D-link DGS-3308FG User Manual

Download

DGS-3308 Series

8-Port Gigabit Layer 3 Switch

User’s Guide

First Edition (October 2004)

651FG3308015

Printed In Taiwan

RECYCLABLE

Wichtige Sicherheitshinweise

1. Bitte lesen Sie sich diese Hinweise sorgfältig durch.

2. Heben Sie diese Anleitung für den spätern Gebrauch auf.

3. Vor jedem Reinigen ist das Gerät vom Stromnetz zu trennen. Vervenden Sie keine Flüssig- oder Aerosolreiniger. Am besten dient ein angefeuchtetes Tuch zur Reinigung.

4. Um eine Beschädigung des Gerätes zu vermeiden sollten Sie nur Zubehörteile verwenden, die vom Hersteller zugelassen sind.

5. Das Gerät is vor Feuchtigkeit zu schützen.

6. Bei der Aufstellung des Gerätes ist auf sichern Stand zu achten. Ein Kippen oder Fallen könnte Verletzungen hervorrufen. Verwenden Sie nur sichere Standorte und beachten Sie die Aufstellhinweise des Herstellers.

7. Die Belüftungsöffnungen dienen zur Luftzirkulation die das Gerät vor Überhitzung schützt. Sorgen Sie dafür, daß diese Öffnungen nicht abgedeckt werden.

8. Beachten Sie beim Anschluß an das Stromnetz die Anschlußwerte.

9. Die Netzanschlußsteckdose muß aus Gründen der elektrischen Sicherheit einen Schutzleiterkontakt haben.

10. Verlegen Sie die Netzanschlußleitung so, daß niemand darüber fallen kann. Es sollete auch nichts auf der Leitung abgestellt werden.

11. Alle Hinweise und Warnungen die sich am Geräten befinden sind zu beachten.

12. Wird das Gerät über einen längeren Zeitraum nicht benutzt, sollten Sie es vom Stromnetz trennen. Somit wird im Falle einer Überspannung eine Beschädigung vermieden.

13. Durch die Lüftungsöffnungen dürfen niemals Gegenstände oder Flüssigkeiten in das Gerät gelangen. Dies könnte einen Brand bzw. Elektrischen Schlag auslösen.

14. Öffnen Sie niemals das Gerät. Das Gerät darf aus Gründen der elektrischen Sicherheit nur von authorisiertem Servicepersonal geöffnet werden.

15. Wenn folgende Situationen auftreten ist das Gerät vom Stromnetz zu trennen und von einer qualifizierten Servicestelle zu überprüfen: a – Netzkabel oder Netzstecker sint beschädigt. b – Flüssigkeit ist in das Gerät eingedrungen. c – Das Gerät war Feuchtigkeit ausgesetzt. d – Wenn das Gerät nicht der Bedienungsanleitung ensprechend funktioniert oder Sie mit Hilfe dieser Anleitung keine Verbesserung erzielen. e – Das Gerät ist gefallen und/oder das Gehäuse ist beschädigt. f – Wenn das Gerät deutliche Anzeichen eines Defektes aufweist.

16. Bei Reparaturen dürfen nur Orginalersatzteile bzw. den Orginalteilen entsprechende Teile verwendet werden. Der Einsatz von ungeeigneten Ersatzteilen kann eine weitere Beschädigung hervorrufen.

17. Wenden Sie sich mit allen Fragen die Service und Repartur betreffen an Ihren Servicepartner. Somit stellen Sie die Betriebssicherheit des Gerätes sicher.

18. Zum Netzanschluß dieses Gerätes ist eine geprüfte Leitung zu verwenden, Für einen Nennstrom bis 6A und einem Gerätegewicht grßer 3kg ist eine Leitung nicht leichter als H05VV-F, 3G, 0.75mm2 einzusetzen.

WARRANTIES EXCLUSIVE

IF THE D-LINK PRODUCT DOES NOT OPERATE AS WARRANTED ABOVE, THE CUSTOMER'S SOLE REMEDY SHALL BE, AT D-LINK'S OPTION, REPAIR OR REPLACEMENT. THE FOREGOING WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ALL OTHER WARRANTIES, EXPRESSED OR IMPLIED, EITHER IN FACT OR BY OPERATION OF LAW, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. D-LINK NEITHER ASSUMES NOR AUTHORIZES ANY OTHER PERSON TO ASSUME FOR IT ANY OTHER LIABILITY IN CONNECTION WITH THE SALE, INSTALLATION MAINTENANCE OR USE OF D-LINK'S PRODUCTS D-LINK SHALL NOT BE LIABLE UNDER THIS WARRANTY IF ITS TESTING AND EXAMINATION DISCLOSE THAT THE ALLEGED DEFECT IN THE PRODUCT DOES NOT EXIST OR WAS CAUSED BY THE CUSTOMER'S OR ANY THIRD PERSON'S MISUSE, NEGLECT, IMPROPER INSTALLATION OR TESTING, UNAUTHORIZED ATTEMPTS TO REPAIR, OR ANY OTHER CAUSE BEYOND THE RANGE OF THE INTENDE D USE, OR BY ACCIDENT, FIRE, LIGHTNING OR OTHER HAZARD.

LIMITATION OF LIABILITY

IN NO EVENT WILL D-LINK BE LIABLE FOR ANY DAMAGES, INCLUDING LOSS OF DATA, LOSS OF PROFITS, COST OF COVER OR OTHER INCIDENTAL, CONSEQUENTIAL OR INDIRECT DAMAGES ARISING OUT THE INSTALLATION, MAINTENANCE, USE, PERFORMANCE, FAILURE OR INTERRUPTION OF A D- LINK PRODUCT, HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY. THIS LIMITATION WILL APPLY EVEN IF DLINK HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. IF YOU PURCHASED A D-LINK PRODUCT IN THE UNITED STATES, SOME STATES DO NOT ALLOW THE LIMITATION OR EXCLUSION OF LIABILITY FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THE ABOVE LIMITATION MAY NOT APPLY TO YOU.

Limited Warranty

Hardware:

D-Link warrants each of its hardware products to be free from defects in workmanship and materials under normal use and service for a period commencing on the date of purchase from D-Link or its Authorized Reseller and extending for the length of time stipulated by the Authorized Reseller or D-Link Branch Office nearest to the place of purchase.

If the product proves defective within the applicable warranty period, D-Link will provide repair or replacement of the product. D-Link shall have the sole discretion whether to repair or replace, and replacement product may be new or reconditioned. Replacement product shall be of equivalent or better specifications, relative to the defective product, but need not be identical. Any product or part repaired by D-Link pursuant to this warrant y shall have a warranty period of not less than 90 days, from date of such repair, irrespective of any earlier expiration of original warranty period. When D-Link provides replacement, then the defective product becomes the property of D-Link.

Warranty se rvice may be obtained by contacting a D-Link office within the applicable warranty period, and requesting a Return Material Authorization (RMA) number.If Purchaser's circumstances require special handling of warranty correction, then at the time of requesting RMA number, Purchaser may also propose special procedure as may be suitable to the case.

After an RMA number is issued, the defective product must be packaged securely in the original or other suitable shipping package to ensure that it will not be damaged in transit, and the RMA number must be prominently marked on the outside of the package. The package must be mailed or otherwise shipped to D-Link with all costs of mailing/shipping/insurance prepaid. D-Link shall never be responsible for any software, firmware, information, or memory data of Purchaser contained in, stored on, or integrated with any product returned to D-Link pursuant to this warranty.

Any package returned to D-Link without an RMA number will be rejected and shipped back to Purchaser at Purchaser's expense, and D-Link reserves the right in such a case to levy a reasonable handling charge in addition mailing or shipping costs.

Software:

Warranty service for software products may be obtained by contacting a D-Link office within the applicable warranty period. A list of D-Link offices is provided at the back of thi s manual.

D-Link warrants that its software products will perform in substantial conformance with the applicable product documentation provided by D-Link with such software product, for a period of ninety (90) days from the date of purchase from D-Link or its Authorized Reseller. D-Link warrants the magnetic media, on which D-Link provides its software product, against failure during the same warranty period. This warranty applies to purchased software, and to replacement software provided by D-Link pursuant to this warranty, but shall not apply to any update or replacement which may be provided for download via the Internet, or to any update which may otherwise be provided free of charge.

D-Link's sole obligation under this software warranty shall be to replace any defective software product with product which substantially conforms to D-Link's applicable product documentation. Purchaser assumes responsibility for the selection of appropriate application and system/platform software and associated reference materials. D-Link makes no warranty that its software products will work in combination with any hardware, or any application or system/platform software product provided by any third party, excepting only such products as are expressly represented, in D-Link's applicable product

documentation as being compatible. D-Link's obligation under this warranty shall be a reasonable effort to provide compatibility, but D-Link shall have no obligation to provide compatibility when there is fault in the third-party hardware or software. D-Link makes no warranty that operation of its software products will be uninterrupted or absolutely error-free, and no warranty that all defects in the software product, within or without the scope of D-Link's applicable product documentation, will be corrected.

D-Link Offices for Warranty Service

To obtain an RMA number for warranty service as to a hardware product, or to obtain warranty service as to a software product, contact the D-Link office nearest you. An address/telepho ne/fax/e-mail/Web site list of D-Link offices is provided in the back of this manual .

Trademarks

Copyright 2001 D-Link Corporation. Contents subject to change without prior notice. D-Link is a registered trademark of D-Link Corporation/D-Link Systems, Inc. All other trademarks belong to their respective proprietors.

No part of this publication may be reproduced in any form or by any means or used to make any derivative such as translation, transformation, or adaptation without permission from D-Link Corporation/D-Link Systems Inc., as stipulated by the United States Copyright Act of 1976.

FCC Warning

This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with this user’s guide, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense.

CE Mark Warning

This is a Class A product. In a domestic environment, this product may cause radio interference in which case the user may be required to take adequate measures.

VCCI Warning

BSMI Warning

Table of Contents

About This Guide...............................................................................................................................................................................................1

Overview of this User’s Guide.....................................................................................................................................................................1

Introduction.........................................................................................................................................................................................................2

Layer 3 Switching...........................................................................................................................................................................................2

The Functions of a Layer 3 Switch..........................................................................................................................................................3

Features...........................................................................................................................................................................................................3

Ports...............................................................................................................................................................................................................3

Performance Features...................................................................................................................................................................................4

Layer 2 Switching Features......................................................................................................................................................................4

Layer 3 Switching Features......................................................................................................................................................................4

Traffic Classification and Prioritization...............................................................................................................................................5

Management................................................................................................................................................................................................5

Optional Redundant Power Supply........................................................................................................................................................6

Fast Ethernet Technology.............................................................................................................................................................................6

Gigabit Ethernet Technology.......................................................................................................................................................................6

Unpacking and Setup........................................................................................................................................................................................7

Unpacking........................................................................................................................................................................................................7

Installation......................................................................................................................................................................................................7

Desktop or Shelf Installation...................................................................................................................................................................7

Rack Installation........................................................................................................................................................................................8

Power on...........................................................................................................................................................................................................9

Power Failure...............................................................................................................................................................................................9

Identifying External Components................................................................................................................................................................10

Front Panel....................................................................................................................................................................................................10

Rear Panel.....................................................................................................................................................................................................10

Side Panels....................................................................................................................................................................................................11

LED Indicators..............................................................................................................................................................................................11

Connecting The Switch...................................................................................................................................................................................12

PC to Switch..................................................................................................................................................................................................12

Switch to Switch (other devices)...............................................................................................................................................................12

Switch Management and Operating Concepts..........................................................................................................................................14

Local Console Management ...................................................................................................................................................................14

IP Addresses and SNMP Community Names...................................................................................................................................15

Traps............................................................................................................................................................................................................16

MIBs............................................................................................................................................................................................................17

SNMP..........................................................................................................................................................................................................17

Packet Forwarding....................................................................................................................................................................................18

MAC Address Aging Time......................................................................................................................................................................18

Filtering......................................................................................................................................................................................................18

IP Addressing and Subnetting...............................................................................................................................................................19

802.1Q VLANs .........................................................................................................................................................................................23

Spanning Tree Protocol............................................................................................................................................................................28

Internet Protocols......................................................................................................................................................................................34

The Domain Name System.....................................................................................................................................................................42

DHCP Servers............................................................................................................................................................................................42

Routing........................................................................................................................................................................................................42

ARP..............................................................................................................................................................................................................43

Multicasting...............................................................................................................................................................................................43

Internet Group Management Protocol (IGMP)...................................................................................................................................45

Multicast Routing Algorithms...............................................................................................................................................................46

Multicast Routing Protocols...................................................................................................................................................................48

Routing Protocols......................................................................................................................................................................................48

Configuring the Switch Using the Console Interface...............................................................................................................................54

Before You Start...........................................................................................................................................................................................54

General Deployment Strategy................................................................................................................................................................54

VLAN Layout ............................................................................................................................................................................................55

Assigning IP Network Addresses and Subnet Masks to VLANs..................................................................................................55

Defining Static Routes.............................................................................................................................................................................55

Connecting to the Switch............................................................................................................................................................................56

Console Usage Conventions ...................................................................................................................................................................56

Setup User Accounts...................................................................................................................................................................................58

User Accounts Management ..................................................................................................................................................................59

Save Changes................................................................................................................................................................................................60

Reboot.............................................................................................................................................................................................................62

Logging Onto The Switch Console............................................................................................................................................................63

Updating or Deleting User Accounts....................................................................................................................................................63

Viewing Current User Accounts............................................................................................................................................................64

Deleting a User Account..........................................................................................................................................................................65

Setting Up The Switch................................................................................................................................................................................65

Basic Setup................................................................................................................................................................................................65

Switch Information...................................................................................................................................................................................66

IP Setup.......................................................................................................................................................................................................67

Remote Management Setup...................................................................................................................................................................69

Configure Ports..........................................................................................................................................................................................70

Serial Port Settings..................................................................................................................................................................................71

Switch Operation Mode..............................................................................................................................................................................72

Changing the Switch Operation Mode.................................................................................................................................................72

Layer 2 Switch Settings ..........................................................................................................................................................................75

Layer 3 Switch Mode - Setup RIP .........................................................................................................................................................76

Advanced Setup............................................................................................................................................................................................78

Configuring VLANs..................................................................................................................................................................................78

VLANs by Switch Operating Mode – Layer 2 Only and IP Routing..............................................................................................78

Setting Up IP Interfaces.............................................................................................................................................................................85

Layer 2 Multicast Setup.........................................................................................................................................................................88

IGMP Snooping Settings – by VLAN...................................................................................................................................................88

IEEE 802.1Q Multicast Forwarding.....................................................................................................................................................90

Static Router Port.....................................................................................................................................................................................91

Layer 3 Multicasting................................................................................................................................................................................92

Mirroring.....................................................................................................................................................................................................100

Priority .........................................................................................................................................................................................................102

Layer 2 Filtering....................................................................................................................................................................................103

Layer 3 (IP Routing) Filtering.............................................................................................................................................................104

Forwarding..................................................................................................................................................................................................107

Layer 2 Forwarding...............................................................................................................................................................................107

IP Routing Forwarding..........................................................................................................................................................................108

MAC Address Forwarding...................................................................................................................................................................108

Spanning Tree............................................................................................................................................................................................111

Switch Spanning Tree Settings ..........................................................................................................................................................111

Port Group Spanning Tree Settings...................................................................................................................................................113

Port Trunking.............................................................................................................................................................................................114

Switch Utilities.........................................................................................................................................................................................116

Layer 2 Switch Utilities.......................................................................................................................................................................116

Upgrade Firmware from TFTP Server..............................................................................................................................................116

Download Configuration File from TFTP Server............................................................................................................................117

Upload Configuration File to TFTP Server......................................................................................................................................118

Save Log to TFTP Server......................................................................................................................................................................119

Ping...........................................................................................................................................................................................................120

Layer 3 Utilities.....................................................................................................................................................................................120

BOOTP/DHCP Relay .............................................................................................................................................................................120

DNS Relay...............................................................................................................................................................................................122

Network Monitoring.................................................................................................................................................................................124

Layer 2 Network Monitoring...............................................................................................................................................................124

Port Utilization......................................................................................................................................................................................125

Port Error Packets.................................................................................................................................................................................126

Port Packet Analysis Table................................................................................................................................................................. 126

MAC Address Forwarding Table.......................................................................................................................................................127

IGMP Snooping.......................................................................................................................................................................................128

Switch History........................................................................................................................................................................................129

Layer 3 Network Monitoring...............................................................................................................................................................130

Browse IP Address.................................................................................................................................................................................130

IP Routing Table....................................................................................................................................................................................131

ARP Table...............................................................................................................................................................................................132

Browse Router Port ...............................................................................................................................................................................133

IP Multicast Forwarding Table..........................................................................................................................................................134

IGMP Group Table.................................................................................................................................................................................135

DVMRP Routing Table........................................................................................................................................................................136

Reboot and Factory Reset.......................................................................................................................................................................137

Web-Based Network Management...........................................................................................................................................................140

General Deployment Strategy.............................................................................................................................................................140

Assigning IP Network Addresses and Subnet Masks to VLANs...............................................................................................141

Defining Static Routes..........................................................................................................................................................................141

Getting Started..........................................................................................................................................................................................142

Configuring the Switch.............................................................................................................................................................................142

User Accounts Management ...............................................................................................................................................................142

Saving Changes......................................................................................................................................................................................144

Factory Reset..........................................................................................................................................................................................144

Using Web-Based Management............................................................................................................................................................145

Configuration.............................................................................................................................................................................................148

Switch IP Setup......................................................................................................................................................................................153

Switch Information................................................................................................................................................................................153

Power Supply & Cooling Fan Status.................................................................................................................................................154

Switch Settings ......................................................................................................................................................................................156

Configure Layer 3 - IP Networking.....................................................................................................................................................157

VLANs .....................................................................................................................................................................................................160

Priority.....................................................................................................................................................................................................169

Spanning Tree Protocol.........................................................................................................................................................................172

BOOTP/DHCP Relay .............................................................................................................................................................................182

Remote Management Setup...................................................................................................................................................................185

Management Station IP Settings ......................................................................................................................................................185

SNMP Community Settings ...............................................................................................................................................................186

Setup Trap Receivers............................................................................................................................................................................187

Setup User Accounts.............................................................................................................................................................................187

Serial Port Settings...............................................................................................................................................................................189

Network Monitoring.................................................................................................................................................................................190

Statistics ................................................................................................................................................................................................. 190

Address Table.........................................................................................................................................................................................194

Applications............................................................................................................................................................................................198

Maintenance...............................................................................................................................................................................................202

Upgrade Firmware from TFTP Server..............................................................................................................................................203

Download Configuration File from TFTP Server............................................................................................................................203

Upload Configuration File to TFTP Server......................................................................................................................................203

Save Log to TFTP Server......................................................................................................................................................................204

Save Ch anges..........................................................................................................................................................................................204

Restart System......................................................................................................................................................................................206

Technical Specifications..............................................................................................................................................................................207

RJ-45 Pin Specification...............................................................................................................................................................................210

Runtime Switching Software Default Settings......................................................................................................................................211

Understanding and Troubleshooting the Spanning Tree Protocol.....................................................................................................212

Blocking State........................................................................................................................................................................................212

Listening State.......................................................................................................................................................................................213

Learning State........................................................................................................................................................................................214

Forwarding State...................................................................................................................................................................................214

Disabled State........................................................................................................................................................................................215

Troubleshooting STP................................................................................................................................................................................216

Spanning Tree Protocol Failure..........................................................................................................................................................216

Full/Half Duplex Mismatch................................................................................................................................................................. 217

Unidirectional Link...............................................................................................................................................................................218

Packet Corruption..................................................................................................................................................................................218

Resource Errors ......................................................................................................................................................................................218

Identifying a Data Loop........................................................................................................................................................................219

Avoiding Trouble....................................................................................................................................................................................219

Brief Review of Bitwise Logical Operations ...........................................................................................................................................223

Index.................................................................................................................................................................................................................224

8-port Gigabit Ethernet Switch User’s Guide

A BOUT THIS GUIDE

This User’s guide tells you how to install your DGS -3308, how to connect it to your Ethernet network, and how to set its configuration using either the built-in console interface or Web-based management.

Overview of this User’s Guide

• Chapter 1, “Introduction.” Describes the Switch and its features.

• Chapter 2, “Unpacking and Setup.” Helps you get started with the basic installation of the Switch.

• Chapter 3, “Identifying External Components.” Describes the front panel, rear panel, and LED indicators of the

Switch.

• Chapter 4, “Connecting the Switch.” Tells how you can connect the Switch to your Ethernet network.

• Chapter 5, “Switch Management and Operating Concepts.” Talks about Local Console Management via the

RS-232 DCE console port and other aspects about how to manage the Switch.

• Chapter 6, “Using the Console Interface.” Tells how to use the built-in console interface to change, set, and monitor Switch performance and security.

• Chapter 7, “Web-Based Network Management.” Tells how to manage the Switch through an Internet browser.

• Appendix A, “Technical Specifications.” Lists the technic al specifications of the DGS-3308TG and DGS-3308FG.

• Appendix B, “RJ-45 Pin Specifications.” Shows the details and pin assignments for the RJ-45

receptacle/connector.

• Appendix C, “Factory Default Settings.”

• Appendix D, “Understanding and Troubleshooting the Spanning Tree Protocol.”

• Appendix E, “Brief Review of Bitwise Logical Operations.”

8-port Gigabit Ethernet Switch User’s Guide

INTRODUCTION

This section describes the Layer 3 functionality and Layer 2 and Layer 3 features of the DGS-3308 Series switches. Some background information about Ethernet/Fast Ethernet, Gigabit Ethernet, and switching technology is presented. This is intended for readers who may not be familiar with the concepts of layered switching and routing but is not intended to be a complete or in -depth discussion.

For a more detailed discussion of the functionality of the DGS-3308, please see Chapter 5, “Switch Management and

Operating Concepts.”

Layer 3 Switching

Layer 3 switching is the integration of two proven technologies: switching and routing. In fact, Layer 3 switches are running the same routing routines and protocols as traditional routers. The main difference between traditional routing and Layer 3 switching is the addition of a group of Layer 2 switching domains and the execution of routing routines for most packets via an ASIC – in hardware instead of software.

Where a traditional router would have one, or at best a few, Fast Ethernet ports, the DGS-3308 Layer 3 switch has eight Gigabit Ethernet ports, including two which are GBIC-based. Where a traditional router would have one or two high-speed serial WAN connections, the DGS-3308 relies upon Gigabit Ethernet ports to connect to a separate device, which in turn, connects the network to a WAN or the Internet.

The DGS-3308 can be thought of as Fast Ethernet Layer 2 switching domains with a wire-speed router between each domain. It can be deployed in a network between a traditional router and the intranetwork. The traditional router and its associated WAN interface would then handle routing between the intranetwork and th e WAN (the Internet, for example) while the Layer 3 switch would handle routing within the LAN (between the Fast Ethernet Layer 2 domains). Any installed Layer 2 switches, and indeed the entire subnetting scheme, would remain in place.

The DGS-3308FG can also replace key traditional routers for data centers and server farms, routing between these locations and the rest of the network, and providing eight ports of Layer 2 switching performance combined with wire-speed routing.

Backbone routers can also be replaced with DGS-3208FG and DGS-3208TG switches and a series of DGS-3308 switches could be linked via the Gigabit Ethernet ports. Routers that service WAN connections would remain in place, but would now be removed from the backbone and connected to the DGS-3308 via a Gigabit Ethernet port. The backbone itself could be migrated to Gigabit Ethernet, or faster technologies as they become available.

Policy services can then be introduced (or enhanced) in the backbone infrastructure and maintained throughout the network – even to the desktop. With a distributed infrastructure and a logical management structure, network performance becomes easier to measure and fine-tune.

With the completion of the migration of the backbone to Gigabit or higher-performance technologies, the result is inherently scalable and easily evolved for future technologies. This core network will also become the termination point for Virtual Private Networks (VPNs) for remote office access to the enterprise infrastructure.

The DGS-3308 can then be thought of as accomplishing two objectives. First as a tool to provide high-performance access to enterprise data servers and infrastructure, and second, to enhance the performance of network equipment already

8-port Gigabit Ethernet Switch User’s Guide

installed. Many network segments display poor performance, but the Ethernet wire is only carrying a fraction of its total traffic capacity. The problem is not the network, but the ability of the connected devices to utilize the full capacity of the network. The DGS-3308 can eliminate network bottlenecks to high-traffic areas, and improve the utilization of the network’s installed bandwidth.

The Functions of a Layer 3 Switch

Traditional routers, once the core components of large networks, became an obstacle to the migration toward nextgeneration networks. Attempts to make software-based routers forward packets more quickly were inadequate.

A layer 3 switch does everything to a packet that a traditional router does:

• Determines forwarding path based on Layer 3 information

• Validates the integrity of the Layer 3 header via checksum

• Verifies packet expiration and updates accordingly

• Processes and responds to any optional information

• Updates forwarding statistics in the Management Information Base

• Applies security controls

A Layer 3 switch can be placed anywhere within a network core or backbone, easily and cost-effectively replacing the traditional collapsed backbone router. The DGS-3308 Layer 3 switch communicates with a WAN router using a standard Gigabit Ethernet or GBIC-based port. Multiple DGS-3308 switches can be linked via the Gigabit Ethernet ports.

Features

The DGS -3308 was designed for easy installation and high performance in an environment where traffic on the network and the number of users increase continuously.

Switch features include:

Ports

• Six 1000BASE-SX (SC-type fiber transceiver) for the DGS-3308FG or six 1000BASE-T (10/100/1000M Fast/Gigabit Ethernet) for the DGS-3308TG.

• Two GBIC-based Gigabit Ethernet ports.

• Fully compliant with IEEE 802.3z.

• Fully compliant with IEEE 802.3 10BASE -T, IEEE 802.3u 100BASE-TX, and IEEE 802.3ab 1000BASE-T (DGS-

3308TG only).

• Support Full Duplex operations.

• Supports auto-negotiation for 10M/100M/1000M speed (DGS-3308TG only).

• IEEE 802.3x compliant Flow Control support for full duplex.

• Supports Head of Line Blocking.

8-port Gigabit Ethernet Switch User’s Guide

• Per device packet buffer: 512Kbytes.

• RS-232 DCE Diagnostic port (console port) for setting up and managing the Switch via a connection to a console

terminal or PC using a terminal emulation program.

Performance Features

Layer 2 Switching Features

• 16 Gbps switching fabric capacity

• Wire speed packet forwarding rate per system.

• Store and forward switching scheme.

• Support 8K MAC address.

• Support Broadcast Storm control function.

• Support Port Mirroring.

• Port Trunking support for Gigabit Ethernet ports.

• 802.1D Spanning Tree support.

• 802.1Q Tagged VLAN support, including GVRP (GARP VLAN Registration Protocol) support for automatic VLAN

configuration distribution.

• 802.1p priority support (4 priority queues).

• Support IGMP Snooping.

Layer 3 Switching Features

• Wire speed IP forwarding.

• Hardware-based Layer 3 IP switching.

• IP packet forwarding rate up to 12 Mpps.

• 2K active IP address entry table per device.

• Supports RIP – (Routing Information Protocol) versions I and II.

• Support OSPF routing protocol.

• Supports IP version 4.

• IGMP version 1 and 2 support (RFC 1112 and RFC 2236).

• Supports PIM Dense Mode (draft-ietf-pim-v2-dm-03.txt).

• Supports DVMRP (draft-ietf-idmr-dvmrp-v3-09.txt).

• Supports IP multi-netting.

8-port Gigabit Ethernet Switch User’s Guide

• Supports IP packet de-fragmentation.

• Supports Path MTU discovery.

• Supports 802.1D frame support.

Traffic Classification and Prioritization

• Based on 802.1p priority bits.

• Based on MAC address.

• 4 priority qu eues.

Management

• RS-232 console port for out-of-band network management and system diagnosis via a console terminal or PC.

• Spanning Tree Algorithm Protocol for creation of alternative backup paths and prevention of network loops.

• SNMP v.1 Agent.

• Telnet remote control console.

• In-band control and configuration via SNMP based software.

• Flash memory for software upgrades. This can be done in -band via TFTP.

• Built-in SNMP management:

§ RFC 1213 MIB II.

§ RFC 1493 Bridge MIB.

§ RFC 1757 Four groups of RMON: Statistics, History, Alarm, and Event.

§ RFC 1724 RIP v2 MIB.

§ RFC 2737 Entity MIB.

§ RFC 2674 P-Bridge MIB.

§ RFC 2233 IF MIB.

§ RFC 2096 IP Forward MIB.

§ RFC 1907 SNMPv2 MIB

§ IGMP IGMP-STD MIB.

§ PIM MIB. This was extracted from draft-ief-idmr-pim-mib-03.txt.

§ DVMRP MIB. This was extracted from draft-thaler-dvmrp-mib-04.txt.

§ IPMROUTE MIB. This was extracted from draft-ietf-idmr-multicast-routmib-05.txt.

• Supports Web-based management.

• TFTP support.

8-port Gigabit Ethernet Switch User’s Guide

• BOOTP support.

• IP filtering on the management interface.

• DHCP Client support.

• DHCP Relay Agent.

• Password enabled.

Optional Redundant Power Supply

The DGS-3308 supports the optional DPS-1000 (Redundant Power Supply) to provide automatic power supply monitoring and switchover to a redundant power supply (located in the chassis of the DPS-1000) in case of a failure in the Switch’s internal power supply.

Fast Ethernet Technology

100Mbps Fast Ethernet (or 100BASE -T) is a standard specified by the IEEE 802.3 LAN committee. It is an extension of the 10Mbps Ethernet standard with the ability to transmit and receive data at 100Mbps, while maintaining the Carrier Sense Multiple Access with Collision Detection (CSMA/CD) Ethernet protocol.

Gigabit Ethernet Technology

Gigabit Ethernet is an extension of IEEE 802.3 Ethernet utilizing the same packet structure, format, and support for CSMA/CD protocol, full duplex, flow control, and management objects, but with a tenfold increase in theoretical throughput over 100Mbps Fast Ethernet and a one hundred-fold increase over 10Mbps Ethernet. Since it is compatible with all 10Mbps and 100Mbps Ethernet environments, Gigabit Ethernet provides a straightforward upgrade without wasting a company’s existing investment in hardware, software, and trained personnel.

Gigabit Ethernet enables fast optical fiber connections and Unshielded Twisted Pair connections to support video conferencing, complex imaging, and similar data-intensive applications. Likewise, since data transfers occur 10 times faster than Fast Ethernet, servers outfitted with Gigabit Ethernet NIC’s are able to perform 10 times the number of operations in the same amount of time.

8-port Gigabit Ethernet Switch User’s Guide

U NPACKING AND SETUP

This chapter provides unpacking and setup information for the Switch.

Unpacking

Open the shipping carton of the Switch and carefully unpack its contents. The carton should contain the following items:

• One DGS-3308TG or DGS-3308FG 8-port Gigabit Ethernet Layer 3 Switch

• Mounting kit: 2 mounting brackets and screws

• Four rubber feet with adhesive backing

• One AC power cord

• One Installation Guide

• This User’s Guide on CD-ROM

If any item is found missing or damaged, please contact your local D -Link reseller for replacement.

Installation

Use the following guidelines when choosing a place to install the Switch:

• The surface must support at least 3 kg.

• The power outlet should be within 1.82 meters (6 feet) of the device.

• Visually inspect the power cord and see that it is secured to the AC power connector.

• Make sure that there is proper heat dissipation from and adequate ventilation around the switch. Do not place

heavy objects on the switch.

Desktop or Shelf Installation

When installing the Switch on a desktop or shelf, the rubber feet included with the device should first be attached. Attach these cushioning feet on the bottom at each corner of the device. Allow adequate space for ventilation between the device and the objects around it.

8-port Gigabit Ethernet Switch User’s Guide

Figure 2-1. Installing rubber feet for desktop installation

Rack Installation

The DGS -3308 can be mounted in an EIA standard-sized, 19-inch rack, which can be placed in a wiring closet with other equipment. To install, attach the mounting brackets on the Switch’s side panels (one on each side) and secure them with the screws provided.

Figure 2- 2A. Atta ching the mounting brackets to the Switch

Then, use the screws provided with the equipment rack to mount the switch on the rack.

8-port Gigabit Ethernet Switch User’s Guide

Figure 2-2B. Installing the Switch on an equipment rack

Power on

The DGS -3308 can be used with AC power supply 100 - 240 VAC, 50 - 60 Hz. The Switch’s power supply will adjust to the local power source automatically and may be powered on without having any or all LAN segment cables connected.

After the Switch is plugged in, the LED indicators should respond as follows:

• All LE D indicators will momentarily blink. This blinking of the LED indicators represents a reset of the system.

• The Power LED indicator will blink while the Switch loads onboard software and performs a self-test. After

approximately 20 seconds, the LED will light again to indicate the switch is in a ready state.

• The Console LED indicator will remain ON if there is a connection at the RS-232 port, otherwise this LED indicator is OFF.

Power Failure

As a precaution in the event of a power failure, unplug the switc h. When power is resumed, plug the Switch back in.

8-port Gigabit Ethernet Switch User’s Guide

IDENTIFYING E XTERNAL COMPONENTS

This chapter describes the front panel, rear panel, and LED indicators of the DGS-3308.

Front Panel

The front panel of the Switch consists of LED indicators, an RS-232 communication port, two GBIC-based Gigabit Ethernet ports, and either six 1000BASE -SX ports (DGS-3308FG) or six 1000BASE-T ports (DGS-3308-TG).

Figure 3-1a. Front panel view of the DGS-3308FG

Figure 3-1b. Front panel view of the DGS-3308TG

• Comprehensive LED indicators display the status of the Switch and the network (see the LED Indicators section below).

• An RS-232 DCE console port for setting up and managing the switch via a connection to a console terminal or PC using a terminal emulation program.

• Six Gigabit Ethernet ports (1000BASE -SX for DGS-3308FG and 1000BASE-T for DGS-3308TG).

• Two GBIC-based Gigabit Ethernet ports.

Rear Panel

The rear panel of the switch consists of a slot for the optional DPS-1000 (Redundant Power Supply) and an AC power connector.

Figure 3-2. Rear panel view of the Switch

8-port Gigabit Ethernet Switch User’s Guide

• The AC power connector is a standard three-pronged connector that supports the power cord. Plug-in the female connector of the provided power cord into this socket, and the male side of the cord into a power outlet. Supported input voltages range from 100 ~ 240 VAC at 50 ~ 60 Hz.

Side Panels

The right side panel of the Switch contains two system fans (see the top part of the diagram below). The left side panel contains heat vents.

Figure 3-3. Side panel views of the Switch

• The system fans are used to dissipate heat. The sides of the system also provide heat vents to serve the same purpose. Do not block these openings, and leave at least 6 inches of space at the rear and sides of the switch for proper ventilation. Be reminded that without proper heat dissipation and air circulation, system components might overheat, which could lead to system failure.

LED Indicators

The LED indicators of the Switch include Power, Console, Link/Act, and RPS In Use. The following shows the LED indicators for the Switch along with an explanation of each indicator.

• Power – This indicator on the front panel should be lit during the Power-On Self Test (POST). It will light green approximately 2 seconds after the Switch is powered on to indicate the ready state of the device.

• Console – This indicator is lit green when the Switch is being managed via out-of-band/local console management through the RS-232 console port using a straight-through serial cable.

• Link/Act – These indicators are located to the left and right of each port. They are lit when there is a secure connection (or link) to a device at any of the ports. The LEDs blink whenever there is reception or transmission (i.e. Activity--Act) of data occurring at a port.

• RPS in Use – This indicator is lit when the optional DPS-1000 Redundant Power Supply is being used.

8-port Gigabit Ethernet Switch User’s Guide

C ONNECTING THE SWITCH

This chapter describes how to connect the DGS-3308FG/DGS-3308TG to your Gigabit Ethernet network.

PC to Switch

A PC can be connected to the Switch via a four-pair Category 5 cable or a fiber optic cable. The PC should be connected to any of the eight ports of the DGS-3308FG/DGS-3308TG.

Figure 4-1. Switch connected to a PC or Workstation

The LED indicators for PC connection are dependent on the LAN card capabilities. If LED indicators are not illuminated after making a proper connection, check the PC’s LAN card, the cable, Switch conditions, and connections.

The following LED indicator state is possible for a PC to Switch connection:

• The Link/Act LED indicator lights up upon hooking up a PC that is powered on.

Switch to Switch (other devices)

The Switch can be connected to another switch or other devices (routers, bridges, etc.) via a fiber optic cable.

8-port Gigabit Ethernet Switch User’s Guide

Figure 4-2. Switch to switch connection

8-port Gigabit Ethernet Switch User’s Guide

S WITCH MANAGEMENT AND OPERATING

C ONCEPTS

This chapter discusses many of the concepts and features used to manage the switch, as well as the concepts necessary for the user to understand the functionin g of the Switch. Further, this chapter explains many important points regarding these features.

Configuring the Switch to implement these concepts and make use of its many features is discussed in detail in the next chapters.

Some concepts are presented that are not currently implemented on the Switch. They are included to give a user who is unfamiliar with the concepts a brief overview of IP routing that is more complete – aid in the incorporation of the DGS3308 in existing IP routed networks.

Local Console Management

A local console is a terminal or a workstation running a terminal emulation program that is connected directly to the switch via the RS-232 console port on the front of the switch. A console connection is referred to as an ‘Out -of-Band’ connection, meaning that console is connected to the switch using a different circuit than that used for normal network communications. So, the console can be used to set up and manage the switch even if the network is down.

Local console management uses the terminal connection to operate the console program built-in to the Switch (see Chapter 6, “Using the Console Interface”). A network administrator can manage, control and monitor the switch from the console program.

The DGS -3308 contains a CPU, memory for data storage, flash memory for configuration data, operational programs, and SNMP agent firmware. These components allow the Switch to be actively managed and monitored from either the console port or the network itself (out-of-band, or in -band).

Diagnostic (console) port (RS-232 DCE)

Out-of-band management requires connecting a terminal, such as a VT -100 or a PC running a terminal emulation program (such as HyperTerminal, which is automatically installed with Microsoft Windows) a to the RS-232 DCE console port of the Switch. Switch management using the RS-232 DCE console port is called Local Console Management to differentiate it from management performed via management platforms, such as D -View, HP OpenView, etc. Web-based Management describes management of the Switch performed over the network (in-band) using the switch’s built-in Web-based management program (see Chapter 7, “Web-based Network Management”). The operations to be performed and the facilities provided by these two built-in programs are identical.

The console port is set at the factory for the following configuration:

• Baud rate: 9,600

8-port Gigabit Ethernet Switch User’s Guide

• Data width: 8 bits

• Parity: none

• Stop bits: 1

• Flow Control None

Make sure the terminal or PC you are using to make this connection is configured to match these settings. If you are having problems making this connection on a PC, make sure the emulation is set to VT -100. If you still don’t

see anything, try hitting <Ctrl> + r to refresh the screen.

IP Addresses and SNMP Community Names

Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch’s default IP address is 10.90.90.90. You can change the default Switch IP Address to meet the specification of your networking address scheme.

The Switch is also assigned a unique MAC address by the factory. This MAC address cannot be changed, and can be found from the initial boot console screen – shown below.

Figure 5-1. Boot screen

The Switch’s MAC address can also be found from the console program under the Switch Information menu item, as shown below.

8-port Gigabit Ethernet Switch User’s Guide

Figure 5-2. Switch Information screen

In addition, you can also set an IP Address for a gateway router. This becomes necessary when the network management station is located on a different IP network from the Switch, making it necessary for management packets to go through a router to reach the network manager, and vice-versa.

For security, you can set in the Switch a list of IP Addresses of the network managers that you allow to manage the Switch. You ca n also change the default SNMP Community Strings in the Switch and set the access rights of these Community Strings. In addition, a VLAN may be designated as a Management VLAN.

Traps

Note: Traps are messages that alert you of events that occur on the Switch. The events can be as

serious as a reboot (someone accidentally turned OFF the Switch), or less serious like a port status change. The Switch generates traps and sends them to the network manager (trap recipient).

Trap recipients are special users of the network who are given certain rights and access in overseeing the maintenance of the network. Trap recipients will receive traps sent from the Switch; they must immediately take certain actions to avoid future failure or breakdown of the network.

You can also specify which network managers may receive traps from the Switch by entering a list of the IP addresses of authorized network managers. Up to four trap recipient IP addresses, and four corresponding SNMP community strings can be entered.

Note: SNMP community strings function like passwords in that the community string entered for a

given IP address must be used in the management station software, or a trap will be sent.

The following are trap types the Switch can send to a trap recipient:

8-port Gigabit Ethernet Switch User’s Guide

• Cold Start – This trap signifies that the Switch has been powered up and initialized such that software settings are reconfigured and hardware systems are rebooted. A cold start is different from a factory reset in that configuration settings saved to non-volatile RAM used to reconfigure the switch.

• Warm Start – This trap signifies that the Switch has been rebooted, however the POST (Power On Self-Test) is skipped.

• Authentication Failure – This trap signifies that someone has tried to logon to the switch using an invalid SNMP community string. The Switch automatically stores the source IP address of the unauthorized user.

• New Root – This trap indicates that the Switch has become the new root of the Spanning Tree, the trap is sent by the switch soon after its election as the new root. This implies that upon expiration of the Topology Change Timer the new root trap is sent out immediately after the Switch’s election as the new root.

• Topology Change (STP) – A Topology Change trap is sent by the Switch when any of its configured ports transitions from the Lear ning state to the Forwarding state, or from the Forwarding state to the Blocking state. The trap is not sent if a new root trap is sent for the same transition.

• New Root (STP) – A New Root trap is sent be the switch whenever a new root port is elected with in an STP group.

• Link Up – This trap is sent whenever the link of a port changes from link down to link up.

• Link Down – This trap is sent whenever the link of a port changes from link up to link down.

MIBs

Management and counter information are stored in the Switch in the Management Information Base (MIB). The Switch uses the standard MIB -II Management Information Base module. Consequently, values for MIB objects can be retrieved from any SNMP-based network management software. In addition to the standard MIB -II, the Switch also supports its own proprietary enterprise MIB as an extended Management Information Base. These MIBs may also be retrieved by specifying the MIB’s Object-Identity (OID) at the network manager. MIB values can be either read-only or read-write.

Read-only MIBs variables can be either constants that are programmed into the Switch, or variables that change while the Switch is in operation. Examples of read-only constants are the number of port and type of ports. Examples of read-only variables are the statistics counters such as the number of errors that have occurred, or how many kilobytes of data have been received and forwarded through a port.

Read-write MIBs are variables usually related to user-customized configurations. Examples of these are the Switch’s IP Address, Spanning Tree Algorithm parameters, and port status.

If you use a third-party vendors’ SNMP software to manage the Switch, a diskette listing the Switch’s propriety enterprise MIBs can be obtained by request. If your software provides functions to browse or modify MIBs, you can also get the MIB values and change them (if the MIBs’ attributes permit the write operation). This process however can be quite involved, since you must know the MIB OIDs and retrieve them one by one.

SNMP

Simple Network Management Protocol (SNMP) is an OSI layer 7 (the application layer) protocol for remotely monitoring and configuring network devices. SNMP enables network management stations to read and modify the settings of gateways, routers, switches, and other network devices. SNMP ca n be used to perform many of the same functions as a directly connected console, or can be used within an integrated network management software package such as DView.

The Switch has a software program called an ‘agent’ that processes SNMP requests, but the user program that makes the requests and collects the responses runs on a management station (a designated computer on the network). The SNMP agent and the user program both use the UDP/IP protocol to exchange packets.

8-port Gigabit Ethernet Switch User’s Guide

Authentication

The authentication protocol ensures that both the router SNMP agent and the remote user SNMP application program discard packets from unauthorized users. Authentication is accomplished using ‘community strings’, which function like passwords. The remote user SNMP application and the router SNMP must use the same community string. SNMP community strings of up to 20 characters may be entered under the Remote Management Setup menu of the console program.

Packet Forwarding

The Switch enters the relationship between destination MAC or IP addresses and the Ethernet port or gateway router the destination resides on into its forwarding table. This information is then used to forward packets. This reduces the traffic congestion on the network, because packets, instead of being transmitted to all ports, are transmitted to the destination port only. Example: if Port 1 receives a packet destined for a station on Port 2, the Switch transmits that packet through Port 2 only, and transmits nothing through the other ports. This process is referred to as ‘learning’ the network topology.

MAC Address Aging Time

The Aging Time affects the learning process of the Switch. Dynamic forwarding table entries, which are made up of the source and destination MAC addresses and their associated port numbers, are deleted from the table if they are not accessed within the aging time.

The aging time can be from 10 to 1,000,000 seconds with a default value of 300 seconds. A very long aging time can result in dynamic forwarding table entries that are out -of-date or no longer exist. This may cause incorrect packet forwarding decisions by the Switch.

If the Aging Time is too short however, many entries may be aged out too soon. This will result in a high percentage of received packets whose source addresses cannot be found in the forwarding table, in which case the switch will broadcast the packet to all ports, negating many of the benefits of having a switch.

Static forwarding entries are not affected by the aging time.

Filtering

The Switch uses a filtering database to segment the network and control communication between segments. It can also filter packets off the network for intrusion control. Static filtering entries can be made by MAC Address or IP Address filtering.

Each port on the Switch is a unique collision domain and the switch filters (discards) packets whose destination lies on the same port as where it originated. his keeps local packets from disrupting communications on other parts of the network.

For intrusion control, whenever a switch encounters a packet originating from or destined to a MAC address or an IP Address entered into the filter table, the switch will discard the packet.

Some filtering is done automatically by the switch:

• Dynamic filtering – automatic learning and aging of MAC addresses and their location on the network. Filtering occurs to keep local traffic confined to its segment.

• Filtering done by the Spanning Tree Protocol, which can filter packets based on topology, making sure that signal loops don’t occur.

• Filtering done for VLAN integrity. Packets from a member of a VLAN (VLAN 2, for example) destined for a device on another VLAN (VLAN 3) will be filtered.

8-port Gigabit Ethernet Switch User’s Guide

Some filtering requires the manual entry of information into a filtering table:

• MAC address filtering – the manual entry of specific MAC addresses to be filtered from the network. Packets sent from one manually entered MAC address can be filtered from the network. The entry may be specified as either a source, a destination, or both.

• IP address filtering – the manual entry of specific IP addresses to be filtered from the network (switch must be in IP Routing mode). Packets sent from one manually entered IP address to another can be filtered from the network. The entry may specified as either a source, a destination, or both (switch must be in IP Routing mode).

IP Addressing and Subnetting

This section gives basic information needed to configure your Layer 3 switch for IP routing. The information includes how IP addresses are broken down and how subnetting works. You will learn how to assign each interface on the router an IP address with a unique subnet.

Definitions

• IP Address – the unique number ID assigned to each host or interface on a network. IP addresses have the form xxx.xxx.xxx.xxx.

• Subnet – a portion of a network sharing a particular network address.

• Subnet mask – a 32-bit number used to describe which portion of a Network Address refers to the subnet and

which portion refers to the host. Subnet masks have the form xxx.xxx.xxx.xxx.

• Interface – a network connection

• IP Interface – another name for subnet.

• Network Address – the resulting 32-bit number from a bitwise logical AND operation performed between an

IP address and a subnet mask.

• Subnet Address – another name for network address.

Note: In a subnetted network, all addresses consist of two parts: an IP address and a subnet mask. The two are

used together and one is meaningless without the other.

IP Addresses

The Internet Protocol (IP) was designed for routing data between network sites. Later, it was adapted for routing between networks (referred to as “subnets”) within a site. The IP defines a way of generating an unique number that can be assigned each network in the internet and each of the computers on each of those networks. This number is called the IP address.

IP addresses use a “dotted decimal” notation. Here are some examples of IP addresses written in this format:

1. 210.202.204.205

2. 189.21.241.56

3. 125.87.0.1

This allows IP address to be written in a string of 4 decimal (base 10) numbers. Computers can only understand binary (base 2) numbers, and these binary numbers are usually grouped together in bytes, or eight bits. (A bit is a binary digit – either a “1” or a “0”). The dots (periods) simply make the IP address easier to read. A computer sees an IP address not as four decimal numbers, but as a long string of binary digits (32 binary digits or 32 bits, IP addresses are 32-bit addresses).

The three IP addresses in the example above, written in binary form are:

1. 11010010.11001010.11001100.11001101

2. 10111101.00010101.11110001.00111000

3. 01111101.01010111.00000000.00000001

The dots are included to make the numbers easier to read.

8-port Gigabit Ethernet Switch User’s Guide

Eight binary bits are called a ‘byte’ or an ‘octet’. An octet can represent any decimal value between ‘0’ (00000000) and ‘255’ (11111111). IP addresses, represented in decimal form, are four numbers whose value is between ‘0’ to ‘255’. The total range of IP addresses are then:

Lowest possible IP address - 0.0.0.0 Highest possible IP address - 255.255.255.255

To convert decimal numbers to 8-bit binary numbers (and vice-versa), you can use the following chart:

Binary Octet Digit 27 26 25 24 23 22 21 2

Decimal Equivalent 128 64 32 16 8 4 2 1

Binary Number

1 1 1 1 1 1 1 1

128+64+32+16+8+4+2+1=

255

Table 5-1. Binary to Decimal Conversion

Each digit in an 8-bit binary number (an octet) represents a power of two. The left-most digit represents 2 raised to the 7th power (2x2x2x2x2x2x2=128) while the right -most digit represents 2 raised to the 0th power (any number raised to the 0th power is equal to one, by definition).

IP addresses actually consist of two parts, one identifying the network and one identifying the destination (node) within the network. The IP address discussed above is one part and a second number called the Subnet mask is the other part. To make this a bit more confusing, the subnet mask has the same numerical form as and IP address.

Address Classes

Address classes refer to the range of numbers in the subnet mask. Grouping the subnet masks into classes makes the task of dividing a network into subnets a bit easier.

There are 5 address classes. The first 4 bits in the IP address determine which class the IP address falls in.

• Class A addresses begin with 0xxx, or 1 to 126 decimal.

• Class B addresses begin with 10xx, or 128 to 191 decimal.

• Class C addresses begin with 110x, or 192 to 223 decimal.

• Class D addresses begin with 1110, or 224 to 239 decimal.

• Class E addresses begin with 1111, or 240 to 254 decimal.

Addresses beginning with 01111111, or 127 decimal, are reserved. They are used for internal testing on a local machine (called loopback). The address 127.0.0.1 can always be pinged from a local node because it forms a loopback and points back to the same node.

Class D addresses are reserved for multicasting. Class E Addresses are reserved for future use. They are not used for node addresses. The part of the IP address that belongs to the network is the part that is ‘hidden’ by the ‘1’s in the subnet mask. This can

be seen below:

• Class A NETWORK.node.node.node

• Class B NETWORK.NETWORK.node.node

• Class C NETWORK.NETWORK.NETWORK.node

For example, the IP address 10.42.73.210 is a Class A address, so the Network part of the address (called the Network Address) is the first octet (10.x.x.x). The node part of the address is the last three octets (x.42.73.210).

To speci fy the network address for a given IP address, the node part is set to all “0”s. In our example, 10.0.0.0 specifies the network address for 10.42.73.210. When the node part is set to all “1”s, the address specifies a broadcast address. So,

10.255.255.255 is the broadcast address for the network 10.0.0.0.

8-port Gigabit Ethernet Switch User’s Guide

Subnet Masking

A subnet mask can be applied to an IP address to identify the network and the node parts of the address. A bitwise logical AND operation between the IP address and the subnet mask results in the Network Address.

For example:

00001010.00101010.01001001.11010010 10.42.73.210 Class A IP address

11111111.00000000.00000000.00000000 255.0.0.0 Class A Subnet Mask

00001010.00000000.00000000.00000000 10.0.0.0 Network Address The Default subnet masks are:

• Class A – 11111111.00000000.00000000.00000000 255.0.0.0

• Class B – 11111111.11111111.00000000.00000000 255.255.0.0

• Class C – 1111111.11111111.11111111.00000000 255.255.255.0

Additional bits can be added to the default subnet mask for a given Class to further subnet a network. When a bitwise logical AND operation is performed between the subnet mask and the IP address, the result defines the Subnet Address.

Some restrictions apply to subnet addresses. Addresses of all “0”s and all “1”s are reserved for the local network (when a host does not know its network address) and for all hosts on the network (the broadcast address). This also applies to subnets. A subnet address cannot be all “0”s or all “1”s. A 1-bit subnet mask is also not allowed.

Calculating the Number of Subnets and Nodes

To calculate the number of subnets and nodes, use the formula (2n – 2) where n = the number of bits in either the subnet mask or the node portion of the IP address. Multiplying the number of subnets by the number of nodes available per subnet gives the total number of nodes for the entire network.

Example

00001010.00101010.01001001.11010010 10.42.73.210 Class A IP address

11111111.11100000.00000000.00000000 255.224.0.0 Subnet Mask

00001010.00100000.00000000.00000000 10.32.0.0 Network Address

00001010.00101010.11111111.11111111 10.32.255.255 Broadcast Address

This example uses an 11-bit subnet mask. (There are 3 additional bits added to the default Class A subnet mask). So the number of subnets is:

23 – 2 = 8 – 2 = 6 Subnets of all “0”s and all “1”s are not allowed, so 2 subnets are subtracted from the total.

The number of bits used in the node part of the address is 24 – 3 = 21 bits, so the total number of nodes is: 221 – 2 = 2,097,152 – 2 = 2,097,150

Multiplying the number of subnets times the number of nodes gives 12,582,900 possible nodes. Note that this is less than the 16,777,214 possible nodes that an unsubnetted class A network would have.

Subnetting reduces the number of possible nodes for a given network, but increases the segmentation of the network.

8-port Gigabit Ethernet Switch User’s Guide

Classless InterDomain Routing – CIDR

Under CIDR, the subnet mask notation is reduced to a simplified shorthand. Instead of specifying all of the bits of the subnet mask, it is simply listed as the number of contiguous “1”s (bits) in the network portion of the address. Look at the subnet mask of the above example in binary - 11111111.11100000.00000000.00000000 – and you can see that there are 11 “1”s or 11 bits used to mask the network address from the node address. Written in CIDR notation this becomes:

10.32.0.0/11

Subnet Mask CID of Bit s

2 255.192.0.0 /10 2 4194302 8388604 3 255.224.0.0 /11 6 2097150 12582900 4 255.240.0.0 /12 14 1048574 14680036 5 255.248.0.0 /13 30 524286 15728580 6 255.252.0.0 /14 62 262142 16252804 7 255.254.0.0 /15 126 131070 16514820 8 255.255.0.0 /16 254 65534 16645636 9 255.255.128.0 /17 510 32766 16710660 10 255.255.192.0 /18 1022 16382 16742404 11 255.255.224.0 /19 2046 8190 16756740 12 255.255.240.0 /20 4094 4094 16760836 13 255.255.248.0 /21 8190 2046 16756740 14 255.255.252.0 /22 16382 1022 16742404 15 255.255.254.0 /23 32766 510 16710660 16 255.255.255.0 /24 65534 254 16645636 17 255.255.255.128 /25 131070 126 16514820 18 255.255.255.192 /26 262142 62 16252804 19 255.255.255.224 /27 525286 30 15728580 20 255.255.255.240 /28 1048574 14 14680036 21 255.255.255.248 /29 2097150 6 12582900 22 255.255.255.252 /30 4194302 2 8388604

Table 5-2. Class A Subnet Masks

R Not atio n

# of Subnets

# of Hosts Total Hosts

# of

Subnet Mask CIDR

Bits

2 255.255.192 /18 2 16382 32764 3 255.255.224.0 /19 6 8190 49140 4 255.255.240.0 /20 14 4094 57316 5 255.255.248.0 /21 30 2046 61380 6 255.255.252.0 /22 62 1022 63364 7 255.255.254.0 /23 126 510 64260 8 255.255.255.0 /24 254 254 64516 9 255.255.255.128 /25 510 126 64260

10 255.255.255.192 /26 1022 62 63364

11 255.255.255.224 /27 2046 30 61380

12 255.255.255.240 /28 4094 14 57316

13 255.255.255.248 /29 8190 6 49140

14 255.255.255.25 /30 16382 2 32764

Notatio n

# of Subnets

# of Hosts

Total Hosts

8-port Gigabit Ethernet Switch User’s Guide

Table 5-3. Class B Subnet Masks

# of

Subnet Mask CIDR Bits 2 255.255.255.192 /26 2 62 124 3 255.255.255.224 /27 6 30 180 4 255.255.255.240 /28 14 14 196 5 255.255.255.248 /29 30 6 180 6 255.255.255.252 /30 62 2 124

Notation

# of Subnets

# of Hosts

Total Hosts

Table 5-4. Class C Subnet Masks

802.1Q VLANs

A VLAN is a collection of end nodes grouped by logic instead of physical location. End nodes that frequently communicate with each other are assigned to the same VLAN, regardless of where they are physically on the network. Logically, a VLAN can be equated to a broadcast domain, because broadcast packets are forwarded to only members of the VLAN on which the broadcast was initiated.

Notes About VLANs

1. No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership, packets cannot cross VLANs without a network device performing a routing function between the VLANs.

2. The DGS-3308 supports only IEEE 802.1Q VLANs. The port untagging function can be used to remove the 802.1 tag from packet headers to maintain compatibility with devices that are tagunaware.

3. The Switch’s default - in both Layer 2 Only mode and IP Routing mode - is to assign all ports to a single 802.1Q VLAN named DEFAULT_VLAN. As new VLANs are created, the member ports assigned to the new VLAN will be removed from the DEFAULT_ VLAN port member list.

4. The DEFAULT_VLAN has a VID = 1. An IP interface called System in the IP interface entry menu also has a VID = 1, and therefore corresponds to the DEFAULT_VLAN.

5. There is no difference in the creation, deletion, configuration, or editing of 802.1Q VLANs whether the Switch is in Layer 2 Only, or IP Routing mode.

6. There is a difference in the behavior of VLANs when the Switch is in Layer 2 Only or IP

Routing mode. In Layer 2 Only mode, network resources cannot be shared across VLANs. In IP Routing mode, network resources are shared via routing. The Switch allows the assignment

of an IP interface to each VLAN, in IP Routing mode. The VLANs must be configured before setting up the IP interfaces. In addition, an IP addressing scheme must be determined. Some consideration is required to arrive at a suitable combination of VLANs and IP interfaces. See the section titled IP Addressing and Subnetting in Chapter 5 for more information.

A VLAN that is not assigned an IP interface will behave as a layer 2 VLAN – and IP routing will not be possible on this VLAN regardless of the Switch’s operating mode.

IEEE 802.1Q VLANs

Some relevant te rms:

• Tagging – The act of putting 802.1Q VLAN information into the header of a packet.

8-port Gigabit Ethernet Switch User’s Guide

• Untagging – The act of stripping 802.1Q VLAN information out of the packet header.

• Ingress port – A port on a sw itch where packets are flowing into the switch and VLAN decisions must be made.

• Egress port – A port on a switch where packets are flowing out of the switch, either to another switch or to an

end station, and tagging decisions must be made.

IEEE 802.1Q (tagged) VLANs are implemented on the Switch. 802.1Q VLANs require tagging, which enables them to span the entire network (assuming all switches on the network are IEEE 802.1Q -compliant). IEEE 802.1Q VLANs also allow for dynamic VLAN registration using GVRP.

VLANs can also provide a level of security to your network. IEEE 802.1Q VLANs will only deliver packets between stations that are members of the VLAN.

Any port can be configured as either tagging or untagging. The untagging feature of IEEE 802.1Q VLANs allow VLANs to work with legacy switches that don’t recognize VLAN tags in packet headers. The tagging feature allows VLANs to span multiple 802.1Q-compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally.

The IEEE 802.1Q standard restricts the forwarding of untagged packets to the VLAN the receiving port is a member of. The main characteristics of IEEE 802.1Q are as follows:

• Assigns packets to VLANs by filtering.

• Assumes the presence of a single global spanning tree.

• Uses an explicit tagging scheme with one-level tag ging.

802.1Q VLAN Packet Forwarding

Packet forwarding decisions are made based upon the following three types of rules:

• Ingress rules – rules relevant to the classification of received frames belonging to a VLAN.

• Forwarding rules between ports – decides filter or forward the packet

• Egress rules – determines if the packet must be sent tagged or untagged.

8-port Gigabit Ethernet Switch User’s Guide

Figure 5-3. IEEE 802.1Q Packet Forwarding

802.1Q VLAN Tags

The figure below shows the 802.1Q VLAN tag. There are four additional octets inserted after the source MAC address. Their presence is indicated by a value of 0x8100 in the EtherType field. When a packet’s EtherType field is equal to 0x8100, the packet carries the IEEE 802.1Q/802.1p tag. The tag is contained in the following two octets and consists of 3 bits or user priority, 1 bit of Canonical Format Identifier (CFI – used for encapsulating Token Ring packets so they can be carried across Ethernet backbones) and 12 bits of VLAN ID (VID). The 3 bits of user priority are used by 802.1p. The VID is the VLAN identifier and is used by the 802.1Q standard.

The tag is inserted into the packet header making the entire packet longer by 4 octets. All of the information contained in the packet originally is retained.

Figure 5-4. IEEE 802.1Q Tag

8-port Gigabit Ethernet Switch User’s Guide

The EtherType and VLAN ID are inserted after the MAC source address, but before the originial EtherType/Length or Logical Link Control. Because the packet is now a bit longer than it was originally, the Cyclic Redundancy Check (CRC) must be recalculated.

Figure 5-5. Adding an IEEE 802.1Q Tag

Port VLAN ID

Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact. This allows 802.1Q VLANs to span network devices (and indeed, the entire network – if all network devices are 802.1Q compliant).

Every physical port on a switch has a PVID. 802.1Q ports are also assigned a PVID, for use within the switch. If no VLANs are defined on the switch, all ports are then assigned to a default VLAN with a PVID equal to 1. Untagged packets are assigned the PVID of the port on which they were received. Forwarding decisions are based upon this PVID, in so far as VLANs are concerned. Tagged packets are forwarded according to the VID contained within the tag. Tagged packets are also assigned a PVID, but the PVID is not used to make packet forwarding decisions, the VID is.

Tag -aware switches must keep a table to relate PVIDs within the switch to VIDs on the network. The switch will compare the VID of a packet to be transmitted to the VID of the port that is to transmit the packet. If the two VIDs are different, the switch will drop the packet. Because of the existence of the PVID for untagged packets and the VID for tagged packets, tag-aware and tag -unaware network devices can coexist on the same network.

A switch port can have only one PVID, but can have as many VIDs as the switch has memory in its VLAN table to store them.

Because some devices on a network may be tag-unaware, a decision must be made at each port on a tag-aware device before packets are transmitted – should the packet to be transmitted have a tag or not? If the transmitting port is connected to a tag-unaware device, the packet should be untagged. If the transmitting port is connected to a tag-aware device, the packet should be tagged.

Tagging and Untagging

Every port on an 802.1Q compliant switch can be configured as tagging or untagging. Ports with tagging enabled will put the VID number, priority and other VLAN information into the header of all packets

that flow into and out of it. If a packet has previously been tagged, the port will not alter the packet, thus keeping the VLAN information intact. The VLAN inf ormation in the tag can then be used by other 802.1Q compliant devices on the network to make packet forwarding decisions.

Ports with untagging enabled will strip the 802.1Q tag from all packets that flow into and out of those ports. If the packet doesn’t have an 802.1Q VLAN tag, the port will not alter the packet. Thus, all packets received by and forwarded by an untagging port will have no 802.1Q VLAN information. (Remember that the PVID is only used internally within the switch). Untagging is used to send packets from an 802.1Q -compliant network device to a non-compliant network device.

8-port Gigabit Ethernet Switch User’s Guide

Ingress Filtering

A port on a switch where packets are flowing into the switch and VLAN decisions must be made is referred to as an ingress port. If ingress filtering is enabled for a port, the switch will examine the VLAN information in the packet header (if present) and decide whether or not to forward the packet.

If the packet is tagged with VLAN information, the ingress port will first determine if the ingress port itself is a member of the tagged VLAN. If it is not, the packet will be dropped. If the ingress port is a member of the 802.1Q VLAN, the switch then determines if the destination port is a member of the 802.1Q VLAN. If it is not, the packet is dropped. If the destination port is a member of the 802.1Q VLAN, the packet is forwarded and the destination port transmits it to its attached network segment.

If the packet is not tagged with VLAN information, the ingress port will tag the packet with its own PVID as a VID (if the port is a tagging port). The switch then determines if the destination port is a member of the same VLAN (has the same VID) as the ingress port. If it does not, the packet is dropped. If it has the same VID, the packet is forwarded and the destination port transmits it on its attached network segment.

This process is referred to as ingress filtering and is used to conserve bandwidth within the switch by dropping packets that are not on the same VLAN as the ingress port at the point of reception. This eliminates the subsequent processing of packets that will just be dropped by the destination port.

Layer 3-Based VLANs

The DGS-3308 allows an IP subnet to be configured for each 802.1Q VLAN that exists on the switch. Even though a switch inspects a packet’s IP address to determine VLAN membership, no route calculation is performed,

the RIP or OSPF protocols are not employed, and packets traversing the switch are bridged using the Spanning Tree algorithm.

A switch that implements layer 3 (or ‘subnet’) VLANs without performing any routing function between these VLANs is referred to as performing ‘IP Switching’.

IP switching does not allow packets to cross VLANs (in this case – IP subnets) without a network device performing a routing function between the VLANs (IP subnets).

The DGS -3308 does not directly support IP switching, however it is possible to do the equivalent by assigning IP subnets to configured VLANs and then disabling the Routing Information Protocol (RIP). This will prevent packets from crossing IP subnets without going through an external router.

VLANs in Layer 2 Only Mode

The switch initially configures one VLAN, VID = 1, called the DEFAULT_VLAN. The factory default setting assigns all ports on the switch to the DEFAULT_VLAN. As new VLANs are configured, there respective member ports are removed from the DEFAULT_VLAN. If the DEFAULT_VLAN is reconfigured, all ports are again assigned to it. Ports that are not desired to be part of the DEFAULT_VLAN are removed durin g the configuration.

Packets cannot cross VLANs if the switch is in Layer 2 Only mode.If a member of one VLAN wants to connect to another VLAN, the link must be through an external router.

When the switch is in Layer 2 Only mode, 802.1Q VLANs are supported.

Setting up IP Interfaces

The Layer 3 switch allows ranges of IP addresses (OSI layer 3) to be assigned to VLANs (OSI layer 2). Each VLAN must be configured prior to setting up the corresponding IP interface. An IP addressing scheme must then be established, and implemented when the IP interfaces are set up on the switch.

8-port Gigabit Ethernet Switch User’s Guide

An example is presented below:

VLAN Name VID Switch Ports

System (default) 1 7, 8

Engineering 2 1, 2

Marketing 3 5, 6

Shipping 4 3,4

Table 5-5. VLAN Example – Assigned Ports

In this case, 4 IP interfaces are required, so a CIDR notation of 10.32.0.0/10 (or a 10-bit) addressing scheme will work. This addressing scheme will give a subnet mask of 11111111.11000000.00000000.00000000 (binary) or 255.192.0.0 (decimal).

Using a 10.xxx.xxx.xxx IP address notation, the above example would give 4 network addresses and 4 subnets. Any IP address from the allowed range of IP addresses for each subnet can be chosen as an IP address for an IP interface on

the switch. For this example, we have chosen the next IP address above the network address:

VLAN Name VID Network Address IP Address

System (default) 1 10.0.0.0 10.0.0.1

Engineering 2 10.64.0.0 10.64.0.1

Marketing 3 10.128.0.0 10.128.0.1

Shipping 4 10.192.0.0 10.192.0.1

Table 5-6. VLAN Example – Assigned IP Addresses

The 4 IP interfaces, each with an IP address (listed in the table above), and a subnet mask of 255.192.0.0 can be entered into the Setup IP Interface menu.

Spanning Tree Protocol

The IEEE 802.1D Spanning Tree Protocol allows for the blocking of links between switches that form loops within the network. When multiple links between switches are detected, a primary link is established. Duplicated links are blocked from use and become standby links. The protocol allows for the duplicate links to be used in the event of a failure of the primary link. Once the Spanning Tree Protocol is configured and enabled, primary links are established and duplicated links are blocked automatically. The reactivation of the blocked links (at the time of a primary link failure) is also accomplished automatically – without operator intervention.

This automatic network reconfiguration provides maximum uptime to network users. However, the concepts of the Spanning Tree Algorithm and protocol are a complicated and complex subject and must be fully researched and understood. It is possible to cause serious degradation of the performance of the network if the Spanning Tree is incorrectly configured. Please read the following before making any changes from the default values.

The DGS -3308 STP allows two levels of spanning trees to be configured. The first level constructs a spanning tree on the links between switches. This is referred to as the Switch or Global level. The second level is on a port group basis. Groups of ports are configured as being members of a spanning tree and the algorithm and protocol are applied to the group of ports. This is referred to as the Port or VLAN level.

8-port Gigabit Ethernet Switch User’s Guide

The Switch STP performs the following functions:

• Creates a single spanning tree from any combination of switching or bridging elements.

• Creates multiple spanning trees – from any combination of ports contained within a single switch, in user-

specified groups.

• Automatically reconfigures the spanning tree to compensate for the failure, addition, or removal of any element in the tree.

• Reconfigures the spanning tree without operator intervention.

STP Operation Levels

The Switch allows for two levels of operation: the switch level and the port level. The switch level forms a spanning tree consisting of links between one or more switches. The port level constructs a spanning tree consisting of groups of one or more ports. The STP operates in much the same way for both levels.

Note: On the switch le vel, STP calculates the Bridge Identifier for each switch and then sets the Root Bridge

and the Designated Bridges.

Note: On the port level, STP sets the Root Port and the Designated Ports.

The following are the user-configurable STP parameters for the sw itch level:

Parameter Description Default

Value

Bridge Identifier

(Not user-

configurable

except by setting

priority below)

Priority A relative priority for each

A combination of the User-set priority and the switch’s MAC address. The Bridge Identifier consists of two parts: a 16-bit priority and a 48-bit Ethernet MAC address

32768

switch – lower numbers give a higher priority and a greater chance of a given switch being elected as the root bridge

8-port Gigabit Ethernet Switch User’s Guide

Hello Time The length of time between

broadcasts of the hello message by the switch

Maximum Age

Timer

Forward Delay Timer

Measures the age of a received BPDU for a port and ensures that the BPDU is discarded when its age exceeds the value of the maximum age timer.

The amount time spent by a port in the learning and listening states waiting for a BPDU that may return the port to the blocking state.

2 seconds

20 seconds

15 seconds

Table 5-7. STP Parameters – Switch Level

The following are the user-configurable STP parameters for the port or port group level:

Variable Description Default

Value

Port Priority A relative priority for each

port – lower numbers give a higher priority and a greater chance of a given port being elected as the root port

32768

Port Cost A value used by STP to

evaluate paths – STP calculates path costs and selects the path with the minimum cost as the active path.

19 – 100Mbps Fast Ethernet ports

4 – 1000Mbps Gigabit Ethernet ports

Table 5-8. STP Parameters – Port Group Level

Bridge Protocol Data Units

For STP to arrive at a stable network topology, the following information is used:

• The unique switch identifier

• The path cost to the root associated with each switch port

• The port identifier

STP communicates between switches on the network using Bridge Protocol Data Units (BPDUs). Each BPDU contains the following information:

• The unique identifier of the switch that the transmitting switch currently believes is the root switch

8-port Gigabit Ethernet Switch User’s Guide

• The path cost to the root from the transmitting port

• The port identifier of the transmitting port

The switch sends BPDUs to communicate and construct the spanning-tree topology. All switches connected to the LAN on which the packet is transmitted will receive the BPDU. BPDUs are not directly forwarded by the switch, but the receiving switch uses the information in the frame to calculate a BPDU, and, if the topology changes, initiates a BPDU transmission.

The communication between switches via BPDUs results in the following:

• One switch is elected as the root switch

• The shortest distance to the root switch is calculated for each switch

• A designated switch is selected. This is the switch closest to the root switch through which packets will be

forwarded to the root.

• A port for each switch is selected. This is the port providing the best path from the switch to the root switch.

• Ports included in the STP are selected.

Creating a Stable STP Topology

to make the fastest link the root port. If all switches have STP enabled with default settings, the switch with the lowest MAC address in the network will become the root switch. By increasing the priority (lowering the priority number) of the best switch, STP can be forced to select the best switch as the root switch.

When STP is enabled using the default parameters, the path between source and destination stations in a switched network might not be ideal. For instance, connecting higher-speed links to a port that has a higher number than the current root port can cause a root-port change.

STP Port States

The BPDUs take some time to pass through a network. This propagation delay can result in topology changes where a port that transitioned directly from a Blocking state to a Forwarding state could create temporary data loops. Ports must wait for new network topology information to propagate throughout the network before starting to forward packets. They must also wait for the packet lifetime to expire for BPDU packets that were forwarded based on the old topology. The forward delay timer is used to allow the network topology to stabilize after a topology change. In addition, STP specifies a series of states a port must transition through to further ensure that a stable network topology is created after a topology change.

Each port on a switch using STP exists is in one of the following five states:

• Blocking – the port is blocked from forwarding or receiving packets

• Listening – the port is waiting to receive BPDU packets that may tell the port to go back to the blocking state

• Learning – the port is adding addresses to its forwarding database, but not yet forwarding packets

• Forwarding – the port is forwarding packets

• Disabled – the port only responds to network management messages and must return to the blocking state

first

A port transitions from one state to another as follows:

• From initialization (switch boot) to blocking

• From blocking to listening or to disabled

• From listening to learning or to disabled

• From learning to forwarding or to disabled

• From forwarding to disabled

• From disabled to blocking

8-port Gigabit Ethernet Switch User’s Guide

Figure 5-6. STP Port Sta te Transitions

You can modify each port state by using management software. When you enable STP, every port on every switch in the network goes through the blocking state and then transitions through the states of listening and learning at power up. If properly configured, each port stabilizes to the forwarding or blocking state.

No packets (except BPDUs) are forwarded from, or received by, STP enabled ports until the forwarding state is enabled for that port.

Default Spanning-Tree Configuration

Feature Default Value

Enable state STP enabled for all ports

Port priority 128

Port cost 19

Bridge Priority 32,768

Table 5-9. Default STP Parameters

8-port Gigabit Ethernet Switch User’s Guide

User-Changeable STA Parameters

The factory default setting should cover the majority of installations. However, it is advisable to keep the default settings as set at the factory; unless, it is absolutely necessary. The user changeable parameters in the Switch are as follows:

• Priority – A Priority for the switch can be set from 0 to 65535. 0 is equal to the highest Priority.

• Hello Time – The Hello Time can be from 1 to 10 seconds. This is the interval between two transmissions of

BPDU packets sent by the Root Bridge to tell all other Switches that it is indeed the Root Bridge. If you set a Hello Time for your Switch, and it is not the Root Bridge, the set Hello Time will be used if and when your Switch becomes the Root Bridge.

Note: The Hello Time cannot be longer than the Max. Age. Otherwise, a configuration error will

occur.

• Max. Age – The Max. Age can be from 6 to 40 seconds. At the end of the Max. Age, if a BPDU has still not been received from the Root Bridge, your Switch will start sending its own BPDU to all other Switches for permission to become the Root Bridge. If it turns out that your Switch has the lowest Bridge Identifier, it will become the Root Bridge.

• Forward Delay Timer – The Forward Delay can be from 4 to 30 seconds. This is the time any port on the Switch spends in the listening state while moving from the blocking state to the forwarding state.

Note: Observe the following formulas when setting the above parameters:

Max. Age  2 x (Forward Delay - 1 second) Max. Age  2 x (Hello Time + 1 second)

• Port Priority – A Port Priority can be from 0 to 255. The lower the number, the greater the probability the port will be chosen as the Root Port.

• Port Cost – A Port Cost can be set from 1 to 65535. The lower the number, the greater the probability the port will be chosen to forward packets.

Illustration of STP

A simple illustration of three switches connected in a loop is depicted in Figure 5-7. In this example, you can anticipate some major network problems if the STP assistance is not applied. If switch A broadcasts a packet to switch B, switch B will broadcast it to switch C, and switch C will broadcast it to back to switch A ... and so on. The broadcast packet will be passed indefinitely in a loop, potentially causing a network failure.

In this example, STP breaks the loop by blocking the connection between switch B and C. The decision to block a particular connection is based on the STP calculation of the most current Bridge and Port settings. Now, if switch A broadcasts a packet to switch C, then switch C will drop the packet at port 2 and the broadcast will end there.

Setting-up STP using values other than the defaults, can be complex. Therefore, you are advised to keep the default factory settings and STP will automatically assign root bridges/ports and block loop connections. Influencing STP to choose a particular switch as the root bridge using the Priority setting, or influencing STP to choose a particular port to block using the Port Priority and Port Cost settings is, however, relatively straight forward.

8-port Gigabit Ethernet Switch User’s Guide

Figure 5-7. Before Applying the STA Rules

In this example, only the default STP values are used.

Figure 5-8. After Applyi ng the STA Rules

The switch with the lowest Bridge ID (switch C) was elected the root bridge, and the ports were selected to give a high port cost between switches B and C. The two (optional) Gigabit ports (default port cost = 4) on switch A are connected to one (optional) Gigabit port on both switch B and C. The redundant link between switch B and C is deliberately chosen as a 100 Mbps Fast Ethernet link (default port cost = 19). Gigabit ports could be used, but the port cost should be increased from the default to ensure that the link between switch B and switch C is the blocked link.

Internet Protocols

This is a brief introduction to TCP/IP, or the collection of Internet protocols that are commonly called TCP/IP. It is intended to give the reader some understanding of the terminology and the resources available. It is not intended to be a complete description.

8-port Gigabit Ethernet Switch User’s Guide

Protocol Layering

The task of connecting users to networks, and then networks to networks, is made somewhat easier by dividing up the overall job into simpler, but related, tasks. Each task is structured to be resilient to failures in the connecting hardware, software, data loss, data corruption, and data received out of order. Taken together, these tasks are referred to as a protocol suite.

Each task, or protocol, must communicate with other protocols. To manage this communication, the concept of layering was introduced as a way of structuring the overall network. The idea of protocol layering is to start with the most basic layer, the physical (or hardware) layer, and to define data formats and functions for that layer. The physical layer passes data to next higher layer, the data link layer, and so on until one user is connected to another.

Protocol layering then provides clearly defined breaks in the process of communicating over a network. Each break in the process has a clearly defined data format so that the layer below can perform its task in any way that is suitable, so long as the data it generates is in the format expected by the next layer. The advantage of this approach is that the exact method and tools (or software and hardware) used to accomplish the task at each layer is not critically important. Hardware and software designers are free to improve the performance or to reduce the cost of accomplishing the task of each protocol layer, so long as the data format between layers conforms to the defined formats (and of course, the layer’s task is accomplished).

The protocol layer concept currently used by the Internet, the OSI seven-layer model, was developed from earlier, simpler layered models. Much of the current layer model owes its origin to the Xerox Network Systems (XNS) model.

The OSI (Open Systems Interconnection) model actually refers to a system of protocols proposed by ISO (the International Standards Organization) that are themselves not widely used or supported. The layered model itself is, however, taken as the framework for nearly all modern networking.

A diagram of the OSI model is shown below (note that this is not a complete listing of the protocols contained within each layer of the model):

Figure 5-8. OSI Seven Layer Network Model

Each layer has a distinct set of tasks to accomplish and clearly defined formats in which to receive and forward data and messages. A distinct set of programs, executing a distinct set of protocols, is required to accomplish the task set by each layer.

Although the layers are separated from other layers in the model, they must all communicate and interoperate. For this to work, there must be very well-defined and well-known methods for transferring messages and data. Within a device connected to a network, this inter-layer communication is managed by the device’s protocol stack.

8-port Gigabit Ethernet Switch User’s Guide

Using the protocol layering model to visualize the organization of the network software, Layer 2 represents switching and Layer 3 represents routing. In fact, the protocol layering model gives only guidelines for writing programs to accomplish certain tasks and functions. How the layers communicate within a protocol stack (for example, within a network device or a computer) is determined by the operating system programmers. So long as the communication between devices on the network follows the well-defined and well-known methods and data formats, the protocol stack can accomplish its tasks in any way suitable.

Figure 5-9. The Protocol Stack

Elements on the same layer of a protocol stack are known as peers. They communicate with other peers, in other protocol stacks (on other network devices) using the well-defin ed and well-known methods and formats. Messages and data are transferred via published (and therefore well-known) protocols.

Elements within the same stack communicate using an internal interface. This interface is part of the operating system and is usua lly not published (and therefore not well-known). In addition, internal protocol stack interfaces are generally proprietary. This means that communication within the protocol stack has the same characteristics as a protocol in that two protocol stacks from the same operating system vendor will communicate (within the stack) in the same way. The difference from a protocol is that stacks from different operating system vendors (or two different operating system products from the same vendor) may communicate w ithin the stack in completely different ways.

The result is that communication between layers in within a protocol stack (and within a given network device) are often proprietary and different from communication within a second protocol stack.

Communication between peers (between two protocol stacks, but at the same layer) is accomplished by well-known and published protocols. So, peers communicate in an open and consistent way, and peers from completely different systems from different vendors can communic ate easily. This principle has allowed the rapid growth of layered networking.

A brief description of the most commonly used layers of the OSI model is helpful to understand the scope of how protocol layering works.

8-port Gigabit Ethernet Switch User’s Guide

Layer 1

Layer 2

This is commonly called the switching layer. It allows for the addressing of end stations and for the interconnection of end stations. This allows a practical way to construct simple but high-performance networks connecting thousands of end stations.

Switching forwards packets based on the unique Media Access Control (MAC) address of each end station. Switches records the MAC address and the port number of end stations and enter the information into a lookup table. In this way, a switch ‘learns’ the location of end stations and other switches attached to its ports.

Switching is usually limited to the Local Area Network (LAN) and requires a routing function to connect to the Internet or to a Wide Area Network (WAN).

Layer 3

This is commonly called the routing layer. The backbone of the Internet, along with the backbones of the networks of many large organizations, is built on a layer 3 foundation. The Internet Protocol (IP) is the most important layer 3 protocol. In addition to layer 2 MAC addresses, each IP packet contains source and destination IP addresses.

IP itself is not a very complex protocol. The IP suite of protocols do, however, provide an extensive range of functions. Some examples are: the Dynamic Host Configuration Protocol (DHCP) which can assign IP configurations to network devices, the Domain Name System (DNS) which manages the association of IP addresses with text names, the Routing Information Protocol (RIP) which enables layer 3 network devices to direct data to destinations in other networks. IP also allows for transmitting packets from a single point to multiple destinations (known as IP multicasting).

Layer 4

This is commonly called the transport layer. It is responsible for the communication path between user applications and the network. The Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP) are the most well-known layer 4 protocols. TCP is a ‘connection-oriented’ protocol. It requires a connection to be established before data is exchanged. UDP is a ‘connection-less’ protocol. It requires on connection to be setup before it transmits data.

Because UDP does not have the overhead of establishing a connection before transmitting data, it is frequently used for multicast transmissions.

TCP and UDP also have very different error recovery mechan isms. Both TCP and UDP are layered on top of IP, but IP has very limited error recovery or detection. TCP keeps track of the transmitted data and retransmits lost or corrupted data. UDP relies upon the application (at a higher layer) to keep track of transmitted data.

Layer 7

This commonly called the application layer. It provides access to application software running either on a computer or other network device. Application software usually does not communicate directly with the transport layer, but uses other software from a communication library, such as the WinSock library.

The application software designers must decide on the type of transport protocol that is most suitable for their task. Databases, for example, require error-free transmission, so TCP would be the best choice. Multimedia is much less sensitive to errors, so the low overhead of UDP becomes the best choice.

8-port Gigabit Ethernet Switch User’s Guide

TCP/IP

Transmission Control Protocol/Internet Protocol (TCP/IP) is the official name of a suite of protocols designed to allow computers to communicate and share resources across a network. TCP and IP are only the two best known protocols of the suite, but TCP/IP is used to refer to the entire suite.

TCP/IP is itself a layered set of protocols. For two computers to communicate across a network, there is first a protocol that defines a set of commands used by the two computers to identify the sender, the recipient, and the content of the message. The application then relies on TCP/IP to actually transmit and receive the packets that make up the message.

TCP keeps track of what was sent and received, and retransmits any lost or corrupted packets. If the message is too large for a single packet, TCP divides the message into as many packets as are necessary. TCP also makes sure these packets are receive and reassembled in the correct order.

IP routes the packets generated by TCP from their source to their destinations. This may require the packets to cross other networks. IP can route packets through networks connected with gateways so that a user on one network can communicate with any user on any connected network.

IP is not aware of the relationship between individual packets, or the contents of the packet – except for the source and destination IP addresses. This is called demultiplexing.

The information required by IP is contained in a series of headers which are added to or removed from the packet as it travels from network to network. A header is a few octets of data added to the beginning of a packet to keep track of it. As more data is required for the packet to cross a network, a new header is added. When the data is no longer required, the header is removed and the data in the previous header is used to forward the packet. This process is called encapsulation.

To send a packet over the internet, many levels of encapsulation may be used, and IP does all of this transparently to the user.

TCP and UDP Well-Known Ports

Network devices and computers connected to a network can have multiple connections with other devices and computers simultaneously. Received packets must be directed to the appropriate application at the receiving end. TCP and UDP use IP addresses to keep track of which devices are part of the connection, and port numbers to keep track of which applications within each device are communicating.

To retrieve a file from a server using the File Transfer Protocol (FTP), a connection from the user, at 10.0.0.1 (for example) to an FTP Server, at 10.0.0.2 (for example). TCP then opens a connection on the user’s computer using s ome random port number, 1234. The connection on the FTP server is opened using the well-known port number 21 for the FTP application. So, FTP is running on 10.0.0.1 port number 1234, and FTP Server is running on 10.0.0.1 port number 21 (the well-known port for FTP). There is a published list of well-known ports (sometimes called sockets) for many applications.

There is no need for a well-known port to be chosen for 10.0.0.1. It is only necessary for TCP to know which port has been chosen. The FTP Server, on the other hand, must have a well-known port number so that connections can be made, commands sent, and messages exchanged.

Note that the connection is actually described by a set of four numbers, the IP address and the TCP port number for the local end and the IP address and the TCP port number for the remote end. The Internet address is in the IP header and the TCP port number is in the TCP header.

No two connections can have the same set of numbers, but only one number of the four must be different. This allows two different users to send files to the same destination, at the same time.

Two FTP Server

Connections

TCP

ports

Internet addresses

8-port Gigabit Ethernet Switch User’s Guide

Connection 1 1234, 21 10.42.73.23 210.128.12.1

Connection 2 1235, 21 10.42.73.23 210.128.12.1

So the local computer, 10.42.73.23 has two connections to the FTP Server, 210.128.12.1. Commands sent from 10.42.73.23 are received by the FTP Server on the well-known TCP port number 21, but the transmitted files are received by

10.42.73.23 on either TCP port number 1234 or 1235, depending on which port issued the command. FTP actually uses two different connections. One for sending commands and a second one opened when a request to send

data is issued. This is done to allow the user to continue sending commands (such as, abort the file transfer). Connections with a remote terminal use a single connection. When a command is to be sent, a special character is sent

that indicates the next character is part of a command.

UDP and ICMP

TCP will divide large messages into several packets and manage the sending and receiving of all of these packets. Many applications do not require messages that must be divided into many smaller packets. The User Datagram Protocol (UDP) is designed for applications that do not need sequences of packets to be put together.

UDP also does not keep track of what is sent and cannot resend data. UDP does use port numbers in much the same way as TCP. UDP allows several programs to make connections to a server at the same time. UDP port numbers are used just like TCP port numbers and there are well-known port numbers for servers that use UDP.

Figure 5-10. UDP Packet Header

Note that a UDP header is shorter than a TCP header, but it still has source and destination port numbers, and a checksum.

The Internet Control Message Protocol (ICMP) is alternative protocol. It is used for messages intended for the TCP/IP software itself, such as error messages, rather than by any particular user program. ICMP can also be used for find information about the network. There are no port numbers since ICMP messages are processed by the network software itself.

Packet Headers

TCP

TCP takes messages and data that are too long to fit into a single packet and divides the transmission up among a series of packets, transmits them, and reassembles them in the correct order when they are received.

To do this, TCP needs to know how large a packet the network can handle. The TCPs at either end of a connection tell each other how large a packet they can process. The smaller of the two sizes is selected.

8-port Gigabit Ethernet Switch User’s Guide

The TCP header is added to the beginning of each packet. This header contains at least 20 octets including the source and destination TCP port numbers.

Each packet is given a sequence number that is used to ens ure that the packets are received in the correct order. The packets themselves are not numbered, instead, the octets the packet contains is numbered. So if there are 100 octets of data in each packet, the first packet would be numbered 0, the second 100, the third 200, and so on.

A checksum is calculated by adding up all the octets in the packet and the result is put in the header. The receiving TCP calculates its own checksum and if the two checksums differ, the packet is dropped.

Figure 5-11. TCP Packet Header

An acknowledgement is sent to indicate that the packets have been received. This is simply a packet with its acknowledgement number field filled in. The acknowledgement number is the number of octets of data received at the time the acknowledgement packet is sent.

If the sender does not receive an acknowledgement within a reasonable amount of time, the data is resent. The window field controls the amount of data in transit at any one time. Each end of a connection indicates how much data

it is currently able to receive by putting that number of octets in the window field. As the computer receives data, the number in the window field is decremented and when it reaches zero, the sender must

stops transmitting. As the recipient processes data, it increases its window, indicating that it is ready to receive more data.

TCP sends packets to IP, along with source and destination IP addresses. IP is not concerned with the contents of the packets or with the TCP header.

IP routes the packet from the source to the destination. IP adds its own header to the packet to allow intermediate gateways or other network devices to forward the packet.

The header contains the source and destination IP addresses, a protocol number, and a checksum. The protocol number allows IP to pass the packet to the appropriate protocol (usually TCP) at the receiving end. The checksum is calculated in same way as the TCP checksum and allows IP to verify that the data was not corrupted in

transit.

8-port Gigabit Ethernet Switch User’s Guide

Figure 5-12. IP Packet Header

Flags and Fragment Offset are used when a packet must be divided into smaller pieces by a network device. This is sometimes necessary for a packet to cross a network that can not process large packet sizes.

Time-to-Live (TTL) is the maximum number of gateways a packet can pass through. This number is decremented each time a packet is forwarded through a gateway. When the TTL reaches zero, the packet is dropped.

Ethernet

Ethernet uses its own headers and addresses. Each Ethernet device or NIC card has a 48 bit Media Access Control (MAC) address assigned to it by the manufacturer.

An Ethernet header is a 14 octets and includes the source and destination MAC addresses and a type code. For a computer or network device to have an IP address, a database must exist somewhere on the network to keep track of

which MAC address corresponds to which IP address. The type code is used to specify one of several protocol families that may be in use on the network. A checksum is calculated an put at the end of the packet. A receiving device recalculates the checksum and if the two

numbers are different, the packet is dropped.

Figure 5-13. Ethernet Packet Header

When the packet is received, these headers are removed. The Ethernet NIC removes the Ethernet header and checks the checksum. It looks at the type code. Since the type code is assigned to IP, the Ethernet device driver passes the packet to IP.

8-port Gigabit Ethernet Switch User’s Guide

IP removes the IP header. It looks at the IP protocol field. Since the protocol type is TCP, it passes the packet to TCP. TCP now looks at the sequence number and uses it to recombine the packets in the correct order.

The Domain Name System

Most network software uses a 32 bit IP address to identify network devices and computers on the network. User’s generally prefer to use text names for network nodes. So, a database is established that contains the text names and the corresponding IP addresses. The network software can then use the text name to look up an IP address. This database is located in a Domain Name System (DNS) server.

DNS is used to associate IP addresses to text names throughout the Internet. The same method has been adapted for use within intranets.

Resolving Domain Names

To resolve a domain name, a query is sent to a DNS server. This server then checks if the name is in its database. If it is, the DNS server translates the text name into an IP address and sends the answer back by appending the answer to the original query. If the DNS server can not resolve the name, it checks to see what type of resolution is specified in the query. The query can specify a complete translation (recursive resolution). In this case, the DNS server contacts another DNS server and forwards the query. If the query specifies iterative resolution, the DNS server replies that it cannot resolve the name and specifies the DNS server that should be contacted next to resolve the name.

Each client must be able to contact at least one DNS server, and each DNS server must be able to contact at least one root DNS server.

The IP address of a local DNS server is often supplied by a DHCP or BOOTP server.

DHCP Servers

The Dynamic Host Configuration Protocol (DHCP) is used to dynamically assign a TCP/IP network configuration to network devices and computers on the network. It also ensures that IP address conflicts do not occur.

IP addresses are assigned from a pool of free addresses. Each IP address assigned has a ‘lease’ and a ‘lease expiration period’. The lease must be periodically renewed. If th e lease is expires, the IP address is returned to the pool of available IP addresses.

Usually, it is a network policy to assign the same IP address to a given network device or computer each time. If the IP address lease expires, the network device sends a message to the DHCP server requesting a lease renewal. The

DHCP server can send an acknowledgement containing a new lease and updated configuration information. If an IP address lease cannot be renewed, the network device or computer sends a request to all local DHCP servers

attempting to renew the lease. If the DHCP returns a negative acknowledgement, the network device must release its TCP/IP configuration and reinitialize.

When a new TCP/IP configuration is received from a DHCP server, the network device checks for a possible IP address conflict by sending an Address Resolution Protocol (ARP) request that contains its new IP address.

Routing

The task of determining how a packet should get from a source to a destination is referred to as routing. IP assumes that the networks a packet would be sent across are connected by gateways (also called routers).

8-port Gigabit Ethernet Switch User’s Guide

The software in a traditional router (or the hardware in a layer 3 switch) is designed to forward packets from one network to another.

Routing is based upon the Network Address of the destination IP address. Each network device or computer has at least one gateway address (the default gateway) and this is generally the best way to send packets out of the local network and into the WAN or the Internet.

The network device or computer does not have to know the gateway address of the gateway to the destination network, only the local gateway out of the local network. When there is no specific gateway address to send the packet to, it is sent to the default gatew ay.

The gateway itself must know a lot more about which routes are available and where they go. To do this, a gateway develops a routing table using a routing protocol that is designed to help gateways find each other and exchange information about their local routes to other gateways.

ARP

The Address Resolution Protocol (ARP) is used to determine the association of IP addresses and MAC addresses for network devices and computers.

When a packet is to be transmitted, the destination’s IP address is first resolved into a MAC address. Network devices and computers (that operate on layer 3) maintain a local ARP cache. This is a local database of IP addresses and corresponding MAC addresses. If the destination IP address has an entry in the local ARP cache, the MAC address is written to the packet’s destination field and the packet is sent.

If the destination IP address does not have an entry in the local ARP cache, an ARP request must be sent to resolve the IP address into a MAC address. The packet must wait for a response from the destination before being sent.

ARP requests that are received from the network have their IP and MAC address pair extracted. The local ARP cache is then checked to see if there is already an entry for this pair. If an entry does not exist, the pair are added to the local ARP cache. If the entry already exists, the ARP request is dropped.

If an ARP request is received and the receiving network device has the IP address the ARP request is trying to resolve, the receiving device replies by giving its MAC address.

Multicasting

Multicasting allows a single network device to transmit packets to multiple destinations. These connections typically are used over a considerable period of time. End nodes that are receiving the multicast transmissions are referred to as a multicast group. Multicast group members can reside on different subnets and even on different networks.

Multicast Addressing

A multicast group is given an IP address where the first four bits of the address are set to ‘1110’. This is a Class D IP address. The 28 bit number following the ‘1110’ are referred to as the multicast group ID.

Some Class D addresses are reserved for special purposes. Addresses from 224.0.0.1 to 224.0.0.255 is reserved for use by routing protocols and some low-level protocols. Addresses from 239.0.0.0 to 239.255.255.255 are used by administrative applications for local networks.

The Class D IP address format is shown below:

Figure 5-14. Class D Multicast Address

Some of the assigned IP multicast addresses:

Address Assignment

8-port Gigabit Ethernet Switch User’s Guide

224.0.0.0

224.0.0.1

224.0.0.2

224.0.0.3

224.0.0.4

224.0.0.5

224.0.0.6

224.0.0.7

224.0.0.8

224.0.0.9

224.0.0.10

224.0.0.11

224.0.0.12

224.0.0.13

Base Address (reserved)

All Systems on this subnet

All Routers on this subnet

Unassigned

DVMRP Routers

OSPF IGP Routers

OSPF IGP Designated Routers

ST Routers

ST Hosts

All RIP2 Routers

All IGRP Routers

Mobile Agents

DHCP Servers and Relay Agents

All PIM Routers

224.0.0.14

224.0.0.15

224.0.0.16

224.0.0.17

224.0.0.18

224.0.0.19 through

224.0.0.225

224.0.0.21

RSVP Encapsulation

All CBT Routers

Designated Sbm

All Sbms

VRRP

Unassigned

DVMRP on MOSPF

Table 5-10. Some Permanent Multicast Address Assignments

8-port Gigabit Ethernet Switch User’s Guide

Internet Group Management Protocol (IGMP)

Computers and network devices that want to receive multicast transmissions need to inform nearby routers that they will become members of a multicast group. The Internet Group Management Protocol (IGMP) is used to communicate this information. IGMP is also used to periodically check the multicast group for members that are no longer active.

In the case where there is more than one multicast router on a subnetwork, one router is elected as the ‘querier’. This router then keeps track of the membership of the multicast groups that have active members. The information received from IGMP is then used to determine if multicast packets should be forwarded to a given subnetwork or not. The router can check, using IGMP, to see if there is at least one member of a multicast group on a given subnetwork. If there are no members on a subnetwork, packets will not be forwarded to that subnetwork.

IGMP Versions 1 and 2

Multicast groups allow members to join or leave at any time. IGMP provides the method for members and multicast routers to communicate when joining or leaving a multicast group.

IGMP version 1 is defined in RFC 1112. It has a fixed packet size and no optional data. The format of an IGMP packet is shown below:

Figure 5-15. IGMP Message Format

The IGMP Type codes are shown below:

Type Meaning

0x11

0x11 Specific Group Membership Query (if Group Address is 0x16 Membership Report (version 2)

0x17 Leave a Group (version 2) 0x12 Membership Report (version 1)

IGMP packets enable multicast routers to keep track of the membership of multicast groups, on their respective subnetworks. The following outlines what is communicated between a multicast router and a multicast group member using IGMP.

Membership Query (if Group Address is 0.0.0.0) Present)

Table 5-11. IGMP Type Codes

• A host sends an IGMP “report” to join a group

• A host will never send a report when it wants to leave a group (for version 1).

• A host will send a “leave” report when it wants to leave a group (for version 2).

• Multicast routers send IGMP queries (to the all-hosts group address: 224.0.0.1) periodically to see whether any

group members exist on their subnetworks. If there is no response from a particular group, the router assumes that there are no group members on the network.

The Time-to-Live (TTL) field of query messages is set to 1 so that the queries will not be forwarded to other subnetworks. IGMP version 2 introduces some enhancements such as a method to elect a multicast querier for each LAN, an explicit

leave message, and query messages that are specific to a given group.

8-port Gigabit Ethernet Switch User’s Guide

The states a computer will go through to join or to leave a multicast group are shown below:

Figure 5-16. IGMP State Transitions

Multicast Routing Algorithms

Multicast routing is based on a tree concept where the multicast source is the trunk and the multicast group members are the leaves. Branches can be thought of as subnetworks. There are several algorithms that can be used to construct the multicast tree and then to prune it branches for the efficient delivery of multicast transmissions.

Flooding

Flooding is the simplest way to deliver multicast packets. When a multicast packet is received by a router, it checks to see if it has received this packet before. If it has not, the packet if forwarded to all ports except the one the packet was received on. Otherwise, the router drops the packet. This way, all routers on a network will receive at least on copy of the packet.

Flooding generates a large number of duplicated packets and wastes network bandwidth. It also requires multicast routers to keep an entry in their table of recently received multicast packets, wasting some the router’s memory.

Multicast Spanning Trees

Spanning Trees are constructed from a subset of links between routers and a number of these links are selectively blocked such that there is only one active link between any two routers. The blocked links then act to provide some redundant links that may become active in the future, if the currently active link fails.

When a router receives a multicast packet, it floods the packet to all ports belonging to the spanning tree, except the one it was received on. This guarantees the packet will reach all routers on the network.

The spanning tree does not consider group membership in forwarding decisions.

8-port Gigabit Ethernet Switch User’s Guide

Reverse Path Broadcasting (RPB)

The RPB algorithm is a modification of the spanning tree algorithm. Instead of building a network-wide spanning tree, a virtual spanning tree is constructed for each multicast source.

When a router receives a multicast packet from a source, the router will check to see if the link on which the packet was received is the shortest path to the source. If it is, the packet is forwarded to all ports except the one on which it was received. If it is not, the packet is dropped.

If a link-state routing protocol is in use (such as OSPF), the router can determine if it is on the shortest path between itself and a neighboring router. If it is not, then the packet would be discarded at the next router. A link-state routing protocol would provide this information, so the first router could discard the packet.

If a distance-vector routing protocol (such as RIP) is being used, the neighboring router can advertise its previous hop for the source as part of its routing table update messages or it can ‘poision-reverse’ the route.

RPB does not use multicast membership information in the construction of multicast distribution trees.

Truncated Reverse Path Broadcasting (TRPB)

The TRPB algorithm is a modification of the RPB algorithm. It uses IGMP to determine if members of a multicast group are present on the router’s subnetwork. If the subnetwork has no multicast members and it is a leaf router (the only router on the subnetwork), TRPB will truncate the distribution tree. If the router is not a leaf router, the tree is not changed.

TRPB does use multicast group membership information in the construction of distribution trees.

Reverse Path Multicasting (RPM)

The RPM algorithm is an enhancement of the RPB and TRPB algorithms. RPM constructs delivery trees that span only subnetworks with group members or subnetworks along the shortest path to routers attached to subnetworks that have group members.

The RPM tree is then ‘pruned’ so that multicast packets are forwarded only along paths that lead to group members. The first multicast packet received by the router is forwarded according to the RPB algorithm. Leaf routers that receive a

multicast packet for which they have no group members will send a ‘prune’ message back to the router from which the message was received.

Prune messages indicate that multicast packets for a given membership group should not be forwarded on the link as there are no group members. Prune messages have a TTL of one, so they are only sent back one hop from the router that sends them.

The router one hop closer to the multicast source records the prune information in its memory. If the closer router has no group members on its subnetwork, it will send its own prune message to the next router on the path back to the multicast source, and so on. This is continued until multicast packets from a given source are only forwarded on paths that lead to multicast group members for that source.

The group membership and the topology of the network and the multicast distribution trees can change dynamically. To accommodate this, the RPM algorithm periodically removes all the prune information from the router’s memory. The next multicast packet received by the router gives new multicast group members on its subnet a chance to join the multicast group and leaf routers with new members on their subnetworks also get a chance to join.

RPM requires a relatively large amount of router memory space to maintain all the information for the multicast source and group members.

8-port Gigabit Ethernet Switch User’s Guide

Multicast Routing Protocols

This section gives a brief review of two multicast routing protocols – the Distance Vector Multicast Routing Protocol (DVMRP) and the Protocol Independent Multicast – Dense Mode (PIM-DM).

Distance Vector Multicast Routing Protocol (DVMRP)

DVMRP was derived from the Routing Information Protocol (RIP). The main difference is the RIP forwards unicast packets based on information about the next -hop (next router) on the path to its destination, but DVMRP constructs delivery trees based on previous-hop (last router) toward the multicast source.

DVMRP uses the RPM algorithm. The first multicast packet receive from a given source is flooded to all ports (except the one on which it was received). Prune messages are then used to identify links which do not have group members. These links are then pruned from the delivery tree.

A new message is added that allows a previously pruned link to be grafted back onto the multicast delivery tree, to accommodate new group members. Graft messages are forwarded only one hop back toward the multicast source.

If there is more than one router on a given subnetwork, the router closest to the multicast source is elected to forward that source’s multicast messages. All other routers will drop multicast messages from this source.

DVMRP supports tunnel interfaces (that is, interfaces connecting two multicast routers through one or more multicastunaware routers). Each tunnel interface must be configured with the IP address of the local router’s tunnel interface and the IP address of the remote router’s tunnel interface.

Protocol-Independent Multicast – Dense Mode

The Protocol-Independent Multicast – Dense Mode (PIM-DM) routing protocol also uses the RPM algorithm for constructing distribution trees, but PIM -DM requires the presence of a unicast routing protocol for finding routes back to the multicast source.

PIM-DM is, however, independent of the mechanisms used by the unicast routing protocol. It floods multicast messages until it receives prune messages and also uses graft messag es similar to DVMRP.

Routing Protocols

Routing Information Protocol (RIP)

The RIP protocol is a straightforward implementation of distance-vector routing. It partitions participants into active and passive. Active participants advertise their routes to others; passive participants listen to RIP messages and use them to update their routing table, but do not advertise. Only a router can run RIP in active mode; a host must use passive mode.

A router running RIP in active mode broadcasts a routing update message every 30 seconds. The update contains a set of pairs, where each pair contains an IP network address and an integer distance to that network. RIP uses a hop count metric to measure distances. The update contains information taken from the router’s current routing database. Each update contains a set of pairs, where each pair contains an IP network address and and integer distance to that network. RIP uses a hop count metric to measure distances. In the RIP metric, a router is defined to be one hop from a directly connected network, two hops from a network that is reachable through one other router, and so on. Thus, the number of hops, or hop count, along a path from a given source to a given destination refers to the number of routers that a datagram encounters along a path.

Both active and passive RIP participants listen to all broadcast messages, and update their tables according to the distance-vector algorithm described earlier.

8-port Gigabit Ethernet Switch User’s Guide

RIP specifies a few rules to improve performance and reliability. Once a router learns a route from another router, it must apply hysteresis, meaning that it does not replace the route with an equal cost route. In other words, to prevent oscillation among equal cost paths, RIP specifies that existing routes should be retained until a new route has a strictly lower cost.

RIP specifies that all listeners must timeout routes they learn via RIP. When a router installs a route in its table, it starts a timer for that route. The timer must be restarted whenever the router receives another RIP message advertising the route. The route becomes invalid if 180 seconds pass without the route being advertised again.

There are three potential errors that can arise using the RIP algorithm. First, because the algorithm does not explicitly detect routing loops, RIP must either assume participants can be trusted or take precautions to prevent such loops. Second, to prevent instabilities RIP must use a low value for the maximum possible distance (RIP uses 16). Thus, for internets in which legitimate hop counts approach 16, managers must divide the internet into sections or use an alternative protocol. Third, the distance-vector algorithm used by RIP can create a slow convergence or count to infinity problem, in which inconsistencies arise because routing update messages propagate slowly across the network.

Routing table inconsistency is a fundamental problem that occurs with any distance-vector protocol in which update messages carry only pairs of destination network and distance to that network.

The slow convergence problem is solved using a technique known as split horizon update. When using split horizon, a router does not propagate information about a route back over the same interface from which the route arrived. With split horizon, no routing loop appears. Instead, after a few rounds of routing updates, all routers will agree that the network is unreachable. However, the split horizon heuristic does not prevent routing loops in all possible topologies as one of the exercises suggests.

Another way to think of the slow convergence problem is in terms of information flow. If a router advertises a short route to some network, all receiving routers respond quickly to install that route. If a router stops advertising a route, the protocol must depend on a timeout mechanism before it considers the route unreachable. Once the time out occurs, the router finds an alternative route and starts propagating that information. Unfortunately, a router cannot know if the alternate route depended on the route that just disappeared. Thus, negative information does not always propagate quickly.

Another technique used to solve the slow convergence problem employs hold down. Hold down forces a participating router to ignore information about a network for a fixed period of time following the receipt of a message that claims a network is unreachable. Typically, the hold down period is set to 60 seconds. The idea is to wait long enough to ensure that all machines receive the message that a network is unreachable and that the message is not out of date. It should be noted that all machines participating in a RIP exchange need to use identical hold down period, or routing loops can occur. The disadvantage of a hold down technique is that if routing loops occur, they will be preserved for the duration of the hold down period. More important, incorrect routes will be preserved for the hold down period, even when alternatives exist.

A final technique for solving the slow convergence problem is called poison reverse. Once a connection disappears, the router advertising the connection retains the entry for several update periods, and includes an infinite cost (hop count of

16) in its broadcasts. To make poison reverse most effective, it must be combined with triggered updates. Triggered updates force a router to send an immediate broadcast when receiving a message that a network is unreachable, instead of waiting for the nest periodic broadcast. By sending an update immediately, a router minimizes the time it is vulnerable to believing inaccurate routes.

Unfortunately, while triggered updates, poison reverse, hold down, and split horizon techniques all solve some problems, they introduce others. For example, consider what happens with triggered updates when many routers share a common network. A single broadcast may change all their routing tables, triggering a new round of broadcasts. If the second round of broadcasts changes tables, it will trigger even more broadcasts. A broadcast storm can result.

The use of broadcast, potential for routing loops, and the use of hold down to prevent slow convergence can make RIP extremely inefficient in a wide area network. Broadcasting always takes substantial bandwidth. Having all machines broadcast periodically means that the traffic increases as the number of routers increases. The potential for routing loops can also be deadly when line capacity is limited. Once lines become saturated by looping packets, it may be difficult or impossible for routers to exchange the routing messages needed to break the loops. Also, in a wide area network, hold down periods are so long that the timers used by higher level protocols can expire and lead to broken connections. Despite these well-known problems, many groups continue to use RIP and an IGP in wide ar ea networks.

8-port Gigabit Ethernet Switch User’s Guide

RIP Version 1 Message Format

RIP messages can be classified into two types: routing information messages and messages used to request information. Both use the same format which consist of a fixed header followed by and optional list of network and distance pairs. The message format used by version 1 is shown below.

Figure 5-17. RIP v.1 Message Format

The COMMAND field specifies an operation according the following table:

Command Meaning

Request for partial or full routing information

Response containing network-distance pairs from sender’s routing table

Turn on trace mode (obsolete)

Turn off trace mode (obsolete)

Reserved for Sun Microsystem’s internal use

Update Request

8-port Gigabit Ethernet Switch User’s Guide

Update Response

Update Acknowledgement

Table 5-12. RIP Command Codes

A router or host can ask another router for routing information by sending a request command. Routers reply to requests using the response command. In most cases, however, routers broadcast unsolicited response messages periodically. The field VERSION contains the protocol version number (1 in this case), and is used by the receiver to verify it will interpret the message correctly.

RIP 1 Address Conventions

The generality of RIP is also evident in the way it transmits network addresses. The address format is not limited to use by TCP/IP. It can be used with multiple network protocol suites. Each network address reported by RIP can have an address of up to 14 octets. Of course, IP addresses need only 4. RIP specifies that the remaining octets must be zero. The field labeled FAMILY OF NET 1 identifies the protocol family under which the network address should be interpreted. RIP uses values assigned to address families under the 4BSD UNIX operating system (IP addresses are assigned a value of 2).

In addition to normal IP addresses, RIP uses the convention that address 0.0.0.0 denotes a default route. RIP attaches a distance metric to every route it advertises, including default routes. Thus, it is possible to arrange for two routers to advertise a default route (for example, a route to the Internet) at different metrics, making one of them a primary path and the other a backup.

The final field of each entry in a RIP message, DISTANCE TO NET 2, contains an integer count of the distance to the specified network. Distances are measured in router hops, but values are limited to the range 1 through 16, with the distance 16 used to signify infinity (unreachable).

RIP 1 Route Interpretation and Aggregation

Because RIP was originally designed to be used with classful addresses, version 1 did not include any provision for a subnet mask. When subnet addressing was added to IP, version 1 of RIP was extended to permit routers to exchange subnetted addresses. However, because RIP 1 update messages do not contain explicit mask information, an important restriction was added – a router can include host-specific or subnet-specific address in routing updates as long as all receivers can unambiguously interpret the addresses. In particular, subnet routes can be included in updates sent across a network that is part of the subnetted prefix, and only if the subnet mask used with the network is the same as the subnet mask used with the address. The restriction means the RIP 1 cannot be used to propagate variable-length subnet addresses or classless addresses.

Note: RIP 1 can only be used with classful or fixed-length subnet addresses.

If a router running RIP 1 connects to one or more networks that are subnets of a prefix N as well as to one or more networks that are not part of N, the router must prepare different update messages for the two types of interfaces. Updates sent over the interfaces that are subnets of N can include subnet routes, but updates sent over other interfaces cannot. Instead, when sending over other interfaces the router is required to aggregate the subnet information and advertise a single route to network N.

RIP Version 2 Extensions

The restriction on address interpretation means that version 1 of RIP cannot be used to propagate either variable length subnet addresses or the classless addresses used with CIDR. When version 2 of RIP (RIP2) was defined, the protocol was extended to include an explicit subnet mask along with each address. In addition, RIP2 updates include explicit next-hop information, which prevents routing loops and slow convergence. As a result, RIP2 offers significantly increased functionality as well as improved resistance to errors.

8-port Gigabit Ethernet Switch User’s Guide

RIP2 Message Format

The message format used with RIP2 is an ext ension of the RIP1 format, with additional information occupying unused octets of the address field. In particular, each address includes an explicit next hop as well as an explicit subnet mask.

Figure 5-18. Rip Message Format

RIP 2 also attaches a 16-bit Route Tag to each entry. A router must send the same tag it receives when it transmits the route. Thus, the tag provides a way to propagate additional information such as the origin of the route. In particular, if RIP2 learns a route from another autonomous system, it can use the Route Tag to propagate the autonomous system’s number.

Because the version number in RIP2 occupies the same octet as in RIP1, both versions of the protocols can be used on a given router simultaneously without interference. Before processing an incoming message, RIP software examines the version number.

Transmitting RIP Messages

RIP messages do not contain an explicit length field or an explicit count of entries. Instead, RIP assumes that the underlying delivery mechanism will tell the receiver the length of an incoming message. In particular, when used with TCP/IP, RIP messages rely on UDP to tell the receiver the message length. RIP operates on UDP port 520. Although a RIP request can originate at other UDP ports, the destination UDP port for requests is always 520, as is the source port from which RIP broadcast messages originate.

The Disadvantage of RIP Hop Counts

Using RIP as an interior router protocol limits routing in two ways. First, RIP restricts routing to a hop-count metric. Second, because it uses a small value of hop count for infinity, RIP restricts the size of any network using it. In particular, RIP restricts the span of a network to 16 hops (or 15 routers, because 16 represents an unreachable destination). So an internet can have at most 15 routers between any two hosts.

Note that the limit on network span is neither a limit on the total number of routers nor a limit on density. In fact, most campus networks have a small span even if they have many routers because the topology is arranged as a hierarchy.

8-port Gigabit Ethernet Switch User’s Guide

Consider, for example, a typical corporate intranet. Most use a hierarchy that consists of a high-speed backbone network with multiple routers each connecting the backbone to a workgroup, where each workgroup occupies a single LAN. Although the corporation can include dozens of workgroups, the span of the entire intranet is only 2. Even if each workgroup is extended to include a router that connects one or more additional LANs, the maximum span only increases to 4. Similarly, extending the hierarchy one more level only increases the span to 6. Thus, the limit that RIP imposes affects large autonomous systems or autonomous systems that do not have a hierarchical organization.

Even in the best cases, however, hop counts provide only a crude measure of network capacity or responsiveness. Thus, using hop counts does not always yield routes with the least delay or highest capacity. Furthermore, computing routes on the basis of minimum hop counts has the severe disadvantage that it makes routing relatively static because routes cannot respond to changes in network load.

8-port Gigabit Ethernet Switch User’s Guide

C ONFIGURING THE SWITCH USING THE

C ONSOLE INTERFACE

Your 8-port Gigabit Ethernet Layer 3 Switch supports a console management interface that allows you to set up and control your Switch, either with an ordinary terminal (or terminal emulator), or over the network using the TCP/IP Telnet protocol. You can use this facility to perform many basic network mana gement functions. In addition, the console program will allow you to configure the Switch for management using an SNMP-based network management system. This chapter describes how to use the console interface to access the Switch, change its settings, and monitor its operation.

Notes are added where clarification is necessary. Where there is a difference in the setup of the switch between its two operational modes (Layer 2 Only and IP

Routing), the sections are divided to correspond with the Switch operating mode that is applicable.

Note: IP Routing mode switch configuration settings that are saved to non-volatile RAM using Save

Changes from the Main Menu are retained in the Switch’s memory when the operational mode is changed. IP Routing mode settings are simply inactive when the Switch is in Layer 2 Only mode.

Before You Start

The DGS-3308 Layer 3 Switch supports a wide array of functions and gives great flexibility and increased network performance by eliminating the routing bottleneck between the WAN or Internet and the Intranet. Its function in a network can be thought of as a new generation of router that performs routing functions in hardware, rather than software. It is a router that also has up to 8 independent Ethernet collision domains – each of w hich can be assigned an IP subnet.

This flexibility and rich feature set requires a bit of thought to arrive at a deployment strategy that will maximize the potential of the DGS-3308.

General Deployment Strategy

1. Determine how the network would be best segmented. This is probably done using VLANs in an existing layer 2 switched network.

2. Develop an IP addressing scheme. This involves allocating a block of IP addresses to each network segment. Each network subnet is then assigned a network address and a subnet mask. See Chapter 5, “Switch Management Concepts” section titled IP Addressing and Subnetting for more information.

3. Determine which network resources must be shared by the subnets. Shared resources may be connected directly to the Layer 3 switch, if need be. Static routes to each of the shared resources should be determined.

4. Determine how each subnet will communicate with the WAN or Internet. Again, static routes should be determined and default gateways identified.

8-port Gigabit Ethernet Switch User’s Guide

5. Develop a security scheme. Some subnets on the network need more security or should be isolated from the other subnets. IP or MAC filtering can be used. Also, one or more VLANs on the Layer 3 switch can be configured without an IP subnet – in which case, these VLANs will function as a layer 2 VLAN and would require an external router to connect to the rest of the network.

6. Develop a policy scheme. Some subnets will have a greater need for multicasting bandwidth, for example. A policy is a mechanism to alter the normal packet forwarding in a network device, and can be used to intelligently allocate bandwidth to time-critical applications such as the integration of voice, video, and data on the network.

7. Develop a redundancy scheme. Planning redundant links and routes to network critical resources can save valuable time in case of a link or device failure. The Spanning Tree function can be used to block the redundant link until it is needed.

VLAN Layout

VLANs on the DGS -3308 have rather more functions than on a traditional layer 2 switch, and must therefore be laid-out and configured with a bit more care. Layer 3 VLANs could be thought of as network links – not just as a collection of associated end users. Further, Layer 3 VLANs are assigned an IP network address and subnet mask to enable IP routing between them.

Layer 3 VLANs must be configured on the switch before they can be assigned IP subnets. Further, the static VLAN configuration is specified on a per port basis. On the DGS -3308, a VLAN can consist of end-nodes – just like a traditional layer 2 switch, but a VLAN can also consist of one or more layer 2 switches – each of which is connected to multiple endnodes or network resources.

So, a Layer 3 VLAN, consisting of 4 ports, could be connected to 4 layer 2 switches. If these layer 2 switches each have 8 ports, then the Layer 3 VLAN would contain 4 x 8 = 32 end nodes. Assigning an IP subnet to the Layer 3 VLAN would allow wire-speed IP routing from the WAN to each end node and between end nodes.

So, the IP subnets for a network must be determined first, and the VLANs configured on the switch to accommodate the IP subnets. Finally, the IP subnets can be assigned to the VLANs.

Assigning IP Network Addresses and Subnet Masks to VLANs

The DGS -3308 allows the assignment of IP subnets to individual VLANs. Any VLAN configured on the switch that is not assigned an IP subnet, will behave as a layer 2 VLAN and will not be capable of IP routing – even if the switch is in IP Routing mode.

Developing an IP addressing scheme is a complex subject, but it is sufficient here to mention that the total number of anticipated end nodes – for each Layer 3 VLAN – must be accommodated with an unique IP address. It should be noted that the switch regards a VLAN with an IP network address and corresponding subnet mask assigned as an IP interface in IP Routing mode.

Note: See the section titled IP Addressing and Subnetting in Chapter 5 for more information.

Defining Static Routes

Routes between the IP interfaces and a default gateway or other router with a WAN connection shoul d be determined beforehand and entered into the static/default routing table on the DGS-3308.

Existing WAN or Internet connections will probably have a router to connect the interface device to the network. This router can be connected to the DGS -3308 using a port designated as a ‘router port’. Designating a port as a router port allows multicasting messages to be passed to the router with a WAN or Internet connection without flooding these messages throughout the network. This saves considerable bandwidth and increases performance without additional investment in network equipment.

8-port Gigabit Ethernet Switch User’s Guide

Connecting to the Switch

You can use the console interface by connecting the Switch to a VT100-compatible terminal or a computer running an ordinary terminal emulator program (e.g., the terminal program included with the Windows operating system) using an RS- 232C serial cable. Your terminal parameters will need to be set to:

• VT-100/ANSI compatible

• 9,600 baud

• 8 data bits

• No parity

• One stop bit

• No flow control

You can also access the same functions over a Telnet interface. Once you have set an IP address for your Switch, you can use a Telnet program (in VT-100 compatible terminal mode) to access and control the Switch. All of the screens are identical, whether accessed from the console port or from a Telnet interface.

Console Usage Conventions

The console interface makes use of the following conventions:

1. Items in <angle brackets> can be toggled between several choices using the space bar.

2. Items in [square brackets] can be changed by typing in a new value. You can use the backspace and delete keys to

erase characters behind and in front of the cursor.

3. The up and down arrow keys, the left and right arrow keys, the tab key and the backspace key, can be used to move between selected items.

4. Items in UPPERCASE are commands. Moving the selection to a command and pressing Enter will execute that command, e.g. APPLY, etc.

Please note that the command APPLY only applies for the current session. Use Save Changes from the main menu for permanent changes. Save Changes enters the current switch configuration into non-volatile ram, and then reboots the switch.

First Time Connecting To The Switch

The Switch supports user-based security that can allow you to prevent unauthorized users from accessing the Switch or changing its settings. This section tells how to log onto the Switch.

Note: The passwords used to access the Switch are case-sensitive; therefore, “S” is not the same as “s.”

When you first connect to the Switch, you will be presented with the first login screen (shown below).

Note: Press Ctrl+R to refresh the screen. This command can be used at any time to force the

console program in the switch to refresh the console screen.

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-1. Initial screen, first time connecting to the Switch

Note: There is no initial username or password. Leave the username and password fields blank. Note: The Switch’s operational mode (Layer 3 or Layer 2) is displayed in the upper right-hand corner

of every menu in the console. The switch operational mode is changed under Switch Settings from the Main Menu and is described later in this manual.

Press Enter in both the username and password fields. You will be given access to the main menu shown below:

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-2. Main Menu

Note: The first user automatically gets Root privileges (See Table 6-1). It is recommended to create at

least one Root-level user for the Switch.

Setup User Accounts

To create a new user account, highlight Setup User Accounts from the Main Menu and press Enter:

Figure 6-3. Main Menu

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-4. Setup User Accounts screen

User Accounts Management

From the Main Menu, highlight Setup User Accounts and press Enter, then the Setup User Accounts menu appears.

1. Toggle the Action:< > field to <Add> using the space bar. This will allow the addition of a new user. The other options are <Delete> - this allows the deletion of a user entry, and <Update> - this allows for changes to be made to an existing user entry.

2. Enter the new user name, assign an initial password, and then confirm the new password. Determine whether the new user should have <Root>, <User+>, or <User> privileges. The space bar toggles between the three options.

3. Highlight APPLY and press enter to make the user addition effective.

4. Press Esc. to return to the previous screen or Ctrl+T to go to the root screen.

5. A listing of all user accounts and access levels is shown below the user setup menu. This list is updated when APPLY

is executed.

6. Please remember that APPLY makes changes to the switch configuration for the current session only. All changes (including User additions or updates) must be entered into non-volatile ram using the Save Changes command on the Main Menu - if you want these changes to be permanent.

Root, User+ and Normal User Privileges

There are three levels of user privileges: Root and User+, and User. Some menu selections available to users with Root privileges may not be available to those with User+ and User privileges.

The following table summarizes the Root, User+ and User privileges:

Switch Configuration Privilege Management Root User+ User

8-port Gigabit Ethernet Switch User’s Guide

Configuration Yes Read Only Read Only

Network Monitoring Yes Read Only Read Only

Community Strings and Trap Stations Yes Read Only Read Only

Update Firmware and Configuration Files

System Utilities Yes Ping Only Ping Only

Factory Reset Yes No No

Reboot Switch Yes Yes No

Yes No No

User Accounts Management

Add/Update/Delete User Accounts Yes No No

View User Accounts Yes No No

Table 6-1. Root, User+, and User Privileges

After establishing a User Account with Root-level privileges, press Esc. Then highlight Save Changes and press Enter (see below). The Switch will save any changes to its non-volatile ram and reboot. You can logon again and are now

ready to continue configuring the Switch.

Save Changes

The DGS -3308 has two levels of memory; normal RAM and non-volatile or NV-RAM. Configuration changes are made effective by highlighting Apply and pressing Enter. When this is done, the settings will be immediately applied to the switching software in RAM, and will immediately take effect.

Some settings, though, require you to restart the switch before they will take effect. Restarting the Switch erases all settings in RAM and reloads the stored settings from the NV -RAM. Thus, it is necessary to save all setting changes to NV-RAM before rebooting the Switch.

To retain any configuration changes permanently, highlight Save Changes from the Main Menu. The following screen will appear to verify that your new settings have been saved to NV-RAM:

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-5. Main Menu

Figure 6-6. Save Changes s creen

Once the Switch configuration settings have been saved to NV -RAM, they become the default settings for the switch. These settings will be used every time the Switch is rebooted.

8-port Gigabit Ethernet Switch User’s Guide

Reboot

The only way to change the configuration stored in NV-RAM is to save a new configuration using Save Changes from the Main Menu or to execute a factory reset from the System Reboot menu (click Reboot on the Main Menu). This

will clear all settings and restore them to their initial values listed in the Appendix. These are the configuration settings entered at the factory and are the same settings present when the Switch was purchased.

Figure 6-7. Reboot menu

Highlight the desired option on the menu above and press Enter.

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-8. Re boot screen

Highlight Yes and press Enter to complete the desired option from the System Reboot screen. Please note that if either the third or fourth choice is selected, all User Accounts (and other configuration settings) you may have entered will be erased and the Switch will return to the state it was in when it was purchased.

Logging Onto The Switch Console

To log in once you have created a registered user, from the login screen:

1. Type in your username and press Enter.

2. Type in your password and press Enter.

3. The Main Menu screen will be displayed based on your access level or privilege.

Updating or Deleting User Accounts

To update or delete a user password: Choose Setup User Accounts from the Main Menu. The following Setup User Accounts screen appears:

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-9. Setup Users Accounts screen

1. Toggle the Action:<Add> field using the space bar to choose Add, Update, or Delete.

2. Type in the Username for the user account you wish to change and enter the Old Password for that user account.

3. You can now modify the password or the privilege level for this user account.

4. If the password is to be changed, type in the New Password you have chosen, and press Enter. Type in the same new password in the following field to verify that you have not mistyped it.

5. If the privilege level is to be changed, toggle the Access Level:<Root> field until the appropriate level is displayed – Root, User+ or User.

6. Highlight APPLY and press Enter to make the change effective.

7. You must enter the configuration changes into the non-volatile ram (NV -RAM) using Save Changes from the Main Menu if you want the configuration to be used after a switch reboot.

Only a user with Root privileges can make changes to user accounts.

Viewing Current User Accounts

Access to the console, whether using the console port or via Telnet, is controlled using a user name and password. Up to eight user accounts can be created. The console interface will not let you delete the current logged-in user, to prevent accidentally deleting all of the users with Root privilege.

Only users with the Root privilege can delete users. To view the current user accounts:

8-port Gigabit Ethernet Switch User’s Guide

Highlight Setup User Accounts from the Main Menu. The current user accounts can be read from the Setup User Accounts screen that is displayed.

Deleting a User Account

To delete a user account:

1. Toggle the Action:<Add> field to Delete.

2. Enter the Username for the account you want to delete.

3. Highlight APPLY and press Enter to make the deletion of the selected user take effect.

4. You must enter the configuration changes into the non-volatile RAM (NV -RAM) using Save Changes from the Main Menu if you want the configuration to be used after a switch reboot.

Only users with Root privileges can delete user accounts.

Setting Up The Switch

Basic Setup

This section will help prepare the Switch user by describing the Switch Information, Remote Management Setup, Configure Ports, Serial Port Settings and Switch Settings menus.

Figure 6-10. Main Menu

Switch Information

Highlight Switch Information from the Main Menu and press Enter:

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-11. Switch Information screen

The Switch Information shows the type of switch (Layer 3), which (if any) external modules are installed, and the Switch’s MAC Address (assigned by the factory and unchangeable). In addition, the Boot PROM and Firmware Version numbers are shown. This information is helpful to keep track of PROM and Firmware updates and to obtain the Switch’s MAC address for entry into another network device’s address table – if necessary.

You can also enter the name of the System, its location, and the name and telephone number of the System Administrator. It is recommended that the person responsible for the maintenance of the network system that this Layer 3 switch is installed on be listed here.

Power Supply and Cooling Fan Status

Highlight Power Supply and Cooling Fan Status on the Switch Information screen and press Enter to display the current status of the primary and secondary power supplies and the four cooling fans. The following screen appears:

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-12. Power Supply and Cooling Fan Status screen

IP Setup

Some settings must be entered to allow the Switch to be managed from an SNMP-based Network Management System such as SNMP v1 or to be able to access the Switch using the Telnet protocol or the Web-based Manager. Please see the next chapter for Web-based network management information.

The IP Setup menu lets you specify how the Switch will be assigned an IP address to allow it to be identified on the network.

To setup the Switch for remote management: Highlight IP Setup from the Main Menu. The following screen appears:

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-13. IP Setup screen

Configuring the Switch’s IP Address

The Switch needs to have an IP address assigned to it so that an In-Band network management system (e.g. Web-based Manager or Telnet) client can find it on the network. The IP Setup screen allows you to change the settings for this manag ement interface used on the Switch.

The fields listed under the Current Switch IP Settings heading are those that are currently being used by the Switch. The fields listed under the New Switch IP Settings heading are those that will be used after the Switc h has been Rebooted.

In Layer 2 mode, toggle the Get IP From: < > field using the space bar to choose from Manual, BOOTP, or DHCP. This selects how the Switch will be assigned an IP address on the next reboot (or startup). If the Switch is in Layer 3 mode, Manual is automatically assigned.

The Get IP From: < > options are:

• BOOTP – The Switch will send out a BOOTP broadcast request when it is powered up. The BOOTP protocol allows IP addresses, network masks, and default gateways to be assigned by a central BOOTP server. If this option is set, the Switch will first look for a BOOTP server to provide it with this information before using the default or previously entered settings.

• DHCP – The Switch will send out a DHCP broadcast request when it is powered up. The DHCP protocol allows IP addresses, network masks, and default gateways to be assigned by a DHCP server. If this option is set, the Switch will first look for a DHCP server to provide it with this information before using the default or previously entered settings.

• Manual – Allows the entry of an IP address, Subnet Mask, and a Default Gateway for the Switch. These fields should be of the form xxx.xxx.xxx.xxx, where each xxx is a number (represented in decimal form) between 0 and 255. This address should be a unique address on the network assigned for use by the Network Administrator. The fields which require entries under this option are as follows:

8-port Gigabit Ethernet Switch User’s Guide

§ Subnet Mask – A Bitmask that determines the extent of the subnet that the Switch is on. Should be of

the form xxx.xxx.xxx.xxx, where each xxx is a number (represented in decimal) between 0 and 255. The value should be 255.0.0.0 for a Class A network, 255.255.0.0 for a Class B network, and 255.255.255.0 for a Class C network, but custom subnet masks are allowed.

§ Default Gateway – IP address that determines where packets with a destination address outside the

current subnet should be sent. This is usually the address of a router or a host acting as an IP gateway. If your network is not part of an intranet, or you do not want the Switch to be accessible outside your local network, you can leave this field unchanged.

• Management VID – Allows the input of a VLAN VID to restrict access to the management module on the Switch to a single VLAN.

Remote Management Setup

This allows the Switch to send traps (messages about errors, etc.) to management stations on the network. Highlight Remote Management Setup on the Main Menu and press Enter. The trap recipients can be setup from the following screen:

Figure 6-14. Remote Management Setup screen

The IP Address field is the IP address of a management station (usually a computer) that is configured to receive the SNMP traps from the Switch.

The SNMP Community String is similar to a password in that stations that do not know the correct string cannot receive or request SNMP information from the Switch.

The Status field can be toggled between Enabled and Disabled to enable or disable the receipt of SNMP traps by the listed management stations.

Note: Up to four SNMP trap recipients can be entered.

Setup Trap Recipients

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-15. Setup Trap Recipients screen

Configure Ports

Highlight Configure Ports from the Main Menu and press Enter:

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-16. Configure Ports screen

To configure a specific port, toggle the Configure Port from [ ] to [ ] field until the appropriate port numbers appear.

Toggle the State:< > field to either enable or disable a given port. Toggle the Speed/Duplex:< > field to select the speed and duplex state of the port. There are two choices: Auto and

1000M/Full. Auto allows the port to automatically determine the fastest settings the device the port is connected to can handle, and then to use those settings. There is no automatic adjustment of port settings with any option other than Auto.

Serial Port Settings

The Serial Port Settings screen allows the configuration of the Switch’s serial port through either the console port or through use of the Telnet protocol.

Highlight Serial Port Settings and press Enter.

Figure 6-17. Serial Port Settings screen

The following fields can then be set:

• Baud Rate – Sets the serial bit rate that will be used to communicate the next time the Switch is restarted. Applies only when the serial port is being used for out-of-band (SLIP) management; it does not apply when the port is used for the console port. Available speeds are 4800, 9600, 19200, 38400 and 57600 bits per second. The default setting is 9600.

• Auto-Logout – This sets the time the interface can be idle before the Switch automatically logs-out the user. The options are 2 mins, 5 mins, 10 mins, 15 mins, or Never.

• Telnet Time Out<min> – Select the desired Telnet age-out time in this field.

• Telnet Sessions<1..4> – Select between 1 and 4 Telnet sessions in this field.

8-port Gigabit Ethernet Switch User’s Guide

Switch Operation Mode

Note: The Switch will retain the configuration entered for IP Routing when in Layer 2 Only mode (if

the configuration is saved to NV-RAM), but the IP Routing configuration will not be active. The IP Routing configuration will become active when the Switch is again put in IP Routing mode.

Note: Putting the Switch in IP Routing mode does not – by itself – enable IP routing. The Switch

must be configured to use IP interfaces before it is capable of IP routing. (See the section titled Setting up IP Interfaces below.)

The Switch can operate in one of two modes:

1. Layer 2 Only with IEEE 802.1Q VLAN support: the switching process is based upon the source and destination MAC addresses only. 802.1Q VLANs are supported and the Switch is considered as a VLAN-tag aware device.

2. IP Routing with IEEE 802.1Q VLAN support: the switching process is based upon the IP source and destination addresses, if present. If the IP addresses are not present, the switching process is based upon the MAC addresses (as in Layer 2 above). 802.1Q VLANs are supported and the Switch is considered as a VLAN-tag aware device.

The Switch must be rebooted when changing the operation mode before the new operation mode can take effect.

Changing the Switch Operation Mode

To change the Switch’s operating mode:

Highlight Switch Settings on the Main Menu and press Enter.

Figure 6-18. Switch Settings screen

8-port Gigabit Ethernet Switch User’s Guide

Highlight Switch Operation Mode on the Switch Settings menu and press Enter.

Figure 6-19. Switch Mode Selection screen

The field Select switch operation mode:< > can be toggled using the space bar to one of the two switch operation modes: Layer 2 Only, Support IEEE 802.1Q VLANs and IP Routing, Support IEEE 802.1Q VLANs.

To make a change in the operation mode of the Switch effective, highlight APPLY and press Enter.

Figure 6-20. Change Mode Confirmation screen

8-port Gigabit Ethernet Switch User’s Guide

Type y and press Enter. The Switch will then save the changes made during the current session and reboot. The Switch must be rebooted to change the operation mode.

Switch Settings – IP Routing Mode

Once the Switch is configured for IP Routing (Layer 3 Switching), and rebooted, the Main Menu adds some functions compared to the Layer 2 Only mode.

Figure 6-21. Main Menu – Layer 3 IP Routing Mode

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-22. Main Menu – Layer 2 Switching Mode

Layer 2 Switch Settings

Note: Layer 2 Switch functions and settings are also available when the Switch is configured to operate

in the IP Routing (Layer 3) mode.

To access the Layer 2 Switch Settings menu, highlight Layer 2 Switch Settings on the Switch Settings menu and press Enter:

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-23. Layer 2 Switch Settings screen

The following fields can then be set:

• Switch GVRP: <Disabled> – Group VLAN Registration Protocol is a protocol that allows members to dynamically join VLANs.

• Switch GMRP: Disabled – Group Multicast Registration Protocol is a protocol that allows members to dynamically join Multicast groups. This function is not supported in the current version of the Switch software.

Broadcast/Multicast Storm Control:

• Upper Threshold: [255]Kpps – This is the number of thousands Broadcast/Multicast packets per second received by the Switch – on one of the base ports – that will trigger the Switch’s reaction to a Broadcast/Multicast storm.

• Broadcast Storm Mode:<Disabled> – This field can be toggled between Enabled and Disabled using the space bar. This enables or disables, globally, the Switch’s reaction to Broadcast storms, triggered at the threshold set above.

• Multicast Storm Mode:<Disabled> – This field can be toggled between Enabled and Disabled using the space bar. This enables or disables, globally, the Switch’s reaction to Multicast storms, triggered at the threshold set above.

Layer 3 Switch Mode - Setup RIP

The Routing Information Protocol (RIP) is a distance-vector protocol that uses the hop count as its criteria for making routing decisions. RIP is an Interior Gateway Protocol (IGP), which means that it performs routing within a single autonomous system.

To setup RIP, click Layer 3 IP Networking on the Main Menu. The following menu appears:

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-24. Setup Layer 3 – IP Networking menu

Now highlight Setup RIP Configuration from the Setup Layer 3 IP Networking menu above and press Enter to access the following screen:

Figure 6-25. Setup RIP Configuration screen

8-port Gigabit Ethernet Switch User’s Guide

• Interface name:[ ] – The name of the IP interface on which RIP is to be setup. This interface must be previously configured on the Switch.

• TX Mode:<V2 Only > – Toggle among Disabled, V1 Only , V1 Compatible , and V2 Only. This entry specifies which version of the RIP protocol will be used to transmit RIP packets. Disabled prevents the transmission of RIP packets.

• RX Mode:<V2 Only> – Toggle among Disabled, V1 Only , V2 Only, and V1 and V2. This entry specifies which version of the RIP protocol will be used to interpret received RIP packets. Disabled prevents the reception of RIP packets.

• Authentication:<Enabled> – Toggle between Enabled and Disabled. When authentication is enabled, a password is used to authenticate communication between routers on the network. Authentication is only supported when RIP is in V1 Compatible or V2 only mode.

• Password:[ ] – A password to be used to authenticate communication between routers on the network.

Advanced Setup

The switch operation mode setting changes the menus and configuration options for the Advanced Setup of the Switch. This section of the manual is therefore divided into two sections for each Advanced Setup menu item to reflect the two switch operation modes – Layer 2 with IEEE 802.1Q VLAN support and IP Routing with IEEE 802.1Q VLAN support. Where there is no difference in the setup between the two switch operation modes, only one section will be presented.

Configuring VLANs

Note: The Switch allows the assignment of an IP interface to each VLAN, in IP Routing mode.

The VLANs must be configured before setting up the IP interfaces. VLANs in Layer 2 Only Mode

The Switch reserves one VLAN, VID = 1, called the DEFAULT_VLAN for internal use. The factory default setting assigns all ports on the Switch to the DEFAULT_VLAN. As new VLANs are configured, there respective member ports are removed from the DEFAULT_VLAN. If the DEFAULT_VLAN is reconfigured, all ports are again assigned to it. Ports that are not desired to be part of the DEFAULT_VLAN are removed during the configuration.

Packets cannot cross layer 2 VLANs. If a member of one layer 2 VLAN wants to connect to another layer 2 VLAN, it must be through a router.

VLANs by Switch Operating Mode – Layer 2 Only and IP Routing

Note: The Switch’s default - in both Layer 2 Only mode and IP Routing mode - is to assign all ports

to a single 802.1Q VLAN named DEFAULT_VLAN. As new VLANs are created, the member ports assigned to the new VLAN will be removed from the default VLAN port member list.

Note: The DEFAULT_VLAN has a VID = 1. An IP interface called System in the IP interface entry

menu also has a VID = 1, and therefore corresponds to the DEFAULT_VLAN.

To create a new 802.1Q VLAN:

The VLAN menu adds an entry to edit the VLAN definitions and to configure the port settings for IEEE 802.1Q VLAN support. Highlight VLANs from the Main Menu and press Enter.

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-26. VLAN Menu

To create an 802.1Q VLAN, highlight Edit 802.1Q VLANs and press Enter:

Figure 6-27. Edit 802.1Q VLANs menu

To create an 802.1Q VLAN, toggle the Action: <Add/Modify> field to Add/Modify using the space bar. Enter a VLAN ID number in the VID:[ ] field and a name for the new VLAN in the VLAN Name:[ ] field.

8-port Gigabit Ethernet Switch User’s Guide

Choose which ports will be members of the new VLAN and enter their membership status in the Membership (E/F/-): [ ][ ][ ] field. The status indicators of the individual port s can be entered directly from the keyboard or toggled using the

space bar. Moving between the status indicators of the individual ports is accomplished using the arrow keys.

To set the 802.1Q VLAN membership status of a port:

To enter the 802.1Q VLAN status for a port, highlight the first field of Membership (E/F/-): [ ][ ][ ]. Each port’s

802.1Q VLAN membership can be set individually by highlighting the port’s entry using the arrow keys, and then toggling

between E, F, or – using the space bar.

• E - (Egress Member) specifies the port as being a static member of the VLAN. Egress Member Ports are ports that will be transmitting traffic for the VLAN. These ports can be either tagged or untagged.

• F - (Forbidden Non-Member) specifies the port as not being a member of the VLAN and that the port is forbidden from becoming a member of the VLAN dynamically.

• (Non-Member) specifies the port as not being a member of the VLAN, but the port can become a member of the VLAN dynamically.

Next, determine which of the ports that are members of the new VLAN will be Tagged or Untagged ports.

To set a port as either a Tagged or an Untagged port:

Highlight the first field of Tagging (U/T):[ ][ ][ ] field. Each port’s state can be set by highlighting the port’s entry using the arrow keys and then toggling between U or T using the space bar.

• U - specifies the port as an Untagged member of the VLAN. When an untagged packet is transmitted by the port, the packet header remains unchanged. When a tagged packet exits the port, the tag is stripped and the packet is changed to an untagged packet.

• T - specifies the port as a Tagged member of the VLAN. When an untagged packet is transmitted by the port, the packet header is changed to include the 32-bit tag associated with the PVID (Port VLAN Identifier – see below). When a tagged packet exits the port, the packet header is unchanged.

If the port is attached to a device that is not IEEE 802.1Q VLAN compliant (VLAN-tag unaware), then the port should be set to U – Untagged.

If the port is attached to a device that is IEEE 802.1Q VLAN compliant, (VLAN-tag aware), then the port should be set to T – Tagged.

Press APPLY to make the additions/deletions effective for the current session. To make enter the IP Interfaces into Non- volatile RAM, highlight Save Changes from the Main Menu and press Enter.

In the following example screen, the VLAN “Accounting” - VID# 2 – has been added. Ports 7 and 8 are Egress ports (static members of “Accounting”). Ports 5 and 6 are Forbidden ports (non-members and are not allowed to join the VLAN “Accounting” dynamically.

Example 802.1Q VLAN add screen:

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-28. Edit 802.1Q VLANs menu

Note: The default VLAN includes all of the ports on the Switch at first boot. As new VLANs are added, the member ports of the new VLAN are deleted from the default VLAN.

To configure the member ports of an 802.1Q VLAN:

Figure 6-29. VLAN Menu

8-port Gigabit Ethernet Switch User’s Guide

To configure the port settings of an 802.1Q VLAN, highlight Configure 802.1Q Port Settings and press Enter:

Figure 6-30. Configure 802. 1Q Port Settings screen

Each port can be configured to use an Ingress Filter. The ports to be configured in a given session can be identified by either entering a range of port numbers or by entering the PVID#.

Ingress filtering is toggled between On and Off using the space bar.

To configure a port’s 802.1Q VLAN settings:

Highlight the Configure Port from [ ] to [ ] field and enter the range of port numbers you want to configure. As an alternative you can use the arrow keys to highlight the PVID[ ] field and enter the PVID for the VLAN’s member ports you want to configure.

• PVID – A Port VLAN Identifier is a classification mechanism that associates a port with a specific VLAN and is used to make forwarding decisions for untagged packets received by the port. For example, if port #2 is assigned a PVID of 3, then all untagged packets received on port #2 will be assigned to VLAN 3. This number is generally the same as the VID# number assigned to the port in the Edit 802.1Q VLANs menu above.

Use the arrow keys to highlight the remaining fields and the space bar to toggle between On and Off.

• Ingress Filter – This enables the port to compare the VID tag of an incoming packet with the PVID number assigned to the port. If the two are different, the port filters (drops) the packet.

• GVRP – The Group VLAN Registration Protocol enables the port to dynamically become a member of a VLAN.

• GMRP – The Group Multicast Registration Protocol enables the port to dynamically become a member of a multicast group. This function is not supported in the current version of the Switch software.

To edit an existing 802.1Q VLAN:

Highlight VLANs on the main menu and press Enter:

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-31. VLAN Menu

To edit an existing 802.1Q VLAN, highlight Edit 802.1Q VLANs and press Enter:

Figure 6-32. Edit 802.1Q VLANs screen

To edit an existing 802.1Q VLAN, highlight the Action:<Add/Modify> field and toggle between Add/Modify and Delete. In the Add/Modify mode, both individual entrees to a selected VLAN and entire VLANs can be added. In the

8-port Gigabit Ethernet Switch User’s Guide

Delete mode, entire VLANs can be deleted. VLANs to be edited can be selected by either the VID:[ ] field or the VLAN Name:[ ] fields. Enter either the VID or the VLAN Name for the 802.1Q VLAN you want to edit and press Enter.

Note: To delete an entir e VLAN, toggle the Action:<Add/Modify> field to Delete, enter either the

VID or the VLAN Name in the appropriate field and press Enter. Highlight Apply and press Enter. The selected VLAN will be deleted. To enter the change into Non-volatile RAM, select

Save Changes from the Main Menu.

The 802.1Q VLANs are edited by specifying which ports will be Egress Members, Forbidden non-members or nonmembers.

The ports are further set to be either a Tagged or an Untagged port.

To edit the 802.1Q VLAN membership of a port:

Highlight the first field of Membership (E/F/-): [ ][ ][ ]. Each port’s 802.1Q VLAN membership can be set individually by highlighting the port’s entry using the arrow keys, and then toggling between E, F, or – using the space bar.

• F - (Forbidden Non-Member) specifies the port as not being a member of the VLAN and that the port is forbidden from becoming a member of the VLAN dynamically.

• (Non-Member) specifies the port as not being a member of the VLAN, but the port can become a member of the VLAN dynamically.

To edit a port’s Tagged or Untagged status:

If the port is attached to a device that is not IEEE 802.1Q VLAN compliant (VLAN-tag unaware), then the port should be set to U – Untagged.

If the port is attached to a device that is IEEE 802.1Q VLAN compliant, (VLAN-tag aware), then the port should be set to T – Tagged.

Each port can be configured to have a PVID or to use an Ingress Filter.

To configure a port’s 802.1Q VLAN settings:

Highlight the Configure Port#[ ] field and enter the port number of the port you want to configure. Use the arrow keys to highlight the PVID#[ ] field and enter the PVID for the port.

Use the arrow keys to highlight the remain ing fields and the space bar to toggle between On and Off.

8-port Gigabit Ethernet Switch User’s Guide

• Ingress Filter – This enables the port to compare the VID tag of an incoming packet with the PVID number assigned to the port. If the two are different, the port filters (drops) the packet.

• GVRP – Group VLAN Registration Protocol enables the port to dynamically become a member of a VLAN.

• GMRP – Group Multicast Registration Protocol enables the port to dynamically become a member of a

multicast group. This function is not supported in the current version of the Switch software.

Setting Up IP Interfaces

Note: A VLAN that does not have a corresponding IP interface defined for it, will function as a Layer 2

Only VLAN – regardless of the Switch Operation mode.

Each VLAN must be configured prior to settin g up the corresponding IP interface. An example is presented below:

VLAN Name VID Switch Ports

System (default) 1 7, 8

Engineering 2 1, 2

Marketing 3 5, 6

Shipping 4 3,4

Table 6-2. VLAN Example – Assigned Ports

the switch. For this example, we have chosen the next IP address above the network address:

VLAN Name VID Network Address IP Address

System (default) 1 10.0.0.0 10.0.0.1

Engineering 2 10.64.0.0 10.64.0.1

Marketing 3 10.128.0.0 10.128.0.1

Shipping 4 10.192.0.0 10.192.0.1

Table 6-3. VLAN Example – Assigned IP Addresses

The 4 IP interfaces, each with an IP address (listed in the table above), and a subnet mask of 255.192.0.0 can be entered into the Setup IP Interface menu.

Note: IP interfaces consist of two parts – a subnet mask and an IP address.

Note: Each IP interface listed above will give a maximum of 2,097,150 unique IP addresses per

interface (assuming the 10.xxx.xxx.xxx notation).

To setup IP Interfaces on the switch:

Highlight Layer 3 IP Networking from the Main Menu and press Enter.

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-33. Setup Layer 3 – IP Networking menu

Highlight Setup IP Interface and press Enter.

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-34. Setup IP Interface screen

Toggle the Action:<Add/Modify> field to Add/Modify. Choose a name for the interface to be added and enter it in the Interface Name:[ ] field. The corresponding VLAN ID must also be entered in the VID:[ ] field. Enter the interface’s

IP address and subnet mask in the corresponding fields. Toggle the Active:<Yes> field to yes, highlight APPLY and press enter to make the IP interface effective. Use Save Changes from the Main Menu to enter the changes into NVRAM.

• Action:<Add/Modify> – This field can be toggled between Add/Modify and Delete using the space bar. This enables the addition/modification of a new or existing IP interface entry or the deletion of an existing entry.

• Interface Name:[ ] – Allows the entry of a name for the IP interface. The default IP interface is named “System”.

• IP Address:[ ] – The IP address to be assigned to this subnet.

• Subnet Mask:[ ] – The subnet mask to be applied to this subnet. It has the same form as an IP address.

• Active:<Yes> – Toggled between Yes and No. This entry makes determines whether the interface will be active or

not.

• VID:[ ] – Allows the entry of the VLAN ID number for the VLAN the IP in terface belongs to. The VLAN must have been previously created.

Press APPLY to make the additions/deletions effective for the current session. To make enter the IP Interfaces into NV- RAM, use Save Changes from the Main Menu.

8-port Gigabit Ethernet Switch User’s Guide

Multicasting

Layer 2 Multicast Setup

To access the Multicasting Menu, highlight Multicasting from the Main Menu and press Enter.

Figure 6-35. Multicasting Menu

IGMP Snooping Settings – by VLAN

To Enable or Disable IGMP Snooping for a VLAN, highlight IGMP Snooping Settings, and press Enter.

8-port Gigabit Ethernet Switch User’s Guide

Figure 6-36. IGMP Snooping screen

To edit a VLAN’s IGMP Snooping Settings:

• Switch IGMP Snooping:< > – This field can be toggled between Enabled and Disabled using the space bar. This enables or disables IGMP snooping for the selected VLAN.

• Querier State:< > – This field determines whether the Switch is able to send IGMP snooping queries.

• Non-Querier – This indicates the IGMP interface will never try to become a querier in the VLAN.

• V1-Querier – If there is no querier present in the VLAN or the interface’s IP address is smaller than the

current querier—whether V1-Querier or V2-Querier—the IGMP interface will become the querier for the VLAN. An IGMPv1 query packet is sent in this mode. IGMPv2 Group Specific Query and leave packets are not handled.

• V2-Querier – In this mode, if there is one V1-Querier present in the VLAN, the IGMP interface will keep silent. If there is no querier present in the VLAN or the interface’s IP address is smaller than the current V2 Querier, the IGMP interface will become the querier for the VLAN. When receiving an IGMPv2 leave packet, the IGMP interface will issue an IGMPv2 Group Specific Query packet immediately and wait one second to see if any IGMP report is received on the Ethernet port. If not, the Ethernet port will be removed from the IGMP group member list and the group’s multicast data will not be forwarded to this port until an IGMP report is received again.

• Robustness Variable – A numeric value between 2 and 255 that allows tuning for expected packet losses on a subnet. If a subnet is expected to have high packet losses, the robustness variable maybe increased. The default is 2.

• Query Interval – The time in seconds between transmission of IGMP packets.

• Max Response – Sets the maximum amount of time allowed before sending an IGMP response report value

between 1 and 20 seconds can be entered, with a default of 10 seconds.

Robustness Variable, Query Interval, and Max Response values are combined to produce an IGMP age-out timer value between 10 and 9,999 seconds. This timer determines how long a snooped multicast member’s IP and MAC

8-port Gigabit Ethernet Switch User’s Guide

address remain in the IGMP address table. The default value is 260 seconds. To set the age-out timer for an individual IGMP snooping entry, you must enter values in the Robustness Variable, Query Interval, and Max Response fields as the age-out value is arrived at by multiplying the first two figures and then adding the last value.

IEEE 802.1Q Multicast Forwarding

To edit the IEEE802.1 Multicast Forwarding settings, highlight IEEE 802.1Q Multicast Settings from the Multicasting Menu and press Enter.

Figure 6-37. Setup IEEE 802.1Q Multicast Forwarding

The Action:< > field can be toggled between Add/Modify and Delete using the space bar. To add a new entry to the multicast forwarding table, select Add/Modify and enter the VID of the VLAN that will be receiving the multicast packets. Enter the MAC address of the multicast source, and then enter the member ports.

Each port can be an Egress, Forbidden, or a Non-member of the multicast group, on a per-VLAN basis. To set a port’s multicast group membership status, highlight the first field of (E/F/-): [ ][ ][ ]. Each port’s multicast group

membership can be set individually by highlighting the port’s entry using the arrow keys, and then toggling between E, F, or – using the space bar.

• E - (Egress Member) specifies the port as being a static member of the multicast group. Egress Member Ports are ports that will be transmitting traffic for the multicast group.

• F - (Forbidden Non-Member) specifies the port as not being a member of the multicast group and that the port is forbidden from becoming a member of the multicast group dynamically.

• (Non-Member) specifies the port as not being a member of the multicast group, but the port can become a member of the multicast group dynamically.

D-link DGS-3308FG User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual