D-Link DES-3200 User Manual

User Manual
Product Model:
Layer 2 Managed Ethernet Switch
DES-3200 Series
®
_________________________________________________________________________________
Information in this document is subject to change without notice.
© 2010 D-Link Corporation. All rights reserved.
Reproduction in any manner whatsoever without the written permission of D-Link Corporation is strictly forbidden.
Trademarks used in this text: D-Link and the D-LINK logo are trademarks of D-Link Corporation; Microsoft and Windows are registered trademarks of Microsoft Corporation.
Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. D-Link Corporation disclaims any proprietary interest in trademarks and trade names other than its own.
April 2010 P/N
651ES3200025G
.
®
xStack
DES-3200 Series Layer 2 Ethernet Managed Switch User Manual

Table of Contents

Intended Readers
.......................................................................................................................................................viii
Typographical Conventions ........................................................................................................................................viii
Notes, Notices, and Cautions .....................................................................................................................................viii
Web-based Switch Configuration.................................................................................................9
Introduction ................................................................................................................................................................... 9
Login to Web Manager............................................................................................................................................................... 9
Web-based User Interface ....................................................................................................................................................... 10
Web Pages .............................................................................................................................................................................. 11
Configuration ...............................................................................................................................12
Device Information...................................................................................................................................................... 13
System Information..................................................................................................................................................... 13
Serial Port Settings .....................................................................................................................................................14
IP Address Settings .................................................................................................................................................... 15
IPv6 Address Settings ................................................................................................................................................17
IPv6 Route Settings ....................................................................................................................................................18
IPv6 Neighbor Settings ............................................................................................................................................... 18
Port Configuration....................................................................................................................................................... 19
Port Settings ............................................................................................................................................................................ 19
Port Description Settings ......................................................................................................................................................... 21
Port Error Disabled .................................................................................................................................................................. 21
Static ARP Settings ....................................................................................................................................................22
User Accounts ............................................................................................................................................................23
System Log Configuration .......................................................................................................................................... 24
System Log Settings ................................................................................................................................................................ 24
System Log Server .................................................................................................................................................................. 24
DHCP Relay ...............................................................................................................................................................26
DHCP Relay Global Settings ................................................................................................................................................... 26
DHCP Relay Interface Settings................................................................................................................................................ 29
DHCP Local Relay Settings ..................................................................................................................................................... 29
DHCP Auto Configuration Settings............................................................................................................................. 30
MAC Address Aging Time .......................................................................................................................................... 30
Web Settings ..............................................................................................................................................................31
Telnet Settings............................................................................................................................................................ 31
Password Encryption ..................................................................................................................................................31
CLI Paging Settings ....................................................................................................................................................32
Firmware Information.................................................................................................................................................. 33
SNTP Settings ............................................................................................................................................................ 34
Time Settings ........................................................................................................................................................................... 34
Time Zone Settings.................................................................................................................................................................. 35
ii
xStack
®
DES-3200 Series Layer 2 Ethernet Managed Switch User Manual
SMTP Settings............................................................................................................................................................ 37
SMTP Service Settings ............................................................................................................................................................ 37
SMTP Service .......................................................................................................................................................................... 38
MAC Notification Settings ........................................................................................................................................... 38
MAC Notification Global Settings ............................................................................................................................................. 38
MAC Notification Port Settings................................................................................................................................................. 38
SNMP Settings ...........................................................................................................................................................39
SNMP View Table.................................................................................................................................................................... 40
SNMP Group Table.................................................................................................................................................................. 41
SNMP User Table .................................................................................................................................................................... 42
SNMP Community Table.......................................................................................................................................................... 43
SNMP Host Table .................................................................................................................................................................... 44
SNMP Trap Configuration ........................................................................................................................................................ 45
RMON...................................................................................................................................................................................... 45
Time Range Settings .................................................................................................................................................. 46
Single IP Management ............................................................................................................................................... 46
Single IP Settings..................................................................................................................................................................... 48
Topology .................................................................................................................................................................................. 49
Tool Tips .................................................................................................................................................................................. 51
Right-Click................................................................................................................................................................................ 52
Menu Bar ................................................................................................................................................................................. 54
Firmware Upgrade ................................................................................................................................................................... 55
Configuration File Backup/Restore .......................................................................................................................................... 55
Upload Log File........................................................................................................................................................................ 56
Gratuitous ARP........................................................................................................................................................... 56
Gratuitous ARP Global Settings............................................................................................................................................... 56
Gratuitous ARP Settings .......................................................................................................................................................... 57
ARP Spoofing Prevention Settings............................................................................................................................. 58
PPPoE Circuit ID Insertion Settings ...........................................................................................................................59
L2 Features...................................................................................................................................60
Jumbo Frame.............................................................................................................................................................. 60
VLANs......................................................................................................................................................................... 61
Understanding IEEE 802.1p Priority ........................................................................................................................................ 61
VLAN Description..................................................................................................................................................................... 61
IEEE 802.1Q VLANs................................................................................................................................................................ 62
Q-in-Q VLANs .......................................................................................................................................................................... 65
802.1Q Static VLAN................................................................................................................................................................. 67
Q-in-Q ......................................................................................................................................................................... 70
Q-in-Q Settings ........................................................................................................................................................................ 71
VLAN Translation Settings ....................................................................................................................................................... 72
802.1v Protocol VLAN ................................................................................................................................................72
802.1v Protocol Group Settings ............................................................................................................................................... 72
802.1v Protocol VLAN Settings................................................................................................................................................ 74
iii
xStack
®
DES-3200 Series Layer 2 Ethernet Managed Switch User Manual
VLAN Trunk
Settings .................................................................................................................................................. 75
GVRP Settings............................................................................................................................................................ 76
Asymmetric VLAN Settings......................................................................................................................................... 77
MAC-based VLAN Settings ........................................................................................................................................77
PVID Auto Assign Settings ......................................................................................................................................... 78
Port Trunking .............................................................................................................................................................. 78
LACP Port Settings..................................................................................................................................................... 80
Traffic Segmentation................................................................................................................................................... 81
Layer 2 Protocol Tunneling Settings........................................................................................................................... 82
BPDU Attack Protection Settings ...............................................................................................................................83
IGMP Snooping ..........................................................................................................................................................84
IGMP Snooping Settings.......................................................................................................................................................... 84
IGMP Access Control Settings................................................................................................................................................. 86
IGMP Snooping Multicast VLAN Settings ................................................................................................................................ 87
IP Multicast Profile Settings ..................................................................................................................................................... 88
Limited Multicast Range Settings............................................................................................................................................. 90
Max Multicast Group Settings .................................................................................................................................................. 90
MLD Snooping Settings .............................................................................................................................................. 91
Port Mirror................................................................................................................................................................... 94
Loopback Detection Settings...................................................................................................................................... 94
Spanning Tree ............................................................................................................................................................ 96
STP Bridge Global Settings ..................................................................................................................................................... 98
STP Port Settings .................................................................................................................................................................... 99
MST Configuration Identification ............................................................................................................................................ 101
STP Instance Settings ........................................................................................................................................................... 102
MSTP Port Information .......................................................................................................................................................... 103
Forwarding & Filtering............................................................................................................................................... 103
Unicast Forwarding Settings .................................................................................................................................................. 103
Multicast Forwarding Settings ................................................................................................................................................ 104
Multicast Filtering Mode ......................................................................................................................................................... 105
NLB Settings............................................................................................................................................................. 106
LLDP ......................................................................................................................................................................... 106
LLDP Global Settings............................................................................................................................................................. 107
LLDP Port Settings ................................................................................................................................................................ 108
LLDP Basic TLVs Settings ..................................................................................................................................................... 109
LLDP Dot1 TLVs Settings ...................................................................................................................................................... 110
LLDP Dot3 TLVs Settings ...................................................................................................................................................... 111
Ethernet OAM ...........................................................................................................................................................112
Ethernet OAM Port Settings................................................................................................................................................... 112
Ethernet OAM Event Configuration........................................................................................................................................ 113
Connectivity Fault Management (CFM).................................................................................................................... 114
CFM Settings ......................................................................................................................................................................... 116
CFM MA Settings................................................................................................................................................................... 117
iv
®
xStack
CFM MEP Settings ................................................................................................................................................................ 118
CFM Port Settings.................................................................................................................................................................. 120
CFM Loopback Settings......................................................................................................................................................... 121
CFM Linktrace Settings.......................................................................................................................................................... 122
DES-3200 Series Layer 2 Ethernet Managed Switch User Manual
ERPS Settings ..........................................................................................................................................................123
QoS .............................................................................................................................................125
Advantages of QoS................................................................................................................................................................ 125
Understanding QoS ............................................................................................................................................................... 126
Bandwidth Control ....................................................................................................................................................127
Traffic Control ........................................................................................................................................................... 128
Queue Bandwidth Control Settings ..........................................................................................................................130
802.1p Default Priority .............................................................................................................................................. 131
802.1p User Priority ..................................................................................................................................................131
QoS Scheduling Settings..........................................................................................................................................132
Priority Mapping........................................................................................................................................................133
TOS Mapping............................................................................................................................................................ 134
DSCP Mapping .........................................................................................................................................................135
Security.......................................................................................................................................136
Safeguard Engine .....................................................................................................................................................136
Trusted Host ............................................................................................................................................................. 138
IP-MAC-Port Binding ................................................................................................................................................138
IMP Binding Global Settings .................................................................................................................................................. 139
IMP Binding Port Settings ...................................................................................................................................................... 140
IMP Binding Entry Settings .................................................................................................................................................... 141
DHCP Snooping Entries ........................................................................................................................................................ 142
MAC Block List....................................................................................................................................................................... 142
Port Security ............................................................................................................................................................. 142
Port Security Port Settings..................................................................................................................................................... 142
Port Security FDB Entries ...................................................................................................................................................... 144
802.1X.......................................................................................................................................................................144
Understanding 802.1X Port-based and Host-based Network Access Control ....................................................................... 147
Port-based Network Access Control ...................................................................................................................................... 147
Host-based Network Access Control ..................................................................................................................................... 148
802.1X Settings...................................................................................................................................................................... 149
802.1X User ........................................................................................................................................................................... 150
Authentication RADIUS Server .............................................................................................................................................. 151
Guest VLAN Configuration..................................................................................................................................................... 152
Guest VLAN ........................................................................................................................................................................... 153
Initialize Port(s) ...................................................................................................................................................................... 153
Reauthenticate Port(s) ........................................................................................................................................................... 154
SSL Settings .............................................................................................................................................................155
Download Certificate.............................................................................................................................................................. 156
Ciphersuite............................................................................................................................................................................. 156
v
xStack
®
DES-3200 Series Layer 2 Ethernet Managed Switch User Manual
SSH........................................................................................................................................................................... 157
SSH Settings.......................................................................................................................................................................... 158
SSH Authmode and Algorithm Settings ................................................................................................................................. 158
SSH User Authentication Lists ............................................................................................................................................... 160
Access Authentication Control.................................................................................................................................. 161
Authentication Policy Settings................................................................................................................................................ 162
Application Authentication Settings........................................................................................................................................ 162
Authentication Server Group.................................................................................................................................................. 163
Authentication Server............................................................................................................................................................. 164
Login Method Lists................................................................................................................................................................. 165
Enable Method Lists .............................................................................................................................................................. 166
Local Enable Password Settings............................................................................................................................................ 167
MAC-based Access Control...................................................................................................................................... 168
MAC-based Access Control Settings ..................................................................................................................................... 168
MAC-based Access Control Local Settings ........................................................................................................................... 170
DoS Prevention Settings...........................................................................................................................................171
DHCP Server Screening Settings............................................................................................................................. 172
DHCP Server Screening Port Settings................................................................................................................................... 172
DHCP Offer Permit Entry Setting ........................................................................................................................................... 174
ACL .............................................................................................................................................175
ACL Configuration Wizard ........................................................................................................................................ 175
Access Profile List ....................................................................................................................................................176
CPU Interface Filtering .............................................................................................................................................193
CPU Access Profile List............................................................................................................................................ 193
ACL Finder................................................................................................................................................................ 207
ACL Flow Meter ........................................................................................................................................................207
Monitoring ..................................................................................................................................209
Cable Diagnostics..................................................................................................................................................... 209
CPU Utilization.......................................................................................................................................................... 210
Port Utilization........................................................................................................................................................... 211
Packet Size............................................................................................................................................................... 212
Memory Utilization .................................................................................................................................................... 213
Packets .....................................................................................................................................................................214
Received (Rx) ........................................................................................................................................................................ 214
UMB_cast (Rx)....................................................................................................................................................................... 216
Transmitted (Tx)..................................................................................................................................................................... 217
Errors ........................................................................................................................................................................ 219
Received (RX)........................................................................................................................................................................ 219
Transmitted (TX) .................................................................................................................................................................... 221
Port Access Control ..................................................................................................................................................223
RADIUS Authentication.......................................................................................................................................................... 223
RADIUS Account Client ......................................................................................................................................................... 225
Authenticator State ................................................................................................................................................................ 227
vi
®
xStack
Authenticator Statistics .......................................................................................................................................................... 228
Authenticator Diagnostics ...................................................................................................................................................... 232
DES-3200 Series Layer 2 Ethernet Managed Switch User Manual
Browse ARP Table ...................................................................................................................................................234
Browse VLAN ...........................................................................................................................................................234
IGMP Snooping ........................................................................................................................................................234
Browse IGMP Router Port...................................................................................................................................................... 234
IGMP Snooping Group........................................................................................................................................................... 235
IGMP Snooping Host ............................................................................................................................................................. 236
MLD Snooping ..........................................................................................................................................................236
Browse MLD Router Port ....................................................................................................................................................... 236
MLD Snooping Group ............................................................................................................................................................ 237
LLDP ......................................................................................................................................................................... 237
LLDP Statistics System.......................................................................................................................................................... 237
LLDP Local Port Information.................................................................................................................................................. 238
LLDP Remote Port Information .............................................................................................................................................. 238
Ethernet OAM ...........................................................................................................................................................239
Browse Ethernet OAM Event Log .......................................................................................................................................... 239
Browse Ethernet OAM Statistics............................................................................................................................................ 239
Connectivity Fault Management ...............................................................................................................................240
CFM Fault Table .................................................................................................................................................................... 240
CFM MP Table....................................................................................................................................................................... 240
CFM Packet Counter ............................................................................................................................................................. 241
CFM MIPCCM Table.............................................................................................................................................................. 241
MAC-based Access Control Authentication State ....................................................................................................242
Browse Session Table ..............................................................................................................................................242
MAC Address Table.................................................................................................................................................. 243
System Log............................................................................................................................................................... 244
Save and Tools...........................................................................................................................245
Save Configuration ................................................................................................................................................... 245
Save Log................................................................................................................................................................... 246
Save All.....................................................................................................................................................................246
Configuration File Upload & Download..................................................................................................................... 246
Upload Log File......................................................................................................................................................... 247
Reset......................................................................................................................................................................... 247
Ping Test................................................................................................................................................................... 248
Download Firmware..................................................................................................................................................249
Reboot System ......................................................................................................................................................... 249
Appendix A Technical Specification........................................................................................250
Appendix B System Log Entries
...............................................................................................253
Appendix C RADIUS Attributes Assignment...........................................................................268
Appendix D Glossary.................................................................................................................271
vii
®
xStack
DES-3200 Series Layer 2 Ethernet Managed Switch User Manual

Intended Readers

The DES-3200 Series User Manual contains information for setup and management of the Switch. This manual is
intended for network managers familiar with network management concepts and terminology.

Typographical Conventions

Convention Description
[ ] In a command line, square brackets indicate an optional entry. For example: [copy
filename] means that optionally you can type copy followed by the name of the file. Do not type the brackets.
Bold font
Boldface Typewriter Font
Initial capital letter Indicates a window name. Names of keys on the keyboard have initial capitals. For
Italics Indicates a window name or a field. Also can indicate a variables or parameter that is
Menu Name > Menu Option
Indicates a button, a toolbar icon, menu, or menu item. For example: Open the File menu and choose Cancel. Used for emphasis. May also indicate system messages or prompts
appearing on your screen. For example: You have mail. Bold font is also used to represent filenames, program names and commands. For example: use the copy command.
Indicates commands and responses to prompts that must be typed exactly as printed in the manual.
example: Click Enter.
replaced with an appropriate word or string. For example: type filename means that you should type the actual filename instead of the word shown in italic.
Menu Name > Menu Option Indicates the menu structure. Device > Port > Port Properties means the Port Properties menu option under the Port menu option that is
located under the Device menu.

Notes, Notices, and Cautions

A NOTE indicates important information that helps you make better use of your device.
A NOTICE indicates either potential damage to hardware or loss of data and tells you
how to avoid the problem.
A CAUTION indicates a potential for property damage, personal injury, or death.
viii
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
Section 1
Web-based Switch Configuration
Introduction Login to Web Manager Web-based User Interface Web Pages

Introduction

All software functions of the Switch can be managed, configured and monitored via the embedded web-based (HTML) interface. The Switch can be managed from remote stations anywhere on the network through a standard browser such as Firefox, Microsoft Internet Explorer, Mozilla, or Netscape. The browser acts as a universal access tool and can communicate directly with the Switch using the HTTP protocol.
The Web-based management module and the Console program (and Telnet) are different ways to access the same internal switching software and configure it. Thus, all settings encountered in Web-based management are the same as those found in the console program.

Login to Web Manager

To begin managing the Switch, simply run the browser you have installed on your computer and point it to the IP address you have defined for the device. The URL in the address bar should read something like: http://123.123.123.123, where the numbers 123 represent the IP address of the Switch.
NOTE: The Factory default IP address for the Switch is 10.90.90.90.
This opens the management module's user authentication window, as seen below.
Figure 1 - 1 Enter Network Password dialog
Enter “admin” in both the User Name and Password fields and click OK. This will open the Web-based user interface.
The Switch management features available in the web-based manager are explained below.
9
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual

Web-based User Interface

The user interface provides access to various Switch configuration and management windows, allows you to view performance statistics, and permits you to graphically monitor the system status.

Areas of the User Interface

The figure below shows the user interface. The user interface is divided into three distinct areas as described in the table.
Area 1
Area Function
Area 1
Area 2
Select the folder or window to be displayed. The folder icons can be opened to display the hyperlinked window buttons and subfolders contained within them. Click the D-Link logo to go to the D-Link website.
Presents a graphical near real-time image of the front panel of the Switch. This area displays the Switch's ports and expansion modules, showing port activity, duplex mode, or flow control, depending on the specified mode.
Figure 1 - 2 Main Web-Manager page
Area 3
Various areas of the graphic can be selected for performing management functions, including port configuration.
Presents switch information based on your selection and the entry of configuration data.
NOTICE: Any changes made to the Switch configuration during the current session must be saved in the Save Configuration window (Save > Save Configuration) or use the command line interface (CLI) command save config.
10
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual

Web Pages

When you connect to the management mode of the Switch with a Web browser, a login window is displayed. Enter a user name and password to access the Switch's management mode.
Below is a list and description of the main folders available in the Web interface:
Configuration – Contains main windows concerning Device Information, System Information, Serial Port Settings, IP
Address, IPv6 Interface Settings, IPv6 Route Settings, IPv6 Neighbor Settings, Port Configuration, Static ARP Settings, User Accounts, System Log Configuration, DHCP Relay, DHCP Auto Configuration Settings, MAC Address Aging Time, Web Settings, Telnet Settings, Password Encryption, CLI Paging Settings, Firmware Information, SNTP Settings, SMTP Settings, MAC Notification Settings, SNMP Settings, Time Range Settings, Single IP Management, Gratuitous ARP, ARP Spoofing Prevention Settings and PPPoE Circuit ID Insertion Settings.
L2 Features – Contains main windows concerning Jumbo Frame, 802.1Q Static VLAN, Q-in-Q, 802.1v Protocol
VLAN, VLAN Trunk Settings, GVRP Settings, Asymmetric VLAN Settings, MAC-based VLAN Settings, PVID Auto Assign Settings, Port Trunking, LACP Port Settings, Traffic Segmentation, L2PT Settings, IGMP Snooping, MLD Snooping Settings, Port Mirror, Loopback Detection Settings, Spanning Tree, Forwarding & Filtering, NLB Settings, LLDP, Ethernet OAM, Connectivity Failure Management, and ERPS Settings.
QoS – Contains main windows concerning Bandwidth Control, Queue Bandwidth Control Settings, Traffic Control,
Queue Bandwidth Control Settings, 802.1P Default Priority, 802.1P User Priority, QoS Scheduling Settings, Priority Mapping, TOS Mapping, and DSCP Mapping.
Security – Contains main windows concerning Safeguard Engine, Trusted Host, IP-MAC-Port Binding, Port Security,
802.1X, SSL Settings, SSH, Access Authentication Control, MAC-based Access Control, DoS Prevention Settings and DHCP Server Screening.
ACL – Contains main windows concerning ACL Configuration Wizard, Access Profile List, CPU Access Profile List,
ACL Finder, and ACL Flow Meter.
Monitoring – Contains main windows concerning Cable Diagnostics, CPU Utilization, Port Utilization, Packet Size,
Memory Utilization, Packets, Errors, Port Access Control, Browse ARP Table, Browse VLAN, IGMP Snooping, MLD Snooping, LLDP, Connectivity Failure Management, MAC-based Access Control Authentication State, Browse Session Table, MAC Address Table, and System Log.
Save & Tools – Contains main windows concerning Save Configuration, Save Log, Save All, Configuration File
Upload & Download, Upload Log File, Reset, Ping Test, Download Firmware, and Reboot System.
NOTE: Be sure to configure the user name and password in the User Accounts window (Configuration > User Accounts) before connecting
the Switch to the greater network.
11
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
Configuration
Device Information System Information Serial Port Settings IP Address Settings IPv6 Interface Settings IPv6 Route Settings IPv6 Neighbor Settings Port Configuration Static ARP Settings User Accounts System Log Configuration
Section 2
DHCP Relay DHCP Auto Configuration Settings MAC Address Aging Time Web Settings Telnet Settings Password Encryption CLI Paging Settings Firmware Information SNTP Settings SMTP Settings MAC Notification Settings SNMP Settings Time Range Settings Single IP Management Gratuitous ARP ARP Spoofing Prevention Settings PPPoE Circuit ID Insertion Settings
12
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual

Device Information

This window contains the main settings for all major functions on the Switch and appears automatically when you log on. To return to the Device Information window, click the DES-3200 Series folder. The Device Information window shows the Switch’s MAC Address (assigned by the factory and unchangeable), the Boot PROM Version, Firmware
Version, the Hardware Version, and other information about different settings on the Switch. This information is helpful to keep track of PROM and firmware updates and to obtain the Switch's MAC address for entry into another network device's address table, if necessary. In addition, this window displays the status of functions on the Switch to quickly assess their current global status. Some functions are hyper-linked to their configuration window for easy access from
the Device Information window.
Figure 2 - 1. Device Information window

System Information

This window contains the System Information details. The user may enter a System Name, System Location and
System Contact to aid in defining the Switch, to the user's preference. This window displays the MAC Address, Firmware Version and Hardware Version.
Click Configuration > System Information to display the following window:
Figure 2 - 2. System Information window
The fields that can be configured are described below:
Parameter Description System Name Enter a system name for the Switch, if so desired. This name will identify it in the Switch
network.
System Location System Contact
Click Apply to implement changes made.
Enter the location of the Switch, if so desired.
Enter a contact name for the Switch, if so desired.
13
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual

Serial Port Settings

The following window allows the Baud Rate and the Auto Logout to be changed as well as containing information about the Serial Port Settings.
Click Configuration > Serial Port Settings to display this window:
Figure 2 - 3. Serial Port Settings window
Parameter Description Baud Rate This field specifies the baud rate for the serial port on the Switch. There are four possible
baud rates to choose from, 9600, 19200, 38400 and 115200. For a connection to the Switch using the CLI interface, the baud rate must be set to 9600, which is the default setting.
Auto Logout Select the logout time used for the console interface. This automatically logs the user out after
an idle period of time, as defined. Choose from the following options: 2 Minutes, 5 Minutes, 10 Minutes, 15 Minutes or Never. The default setting is 10 minutes.
Click Apply to implement changes made.
NOTE: If a user configures the serial port’s baud rate, the baud rate will take effect and save
immediately.
14
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual

IP Address Settings

The IP address may initially be set using the console interface prior to connecting to it through the Ethernet. If the
Switch IP address has not yet been changed, read the introduction of the DES-3200 Series CLI Reference Manual for
more information.
Click Configuration > IP Address Settings to display the following window:
Figure 2 - 4. IP Address Settings window
To manually assign the Switch's IP address, subnet mask, and default gateway address:
1. Click Static at the top of the window.
2. Enter the appropriate IPv4 Address and Subnet Mask.
3. To access the Switch from a different subnet from the one it is installed on, enter the IP address of the Gateway. If the Switch will be managed from the subnet on which it is installed, leave the default address (0.0.0.0) in this field.
4. If no VLANs have been previously configured on the Switch, you can use the default Management VLAN Name. The default VLAN contains all of the Switch ports as members. If VLANs have been previously
configured on the Switch, the Management VLAN Name of the VLAN that contains the port connected to the management station will have to be entered to access the Switch.
5. Use the drop-down Interface Admin State menu to select Enabled if it has not already been done.
NOTE: The Switch's factory default IP address is 10.90.90.90 with a
subnet mask of 255.0.0.0 and a default gateway of 0.0.0.0.
To use the BOOTP or DHCP protocols to assign the Switch an IP address, subnet mask, and default gateway
address, select either BOOTP or DHCP.
15
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
The IP Address Settings options are:
Parameter Description
Static
DHCP
BOOTP
IP Interface
Management VLAN Name
Interface Admin State
Allows the entry of an IPv4 address, Subnet Mask, and a Default Gateway for the Switch. These fields should be of the form xxx.xxx.xxx.xxx, where each xxx is a number (represented in decimal form) between 0 and 255. This address should be a unique address on the network assigned for use by the network administrator.
The Switch will send out a DHCP broadcast request when it is powered up. The DHCP protocol allows IP addresses, network masks, and default gateways to be assigned by a DHCP server. If this option is set, the Switch will first look for a DHCP server to provide it with this information before using the default or previously entered settings.
The Switch will send out a BOOTP broadcast request when it is powered up. The BOOTP protocol allows IP addresses, network masks, and default gateways to be assigned by a central BOOTP server. If this option is set, the Switch will first look for a BOOTP server to provide it with this information before using the default or previously entered settings.
The current IP Interface being assigned an IP address on this window.
This allows the entry of a VLAN Name from which a management station will be allowed to manage the Switch using TCP/IP (in-band via web manager or Telnet). Management stations that are on VLANs other than the one entered here will not be able to manage the Switch in-band
unless their IP addresses are entered in the Security IP Management window. If VLANs have
not yet been configured for the Switch, the default VLAN contains all of the Switch's ports. There are no entries in the Security IP Management table, by default, so any management station that can connect to the Switch can access the Switch until a management VLAN is specified or Management Station IP Addresses are assigned.
Toggle between Enabled and Disabled. This must be set to Enabled when setting an IP address
on this window.
IPv4 Address
Subnet Mask
Enter the desired IPv4 address to be set. The default address is 10.90.90.90.
A Bitmask that determines the extent of the subnet that the Switch is on. Should be of the form xxx.xxx.xxx.xxx, where each xxx is a number (represented in decimal) between 0 and 255. The value should be 255.0.0.0 for a Class A network, 255.255.0.0 for a Class B network, and
255.255.255.0 for a Class C network, but custom subnet masks are allowed.
Gateway
IP address that determines where packets with a destination address outside the current subnet should be sent. This is usually the address of a router or a host acting as an IP gateway. If your network is not part of an intranet, or you do not want the Switch to be accessible outside your local network, you can leave this field unchanged.
DHCP Option 12
Use to enable or disable DHCP Option 12.
State
DHCP Option 12
Type the name of the host used for Option 12. Up to 63 characters are allowed.
Host Name
Click Apply to allow changes to take effect.
16
xStack
®
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual

IPv6 Address Settings

Users can display the Switch’s current IPv6 interface settings.
To view the following window, click Configuration > IPv6 Interface Settings:
Figure 2 - 5. IPv6 Interface Settings window
To configure IPv6 interface settings, enter an IPv6 Address and click Apply. The new entry will appear in the table at
the bottom of the window.
After making the desired changes, click the Apply button.
The following parameters may be configured or viewed:
17
®
xStack
Parameter Description
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
Interface Name VLAN Name Admin. State IPv6 Address Automatic Link
Local Address NS Retransmit
Time (0-
4294967295)
The name of the IPv6 interface being displayed or modified.
Display the VLAN name of the IPv6 interface.
Display the current administrator state.
Enter the IPv6 address of the interface to be modified.
Toggle between Enabled and Disabled. Enabling this is helpful when no external source of network
addressing information is available.
Enter a value between 0 and 4294967295. This is the neighbor solicitation’s retransmit timer in
milliseconds. The default is zero.

IPv6 Route Settings

The user can configure the Switch’s IPv6 Route Table.
To view the following window, click Configuration > IPv6 Route Settings:
Figure 2 - 6. IPv6 Route Settings window
Enter an IP Interface, an IPv6 address in the Default Gateway field and then click the Create button. In addition, the Metric can be entered between 1 and 65535. The new IPv6 route will be displayed in the table at the bottom of the
window.

IPv6 Neighbor Settings

The user can configure the Switch’s IPv6 neighbor settings. The Switch’s current IPv6 neighbor settings will be displayed in the table at the bottom of this window.
To view the following window, click Configuration > IPv6 Neighbor Settings:
Figure 2 - 7. IPv6 Neighbor Settings window
Enter the Interface Name, Neighbor IPv6 Address, and the Link Layer MAC Address and then click the Add button. To look for an IPv6 Neighbor Settings table entry, enter the Interface Name, select the desired State (All, Address,
Static, or Dynamic) in the middle section of this window, and then click the Find button. To delete all the entries being displayed on the table at the bottom of this window, click the Clear button.
18
®
xStack
The following parameters may be configured or viewed:
Parameter Description
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
Interface Name
Neighbor IPv6 Address
Link Layer MAC Address
State
Enter the name of the IPv6 neighbor. To search for all the current interfaces on the Switch, go to the second Interface Name field in the middle part of the window, tick the All check box, and then
click the Find button.
Enter the neighbor IPv6 address.
Enter the link layer MAC address.
Use the drop-down menu to select All, Address, Static, or Dynamic.

Port Configuration

This section contains information for configuring various attributes and properties for individual physical ports, including port speed and flow control.

Port Settings

Various port settings, including State, Speed/Duplex, Flow Control, Address Learning, Medium Type, and MDIX can be configured on the Switch.
To view the following window, click Configuration > Port Configuration > Port Settings:
Figure 2 - 8. Port Settings window
To configure switch ports, choose the port or sequential range of ports using the From Port and To Port pull-down menus. Use the remaining pull-down menus to configure the parameters described below:
19
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
Parameter Description
From Port/To Port
State Speed/Duplex
Flow Control
Use the pull-down menus to select the port or range of ports to be configured.
Toggle this field to either enable or disable a given port or group of ports.
Toggle the Speed/Duplex field to either select the speed and duplex/half-duplex state of the port.
Auto denotes auto-negotiation between 10 and 100 Mbps devices, in full- or half-duplex. The Auto setting allows the port to automatically determine the fastest settings the device the port is connected to can handle, and then to use those settings. The other options are Auto, 10M Half, 10M Full, 100M Half and 100M Full, 1000M Full_Master, 1000M Full_Slave and 1000M Full.
There is no automatic adjustment of port settings with any option other than Auto. The Switch allows the user to configure two types of gigabit connections; 1000M/Full_M and
1000M/Full_S. Gigabit connections only support full duplex connections and take on certain
characteristics that are different from the other choices listed.
The 1000M Full_Master and 1000M Full_Slave parameters refer to connections running a
1000BASE-T cable for connection between the Switch port and other device capable of a gigabit
connection. The master setting (1000M Full_Master) will allow the port to advertise capabilities related to duplex, speed and physical layer type. The master setting will also determine the
master and slave relationship between the two connected physical layers. This relationship is necessary for establishing the timing control between the two physical layers. The timing control
is set on a master physical layer by a local source. The slave setting (1000M Full_Slave) uses
loop timing, where the timing comes from a data stream received from the master. If one
connection is set for 1000M Full_Master, the other side of the connection must be set for 1000M Full_Slave. Any other configuration will result in a link down status for both ports.
Displays the flow control scheme used for the various port configurations. Ports configured for
full-duplex use 802.3x flow control, half-duplex ports use backpressure flow control, and Auto ports use an automatic selection of the two. The default is Disabled.
Address Learning
Medium Type
When Enabled, destination and source MAC addresses are automatically listed in the forwarding table. The default setting is Enabled.
This applies only to the Combo ports. If configuring the Combo ports this defines the type of
transport medium used. SFP ports should be set at Fiber and the Combo 1000BASE-T ports should be set at Copper.
MDIX
This can be specified as Auto, Normal, or Cross. In Normal state, the port is in MDIX mode and can be connected to a PC NIC using a straight cable. If it is in Cross state, the port is in MDI
mode, and can be connected to a port (in MDIX mode) on another switch through a straight cable.
Click Apply to implement the new settings on the Switch.
20
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual

Port Description Settings

The Switch supports a port description feature where the user may name various ports on the Switch.
To view the following window, click Configuration > Port Configuration > Port Description Settings:
Figure 2 - 9. Port Description Settings window
Use the From Port and To Port pull-down menus to choose a port or range of ports to describe, and then enter a description of the port(s).
The Medium Type applies only to the Combo ports. If configuring the Combo ports this defines the type of transport
medium used. SFP ports should be nominated Fiber and the Combo 1000BASE-T ports should be nominated Copper.
The result will be displayed in the appropriate switch port number slot (C for copper ports and F for fiber ports).
The following parameters can be configured:
Parameter Description
From Port/To Port
Medium Type
Description
Click Apply to implement the new settings on the Switch.
Use the pull-down menus to select the port or range of ports to be configured.
This only applies to the Combo ports. If configuring the Combo ports, this defines the type of
transport medium used. SFP ports should be set at Fiber and the Combo 1000BASE-T ports should be set at Copper.
The description of the the ports.

Port Error Disabled

The following window will display information about ports that have had their connection status disabled for reasons such as STP loopback detection or link down status.
To view this window, click Configuration > Port Configuration > Port Error Disabled:
21
®
xStack
The following parameters are displayed:
Parameter Description
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
Figure 2 - 10. Port Error Disabled window
Port Port State Connection Status Reason
Displays the port that has been error disabled.
Describes the current running state of the port, whether Enabled or Disabled.
This field will read the uplink status of the individual ports, whether Enabled or Disabled.
Describes the reason why the port has been error-disabled, such as a STP loopback occurrence.

Static ARP Settings

The Address Resolution Protocol (ARP) is a TCP/IP protocol that converts IP addresses into physical addresses. This table allows network managers to view, define, modify and delete ARP information for specific devices. Static entries can be defined in the ARP Table. When static entries are defined, a permanent entry is entered and is used to translate IP address to MAC addresses.
To view this window, click Configuration > Static ARP Settings
Figure 2 - 11. Static ARP Settings window
The following fields can be set:
Parameter Description ARP Aging Time
(0-65535)
IP Address
MAC Address
After entering the IP Address and MAC Address of the Static ARP entry, click Apply to implement the new entry. To completely clear the Static ARP Settings, click the Delete All button. To modify a static ARP entry, click the corresponding Edit button in the table. To delete a static ARP entry, click the corresponding Delete button in the table.
The user may globally set the maximum amount of time, in seconds, that an Address Resolution Protocol (ARP) entry can remain in the Switch’s ARP table, without being
accessed, before it is dropped from the table. The value may be set in the range of 0 to 65535 seconds, with a default setting of 20 seconds.
The IP address of the ARP entry.
The MAC address of the ARP entry.
NOTE: The Switch supports up to 255 static ARP entries.
22
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual

User Accounts

Use this window to control user privileges, create new users, and view existing User Accounts.
To view this window, click Configuration > User Accounts:
Figure 2 - 12. User Accounts window
The following fields can be set:
Parameter Description User Name
Password
Access Right
Confirm Password
To add a new user, enter the appropriate information and click Apply. To modify or delete an existing user, click on the Edit button for that user.
The name of the user, an alphanumeric string of up to 15 characters.
Enter a password for the new user.
There are two levels of user privileges, Admin and User. Some features and selections available to users with Admin privileges may not be available to those with User level privileges.
(Table 2 - 1 below summarizes Admin and User level privileges)
Retype the new password.
NOTICE: In case of lost passwords or password corruption, please refer to the “Password Recovery Procedure” Appendix in the DES-3200 Series CLI Reference Manual which will guide you through the steps necessary to resolve
this issue.

Admin and User Privileges

There are two levels of user privileges, Admin and User. Some menu selections available to users with Admin privileges may not be available to those with User privileges.
The following table summarizes the Admin and User privileges:
Management Admin User
Configuration Yes Read-only
Network Monitoring Yes Read-only
Community Strings and Trap Stations Yes Read-only
Update Firmware and Configuration Files Yes No
System Utilities Yes No
Factory Reset Yes No
23
®
xStack
User Account Management
Add/Update/Delete User Accounts Yes No
View User Accounts Yes No
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
Table 2 - 1. Admin and User Privileges

System Log Configuration

This section contains information for configuring various attributes and properties for System Log Configurations, including System Log Settings and System Log Host.

System Log Settings

This window allows the user to enable or disable the System Log and specify the System Log Save Mode Settings.
To configure the system log settings, click Configuration > System Log Configuration > System Log Settings
Figure 2 - 13. System Log Settings window
The following parameters can be set:
Parameter Description
System Log
Save Mode
min (1-65535)
To modify the system log settings on this window, enter the appropriate information and click Apply.
Use the radio buttons to either enable or disable the system log feature.
Use this drop-down menu to choose the method that will trigger a log entry. Choose among
On Demand, Time Interval, and Log Trigger.
Enter a time interval, in minutes, for which a log entry is to be made.

System Log Server

The Switch can send Syslog messages to up to four designated servers using the System Log Server.
To configure the system log settings, click Configuration > System Log Configuration > System Log Server:
The following parameters can be set:
Figure 2 - 14. System Log Server window
24
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
Parameter Description
Server ID
Severity
Server IP Address
Facility
Syslog server settings index (1-4).
This drop-down menu allows you to select the level of messages that will be sent. The options
are Warning, Informational, and All.
The IP address of the Syslog server.
Some of the operating system daemons and processes have been assigned Facility values. Processes and daemons that have not been explicitly assigned a Facility may use any of the "local use" facilities or they may use the "user-level" Facility. Those Facilities that have been
designated are shown in the following: Bold font indicates the facility values that the Switch is
currently employing.
Numerical Facility Code Numerical Facility Code
0 1 2 3 4 5
7 8
9 10 11
kernel messages user-level messages mail system system daemons security/authorization messages messages generated internally by
syslog line printer subsystem network news subsystem UUCP subsystem clock daemon security/authorization messages
FTP daemon
12 13 14 15
16 17 18 19 20 21 22 23
NTP subsystem log audit log alert clock daemon
local use 0 (local0) local use 1 (local1) local use 2 (local2) local use 3 (local3) local use 4 (local4) local use 5 (local5) local use 6 (local6) local use 7 (local7)
UDP Port
Type the UDP port number used for sending Syslog messages. The default is 514.
(514 or 6000-65535)
Status
Choose Enabled or Disabled to activate or deactivate.
To add a new entry, enter the appropriate information and click Apply.
25
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual

DHCP Relay

The relay hops count limit allows the maximum number of hops (routers) that the DHCP messages can be relayed through to be set. If a packet’s hop count is equal to or more than the hop count limit, the packet is dropped. The
range is between 1 and 16 hops, with a default value of 4. The relay time threshold sets the minimum time (in
seconds) that the Switch will wait before forwarding a BOOTREQUEST packet. If the value in the seconds field of the
packet is less than the relay time threshold, the packet will be dropped. The range is between 0 and 65,535 seconds, with a default value of 0 seconds.

DHCP Relay Global Settings

To enable and configure DHCP Relay Global Settings on the Switch, click Configuration > DHCP Relay > DHCP Relay Global Settings:
Figure 2 - 15. DHCP Relay Global Settings window
The following fields can be set:
Parameter Description
DHCP Relay State
DHCP Relay Hops Count Limit (1-16)
DHCP Relay Time Threshold (0-65535)
DHCP Relay Agent Information Option 82 State
This field can be toggled between Enabled and Disabled using the pull-down menu. It is used to enable or disable the DHCP Relay service on the Switch. The default is Disabled
This field allows an entry between 1 and 16 to define the maximum number of router hops DHCP messages can be forwarded across. The default hop count is 4.
Allows an entry between 0 and 65535 seconds, and defines the maximum time limit for
routing a DHCP packet. If a value of 0 is entered, the Switch will not process the value in the seconds field of the BOOTP or DHCP packet. If a non-zero value is entered, the Switch will use that value, along with the hop count to determine whether to forward a given BOOTP or DHCP packet.
This field can be toggled between Enabled and Disabled using the pull-down menu. It is
used to enable or disable the DHCP Agent Information Option 82 on the Switch. The default
is Disabled. Enabled – When this field is toggled to Enabled the relay agent will insert and remove
DHCP relay information (option 82 field) in messages between DHCP servers and clients. When the relay agent receives the DHCP request, it adds the option 82 information, and the IP address of the relay agent (if the relay agent is configured), to the packet. Once the option 82 information has been added to the packet it is sent on to the DHCP server. When the DHCP server receives the packet, if the server is capable of option 82, it can implement policies like restricting the number of IP addresses that can be assigned to a single remote ID or circuit ID. Then the DHCP server echoes the option 82 field in the DHCP reply. The DHCP server unicasts the reply to the back to the relay agent if the request was relayed to the server by the relay agent. The switch verifies that it originally inserted the option 82 data. Finally, the relay agent removes the option 82 field and forwards the packet to the switch port that connects to the DHCP client that sent the DHCP request.
Disabled - If the field is toggled to Disabled the relay agent will not insert and remove DHCP
relay information (option 82 field) in messages between DHCP servers and clients, and the
26
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
check and policy settings will have no effect.
DHCP Relay Agent Information Option 82 Check
DHCP Relay Agent Information Option 82 Policy
DHCP Relay Agent Information Option 82 Remote ID
This field can be toggled between Enabled and Disabled using the pull-down menu. It is
used to enable or disable the Switches ability to check the validity of the packet’s option 82 field.
Enabled – When the field is toggled to Enable, the relay agent will check the validity of the
packet’s option 82 field. If the switch receives a packet that contains the option-82 field from a DHCP client, the switch drops the packet because it is invalid. In packets received from DHCP servers, the relay agent will drop invalid messages.
Disabled - When the field is toggled to Disabled, the relay agent will not check the validity of
the packet’s option 82 field.
This field can be toggled between Replace, Drop, and Keep by using the pull-down menu.
It is used to set the Switches policy for handling packets when the DHCP Agent Information
Option 82 Check is set to Disabled. The default is Replace. Replace - The option 82 field will be replaced if the option 82 field already exists in the
packet received from the DHCP client.
Drop - The packet will be dropped if the option 82 field already exists in the packet received
from the DHCP client.
Keep -The option 82 field will be retained if the option 82 field already exists in the packet
received from the DHCP client.
This field is for you to enter the remote ID. Tick Default to use the Switch’s system MAC address as the remote ID.
Click Apply to implement any changes that have been made.
NOTE: If the Switch receives a packet that contains the option-82 field from a DHCP
client and the information-checking feature is enabled, the switch drops the packet because it is invalid. However, in some instances, you might configure a client with the option-82 field. In this situation, you should disable the information-check feature so that the switch does not remove the option-82 field from the packet. You can configure the action that the switch takes when it receives a packet with existing option-82 information by configuring the DHCP Agent Information Option 82 Policy.

The Implementation of DHCP Information Option 82 on the Switch

The config dhcp_relay option_82 command configures the DHCP relay agent information option 82 setting of the
switch. The formats for the circuit ID sub-option and the remote ID sub-option are as follows:
NOTE: For the circuit ID sub-option of a standalone switch, the module field is always
zero.
27
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual
Circuit ID sub-option format:
a. b. c. d. e. f. g.
1 6 0 4 VLAN Module Port
1 byte 1 byte 1 byte 1 byte 2 bytes 1 byte 1 byte
a. Sub-option type
b. Length
c. Circuit ID type
d. Length
e. VLAN: the incoming VLAN ID of DHCP client packet.
f. Module: For a standalone switch, the Module is always 0; for a stackable switch, the Module is the
Unit ID.
g. Port: The incoming port number of DHCP client packet, port number starts from 1.
Remote ID sub-option format: (default)
1. 2. 3. 4. 5.
2 8 0 6 MAC address
1 byte 1 byte 1 byte 1 byte 6 bytes
1. Sub-option type
2. Length
3. Remote ID type
4. Length
5. MAC address: The Switch’s system MAC address.
Remote ID sub-option format :( for user-configured string)
1. 2. 3. 4. 5.
2 N+2 1 N ASCII Remote ID String (up to 127 characters)
1 byte 1 byte 1 byte 1 byte N bytes
1. Sub-option type
2. Length
3. Remote ID type
4. Length
5. User configured Remote-ID
Figure 2 - 16. Circuit ID and Remote ID Sub-option Format
28
®
xStack
DES-3200-10/18/28/28F Layer 2 Ethernet Managed Switch User Manual

DHCP Relay Interface Settings

This window allows the user to set up a server, by IP address, for relaying DHCP/ BOOTP information to the Switch.
The user may enter a previously configured IP interface on the Switch that will be connected directly to the DHCP
server using the following window. Properly configured settings will be displayed in the DHCP Relay Interface Table at
the bottom of the following window. The user may add up to four server IP’s per IP interface on the Switch.
To enable and configure DHCP Relay Global Settings on the Switch, click Configuration > DHCP Relay > DHCP
Relay Interface Settings:
Figure 2 - 17. DHCP Relay Interface Settings window
The following parameters may be configured or viewed.
Parameter Description
Interface
Server IP
The IP interface on the Switch that will be connected directly to the Server.
Enter the IP address of the DHCP server. Up to four server IPs can be configured per IP Interface

DHCP Local Relay Settings

This function on the Switch allows configuration of the DHCP local relay for VLAN.
To view this window, click Configuration > DHCP Local Relay> DHCP Local Relay Settings:
29
Loading...
+ 244 hidden pages