D-link DES-3028, DES-3028G, DES-3052P, DES-3052, DES-3028P User Manual

Download

Page 1

User Manual

Product Model : DES-3028/DES-3028P/DES-3028G/DES-

3052/DES-3052P

Managed 10/100Mbps Fast Ethernet Switch Release 2

Page 2

________________________________________________________________________________________________________

Information in this document is subject to change without notice. © 2009 D-Link Corporation. All rights reserved. Reproduction in any manner whatsoever without the written permission of D-Link Computer Corporation is strictly forbidden. Trademarks used in this text: D-Link and the D-LINK logo are trademarks of D-Link Computer Corporation; Microsoft and Windows are registered trademarks of

Microsoft Corporation. Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. D-Link Computer

Corporation disclaims any proprietary interest in trademarks and trade names other than its own. January 2009 P/N 651ES3028025G

Page 3

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Preface........................................................................................................................................................... viii

Intended Readers ............................................................................................................................................ix

Typographical Conventions ...........................................................................................................................ix

Notes, Notices, and Cautions..........................................................................................................................ix

Safety Instructions ...........................................................................................................................................x

Safety Cautions..............................................................................................................................................................................x

General Precautions for Rack-Mountable Products......................................................................................................................xi

Protecting Against Electrostatic Discharge..................................................................................................................................xii

Introduction...................................................................................................................................................... 1

DES-3028/28P/28G/52/52P.............................................................................................................................. 1

Features.......................................................................................................................................................................................... 1

Ports...............................................................................................................................................................................................2

LED Indicators............................................................................................................................................................................... 3

Front-Panel Description.................................................................................................................................................................5

Rear Panel Description................................................................................................................................................................... 6

Side Panel Description................................................................................................................................................................... 6

Gigabit Combo Ports......................................................................................................................................................................7

Installing the SFP ports.................................................................................................................................................................. 8

Installation........................................................................................................................................................ 9

Package Contents........................................................................................................................................................................... 9

Before You Connect to the Network.............................................................................................................................................. 9

Installing the Switch without the Rack ........................................................................................................................................ 10

Installing the Switch in a Rack..................................................................................................................................................... 10

Mounting the Switch in a Standard 19" Rack..............................................................................................................................11

Connecting the Switch ...................................................................................................................................12

Switch to End Node..................................................................................................................................................................... 12

Switch to Hub or Switch.............................................................................................................................................................. 13

Introduction to Switch Management ...........................................................................................................14

Management Options.....................................................................................................................................14

Web-based Management Interface............................................................................................................................................... 14

SNMP-Based Management.......................................................................................................................................................... 14

Connecting the Console Port (RS-232 DCE)............................................................................................................................... 14

First Time Connecting to the Switch ........................................................................................................................................... 16

Password Protection..................................................................................................................................................................... 16

SNMP Settings............................................................................................................................................................................. 17

IP Address Assignment................................................................................................................................................................ 18

Web-based Switch Configuration.................................................................................................................21

Introduction....................................................................................................................................................

Page 4

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Login to Web Manager................................................................................................................................................................21

Web-based User Interface............................................................................................................................................................ 22

Web Pages.................................................................................................................................................................................... 24

Administration ...............................................................................................................................................25

Device Information ........................................................................................................................................26

IP Address.......................................................................................................................................................28

Setting the Swith’s IP Address using the Console Interface ........................................................................................................ 30

Port Configuration......................................................................................................................................... 31

Port Settings................................................................................................................................................................................. 31

Port Description...........................................................................................................................................................................33

Port Error Disabled......................................................................................................................................................................33

DHCP/BOOTP Relay ....................................................................................................................................35

DHCP/BOOTP Relay Global Settings......................................................................................................................................... 35

DHCP/BOOTP Relay Interface Settings......................................................................................................................................38

DHCP Local Relay Settings......................................................................................................................................................... 38

User Accounts................................................................................................................................................. 40

Cable Diagnostics........................................................................................................................................... 42

Port Mirroring ...............................................................................................................................................44

System Log Settings .......................................................................................................................................45

Log Settings ....................................................................................................................................................47

SNTP Settings.................................................................................................................................................48

Time Settings...............................................................................................................................................................................48

Time Zone and DST..................................................................................................................................................................... 49

MAC Notification Settings ............................................................................................................................51

TFTP Services ................................................................................................................................................

Multiple Image Services ................................................................................................................................5

Firmware Information..................................................................................................................................................................53

Config Firmware Image............................................................................................................................................................... 53

Ping Test .........................................................................................................................................................54

Safeguard Engine........................................................................................................................................... 54

SNMP Manager..............................................................................................................................................57

SNMP Settings............................................................................................................................................................................. 57

SNMP Traps Settings................................................................................................................................................................... 58

SNMP User Table........................................................................................................................................................................ 58

SNMP View Table....................................................................................................................................................................... 60

SNMP Group Table ..................................................................................................................................................................... 61

SNMP Community Table Configuration ..................................................................................................................................... 62

SNMP Host Table........................................................................................................................................................................ 63

SNMP Engine ID......................................................................................................................................................................... 64

PoE System .....................................................................................................................................................65

iii

Page 5

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

PoE System Configuration........................................................................................................................................................... 65

PoE Port Configuration................................................................................................................................................................ 66

Single IP Settings............................................................................................................................................68

SIM Settings................................................................................................................................................................................. 69

Topology...................................................................................................................................................................................... 71

Tool Tips ...................................................................................................................................................................................... 73

Right-Click................................................................................................................................................................................... 74

Menu Bar ..................................................................................................................................................................................... 76

Firmware Upgrade.......................................................................................................................................................................77

Configuration Backup/Restore..................................................................................................................................................... 77

Upload Log..................................................................................................................................................................................78

Forwarding & Filtering.................................................................................................................................78

Unicast Forwarding...................................................................................................................................................................... 78

Multicast Forwarding................................................................................................................................................................... 79

Multicast Filtering Mode ............................................................................................................................................................. 81

SMTP Service................................................................................................................................................. 82

SMTP Server Settings.................................................................................................................................................................. 83

SMTP Service.............................................................................................................................................................................. 83

L2 Features..................................................................................................................................................... 85

VLANs.............................................................................................................................................................85

Static VLAN Entry....................................................................................................................................................................... 90

GVRP Settings............................................................................................................................................................................. 92

VLAN Trunk Settings.................................................................................................................................................................. 94

QinQ............................................................................................................................................................................................. 96

Trunking .........................................................................................................................................................98

Link Aggregation......................................................................................................................................................................... 99

LACP Port Settings...................................................................................................................................................................... 99

IGMP Snooping............................................................................................................................................101

Router Ports Settings.................................................................................................................................................................. 103

IGMP Authentication................................................................................................................................................................. 105

Dynamic IP Multicast Learning................................................................................................................................................. 107

ISM VLAN Settings................................................................................................................................................................... 108

IP Multicast Filter Profile Settings............................................................................................................................................. 110

Limited Multicast Range Settings.............................................................................................................................................. 111

Max Multicast Group Settings................................................................................................................................................... 113

MLD Snooping .............................................................................................................................................114

MLD Snooping Settings............................................................................................................................................................. 114

MLD Snooping Router Port Settings......................................................................................................................................... 116

Spanning Tree ..............................................................................................................................................117

STP Bridge Global Settings....................................................................................................................................................... 120

STP Port Settings....................................................................................................................................................................... 123

Page 6

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

MST Configuration Identification.............................................................................................................................................. 125

STP Instance Settings................................................................................................................................................................. 127

MSTP Port Information ............................................................................................................................................................. 128

Loopback Detection Settings.......................................................................................................................130

LLDP.............................................................................................................................................................131

LLDP Global Settings................................................................................................................................................................ 131

Basic LLDP Port Settings .......................................................................................................................................................... 133

802.1 Extension LLDP Port Settings.........................................................................................................................................134

802.3 Extension LLDP Port Settings.........................................................................................................................................136

LLDP Management Address Settings........................................................................................................................................ 138

LLDP Statistics..........................................................................................................................................................................139

LLDP Management Address Table............................................................................................................................................ 140

LLDP Local Port Table.............................................................................................................................................................. 140

LLDP Remote Port Table .......................................................................................................................................................... 142

CoS ................................................................................................................................................................143

Port Bandwidth ............................................................................................................................................146

802.1p Default Priority ................................................................................................................................147

802.1p User Priority..................................................................................................................................... 149

CoS Scheduling Mechanism........................................................................................................................ 149

CoS Output Scheduling ...............................................................................................................................150

Priority Settings ...........................................................................................................................................151

TOS Priority Settings ..................................................................................................................................153

DSCP Priority Settings ................................................................................................................................154

Port Mapping Priority Settings ..................................................................................................................155

MAC Priority ...............................................................................................................................................

ACL ...............................................................................................................................................................

156

157

Time Range...................................................................................................................................................157

Access Profile Table.....................................................................................................................................157

CPU Interface Filtering...............................................................................................................................169

CPU Interface Filtering State..................................................................................................................................................... 169

CPU Interface Filtering Profile Table........................................................................................................................................ 169

Security .........................................................................................................................................................181

Traffic Control .............................................................................................................................................181

Port Security................................................................................................................................................. 185

Port Lock Entries.........................................................................................................................................186

IP-MAC-Port Binding .................................................................................................................................187

IMP Global Settings................................................................................................................................................................... 187

IMP Port Settings....................................................................................................................................................................... 187

IMP Entry Settings..................................................................................................................................................................... 189

Page 7

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

DHCP Snooping Entries ............................................................................................................................................................ 190

MAC Block List......................................................................................................................................................................... 190

SSL ................................................................................................................................................................191

Download Certificate.................................................................................................................................................................191

Ciphersuite................................................................................................................................................................................. 191

SSH................................................................................................................................................................ 194

SSH Server Configuration ......................................................................................................................................................... 194

SSH Authentication Mode and Algorithm Settings ................................................................................................................... 195

SSH User Authentication...........................................................................................................................................................197

802.1X............................................................................................................................................................198

802.1X Authenticator Settings...................................................................................................................................................205

Local Users ................................................................................................................................................................................ 208

802.1X Capability Settings ........................................................................................................................................................ 209

Configure 802.1X Guest VLAN ................................................................................................................................................ 209

Initializing Ports for Port Based 802.1X....................................................................................................................................210

Initializing Ports for Host Based 802.1X................................................................................................................................... 211

Reauthenticate Port(s) for Port Based 802.1X ........................................................................................................................... 212

Reauthenticate Port(s) for Host-based 802.1X........................................................................................................................... 213

RADIUS Server ......................................................................................................................................................................... 213

Trusted Host................................................................................................................................................. 214

Access Authentication Control ...................................................................................................................215

Authentication Policy and Parameter Settings...........................................................................................................................216

Application Authentication Settings .......................................................................................................................................... 216

Authentication Server Group ..................................................................................................................................................... 217

Authentication Server Host........................................................................................................................................................ 218

Login Method Lists.................................................................................................................................................................... 221

Enable Method Lists .................................................................................................................................................................. 222

Configure Local Enable Password.............................................................................................................................................225

Enable Admin ............................................................................................................................................................................ 225

Traffic Segmentation ...................................................................................................................................226

DoS Attack Prevention ................................................................................................................................227

Monitoring.................................................................................................................................................... 232

CPU Utilization ............................................................................................................................................232

Port Utilization............................................................................................................................................. 233

Packets ..........................................................................................................................................................234

Received (RX) ........................................................................................................................................................................... 235

UMB Cast (RX).........................................................................................................................................................................237

Transmitted (TX)....................................................................................................................................................................... 239

Packet Errors ...............................................................................................................................................241

Received (RX) ........................................................................................................................................................................... 241

Page 8

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Transmitted (TX)....................................................................................................................................................................... 243

Packet Size ....................................................................................................................................................245

MAC Address ...............................................................................................................................................247

Switch Log ....................................................................................................................................................249

IGMP Snooping Group ...............................................................................................................................250

Browse Router Port .....................................................................................................................................251

VLAN Status.................................................................................................................................................251

MLD Snooping Group.................................................................................................................................251

Browse MLD Snooping Router Port.......................................................................................................... 252

Static ARP Settings...................................................................................................................................... 253

ARP-FDB......................................................................................................................................................

253

Gratuitous ARP Settings .............................................................................................................................255

Session Table ................................................................................................................................................

256

Port Access Control .....................................................................................................................................256

RADIUS Authentication............................................................................................................................................................ 256

RADIUS Accounting.................................................................................................................................................................258

Reset ..............................................................................................................................................................259

Reboot System ..............................................................................................................................................260

Save Changes................................................................................................................................................260

Logout ...........................................................................................................................................................261

Technical Specifications ..............................................................................................................................262

System Log Entries ......................................................................................................................................268

Standard Trap List...................................................................................................................................................................... 278

Proprietary Trap List.................................................................................................................................................................. 279

Proprietary Trap List (project dependent).................................................................................................................................. 279

Cable Lengths............................................................................................................................................... 281

Password Recovery Procedure ...................................................................................................................282

Glossary ........................................................................................................................................................

284

ARP Packet Content ACL...........................................................................................................................286

Warranties/Registration.............................................................................................................................. 296

Tech Support ................................................................................................................................................305

Page 9

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Preface

The DES-3028/DES-3028P/DES-3028G/DES-3052/DES-3052P User Manual is divided into sections that describe the system installation and operating instructions with examples.

Section 1, Introduction - Describes the Switch and its features. Section 2, Installation - Helps you get started with the basic installation of the Switch and also describes the front panel, rear

panel, side panels, and LED indicators of the Switch.

Section 3, Connecting the Switch - Tells how you can connect the Switch to your Ethernet/Fast Ethernet network. Section 4, Introduction to Switch Management - Introduces basic Switch management features, including password protection,

SNMP settings, IP address assignment and connecting devices to the Switch. Section 5, Introduction to Web-based Switch Management - Talks about connecting to and using the Web-based switch

management feature on the Switch. Section 6, Administration - A detailed discussion about configuring the basic functions of the Switch, including Device

Information, IP Address, Port Configuration, DHCP/BOOTP Relay, User Accounts, Cable Diagnostics, Port Mirroring, System Log Settings, Log Settings, SNTP Settings, MAC Notification Settings, TFTP Services, Multiple Image Services, Ping Test, Safeguard Engine, SNMP Manager, Single IP Settings, Forwarding & Filtering, and SMTP Service.

Section 7, Layer 2 Features - A discussion of Layer 2 features of the Switch, including VLAN, QinQ, Trunking, IGMP Snooping, MLD Snooping, Spanning Tree, Loopback Detection and LLDP.

Section 8, CoS - Features information on CoS, including Port Bandwidth, 802.1P Default Priority, 802.1P User Priority, CoS Scheduling Mechanism, CoS Output Scheduling, Priority Settings, TOS Priority Settings, DSCP Priority Settings, Port Mapping Priority Settings, and MAC Priority.

Section 9, ACL - Discussion on the ACL function of the Switch, including Time Range, Access Profile Table and CPU Interface Filtering.

Section 10, Security - A discussion on the Security functions on the Switch, including Traffic Control, Port Security, Port Lock Entries, IP-MAC-Port Binging, SSL, SSH, 802.1X, Trusted Host, Access Authentication Control, Traffic Segmentation and DoS Attack Prevention.

Section 11, Monitoring - Features information on Monitoring including CPU Utilization, Port Utilization, Packets, Packet Errors, Packet Size, MAC Address, Switch Log, IGMP Snooping Group, Browse Router Port, VLAN Status, MLD Snooping Group, Browse MLD Snooping Router Port, Static ARP Settings, ARP-FDB, Gratuitous ARP Settings, Session Table, and Port Access Control.

Appendix A, Technical Specifications - Technical specifications for the DES-3028/DES-3028P/DES-3 028G/DES-3052 and the DES-3052P.

Appendix B, System Log Entries - Information on the System Log Entries Appendix C, Cable Lengths - Information on cable types and maximum distances. Appendix D, Glossary - Lists definitions for terms and acronyms used in this document.

viii

Page 10

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Intended Readers

The DES-3028/DES-3028P/DES-3028G/DES-3052 /DES-3052P User Manual contains information for setup and management of the Switch. The term, “the Switch” will be used when referring to all five switches. This manual is intended for network managers familiar with network management concepts and terminology.

Typographical Conventions

Convention Description

[ ]

Bold font

Boldface Typewriter Font

Initial capital letter

Italics

Menu Name > Menu Option

In a command line, square brackets indicate an optional entry. For example: [copy filename] means that optionally you can type copy followed by the name of the file. Do not type the brackets.

Indicates a button, a toolbar icon, menu, or menu item. For example: Open the File menu and choose Cancel. Used for emphasis. May also indicate system messages or prompts appearing on your screen. For example: You have mail. Bold font is also used to represent filenames, program names and commands. For example: use the copy command.

Indicates commands and responses to prompts that must be typed exactly as printed in the manual.

Indicates a window name. Names of keys on the keyboard have initial capitals. For example: Click Enter.

Indicates a window name or a field. Also can indicate a variables or parameter that is replaced with an appropriate word or string. For example: type filename means that you should type the actual filename instead of the word shown in italic.

Menu Name > Menu Option Indicates the menu structure. Device > Port > Port Properties means the Port Properties menu option under the Port menu option that is

located under the Device menu.

Notes, Notices, and Cautions

A NOTE indicates important information that helps you make better use of your device.

A NOTICE indicates either potential damage to hardware or loss of data and tells you how to avoid the problem.

A CAUTION indicates a potential for property damage, personal injury, or death.

Page 11

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Safety Instructions

Use the following safety guidelines to ensure your own personal safety and to help protect your system from potential damage. Throughout this document, the caution icon ( ) is used to indicate cautions and precautions that you need to review and follow.

Safety Cautions

To reduce the risk of bodily injury, electrical shock, fire, or damage to the equipment, observe the following precautions.

 Observe and follow service markings.

 Do not service any product except as explained in your system documentation.  Opening or removing covers that are marked with the tr iangular symbol with a lightning bolt may expose you to

electrical shock.

 Only a trained service technician should service components inside these compartments.

 If any of the following conditions occur, unplug the product from the electrical outlet and replace the part or contact your

trained service provider:

 The power cable, extension cable, or plug is damaged.  An object has fallen into the product.  The product has been exposed to water.  The product has been dropped or damaged.  The product does not operate correctly when you follow the operating instructions.

 Keep your system away from radiators and heat sources. Also, do not block cooling vents.  Do not spill food or liquids on your system components, and never operate the product in a wet environment. If the system

gets wet, see the appropriate section in your troubleshooting guide or contact yo ur trained service provider.

 Do not push any objects into the openings of your system. Do ing so can cause fire or electric shock by shorting out interior

components.

 Use the product only with approved equipment.  Allow the product to cool before removing covers or touching internal components.  Operate the product only from the type of external power source indicated on the electrical ratings label. If you are not sure

of the type of power source required, consult your service provider or local power company.

 To help avoid damaging your system, be sure the voltage on the power supply is set to match the power available at your

location:

 115 volts (V)/60 hertz (Hz) in most of North and South America and some Far Eastern countries such as South

Korea and Taiwan

 100 V/50 Hz in eastern Japan and 100 V/60 Hz in western Japa n  230 V/50 Hz in most of Europe, the Middle East, and the Far East

 Also, be sure that attached devices are electrically rated to operate with the power available in your location.  Use only approved power cable(s). If you have not been provided with a power cable for your system or for any AC-

powered option intended for your system, purchase a power cable th at is approved for us e in your country. The power cable must be rated for the product and for the voltage and current marked on the product's electrical ratings label. The voltage and current rating of the cable should be greater than the ratings marked on the product.

 To help prevent electric shock, plug the system and peripheral power cables into properly grounded electrical outlets. These

cables are equipped with three-prong plugs to help ensure proper grounding. Do not use adapter plugs or remove the grounding prong from a cable. If you must use an extension cable, use a 3-wir e cable with prop erly grounded plugs.

 Observe extension cable and power strip ratings. Make su re that the total ampere rating of all products plugged into the

extension cable or power strip does not exceed 80 percent of the ampere ratings limit for the extension cable or power strip.

Page 12

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

 To

help protect your system from sudden, transient increases and decreases in electrical power, use a surge suppressor, line

conditioner, or uninterruptible power supply (UPS).

 Position system cables and power cables carefully; route cables so that they cannot be stepped on or tripped over. Be sure

that nothing rests on any cables.

 Do not modify power cables or plugs. Consult a licensed electrician or your power company for site modifications. Always

follow your local/national wiring rules.

 When connecting or disconnecting power to hot-pluggable power supplies, if offered with your system, observe the

following guidelines:

 Install the power supply before connecting the power cable to the power supply.  Unplug the power cable before removing the power supply.  If the system has multiple sources of power, disconnect power from the system by unplugging all power cables from

the power supplies.

 Move products with care; ensure that all casters and/or stabilizers are firmly connected to the system. Avoid sudden stops

and uneven surfaces.

General Precautions for Rack-Mountable Products

Observe the following precautions for rack stability an d safety. Also, refer to the rack installation documentation accompanyin g the system and the rack for specific caution statements and procedures.

 Systems are considered to be components in a rack. Thus, "component" refers to any system as well as to various peripherals

or supporting hardware.

 Before working on the rack, make sure that the stabilizers are secured to the rack, extended to the floor, and that the full

weight of the rack rests on the floor. Install front and side stabilizers on a single rack or front stabilizers for joined multiple racks before working on the rack.

 Always load the rack from the bottom up, and load the heaviest item in the rack first.  Make sure that the rack is level and stable before extending a component from the rack.  Use caution when pressing the component rail release latches and sliding a component into or out of a rack; the slide rails

can pinch your fingers.

 After a component is inserted into the rack, carefully extend the rail into a locking position, and then slide the component

into the rack.

 Do not overload the AC supply branch circuit that provides power to the rack. The total rack load should not exceed 80

percent of the branch circuit rating.

 Ensure that proper airflow is provided to components in the rack.  Do not step on or stand on any component when servicing other components in a rack.

NOTE: A qualified electrician must perform all connections to DC power and to safety grounds. All electrical wiring must comply with applicable local, regional or national codes and practices.

CAUTION: Never defeat the ground conductor or operate the equipment in the absence of a suitably installed ground conductor. Contact the appropriate electrical inspection authority or an electrician if you are uncertain that suitable grounding is available.

Page 13

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

CAUTION: The system chassis must be positively grounded to the rack cabinet frame. Do not attempt to connect power to the system until grounding cables are connected. A qualified electrical inspector must inspect completed power and safety ground wiring. An energy hazard will exist if the safety ground cable is omitted or disconnected.

CAUTION: Do not replace the battery with an incorrect type. The risk of explosion exists if the replacement battery is not the correct lithium battery type. Dispose of used batteries according to the instructions.

Protecting Against Electrostatic Discharge

Static electricity can harm delicate components inside your system. To prevent static damage, discharge static electricity from your body before you touch any of the electronic components, such as the microprocessor. You can do so by periodically touching an unpainted metal surface on the chassis.

You can also take the following steps to prevent damage from electrostatic discharge (ESD):

1. When unpacking a static-sensitive component from its shipping carton, do not remove the component from the antistatic packing material until you are ready to install the component in your system. Just before unwrapping the antistatic packaging, be sure to discharge static electricity from your body.

2. When transporting a sensitive component, first place it in an antistatic container or packaging.

3. Handle all sensitive components in a static-safe area. If possible, use antistatic floor pads, workbench pads and an antistatic grounding strap.

xii

Page 14

DES-3028 DES-3028P DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Section 1

Introduction

DES-3028/28P/28G/52/52P Switch Description Features Ports LED Indicators Front-Panel Description Rear Panel Description Side Panel Description Installing SFP ports

DES-3028/28P/28G/52/52P

The DES-3028, DES-3028P, DES-3028G, DES-3052, and the DES-3052P ar e all members of the D-Link Switch family. These Switches provide unsurpassed performance, fault tolerance, scalable flexibility, robust security, standard-based interoperability and impressive technology to future-proof departmental and enterprise network deployments with an easy migration path.

The following manual describes the installation, maintenance, and configurations concerning the DES-3028, DES-3028P, DES3028G, DES-3052, and DES-3052P. These five Switches are identical in configuration and very similar in basic hardware and consequentially, most of the information in this manual will be universal to the total group of switches. Corresponding screen pictures of the web manager may be taken from any one of these switches but the configuration will be identical, except for varying port counts. For the remainder of this document, we will use the DES-3028G as the Switch in question for examples, screen shots, configurations, and explanations.

Features

 IEEE 802.3ad Link Aggregation Control Protocol support  IEEE 802.1X Port-based and Host-based Access Control  IEEE 802.1Q VLAN  IEEE 802.1D Spanning Tree, IEEE 802.1w Rapid Spanning Tree and IEEE 802.1s Multiple Spanning Tree support  Access Control List (ACL) support  Single IP Management support  Access Authentication Control utilizing TACACS, XTACACS and TACACS+  Internal Flash Drive for saving configurations and firmware  Simple Network Time Protocol support  MAC Notification support  System and Port Utilization support  System Log Support  Support port-based enable and disable  Address table: Supports up to 8K MAC addresses per device  Supports a packet buffer of up to 512K bytes  Supports Port-based VLAN Groups  Port Trunking with flexible load dist ri b uti o n and fail-over function  IGMP Snooping support  SNMP support  Secure Sockets Layer (SSL) and Secure Shell (SSH) support  Port Mirroring support  MIB support for:  RFC1213 MIB II

Page 15

DES-3028 DES-3028P DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

 RFC1493 Bridge  RFC2819 RMON  RFC2665 Ether-like MIB  RFC2863 Interface MIB  Private MIB  RFC2674 for 802.1p  IEEE 802.1X MIB  IEEE 802.3x flow control in full duplex mode  IEEE 802.1p Priority Queues  IEEE 802.3u 100BASE-TX compliant  RS-232 DCE console port for Switch ma nagement  Provides parallel LED display for port status such as link/act, speed, etc.  IEEE 802.3 10BASE-T compliant  High performance switching engine performs forwarding and filtering at wire speed, maximum 14,881 packets/sec

on each 10Mbps Ethernet port, maximum 148,810 packet/sec on 100Mbps Fast Ethernet port and 1,488,100 for each Gigabit port

 Full and half-duplex for both 10Mbps and 100Mbps connections. Full duplex allows the switch port to

simultaneously transmit and receive data. It only works with connections to full-duplex-capable end stations and switches. Connections to a hub must take place at half-duplex

 Support Broadcast/Multicast storm control  Non-blocking store and forward switching scheme capability to support rate adaptation and protocol conversion  Supports by-port Egress/Ingress rate control  Efficient self-learning and address recognition mechanism enables forwarding rate at wire speed

Page 16

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Ports

The following table lists the relative ports that are present within each switch:

DES-3028 and DES-3028P DES-3028G DES-3052 and DES-3052P

Twenty-four 10/100BASE-T

Two 1000Base-T/SFP Combo

Ports

Two 1000Base-T Ports

One female DCE RS-232 DB-9

console port

The following table lists the features and compatibility for each type of port present in the DES-3028/28P/28G/52/52P.

10/100/1000BASE-T SFP Combo 1000BASE-T Combo

IEEE 802.3 compliant IEEE 802.3u compliant IEEE 802.3x flow control

support in full-duplex Auto MDI-X/MDI-II cross

over supported except for speed 1000M force mode.

Twenty-four 10/100BASE-T

Four 1000Base-T/SFP Combo

Ports

One female DCE RS-232 DB-9

console port

SFP Transceivers Supported:

DEM-310GT (1000BASE-LX) DEM-311GT (1000BASE-SX) DEM-314GT (1000BASE-LH) DEM-315GT (1000BASE-ZX) DEM-210 (Single Mode

100BASE-FX)

DEM-211 (Multi Mode

100BASE-FX)

WDM Transceiver Supported: DEM-330T (TX-1550/RX1310nm), up to 10km,SingleMode DEM-330R (TX-1310/RX1550nm), up to 10km,SingleMode DEM-331T (TX-1550/RX1310nm), up to 40km, SingleMode DEM-331R (TX-1310/RX1550nm), up to 40km, SingleMode

Compliant to the following

standards:

1. IEEE 802.3z compliance

Forty-eight 10/100Mbps Ports

Two 1000Base-T/SFP Combo Ports

Two 1000Base-T Ports

One female DCE RS-232 DB-9

console port

IEEE 802.3 compliant IEEE 802.3u compliant IEEE 802.3ab compliant IEEE 802.3z compliant IEEE 802.3x flow control

support in full-duplex

2.IEEE 802.3u compliance

NOTE: The SFP combo ports on the Switch cannot be used simultaneously with the corresponding 1000BASE-T ports. If both ports are in use at the same time (ex. port 25 of the SFP and port 25 of the 1000BASE-T), the SFP ports will take priority over the combo ports and render the 1000BASE-T ports inoperable.

Page 17

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

LED Indicators

The Switch supports LED indicators for Power, Console, RPS and Port LEDs. The following shows the LED indicators for the DES-3028/28P/28G/52/52P Series switches along with an explanation of each indicator. LEDs and there corresponding meanings are displayed below.

Figure 1- 1. LED Indicators on DES-3028 Switch

Figure 1- 2. LED Indicators on DES-3028P Switch

Figure 1- 3. LED Indicators on DES-3028G Switch

Figure 1- 4. LED Indicators on DES-3052/DES-3052P Switch

Location LED Indicative Color Status Description

Solid Light Power On Light off Power Off

Solid Light Console on

Blinking

Light off Console off

POST is in progress/ POST is failure.

Per Device

“Mode Select Button”(only for DES3028P/DES3052P)

Power

Console

Link/Act/ Speed

PoE

Green

Green Solid Light Link/Act/Speed Mode

Green Solid Light PoE Mode

Page 18

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

hen there is a secure

Solid Green

100Mbps Fast Ethernet connection (or link) at any of the ports. When there is reception or transmission (i.e. Activity—

Blinking Green

ct) of data occurring at a

Fast Ethernet connected

Link/Act/Speed

Green/Amber

port. When there is a secure

Solid Amber

10Mbps Ethernet connection (or link) at any of the ports.

LED Per 10/100 Mbps Port

Blinking Amber

When there is reception or transmission (i.e. Activity— Act) of data occurring at an Ethernet connected port.

Light off No link

LED Per GE Port

PoE (only for DES-3028P/DES3052P)

Link/Act/Speed mode for 1000BASE-T ports

Link/Act/Speed mode for SFP ports

Green

Green/Amber

Solid Green

Blinking

Powered device is connected.

Port has detected a error condition

Powered Device may receive

Light off

power from an AC power source or no 802.3af PD is found When there is a secure

Solid Green

1000Mbps connection (or link) at any of the ports. When there is reception or

Blinking Green

transmission (i.e. Activity--

ct) of data occurring at a 1000Mbps connected port. When there is a secure

Solid Amber

10/100Mbps Fast Ethernet connection (or link) at any of the ports. When there is reception or transmission (i.e. Activity—

Blinking Amber

ct) of data occurring at a Fast Ethernet connected port.

Light off No link

When there is a secure

Solid Green

1000Mbps connection (or link) at the ports. When there is reception or

Blinking Green

transmission (i.e. Activity--

ct) of data occurring at a 1000Mbps connected port. When there is a secure

Solid Amber

100Mbps connection (or link) at any of the ports. When there is reception or

Blinking Amber

transmission (i.e. Activity— Act) of data occurring at the ports.

Light off No link

Page 19

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Front-Panel Description

DES-3028/DES-3028P

 Twenty-four 10/100Mbps BASE-T ports  Two Combo 1000BASE-T/SFP ports located to the right  Two 1000BASE-T ports located to the right  One female DCE RS-232 DB-9 console port  LEDs for Power, Console, PoE, Link/Act/Speed for each port

Figure 1- 5. Front Panel of the DES-3028/DES-3028P

DES-3052P/DES-3052

rty-eight 10/100Mbps BASE-T ports

 Fo  Two Combo 1000BASE-T/SFP ports located to the right  Two 1000BASE-T ports located to the right  One female DCE RS -232 DB-9 console port  LEDs for Power, Console, PoE, Link/Act/Speed for each port

Figure 1- 6. Front Panel of the DES-3052P/DES-3052

DES-3028G

 Twe

nty-four 10/100Mbps BASE-T ports

 Four Combo 1000BASE-T/SFP ports located to the right  One female DCE RS -232 DB-9 console port  LEDs for Power, Console, Link/Act/Speed for each port

87610

Managed Switch

Power

Console

DES-3028G

10M

FE Port

100M

10/100M

GE Port

21 22

Link

1000M

Console

123

Figure 1- 7. Front Panel of the DES-3028G

1513119

17 19 21 23 Combo1 Combo325 27

18 20

22 24

Combo2 Combo4

分頁符號

Page 20

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Rear Panel Description

 The rear panel of the Switch contains an AC power connector. The AC power connector is a standard three-pronged

connector that supports the power cord. Plug-in the female connector of the provided power cord into this socket, and the male side of the cord into a power outlet. The Switch automatically adjusts its power setting to an y supply voltage in the range from 100 ~ 240 VAC at 50 ~ 60 Hz. The rear panel of the DES-3052/DES-3052P contains one female DCE RS 232 DB-9 console port.

Figure 1- 8. Rear panel view of the DES-3028P

AC LINE

100-240 VAC

50-60 Hz 5A MAX

Console

Figure 1- 9. Rear panel view of the DES-3052P

Figure 1- 10. Rear panel view of the DES-3028G/DES-3028

AC LINE

100-240 VAC

50-60 Hz

0.5A MAX

Console

Figure 1- 11. Rear panel view of the DES-3052

Side Panel Description

The left and right-hand panel of the DES-3028G/DES-3028/DES-3052 Switches contain heat vents. The heat vents are used to dissipate heat. Do not block these openings, and leave at least 6 inches of space at the rear and sides of the Switch for proper ventilation. Be reminded that without proper heat dissipation and air circulation, system components might overheat, which could lead to system failure.

Figure 1- 12. Side panels of the DES-3028G/DES-3028/DES-3052

The sides of the DES-3028P have heat vents to serve to dissipate heat. Do not block these openings, and leave at least 6 inches of space at the rear and sides of the Switch for proper ventilation. Be reminded that without proper heat dissipation and air circulation, system components might overheat, which could lead to system failure.

Page 21

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 1- 13. Side panels of the DES-3028P

The left-hand side panel of the DES-3052P Switch contains a system fan and ventilation along the entire right side. The system fan is used to dissipate heat. Do not block these openings on either side of the Switch. Leave at least 6 inches of space at the rear and sides of the Switch for proper ventilation. Be reminded that without proper heat dissipation and air circulation, system components might overheat, which could lead to system failure.

Figure 1- 14. Side panels of the DES-3052P

Gigabit Combo Ports

In addition to the 24 (or 48) 10/100 Mbps ports, the Switch features two Gigabit Ethern et Combo ports. These two ports are 1000BASE-T copper ports (provided) and Mini-GBIC ports (optional). See the diagram below to view the two Mini-GBIC port modules being plugged into the Switch. Please note that although these two front panel modules can be used simultaneously, the ports must be different. The GBIC port will always have the highest priority.

Figure 1- 15. Inserting the Mini-GBIC modules into the DES-3028/28P/28G/52/52P Switch

Page 22

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 1- 16. Installing the Mini-GBIC Module

Installing the SFP ports

The DES-3028/28P/28G/52/52P Switches are equipped with SFP (Small Form Factor Portable) ports, which are to be used with fiber-optical transceiver cabling in order to uplink various other networking devices for a gigabit link that may span great distances. These SFP ports support full-duplex transmissions, have auto-negotiation and can be used with the DEM-310GT (1000BASE-LX), DEM-311GT (1000BASE-SX), DEM-210 (Single Mode 100BASE-FX), DEM-211 (Multi Mode 100BASEFX), DEM-314GT (1000BASE-LH), DEM-315GT (1000BASE-ZX), DEM-330T/R (WDM) and DEM-331T/R (WDM) transceivers. See the figure below for installing the SFP ports in the Switch.

Figure 1- 17. Inserting the fiber-optic transceivers into the DES-3028/28P/28G/52/52P Switch

Page 23

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Section 2

Installation

Package Contents Before You Connect to the Network Installing the Switch without the Rack Rack Installation Power On

Package Contents

Open the shipping carton of the Switch and carefully unpack its contents. The carton should contain the following items:

 One Stand-alone Switch  One AC power cord  This Manual on CD  Mounting kit (two brackets and screws)  Four rubber feet with adhesive backing  DCE RS-232 console cable

If any item is missing or damaged, please contact your local D-Link Reseller for replacement.

Before You Connect to the Network

The site where you install the Switch may greatly affect its performance. Please follow these guidelines for setting up the Switch.

 Install the Switch on a sturdy, level surface that can support at least 4.24kg (9.35lbs) of weight. Do not place heavy

objects on the Switch.

 The power outlet should be within 1.82 m e t e rs (6 feet) of the Swit ch .  Visually inspect the power cord and see that it is fully secured to the AC/DC power port.  Make sure that there is proper heat dissipation from and adequate ventilation around the Switch. Leave at least 10 cm

(4 inches) of space at the front and rear of the Switch for ventilation.

 Install the Switch in a fairly cool and dry place for the acceptable temperature and humidity operating ranges.  Install the Switch in a site free from strong electromagnetic field generators (such as motors), vibration, dust, and

direct exposure to sunlight.

 When installing the Switch on a level surface, attach the rubber feet to the bottom of the device. The rubber feet

cushion the Switch, protect the casing from scratches and prevent it from scratching other surfaces.

Page 24

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Installing the Switch without the Rack

When installing the Switch on a desktop or shelf, the rubber feet included with the Switch should first be attached. Attach the se cushioning feet on the bottom at each corner of the device. Allow enough ventilation space between the Switch and any other objects in the vicinity.

Figure 2 - 1. Prepare Switch for installation on a desktop or shelf

Installing the Switch in a Rack

The Switch can be mounted in a standard 19" rack. Use the following diagrams to guide you.

Figure 2 - 2. Fasten mounting brackets to Switch

Fasten the mounting brackets to the Switch using the screws provided. With the brackets attached securely, users can mount the Switch in a standard rack as shown in the next figure.

Page 25

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Mounting the Switch in a Standard 19" Rack

CAUTION: Installing systems in a rack without the front and side stabilizers installed could cause the

rack to tip over, potentially resulting in bodily injury under certain circumstances. Therefore, always install the stabilizers before installing components in the rack. After installing components in a rack, do not pull more than one component out of the rack on its slide assemblies at one time. The weight of more than one extended component could cause the rack to tip over and may result in injury.

Figure 2 - 3. Installing Switch in a rack

Power on AC Power

Plug one end of the AC power cord into the power connector of the Switch and the other end into the local power source outlet. After the Switch is powered on, the LED indicators will momentarily blink. This blinking of the LED indicators represents a reset

of the system.

Power Failure

For AC power supply units, as a precaution, in the event of a power failure, unplug the Switch. When power has resumed, plug the Switch back in.

CAUTION: Installing systems in a rack without the front and side stabilizers installed could cause the rack to tip over, potentially resulting in bodily injury under certain circumstances. Therefore, always install the stabilizers before installing components in the rack. After installing components in a rack, do not pull more than one component out of the rack on its slide assemblies at one time. The weight of

more than one extended component could cause the rack to tip over and may result in injury.

Page 26

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Section 3

Connecting the Switch

Switch to End Node Switch to Hub or Switch Connecting to Network Backbone or Server

NOTE: All 10/100/1000Mbps NWay Ethernet ports can support both MDIII and MDI-X connections.

Switch to End Node

End nodes include PCs outfitted with a 10, 100 or 1000 Mbps RJ 45 Ethernet/Fast Ethernet Network Interface Card (NIC) and most routers. An end node can be connected to the Switch via a twisted-pair Category 3, 4, or 5 UTP/STP cable. The end node should be connected to any of the ports of the Switch.

Figure 3- 1. Switch connected to an end node

The Link/Act LEDs for each UTP port will light green or amber when the link is valid. A blinking LED indicates packet activity on that port.

Page 27

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Switch to Hub or Switch

These connections can be accomplished in a number of ways using a normal cable.

 A 10BASE-T hub or switch can be connected to the Switch via a twisted-pair Category 3, 4 or 5 UTP/STP cable.  A 100BASE-TX hub or switch can be connected to the Switch via a twisted-pair Category 5 UTP/STP cable.  A 1000BASE-T switch can be connected to the Switch via a twisted pair Category 5e UTP/STP cable.  A switch supporting a fiber-optic uplink can be connected to the Switch’s SFP ports via fiber-optic cabling.

Figure 3- 2. Switch connected to a normal (non-Uplink) port on a hub or switch using a straight or crossover

cable

NOTICE: When the SFP transceiver acquires a link, the associated integrated

10/100/1000BASE-T port is disabled.

Page 28

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Section 4

Introduction to Switch Management

Management Options Web-based Management Interface SNMP-Based Management Managing User Accounts Command Line Console Interface through the Serial Port Connecting the Console Port (RS-232 DCE) First Time Connecting to the Switch Password Protection SNMP Settings IP Address Assignment

Management Options

This system may be managed out-of-band through the console port on the front panel or in-band using Telnet. The user may also choose the web-based management, accessible through a web browser.

Web-based Management Interface

After you have successfully installed the Switch, you can configure the Switch, monitor the LED panel, and display statistics graphically using a web browser, such as Netscape Navigator (version 6.2.3 and higher) or Microsoft® Internet Explorer (version

6.0).

SNMP-Based Management

You can manage the Switch with an SNMP-compatible console program. The Switch supports SNMP version 1.0, version 2.0 and version 3.0. The SNMP agent decodes the incoming SNMP messages and responds to requests with MIB objects stored in the database. The SNMP agent updates the MIB objects to generate statistics and counters.

Connecting the Console Port (RS-232 DCE)

The Switch provides an RS-232 serial port that enables a connection to a computer or terminal for monitoring and configuring the Switch. This port is a female DB-9 connector, implemented as a data terminal equipment (DTE) connection.

To use the console port, you need the following equipment:

 A terminal or a computer with both a serial port and the ability to emulate a terminal.  A null modem or crossover RS-232 cable with a female DB-9 connector for the console port on the Switch.

To connect a terminal to the console port:

1. Connect the female connector of the RS-232 cable directly to the console port on the Switch, and tighten the captive retaining screws.

2. Connect the other end of the cable to a terminal or to the serial connector of a computer running terminal emulation software. Set the terminal emulation software as follows:

3. Select the appropriate serial port (COM port 1 or COM port 2).

4. Set the data rate to 9600 baud.

5. Set the data format to 8 data bits, 1 stop bit, and no parity.

6. Set flow control to none.

Page 29

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

7. Under Properties, select VT100 for Emulation mode.

8. Select Terminal keys for Function, Arrow, and Ctrl keys. Ensure that you select Terminal keys (not Windows keys).

NOTE: When you use HyperTerminal with the Microsoft® Windows® 2000 operating system, ensure that you have Windows 2000 Service Pack 2 or later installed. Windows 2000 Service Pack 2 allows you to use arrow keys in HyperTerminal's VT100 emulation. See www.microsoft.com for information on Windows 2000 service packs.

9. After you have correctly set up the terminal, plug the power cable into the power receptacle on the back of the Switch. The boot sequence appears in the terminal.

10. After the boot sequence completes, the console login screen displays.

11. If you have not logged into the command line interface (CLI) program, press the Enter key at the User name and password prompts. There is no default user name and password for the Switch. The administrator must first create user names and passwords. If you have previously set up user accounts, log in and continue to configure the Switch.

12. Enter the commands to complete your desired tasks. Many commands require administrator-level access privileges. Read the next section for more information on setting up user accounts. See the DES-3028/28P/28G/52/52P CLI Manual on the documentation CD for a list of all commands and additional information on us ing the CLI.

13. When you have completed your tasks, exit the session with the logout command or close the emulator program.

14. Make sure the terminal or PC you are using to make this connection is configured to match these settings.

If you are having problems making this connection on a PC, make sure the emulation is set to VT-100. You will be able to set the emulation by clicking on the File menu in you HyperTerminal window, clicking on Properties in the drop-down menu, and then clicking the Settings tab. This is where you will find the Emulation options. If you still do not see anything, try rebooting the Switch by disconnecting its powe r s u ppl y .

Once connected to the console, the screen below will appear on your console screen. This is where th e user will enter commands to perform all the available management functions. The Switch will prompt the user to enter a user name and a password. Upon the initial connection, there is no user name or password and therefore just press enter twice to access the command line interface.

DES-3028G Fast Ethernet Switch Command Line Interface

Firmware: Build 2.00.B26

UserName:

Figure 4- 1. Initial screen after first connection

Page 30

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

First Time Connecting to the Switch

The Switch supports user-based security that can allow you to prevent unauthorized users from accessing the Switch or changing its settings. This section tells how to log onto the Switch.

NOTE: The passwords used to access the Switch are case-sensitive; therefore, "S" is not the same as "s."

When you first connect to the Switch, you will be presented with the first login screen.

NOTE: Press Ctrl+R to refresh the screen. This command can be used at any time to force the console program in the Switch to refresh the console screen.

Press Enter in both the Username and Password fields. You will be given access to the command prompt DES-3028G:4# shown below:

There is no initial username or password. Leave the Username and Password fields blank.

DES-3028G Fast Ethernet Switch Command Line Interface

Firmware: Build 2.00.B26

UserName: PassWord:

DES-3028G:4#

Figure 4- 2. Command Prompt

NOTE: The first user automatically gets Administrator level privileges. It is recommended to

create at least one Admin-level user account for the Switch.

Password Protection

The Switch does not have a default user name and password. One of the first tasks when settings up the Switch is to create user accounts. Once logged in using a predefined administrator-level user name, users will have privileged access to the Switch's management software.

After your initial login, define new passwords for both default user names to prevent unauthorized access to the Switch, and record the passwords for future reference.

To create an administrator-level account for the Switch, follow these steps:

 At the CLI login prompt, enter create account admin followed by the <user name> and press the Enter key.  The switch will then prompt the user for a password. Type the <password> used for the administrator account being

created and press the Enter key.

 Again, the user will be prompted to enter the same password again to verify it. Type the same password and press

the Enter key.

 Successful creation of the new administrator account will be verified by a Success m essage.

Page 31

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

NOTE: Passwords are case sensitive. User names and passwords can be up to 15 characters in length.

The sample below illustrates a successful creation of a new administrator-level account with the user name "newmanager".

DES-3028G:4# create account admin newmanager Command: create account admin newmanager

Enter a case-sensitive new password: ******** Enter the new password again for confirmation: ********

Success.

DES-3028G:4#

Figure 4- 3. Create account command

NOTICE: CLI configuration commands only modify the running configuration file

and are not saved when the Switch is rebooted. To save all your configuration changes in nonvolatile storage, you must use the save command to copy the running configuration file to the startup configuration.

NOTICE: In case of lost passwords or password corruption, please refer to the Appendix D of this manual entitled “Password Recovery Procedure”, which will guide you through the steps necessary to resolve this issue.

SNMP Settings

Simple Network Management Protocol (SNMP) is an OSI Layer 7 (Application Layer) designed specifically for managing and monitoring network devices. SNMP enables network management stations to read and modify the settings of gateways, routers, switches, and other network devices. Use SNMP to configure system features for proper operation, monitor performance and detect potential problems in the Switch, switch group or network.

Managed devices that support SNMP include software (referred to as an agent), which runs locally on the device. A defined set of variables (managed objects) is maintained by the SNMP agent and used to manage the device. These objects are defined in a Management Information Base (MIB), which provides a standard presentation of the information controlled by the on-board SNMP agent. SNMP defines both the format of the MIB specifications and the protocol used to access this information over the network.

The DES-3028/28P/28G/52/52P supports SNMP versions 1, 2 c, and 3. You can specify which version of SNMP you want to use to monitor and control the Switch. The three versions of SNMP vary in the level of security provided between the management station and the network device.

In SNMP v.1 and v.2, user authentication is accomplished using 'community strings', which function like passwords. The remote user SNMP application and the Switch SNMP must use the same community string. SNMP packets from any station that has not been authenticated are ignored (dropped).

The default community strings for the Switch used for SNMP v.1 and v.2 management access are:

 public - Allows authorized management stations to retrieve MIB objects.  private - Allows authorized management stations to retrieve and modify MIB objects.

SNMP v.3 uses a more sophisticated authentication process that is separated into two parts. The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers. The second part describes what each user on that list can do as an SNMP manager.

Page 32

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

ation or receive traps using SNMP v.1 while assigning a higher level of security to another group, granting read/write privi-

inform leges using SNMP v.3.

Using SNMP v.3 individual users or groups of SNMP managers can be allowed to perform or be restricted from performing specific SNMP management functions. The functions allowed or restricted are defined using the Object Identifier (OID) associated with a specific MIB. An additional layer of security is available for SNMP v.3 in that SNMP messages may be encrypted. To read more about how to configure SNMP v.3 settings for the Switch read the section entitled Management.

Traps

Traps are messages that alert network personnel of events that occur on the Switch. The events can be as serious as a reboot (someone accidentally turned OFF the Switch), or less serious like a port status change. The Switch generates traps and sends them to the trap recipient (or network manager). Typical traps include trap messages for Auth entication Failure, Topolog y Chang e and Broadcast\Multicast Storm.

MIBs

The Switch in the Management Information Base (MIB) stores management and counter information. The Switch uses the standard MIB-II Management Information Base module. Consequently, values for MIB objects can be retrieved from any SNMPbased network management software. In addition to the standard MIB-II, the Switch also supports its own proprietary enterprise MIB as an extended Management Information Base. Specifying the MIB Object Identifier may also retrieve the proprietary MIB. MIB values can be either read-only or read-write.

IP Address Assignment

Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch's default IP address is 10.90.90.90. You can change the default Switch IP address to meet the specification of your networking address scheme.

The Switch is also assigned a unique MAC address by the factory. This MAC address cannot be changed, and can be found by entering the command "show switch" into the command line interface, as shown below.

Page 33

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

DES-3028G:4#show switch Command: show switch

Device Type : DES-3028G Fast Ethernet Switch

AC Address : 00-21-91-98-60-77

IP Address : 10.73.21.11 (Manual)

LAN Name : default Subnet Mask : 255.0.0.0 Default Gateway : 0.0.0.0 Boot PROM Version : Build 1.00.B06 Firmware Version : Build 2.00.B26 Hardware Version : A1 Serial Number : P4IG188000007 System Name : System Location : System Contact : Spanning Tree : Disabled GVRP : Disabled IGMP Snooping : Disabled

LAN trunk : Disabled

802.1X : Disabled TELNET : Enabled(TCP 23)

EB : Enabled(TCP 80) RMON : Disabled SSH : Disabled

CTRL+C ESC q Quit SPACE n Next Page ENTER Next Entry a All

Figure 4- 4. Show switch command

The Switch's MAC address can also be found from the Web management program on the Switch Information (Basic Settings) window on the Configuration menu.

The IP address may be set using the Command Line Interface (CLI) over the console serial port as follows: Starting at the command line prompt, enter the commands

config ipif System ipaddress xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy

Where the x's represen t the IP address to be assigned to th e IP interface named System and the y's represent the correspond ing subnet mask.

Alternatively, you can enter config ipif System ipaddress xxx.xxx.xxx.xxx/z. Where the x's represent the IP address to be assigned to the IP interface named System and the z represents the corresponding number of subnets in CIDR notation.

The IP interface named System on the Switch can be assigned an IP address and subnet mask, and then be used to connect a management station to the Switch's Telnet or Web-based management agent.

Page 34

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

DES-3028G:4#config ipif System ipaddress 10.90.90.91/255.0.0.0 Command: config ipif System ipaddress 10.90.90.91/8

Success.

DES-3028G:4#

Figure 4- 5. Assigning the Switch an IP Address

In the above example, the Switch was assigned an IP address of 10.90.90.91 with a subnet mask of 255.0.0.0. (the CIDR form was used to set the address (10.90.90.91/8). The system message Success indicates that the command was executed successfully. The Switch can now be configured and managed via Telnet and the CLI or via the Web-based management.

Page 35

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Web-based Switch Configuration

Introduction Login to Web manager Web-Based User Interface Basic Setup Reboot Basic Switch Setup Network Management Switch Utilities Network Monitoring IGMP Snooping Status

Introduction

Section 5

All software functions of the Switch can be managed, configured and monitored via the embedded web-based (HTML) interface. The Switch can be managed from remote stations anywhere on the network through a standard browser such as Opera, Netscape Navigator/Communicator, or Microsoft Internet Explorer. The browser acts as a universal access tool and can communicate directly with the Switch using the HTTP protocol.

The Web-based management module and the Console program (and Telnet) are different ways to access the same internal switching software and configure it. Thus, all settings encountered in web-based management are the same as those found in the console program.

Login to Web Manager

To begin managing the Switch, simply run the browser you have installed on your computer and point it to the IP address you have defined for the device. The URL in the address bar should read something like: http://123.123.123 .123, where the numbers 123 represent the IP address of the Switch.

NOTE: The Factory default IP address for the Switch is 10.90.90.90.

This opens the management module's user authentication window, as seen below.

Page 36

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 5- 1. Enter Network Password dialog

Enter “admin” in both the User Name and Password fields and click OK. This will open the Web-based user interface. The Switch management features available in the web-based manager are explained below.

Web-based User Interface

The user interface provides access to various Switch configuration and management windows, allows you to view performance statistics, and permits you to graphically monitor the system status.

Areas of the User Interface

The figure below shows the user interface. The user interface is divided ito three distinct areas as described in the table.

Page 37

DES-3028 DES-302 8G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch 8P DES-302

Area 1

Area 2

Area Function

Area 1

Select the folder or window to be displayed. The folder icons can be opened to display the hyperlinked window buttons and subfolders contained within them. Click the D-Link logo to go to the DLink website.

Area 2

Presents a graphical near real-time image of the front panel of the Switch. This area displays the Switch's ports and expansion modules, showing port activity, duplex mode, or flow control, depending on the specified mode.

Various areas of the graphic can be selected for performing management functions, including port configuration.

Area 3

Presents switch information based on your selection and the entry of configuration data.

Figure 5- 2. Main Web-Manager page

NOTICE: Any changes made to the Switch configuration during the current

session must be saved in the Save Changes web menu (explained below) or use the command line interface (CLI) command save.

Page 38

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Web Pages

When you connect to the management mode of the Switch with a web browser, a login window is displayed. Enter a user name and password to access the Switch's management mode.

Below is a list and description of the main folders available in the web interface: Administration – Contains windows concerning configuring the basic functions of the Switch, including Device Information, IP

Address, Port Configuration, DHCP/BOOTP Relay, User Accounts, Cable Diagnostics, Port Mirroring, System Log Settings, Log Settings, SNTP Settings, MAC Notification Settings, TFTP Services, Multiple Image Services, Ping Test, Safeguard Engine, SNMP Manager, PoE System, Single IP Settings, Forwarding & Filtering, and SMTP Service.

Layer 2 Features – Contains windows concerning Layer 2 features of the Switch, including VLAN, QinQ, Trunking, IGMP Snooping, MLD Snooping, Spanning Tree, Loopback Detection and LLDP.

CoS – Contains windows concerning Port Bandwidth, 802.1P Default Priority, 802.1P User Priority, CoS Scheduling Mechanism, CoS Output Scheduling, Priority Settings, TOS Priority Settings, DSCP Priority Settings, Port Mapping Priority Settings, and MAC Priority.

ACL – Contains the windows for Time Range, Access Profile Table and CPU Interface Filtering. Security – Contains windows for Traffic Control, Port Security, Port Lock Entries, IP-MAC-Port Binging, SSL, SSH, 802.1X,

Trusted Host, Access Authentication Control, Traffic Segmentation and DoS Attack Prevention. Monitoring – Contains windows for including CPU Utilization, Port Utilization, Packets, Packet Errors, Packet Size, MAC

Address, Switch Log, IGMP Snooping Group, Browse Router Port, VLAN Status, MLD Snooping Group, Browse MLD Snooping Router Port, Static ARP Settings, ARP-FDB, Gratuitous ARP Settings, Session Table, and Port Access Control.

Switch Maintenance – Contains information regarding Reset, Reboot System, Save Changes, and Logout.

NOTE: Be sure to configure the user name and password in the User Accounts window before connecting the Switch to the greater network.

Page 39

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Administration

IP Address Port Configuration DHCP/BOOTP Relay User Accounts Cable Diagnostics Port Mirroring System Log Settings Log Settings SNTP Settings MAC Notification Settings TFTP Services

Section 6

Multiple Image Services Ping Test Safeguard Engine SNMP Manager PoE System Single IP Settings Forwarding & Filtering SMTP Service

Page 40

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Device Information

This wind functions of the Switch and appears automatically when you log on. To return to the Device Information window, click the DES-30xx Web Management Tool folder. The

Device Information window shows the Switch’s MAC Address (assigned by the factory and unchangeable), the Boot PROM, Firmware Version, Hardware Version

and Serial Number. This information is helpful to keep track of PROM and firmware updates and to obtain the Switch's MAC address for entry into another network device's address table, if necessary. The user may also enter a System Name, System Location and System Contact to aid in defining the Switch. In addition, this window displays the status of functions on the Switch to quickly assess their current global status. Some functions are hyper-linked to their configuration window for easy access from the Device Information window.

ow contains the main settings for all major

Figure 6- 1. Device Information window

Page 41

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

The fields that can be configured are described below:

Parameter Description System Name Enter a system name for the Switch, if so desired. This name will identify it in the Switch

network.

System Location

System Contact

Serial Port Auto Logout Time

Enter the location of the Switch, if so desired.

Enter a contact name for the Switch, if so desired.

Select the logout time used for the console interface. This automatically logs the user out after an idle period of time, as defined. Choose from the following options: 2 Minutes, 5 Minutes, 10 Minutes, 15 Minutes or Never. The default setting is 10 minutes.

Serial Port Baud Rate This field specifies the baud rate for the serial port on the Switch. there are four possible baud

rates to choose from, 9600, 19200, 38400 and 115200. For a connection to the Switch using the CLI interface, the baud rate must be set to 9600, which is the default setting.

MAC Address Aging Time

This field specifies the length of time a learned MAC Address will remain in the forwarding table without being accessed (that is, how long a learned MAC Address is allowed to remain idle). To change this, type in a different value representing the MAC address age-out time in seconds. The MAC Address Aging Time can be set to any value between 10 and 1,000,000 seconds. The default setting is 300 seconds.

IGMP Snooping To enable system-wide IGMP Snooping capability select Enabled. IGMP snooping is Disabled

by default. Enabling IGMP snooping allows you to specify use of a multicast router only (see below). To configure IGMP Snooping for individual VLANs, use the IGMP Snooping window located in the IGMP Snooping folder contained in the L2 Features folder.

Multicast Router Only This field specifies that the Switch should only forward all multicast traffic to a multicast-

enabled router, if enabled. Otherwise, the Switch will forward all multicast traffic to any IP router. The default is Disabled.

MLD Snooping This field specifies the status of MLD Snooping on the Switch. MLD Snooping is used to

discover ports on a VLAN that are requesting multicast data instead of flooding all ports on a selected VLAN with multicast traffic. The default is Disabled.

Telnet Status Telnet configuration is Enabled by default. If you do not want to allow configuration of the

system through Telnet choose Disabled.

Telnet TCP Port Number (1-65535)

The TCP port number. TCP ports are numbered between 1 and 65535. The "well-known" TCP port for the Telnet protocol is 23.

Web Status Web-based management is Enabled by default. If you choose to disable this by selecting

Disabled, you will lose the ability to configure the system through the web interface as soon as

these settings are applied.

Web TCP Port Number (1-65535)

RMON Status

Link Aggregation Algorithm

The TCP port number. TCP ports are numbered between 1 and 65535. The "well-known" TCP port for the Web is 80.

Remote monitoring (RMON) of the Switch is Enabled or Disabled here.

The algorithm that the Switch uses to balance the load across the ports that make up the port trunk group is defined by this definition. Choose MAC Source, MAC Destination, MAC Src & Dest, (See the Link Aggregation section of this manual).

Switch 802.1X MAC Address can be enabled by port or by the Switch’s 802.1X function; the default is

Disabled. This field must be enabled to view and configure certain windows for 802.1X. More information regarding 802.1X, its functions and implementation can be found later in this manual, under Monitoring > Port Access Control.

Port-Based 802.1X specifies that ports configured for 802.1X are initialized based on the port number only and are subject to any authorization parameters configured.

MAC-based 802.1X specifies Host-based authentication with which the ports configured for

802.1X are initialized based on the MAC address of the computer being authenticated.

Page 42

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

NOTE: If you want to configure Host-based 802.1X please select MAC-based 802.1X instead.

Auth Protocol The 802.1X authentication protocol on the Switch is set to RADIUS Eap and cannot be

altered.

Syslog Status

Port Security Trap Log Toggle this setting to enable or disable the port security trap log feature. The default is

ARP Aging Time (0-

65535)

GVRP

VLAN Trunk

Multicast VLAN

Asymmetric VLAN

Password Encryption

DoS Attack Prevention Trap Log

Enables or disables Syslog State; default is Disabled.

Disabled.

The user may globally set the maximum amount of time, in minutes, an Address Resolution Protocol (ARP) entry can remain in the Switch’s ARP table, without being accessed, before it is dropped from the table. The value may be set in the range of 0 to 65535 minutes with a default setting of 20 minutes.

Use this pull-down menu to Enable or Disable GVRP on the Switch. Use this pull-down menu to Enable or Disable VLAN Trunk on the Switch. Use this pull-down menu to Enable or Disable Multicast VLAN on the Switch. Use this pull-down menu to Enable or Disable Asymmetric VLAN on the Switch. Use this pull-down menu to Enable or Disable Password Encryption on the Switch.

Password encryption allows the user to encrypt a password for additional security. Select enable to change the password into encrypted form. When password encryption is disabled, the user can specify that the password be in plain text form or in encrypted form. If the password has been converted to encrypted form, the password will stay in encrypted form and cannot be reverted back to plaintext form.

Use this pull-down menu to Enable or Disable DoS Attack Prevention Trap Log on the Switch.

Click Apply to implement changes made.

IP Address

The IP address may initially be set using the console interface prior to connecting to it through the Ethernet. If the Switch IP address has not yet been changed, read the introduction of the DES-3028/2 8P/28G/52/52P CLI Manual or return to Section 4 of this manual for more information. To change IP settings using the web manager click Administration > IP Address the following window will be displayed.

To configure the Switch's IP address:

Figure 6- 2. IP Address Settings window

To manually assign the Switch's IP address, subnet mask, and default gateway address:

1. Select Manual from the Get IP From drop-down menu. 28

Page 43

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

2. Enter the appropriate IP Address and Subnet Mask.

3. If you want to access the Switch from a different subnet from the one it is installed on, enter the IP address of the Default

Gateway. If you will manage the Switch from the subnet on which it is installed, you can leave the default address (0.0.0.0) in this field.

4. If no VLANs have been previously configured on the Switch, you can use the default VLAN Name. The default VLAN

contains all of the Switch ports as members. If VLANs have been previously configured on the Switch, you will need to enter the VLAN Name of the VLAN that contains the port connected to the management station that will access the Switch. The Switch will allow management access from stations in the same VLAN.

NOTE: The Switch's factory default IP address is 10.90.90.90 with a subnet mask of 255.0.0.0 and a default gateway of 0.0.0.0.

To use the BOOTP or DHCP protocols to assign the Switch an IP address, subnet mask, and default gateway address: Use the Get IP From pull-down menu to choose from BOOTP or DHCP. This selects how the Switch will be assigned an IP

address on the next reboot. The IP Address Settings options are:

Parameter Description

BOOTP

DHCP

Manual

Subnet Mask

Default Gateway

VLAN Name

The Switch will send out a BOOTP broadcast request when it is powered up. The BOOTP protocol allows IP addresses, network masks, and default gateways to be assigned by a central BOOTP server. If this option is set, the Switch will first look for a BOOTP server to provide it with this information before using the default or previously entered settings.

The Switch will send out a DHCP broadcast request when it is powered on. The DHCP protocol allows IP addresses, network masks, and default gateways to be assigned by a DHCP server. If autoconfig is enabled, the Switch will first look for a DHCP server to provide it with information before using the default or previously entered settings.

Allows the entry of an IP address, Subnet Mask, and a Default Gateway for the Switch. These fields should be of the form xxx.xxx.xxx.xxx, where each xxx is a number (represented in decimal form) between 0 and 255. This address should be a unique address on the network assigned for use by the network administrator.

A Bitmask that determines the extent of the subnet that the Switch is on. Should be of the form xxx.xxx.xxx.xxx, where each xxx is a number (represented in decimal) between 0 and 255. The value should be 255.0.0.0 for a Class A network, 255.255.0.0 for a Class B network, and

255.255.255.0 for a Class C network, but custom subnet masks are allowed.

IP address that determines where packets with a destination address outside the current subnet should be sent. This is usually the address of a router or a host acting as an IP gateway. If your network is not part of an intranet, or you do not want the Switch to be accessible outside your local network, you can leave this field unchanged.

This allows the entry of a VLAN Name from which a management station will be allowed to manage the Switch using TCP/IP (in-band via web manager or Telnet). Management stations that are on VLANs other than the one entered here will not be able to manage the Switch in-band unless their IP addresses are entered in the Security IP Management window. If VLANs have not yet been configured for the Switch, the default VLAN contains all of the Switch's ports. There are no entries in the Security IP Management table, by default, so any management station that can connect to the Switch can access the Switch until a management VLAN is specified or Management Station IP Addresses are assigned.

Auto Config State

When autoconfig is Enabled, the Switch is instructed to get a configuration file via TFTP, and it becomes a DHCP client automatically. The configuration file will be loaded upon booting up. In order to use Auto Config, the DHCP server must be set up to deliver the TFTP server IP address and configuration file name information in the DHCP reply packet. The TFTP server must be running and have the requested configuration file stored in its base directory when the request is received from the Switch. Consult the DHCP server and/or TFTP server software instructions for information on loading a configuration file for use by a client.

If the Switch is unable to complete the autoconfiguration process the previously saved

Page 44

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

uration file present in Switch memory will be loaded.

config

Click Apply to allow changes to take effect.

Setting the Swith’s IP Address using the Console Interface

Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch’s default IP address is 10.90.90.90. You can change the default Switch IP address to meet the specification of your networking address scheme.

The IP address for the Switch must be set before it can be managed with the Web-based manager. The Switch IP address can be automatically set using BOOTP or DHCP protocols, in which case the actual address assigned to the Switch must be known. The IP address may be set using the Command Line Interface (CLI) over the console serial port as follows:

Starting at the command line prompt, enter the commands config ipif System ipaddress xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy, where the x’s represent the IP address to be assigned to the IP interface named System and the y’s represent the corresponding subnet mask.

Alternatively, you can enter config ipif System ipaddress xxx.xxx.xxx.xxx/z, where the x’s represents the corresponding number of subnets in CIDR notation.

The IP interface named System on the Switch can be assigned an IP address and subnet mask which can then be used to connect a management station to the Switch’s Telnet or Web-based management agent.

The system message Success indicated that the command was executed successfully. The Switch can now be configured and managed via Telnet and the CLI or via the Web-based management agent using the above ip address to connect to the Switch.

Page 45

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Port Configuration

This section contains information for configuring various attribu tes and properties for individual physical ports, including port speed and flow control.

Port Settings

Click Administration > Port Configuration > Port Settings to display the following window:

To configure switch ports:

1. Choose the port or sequential range of ports using the From…To… port pull-down menus.

Use the remaining pull-down menus to configure the parameters described below:

Figure 6- 3. Port Configuration window

Page 46

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

following parameters can be configured:

The

Parameter Description

From…. To

Use the pull-down menus to select the port or range of ports to be configured.

State Speed/Duplex

Flow Control

Toggle this field to either enable or disable a given port or group of ports. Toggle the Speed/Duplex field to either select the speed and duplex state of the port. Auto

denotes auto-negotiation between 10 and 100 Mbps devices, in full- or half-duplex. The Auto setting allows the port to automatically determine the fastest settings the device the port is connected to can handle, and then to use those settings. The other options are 10M/Half, 10M/Full, 100M/Half and 100M/Full, 1000M/Full_M and 1000M/Full_S. There is no automatic adjustment of port settings with any option other than Auto. The fiber port Speed/Duplex only supports Auto and 1000M/Full.

The Switch allows the user to configure two types of gigabit connections; 1000M/Full_M and 1000M/Full_S. Gigabit connections only support full duplex connections and take on certain characteristics that are different from the other choices listed.

The 1000M/Full_M (master) and 1000M/Full_S (slave) parameters refer to connections running a 1000BASE-T cable for connection between the Switch port and other device capable of a gigabit connection. The master setting (1000M/Full_M) will allow the port to advertise capabilities related to duplex, speed and physical layer type. The master setting will also determine the master and slave relationship between the two connected physical layers. This relationship is necessary for establishing the timing control between the two physical layers. The timing control is set on a master physical layer by a local source. The slave setting (1000M/Full_S) uses loop timing, where the timing comes from a data stream received from the master. If one connection is set for 1000M/Full_M, the other side of the connection must be set for 1000M/Full_S. Any other configuration will result in a link down status for both ports.

Displays the flow control scheme used for the various port configurations. Ports configured for full-duplex use 802.3x flow control, half-duplex ports use backpressure flow control, and Auto ports use an automatic selection of the two. The default is Disabled.

Medium Type

This applies only to the Combo ports. If configuring the Combo ports this defines the type of transport medium being configured. SFP ports should be set at Fiber and the Combo 1000BASE-T ports should be set at Copper if no medium type is specified the device will assume the Copper port is the one being configured.

MDIX

MDIX can be set to Auto, Normal and Cross depending on the cable type used for the connection.

Learning

When Enabled, destination and source MAC addresses are automatically listed in the forwarding table. The default setting is Enabled.

Click Apply to implement the new settings on the Switch.

Page 47

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Port Description

e Switch supports a port description feature where the user may name various ports on the Switch. To assign names to various ports, click

Administration > Port Configuration > Port Description to view the following window:

Use the From and To pull-down menu to choose a port or range of ports to describe, and then enter a description of the port(s). Click Apply to set the descriptions in the Port Description Table.

The Medium Type applies only to the Combo ports. If configuring the Combo ports this defines the type of tranport medium being configured. SFP ports should be nominated Fiber and the Combo 1000BASE-T ports should be nominated Copper. The result will be displayed in the appropriate switch port number slot (C for copper ports and F for fiber ports).

Figure 6- 4. Port Description window

Port Error Disabled

The following window will display the information about ports that have had their connection status disabled, for reaso ns such as STP loopback detection or link down status. To view this window, click Administration > Port Configuration > Port Error Disabled.

Figure 6- 5. Port Error Disabled window

The following parameters are displayed:

Page 48

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Parameter Description

Port

State

Connection

Reason

Description

Displays the

port that has been error disabled.

Describes the current running state of the port, whether Enabled or Disabled. This field will show if a port has been disabled due to an error detected in the port.

Describes the reason why the port has been error-disabled, such as a STP loopback occurrence.

This field further describes the specifics of the action.

Page 49

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

DHCP/BOOTP Relay

To enable and configu re DHCP/BOOTP Relay Global Settings on the Switch, click Administration > DHCP/BOOTP Relay > DHCP/BOOTP Relay Global Settings:

DHCP/BOOTP Relay Global Settings

Figure 6- 6. DHCP/ BOOTP Relay Global Settings window

The following fields can be set:

Parameter Description

BOOTP Relay State

BOOTP Relay Hops Count Limit (1-16)

BOOTP Relay Time Threshold (0-65535)

DHCP Relay Agent Information Option 82 State

This field used to enable or disable the DHCP/BOOTP Relay service on the Switch. The default is Disabled

This field allows an entry between 1 and 16 to define the maximum number of relay hops DHCP/BOOTP messages can be forwarded across. The default hop count is 4.

Allows an entry between 0 and 65535 seconds, and defines the maximum time limit for routing a DHCP/BOOTP packet. If a value of 0 is entered, the Switch will not process the value in the seconds field of the BOOTP or DHCP packet. If a non-zero value is entered, the Switch will use that value, along with the hop count to determine whether to forward a given BOOTP or DHCP packet.

This field can be toggled between Enabled and Disabled using the pull-down menu. It is used to enable or disable the DHCP Agent Information Option 82 on the Switch. The default is Disabled.

Enabled – When this field is toggled to Enabled the relay agent will insert and remove DHCP relay information (option 82 field) in messages between DHCP servers and clients. When the relay agent receives the DHCP request, it adds the option 82 information, and the IP address of the relay agent (if the relay agent is configured), to the packet. Once the option 82 information has been added to the packet it is sent on to the DHCP server. When the DHCP server receives the packet, if the server is capable of option 82, it can implement policies like restricting the number of IP addresses that can be assigned to a single remote ID or circuit ID. Then the DHCP server echoes the option 82 field in the DHCP reply. The DHCP server unicasts the reply to the back to the relay agent if the request was relayed to the server by the relay agent. The switch verifies that it originally inserted the option 82 data. Finally, the relay agent removes the option 82 field and forwards the packet to the switch port that connects to the DHCP client that sent the DHCP request.

can be toggled between Enabled and Disabled using the pull-down menu. It is

Disabled - If the field is toggled to Disabled the relay agent will not insert and remove DHCP relay information (option 82 field) in messages between DHCP servers and clients, and the

Page 50

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

ck and policy settings will have no effect.

che

DHCP Relay Agent Information Option 82 Check

DHCP Relay Agent Information Option 82 Policy

DHCP Relay Agent Information Option 82 Remote ID

This field can be toggled between Enabled and Disabled using the pull-down menu. It is used to enable or disable the Switches ability to check the validity of the packet’s option 82 field.

Enabled – When the field is toggled to Enable, the relay agent will check the validity of the packet’s option 82 field. If the switch receives a packet that contains the option-82 field from a DHCP client, the switch drops the packet because it is invalid. In packets received from DHCP servers, the relay agent will drop invalid messages.

Disabled - When the field is toggled to Disabled, the relay agent will not check the validity of the packet’s option 82 field.

This field can be toggled between Replace, Drop, and Keep by using the pull-down menu. It is used to set the Switches policy for handling packets when the DHCP Agent

Information Option 82 Check is set to Disabled. The default is Replace. Replace - The option 82 field will be replaced if the option 82 field already exists in the

packet received from the DHCP client. Drop - The packet will be dropped if the option 82 field already exists in the packet received

from the DHCP client. Keep -The option 82 field will be retained if the option 82 field already exists in the packet

received from the DHCP client.

This field specifies the feature which allows the user to configure the Remote ID as any specific string. When the Remote ID state is set to Default, the switch’s system MAC address is used as the Remote ID. When the Remote ID state is configured to be userdefined, the user-defined string is used as the Remote ID.

Note: The maximum number of characters that can be used is 32.

Click Apply to implement any changes that have been made.

NOTE: If the Switch receives a packet that contains the option-82 field from a DHCP client and the information-checking feature is enabled, the switch drops the packet because it is invalid. However, in some instances, you might configure a client with the option-82 field. In this situation, you should disable the information-check feature so that the switch does not remove the option-82 field from the packet. You can configure the action that the switch takes when it receives a packet with existing option-82 information by configuring the DHCP Agent Information Option 82 Policy.

Page 51

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

The Implementation of DHCP Information Option 82 in the DES-3028/28P/28G/52/52P switches

The config dhcp_relay option_82 command configures the DHCP relay agent information option 82 setting of the switch. The formats for the circuit ID sub-option and the remote ID sub-option are as follows:

NOTE: For the circuit ID sub-option of a standalone switch, the module field is always zero.

Circuit ID sub-option format:

1. 2. 3. 4. 5. 6. 7.

1 6 0 4 VLAN Module Port

1 byte 1 byte 1 byte 1 byte 2 bytes 1 byte 1 byte

1. Sub-option type

2. Length

3. Circuit ID type

4. Length

5. VLAN : the incoming VLAN ID of DHCP client packet.

6. Module : For a standalone switch, the Module is always 0; For a stackable switch, the Module is the Unit ID.

7. Port : The incoming port number of DHCP client packet, port number starts from 1.

Remote ID sub-option format 1:

1. 2. 3. 4. 5.

2 8 0 6 MAC address

1 byte 1 byte 1 byte 1 byte 6 bytes

1. Sub-option type

2. Length

3. Remote ID type

4. Length

5. MAC address: The Switch’s system MAC address.

Figure 6- 7. Circuit ID and Remote ID Sub-option Format 1

Remote ID sub-option format 2:

1. 2. 3. 4. 5.

2 n+2 1 n User-defined String

1 byte 1 byte 1 byte 1 byte 6 bytes

1. Sub-option type

Page 52

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

2. Length: the string length of the Remote ID suboption

3. Remote ID type

4. Length: the string length of the user-defined string

5. User-defined string

Figure 6- 8. Circuit ID and Remote ID Sub-option Format 2

DHCP/BOOTP Relay Interface Settings

This window allows the user to set up a server, by IP address, for relaying DHCP/ BOOTP infor mation to the Switch. Th e user may enter a previously configured IP interface on the Switch that will be connected directly to the DHCP/BOOTP server using the following window. Properly configured settings will be displayed in the BOOTP Relay Table at the bottom of the following window, once the user clicks the Add button under the Apply heading. The user may add up to four server IPs per IP interface on the Switch. Entries may be deleted by clicking it’s corresponding Settings on the Switch, click Administration > DHCP/BOOTP Relay > DHCP/BOOTP Relay Interface Settings:

. To enable and configure DHCP/BOOTP Relay Interface

Figure 6- 9. DHCP/BOOTP Relay Interface Settings and DHCP/BOOTP Relay Interface Table window

The following parameters may be configured or viewed.

Parameter Description

Interface

Server IP

The IP interface on the Switch that will be connected directly to the Server.

Enter the IP address of the DHCP/BOOTP server. Up to four server IPs can be configured per IP Interface

DHCP Local Relay Settings

The DHCP Local Relay Settings are used on request packets from the Client to the Server. As a result of the customer’s networking environment, DCHP Local Relay is implemented so that it is independent from the original behavior of DHCP relay. The DHCP Local Relay is also independent from the option82 module in the forwarding way and the content of DHCP request packets from Client to Server.

To enable and configure DHCP Local Relay Global Settings on the Switch, click Administration > DHCP/BOOTP Relay > DHCP Local Relay Settings:

Page 53

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 6- 10. DHCP Local Relay Settings window

Page 54

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

following parameters may be configured or viewed.

The

Parameter Description

DHCP/BOOTP Local

y Operation State

Rela

VLAN Name

VID List

State

Click Apply to implement changes made.

Used to Enable or Disable the DHCP/BOOTP Local Relay Operation State.

This is the VLAN Name that identifies the VLAN the user wishes to apply the DHCP/BOOTP Local Relay Operation.

This is the VLAN ID that identifies the VLAN list the user wishes to apply the DHCP/BOOTP Local Relay Operation.

Enable or Disable the DHCP/BOOTP Local Relay Settings state.

User Accounts

Use the User Account Management window to control user privileges. To view existing User Accounts, open the Administration folder and click on the User Accounts link. This will open the User Account Management window, as shown

below.

Figure 6- 11. User Accounts window

To add a new user, click on the Add button.

Figure 6- 12. User Account Modify Table window

Add a new user by typing in a User Name, and New Password and retype the same password in the Confirm New Password. Choose the level of privilege (Admin or User) from the Access Right drop-down menu. To return to the User Account Table click the hyperlinked Show All User Account Entries

NOTE: In case of lost passwords or password corruption, please refer to the D-Link website and the White Paper entitled “Password Recovery Procedure”, which will guide you through the steps necessary to resolve this issue.

To modify or delete an existing user, click on the Modify button for that user.

Page 55

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 6- 13. User Account Modify Table window

Modify or delete an existing user account in the User Account Modify Table. To delete the user account, click on the Delete button. To change the password, type in the New Password and retype it in the Confirm New Password entry field. The level of privilege (Admin or User) can be viewed in the Access Right field.

Page 56

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Cable Diagnostics

The following window is used to test the cables connecting to the Switch. This feature is used to determine if there are any errors on the copper cables and the position where the err ors may have occurr ed. Use the pull down menu to enter the port or range of ports to be tested and click the Test Now button which will display the the results in the Cable Diagnostics Informatio n table below. To view this window click, Administration > Cable Diagnostics.

Figure 6- 14. Cable Diagnostic Table window

The following parameters may be configured or viewed.

Parameter Description

Port

Type

Link Status

Specifies a port or range of ports to be tested.

FE ports have two pairs of cable will be diagnosed. GE ports have four pairs of cable that will be diagnosed.

Link Up  When a port is in link-up status the test will be able to determine the distance of the cable as well as any problems it may have. Due to the fact the port is in link-up status it will not have any Short or Open problems, but the test may still detect if there is a Crosstalk problem.

Link Down  When a particular port is in link-down status, the link-down may be caused by many factors;

 When the port has a normal cable connection, but the remote partner is powered

off, the cable diagnosis can still diagnose the health of the cable as if the remote partner was powered on.

 When the port does not have any cable connection, the result of the test will

indicate no cable.

 The test will detect the type of error and the position where the error has occurred.

Page 57

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Test Results

If there are no problems with the cable the test results will show that the cable is OK, if there are no cables connected to the port the results will show No Cable.

However there are three types of errors that may occur; Open, Short, or Crosstalk. Open means that the cable in the error pair does not have a connection at the specified

position. Short means that the cable in the error pair has a short problem at the specified position. Crosstalk means that the cable in the error pair has a crosstalk problem at the specified

position.

Cable Length (M)

Determines the length of a cable for a particular port.

Enter the appropriate information and click Test Now the results will be displayed in the Cable Diagnostics Information table.

Page 58

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Port Mirroring

The Switch allows you to copy frames transmitted and received on a port and redirect the copies to another port. You can attach a monitoring device to the mirrored port, such as a sniffer or an RMON probe, to view details about the packets passing through the first port. This is useful for network monitoring and troubleshooting purposes. To view the Port Mirroring window, click Administration > Port Mirroring.

Figure 6- 15. Port Mirroring window

To configure a mirror port:

1. Select the Source Port from where you want to copy frames and the Target Port, which receives the copies from the source port.

2. Select the Source Direction, Ingress, Egress, or Both and change the Status dro p-down menu to Enabled.

3. Click Apply to let the changes take effect.

NOTE

: You cannot mirror a fast port onto a slower port. For example, if you try to mirror the

traffic from a 100 Mbps port onto a 10 Mbps port, this can cause throughput problems. The port you are copying frames from should always support an equal or lower speed than the port to which you are sending the copies. Also, the target port for the mirroring cannot be a member of a trunk group. Please note a target port and a source port cannot be the same port.

Page 59

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

System Log Settings

The Switch can send Syslog messages to up to four designated servers using the System Log Server. To view this window click Administration > System Log Settings, to view the window shown below.

Figure 6- 16. System Log Host window

The parameters configured for adding and editing System Log Server settings are the same. See the table below for a description.

Figure 6- 17. System Log Host – Add window

The following parameters can be set:

Parameter Description

Index

Host IP

Severity

Facility

Syslog server settings index (1-4).

The IP address of the Syslog server.

This drop-down menu allows you to select the level of messages that will be sent. The options are Warning, Informational, and All.

Some of the operating system daemons and processes have been assigned Facility values. Processes and daemons that have not been explicitly assigned a Facility may use any of the "local use" facilities or they may use the "user-level" Facility. Those Facilities that have been designated are shown in the following: Bold font indicates the facility values that the Switch is currently employing.

Numerical Facility Code

Page 60

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

0 1 2 3 4 5 7 8 9 10 11 12 13 14 15

16 17 18 19 20 21 22 23

kernel messages user-level messages mail system system daemons security/authorization messages messages generated internally by syslog line printer subsystem network news subsystem UUCP subsystem clock daemon security/authorization messages FTP daemon NTP subsystem log audit log alert clock daemon

local use 0 (local0) local use 1 (local1) local use 2 (local2) local use 3 (local3) local use 4 (local4) local use 5 (local5) local use 6 (local6) local use 7 (local7)

UDP Port (514 or

Type the UDP port number used for sending Syslog messages. The default is 514.

6000-65535)

Status

Choose Enabled or Disabled to activate or deactivate.

Figure 6- 18. System Log Host – Add/Edit window

To set the System Log Server configuration, click Apply. To delete an entry from the System Log Host window, click the corresponding

under the Delete h eading of the entry to delete. To return to the System Log Host wind ow, click the Show All

System Log Servers link.

Page 61

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Log Settings

The Log settings can be changed by clicking the System Log Settings link to open the following window:

Figure 6- 19. Log Settings window

The following parameters can be set:

Parameter Description

Log Mode

Time Interval

Use this drop-down menu to choose the method that will trigger a log entry. You can choose between On Demand, Log Trigger, and Time Interval.

Enter a time interval, in seconds, for which you would like a log entry to be made.

Page 62

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

SNTP Settings

Time Settings

This window is used to configure the time settings for the Switch. To view this window click, Administration > SNTP Settings > Time Settings.

Figure 6- 20. Time Settings window

The following parameters can be set or are displayed:

Parameter Description

Current Time Time Source

SNTP State

SNTP Primary Server SNTP Secondary

Server SNTP Poll Interval in

Seconds

Year Month Day

Displays the Current Time set on the Switch. Displays the time source for the system.

Use this pull-down menu to enable or disable the SNTP settings. Enabling and configuring SNTP support will override any manually configured system time settings.

This is the IP address of the primary server the SNTP information will be taken from. This is the IP address of the secondary server the SNTP information will be taken from in

the event the primary server is unavailable. This is the interval, in seconds, between requests for updated SNTP information.

Enter the current year, if you want to manually update the system date. Enter the current month, if you would like to manually update the system date. Enter the current day, if you would like to manually update the system date.

Current Time

SNTP Settings

Set Current Time

Page 63

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Time in HH MM SS

Click Apply to implement changes made.

Enter the cu

rrent time in hours, minutes, and seconds.

Time Zone and DST

The following are windows used to configure time zones and Daylight Savings time settings for SNTP. Open the Administration folder, then the SNTP Settings folder and click on the Time Zone and DST link, revealing the following window.

Figure 6- 21. Time Zone and DST Settings window

The following parameters can be set:

Parameter Description

Daylight Saving Time State

Daylight Saving Time Offset in Minutes

Use this pull-down menu to enable or disable the DST Settings.

Use this pull-down menu to specify the amount of time that will constitute your local DST offset

- 30, 60, 90, or 120 minutes.

Time Zone and DST

Page 64

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Time Zone O

ffset

from GMT in +/-

Use these pull-down menus to specify your local time zone's offset from Greenwich Mean Time (GMT.)

HH:MM

DST Repeating Settings

Using repeating mode will enable DST seasonal time adjustment. Repeating mode requires that the DST beginning and ending date be specified using a formula. For example, specify to begin DST on Saturday during the second week of April and end DST on Sunday during the last week of October.

From Which Week

Enter the week of the month that DST will start.

of the Month

From Which Day of

Enter the day of the week that DST will start on.

the Week

From Which Month

From What Time

Enter the month DST will start on.

Enter the time of day that DST will start on.

HH:MM

To Which Week

To Which Day

Enter the week of the month the DST will end.

Enter the day of the week that DST will end.

To Which Month

To What Time

Enter the month that DST will end.

Enter the time DST will end.

HH:MM

DST Annual Settings

Using annual mode will enable DST seasonal time adjustment. Annual mode requires that the DST beginning and ending date be specified concisely. For example, specify to begin DST on April 3 and end DST on October 14.

From What Month

From What Date

From What Time

To What Month

To What Date

To What Time

Enter the month DST will start on, each year.

Enter the day of the week DST will start on, each year.

Enter the time of day DST will start on, each year.

Enter the month DST will end on, each year.

Enter the date DST will end on, each year.

Enter the time of day that DST will end on, each year.

Click Apply to implement changes made to the Time Zone and DST window.

Page 65

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

MAC Notification Settings

MAC No entered into the forwarding database. To globally set MAC notification on the Switch, click Administration > MAC Notification Settings.

tification is used to monitor MAC addresses learned and

Global Settings

The following parameters may be viewed and modified:

Parameter Description

State

Interval (sec)

History Size

Enable or disable MAC notification globally on the Switch

The time in seconds between notifications.

The maximum number of entries listed in the history log used for notification. Up to 500 entries can be specified.

Port Settings

To change MAC notification settings for a port or group of ports on the Switch, configure the following parameters.

Parameter Description

From…To

State

Click Apply to implement changes made.

Figure 6- 22. MAC Notification Settings window

Select a port or group of ports to enable for MAC notification using the pull-down menus.

Enable MAC Notification for the ports selected using the pull-down menu.

Page 66

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

TFTP Services

Trivial File Transfer Protocol (TFTP) services allow the Switch's firmware to be upgraded by transferring a new firmware file from a TFTP server to the Switch. A configuration file can also be loaded into the Switch from a TFTP server. Switch settings can be saved to the TFTP server, and a history log can be uploaded from the Switch to the TFTP server. The TFTP server must be running TFTP server software to perform the file transfer.

The user also has the option of transferring firmware and configuration files to and from the internal Flash drive, located on the Switch. Using this window, the user can add a configuration or firmware file from a TFTP server to the flash memory, or transfer that firmware or configuration file to a TFTP server. Mor e about configuring the internal Flash drive can be found in the next section entitled Flash File Services.

TFTP server software is a part of many network management software packages – such as NetSight, or can be obtained as a separate program. To update the Switch's firmware or configuration file, click Administration > TFTP Services.

The following parameters can be configured:

Figure 6- 23. TFTP Services window

Parameter Description

Active

Server IP Address

File Name

Select a service for the TFTP server to perform from the drop down window:

 Download Firmware - Enter the IP address of the TFTP server and specify the

 Download Configuration - Enter the IP address of the TFTP server, and the path

 Upload Configuration - Enter the IP address of the TFTP server and the path and

 Upload Log - Enter the IP address of the TFTP server and the path and filename

Enter the IP address of the server from which to download firmware or configuration files.

Enter the path and filename of the firmware or configuration file to upload or download, located on the TFTP server.

Image ID

To select a firmware file from the internal Flash drive to which the firmware file will be transferred.

location of the new firmware on the TFTP server. Click Start to record the IP address of the TFTP server and to initiate the file transfer.

and filename for the Configuration file on the TFTP server. Click Start to record the IP address of the TFTP server and to initiate the file transfer.

filename for the switch settings on the TFTP server. Click Start to record the IP address of the TFTP server and to initiate the file transfer.

for the history log on the TFTP server. Click Start to record the IP address of the TFTP server and to initiate the file transfer.

Click Start to initiate the file transfer.

Page 67

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Multiple Image Services

To configure the files located on the Flash memory, use the following windows to guide you. The Multiple Image Services folder contains windows to allow the user to view Firmware Information and to configure Firmware Image, to view these windows click Administration > Multiple Image Services .

Firmware Information

This window is used to view boot up firmware images. To view this window, click, Administration > Multiple Image Services > Firmware Information.

Figure 6- 24. Firmware Information window

Config Firmware Image

The following window is used to determine which of the two firmware images will be used as the default boot file. You can also delete either of the two images. To view this window click, Administration > Multiple Image Services > Config Firmware Image.

Figure 6- 25. Config Firmware Image window

Page 68

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Ping Test

Ping is a small program that sends ICMP Echo packets to the IP address you specify. The destination node then responds to or "echoes" the packets sent from the Switch. This is very useful to verify connectivity between the Switch and other nodes on the network. To view this window click, Administration > Ping Test.

Figure 6- 26. Ping Test window

The user may use Infinite times radio button, in the Repeat Pinging for field, which will tell the ping program to keep sending ICMP Echo packets to the specified IP address until the program is stopped. The user may opt to choose a specific number of times to ping the Target IP Address by clicking its radio button and entering a number between 1 and 255. Click Start to initiate the Ping program.

Safeguard Engine

Periodically, malicious hosts on the network will attack the Switch by utilizing packet flooding (ARP Storm) or other methods. To alleviate this problem, the Safeguard Engine function was added to the Switch’s software.

The Safeguard Engine can help the overall operability of the Switch by minimizing the workload of the Switch while the attack is ongoing, thus making it capable to forward essential packets over its network in a limited bandwidth. When the Switch either (a) receives too many packets to process or (b) exerts too much memory, it will enter an Exhausted mode. When in this mode, the Switch will drop all ARP and IP broadcast packets for a calculated time interval. Every five seconds, the Switch will check to see if there are too many packets flooding the Switch. If the threshold has been crossed, the Switch will initially stop all ingress ARP and IP broadcast packets for five seconds. After another five-second checking interval arrives, the Switch will again check the ingress flow of packets. If the flooding has stopped, the Switch will again begin accepting all packets. Yet, if the checking shows that there continues to be too many packets flooding the Switch, it will stop accepting all ARP and IP broadcast packets for double the time of the previous stop period. This doubling of time for stopping ingress ARP and IP broadcast packets will continue until the maximum time has been reached, which is 320 seconds and every stop from this point until a return to normal ingress flow would be 320 seconds. For a better understanding, examine the following example of the Safeguard Engine.

Page 69

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 6- 27. Safeguard Engine example

For every consecutive checking interval that reveals a packet flood ing issue, the Switch will double the ti me it will discard ingress ARP and IP broadcast packets. In the example above, the Switch doubled the time for dropping ARP and IP broadcast packets when consecutive flooding issues were detected at 5 second in terv als. (First stop = 5 second s, second stop = 10 seconds, third stop = 20 seconds) Once the flooding is no longer detected, the wait period for dropping ARP and IP broadcast packets w ill return to 5 seconds and the process will resume.

NOTE: While in Exhausted mode, only trusted IP addresses are accepted to connect to the Switch.

To configure the Safeguard Engine for the Switch, click Administration > Safeguard Engine > Safeguard Engine Settings which will open the following window.

Figure 6- 28. Safeguard Engine Settings window

To configure the Switch’s Safeguard Engine, change the State to Enabled. To configure the parameters for the Safeguard Engine, click the CPU Utilization Settings button, which will alter the previous window to look like this:

Page 70

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 6- 29. Safeguard Engine Settings window – CPU Utilization Settings

To set the Safeguard Engine for the Switch, complete the following fields:

Parameter Description

State

Rising Threshold

Falling Threshold

Trap/Log

Mode

Safeguard Engine Current Status

Toggle thi

s field to either Enabled or Disabled for the Safeguard Engine of the Switch.

Used to configure the acceptable level of CPU utilization before the Safeguard Engine mechanism is enabled. Once the CPU utilization reaches this percentage level, the Switch will move into the Exhausted state.

Used to configure the acceptable level of CPU utilization as a percentage, where the Switch leaves the Exhausted state and returns to normal mode.

Use the pull-down menu to enable or disable the sending of messages to the device’s SNMP agent and switch log once the Safeguard Engine has been activated by a high CPU utilization rate.

You can choose between Fuzzy and Strict. In strict mode the Switch will stop receiving all ‘ARP’ packets. That means that whatever reasons have caused the high CPU utilization, the Switch will reluctantly processes any ’ARP’ packets in exhausted mode. In fuzzy mode, the Switch will adjust the bandwidth dynamically depending on some reasonable algorithm.

Displays the current state of the Safeguard Engine.

Page 71

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

SNMP Manager

SNMP Settings

The DES-3028/28P/28G/52/52P supports the SNMP versions 1, 2c, and 3. The default SNMP setting is enabled and cannot be disabled. The three versions of SNMP vary in the level of security provided between the management station and the network device.

The default community strings for the Switch used for SNMP v.1 and v.2 management access are:

 public - Allows authorized management stations to retrieve MIB objects.  private - Allows authorized management stations to retrieve and modify MIB objects.

SNMPv3 uses a more sophisticated authentication process that is separated into two parts. The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers. The second part describes what each user on that list can do as an SNMP manager.

The Switch allows groups of users to be listed and configured with a shared set of privileges. The SNMP version may also be set for a listed group of SNMP managers. Thus, you may create a group of SNMP managers that are allowed to view read-only information or receive traps using SNMPv1 while assigning a higher level of security to another group, granting read/write privileges using SNMPv3.

Using SNMPv3 individual users or groups of SNMP managers can be allowed to perform or be restricted from performing specific SNMP management functions. The functions allowed or restricted are defined using the Object Identifier (OID) associated with a specific MIB. An additional layer of security is available for SNMPv3 in that SNMP messages may be encrypted. To read more about how to configure SNMPv3 settings for the Switch read the next section.

Traps

MIBs

The DES-3028/28P/28G/52/52P incorporates a flexible SNMP management for the switch ing environment. SNMP management can be customized to suit the needs of the networks and the preferences of the n etwork ad minis tra tor . Use th e SN MP V3 men us to select the SNMP version used for specific tasks.

The DES-3028/28P/28G/52/52P supports the Simple Network Management Protocol (SNMP) versions 1, 2c, and 3. The administrator can specify the SNMP version used to monitor and control the Switch. The three versions of SNMP vary in the level of security provided between the management station and the network device.

Page 72

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

P settings are configured using the menus located on the SNMP V3 folder of the web manager. Workstations on the network

SNM that are allowed SNMP privileged access to the Switch can be restricted with the Trusted Host IP Management window in the Security folder of the web manager. .

SNMP Traps Settings

The following window is used to enable and disable trap settings for the SNMP function on the Switch. To view this window for configuration, click Administration > SNMP Manager > SNMP Trap Settings:

Figure 6- 30. SNMP Trap Settings window

To enable or disable the Traps State and/or the Authenticate Traps State, use the corresponding pull-down menu to change and click Apply.

SNMP User Table

This window displays all of the SN MP User's cu rren tly configur ed on the Switch . . To view this window, click Administration > SNMP Manager > SNMP User Table:

Figure 6- 31. SNMP User Table window

To delete an existing SNMP User Table entry, click the delete.

To display the detailed entry for a given user, click on the hyperlinked username und er the Display heading. This will open the SNMP User Table Display window, as shown below.

below the Delete heading corresponding to the entry you wish to

Figure 6- 32. SNMP User Table Display window

The following parameters are displayed:

Parameter Description

User Name

An alphanumeric string of up to 32 characters. This is used to identify the SNMP users.

Page 73

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Group Name

SNMP Version

This name is used to specify the SNMP group created can request SNMP messages.

V1 - Indicates that SNMP version 1 is in use. V2 - Indicates that SNMP version 2 is in use. V3 - Indicates that SNMP version 3 is in use.

Auth-Protocol

None - Indicates that no authentication protocol is in use. MD5 - Indicates that the HMAC-MD5-96 authentication level will be used. SHA - Indicates that the HMAC-SHA authentication protocol will be used.

Priv-Protocol

None - Indicates that SNMP messages will not be encrypted. DES - Indicates that DES 56-bit encryption is in use based on the CBC-DES (DES-56)

standard.

To return to the SNMP User Table, click the Show All SNMP User Table Entries link. To add a new entry to the SNMP User Table Configuration window, click on the Add button on the SNMP User Table window. This will open the SNMP User Table Configuration window, as shown below.

Figure 6- 33. SNMP User Table Configuration window

The following parameters can set:

Parameter Description

User Name

Group Name

SNMP V3 Encryption

Enter an alphanumeric string of up to 32 characters. This is used to identify the SNMP user.

This name is used to specify the SNMP group created to which the SNMP user will belong.

Checking the corresponding box will enable encryption for SNMP V3 and is only operable in SNMP V3 mode.

Auth-Protocol

MD5 - Specifies that the HMAC-MD5-96 authentication level will be used. This field is only operable when V3 is selected in the SNMP Version field and the Encryption field has been checked. This field will require the user to enter a password.

SHA - Specifies that the HMAC-SHA authentication protocol will be used. This field is only operable when V3 is selected in the SNMP Version field and the Encryption field has been checked. This field will require the user to enter a password.

Priv-Protocol

None - Specifies that no encryption will be used. DES - Specifies that DES 56-bit encryption is in use, based on the CBC-DES (DES-56)

standard. This field is only operable when V3 is selected in the SNMP Version field and the Encryption field has been checked. This field will require the user to enter a password between 8 and 16 alphanumeric characters.

Page 74

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

mplement changes made, click Apply. To return to the SNMP User Table, click the Show All SNMP User Table Entries

To i

link.

SNMP View Table

This window is used to assign views to community strings that define which MIB objects can be accessed by a remote SNMP manager. To view the SNMP View Table window, click Administration > SNMP Manager > SNMP View Table.

Figure 6- 34. SNMP View Table window

To delete an existing SNMP View Table entry, click the corresponding To create a new entry, click the Add button and a separate window will appear.

Figure 6- 35. SNMP View Table Configuration window

The SNMP Group created with this table maps SNMP users (identified in the SNMP User Table) to the views created in the previous window.

The following parameters can set:

Parameter Description

in the Delete column of the entry you wish to delete.

View Name

Subtree OID

View Type

Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP view being created.

Type the Object Identifier (OID) Subtree for the view. The OID identifies an object tree (MIB tree) that will be included or excluded from access by an SNMP manager.

Select Included to ensure this object is included in the list of objects that an SNMP manager can access. Select Excluded to exclude this object from the list of objects that an SNMP manager can access.

Page 75

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

implement your new settings, click Apply. To return to the SNMP View Table, click the Show All SNMP View Table Entries

To link.

SNMP Group Table

An SNMP Group created with this table maps SNMP users (identified in the SNMP User Table) to the views created in the previous menu. To view the SNMP Group Table window, click Administration > SNMP Manager > SNMP Group Table.

Figure 6- 36. SNMP Group Table window

To delete an existing SNMP Group Table entry, click the corresponding To display the current settings for an existing SNMP Group Table entry, click the hyperlinked Group Name, which will show

the following window.

Figure 6- 37. SNMP Group Table Display window

To add a new entry to the Switch's SNMP Group Table, click the Add button in the upper left-hand corner of the SNMP Group Table window. This will open the SNMP Group Table Configuration window, as shown below.

under the Delete heading.

Page 76

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 6- 38. SNMP Group Table Configuration window

The following parameters can set:

Parameter Description

Group Name Type an alphanumeric string of up to 32 characters. This is used to identify the new SNMP

group of SNMP users.

Read View Name

Write View Name

Notify View Name

Security Model

This field specifies the SNMP view to which the users in the group can read from.

This field specifies the SNMP view to which the users in the group can write to.

This field specifies the SNMP view to which the users in the group can access notifications.

SNMPv1 - Specifies that SNMP version 1 will be used. SNMPv2 - Specifies that SNMP version 2c will be used. The SNMPv2 supports both

centralized and distributed network management strategies. It includes improvements in the Structure of Management Information (SMI) and adds some security features.

SNMPv3 - Specifies that the SNMP version 3 will be used. SNMPv3 provides secure access to devices through a combination of authentication and encrypting packets over the network.

Security Level

The Security Level settings only apply to SNMPv3. NoAuthNoPriv - Specifies that there will be no authorization and no encryption of packets sent

between the Switch and a remote SNMP manager. AuthNoPriv - Specifies that authorization will be required, but there will be no encryption of

packets sent between the Switch and a remote SNMP manager. AuthPriv - Specifies that authorization will be required, and that packets sent between the

Switch and a remote SNMP manger will be encrypted.

To implement your new settings, click Apply. To return to the SNMP Group Table, click the Show All SNMP Group Table

Entries link.

SNMP Community Table Configuration

Use this table to create an SNMP community string to define the relationship between the SNMP manager and an agent. The community string acts like a password to permit access to the agent on the Switch. One or more of the following characteristics can be associated with the community string:

 An Access List of IP addresses of SNMP managers that are permitted to use the community string to gain access to

the Switch's SNMP agent.

 Any MIB view that defines the subset of all MIB objects will be accessible to the SNMP community.  Read/write or read-only level permission for the MIB objects accessible to the SNMP community.

To configure SNMP Community entries, click Administration > SNMP Manager > SNMP Community Table, which will display the following window:

Page 77

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 6- 39. SNMP Community Table Configuration window

The following parameters can set:

Parameter Description

Community Name

View Name

Access Right

To implement the new settings, click Apply. To delete an entry from the SNMP Community Table, click the corresponding under the Delete heading.

Type an alphanumeric string of up to 32 characters that is used to identify members of an SNMP community. This string is used like a password to give remote SNMP managers access to MIB objects in the Switch's SNMP agent.

Type an alphanumeric string of up to 32 characters that is used to identify the group of MIB objects that a remote SNMP manager is allowed to access on the Switch. The view name must exist in the SNMP View Table.

Read Only - Specifies that SNMP community members using the community string created can only read the contents of the MIBs on the Switch.

Read Write - Specifies that SNMP community members using the community string created can read from, and write to the contents of the MIBs on the Switch.

SNMP Host Table

Use the SNMP SNMP trap recipients. To view this window, click

Administration > SNMP Manager > SNMP Host Table. This will open the SNMP Host Table window, as shown to the right. To delete

an existing SNMP Host Table entry, click the corresponding

display the current settings for an existing SNMP Host Table entry, click the blue link for the entry under the Host IP Address heading.

Host Table window to set up

under the Delete heading. To

Figure 6- 40. SNMP Host Table window

To add a new entry to the Switch's SNMP Host Table, click the Add button in the upper left-hand corner of the window. This will open the SNMP Host Table Configuration window, as shown to the right.

Figure 6- 41. SNMP Host Table Configuration window

Page 78

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

e following parameters can set:

Parameter Description

Host IP Address

SNMP Version

Community String/ SNMP V3 User Name

To implement your new settings, click Apply. To return to th e SNMP Host Table, click the Show All SNMP Host Tab le Entrie s link.

Type the IP address of the remote management station that will serve as the SNMP host for the Switch.

V1 - To specifies that SNMP version 1 will be used. V2 - To specify that SNMP version 2 will be used. V3-NoAuth-NoPriv - To specify that the SNMP version 3 will be used, with a NoAuth-

NoPriv security level. V3-Auth-NoPriv - To specify that the SNMP version 3 will be used, with an Auth-NoPriv

security level. V3-Auth-Priv - To specify that the SNMP version 3 will be used, with an Auth-Priv security

level. Type in the community string or SNMP V3 user name as appropriate.

SNMP Engine ID

The Engine ID is a unique identifier used for SNMP V3 implementations. This is an alphanumeric string used to identify the SNMP engine on the Switch. To display the Switch's SNMP Engine ID, click Administration > SNMP Manger > SNMP Engine ID.

Figure 6- 42. SNMP Engine ID Configuration window

To change the Engine ID, type the new Engine ID in the space provided and click the Apply button.

Page 79

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

PoE System

The DES-3028P and DES-3052P support Power over Ethernet (PoE) as de fined by the IEEE 802.3af specification. Ports 1-24/148 can supply 48 VDC power to Power Devices (PDs) over Category 5 or Category 3 UTP Ethernet cables. Both the DES-3028P and DES-3052P follow the standard PSE (Power Source over Ethernet) pinout Alternative A, whereby power is sent out over pins 1, 2, 3 and 6. Both the DES-3028P and DES-3052P work with all D-Link 802.3af capable devices.

The DES-3028P and DES-3052P include the following PoE features:

 Auto-discovery recognizes the connection of a PD (Power Device) and automatically sends power to it.  The Auto-disable feature will occur under two conditions: first, if the total power consumption exceeds the system

power limit; and second, if the per port power consumption exceeds the per port power limit.

 Active circuit protection automatically disables the port if there is a short. Other ports will remain active.

PSE

receive power according to the following classification:

PDs

provides power according to the following classification:

Class Max power used by PD

0 0.44 to 12.95W 1 0.44 to 3.84W 2 3.84 to 6.49W 3 6.49 to 12.95W

To configure the PoE features on the DES-3028P and DES-3052P, click Administration > PoE Configuration. The PoE System window is used to assign a power limit and power disconnect method for the whole PoE system. To configu re the Power Limit for the PoE system, enter a value between 37W and 185W (f or the DES- 3028P) and between 37W and 370W (for th e DES-305 2P) in the Power Limit field. The default setting is 185W (DES-3028P) and 370W (DES-3052P). When the total consumed power exceeds the power limit, the PoE controller (located in the PSE) disconnects the power to prevent overloading the power supply.

To configure PoE for the Switch, click Administration > PoE System > PoE System Configuration, which will reveal the following window for the user to configure:

Class Max power used by PSE

0 15.4W 1 4.0W 2 7.0W 3 15.4W

PoE System Configuration

Figure 6- 43. PoE System Configuration window

Page 80

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

PoE Port Configuration

To configure PoE port configuration for th e Switch , click Administration > PoE System > PoE Port Configuration, which will reveal the following window for the user to configure:

Figure 6- 44. PoE Port Configuration window

The previous window contains the following fields to configure for PoE:

Parameter Description

PoE System

Power Limit

Power Disconnect Method

Sets the limit of power to be used from the Switch’s power source to PoE ports. The user may configure a Power Limit between 37 and 185W (for the DES-3028P) and 37 and 370W (for the DES-3052P). The default setting is 185W (DES-3028P) and 370W (DES-3052P).

The PoE controller uses either Deny next port or Deny low priority port to offset the power limit being exceeded and keep the Switch’s power at a usable level. Use the drop down menu to select a Power Disconnect Method. The default for the Power Disconnect Method is Deny

next port. Both Power Disconnection Methods are described below: Deny next port - After the power limit has been exceeded, the next port attempting to power

Page 81

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

up is de

nied, regardless of its priority.

Deny low priority port - After the power limit has been exceeded, the next port attempting to power up causes the port with the lowest priority to shut down to allow the high-priority and critical priority ports to power up.

PoE Configuration

From… To…

State

Priority

Power Limit

Select a range of ports from the pull-down menus to be enabled or disabled for PoE.

Use the pull-down menu to enable or disable ports for PoE.

Use the pull-down menu to select the priority of the PoE ports.

Sets the power limit per PoE port. Once this threshold has been reached on the port, the PoE will go into the Power Disconnect Method, as described above. The user may set a limit between 1000 and 15400mW

Click Apply to implement changes made to the PoE settings. The port status of all PoE configured po rts is displayed in the table in the bottom half of the screen shown above.

Page 82

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Single IP Settings

Simply put, D-Link Single IP Management is a concept that will stack switches together over Ethernet instead of using stacking ports or modules. There are some advantages in implementing the "Single IP Management" feature:

1. SIM can simplify management of small workgroups or wiring closets while scaling the network to handle increased bandwidth demand.

2. SIM can reduce the number of IP address needed in your network.

3. SIM can eliminate any specialized cables for stacking connectivity and remove the distance barriers that typically limit your topology options when using other stacking technology.

Switches using D-Link Single IP Management (labeled here as SIM) must conform to the following rules:

 SIM is an optional feature on the Switch and can easily be enabled or disabled through the Command Line Interface

or Web Interface. SIM grouping has no effect on the normal operation of the Switch in the user's network.

 There are three classifications for SIM. The Commander Switch (CS), which is the master switch of the group,

Member Switch (MS), which is a switch that is recognized by the CS a member of a SIM group, and a Candidate Switch (CaS), which is a Switch that has a physical link to the SIM group but has not been recognized by the CS as a

member of the SIM group.

 A SIM group can only have one Commander Switch (CS).  All switches in a particular SIM group must be in the same IP subnet (broadcast domain). Members of a SIM group

cannot cross a router.

 A SIM group accepts up to 33 switches (numbered 0-32), including the Commander Switch (numbered 0).

There is no limit to the number of SIM groups in the same IP subnet (broadcast domain), however a sing le switch can on ly belong to one group.

If multiple VLANs are configured, the SIM group will only utilize the system VLAN on any switch. SIM allows intermediate devices that do not support SIM. This enables the user to manage switches that are more than one hop

away from the CS. The SIM group is a group of switches that are managed as a single entity. SIM switches may take on three different roles:

1. Commander Switch (CS) - This is a switch that has been manually configured as the controlling device for a group, and takes on the following characteristics:

 It has an IP Address.  It is not a commander switch or member switch of another Single IP group.  It is connected to the member switches through its management VLAN.

2. Member Switch (MS) - This is a switch that has joined a single IP group and is accessible from the CS, and it takes on the following characteristics:

 It is not a CS or MS of another Single IP group.  It is connected to the CS through the CS management VLAN.

3. Candidate Switch (CaS) - This is a switch that is ready to join a SIM group but is not yet a member of the SIM group. The Candidate Switch may join the SIM group of a switch by manually configuring it to be a MS of a SIM group. A switch configured as a CaS is not a member of a SIM group and will take on the following characteristics:

 It is not a CS or MS of another Single IP group.  It is connected to the CS through the CS management VLAN

After configuring one switch to operate as the CS of a SIM group, additional switches may join the group through a direct connection to the Commander switch. Only the Commander switch will allow entry to the candidate switch enabled for SIM. The CS will then serve as the in band entry point for access to the MS. The CS's IP address will become the path to all MS's of the group and the CS's Administrator's password, and/or authentication will control access to all MS's of the SIM group.

With SIM enabled, the applications in the CS will redirect the packet instead of executing the packets. The applications will decode the packet from the administrator, modify some data, then send it to the MS. After execution, the CS may receive a response packet from the MS, which it will encode and send it back to the administrator.

When a CS becomes a MS, it automatically becomes a member of the first SNMP community (include read/write and read only) to which the CS belongs. However, if a MS has its own IP address, it can belong to SNMP communities to which other switches in the group, including the CS, do not belong.

Page 83

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

The Upgrade to v1.6

To better improve SIM management, the DES-3028/28P/28G/52/52P Switches have been upgraded to version 1.6 in this release. Many improvements have been made, including:

1. The Commander Switch (CS) now has the capability to automatically rediscover member switches that have left the SIM group, either through a reboot or web malfunction. This feature is accomplished through the use of Discover packets and Maintain packets that previously set SIM members will emit after a reboot. Once a MS has had its MAC address and password saved to the CS’s database, if a reboot occurs in the MS, the CS will keep this MS information in its database and when a MS has been rediscovered, it will add the MS back into the SIM tree automatically. No configuration will be necessary to rediscov er these switches.

There are some instances where pre-saved MS switches cannot be rediscovered. For example, if the Switch is still powered down, if it has become the member of another group, or if it has been configured to be a Commander Switch, the rediscovery process cannot occur.

he topology map now includes new features for connections that are a

2. T member of a port trunking group. It will display the speed and number of Ethernet connections creating this port trunk group, as shown in the adjacent picture.

. This version will support multiple switch upload and downloads for firmware, configuration files and log files, as follows:

 Firmware – The switch now supports multiple MS firmware downloads from a TFTP server.  Configuration Files – This switch now supports multiple download ing and uploading of configuration files both to (for

configuration restoration) and from (for configuration backup) MS’s, using a TFTP server..

 Log – The switch now supports uploading multiple MS log files to a TFTP server.

4. The user may zoom in and zoom out when utilizing the topology window to get a better, more defined view of the configurations.

SIM Settings

All switches are set as Candidate (CaS) switches as their factory default configuration and Single IP Management will be disabled. To enable SIM for the Switch using the Web interface, click Administration > Single IP Settings > SIM Settings.

Figure 6- 45. SIM Settings window (disabled)

Change the SIM State to Enabled using the pull-down menu and click Apply. The window will then refresh to look like this:

Page 84

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 6- 46. SIM Settings window (enabled)

If the Switch Administrator wishes to configure the Switch as a Commander Switch (CS), select Commander from the Role State field and click Apply. The window will change once again to look like this:

Figure 6- 47. SIM Settings window (Commander enabled)

The following parameters can be set:

Parameters Description

SIM State

Use the pull-down menu to either enable or disable the SIM state on the Switch. Disabled will render all SIM functions on the Switch inoperable.

Role State

Discovery Interval

Use the pull-down menu to change the SIM role of the Switch. The two choices are:

 Candidate - A Candidate Switch (CaS) is not the member of a SIM group but is

 Commander - Choosing this parameter will make the Switch a Commander Switch

The user may set the discovery protocol interval, in seconds that the Switch will send out discovery packets. Returning information to a Commander Switch will include information about other switches connected to it. (Ex. MS, CaS). The user may set the Discovery Interval from 30 to 90 seconds.

Hold Time

This parameter may be set for the time, in seconds the Switch will hold information sent to it from other switches, utilizing the Discovery Interval. The user may set the hold time from 100 to 255 seconds.

connected to a Commander Switch. This is the default setting for the SIM role.

(CS). The user may join other switches to this Switch, over Ethernet, to be part of its SIM group. Choosing this option will also enable the Switch to be configured for SIM.

Click Apply to implement the settings changed. After enabling the Switch to be a Commander Switch (CS), the Single IP Management folder will then contain four add ed links

to aid the user in configuring SIM through the web, including Topology, Firmware Upgrade and Configuration Backup/Restore and Upload Log File.

Page 85

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Topology

The Topology window will be used to configure and manage the Switch within the SIM group and requires Jav a scrip t to fun ctio n properly on your computer.

The Java Runtime Environment on your server should initiate and lead you to the topology window, as seen below.

Figure 6- 48. Single IP Management window - Tree View

The Tree View window holds the following information under the Data tab:

Parameter Description

Device Name

Local Port

Speed

Remote Port

MAC Address

This field will display the Device Name of the switches in the SIM group configured by the user. If no Device Name is configured by the name, it will be given the name default and tagged with the last six digits of the MAC Address to identify it.

Displays the number of the physical port on the CS that the MS or CaS is connected to. The CS will have no entry in this field.

Displays the connection speed between the CS and the MS or CaS.

Displays the number of the physical port on the MS or CaS that the CS is connected to. The CS will have no entry in this field.

Displays the MAC address of the corresponding Switch.

Page 86

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Model Name

Displays the full model name of the corresponding Switch.

To view the Topology Map, click the View menu in the toolbar and then Topology, which will produce the following window. The Topology View will refresh itself periodically (20 secon ds by default).

Figure 6- 49. Topology view

This window will display how the devices within the Single IP Management Group are connected to other groups and devices. Possible icons in this screen are as follows:

Icon Description

Group

Layer 2 commander switch

Layer 3 commander switch

Commander switch of other group

Layer 2 member switch.

Layer 3 member switch

Member switch of other group

Layer 2 candidate switch

Layer 3 candidate switch

Unknown device

Page 87

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Non-SIM devices

Tool Tips

In the Topology view window, the mouse plays an important role in configu ration and in viewing device info rmation. Setting the mouse cursor over a specific device in the topology window (too l tip) will display th e same information about a specific dev ice as the Tree view does. See the window below for an example.

Figure 6- 50. Device Information Utilizing the Tool Tip

Setting the mouse cursor over a line between two devices will display the connection speed between the two devices, as shown below.

Figure 6- 51. Port Speed Utilizing the Tool Tip

Page 88

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Right-Click

Right-clicking on a device will allow the user to perform various functions, depending on the role of the Switch in the SIM group and the icon associated with it.

Group Icon

Figure 6- 52. Right-Clicking a Group Icon

e following options may appear for the user to configure:

 Collapse - To collapse the group that will be represented by a single icon.  Expand - To expand the SIM group, in detail.  Property - To pop up a window to display the group information.

Figure 6- 53. Property window

This window holds the following information:

Parameter Description

Device Name

Module Name

Displays the full module name of the switch that was right-clicked.

MAC Address

Remote Port No.

Local Port No.

Port Speed

Click Close to close the Property window.

Displays the MAC Address of the corresponding Switch.

Displays the number of the physical port on the MS or CaS that the CS is connected to. The CS will have no entry in this field.

Displays the number of the physical port on the CS that the MS or CaS is connected to. The CS will have no entry in this field.

Displays the connection speed between the CS and the MS or CaS

Page 89

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Commander Switch Icon

Figure 6- 54. Right-Clicking a Commander Icon

The following options may appear for the user to configure:

 Collapse - To collapse the group that will be represented by a single icon.  Expand - To expand the SIM group, in detail.  Property - To pop up a window to display the group information.

Member Switch Icon

Figure 6- 55. Right-Clicking a Member icon

The following options may appear for the user to configure:

 Collapse - To collapse the group that will be represented by a single icon.  Expand - To expand the SIM group, in detail.  Remove from group - Remove a member from a group.  Configure - Launch the web management to configure the Switch.  Property - To pop up a window to display the device informati on.

Candidate Switch Icon

Figure 6- 56. Right-Clicking a Candidate icon

The following options may appear for the user to configure:

 Collapse - To collapse the group that will be represented by a single icon.  Expand - To expand the SIM group, in detail.

Page 90

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

 Add to group - Add a candidate to a group. Clicking this option will reveal the following dialog for the user to enter

a password for authentication from the Candidate Switch before being added to the SIM group. Click OK to enter the password or Cancel to exit the window.

Figure 6- 57. Input password window

 Property - To pop up a window to display the device information, as shown below.

Menu Bar

The Single IP Management window contains a menu bar for device configurations, as seen below.

Figure 6- 58. Menu Bar of the Topology View

The five menus on the menu bar are as follows.

File

 Print Setup - Will view the image to be printed.  Print Topology - Will print the topology map.  Preference - Will set display properties, such as polling interval, and the views to open at SIM startup.

Group

 Add to group - Add a candidate to a group. Clicking this option will reveal the following dialog for the user to enter

a password for authentication from the Candidate Switch before being added to the SIM group. Click OK to enter the password or Cancel to exit the window.

Figure 6- 59. Input password window

 Remove from Group - Remove an MS from the group.

Device

 Configure - Will open the web manager for the specific device.

View

 Refresh - Update the views with the latest status.  Topology - Display the Topology view.

Page 91

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Help

 About - Will display the SIM information, including the current SIM version.

Figure 6- 60. About window

Firmware Upgrade

This screen is used to upgrade firmware from the Commander Switch to the Member Switch. Member Switches will be listed in the table and will be specified by Port (por t on the CS where the MS resides), MAC Address, Model Name and Version. To specify a certain Switch for firmware download, click its corresponding check box in the first column. To update the firmware, enter the Server IP Address where the firmware resides and enter the Path/Filename of the firmware. Click Download to initiate the file transfer. To access the following window, click Administration > Single IP Settings > Firmware Upgrade.

Figure 6- 61. Firmware Upgrade window

Configuration Backup/Restore

This screen is used to upgrade configuration files from the Commander Switch to the Member Switch using a TFTP server. Member Switches will be listed in the table and will be specified by Port (p ort on the CS wher e the MS res ides) , MAC Address, Model Name and Version. To specify a certain Switch for upgrading configuration files, click its corresponding check box in the first column of the table. To update the configuration file, enter the Server IP Address where the file resides and enter the

Path/Filename of the configuration file. Click Download to initiate the file transfer from a TFTP server to the Switch. Click Upload to backup the configuration file to a TFTP server. To access the following window, click Administration > Single IP Management Settings > Configuration Backup/Restore.

Page 92

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 6- 62. Configuration File Backup/Restore window

Upload Log

The following window is used to upload log files from SIM member switches to a specified PC. To upload a log file, enter the IP address of the PC and then enter a path on your PC where you wish to save this file. Select the member switches which will upload log files by clicking their corresponding check boxes. Click Upload to initiate the file transfer. To view this window click Administration > Single IP Management > Upload Log File.

Figure 6- 63. Upload Log File window

Forwarding & Filtering

Unicast Forwarding

To view this window, click Administration > Forwarding & Filtering > Unicast Forwarding. This will open the following window:

Page 93

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 6- 64. Unicast Forwarding window

To add or edit an entry, define the following parameters and then click Add/Modify:

Parameter Description

VID

MAC Address

Port

Click Apply to implement the changes made. To delete an entry in the Static Unicast Forwarding Table, click the corresponding X under the Delete heading.

The VLAN ID number of the VLAN on which the above Unicast MAC address resides.

The MAC address to which packets will be statically forwarded. This must be a unicast MAC address.

Allows the selection of the port number on which the MAC address entered above resides.

Multicast Forwarding

The following figure and table describe how to set up Multicast Forwarding on the Switch. To view this window, click Administration > Forwarding & Filtering > Multicast Forwarding:

Figure 6- 65. Multicast Forwarding Settings window

The Static Multicast Forwarding Settings window displays all of the entries made into the Switch's static multicast forwarding table. Click the Add button to open the Setup Static Multicast Forwarding Table window, as shown below:

Page 94

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Figure 6- 66. Setup Static Multicast Forwarding Table window

The following parameters can be set:

Parameter Description

VID

Multicast MAC Address

Port Settings

The VLAN ID of the VLAN to which the corresponding MAC address belongs.

The MAC address of the static source of multicast packets. This must be a multicast MAC address.

Allows the selection of ports that will be members of the static multicast group. The options are:

None - When None is chosen, the port will not be a member of the Static Multicast Group. Egress - The port is a static member of the multicast group.

Click Apply to implement the changes made. To delete an entry in the Static Multicast F orwarding Table, click the correspo nding X under the Delete heading. Click the Show All Multicast For

warding Entries link to return to the Static Multicast Forwarding

Settings window.

Page 95

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Multicast Filtering Mode

The following figure and table describe how to set up multicast forwarding on the Switch. To view this window, click Administration > Forwarding & Filtering > Multicast Filtering Mode:

Figure 6- 67. Multicast Filtering Mode window

The following parameters can be set:

Parameter Description

From/To

Mode

Click Apply to implement changes made.

These two drop-down menus allow you to select a range of ports to which the filter settings will be applied.

This drop-down menu allows you to select the action the Switch will take when it receives a multicast packet that is to be forwarded to one of the ports in the range specified above.

 Forward Unregistered Groups - This will instruct the Switch to forward a multicast

packet whose destination is an unregistered multicast group residing within the range of ports specified above.

 Filter Unregistered Groups - This will instruct the Switch to filter any multicast

packets whose destination is an unregistered multicast group residing within the range of ports specified above.

Page 96

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

SMTP Service

SMTP or Simple Mail Transfer Protocol is a function of the Switch that will send switch events to mail recipients based on e-mail addresses entered using the commands below. The Switch is to be configured as a client of SMTP while the server is a remote device that will receive messages from the Switch, place the appropriate information into an e-mail and deliver it to recipients configured on the Switch. This can benefit the Switch administrator by simplifying the management of small workgroups or wiring closets, increasing the speed of handling emergency Switch events and enhancing security by recording questionable events occurring on the Switch.

The Switch plays four important roles as a client in the functioning of SMTP:

 The server and server virtual port must be correctly configured for this function to work properly. This is accomplished in

the SMTP Service Settings window by properly configuring the SMTP Server Address and SMTP Server Port fields.

 Mail recipients must be configured on the Switch. This information is sent to the server which then processes the

information and then e-mails Switch information to these recipients. Up to 8 e-mail recipients can be configured on the Switch using the SMTP Service Settings window by configuring the Mail Receiver Address field.

 The administrator can configure the source mail address from which messages are delivered to configured recipients. This

can offer more information to the administrator about Switch functions and problems. The personal e-mail can be configured using the SMTP Service Settings window and setting the Self Mail Address field.

 The Switch can be configured to send out test mail to first ensure that the recipient will receive e-mails from the SMTP

server regarding the Switch. To configure this test mail, the SMTP function must first be enabled by configuring the SMTP State in the SMTP Service Settings window and then by sending an email using the SMTP Service window. All recipients configured for SMTP will receive a sample test message from the SMTP server, ensuring the reliability of this function.

The Switch will send out e-mail to recipients when one or more of the following events occur:

 When a cold start occurs on the Switch.  When a port enters a link down status.  When a port enters a link up status.  When SNMP authentication has been denied by the Switch.  When a switch configuration entry has been saved to the NVRAM by the Switch.  When an abnormality occurs on TFTP during a firmware download event. This includes in-process, invalid-file, violation,

file-not-found, complete and time-out messages from the TFTP server.

 When a system reset occurs on the Switch.

Information within the e-mail from the SMTP server regarding switch events includes:

 The s  A timestamp denoting the identity of the SMTP server and the client that sent the message, as well as the time and date of

 The event that occurred on the Switch, prompting the e-mail message to be sent.  When an even t is proc essed by a u ser, su ch as sav e or firmw are upgrade, the I P address, MAC address and Us er Name of

 When the same event occurs more than once, the second mail message and every repeating mail message following will

The following details events occurring during the Delivery Process.

 Urgent mail will have high priority and be immediately dispatched to recipients while normal mail will be placed in a

 The maximum number of untransmitted mail messages placed in the queue cannot exceed 32 messages. Any new

 If the initial message sent to a mail recipient is not delivered, it will be placed in the waiting queue until its place in the

 The maximum attempts for delivering mail to recipients is three. Mail message delivery attempts will b e tried every five

ource device name and IP address.

the message received from the Switch. Messages that have been relayed will have timestamps for each relay.

the user completing the task will be sent along with the system message of the event occurred.

have the system’s error message placed in the subject line of the mail message.

queue for future transmission.

messages will be discarded if the queue is full.

queue has been reached, and then another attempt to transmit the message is made.

minutes until the maximum number of attempts is reached. Once reached and the message has not been successfully delivered, the message will be dropped and not received by the mail recipient.

If the Switch shuts down or reboots, mail messages in the waiting queue will be lost.

Page 97

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

SMTP Server Settings

The following window is used to configure the fields to set up the SMTP server for the switch, along with setting e-mail addresses to which switch log files can be sent when a problem arises on the Switch. To open the following window, click Administration > SMTP Service > SMTP Server Settings.

Figure 6- 68. SMTP Service Settings and Mail Receiver Address Table window

The following parameters can be set:

Parameter Description

SMTP State

SMTP Server Address

SMTP Server Port

Self Mail Address

Mail Receiver Address

Click Apply to implement changes made.

Use the pull-down menu to enable or disable the SMTP service on this device.

Enter the IP address of the SMTP server on a remote device. This will be the device that sends out the mail for you.

Enter the virtual port number that the Switch will connect with on the SMTP server. The common port number for SMTP is 25, yet a value between 1 and 65535 can be chosen.

Enter the e-mail address from which mail messages will be sent. This address will be the “from” address on the e-mail message sent to a recipient. Only one self mail address can be configured for this Switch. This string can be no more that 64 alphanumeric characters.

Enter a list of e-mail addresses so recipients can receive e-mail messages regarding Switch functions. Up to 8 e-mail addresses can be added per Switch. Do delete these

addresses from the Switch, click it’s corresponding Mail Receiver Address Table.

under the Delete heading in the

SMTP Service

The following window is used to send test messages to all mail recipients configured on the Switch, thus testing the configu rations set and the reliability of the SMTP server. To access the following window, click Administration > SMTP Service > SMTP Service.

Page 98

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

The following parameters can be set:

Parameter Description

Figure 6- 69. SMTP Service window

Subject

Content

Enter the subject of the test e-mail.

Enter the content of the test e-mail.

Once your message is ready, click Send to send this mail to all recipients configured on the Switch for SMTP.

Page 99

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

Section 7

L2 Features

VLAN QinQ Trunking IGMP Snooping MLD Snooping Spanning Tree Loopback Detection LLDP

VLANs

A Virtual Local Area Network (VLAN) is a network topolog y configured according to a logical scheme rath er than the physical layout. VLANs can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN. VLANs also logically segment the network into different broadcast domains so that packets are forwarded only between ports within the VLAN. Typically, a VLAN corresponds to a particular subnet, although not necessarily.

VLANs can enhance performance by conserving bandwidth, and improve security by limiting traffic to specific domains. A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently communicate with

each other are assigned to the same VLAN, regardless of where they are physically on the network. Logically, a VLAN can be equated to a broadcast domain, because broadcast packets are forwarded to only members of the VLAN on which the broadcast was initiated.

Notes about VLANs on the Switch

No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership, packets cannot cross VLANs without a network device performing a routing function between the VLANs.

The Switch supports IEEE 802.1Q VLANs. The port untagging function can be used to remove the 802.1Q tag from packet headers to maintain compatibility with devices that are tag-unaware.

The Switch's default is to assign all ports to a single 802.1Q VLAN named "default." The "default" VLAN has a VID = 1.

IEEE 802.1Q VLANs

Some relevant terms:

 Tagging - The act of putting 802.1Q VLAN information into the header of a packet.  Untagging - The act of stripping 802.1Q VLAN information out of the packet header.  Ingress port - A port on a switch where packets are flowing into the Switch and VLAN decisions must be made.  Egress port - A port on a switch where packets are flowing out of the Switch, either to another switch or to an

end station, and tagging decisions must be made.

IEEE 802.1Q (tagged) VLANs are implemented on the Switch. 802.1Q VLANs require tagging, which enables them to span the entire network (assuming all switches on the network are IEEE 802.1Q-compliant).

VLANs allow a network to be segmented in order to reduce the size of broadcast domains. All p ack ets en tering a VLAN will on ly be forwarded to the stations (over IEEE 802.1Q enabled sw itches) that are members of that VLAN, and this includes broadcast, multicast and unicast packets for unknown destinations.

VLANs can also provide a level of security to your network. IEEE 802.1Q VLANs will only deliver packets between stations that are members of the VLAN.

Page 100

DES-3028 DES-3028P DES-3028G DES-3052 DES-3052P Layer 2 Fast Ethernet Managed Switch

port can be configured as either tagging or untagging. The untagging feature of IEEE 802.1Q VLANs allows VLANs to work

Any with legacy switches that don't recognize VLAN tags in packet headers. The tagging feature allows VLANs to span multiple

802.1Q-compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally.

The IEEE 802.1Q standard restricts the forwarding of untagged packets to the VLAN of which the receiving port is a member. The main characteristics of IEEE 802.1Q are as follows:

 Assigns packets to VLANs by filtering.  Assumes the presence of a single global spanning tree. This switch supports MSTP.  Uses an explicit tagging scheme with one-level tagging.  802.1Q VLAN Packet Forwarding  Packet forwarding decisions are made based upon the following three types of rules:  Ingress rules - rules relevant to the classification of received frames belonging to a VLAN.  Forwarding rules between ports - decides whether to filter or forward the packet.  Egress rules - determines if the packet must be sent tagged or untagged.

Figure 7- 1. IEEE 802.1Q Packet Forwarding

802.1Q VLAN Tags

The figure below shows the 802.1Q VLAN tag. There are four additional octets inserted after the source MAC address. Their presence is indicated by a value of 0x8100 in the EtherType field. Wh en a packet's EtherT ype field is equal to 0x8100, the pa cket carries the IEEE 802.1Q/802.1p tag. The tag is contained in the following two octets and consists of 3 bits of user priority, 1 bit of Canonical Format Identifier (CFI - used for encapsulating Token Ring packets so they can be carried across Ethernet backbones), and 12 bits of VLAN ID (VID). The 3 bits of user priority are used by 802.1p. The VID is the VLAN identifier and is used by the

802.1Q standard. Because the VID is 12 bits long, 4094 uni que VL A Ns can be ide nti fi ed . The tag is inserted into the packet header making the entire packet longer by 4 octets. All of the information originally contained

in the packet is retained.

D-link DES-3028, DES-3028G, DES-3052P, DES-3052, DES-3028P User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Table of Contents

Preface

Intended Readers

Typographical Conventions

Bold font

Notes, Notices, and Cautions

Safety Instructions

Safety Cautions

General Precautions for Rack-Mountable Products

Protecting Against Electrostatic Discharge

DES-3028/28P/28G/52/52P

Features

Ports

LED Indicators

Front-Panel Description

DES-3028/DES-3028P

DES-3052P/DES-3052

DES-3028G

Rear Panel Description

Side Panel Description

Gigabit Combo Ports

Installing the SFP ports

Package Contents

Before You Connect to the Network

Installing the Switch without the Rack

Installing the Switch in a Rack

Mounting the Switch in a Standard 19" Rack

Power on AC Power

Power Failure

Switch to End Node

Switch to Hub or Switch

Management Options

Web-based Management Interface

SNMP-Based Management

Connecting the Console Port (RS-232 DCE)

First Time Connecting to the Switch

Password Protection

SNMP Settings

Traps

MIBs

IP Address Assignment

Introduction

Login to Web Manager

Web-based User Interface

Areas of the User Interface

Web Pages

Device Information

IP Address

Setting the Swith’s IP Address using the Console Interface

Port Configuration

Port Settings

Port Description

Port Error Disabled

DHCP/BOOTP Relay

DHCP/BOOTP Relay Global Settings

The Implementation of DHCP Information Option 82 in the DES-3028/28P/28G/52/52P switches

DHCP/BOOTP Relay Interface Settings

DHCP Local Relay Settings

User Accounts

Cable Diagnostics

Port Mirroring

System Log Settings

Log Settings

SNTP Settings

Time Settings

Time Zone and DST

MAC Notification Settings

TFTP Services

Multiple Image Services

Firmware Information

Config Firmware Image

Ping Test

Safeguard Engine

SNMP Manager

SNMP Settings

Traps