D-link DGS-3224SR User Manual

D-Link ™ DGS-3224SR

High-Density Stackable Gigabit Ethernet Switch

User’s Guide

D-Link DGS-3212SR Stackable Gigabit Ethernet Switch

____________________

Information in this document is subject to change without notice.

Reproduction in any manner whatsoever without the written permission of D-Link

Corporation is strictly forbidden.

Trademarks used in this text: D-Link, the D-LINK logo are trademarks of D-Link Computer Corporation; Microsoft and Windows are registered trademarks of Microsoft Corporation.

Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. D-Link Computer Corporation disclaims any proprietary interest in trademarks and trade names other than its own.

August 2003 P/N 651GS3224015

CONTENTS

D-Link ™ DGS-3224SR.......................................................................................................................................... i

Intended Readers................................................................................................................................................ vi

Typographical Conventions ............................................................................................................................... vi

Notes, Notices, and Cautions ................................................................................................................................ vii

Safety Instructions................................................................................................................................................. vii

Safety Cautions ............................................................................................................................................. vii

General Precautions for Rack-Mountable Products ....................................................................................... ix

Protecting Against Electrostatic Discharge......................................................................................................x

Introduction..............................................................................................................................................................1

Switch Description ...........................................................................................................................................1

Features ................................................................................................................................................................1

Front-Panel Components......................................................................................................................................2

LED Indicators.................................................................................................................................................2

Rear Panel Description.........................................................................................................................................3

Management Options ...........................................................................................................................................4

Installation................................................................................................................................................................2

Package Contents .............................................................................................................................................2

Installing the Switch in a Rack.........................................................................................................................4

Connecting Stacked Switch Groups.....................................................................................................................5

Configuring a Switch Group for Stacking........................................................................................................6

Connecting the Console Port............................................................................................................................9

Password Protection...........................................................................................................................................10

SNMP Settings ...............................................................................................................................................11

IP Address Assignment......................................................................................................................................12

Connecting Devices to the Switch......................................................................................................................13

Introduction to Switch Management......................................................................................................................14

Web-based User Interface ..............................................................................................................................15

Basic Setup.........................................................................................................................................................16

Switch Information.........................................................................................................................................17

Switch IP Settings ..............................................................................................................................................18

Security IP Management Stations Configuration...........................................................................................20

User Accounts Management ..............................................................................................................................21

Admin and User Privileges ............................................................................................................................22

Saving Changes..................................................................................................................................................22

Factory Reset......................................................................................................................................................23

Restart System................................................................................................................................................23

Switch Information.........................................................................................................................................24

Advanced Settings..........................................................................................................................................25

Switch Stack Management.....................................................................................................................................27

Stacking Information..........................................................................................................................................27

VLAN Configuration .............................................................................................................................................31

GVRP Setting.................................................................................................................................................32

Understanding VLANs.......................................................................................................................................37

Port Settings Configuration....................................................................................................................................41

Basic Port Configuration....................................................................................................................................41

Link Aggregation Configuration............................................................................................................................44

Forwarding and Filtering........................................................................................................................................46

IGMP Settings................................................................................................................................................49

Static Router Ports..........................................................................................................................................50

New IGMP Snooping Feature ........................................................................................................................52

Spanning Tree Protocol Configuration...............................................................................................................53

802.1w Rapid Spanning Tree.........................................................................................................................53

QoS (Quality of Service)........................................................................................................................................58

Traffic Control (Broadcast/Multicast Storm Control)....................................................................................58

Configuring Default Priority ..........................................................................................................................59

Configuring 802.1p User Priority...................................................................................................................60

802.1p User Priority .......................................................................................................................................61

Traffic Segmentation......................................................................................................................................62

Bandwidth Control .........................................................................................................................................63

System Log Server.................................................................................................................................................65

Port Security Settings.............................................................................................................................................67

SNTP Setting..........................................................................................................................................................69

Access Profile Table ..............................................................................................................................................72

Security IP Management........................................................................................................................................76

Port Access Entity..................................................................................................................................................77

802.1X Port-based Network Access Control......................................................................................................77

Configure Authenticator.................................................................................................................................79

Port Authenticating Settings...........................................................................................................................82

Radius Server .................................................................................................................................................82

SNMP.....................................................................................................................................................................84

SNMP User Table ..........................................................................................................................................84

SNMP View Table .........................................................................................................................................86

SNMP Group Table........................................................................................................................................87

SNMP Community Table Configuration........................................................................................................90

SNMP Host Table ..........................................................................................................................................90

SNMP Engine ID ...........................................................................................................................................92

System Monitoring and Statistics...........................................................................................................................93

Port Utilization...............................................................................................................................................93

Packets ...........................................................................................................................................................94

Errors..............................................................................................................................................................97

Size...............................................................................................................................................................101

Maintenance .........................................................................................................................................................107

Technical Specifications ......................................................................................................................................112

Glossary ...............................................................................................................................................................114

WARRANTY FOR ALL COUNTRIES AND REGIONS EXCEPT USA ..................................................................................121

WARRANTY INFORMATION FOR USA ONLY..............................................................................................................124

D-Link DGS-3224SR Stackable Gigabit Ethernet Switch

Intended Readers

The DGS-3224SR User Guide contains information for setup and management and of the DGS-3224SR switch. This guide is intended for network managers familiar with network management concepts and terminology.

Typographical Conventions

Convention Description

In a command line, square brackets indicate an optional entry. For

[ ]

Bold font

example: [copy filename] means that optionally you can type copy followed by the name of the file. Do not type the brackets.

Indicates a button, a toolbar icon, menu, or menu item. For example: Open the File menu and choose Cancel. Used for emphasis. May also indicate system messages or prompts appearing on your screen. For example: You have mail. Bold font is also used to represent filenames, program names and commands. For example: use the copy command.

Boldface Typewriter Font

Initial capital letter

Italics

Menu Name > Menu Option

Indicates commands and responses to prompts that must be typed exactly as printed in the manual.

Indicates a window name. Names of keys on the keyboard have initial capitals. For example: Click Enter.

Indicates a window name or a field. Also can indicate a variables or parameter that is replaced with an appropriate word or string. For example: type filename means that you should type the actual filename instead of the word shown in italic.

Menu Name > Menu Option Indicates the menu structure.

Device > Port > Port Properties means the Port Properties menu

option under the Port menu option that is located under the Device menu.

D-Link DGS-3224SR Stackable Gigabit Ethernet Switch

Notes, Notices, and Cautions

NOTE: A NOTE indicates important information that helps you make

better use of your device.

NOTICE: A NOTICE indicates either potential damage to hardware or loss of data and tells you how to avoid the problem.

CAUTION: A CAUTION indicates a potential for property damage, personal injury, or death.

Safety Instructions

Use the following safety guidelines to ensure your own personal safety and to help protect your system from potential damage. Throughout this safety section, the caution icon ( ) is used to indicate cautions and precautions that you need to review and follow.

Safety Cautions

To reduce the risk of bodily injury, electrical shock, fire, and damage to the equipment, observe the following precautions.

Observe and follow service markings. Do not service any product except as explained in your system documentation. Opening or removing covers that are marked with the triangular symbol with a lightning bolt may expose you to electrical shock. Components inside these compartments should be serviced only by a trained service technician.

If any of the following conditions occur, unplug the product from the electrical outlet and replace the part or contact your trained service provider:

vii

D-Link DGS-3224SR Stackable Gigabit Ethernet Switch

– The power cable, extension cable, or plug is damaged.

– An object has fallen into the product.

– The product has been exposed to water.

– The product has been dropped or damaged.

– The product does not operate correctly when you follow the operating instructions.

• Keep your system away from radiators and heat sources. Also, do not block cooling vents.

• Do not spill food or liquids on your system components, and never operate the product in a wet

environment. If the system gets wet, see the appropriate section in your troubleshooting guide or contact your trained service provider.

• Do not push any objects into the openings of your system. Doing so can cause fire or electric shock by shorting out interior components.

• Use the product only with approved equipment.

• Allow the product to cool before removing covers or touching internal components.

• Operate the product only from the type of external power source indicated on the electrical ratings label.

If you are not sure of the type of power source required, consult your service provider or local power company.

• To help avoid damaging your system, be sure the voltage selection switch (if provided) on the power supply is set to match the power available at your location:

– 115 volts (V)/60 hertz (Hz) in most of North and South America and some Far Eastern countries such as South Korea and Taiwan

– 100 V/50 Hz in eastern Japan and 100 V/60 Hz in western Japan

– 230 V/50 Hz in most of Europe, the Middle East, and the Far East

• Also be sure that attached devices are electrically rated to operate with the power available in your location.

Safety Instructions (continued)

• Use only approved power cable(s). If you have not been provided with a power cable for your system or for any AC-powered option intended for your system, purchase a power cable that is approved for use in your country. The power cable must be rated for the product and for the voltage and current marked on the product's electrical ratings label. The voltage and current rating of the cable should be greater than the ratings marked on the product.

• To help prevent electric shock, plug the system and peripheral power cables into properly grounded electrical outlets. These cables are equipped with three-prong plugs to help ensure proper grounding. Do not use adapter plugs or remove the grounding prong from a cable. If you must use an extension cable, use a 3-wire cable with properly grounded plugs.

• Observe extension cable and power strip ratings. Make sure that the total ampere rating of all products plugged into the extension cable or power strip does not exceed 80 percent of the ampere ratings limit for the extension cable or power strip.

• To help protect your system from sudden, transient increases and decreases in electrical power, use a surge suppressor, line conditioner, or uninterruptible power supply (UPS).

• Position system cables and power cables carefully; route cables so that they cannot be stepped on or tripped over. Be sure that nothing rests on any cables.

• Do not modify power cables or plugs. Consult a licensed electrician or your power company for site modifications. Always follow your local/national wiring rules.

• When connecting or disconnecting power to hot-pluggable power supplies, if offered with your system, observe the following guidelines:

viii

D-Link DGS-3224SR Stackable Gigabit Ethernet Switch

– Install the power supply before connecting the power cable to the power supply.

– Unplug the power cable before removing the power supply.

– If the system has multiple sources of power, disconnect power from the system by

unplugging all power cables from the power supplies.

• Move products with care; ensure that all casters and/or stabilizers are firmly connected to the system. Avoid sudden stops and uneven surfaces.

General Precautions for Rack-Mountable Products

Observe the following precautions for rack stability and safety. Also refer to the rack installation documentation accompanying the system and the rack for specific caution statements and procedures.

Systems are considered to be components in a rack. Thus, "component" refers to any system as well as to various peripherals or supporting hardware.

CAUTION: Installing systems in a rack without the front and side stabilizers installed could cause the rack to tip over, potentially resulting in bodily injury under certain circumstances. Therefore, always install the stabilizers before installing components in the rack.

After installing system/components in a rack, never pull more than one component out of the rack on its slide assemblies at one time. The weight of more than one extended component could cause the rack to tip over and may result in serious injury.

• Before working on the rack, make sure that the stabilizers are secured to the rack, extended to the floor, and that the full weight of the rack rests on the floor. Install front and side stabilizers on a single rack or front stabilizers for joined multiple racks before working on the rack.

Safety Instructions (continued)

Always load the rack from the bottom up, and load the heaviest item in the rack first.

Make sure that the rack is level and stable before extending a component from the rack.

Use caution when pressing the component rail release latches and sliding a component into or out of a rack; the slide rails can pinch your fingers.

After a component is inserted into the rack, carefully extend the rail into a locking position, and then slide the component into the rack.

Do not overload the AC supply branch circuit that provides power to the rack. The total rack load should not exceed 80 percent of the branch circuit rating.

Ensure that proper airflow is provided to components in the rack.

Do not step on or stand on any component when servicing other components in a rack.

D-Link DGS-3224SR Stackable Gigabit Ethernet Switch

NOTE: A qualified electrician must perform all connections to DC power and to

safety grounds. All electrical wiring must comply with applicable local or national codes and practices.

CAUTION: Never defeat the ground conductor or operate the equipment in the absence of a suitably installed ground conductor. Contact the appropriate electrical inspection authority or an electrician if you are uncertain that suitable grounding is available.

CAUTION: The system chassis must be positively grounded to the rack cabinet frame. Do not attempt to connect power to the system until grounding cables are connected. Completed power and safety ground wiring must be inspected by a qualified electrical inspector. An energy hazard will exist if the safety ground cable is omitted or disconnected.

Protecting Against Electrostatic Discharge

Static electricity can harm delicate components inside your system. To prevent static damage, discharge static electricity from your body before you touch any of the electronic components, such as the microprocessor. You can do so by periodically touching an unpainted metal surface on the chassis.

You can also take the following steps to prevent damage from electrostatic discharge (ESD):

1. When unpacking a static-sensitive component from its shipping carton, do not remove the component from the antistatic packing material until you are ready to install the component in your system. Just before unwrapping the antistatic packaging, be sure to discharge static electricity from your body.

2. When transporting a sensitive component, first place it in an antistatic container or packaging.

3. Handle all sensitive components in a static-safe area. If possible, use antistatic floor pads and workbench pads and an antistatic grounding strap.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Section 1

Introduction

Switch Description

Features

Front-Panel Components

Back Panel Description

Plug-in Module Descriptions

Management Options

Switch Description

The DGS-3224SR is a modular Gigabit Ethernet backbone switch designed for adaptability and scalability. The switch provides a management platform and uplink to backbone for a stacked group of twelve DGS-3224SR Layer 2 switches in a ring or chain topology arrangement. Alternatively, the switch can utilize up to twelve Gigabit Ethernet ports to function as a central distribution hub for other switches or switch groups, or routers. The four built-in combination Gigabit ports have the option of being used as either 1000BASE-T or SFP Gigabit connections.

Features

• 4 built-in combination 1000BASE-T/SFP ports

• Ring or chain topology switch stacking configuration for up to 12 additional DES-3224SR switches.

• 88 Gbps switching fabric capacity

• Supports 802.1D STP and 802.1w Rapid Spanning Tree for redundant back up bridge paths

• Supports 802.1Q VLAN, IGMP snooping, 802.1p Priority Queues, port trunking, port mirroring

• Multi-layer Access Control (based on MAC address, IP address, VLAN, Protocol, 802.1p, DSCP)

• Quality of Service (QoS) customized control

• 802.1x (port-based) access control and Radius Client support

• Administrator-definable port security

• Per-port bandwidth control

• IEEE 802.3z and IEEE 802.3x compliant Flow Control for all Gigabit ports

• SNMP v.1, v.2, v.3 network management, RMON support

• Support optional external Redundant Power Supply

• Supports Web-based management.

• CLI management support

• DHCP and BOOTP Client support.

• Fully configurable either in-band or out-of-band control via RS-232 console serial connection.

• Telnet remote control console

• TFTP upgrade

• Traffic Segmentation

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

• SysLog support

• Simple Network Time Protocol

• Web GUI Traffic Monitoring

Front-Panel Components

The front panel of the Switch consists of LED indicators, an RS-232 communication port, and four SFP (MiniGBIC) combo ports.

Figure 1 - 1. Front Panel View of the switch

Comprehensive LED indicators display the status of the switch and the network.

An RS-232 DCE console port for setting up and managing the switch via a connection to a console terminal or PC using a terminal emulation program.

LED Indicators

The LED indicators of the Switch include Power, Master, Console, and RPS (Redundant Power Supply). A bank of 24 LEDs (2 for each port) indicates link, activity status and connection speed for each port

Power

Master

Console

RPS

1000

Link/Act

Stack ID

It will light green approximately 2 seconds after the switch is powered on to indicate the ready state of the device.

Lights steady green when the Switch is configured as the Master Switch in a stack.

This indicator on the front panel should be lit during the Power-On Self Test (POST). Lights green when the switch is being managed via out-of-band/local console management through the RS-232 console port using a straight-through serial cable.

This indicator will light steady amber when an external power supply is supplying power. This indicates the internal power supply has failed.

Each on-board Gigabit Ethernet port has a corresponding indicator. This will light steady green for a valid link and blink whenever there is reception or transmission (i.e. Activity--Act) of data occurring at a port.

The switch includes a 7-segment LED (labeled STACK ID) to indicate the switch status in a stacked switch group.

SIO

Indicates which stacking port, if any, is in use.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Rear Panel Description

The rear panel of the switch contains an AC power connector, a connector for the Redundant Power Supply (RPS) and two stacking ports.

Figure 1-2. Rear panel view of the Switch

The AC power connector is a standard three-pronged connector that supports the power cord. Plug the female connector of the provided power cord into this socket, and the male side of the cord into a power outlet. The switch automatically adjusts its power setting to any supply voltage in the range from 100 ~ 240 VAC at 50 ~ 60 Hz.

RPS Connector

Connect the optional external redundant power supply to the RPS connector. If the switch’s internal power unit fails, the redundant power system automatically supplies power to the switch for uninterrupted operation. The switch supports the D-Link RPS-500 redundant power supply units.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Management Options

The system may be managed out-of-band through the console port on the front panel or in-band using Telnet or a web browser.

Web-based Management Interface

After you have successfully installed the switch, you can configure the switch, monitor the LED panel, and display statistics graphically using a web browser, such as Netscape Navigator (version 6.2 and higher) or Microsoft

® Internet Explorer (version 5.0).

NOTE: To access the switch through a web browser, the computer running the web browser must have IP-based network access to the switch.

Command Line Console Interface Through the Serial Port or Telnet

You can also connect a computer or terminal to the serial console port or use Telnet to access the switch. The command-line-driven interface provides complete access to all switch management features. For a full list of commands, see the Command Line Reference, which is included on the documentation CD.

SNMP-Based Management

You can manage the switch with an SNMP-compatible console program. The switch is supports SNMP version

1.0, version 2.0 and version 3.0. The SNMP agent decodes the incoming SNMP messages and responds to requests with MIB objects stored in the database. The SNMP agent updates the MIB objects to generate statistics and counters.

The switch supports a comprehensive set of MIB extensions:

• RFC1213 MIB II

• RFC1493 Bridge

• RFC1757 RMON

• RFC 1643 Ether-like MIB

• D-Link Enterprise MIB

• 802.1p RFC2674

• RFC 2233 Interface MIB

• RFC 2618 (Radius-Auth-Client-MIB)

• RFC 2620 (Radius-Acc-Client-MIB)

• IEEE8021-PAE-MIB

• RFC2575 (VACM for SNMP)

• RFC2576 (Coexistence between SNMPs)

• RFC 1907 (SNMPv2-MIB)

• RSTP-MIB

• RFC2021 (RMON2)

• RFC2571 (SNMP Frameworks)

• RFC2572 (Message Processing for SNMP)

• RFC2573 (SNMP Applications)

• RFC2574 (USM for SNMP)

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Section 2

Installation

Package Contents

Before You Connect to the Network

External Redundant Power System

Connecting the Console Port

Password Protection

SNMP Settings

IP Address Assignment

Connecting Devices to the Switch

Package Contents

Before you begin installing the switch, confirm that your package contains the following items:

• One DGS-3224SR Layer 2 Gigabit Switch

• Mounting kit: 2 mounting brackets and screws

• Four rubber feet with adhesive backing

• One AC power cord

• This User’s Guide

• CLI Reference

• CD-ROM with User’s Guide and CLI Reference

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Before You Connect to the Network

NOTICE: Do not connect the switch to the network until you have established

the correct IP settings.

Before you connect to the network, you must install the switch on a flat surface or in a rack, set up a terminal emulation program, plug in the power cord, and then set up a password and IP address.

The switch is supplied with rubber feet for stationing it on a flat surface and mounting brackets and screws for mounting the switch in a rack.

NOTICE: Do not connect the stacked switch group to the network until you have

properly configured all switches for switch stacking. An improperly configured switch stack can cause a broadcast storm.

Installing the Switch Without the Rack

1. Install the switch on a level surface that can safely support the weight of the switch and its attached cables. The switch must have adequate space for ventilation and for accessing cable connectors.

2. Set the switch on a flat surface and check for proper ventilation. Allow at least 5 cm (2 inches) on each side of the switch and 15 cm (6 inches) at the back for the power cable.

3. Attach the rubber feet on the marked locations on the bottom of the chassis.

4. The rubber feet, although optional, are recommended to keep the unit from slipping.

Figure 2-1. Install rubber feet for installations with or without a rack

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Installing the Switch in a Rack

You can install the switch in most standard 19-inch (48.3-cm) racks. Refer to the illustrations below.

1. Use the supplied screws to attach a mounting bracket to each side of the switch.

2. Align the holes in the mounting bracket with the holes in the rack.

3. Insert and tighten two screws through each of the mounting brackets.

Figure 2-2. Attach mounting brackets

Figure 2-3. Install switch in equipment rack

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Connecting Stacked Switch Groups

Up to 12 Switches can be stacked together for Ring mode or Chain mode to a Master Unit or in tandem with a second master unit via the second 10Gig stacking port. Users can add unit to reach maximum 288 GbE ports per Ring stack or 168 GbE ports per Star stack. Switches are stacked together through a high-speed stack cables that provide high speed of multiple Gigabit connections, allowing the entire stack to perform as a single IP entity. User can see the number of switches stacked together from 7-segment display on front panel. Please refer to the diagram below.

Figure 2-4. Ring (Bus) Topology

Please note that the DGS-3324SRi is needed to connect a group of Switches in the Star topology, as shown below.

DGS-3224SRi

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Figure 2-5. Star Topology Stacked Switch Group

The stacking ports are designated 1 and 2, and the stacking port being used will have its matching LED (on the front panel) light a steady green when in use. Connection can be made from any stacking port to any other stacking port. That is, stacking port 1 may connect to 1 or 2, and stacking port 2 may connect to 2 or 1

Configuring a Switch Group for Stacking

Follow the instructions below to configure the DGS-3224SR as the designated Master, and then to configure the slave units.

To configure the DES-3224SR to function in a stacked group as a master, do the following:

1. At the CLI login prompt, enter config box_priority current_box_id 1 priority 1

and press the Enter key. (Where the lowest priority number in a stack is always the Master, i.e. 2 would have a higher priority than 5.)

2. Successful configuration will be verified by a Success message. It takes a few seconds for the change to take effect. See the example below for the DES-3224SR.

3. Be sure to save the configuration change using the CLI command save.

4. Reboot the Switch.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

DGS-3223Sr:4#config box_priority current_box_id 1 priority 1

Command: config box_priority current_box_id 1 priority 1

Success.

DES-3224SR:4#............

DES-3224SR:4#

To configure the same DGS-3224SR to function in a stacked group as the Slave, do the following:

1. At the CLI login prompt, enter config box_priority current_box_id 1 priority 2 and press the Enter key.

2. Successful configuration will be verified by a Success message. It takes a few seconds for the change to take effect. See the example below for the DGS-3224SR.

3. Be sure to save the configuration change using the CLI command save.

DGS-3224SR:4#config box_priority current_box_id 1 priority 2

Command: config config box_priority current_box_id 1 priority 2

Success.

DGS-3224SR:4#...................................................................

Note: Make sure that each box has a different ID. No two boxes can have the same ID.

Unit ID Display for Switches in a Switch Stack

The Stack ID. 7-segment LED (as shown below) on the front panel displays the Stack ID of the Switch. Please also note that the Master LED is lit, indicating that this Switch is the Master unit in the stack.

Gigabit Combo Ports

In addition to the 24 10/100/1000 Mbps ports, the Switch features four Mini-GBIC Combo ports. These four ports are 10/100/1000BASE-T copper ports (built-in) and Mini-GBIC ports (optional). Please note that the MiniGBIC ports are used instead of the built-in 10/100/1000BASE-T ports. The Mini-GBIC ports will not work simultaneously with its corresponding 10/100/1000BASE-T port. For example, if port 24x is used on the Mini GBIC module, port 24 is not available for the 10/100/1000BASE-T built-in port, and vice versa.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

External Redundant Power System

The switch supports an external redundant power system.

Figure 2-6. DPS-500 with DES-3224SR

Figure 2-7. DPS-800 with DES-3224SR

NOTE: See the DPS-500 documentation for more information.

CAUTION: Do not use the switch with any redundant power system other than

the DPS-500.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Connecting the Console Port

The switch provides an RS-232 serial port that enables a connection to a computer or terminal for monitoring and configuring the switch. This port is a DB-9 connector, implemented as a DCE connection.

To use the console port, you need the following equipment:

• A terminal or a computer with both a serial port and the ability to emulate a terminal

• A RS-232 cable with a female DB-9 connector for the console port on the switch

To connect a terminal to the console port:

1. Connect the RS-232 cable directly to the console port on the switch, and tighten the captive retaining screws.

2. Connect the other end of the cable to a terminal or to the serial connector of a computer running terminal emulation software. Set the terminal emulation software as follows:

1. Select the appropriate serial port (COM port 1 or COM port 2).

3. Set the data rate to 115200 baud.

4. Set the data format to 8 data bits, 1 stop bit, and no parity.

5. Set flow control to

6. Under Properties, select VT100 for Emulation mode.

7. Select Terminal keys for Function, Arrow, and Ctrl keys. Ensure that you select Terminal keys (not Windows keys).

none.

NOTICE: When you use HyperTerminal with the Microsoft® Windows® 2000

operating system, ensure that you have Windows 2000 Service Pack 2 or later installed. Windows 2000 Service Pack 2 allows you to use arrow keys in HyperTerminal’s VT100 emulation. See www.microsoft.com for information on Windows 2000 service packs.

8. After you have correctly set up the terminal, plug the power cable into the power receptacle on the back of the switch. The boot sequence appears in the terminal.

9. After the boot sequence completes, the console login screen displays.

10. If you have not logged into the command line interface (CLI) program, press the Enter key at the User name and password prompts. There is no default user name and password for the switch, user names and passwords must first be created by the administrator. If you have previously set up user accounts, log in and continue to configure the Switch.

11. Enter the commands to complete your desired tasks. Many commands require administratorlevel access privileges. Read the next section for more information on setting up user accounts. See the Command Line Reference on the documentation CD for a list of all commands and additional information on using the CLI.

12. When you have completed your tasks, exit the session with the logout command or close the emulator program.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Password Protection

The DGS-3224SR does not have a default user name and password. One of the first tasks when settings up the switch is to create user accounts. If you log in using a predefined administrator-level user name you have privileged access to the switch’s management software.

After your initial login, define new passwords for both default user names to prevent unauthorized access to the switch, and record the passwords for future reference.

To create an administrator-level account for the switch, do the following:

1. At the CLI login prompt, enter create account admin followed by the <user name> and press the Enter key.

2. You will be asked to provide a password. Type the <password> used for the administrator account being created and press the Enter key.

3. You will be prompted to enter the same password again to verify it. Type the same password and press the Enter key.

4. Successful creation of the new administrator account will be verified by a Success message.

User names and passwords can be up to 15 characters in length.

The sample below illustrates a successful creation of a new administrator-level account with the user name “newmanager”.

NOTE: Passwords are case sensitive.

DGS-3224SR:4#create account admin newmanager

Command: create account admin newmanager

Enter a case-sensitive new password:********

Enter the new password again for confirmation:********

Success.

NOTICE: CLI configuration commands only modify the running

configuration file and are not saved when the switch is rebooted. To save all your configuration changes in nonvolatile storage, you must use the save command to copy the running configuration file to the startup configuration.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

SNMP Settings

Simple Network Management Protocol (SNMP) is an OSI Layer 7 (Application Layer) function designed specifically for managing and monitoring network devices. SNMP enables network management stations to read and modify the settings of gateways, routers, switches, and other network devices. Use SNMP to configure system features for proper operation, monitor performance and detect potential problems in the switch, switch group or network.

Managed devices that support SNMP include software (referred to as an agent), which runs locally on the device. A defined set of variables (managed objects) is maintained by the SNMP agent and used to manage the device. These objects are defined in a Management Information Base (MIB), which provides a standard presentation of the information controlled by the on-board SNMP agent. SNMP defines both the format of the MIB specifications and the protocol used to access this information over the network.

The DGS-3224SR supports the SNMP versions 1, 2c, and 3. You can specify which version of the SNMP you want to use to monitor and control the switch. The three versions of SNMP vary in the level of security provided between the management station and the network device.

In SNMP v.1 and v.2, user authentication is accomplished using ‘community strings’, which function like passwords. The remote user SNMP application and the switch SNMP must use the same community string. SNMP packets from any station that has not been authenticated are ignored (dropped).

The default community strings for the switch used for SNMP v.1 and v.2 management access are:

public - Allows authorized management stations to retrieve MIB objects.

private - Allows authorized management stations to retrieve and modify MIB objects.

SNMP v.3 uses a more sophisticated authentication process that is separated into two parts. The first part is to maintain a list of users and their attributes that are allowed to act as SNMP managers. The second part describes what each user on that list can do as an SNMP manager.

The switch allows groups of users to be listed and configured with a shared set of privileges. The SNMP version may also be set for a listed group of SNMP managers. Thus, you may create a group of SNMP managers that are allowed to view read-only information or receive traps using SNMP v.1 while assigning a higher level of security to another group, granting read/write privileges using SNMP v.3.

Using SNMP v.3 individual users or groups of SNMP managers can be allowed to perform or be restricted from performing specific SNMP management functions. The functions allowed or restricted are defined using the Object Identifier (OID) associated with a specific MIB. An additional layer of security is available for SNMP v.3 in that SNMP messages may be encrypted. To read more about how to configure SNMP v.3 settings for the switch read the next section, Management.

Traps

Traps are messages that alert network personnel of events that occur on the Switch. The events can be as serious as a reboot (someone accidentally turned OFF the Switch), or less serious like a port status change. The Switch generates traps and sends them to the trap recipient (or network manager). Typical traps include trap messages for Authentication Failure, Topology Change and Broadcast\Multicast Storm.

MIBs

Management and counter information are stored by the switch in the Management Information Base (MIB). The Switch uses the standard MIB-II Management Information Base module. Consequently, values for MIB objects can be retrieved from any SNMP-based network management software. In addition to the standard MIB-II, the Switch also supports its own proprietary enterprise MIB as an extended Management Information Base. The proprietary MIB may also be retrieved by specifying the MIB Object Identifier. MIB values can be either readonly or read-write.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

IP Address Assignment

Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The switch’s default IP address is

10.90.90.90. You can change the default Switch IP address to meet the specification of your networking address scheme.

The switch is also assigned a unique MAC address by the factory. This MAC address cannot be changed, and can be found from the initial boot console screen – shown below.

Figure 2 - 4. Boot Screen

The switch’s MAC address can also be found from the Web management program on the Switch Information (Basic Settings) window on the Configuration menu.

The IP address for the switch must be set before it can be managed with the Web-based manager. The switch IP address can be automatically set using BOOTP or DHCP protocols, in which case the actual address assigned to the switch must be known.

The IP address may be set using the Command Line Interface (CLI) over the console serial port as follows:

1. Starting at the command line prompt, enter the commands config ipif System ipaddress xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy. Where the x’s represent the IP address to be assigned to the IP interface named System and the y’s represent the corresponding subnet mask.

2. Alternatively, you can enter config ipif System ipaddress xxx.xxx.xxx.xxx/z. Where the x’s represent the IP address to be assigned to the IP interface named System and the z represents the corresponding number of subnets in CIDR notation.

The IP interface named System on the switch can be assigned an IP address and subnet mask which can then be used to connect a management station to the switch’s Telnet or Web-based management agent.

Figure 2 - 5. Assigning the Switch an IP Address

In the above example, the switch was assigned an IP address of 10.52.19.13 with a subnet mask of 255.0.0.0. The system message Success indicates that the command was executed successfully. The switch can now be configured and managed via Telnet and the CLI or via the Web-based management.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Connecting Devices to the Switch

After you assign IP addresses to the switch, you can connect devices to the switch.

To connect a device to an SFP transceiver port:

1. Use your cabling requirements to select an appropriate SFP transceiver type.

2. Insert the SFP transceiver (sold separately) into the SFP transceiver slot.

3. Use the appropriate network cabling to connect a device to the connectors on the SFP transceiver.

NOTICE: When the SFP transceiver acquires a link, the associated integrated 10/100/1000BASE-T port is disabled.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Section 3

Introduction to Switch Management

Login to Web Manager

Web-based User Interface

Basic Setup

Switch Information

IP Address

User Accounts

Saving Changes

Factory Reset

Restart System

Introduction

All software functions of the DGS-3224SR can be managed, configured and monitored via the embedded webbased (HTML) interface. The switch can be managed from remote stations anywhere on the network through a standard browser such as Netscape Navigator/Communicator or Microsoft Internet Explorer. The browser acts as a universal access tool and can communicate directly with the Switch using the HTTP protocol.

The Web-based management module and the Console program (and Telnet) are different ways to access the same internal switching software and configure it. Thus, all settings encountered in web-based management are the same as those found in the console program.

Login to Web Manager

To begin managing your Switch simply run the browser you have installed on your computer and point it to the IP address you have defined for the device. The URL in the address bar should read something like: http://123.123.123.123, where the numbers 123 represent the IP address of the switch.

NOTE: The Factory default IP address for the switch is 10.90.90.90.

In the page that opens, click on the Login to make a setup button at the top of the window:

Figure 3-1. Login Page

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

This opens the management module’s main page.

The switch management features available in the web-based manager are explained below.

Web-based User Interface

The user interface provides access to various switch configuration and management screens, allows you to view performance statistics, and permits you to graphically monitor the system status.

Areas of the User Interface

The figure below shows the user interface. The user interface is divided into 3 distinct areas as described in the table.

Area 1

Area 2

Area Function

Presents a graphical near real-time image of the front panel of the switch. This area displays the switch’s ports and expansion modules, showing port activity, duplex

mode, or flow control, depending on the specified mode.

Various areas of the graphic can be selected for performing management functions, including port configuration.

Select the menu or window to be displayed. The folder icons can be opened to display the hyperlinked menu buttons and subfolders contained within them. Click the D-Link logo to go to the D-Link website.

Area 3

Figure 3-2. Main Web-Manager Screen

Presents switch information based on your selection and the entry of configuration data.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

NOTICE: Any changes made to the switch configuration during the current

session must be saved in the Save Changes web menu (explained below) or use the command line interface (CLI) command save.

Web Pages

When you connect to the management mode of the switch with a web browser, a login screen is displayed. Enter a user name and password to access the switch’s management mode.

Below is a list and description of the main folders available in the web interface:

Configuration folder: includes menus for port configuration, bandwidth control, link aggregation, port mirroring, VLANs configuration, Spanning Tree Protocol setup, forwarding & filtering configuration, Quality of Service, broadcast/multicast storm controls (Traffic Control), IGMP snooping, static router ports setup, SysLog server setup, port security, SNTP settings and the access profile table. This also contains the Advanced Settings menu which is used to configure miscellaneous settings such as for the serial port, MAC address aging time, and to enable/disable the following: RMON, IGMP snooping, Telnet and web management access, traffic segmentation, and 802.1x. The Switch Information page is used to enter system contact and physical location information and lists basic information such as the switch’s MAC address, current firmware version and the modules installed.

Security Management: contains 802.1x settings including Radius server information and PAE setup and security management IP station setup.

SNMP Manager: contains menus for establishing the switch IP settings, user accounts configuration and SNMP setup including SNMP v.3 configuration.

Monitoring: includes menus for monitoring switch performance monitors, MAC address table information, router port information, IGMP Snooping information and 802.1x related information.

Maintenance: contains menus for upgrading firmware and saving configuration files (TFTP Services), saving configuration changes, resetting and rebooting the switch, Ping test and logging out of the web manager.

NOTE: Be sure to configure the user name and password in the User Accounts menu before connecting the switch to the greater network.

Basic Setup

The subsections below describe how to change some of the basic settings for the switch such as changing IP settings and assigning user names and passwords for management access privileges, as well as how to save the changes and restart the switch.

D-Link DGS-3224SR Layer 2 Gigabit Ethernet Switch

Switch Information

Click the Switch Information link in the Configuration menu.

Figure 3-3. Switch Information – Basic Settings

The Switch Information window shows the switch’s MAC Address (assigned by the factory and unchangeable). In addition, the Boot PROM and Firmware Version numbers are shown. This information is helpful to keep track of PROM and Firmware updates and to obtain the switch’s MAC address for entry into another network device’s address table – if necessary.

You may assign a System Name, System Location, and System Contact. If any changes or additions are made, click Apply.

+ 110 hidden pages