used. Click the Find button to locate a specific entry based on the information entered. Click the Show Static button to display only the static entries in the display table. Click the Clear All button to remove all the entries listed in the table.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide NOTE: With the gratuitous ARP learning, the system will not learn new entry but only do the update on the ARP table based on the received gratuitous ARP packet. Gratuitous ARP Settings The user can configure the IP interface’s gratuitous ARP parameter.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-6 IPv6 Neighbor Settings The fields that can be configured are described below: Parameter Description Interface Name Enter the interface name of the IPv6 neighbor. Neighbor IPv6 Address Enter the neighbor IPv6 address. Link Layer MAC Address Enter the link layer MAC address. Interface Name Enter the name of the IPv6 neighbor. Tick the All check box to search for all current interfaces on the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-7 System IP Address Settings window The fields that can be configured are described below: Parameter Description Static Allow the entry of an IP address, subnet mask, and a default gateway for the Switch. These fields should be of the form xxx.xxx.xxx.xxx, where each xxx is a number (represented in decimal form) between 0 and 255.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide subnet should be sent. This is usually the address of a router or a host acting as an IP gateway. If your network is not part of an intranet, or you do not want the Switch to be accessible outside your local network, you can leave this field unchanged. Click the Apply button to accept the changes made. Interface Settings Users can display the Switch’s current IP interface settings.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-10 IPv4 Interface Settings window (EI Mode Only) The fields that can be configured are described below: Parameter Description IP Interface Name Enter the name of the IP interface being created. IPv4 Address Enter the IPv4 address used. Subnet Mask Enter the IPv4 subnet mask used. VLAN Name Enter the VLAN Name used. Interface Admin State Use the drop-down menu to enable or disable the Interface Admin State.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide VLAN Name Enter the VLAN Name used. IPv4 State Use the drop-down menu to enable or disable IPv4 State. Interface Admin State Use the drop-down menu to enable or disable the Interface Admin State. Click the Apply button to accept the changes made. Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Management Settings Users can stop the scrolling of multiple pages beyond the limits of the console when using the Command Line Interface. This window is also used to enable the DHCP auto configuration feature on the Switch. When enabled, the Switch is instructed to receive a configuration file from a TFTP server, which will set the Switch to become a DHCP client automatically on boot-up.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide received from the Switch. Power Saving State Enable or disable the link down power saving mode of each physical port. The switch port will go into sleep mode when a port is not connected. Length Detection State Enable or disable the length detection power saving mode on the physical ports. The switch port will reduce the power feed for shorter cables.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide • There is no limit to the number of SIM groups in the same IP subnet (broadcast domain); however a single switch can only belong to one group. • If multiple VLANs are configured, the SIM group will only utilize the default VLAN on any switch. • SIM allows intermediate devices that do not support SIM. This enables the user to manage switches that are more than one hop away from the CS.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide 1. The Commander Switch (CS) now has the capability to automatically rediscover member switches that have left the SIM group, either through a reboot or web malfunction. This feature is accomplished through the use of Discover packets and Maintenance packets that previously set SIM members will emit after a reboot.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Role State Use the pull-down menu to change the SIM role of the Switch. The two choices are: Candidate – A Candidate Switch (CaS) is not the member of a SIM group but is connected to a Commander Switch. This is the default setting for the SIM role of the Switch. Commander – Choosing this parameter will make the Switch a Commander Switch (CS).
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-17 Single IP Management window - Tree View The Topology window holds the following information on the Data tab: Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user. If no device is configured by the name, it will be given the name default and tagged with the last six digits of the MAC Address to identify it.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-18 Topology view This window will display how the devices within the Single IP Management Group connect to other groups and devices.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide In the Topology view window, the mouse plays an important role in configuration and in viewing device information. Setting the mouse cursor over a specific device in the topology window (tool tip) will display the same information about a specific device as the Tree view does. See the window below for an example.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-21 Right-Clicking a Group Icon The following options may appear for the user to configure: • Collapse – To collapse the group that will be represented by a single icon. • Expand – To expand the SIM group, in detail. • Property – To pop up a window to display the group information.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-23 Right-clicking a Commander Icon The following options may appear for the user to configure: • Collapse – To collapse the group that will be represented by a single icon. • Expand – To expand the SIM group, in detail. • Property – To pop up a window to display the group information.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-26 Input password window • Property – To pop up a window to display the device information. Menu Bar The Single IP Management window contains a menu bar for device configurations, as seen below. Figure 3-27 Menu Bar of the Topology View File • Print Setup – Will view the image to be printed. • Print Topology – Will print the topology map.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-29 About window Firmware Upgrade This screen is used to upgrade firmware from the Commander Switch to the Member Switch. Member Switches will be listed in the table and will be specified by Port (port on the CS where the MS resides), MAC Address, Model Name and Version. To specify a certain Switch for firmware download, click its corresponding check box under the Port heading.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Upload Log File The following window is used to upload log files from SIM member switches to a specified PC. To upload a log file, enter the Server IP address of the SIM member switch and then enter a Path\Filename on your PC where you wish to save this file. Click Upload to initiate the file transfer.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide messages may be encrypted. To read more about how to configure SNMPv3 settings for the Switch read the next section. Traps Traps are messages that alert network personnel of events that occur on the Switch. The events can be as serious as a reboot (someone accidentally turned OFF the Switch), or less serious like a port status change. The Switch generates traps and sends them to the trap recipient (or network manager).
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide SNMP Traps Settings Users can enable and disable the SNMP trap support function of the switch and SNMP authentication failure trap support, respectively.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-35 SNMP Linkchange Traps Settings window The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. From Port / To Port Select the starting and ending ports to use. State Use the drop-down menu to enable or disable the SNMP link change Trap. Click the Apply button to accept the changes made.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-36 SNMP View Table Settings window The fields that can be configured are described below: Parameter Description View Name Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP view being created. Subtree OID Type the Object Identifier (OID) Subtree for the view. The OID identifies an object tree (MIB tree) that will be included or excluded from access by an SNMP manager.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-37 SNMP community Table Settings window The fields that can be configured are described below: Parameter Description Community Name Type an alphanumeric string of up to 32 characters that is used to identify members of an SNMP community. This string is used like a password to give remote SNMP managers access to MIB objects in the Switch’s SNMP agent.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-38 SNMP Group Table Settings window The fields that can be configured are described below: Parameter Description Group Name Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP group of SNMP users. Read View Name This name is used to specify the SNMP group created can request SNMP messages.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide SNMP Engine ID Settings The Engine ID is a unique identifier used for SNMP V3 implementations on the Switch. To view the following window, click Management > SNMP Settings > SNMP Engine ID Settings, as show below: Figure 3-39 SNMP Engine ID Settings window The fields that can be configured are described below: Parameter Description Engine ID To change the Engine ID, type the new Engine ID value in the space provided.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description User Name An alphanumeric string of up to 32 characters. This is used to identify the SNMP users. Group Name This name is used to specify the SNMP group created can request SNMP messages. SNMP Version V3 – Indicates that SNMP version 3 is in use. SNMP V3 Encryption Use the drop-down menu to enable encryption for SNMP V3. This is only operable in SNMP V3 mode. The choices are None, Password, or Key.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide security level. AuthNoPriv – To specify that the SNMP version 3 will be used, with an Auth-NoPriv security level. AuthPriv – To specify that the SNMP version 3 will be used, with an Auth-Priv security level. Community String / SNMP V3 User Name Type in the community string or SNMP V3 user name as appropriate. Click the Apply button to accept the changes made. Click the Delete button to remove the specific entry.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-43 RMON Settings window The fields that can be configured are described below: Parameter Description RMON Rising Alarm Trap Enable this option to use the RMON Rising Alarm Trap Feature. RMON Falling Alarm Trap Enable this option to use the RMON Falling Alarm Trap Feature. Click the Apply button to accept the changes made. Telnet Settings Users can configure Telnet Settings on the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 3-45 Web Settings window The fields that can be configured are described below: Parameter Description Web Status Web-based management is Enabled by default. If you choose to disable this by clicking Disabled, you will lose the ability to configure the system through the web interface as soon as these settings are applied. Port (1-65535) The TCP port number used for web-based management of the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Chapter 4 L2 Features VLAN Spanning Tree Link Aggregation FDB L2 Multicast Control Multicast Filtering LLDP NLB FDB Settings VLAN Understanding IEEE 802.1p Priority Priority tagging is a function defined by the IEEE 802.1p standard designed to provide a means of managing traffic on a network where many different types of data may be transmitted simultaneously.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide are forwarded only between ports within the VLAN. Typically, a VLAN corresponds to a particular subnet, although not necessarily. VLANs can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains. A VLAN is a collection of end nodes grouped by logic instead of physical location.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide The main characteristics of IEEE 802.1Q are as follows: • Assigns packets to VLANs by filtering. • Assumes the presence of a single global spanning tree. • Uses an explicit tagging scheme with one-level tagging. • 802.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide The EtherType and VLAN ID are inserted after the MAC source address, but before the original EtherType/Length or Logical Link Control. Because the packet is now a bit longer than it was originally, the Cyclic Redundancy Check (CRC) must be recalculated. Figure 4-3 Adding an IEEE 802.1Q Tag Port VLAN ID Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide connected to a tag-unaware device, the packet should be untagged. If the transmitting port is connected to a tag-aware device, the packet should be tagged. Tagging and Untagging Every port on an 802.1Q compliant switch can be configured as tagging or untagging. Ports with tagging enabled will put the VID number, priority and other VLAN information into the header of all packets that flow into and out of it.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide VLAN Name VID Switch Ports System (default) 1 5, 6, 7 Engineering 2 9, 10 Sales 5 1, 2, 3, 4 Port-based VLANs Port-based VLANs limit traffic that flows into and out of switch ports. Thus, all devices connected to a port are members of the VLAN(s) the port belongs to, whether there is a single computer directly connected to a switch, or an entire department.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Enter a page number and click the Go button to navigate to a specific page when multiple pages exist. To create a new 802.1Q VLAN or modify an existing 802.1Q VLAN, click the Add/Edit VLAN tab. A new tab will appear, as shown below, to configure the port settings and to assign a unique name and number to the new VLAN. Figure 4-5 802.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide To search for a VLAN, click the Find VLAN tab. A new tab will appear, as shown below. Figure 4-6 802.1Q VLAN Settings – Find VLAN Tab window Enter the VLAN ID number in the field offered and then click the Find button. You will be redirected to the VLAN List tab. To create, delete and configure a VLAN Batch entry click the VLAN Batch Settings tab, as shown below. Figure 4-7 802.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide tagged. Untagged Specify the port as 802.1Q untagged. Use the drop-down menu to designate the port as untagged. Forbidden Specify the port as not being a member of the VLAN and that the port is forbidden from becoming a member of the VLAN dynamically. Use the drop-down menu to designate the port as forbidden. Click the Apply button to accept the changes made. NOTE: The Switch supports up to 4k static VLAN entries. 802.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide octet) hex value. For IEEE802.3 LLC, this is a 2-octet IEEE 802.2 Link Service Access Point (LSAP) pair. The first octet is for Destination Service Access Point (DSAP) and the second octet is for Source. Click the Add button to add a new entry based on the information entered. Click the Delete All button to remove all the entries based on the information entered. Click the Edit button to re-configure the specific entry.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide For more information on priority queues, CoS queues and mapping for 802.1p, see the QoS section of this manual. Port List Select the specified ports you wish to configure by entering the port number in this field, or tick the All Ports check box. Search Port List This function allows the user to search all previously configured port list settings and display them on the lower half of the table.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-11 GVRP Global Settings window The fields that can be configured are described below: Parameter Description GVRP State Click the radio buttons to enable or disable the GVRP State. Join Time Enter the Join Time value in milliseconds. Leave Time Enter the Leave Time value in milliseconds. Leave All Time Enter the Leave All Time value in milliseconds.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-12 GVRP Port Settings window The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. From Port / To Port Select the starting and ending ports to use. PVID This field is used to manually assign a PVID to a VLAN. The Switch's default is to assign all ports to the default VLAN with a VID of 1.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide MAC-based VLAN Settings Users can create new MAC-based VLAN entries, search and delete existing entries. When a static MAC-based VLAN entry is created for a user, the traffic from this user will be able to be serviced under the specified VLAN regardless of the authentication function operating on this port.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-14 Private VLAN Settings window The fields that can be configured are described below: Parameter Description VLAN Name Enter a VLAN name. VID (2-4094) Enter a VID value. VLAN List Enter a list of VLAN ID. Click the Add button to add a new entry based on the information entered. Click the Find button to locate a specific entry based on the information entered.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide PVID Auto Assign Settings Users can enable or disable PVID Auto Assign Status. The default setting is enabled. To view the following window, click L2 Features > VLAN > PVID Auto Assign Settings, as show below: Figure 4-16 PVID Auto Assign Settings window Click the Apply button to accept the changes made. Voice VLAN Voice VLAN Global Settings Voice VLAN is a VLAN used to carry voice traffic from IP phone.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Aging Time The aging time to set, the range is 1 – 65535 minutes. The default value is 720 minutes. The aging time is used to remove a port from voice VLAN if the port is an automatic VLAN member. When the last voice device stops sending traffic and the MAC address of this voice device is aged out, the voice VLAN aging timer will be started.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Voice VLAN OUI Settings This page is used to configure the user-defined voice traffic’s OUI. The OUI is used to identify the voice traffic. There are a number of pre-defined OUIs. The user can further define the user-defined OUIs if needed. The user-defined OUI cannot be the same as the pre-defined OUI.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide VLAN Trunk Settings Enable VLAN on a port to allow frames belonging to unknown VLAN groups to pass through that port. This is useful if you want to set up VLAN groups on end devices without having to configure the same VLAN groups on intermediary devices. Suppose you want to create VLAN groups 1 and 2 (V1 and V2) on devices A and B.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide To view the following window, click L2 Features > VLAN > Browse VLAN, as show below: Figure 4-23 Browse VLAN window Enter a page number and click the Go button to navigate to a specific page when multiple pages exist. NOTE: The abbreviations used on this page are Tagged Port (T), Untagged Port (U) and Forbidden Port (F). Show VLAN Ports Users can display the VLAN ports of the Switch's viewed by VID.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Spanning Tree This Switch supports three versions of the Spanning Tree Protocol: 802.1D-1998 STP, 802.1D-2004 Rapid STP, and 802.1Q-2005 MSTP. 802.1D-1998 STP will be familiar to most networking professionals. However, since 802.1D-2004 RSTP and 802.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Port Transition States An essential difference between the three protocols is in the way ports transition to a forwarding state and in the way this transition relates to the role of the port (forwarding or not forwarding) in the topology. MSTP and RSTP combine the transition states disabled, blocking and listening used in 802.1D-1998 and creates a single state Discarding. In either case, ports do not forward packets.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide STP Bridge Global Settings On this page the user can configure the STP bridge global parameters. To view the following window, click L2 Features > Spanning Tree > STP Bridge Global Settings, as show below: Figure 4-25 STP Bridge Global Settings window The fields that can be configured are described below: Parameter Description STP Status Use the radio button to globally enable or disable STP.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide switch on the hop count will reduce the hop count by one until the value reaches zero. The Switch will then discard the BDPU packet and the information held for the port will age out. The user may set a hop count from 6 to 40. The default is 20. Click the Apply button to accept the changes made for each individual section. NOTE: The Bridge Hello Time cannot be longer than the Bridge Max Age.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide 20000. Enter a value between 1 and 200000000 to determine the External Cost. The lower the number, the greater the probability the port will be chosen to forward packets. P2P Choosing the True parameter indicates a point-to-point (P2P) shared link. P2P ports are similar to edge ports; however they are restricted in that a P2P port must operate in full duplex.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-27 MST Configuration Identification window The fields that can be configured are described below: Parameter Description Configuration Name This name uniquely identifies the MSTI (Multiple Spanning Tree Instance). If a Configuration Name is not set, this field will show the MAC address to the device running MSTP.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-28STP Instance Settings window The fields that can be configured are described below: Parameter Description MSTI ID Enter the MSTI ID in this field. An entry of 0 denotes the CIST (default MSTI). Priority Enter the priority in this field. The available range of values is from 0 to 61440. Click the Apply button to accept the changes made. Click the Edit button to re-configure the specific entry.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. Port Select the port you want to configure. Instance ID The MSTI ID of the instance to be configured. Enter a value between 0 and 15. An entry of 0 in this field denotes the CIST (default MSTI).
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide The Switch treats all ports in a trunk group as a single port. Data transmitted to a specific host (destination address) will always be transmitted over the same port in a trunk group. This allows packets in a data stream to arrive in the same order they were sent. Link aggregation allows several ports to be grouped together and to act as a single link. This gives a bandwidth that is a multiple of a single link's bandwidth.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-31 Port Trunking Settings window The fields that can be configured are described below: Parameter Description Algorithm This is the traffic hash algorithm among the ports of the link aggregation group. Options to choose from are MAC Source Dest, IP Source Dest and Lay4 Source Dest. Unit Select the unit you want to configure. Group ID (1-32) Select an ID number for the group, between 1 and 32.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-32 LACP Port Settings window The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. From Port / To Port A consecutive group of ports may be configured starting with the selected port. Activity Active - Active LACP ports are capable of processing and sending LACP control frames.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide FDB Static FDB Settings Unicast Static FDB Settings Users can set up static unicast forwarding on the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-34 Multicast Static FDB Settings window The fields that can be configured are described below: Parameter Description VID The VLAN ID of the VLAN the corresponding MAC address belongs to. Multicast MAC Address The static destination MAC address of the multicast packets. This must be a multicast MAC address. Unit Select the unit you want to configure.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-35 MAC Notification Settings window The fields that can be configured are described below: Parameter Description State Enable or disable MAC notification globally on the Switch Interval The time in seconds between notifications. Value range to use is 1 to 2147483647. History Size The maximum number of entries listed in the history log used for notification. Up to 500 entries can be specified.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-36 MAC Address Aging Time Settings window The fields that can be configured are described below: Parameter Description MAC Address Aging Time (10-1000000) This field specify the length of time a learned MAC Address will remain in the forwarding table without being accessed (that is, how long a learned MAC Address is allowed to remain idle).
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Clear Dynamic Entries button to delete all dynamic entries of the address table. Click the View All Entries button to display all the existing entries. Click the Clear All Entries button to remove all the entries listed in the table. Click the Add to Static MAC table button to add the specific entry to the Static MAC table.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide L2 Multicast Control IGMP Snooping Internet Group Management Protocol (IGMP) snooping allows the Switch to recognize IGMP queries and reports sent between network stations or devices and an IGMP host. When enabled for IGMP snooping, the Switch can open or close a port to a specific device based on IGMP messages passing through the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-41 IGMP Snooping Parameters Settings window The fields that can be configured are described below: Parameter Description VID Specify the name of the VLAN ID. VLAN Name Specify the name of the VLAN for which IGMP snooping querier is to be configured. Rate Limit Here is displayed the rate of IGMP control packets that the switch can process on a specific port/VLAN. The rate is specified in packet per second.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide send the multicast-routing protocol packet, the port will be timed out as a router port. Report Suppression When enabled, multiple IGMP reports or leave for a specific (S, G) will be integrated into one report only before sending to the router port. Data Driven Learning State Specify to enable or disable the data driven learning state.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-44 IGMP Snooping Static Group Settings window The fields that can be configured are described below: Parameter Description VLAN Name The VLAN Name of the multicast group. VID List The VID List or of the multicast group. IPv4 Address Enter the IPv4 address. Click the Find button to locate a specific entry based on the information entered.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide IGMP Router Port Users can display which of the Switch’s ports are currently configured as router ports. A router port configured by a user (using the console or Web-based management interfaces) is displayed as a static router port, designated by S. A router port that is dynamically configured by the Switch is designated by D, while a Forbidden port is designated by F.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description VLAN Name The VLAN Name of the multicast group. VID List The VLAN ID list of the multicast group. Port List Specify the port number(s) used to find a multicast group. Group IPv4 Address Enter the IPv4 address. Data Driven If Data Drive is selected, only data driven groups will be displayed.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-49 IGMP Snooping Counter window The fields that can be configured are described below: Parameter Description VLAN Name The VLAN Name of the multicast group. VID List The VLAN ID list of the multicast group. Port List The Port List of the multicast group. Click the Find button to locate a specific entry based on the information entered. Click the View All button to display all the existing entries.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide MLD Snooping Multicast Listener Discovery (MLD) Snooping is an IPv6 function used similarly to IGMP snooping in IPv4. It is used to discover ports on a VLAN that are requesting multicast data.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide packets. Since video cameras do not have the capability to run MLD protocols, the IP multicast data will be dropped with the original MLD snooping function. MLD Snooping Settings Users can configure the settings for MLD snooping.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Max Response Time The maximum time in seconds to wait for reports from listeners. The default setting is 10 seconds. Robustness Value Provides fine-tuning to allow for expected packet loss on a subnet.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-53 MLD Snooping Router Port Settings window The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. Static Router Port This section is used to designate a range of ports as being connected to multicastenabled routers.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-54 MLD Snooping Rate Limit Settings window The fields that can be configured are described below: Parameter Description Port List Enter the Port List here. VID List Enter the VID List value here. Rate Limit Configure the rate limit of MLD control packet that the switch can process on a specific port/VLAN. The rate is specified in packet per second. The packet that exceeds the limited rate will be dropped.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Create button to add a static group. Click the Delete button to delete a static group. Click the View All button to display all the existing entries. Click the Edit button to re-configure the specific entry. After clicking the Edit button, the following page will appear: Figure 4-56 MLD Snooping Static Group Settings – Edit window Click the Select All button to select all the ports for configuration.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide NOTE: The abbreviations used on this page are Static Router Port (S), Dynamic Router Port (D) and Forbidden Router Port (F). MLD Snooping Group Users can view MLD Snooping Groups present on the Switch. MLD Snooping is an IPv6 function comparable to IGMP Snooping for IPv4.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-59 MLD Snooping Forwarding Table window The fields that can be configured are described below: Parameter Description VLAN Name The name of the VLAN for which you want to view MLD snooping forwarding table information. VID List The ID of the VLAN for which you want to view MLD snooping forwarding table information. Click the Find button to locate a specific entry based on the information entered.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-61 Browse MLD Snooping Counter window Click the Clear Counter button to clear all the information displayed in the fields. Click the Refresh button to refresh the display table so that new information will appear. Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide IGMP Multicast Group Profile Settings Users can add a profile to which multicast address reports are to be received on specified ports on the Switch. This function will therefore limit the number of reports received and the number of multicast groups configured on the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Delete button to remove the corresponding entry. IGMP Snooping Multicast VLAN Settings On this page the user can configure the IGMP snooping multicast VLAN parameters.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-65 IGMP Snooping Multicast VLAN Settings – Edit window The fields that can be configured are described below: Parameter Description VLAN Name This option will display the VLAN name of the VLAN configured. State Use the drop-down menu to enable or disable the state. Replace Source IP With the IGMP snooping function, the IGMP report packet sent by the host will be forwarded to the source port.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the View All button to display all the existing entries. Click the Group List link to configure the Multicast Group Profile Multicast Address Settings for the specific entry. Click the Delete button to remove the specific entry.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide MLD Multicast VLAN Forward Unmatched Click the radio buttons to can enable or disable the MLD multicast VLAN Forward Unmatched state. VLAN Name Enter the VLAN name used. VID Enter the VID value used. Remap Priority The user can select this option to enable the Remap Priority feature. Specify the remap priority (0 to 7) to be associated with the data traffic to be forwarded on the multicast VLAN.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide None. Replace Priority Tick the check box to specify that the packet’s priority will be changed by the switch, based on the remap priority. This flag will only take effect when the remap priority is set. Untagged Member Ports Specify the untagged member port of the multicast VLAN. Click the Select All button to select all the ports or click the Clear All button to unselect all the ports.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide IPv4 Multicast Profile Settings Users can add a profile to which multicast address(s) reports are to be received on specified ports on the Switch. This function will therefore limit the number of reports received and the number of multicast groups configured on the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Profile Name Display the profile name. Multicast Address List Enter the multicast address list here. Click the Add button to add a new entry based on the information entered. Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-75 IPv4 Max Multicast Group Settings window The fields that can be configured are described below: Parameter Description Ports / VID List Select the appropriate port(s) or VLAN IDs used for the configuration here. Max Group If the checkbox Infinite is not selected, the user can enter a Max Group value. Infinite Tick the check box to enable or disable the use of the Infinite value.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Profile ID Enter a Profile ID between 1 and 60. Profile Name Enter a name for the IP Multicast Profile. Click the Add button to add a new entry based on the information entered. Click the Find button to locate a specific entry based on the information entered. Click the Delete All button to remove all the entries listed.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-78 IPv6 Limited Multicast Range Settings window The fields that can be configured are described below: Parameter Description Ports/VID List Select the appropriate port(s) or VLAN IDs used for the configuration here. Access Assign access permissions to the ports selected. Options listed are Permit and Deny.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Max Group If the checkbox Infinite is not selected, the user can enter a Max Group value. Infinite Tick the check box to enable or disable the use of the Infinite value. Action Use the drop-down menu to select the appropriate action for this rule. The user can select Drop to initiate the drop action or the user can select Replace to initiate the replace action. Click the Apply button to accept the changes made.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide LLDP LLDP Global Settings On this page the user can configure the LLDP global parameters. To view the following window, click L2 Features > LLDP > LLDP Global Settings, as show below: Figure 4-81 LLDP Global Settings window The fields that can be configured are described below: Parameter Description LLDP State Click the radio buttons to enable or disable the LLDP feature.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide LLDP Port Settings On this page the user can configure the LLDP port parameters. To view the following window, click L2 Features > LLDP > LLDP Port Settings, as show below: Figure 4-82 LLDP Port Settings window The fields that can be configured are described below: Parameter Description Unit Select the starting and ending ports to use.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Action Use the drop-down menu to enable or disable the action field. Address Enter the IP address that will be sent. Click the Apply button to accept the changes made. NOTE: The IPv4 or IPv6 address entered here should be an existing LLDP management IP address. LLDP Management Address List On this page the user can view the LLDP management address list.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-84 LLDP Basic TLVs Settings window The fields that can be configured are described below: Parameter Description Unit Select the starting and ending ports to use. From Port / To Port Select the port range to use for this configuration. Port Description Use the drop-down menu to enable or disable the Port Description option. System Name Use the drop-down menu to enable or disable the System Name option.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-85 LLDP Dot1 TLVs Settings window The fields that can be configured are described below: Parameter Description Unit Select the starting and ending ports to use. From Port / To Port Use the drop-down menu to select the port range to use for this configuration. Dot1 TLV PVID Use the drop-down menu to enable or disable and configure the Dot1 TLV PVID option.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide LLDP Dot3 TLVs Settings This window is used to configure an individual port or group of ports to exclude one or more IEEE 802.3 organizational specific TLV data type from outbound LLDP advertisements.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Apply button to accept the changes made. LLDP Statistic System The LLDP Statistics System page allows you an overview of the neighbor detection activity, LLDP Statistics and the settings for individual ports on the Switch. Select a Port number from the drop-down menu and click the Find button to view statistics for a certain port.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-88 LLDP Local Port Information window To view the normal LLDP Local Port information page per port, click the Show Normal button. To view the brief LLDP Local Port information page per port, click the Show Brief button. Figure 4-89 LLDP Local Port Information – Show Normal window Select a Port number and click the Find button to locate a specific entry.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-90 LLDP Local Port Information – Show Detail window Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 4-93 NLB Multicast FDB Table window The following fields can be set: Parameter Description VLAN Name Click the radio button and enter the VLAN of the NLB multicast FDB entry to be created. VID (1-4094) Click the radio button and enter the VLAN by the VLAN ID. MAC Address Enter the MAC address of the NLB multicast FDB entry to be created. Unit Select the unit you wish to configure.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Chapter 5 L3 Features IPv4 Default Route Settings (SI Mode Only) IPv4 Static/Default Route Settings (EI Mode Only) IPv4 Route Table IPv6 Static/Default Route Settings (EI Mode Only) IP Forwarding Table IPv4 Default Route Settings (SI Mode Only) Entries into the Switch’s forwarding table can be made using both an IP address subnet mask and a gateway.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 5-2 IPv4 Static/Default Route Settings window The fields that can be configured are described below: Parameter Description IP Address This field allows the entry of an IPv4 address to be assigned to the Static or Default route. Netmask This field allows the entry of a subnet mask to be applied to the corresponding subnet mask of the IP address.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide IPv6 Static/Default Route Settings (EI Mode Only) A static entry of an IPv6 address can be entered into the Switch’s routing table for IPv6 formatted addresses.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 5-6 IP Forwarding Table Click the IP Address, Interface Name or Port radio button, enter the information and click the Find button to locate a specific entry based on the information entered. Enter a page number and click the Go button to navigate to a specific page when multiple pages exist.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Chapter 6 QoS 802.1p Settings Bandwidth Control Traffic Control Settings DSCP HOL Blocking Prevention Scheduling Settings The Switch supports 802.1p priority queuing Quality of Service. The following section discusses the implementation of QoS (Quality of Service) and benefits of using 802.1p priority queuing. Advantages of QoS QoS is an implementation of the IEEE 802.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide the receiving end, the administrator instructs the Switch to examine packets for this tag, acquires the tagged packets and maps them to a class queue on the Switch. Then in turn, the administrator will set a priority for this queue so that will be emptied before any other packet is forwarded.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide 802.1p Default Priority Settings The Switch allows the assignment of a default 802.1p priority to each port on the Switch. This page allows the user to assign a default 802.1p priority to any given port on the switch that will insert the 802.1p priority tag to untagged packets received. The priority and effective priority tags are numbered from 0, the lowest priority, to 7, the highest priority.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 6-3 802.1p User Priority Settings window Once a priority has been assigned to the port groups on the Switch, then a Class may be assigned to each of the eight levels of 802.1p priorities using the drop-down menus on this window. User priority mapping is not only for the default priority configured in the last page, but also for all the incoming tagged packets with 802.1p tag.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 6-4 Bandwidth Control Settings window The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. From Port / To Port Use the drop-down menu to select the port range to use for this configuration. Type This drop-down menu allows a selection between RX (receive), TX (transmit), and Both.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Apply button to accept the changes made. Queue Bandwidth Control Settings To view this window, click QoS > Bandwidth Control > Queue Bandwidth Control Settings, as shown below.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Traffic Control Settings On a computer network, packets such as Multicast packets and Broadcast packets continually flood the network as normal procedure. At times, this traffic may increase due to a malicious end station on the network or a malfunctioning device, such as a faulty network card. Thus, switch throughput problems will arise and consequently affect the overall performance of the switch network.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 6-6 Traffic Control Settings window The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. From Port / To Port Use the drop-down menu to select the port range to use for this configuration. Action Select the method of traffic control from the pull-down menu.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Time Interval (5-600) The Time Interval will set the time between Multicast and Broadcast packet counts sent from the Switch’s chip to the Traffic Control function. These packet counts are the determining factor in deciding when incoming packets exceed the Threshold value. The Time Interval may be set between 5 and 600 seconds, with a default setting of 5 seconds.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide DSCP DSCP Trust Settings This page is to configure the DSCP trust state of ports. When ports are under the DSCP trust mode, the switch will insert the priority tag to untagged packets by using the DSCP Map settings instead of the default port priority.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 6-8 DSCP Map Settings - DSCP Priority window To view the following window, click QoS > DSCP > DSCP Map Settings and select DSCP DSCP from the DSCP Map drop-down menu, as show below: Figure 6-9 DSCP Map Settings - DSCP DSCP window The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Priority Use the drop-down menu to select a Priority value. This appears when selecting DSCP Priority in the DSCP Map drop-down menu. DSCP Enter a DSCP value. This appears when selecting DSCP Priority in the DSCP DSCP drop-down menu. Click the Apply button to accept the changes made. HOL Blocking Prevention HOL (Head of Line) Blocking happens when one of the destination ports of a broadcast or multicast packet are busy.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 6-11 QoS Scheduling window The following parameters can be configured: Parameter Description Unit Select the unit you wish to configure. From Port / To Port Enter the port or port list you wish to configure. Class ID Select the Class ID, from 0-7 to configure for the QoS parameters. Scheduling Mechanism Strict – The highest class of service is the first to process traffic.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 6-12 QoS Scheduling Mechanism The following parameters can be configured: Parameter Description Unit Select the unit you wish to configure. From Port / To Port Enter the port or port list you wish to configure. Scheduling Mechanism Strict – The highest class of service is the first to process traffic. That is, the highest class of service will finish before other queues empty.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Chapter 7 ACL ACL Configuration Wizard Access Profile List CPU Access Profile List ACL Finder ACL Flow Meter Egress Access Profile List (EI Mode Only) Egress ACL Flow Meter (EI Mode Only) ACL Configuration Wizard The ACL Configuration Wizard will aid the user in the creation of access profiles and ACL Rules automatically by simply inputting the address or service type and the action needed.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide to automatically assign an unused access ID to this rule. From / To This rule can be created to apply to four different categories: Any – Selecting this option will include any starting category to this rule. MAC Address – Selecting this option will allow the user to enter a range of MAC addresses for this rule. IPv4 Address – Selecting this option will allow the user to enter a range of IPv4 addresses for this rule.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-2 Access Profile List window Click the Add ACL Profile button to add an entry to the Access Profile List. Click the Delete All button to remove all access profiles from this table. Click the Show Details button to display the information of the specific profile ID entry. Click the Add/View Rules button to view or add ACL rules within the specified profile ID. Click the Delete button to remove the specific entry.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-3 Add ACL Profile window (Ethernet ACL) The fields that can be configured are described below: Parameter Description Profile ID Enter a unique identifier number for this profile set. This value can be set from 1 to 768. Profile Name Enter a profile name for the profile created. Select ACL Type Select profile based on Ethernet (MAC Address), IPv4 address, IPv6 address, or packet content.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide packet header and use this as the, or part of the criterion for forwarding. Ethernet Type Selecting this option instructs the Switch to examine the Ethernet type value in each frame's header. Click the Select button to select an ACL type. Click the Create button to create a profile. Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-6 Add Access Rule window (Ethernet ACL) The fields that can be configured are described below: Parameter Description Access ID (1-1536) Type in a unique identifier number for this access. This value can be set from 1 to 1536. Auto Assign – Ticking this check box will instruct the Switch to automatically assign an Access ID for the rule being created.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide priority and DSCP are set to be modified. Replace ToS Precedence (0-7) Specify that the IP precedence of the outgoing packet is changed with the new value. If used without an action priority, the packet is sent to the default traffic class. Time Range Name Tick the check box and enter the name of the Time Range settings that has been previously configured in the Time Range Settings window.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-8 Add ACL Profile window (IPv4 ACL) The fields that can be configured are described below: Parameter Description Profile ID Enter a unique identifier number for this profile set. This value can be set from 1 to 768. Select ACL Type Select profile based on Ethernet (MAC Address), IPv4 address, IPv6 address, or packet content. This will change the window according to the requirements for the type of profile.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide IPv4 Destination IP Mask Enter an IP address mask for the destination IP address, e.g. 255.255.255.255. Protocol Selecting this option instructs the Switch to examine the protocol type value in each frame's header. Then the user must specify what protocol(s) to include according to the following guidelines: Select ICMP to instruct the Switch to examine the Internet Control Message Protocol (ICMP) field in each frame's header.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Show All Profiles button to navigate back to the Access Profile List Page. After clicking the Add/View Rules button, the following page will appear: Figure 7-10 Access Rule List window (IPv4 ACL) Click the Add Rule button to create a new ACL rule in this profile. Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Access ID for the rule being created. Action Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below). Select Deny to specify that the packets that match the access profile are not forwarded by the Switch and will be filtered.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Adding an IPv6 ACL Profile The window shown below is the Add ACL Profile window for IPv6. To use specific filtering masks in this ACL profile, click the packet filtering mask field to highlight it red. This will add more filed to the mask.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Select Packet Content to instruct the Switch to examine the packet content in each frame’s header. IPv6 Class Ticking this check box will instruct the Switch to examine the class field of the IPv6 header. This class field is a part of the packet header that is similar to the Type of Service (ToS) or Precedence bits field in IPv4.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Enter a page number and click the Go button to navigate to a specific page when multiple pages exist. After clicking the Add Rule button, the following page will appear: Figure 7-16 Add Access Rule (IPv6 ACL) The fields that can be configured are described below: Parameter Description Access ID (1-1536) Type in a unique identifier number for this access. This value can be set from 1 to 1536.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide meets the selected criteria) with the value entered in the adjacent field. When an ACL rule is added to change both the priority and DSCP of an IPv6 packet, only one of them can be modified due to a chip limitation. Currently the priority is changed when both the priority and DSCP are set to be modified. Replace ToS Precedence (0-7) Specify that the IP precedence of the outgoing packet is changed with the new value.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide . Figure 7-18 Add ACL Profile (Packet Content ACL) The fields that can be configured are described below: Parameter Description Profile ID Enter a unique identifier number for this profile set. This value can be set from 1 to 768. Select ACL Type Select profile based on Ethernet (MAC Address), IPv4 address, IPv6 address, or packet content. This will change the window according to the requirements for the type of profile.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide chunk0 chunk1 chunk2 …… chunk29 chunk30 chunk31 B126, B127, B2, B6, …… B114, B118, B122, B3, B7, B115, B119, B123, B0, B4, B8, B116, B120, B124, B1 B5 B9 B117 B121 B125 Example: offset_chunk_1 0 0xffffffff will match packet byte offset 126,127,0,1 offset_chunk_1 0 0x0000ffff will match packet byte offset,0,1 NOTE: Only one packet_content_mask profile can be created.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Add Rule button to create a new ACL rule in this profile. Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide previously in this command, before forwarding it on to the specified CoS queue. Otherwise, a packet will have its incoming 802.1p user priority re-written to its original value before being forwarded by the Switch. For more information on priority queues, CoS queues and mapping for 802.1p, see the QoS section of this manual. Replace Priority Tick this check box to replace the Priority value in the adjacent field.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide NOTE: CPU Interface Filtering is used to control traffic access to the switch directly such as protocols transition or management access. A CPU interface filtering rule won’t impact normal L2/3 traffic forwarding. However, an improper CPU interface filtering rule may cause the network to become unstable.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide After clicking the Add CPU ACL Profile button, the following page will appear: Figure 7-24 Add CPU ACL Profile (Ethernet ACL) The fields that can be configured are described below: Parameter Description Profile ID (1-5) Enter a unique identifier number for this profile set. This value can be set from 1 to 5. Select ACL Type Select profile based on Ethernet (MAC Address), IPv4 address, IPv6 address, or packet content mask.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Select button to select a CPU ACL type. Click the Create button to create a profile. Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-27 Add CPU Access Rule (Ethernet ACL) The fields that can be configured are described below: Parameter Description Access ID (1-100) Type in a unique identifier number for this access. This value can be set from 1 to 100. Action Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below).
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-28 CPU Access Rule Detail Information (Ethernet ACL) Click the Show All Rules button to navigate back to the CPU Access Rule List. Adding a CPU IPv4 ACL Profile The window shown below is the Add CPU ACL Profile window for IP (IPv4). To use specific filtering masks in this ACL profile, click the packet filtering mask field to highlight it red. This will add more filed to the mask.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Select ACL Type Select profile based on Ethernet (MAC Address), IPv4 address, IPv6 address, or packet content mask. This will change the menu according to the requirements for the type of profile. Select Ethernet to instruct the Switch to examine the layer 2 part of each packet header. Select IPv4 to instruct the Switch to examine the IP address in each frame's header.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Select button to select a CPU ACL type. Click the Create button to create a profile. Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-32 Add CPU Access Rule (IPv4 ACL) The fields that can be configured are described below: Parameter Description Access ID (1-100) Type in a unique identifier number for this access. This value can be set from 1 to 100. Action Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below).
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Show All Rules button to navigate back to the CPU Access Rule List. Adding a CPU IPv6 ACL Profile The window shown below is the Add CPU ACL Profile window for IPv6. To use specific filtering masks in this ACL profile, click the packet filtering mask field to highlight it red. This will add more filed to the mask.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide header. IPv6 Class Checking this field will instruct the Switch to examine the class field of the IPv6 header. This class field is a part of the packet header that is similar to the Type of Service (ToS) or Precedence bits field in IPv4. IPv6 Flow Label Checking this field will instruct the Switch to examine the flow label field of the IPv6 header.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-37 Add CPU Access Rule (IPv6 ACL) The fields that can be configured are described below: Parameter Description Access ID (1-100) Enter a unique identifier number for this access. This value can be set from 1 to 100. Action Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below).
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-38 CPU Access Rule Detail Information (IPv6 ACL) Click the Show All Rules button to navigate back to the CPU Access Rule List. Adding a CPU Packet Content ACL Profile The window shown below is the Add CPU ACL Profile window for Packet Content. To use specific filtering masks in this ACL profile, click the packet filtering mask field to highlight it red. This will add more filed to the mask.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Select IPv6 to instruct the Switch to examine the IP address in each frame's header. Select Packet Content Mask to specify a mask to hide the content of the packet header. Offset This field will instruct the Switch to mask the packet header beginning with the offset value specified: 0-15 - Enter a value in hex form to mask the packet from the beginning of the packet to the 15th byte.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-42 Add CPU Access Rule (Packet Content ACL) The fields that can be configured are described below: Parameter Description Access ID (1-100) Type in a unique identifier number for this access. This value can be set from 1 to 100. Action Select Permit to specify that the packets that match the access profile are forwarded by the Switch, according to any additional rule added (see below).
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-43 CPU Access Rule Detail Information (Packet Content ACL) Click the Show All Rules button to navigate back to the CPU Access Rule List. ACL Finder The ACL rule finder helps you to identify any rules that have been assigned to a specific port and edit existing rules quickly.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide trTCM, the packet flow is marked green if it doesn’t exceed the CIR and yellow if it does. The configured rate of the CIR must not exceed that of the PIR. The CIR can also be configured for unexpected packet bursts using the CBS and PBS fields. CBS – Committed Burst Size. Measured in bytes, the CBS is associated with the CIR and is used to identify packets that exceed the normal boundaries of packet size.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Profile Name Here the user can enter the Profile Name for the flow meter. Access ID Here the user can enter the Access ID for the flow meter. Click the Find button to locate a specific entry based on the information entered. Click the Add button to add a new entry based on the information entered. Click the View All button to display all the existing entries. Click the Delete All button to remove all the entries listed.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide with a high precedence. trTCM – Specify the “two-rate three-color mode.” CIR – Specify the Committed information Rate. The unit is Kbps. CIR should always be equal or less than PIR. PIR – Specify the Peak information Rate. The unit is Kbps. PIR should always be equal to or greater than CIR. CBS – Specify the Committed Burst Size. The unit is in kilobyte. PBS – Specify the Peak Burst Size. The unit is in kilobyte.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Egress Access Profile List (EI Mode Only) Egress ACL performs per-flow processing of packets when they egress the Switch. The Switch supports three Profile Types, Ethernet ACL, IPv4 ACL, and IPv6 ACL. To view this window, click ACL > Egress Access Profile List as shown below: Add an Ethernet ACL Profile The window shown below is the Add Egress ACL Profile window for Ethernet.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Select Ethernet ACL to instruct the Switch to examine the layer 2 part of each packet header. Select IPv4 ACL to instruct the Switch to examine the IPv4 address in each frame's header. Select IPv6 ACL to instruct the Switch to examine the IPv6 address in each frame's header. Source MAC Mask Enter a MAC address mask for the source MAC address. Destination MAC Mask Enter a MAC address mask for the destination MAC address. 802.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-51 Add Egress Access Rule window (Ethernet ACL) The fields that can be configured are described below: Parameter Description Access ID (1-512) Type in a unique identifier number for this access. This value can be set from 1 to 512. Auto Assign – Ticking this check box will instruct the Switch to automatically assign an Access ID for the rule being created. Ethernet Type Specify the Ethernet type.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Counter Here the user can select the counter. By checking the counter, the administrator can see how many times that the rule was hit. Port When a range of ports is to be configured, the Auto Assign check box MUST be ticked in the Access ID field of this window. If not, the user will be presented with an error message and the access rule will not be configured.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-53 Add Egress ACL Profile window (IPv4 ACL) The fields that can be configured are described below: Parameter Description Profile ID Enter a unique identifier number for this profile set. This value can be set from 1 to 256. Profile Name Enter a profile name for the profile created. Select ACL Type Select profile based on Ethernet (MAC Address), IPv4 address, or IPv6 address.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Mask Protocol Selecting this option instructs the Switch to examine the protocol type value in each frame's header. Then the user must specify what protocol(s) to include according to the following guidelines: Select ICMP to instruct the Switch to examine the Internet Control Message Protocol (ICMP) field in each frame's header.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-54 Egress Access Profile Detail Information window (IPv4 ACL) Click the Show All Profiles button to navigate back to the Access Profile List Page. After clicking the Add/View Rules button, the following page will appear: Figure 7-55 Egress Access Rule List window (IPv4 ACL) Click the Add Rule button to create a new ACL rule in this profile. Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Access ID (1-512) Type in a unique identifier number for this access. This value can be set from 1 to 512. Auto Assign – Ticking this check box will instruct the Switch to automatically assign an Access ID for the rule being created. DSCP Specify the value of DSCP. The DSCP value ranges from 0 to 63.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-57 Egress Access Rule Detail Information (IPv4 ACL) Click the Show All Rules button to navigate back to the Access Rule List. Adding an IPv6 ACL Profile The window shown below is the Add Egress ACL Profile window for IPv6. To use specific filtering masks in this egress ACL profile, click the packet filtering mask field to highlight it red. This will add more filed to the mask.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Profile ID Enter a unique identifier number for this profile set. This value can be set from 1 to 256. Profile Name Enter a profile name for the profile created. Select ACL Type Select profile based on Ethernet (MAC Address), IPv4 address, or IPv6 address. This will change the window according to the requirements for the type of profile.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-60 Egress Access Rule List window (IPv6 ACL) Click the Add Rule button to create a new ACL rule in this profile. Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Priority (0-7) Tick the corresponding check box to re-write the 802.1p default priority of a packet to the value entered in the Priority field, which meets the criteria specified previously in this command, before forwarding it on to the specified CoS queue. Otherwise, a packet will have its incoming 802.1p user priority re-written to its original value before being forwarded by the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-63 Egress ACL Flow Meter window The fields that can be configured are described below: Parameter Description Profile ID Here the user can enter the Profile ID for the flow meter. Profile Name Here the user can enter the Profile Name for the flow meter. Access ID Here the user can enter the Access ID for the flow meter. Click the Find button to locate a specific entry based on the information entered.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Profile ID Here the user can enter the Profile ID for the flow meter. Profile Name Here the user can enter the Profile Name for the flow meter. Access ID Here the user can enter the Access ID for the flow meter. Mode Rate – Specify the rate for single rate two color mode. Rate – Specify the committed bandwidth in Kbps for the flow. Burst Size – Specify the burst size for the single rate two color mode.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 7-65 Egress ACL Flow meter Display window Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Chapter 8 Security 802.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Authentication Server The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator, must be running a RADIUS Server program and must be configured properly on the Authenticator (Switch). Clients connected to a port on the Switch must be authenticated by the Authentication Server (RADIUS) before attaining any services offered by the Switch on the LAN.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Authentication Process Utilizing the three roles stated above, the 802.1X protocol provides a stable and secure way of authorizing and authenticating users attempting to access the network. Only EAPOL traffic is allowed to pass through the specified port before a successful authentication is made. This port is “locked” until the point when a Client with the correct username and password (and MAC address if 802.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Host-Based Network Access Control In order to successfully make use of 802.1X in a shared media LAN segment, it would be necessary to create “logical” Ports, one for each attached device that required access to the LAN.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide 802.1X Port Settings Users can configure the 802.1X authenticator port settings. To view this window, click Security > 802.1X > 802.1X Port Settings as shown below: Figure 8-10 802.1X Port Settings The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. From Port / To Port Select a range of ports you wish to configure.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide state machine will retransmit an EAP Request packet to the Supplicant before it times out the authentication session. Its default value is 2; it can be set by management to any value in the range from 1 to 10. TxPeriod This sets the TxPeriod of time for the authenticator PAE state machine. This value determines the period of an EAP Request/Identity packet transmitted to the client. The default setting is 30 seconds.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-11 802.1X User Settings window The fields that can be configured are described below: Parameter Description 802.1X User The user can enter an 802.1X user’s username in here. Password The user can enter an 802.1X user’s password in here. Confirm Password The user can re-enter an 802.1X user’s password in here. Click the Apply button to accept the changes made.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide fully operational target VLAN and normal switch functions will be open to the client. If the authenticator does not have target VLAN placement information, the client will be returned to its originating VLAN. Yet, if the client is denied authentication by the authenticator, it will be placed in the Guest VLAN where it has limited rights and access.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-14 Authenticator State window The fields that can be configured are described below: Parameter Description Unit Select the unit to be displayed. Port Select a port to be displayed. Click the Find button to locate a specific entry based on the information entered. Click the Refresh button to refresh the display table so that new entries will appear.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-15 Authenticator Statistics window NOTE: The Authenticator Statistics cannot be viewed on the Switch unless 802.1X is enabled by port or by MAC address. To enable 802.1X, go to Security > 802.1X > 802.1X Global Settings, and select Port-based or Mac-based from the Authentication Mode drop-down menu.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-16 Authenticator Session Statistics window NOTE: The Authenticator Session Statistics cannot be viewed on the Switch unless 802.1X is enabled by port or by MAC address. To enable 802.1X, go to Security > 802.1X > 802.1X Global Settings, and select Port-based or Mac-based from the Authentication Mode dropdown menu.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-17 Authenticator Diagnostics window NOTE: The Authenticator Diagnostics cannot be viewed on the Switch unless 802.1X is enabled by port or by MAC address. To enable 802.1X, go to Security > 802.1X > 802.1X Global Settings, and select Port-based or Mac-based from the Authentication Mode drop-down menu. Initialize Port(s) Existing 802.1X port and MAC settings are displayed and can be configured using the window below.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide If MAC-based is selected in the Authentication Mode drop-down menu in 802.1X Global Settings window, the following window appears. Figure 8-19 Initialize Port(s) - MAC-based window The fields that can be configured are described below: Parameter Description Unit Select the unit to be displayed. From Port / To Port Select a port or range of ports to be displayed.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide RADIUS Authentication RADIUS Server Settings The RADIUS feature of the Switch allows the user to facilitate centralized user administration as well as providing protection against a sniffing, active hacker.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide IPv6 Address (EI Mode Only) Set the RADIUS server IPv6 address. Authentication Port Set the RADIUS authentic server(s) UDP port which is used to transmit RADIUS data between the Switch and the RADIUS server. The default port is 1812. Accounting Port Set the RADIUS account server(s) UDP port which is used to transmit RADIUS accounting statistics between the Switch and the RADIUS server. The default port is 1813.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide To view this window, click Security > RADIUS > RADIUS Authentication as shown below: Figure 8-24 RAIUS Authentication window The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds. The default value is one second.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Request is sent and decremented due to receipt of an Access-Accept, Access-Reject or Access-Challenge, a timeout or retransmission. Timeouts The number of authentication timeouts to this server. After a timeout the client may retry to the same server, send to a different server, or give up. A retry to the same server is counted as a retransmit as well as a timeout.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Request that matched it from this RADIUS accounting server. Requests The number of RADIUS Accounting-Request packets sent. This does not include retransmissions. Retransmissions The number of RADIUS Accounting-Request packets retransmitted to this RADIUS accounting server. Retransmissions include retries where the Identifier and Acct-Delay have been updated, as well as those in which they remain the same.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-26 IMPB Global Settings The fields that can be configured are described below: Parameter Description Trap / Log Click the radio buttons to enable or disable the sending of trap/log messages for IPMAC-port binding. When Enabled, the Switch will send a trap message to the SNMP agent and the Switch log when an ARP packet is received that doesn’t match the IPMAC-port binding configuration set on the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. From Port / To Port Select a range of ports to set for IP-MAC-port binding. ARP Inspection When the ARP inspection function is enabled, the legal ARP packets are forwarded, while the illegal packets are dropped. Disabled - Disable the ARP inspection function.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description IP Address Enter the IP address to bind to the MAC address set below. MAC Address Enter the MAC address to bind to the IP Address set above. Ports Specify the switch ports for which to configure this IP-MAC binding entry (IP Address + MAC Address). Tick the All Ports check box to configure this entry for all ports on the Switch. Click the Apply button to accept the changes made.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-30 DHCP Snooping Max Entry Settings window The fields that can be configured are described below: Parameter Description From Port / To Port Use the drop-down menus to select a range of ports to use. Maximum Entry Enter the maximum entry value. Click the Apply button to accept the changes made. DHCP Snooping Entry This window is used to view dynamic entries on specific ports.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Ports (e.g.: 1, 7-12) Specify the ports for which to view DHCP snooping entries. Tick the All check box to clear entries for all ports. Click the Find button to locate a specific entry based on the port number selected. Click the Clear button to clear all the information entered in the fields. Click the View All button to display all the existing entries.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-32 MAC-based Access Control Settings window The fields that can be configured are described below: Parameter Description MAC-based Access Control State Toggle to globally enable or disable the MAC-based access control function on the Switch. Method Use this drop-down menu to choose the type of authentication to be used when authentication MAC addresses on a given port.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Max User Enter the maximum amount of users of the Switch. VLAN Name Enter the name of the previously configured Guest VLAN being used for this function. VID Click the radio button and enter a Guest VLAN ID. Member Ports Enter the list of ports that have been configured for the Guest VLAN. Unit Select the unit you want to configure.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Find by MAC button to locate a specific entry based on the MAC address entered. Click the Find by VLAN button to locate a specific entry based on the VLAN name or ID entered. Click the View All button to display all the existing entries. To change the selected MAC address’ VLAN Name, the user can click the Edit by Name button.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide authenticating stage when users attempt to browse Web pages (e.g., http://www.dlink.com) through a Web browser. When the Switch detects HTTP or HTTPS packets and this port is un-authenticated, the Switch will launch a pop-up user name and password window to query users. Users are not able to access the Internet until the authentication process is passed.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Conditions and Limitations 1. If the client is utilizing DHCP to attain an IP address, the authentication VLAN must provide a DHCP server or a DHCP relay function so that client may obtain an IP address.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide 2. Certain functions exist on the Switch that will filter HTTP packets, such as the Access Profile function. The user needs to be very careful when setting filter functions for the target VLAN, so that these HTTP packets are not denied by the Switch. 3.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide HTTPS – Specifies that the TCP port will run the WAC HTTPS protocol. The default value is 443. HTTPS cannot run at TCP port 80. Click the Apply button to accept the changes made for each individual section. NOTE: A successful authentication should direct the client to the stated web page.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide To view this window, click Security > Web-based Access Control (WAC) > WAC Port Settings as shown below: Figure 8-39 WAC Port Settings window The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. From Port Use this drop-down menu to select the beginning port of a range of ports to be enabled as WAC ports.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Enter a value between 0 and 300 seconds. The default value is 60 seconds. Click the Apply button to accept the changes made. WAC Authentication State Users can view and delete the hosts for Web authentication.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-41 Compound Authentication Settings window (SI Mode Only) Figure 8-42 Compound Authentication Settings window (EI Mode Only) 237
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Authorization Network State Click the radio buttons to enable of disable the Authorization Network State. Authentication Server Failover Click the radio buttons to configure the authentication server failover function. Local. The switch will resort to using the local database to authenticate the client.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-43 Compound Authentication Guest VLAN Settings window The fields that can be configured are described below: Parameter Description VLAN Name Click the button and assign a VLAN as a Guest VLAN. The VLAN must be an existing static VLAN. VID (1-4094) Click the button and assign a VLAN ID for a Guest VLAN. The VLAN must be an existing static VLAN before this VID can be configured. Port List (e.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-44 Port Security Settings window The fields that can be configured are described below: Parameter Description Port Security Trap/Log Settings Use the radio button to enable or disable Port Security Traps and Logs on the Switch. System Max Address Enter the system maximum address. Unit Select the unit you want to configure. From Port The beginning port of a consecutive group of ports to be configured.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide After clicking the View Detail button, the following page will appear: Figure 8-45 Port Security Port-VLAN Settings window Click the Apply button to accept the changes made. Click the <
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-47 Port Security Entries window The fields that can be configured are described below: Parameter Description VLAN Name The VLAN Name of the entry in the forwarding database table that has been permanently learned by the Switch. VID List The VLAN ID of the entry in the forwarding database table that has been permanently learned by the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description Gateway IP Address Enter the gateway IP address to help prevent ARP Spoofing. Gateway MAC Address Enter the gateway MAC address to help prevent ARP Spoofing. Ports Enter the port numbers that this feature applies to. Alternatively the user can select All Ports to apply this feature to all the ports of the switch. Click the Apply button to accept the changes made.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-49 BPDU Attack Protection window The fields that can be configured are described below: Parameter Description BPDU Attack Protection State Click the radio buttons to enable or disable the BPDU Attack Protection state. Trap State Specify when a trap will be sent. Options to choose from are None, Attack Detected, Attack Cleared or Both. Log State Specify when a log entry will be sent.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Loopback Detection Settings The Loopback Detection (LBD) function is used to detect the loop created by a specific port. This feature is used to temporarily shut down a port on the Switch when a CTP (Configuration Testing Protocol) packet has been looped back to the Switch. When the Switch detects CTP packets received from a port or a VLAN, this signifies a loop on the network.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide To Port Use the drop-down menu to select an ending port number. State Use the drop-down menu to toggle between Enabled and Disabled. Click the Apply button to accept the changes made for each individual section. Traffic Segmentation Settings Traffic segmentation is used to limit traffic flow from a single or group of ports, to a group of ports.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide be displayed. Click the Apply button to accept the changes made. NetBIOS Filtering Settings NetBIOS is an application programming interface, providing a set of functions that applications use to communicate across networks. NetBEUI, the NetBIOS Enhanced User Interface, was created as a data-link-layer frame structure for NetBIOS.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide DHCP Server Screening This function allows the user to not only to restrict all DHCP Server packets but also to receive any specified DHCP server packet by any specified DHCP client, it is useful when one or more DHCP servers are present on the network and both provide DHCP services to different distinct groups of clients.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description Filter DHCP Server Trap Log State Enable or disable this feature. Illegal Server Log Suppress Duration Choose an illegal server log suppress duration of 1 minute, 5 minutes, or 30 minutes. Unit Select the unit you want to configure. From Port/To Port A consecutive group of ports may be configured starting with the selected port.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide • Extended TACACS (XTACACS) - An extension of the TACACS protocol with the ability to provide more types of authentication requests and more types of response codes than TACACS. This protocol also uses UDP to transmit packets. • TACACS+ (Terminal Access Controller Access Control System plus) - Provides detailed access control for authentication for network devices.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide "enable", and a password configured by the administrator that will support the "enable" function. This function becomes inoperable when the authentication policy is disabled.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Authentication Policy Use the pull-down menu to enable or disable the Authentication Policy on the Switch. Response Timeout (0255) This field will set the time the Switch will wait for a response of authentication from the user. The user may set a time between 0 and 255 seconds. The default setting is 30 seconds.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Authentication Server Group Settings Users can set up Authentication Server Groups on the Switch. A server group is a technique used to group TACACS/XTACACS/TACACS+/RADIUS server hosts into user-defined categories for authentication using method lists. The user may define the type of server group by protocol or by previously defined server group.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-60 Authentication Server Group Settings – Edit Server Group window To add an Authentication Server Host to the list, enter its name in the Group Name field, IP address in the IP Address field, use the drop-down menu to choose the Protocol associated with the IP address of the Authentication Server Host, and then click Add to add this Authentication Server Host to the group.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-61 Authentication Server Settings window The fields that can be configured are described below: Parameter Description IP Address The IP address of the remote server host to add. Protocol The protocol used by the server host. The user may choose one of the following: TACACS - Enter this parameter if the server host utilizes the TACACS protocol.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Successful login using any of these techniques will give the user a "User" privilege only. If the user wishes to upgrade his or her status to the administrator level, the user must use the Enable Admin window, in which the user must enter a previously configured password, set by the administrator.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide by the Administrator. A maximum of eight Enable Method Lists can be implemented on the Switch, one of which is a default Enable Method List. This default Enable Method List cannot be deleted but can be configured. The sequence of methods implemented in this command will affect the authentication result.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide TACACS protocol from a remote TACACS server. Click the Apply button to accept the changes made. Click the Edit button to re-configure the specific entry. Click the Delete button to remove the specific entry. Local Enable Password Settings Users can configure the locally enabled password for Enable Admin.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide 3 CBC Block Ciphers – CBC refers to Cipher Block Chaining, which means that a portion of the previously encrypted block of encrypted text is used in the encryption of the current block. The Switch supports the 3DES EDE encryption code defined by the Data Encryption Standard (DES) to create the encrypted text.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-65 SSL Settings window To set up the SSL function on the Switch, configure the parameters in the SSL Settings section described. The fields that can be configured are described below: Parameter Description SSL Status Use the radio buttons to enable or disable the SSL status on the Switch. The default is Disabled.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide This field is Enabled by default. Click the Apply button to accept the changes made. To download SSL certificates, configure the parameters in the SSL Certificate Download section described below. Parameter Description Server IP Address Enter the IPv4 address of the TFTP server where the certificate files are located. Certificate File Name Enter the path and the filename of the certificate file to download.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-66 SSH Settings window The fields that can be configured are described below: Parameter Description SSH Server State Use the radio buttons to enable or disable SSH on the Switch. The default is Disabled. Max. Session Enter a value between 1 and 8 to set the number of users that may simultaneously access the Switch. The default setting is 8. Connection Timeout Allows the user to set the connection timeout.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-67 SSH Authentication Method and Algorithm Settings window The fields that can be configured for SSH Authentication Mode are described below: Parameter Description Password This may be enabled or disabled to choose if the administrator wishes to use a locally configured password for authentication on the Switch. This parameter is enabled by default.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Twofish128 Use the check box to enable or disable the twofish128 encryption algorithm. The default is enabled. Twofish192 Use the check box to enable or disable the twofish192 encryption algorithm. The default is enabled. Twofish256 Use the check box to enable or disable the twofish256 encryption algorithm. The default is enabled. Click the Apply button to accept the changes made.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide remote SSH server for authentication purposes. Choosing this parameter requires the user to input the following information to identify the SSH user. Password – This parameter should be chosen if the administrator wishes to use an administrator-defined password for authentication. Upon entry of this parameter, the Switch will prompt the administrator for a password, and then to re-type the password for confirmation.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-70 Trusted Host window (EI Mode Only) When the user clicks the Edit button, one will be able to edit the service allowed to the selected host. The fields that can be configured are described below: Parameter Description IPv4 Address Enter an IPv4 address to add to the trusted host list. IPv6 Address (EI Mode Only) Enter an IPv6 address to add to the trusted host list.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide many packets flooding the Switch. If the threshold has been crossed, the Switch will initially stop all ingress ARP and IP broadcast packets and packets from un-trusted IP addresses for five seconds. After another five-second checking interval arrives, the Switch will again check the ingress flow of packets. If the flooding has stopped, the Switch will again begin accepting all packets.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 8-72 Safeguard Engine Settings window The fields that can be configured are described below: Parameter Description Safeguard Engine State Use the radio button to globally enable or disable Safeguard Engine settings for the Switch. Rising Threshold (20% 100%) Used to configure the acceptable level of CPU utilization before the Safeguard Engine mechanism is enabled.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Chapter 9 Network Application DHCP SNTP Flash File System Settings DHCP DHCP Relay DHCP Relay Global Settings Users can enable and configure DHCP Relay Global Settings. The relay hops count limit allows the maximum number of hops (routers) that the DHCP messages can be relayed through to be set. If a packet’s hop count is more than the hop count limit, the packet is dropped.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Threshold (0-65535) for routing a DHCP packet. If a value of 0 is entered, the Switch will not process the value in the seconds’ field of the DHCP packet. If a non-zero value is entered, the Switch will use that value, along with the hop count to determine whether to forward a given DHCP packet. DHCP Relay Option 82 State This field can be toggled between Enabled and Disabled using the pull-down menu.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide NOTE: If the Switch receives a packet that contains the option 82 field from a DHCP client and the information-checking feature is enabled, the Switch drops the packet because it is invalid. However, in some instances, users may configure a client with the option 82 field. In this situation, disable the information check feature so that the Switch does not remove the option 82 field from the packet.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide DHCP Relay Interface Settings Users can set up a server, by IP address, for relaying DHCP information to the Switch. The user may enter a previously configured IP interface on the Switch that will be connected directly to the DHCP server using this window. Properly configured settings will be displayed in the DHCP Relay Interface Table at the bottom of the window, once the user clicks the Apply button.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Delete button to remove the specific entry. Click the Delete All button to remove all the entries listed. NOTE: When there is no matching server found for the packet based on option 60, the relay servers will be determined by the default relay server setting.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide DHCP Relay Option 61 Settings On this page the user can configure, add and delete DHCP relay option 61 parameters.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 9-8 DHCP Local Relay Settings window The fields that can be configured are described below: Parameter Description DHCP Local Relay Global State Enable or disable the DHCP Local Relay Global State. The default is Disabled. VLAN Name This is the VLAN Name that identifies the VLAN the user wishes to apply the DHCP Local Relay operation. State Enable or disable the configure DHCP Local Relay for VLAN state.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide SNTP First Server The IP address of the primary server from which the SNTP information will be taken. SNTP Second Server The IP address of the secondary server from which the SNTP information will be taken. SNTP Poll Interval In Seconds (30-99999) The interval, in seconds, between requests for updated SNTP information. Click the Apply button to accept the changes made.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description DST Repeating Settings Using repeating mode will enable DST seasonal time adjustment. Repeating mode requires that the DST beginning and ending date be specified using a formula. For example, specify to begin DST on Saturday during the second week of April and end DST on Sunday during the last week of October. From: Which Week Of The Month Enter the week of the month that DST will start.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide To view this window, click Network Application > Flash File System Settings as shown below: Figure 9-11Flash File System Settings window Enter the Current Path string and click the Go button to navigate to the path entered.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Apply button to initiate the copy. Click the Cancel button the discard the process. After clicking the Move button, the following page will appear: Figure 9-14 Flash File System Settings – Move window When moving a file to another place, the user must enter the Source and Destination path. Click the Apply button to initiate the copy. Click the Cancel button the discard the process.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Chapter 10 OAM Cable Diagnostics Cable Diagnostics The cable diagnostics feature is designed primarily for administrators or customer service representatives to verify and test copper cables; it can rapidly determine the quality of the cables and the types of error.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Chapter 11 Monitoring Utilization Statistics Mirror sFlow (EI Mode Only) Ping Test Trace Route Peripheral Utilization CPU Utilization Users can display the percentage of the CPU being used, expressed as an integer percentage and calculated as a simple average by time interval.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second. Record Number Select number of times the Switch will be polled between 20 and 200. The default value is 200. Show/Hide Check whether or not to display Five Seconds, One Minute, and Five Minutes. Click the Apply button to accept the changes made.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 11-3 Port Utilization window To select a port to view these statistics for, select the port by using the Port pull-down menu. The user may also use the real-time graphic of the Switch at the top of the web page by simply clicking on a port. The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Received (RX) To select a port to view these statistics for, select the port by using the Port pull-down menu. The user may also use the real-time graphic of the Switch at the top of the web page by simply clicking on a port.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. Port Use the drop-down menu to choose the port that will display statistics. Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second. Record Number Select number of times the Switch will be polled between 20 and 200.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 11-6 UMB_cast (RX) window (for Unicast, Multicast, and Broadcast Packets) Click the View Table link to display the information in a table rather than a line graph. Figure 11-7 RX Packets Analysis window (table for Unicast, Multicast, and Broadcast Packets) The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Port Use the drop-down menu to choose the port that will display statistics. Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second. Record Number Select number of times the Switch will be polled between 20 and 200. The default value is 200. Unicast Counts the total number of good packets that were received by a unicast address.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 11-9 TX Packets Analysis window (table for Bytes and Packets) The fields that can be configured are described below: Parameter Description Port Use the drop-down menu to choose the port that will display statistics. Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Received (RX) To select a port to view these statistics for, select the port by using the Port pull-down menu. The user may also use the real-time graphic of the Switch at the top of the web page by simply clicking on a port.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description Unit Select the unit you want to configure. Port Use the drop-down menu to choose the port that will display statistics. Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second. Record Number Select number of times the Switch will be polled between 20 and 200. The default value is 200.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 11-12 Transmitted (TX) window (for errors) Click the View Table link to display the information in a table rather than a line graph. Figure 11-13 TX Error Analysis window (table) The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. Port Use the drop-down menu to choose the port that will display statistics.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Time Interval Select the desired setting between 1s and 60s, where "s" stands for seconds. The default value is one second. Record Number Select number of times the Switch will be polled between 20 and 200. The default value is 200. ExDefer Counts the number of packets for which the first transmission attempt on a particular interface was delayed because the medium was busy.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 11-14 Packet Size window Click the View Table link to display the information in a table rather than a line graph. Figure 11-15 RX Size Analysis window (table) The fields that can be configured are described below: Parameter Description Unit Select the unit you want to configure. Port Use the drop-down menu to choose the port that will display statistics.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Record Number Select number of times the Switch will be polled between 20 and 200. The default value is 200. 64 The total number of packets (including bad packets) received that were 64 octets in length (excluding framing bits but including FCS octets).
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description State Click the radio buttons to enable or disable the Port Mirroring feature. Target Port Use the drop-down menu to select the Target Port used for Port Mirroring. Unit Select the unit you want to configure. TX (Egress) Click the radio buttons to select whether the port should include outgoing traffic.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Parameter Description RSPAN State Click the radio buttons to enable or disable the RSPAN feature. VLAN Name Create the RSPAN VLAN by VLAN name. VID Create the RSPAN VLAN by VLAN ID. Click the Apply button to accept the changes made. Click the Add button to add a new entry based on the information entered. Click the Modify button to re-configure the specific entry. Click the Delete button to remove the specific entry.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 11-19 sFlow Global Settings window The fields that can be configured are described below: Parameter Description sFlow State Here the user can enable or disable the sFlow feature. Click the Apply button to accept the changes made. sFlow Analyzer Server Settings The Switch can support 4 different Analyzer Servers at the same time and each sampler or poller can select a collector to send the samples.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Timeout The length of time before the server times out. When the analyzer server times out, all of the flow samplers and counter pollers associated with this analyzer server will be deleted. If not specified, its default value is 400. Collector Address The IP address of the analyzer server. If not specified or set a 0 address, the entry will be inactive.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide be encapsulated and forwarded to the server. If not specified, the default value is 128. Click the Apply button to accept the changes made. Click the Delete All button to remove all the entries listed. Click the Edit button to re-configure the specific entry. Click the Delete button to remove the specific entry. sFlow Counter Poller Settings On this page the user can configure the sFlow counter poller parameters.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 11-23 Ping Test window (SI Mode Only) Figure 11-24 Ping Test window (EI Mode Only) The user may click the Infinite times radio button, in the Repeat Pinging for field, which will tell the ping program to keep sending ICMP Echo packets to the specified IP address until the program is stopped.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide After clicking the Start button, the following page will appear: Figure 11-25 Ping Test Result window Click the Stop button to halt the Ping Test. Click the Resume button to resume the Ping Test. Trace Route The trace route page allows the user to trace a route between the switch and a given host on the network.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 11-27 Trace Route window (EI Mode Only) The fields that can be configured are described below: Parameter Description IPv4 Address / IPv6 Address IP address of the destination station. TTL The time to live value of the trace route request. This is the maximum number of routers that a trace route packet can pass. The trace route option will cross while seeking the network path between two devices.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Click the Stop button to halt the Trace Route. Click the Resume button to resume the Trace Route. Peripheral Device Environment The device environment feature displays the Switch internal temperature status. To view this window, click Monitoring > Peripheral > Device Environment as shown below: Figure 11-29 Device Environment window Click the Refresh button to refresh the display table so that new entries will appear.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Chapter 12 Save and Tools Save Configuration / Log To view this window, click Save > Save Configuration / Log, as shown below. Save Configuration allows the user to backup the configuration of the switch to a folder on the computer. Select Configuration from the Type drop-down menu and enter the File Path in the space provided and click Apply.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide To view this window, click Tools > Stacking Information, as shown below. Figure 12-4 Stacking Information window The Stacking Information window displays the following information: Parameter Description Topology Show the current topology employed using this Switch. My Box ID Display the Box ID of the Switch currently in use. Master ID Display the Unit ID number of the Primary Master of the Switch stack.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Download firmware The following window is used to download firmware for the Switch. Download Firmware From TFTP This page allows the user to download firmware from a TFTP Server to the Switch and updates the switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 12-7 Download Firmware – HTTP window The fields that can be configured are described below: Parameter Description Unit Use the drop-down menu to select a unit for receiving the firmware. Select All for all units. Destination File Enter the location of the Destination File. Source File Enter the location of the Source File or click the Browse button to navigate to the firmware file for the download.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Unit Use the drop-down menu to select a unit for uploading the firmware. TFTP Server IP Enter the TFTP server IP address used. IPv4(EI Mode Only) Click the radio button to enter the TFTP server IP address used. IPv6 (EI Mode Only) Click the radio button to enter the TFTP server IPv6 address used.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide TFTP Server IP Enter the TFTP server IP address used. IPv4 (EI Mode Only) Click the radio button to enter the TFTP server IP address used. IPv6 (EI Mode Only) Click the radio button to enter the TFTP server IPv6 address used. Destination File Enter the location and name of the Destination File. Source File Enter the location and name of the Source File. Click Download to initiate the download.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 12-13 Upload Configuration – TFTP window (SI Mode Only) Figure 12-14 Upload Configuration – TFTP window (EI Mode Only) The fields that can be configured are described below: Parameter Description Unit Use the drop-down menu to select a unit for uploading the configuration file. TFTP Server IP Enter the TFTP server IP address used. IPv4 (EI Mode Only) Click the radio button to enter the TFTP server IP address used.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Figure 12-15 Upload Configuration – HTTP window The fields that can be configured are described below: Parameter Description Unit Use the drop-down menu to select a unit for uploading the configuration file. Destination File Enter the location and name of the Destination File. Click Upload to initiate the upload. Upload Log File The following window is used to upload the log file from the Switch.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide IPv4 (EI Mode Only) Click the radio button to enter the TFTP server IP address used. IPv6 (EI Mode Only) Click the radio button to enter the TFTP server IPv6 address used. Destination File Enter the location and name of the Destination File. Log Type Select the type of log to be transferred. Selecting the Common Log option here will upload the common log entries.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide The fields that can be configured are described below: Parameter Description Reset Selecting this option will factory reset the Switch but not the IP Address, User Accounts and the Banner. Reset Config Selecting this option will factory reset the Switch but not perform a Reboot. Reset System Selecting this option will factory reset the Switch and perform a Reboot. Click the Apply button to initiate the Reset action.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide 314
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Appendix A Mitigating ARP Spoofing Attacks Using Packet Content ACL How Address Resolution Protocol works Address Resolution Protocol (ARP) is the standard method for finding a host’s hardware address (MAC address) when only its IP address is known. However, this protocol is vulnerable because crackers can spoof the IP and MAC information in the ARP packets to attack a LAN (known as ARP spoofing).
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide When the switch receives the frame, it will check the “Source Address” in the Ethernet frame’s header. If the address is not in its Forwarding Table, the switch will learn PC A’s MAC and the associated port into its Forwarding Table. In addition, when the switch receives the broadcasted ARP request, it will flood the frame to all ports except the source port, port 1 (see Figure 2).
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Table 4 Ethernet Frame Format The switch will also examine the “Source Address” of the Ethernet frame and find that the address is not in the Forwarding Table. The switch will learn PC B’s MAC and update its Forwarding Table.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide A common DoS attack today can be done by associating a nonexistent or any specified MAC address to the IP address of the network’s default gateway. The malicious attacker only needs to broadcast one Gratuitous ARP to the network claiming it is the gateway so that the whole network operation will be turned down as all packets to the Internet will be directed to the wrong node.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide 2. The switch will deny all other ARP packets which claim they are from the gateway’s IP. The design of Packet Content ACL on the Switch enables users to inspect any offset chunk. An offset chunk is a 4-byte block in a HEX format, which is utilized to match the individual field in an Ethernet frame. Each profile is allowed to contain up to a maximum of four offset chunks.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide 0x806 port 1-12 permit correct Source MAC in the Ethernet frame can pass through the switch. Step 3: create access_profile profile_id 2 profile_name 2 packet_content_mask offset_chunk_1 3 0xFFFF offset_chunk_2 7 0xFFFF offset_chunk_3 8 0xFFFF0000 Create access profile 2 The first chunk starts from Chunk 3 mask for Ethernet Type.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Appendix B Password Recovery Procedure This document describes the procedure for resetting passwords on D-Link Switches. Authenticating any user who tries to access networks is necessary and important. The basic authentication method used to accept qualified users is through a local login, utilizing a Username and Password.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Appendix C Trap Logs This table lists the trap logs found on the Switch. Log Entry Description ID L2macNotification This trap indicates the MAC address variations in the address table. 1.3.6.1.4.1.171.11.101.1.2.100.1.2.0.1 L2PortSecurityViolationTrap When the port security trap is enabled, new MAC addresses that violate the pre-defined port security configuration will trigger trap messages to be sent out. 1.3.6.1.4.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide generates a link down notification. SingleIPMSLinkUp The commander switch will send swSingleIPMSLinkUp notification to the indicated host when its member generates a link up notification. 1.3.6.1.4.1.171.12.8.6.0.14 SingleIPMSAuthFail The commander switch will send swSingleIPMSAuthFail notification to the indicated host when its member generates an authentation failure notification 1.3.6.1.4.1.171.12.8.6.0.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide risingAlarm This trap is an SNMP notification that is generated when a high capacity alarm entry crosses its rising threshold and generates an event that is configured for sending SNMP traps. 1.3.6.1.2.1.16.29.2.0.1 fallingAlarm This trap is an SNMP notification that is generated when a high capacity alarm entry crosses its falling threshold and generates an event that is configured for sending SNMP traps. 1.3.6.1.2.1.16.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide Appendix D Glossary 1000BASE-SX: A short laser wavelength on multimode fiber optic cable for a maximum length of 550 meters 1000BASE-LX: A long wavelength for a "long haul" fiber optic cable for a maximum length of 10 kilometers 100BASE-FX: 100Mbps Ethernet implementation over fiber. 100BASE-TX: 100Mbps Ethernet implementation over Category 5 and Type 1 Twisted Pair cabling. 10BASE-T: The IEEE 802.
xStack® DGS-3120 Series Layer 2 Stackable Managed Switch Web UI Reference Guide multicast: Single packets copied to a specific subset of network addresses. These addresses are specified in the destinationaddress field of the packet. protocol: A set of rules for communication between devices on a network. The rules dictate format, timing, sequencing and error control. resilient link: A pair of ports that can be configured so that one will take over data transmission should the other fail.
