User Manual - D-Link
Contents
1. colololojololololololojojololojolo lt Figure 4 4 802 1P Default Priority Page The 802 1P Default Priority Page contains the following fields Field Description Unit Defines the stacking member for which the port packet priorities are displayed From Port Defines the starting port for which the port packet priorities are defined To Port Defines the ending port to which the port packet priorities are defined Priority Defines the priority assigned to the port The field range is 00 07 where 00 is the lowest priority and 07 is the highest priority 2 Define the Unit From Port To Port Prioirity fields 3 Click ee a Ports are mapped to packet priorities and the device is updated 133 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Mapping Priority to Classes Queues The 802 1P User Priority Page allows network managers to assign priority tags to classes queues If a network manager defines a priority of 01 to Class 3 all packets arriving with an assigned value of 01 are sent to class queue 3 The default mapping is e Priority 0 3 is assigned to QO This is the lowest priority queue e Priority 1 2 is assigned to Q1 e Priority 4 5 is assigned to Q2 e Priority 6 7 is assigned to Q3 This is the highest priority queue To map priority to queues 1 Click QoS gt 802 1p User Priority The 802 P User Priority Page opens 000000 9999999992. 0 4 AAA DGs 3100 48 DGs 3100 48 D Link Building Networks for People d Tools Y H Configuration PL2 Features B Monitoring PoE f ACL ACL Configuration Wizard gt Access Profile List ACL Finder STACKING STATUS mu I i m a i P rane EE i a Stack ID DGS 3100 Series Gigabit Stackable Managed Switch User Manual 0000000 Ve Dp 222 TD MN MS o a o Lana Up Time 5 days 1 49 44 Logged in as admini r 10580 57 P Logout Select Frame Type C L2ACL LaiPv4ach IGMP y L3IPv6 ACL You can select the field in the packet to create filtering mask L2 Header IPv4 Class IPv4 Address IGMP Create Figure 0 9 ACL Profile L3 IPv4 IGMP Page 2 Click the IGMP button The ACL Profile L3 IPv4 IGMP Selected Page updates to show the following Building Networks for People Tools Y Configuration L2 Features pas Security B Monitoring PoE ACL B ACL Configuration Wizard gt ACL Finder STACKING STATUS TCP Filtering To define TCP filtering select the TCP option If L3 IPv4 ACL TCP is selected the page updates as follows Stack ID 0099999999999999 d 17 30 19 20 21 22 23 2 25 26 27 DB 9 9 Pree Zo IRA a ag E E rey Pere Up Time 5 days 1 50 54 0000000 Logged in as adminis ring 705 580 57 P Logout Select Frame Type C L2ACL L3IPv4 ACL icm
3. f L2 Features 802 1X Enabled Disabled f aos PL 802 1X Port Access Control ma Safeguard Engine 2 Trusted Host QuietPeriod 0 65535 60 sec SuppTimeout 1 65535 30 sec i Port Security ServerTimeout 1 65535 30 sec MaxReg 1 10 2 times Guest VLAN Bff 8021x TxPeriod 1 65535 30 sec ReAuthPeriod 300 4294967295 3600 sec E1802 1X Setting ReAuthEnabled Enabled v Control ForceAuthorized 2 i oo z am ea i Unit From Port To Port Mode Forwardin FE ll wre Bss 01 J 01 3 o y PorBase Y p ssH Access Authentication Monitoring List m AacL he E A e unit Port Control TxPeriod QuietPeriod SUPP Sener f mareg ReAutn las Mode STACKING STATUS 1 ki Auto 30 60 30 30 2 3600 Disabled PortBasej ns eezeeees ess MAC LL 1 1 2 ForceAuthorized 30 60 30 30 2 3600 Disabled Base 1 4 3 ForceUnauthorized 30 60 30 30 2 3600 Enabled _ PortBase nn sesceees sena 1 1 4 Auto 30 60 30 30 2 3600 Disabled PortBase AA AAA 1 15 Auto 30 60 30 30 2 3600 Disabled PortBase 1 1 6 Auto 30 60 30 30 2 3600 Disabled PortBase EA 1 17 Auto 30 60 30 30 2 3600 Disabled PortBase ES SERS SE 1 138 Auto 30 60 30 30 2 3600 Disabled PortBase Y 5 The second step on Security gt 802 1X gt 802 1X Setting page will be configuration of the required ports as MAC Based authentication opposite to Port Based authentication 151 D Link Building Ne
4. E H Configuration Select Frame T EH L2 Features bang rg Qos C L2ACL H Security Lips aci ICMP z E Monitoring l PoE C L3IPv6 ACL Seet EI ACL You can select the field in the packet to create filtering mask ACL Configuration Wizard E Access Profile List L2 Header IPv4 Address ICMP gt ACL Finder STACKING STATUS Create Figure 0 6 ACL Profile L3 Ipv4 ACL ICMP Class Page 2 Click _ Create The ACL profile is added and the device is updated To define L3 IPv4 Address ACL profile This option defines whether or not the address field is checked for a match 1 Click the 1 Pv4 Address button The ACL Profile L3 IPv4 ACL ICMP Address Page updates to show the following 211 n Save TH EE AA 2 Building Networks for People 4 4 Tools 7 DGS 3100 43 H Configuration HP L2 Features paos p Security B Monitoring PoE fact ACL Configuration Wizard E Access Profile List ACL Finder STACKING STATUS AS m a ji E w w y i 3 oe m a a m I f Stack ID DGS 3100 Series Gigabit Stackable Managed Switch User Manual ru Y gt a APS 000000009000900 eee 000000000000 7 8 3 ONN u 6 17 18 19 20 21 22 23 4 25 28 27 2 Diink 33833 2 hey ola oe E a Ahhh So PPS PUIII PU a D U Up Time 5 days 1 44 54
5. User Accounts System Log Host 1 9 SNTP Settings Note Ifthe End Time is before the Start Time the End Time will be set to the following day 5 E Settings The Time Range Setting can not be edited successfully when state is active DHCP Relay DHCP Local Relay DHCP Auto Configuration Firmware Information Telnet Setting 2 Serial Port Settings MB L2 Features Hs P Security H Monitoring Poe fac STACKING STATUS EA ea Sa THEN A 2 iaa cu a O poepers Ssoseess Soessees e see E 2 E Figure 2 177 Time Range Edit Page 2 Define the Time Range Edit fields 3 Click Apply The time range is modified and the device is updated 67 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Serial Port Settings The Serial Port Settings enables users to configure access to the device via a serial port To configure serial port access 1 Click Configuration gt Serial Port Settings The Serial Port Settings Page opens D Link 3 ieee Oe AAGADA a owe oo CPC Pee SECC PU PR Tools StackID Up Time 6 days 5 46 08 Logged in as administrator 10 5 80 10 pe Logout pcs 3100 48 gt Serial Port Settings Ef Configuration gt System Information Baud Rate 9600 zl gt IP Address l Auto Logout 10 mins 3 Stacking Settings l Port Configuration Gaa os 8 ARP Settings Parity Bits None 3 User Accounts Stop Bits 1 Apply gt System Log H
6. View Name Subtree OID View Type included a View Name Subtree View Type Default 4 Included Delete Default 1 3 6 1 6 3 13 Excluded Delete Default 1 3 6 1 6 3 16 Excluded Delete Default 1 3 6 1 6 3 18 Excluded Delete Default 1 3 6 1 6 3 12 1 2 Excluded Delete Default 1 3 6 1 6 3 12 1 3 Excluded Delete Default 1 3 6 1 6 3 15 1 2 Excluded Delete Default 1 3 6 1 4 1 171 10 94 89 89 2 7 2 Excluded Delete DefaultSuper 1 Included Delete Figure 0 13 SNMP View Table Page The SNMP View Table Page contains the following fields Field Description View Name Defines the view name limited to 30 alphanumeric characters Subtree OID Defines the OID included in or excluded from the selected SNMP view View Type Defines whether the defined OID branch will be included in or excluded from the selected SNMP view 2 Define the View Name Subtree OID and View Type fields 3 Click Apply To delete a view from the The SNMP View Table is defined and the device is updated SNMP View Table Page 4 Select an entry on the list 5 Click Delete 49 The entry is deleted and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Groups The SNMP Group Table Page provides information for creating SNMP groups and assigning SNMP access control privileges to SNMP groups Groups enable network managers to assign access righ
7. To clear dynamic entries click EPI To clear all entries click Clear All Entry The MAC Address Table updates and displays total entries To scroll down the table click Next To scroll up the table click ES 188 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing System Log The System Log Page provides information about system logs including information when the device was booted how the ports are operating when users logged in when sessions timed out as well as other system information To view the System Log Page 1 Click Monitoring gt System Log The System Log Page opens Va perme rum scecceecscccceos o00000o0oo0o Lo o a 2 3 1 45 7 0 9 10 11 12 13 14 15 16 0 21 2 23 24 25 2 33 34 35 3 37 38 39 044004 OEI AA e aan A ay By a a Sake Building Networks forPeopid f ee oc TEETE A T lidia MEE Im Stack ID 2 DGS 3100 48 E Configuration L2 Features Clear H aos E y si ie a Log Description Severity Stacking Information 1 2006 02 23 01 02 03 System started up Informational gt CPU Utilization 2 2006 02 23 01 03 03 Port 1 link up 100Mbps Full duplex Warning gt Port Utilization 3 2006 02 23 01 04 03 Successful Login through Console Warning ES Packet Size 4 2006 02 23 01 05 03 Console session time out Warning m f Packets RADIUS Authentication Browse ARP Table Browse MLD Router Port Browse Router Port a Browse
8. a Browse Router Port Browse Session Table IGMP Snooping Group MLD Snooping Group MAC Address Table System Log gt Gac STACKING STATUS Browse MLD Router Port StackID 1 Click Monitoring gt Green Ethernet The Green Ethernet Page opens Up Time 2 days 5 10 13 A Logged in as administrator admin 192 168 0 1 Power Consumption 66 SW out of maximum 12W Cumulative Energy saved 12 Watt Hour Clear ad g reen n y 4 ethernet See occ Figure 0 12 Green Ethernet Page The Green Ethernet Page contains the following fields Field Description Power Consumption Displays the device power consumption The power consumption is displayed in percentage as well as in Watts Cumulative Energy Displays the cumulative power conserved by using Green Ethernet saved 2 To clear the Cumulative Energy saved value 3 Click _ Clear The Cumulative Energy saved is cleared 190 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Device Environment Device Environment displays basic information regarding the operating environment of the device in areas such as temperature and ventilation To view Device Environment 1 Click Monitoring gt Device Environment The Device Environment Page opens bs DGS 3100 24 Configuration PL2 Features aos H Security Monitoring Stacking Information 3 CPU Utilization gt Port
9. ccccesccesesssecssecseeeseeeseeeseeseceeessecnsecseceaecsaecaaecaeecaeeeaeenseseeesesesereneeneeeeensees 156 Configuring Secure Shell Security ccccccecssesssessceescesecesecaecsaecaeecseeeneseneeeeeeeeseceeeeeeceaeeeaecsaecsaecaeecaeeesseeaesenesereeerenrees 158 Detming SSH Algorithm Set gs cui a rd s 159 Defining Application Authentication Settings cccecccesccesecsecesecseeeseeeseeeeeseeeeseceseensecaecsaecsaecaaecaeecaeeeaeeeseeneeeeseeereneaees 161 Configuring Authentication Server Hosts 0 ccccesccesecssecsseeseeeseesseeseceecesecnsecaecaecnaecaaecaeecaeeeaeeeaeeeeeeeeeereeeeneeeseeaees 163 Defining Login Methods ii ise Saeco vie Rho Baste hae A Ae ts BA e 164 Defining Enable Methods 3 2s sccs cccccsedecceccs ceases ie bsc cess che a ERE aaa 166 Configuring Local Enable Passwotd ccssccssscssssssecesecossensvsnsesssesscssesssessescesenscsesonecouscatsensvnsesusenseeusesvesesesseseaess 168 Defining ARP Spoofing Prevention Settings cccccesccssscssecesecseeceeeseeeseeeeeeseessceneeenseeaeeeaecsaecaaecaeecseeeseseseseeeseeeeereneaees 169 MONITORING THE DEVICE 00000 oi ds 171 Viewing Stacking Information io ii 172 Viewing CPU Wt Zation too RE Ra 173 Viewing Port Uti zation A ARON an A acc aaa 174 Viewing Packet Size dr sab 175 Viewing Received Packet Statistical os 176 Viewing UMB cast Packet Statistics ao 177 Viewing Transmitted Packet Statistics cccccceescesseseeceneeesecesecsecs
10. Alternatively click to select the ports individually The default is 1 48 None 4 Click Apply The Multicast forwarding settings are applied to the port and the device is updated To restore the default settings 1 Click Cancel The default settings are restored 2 To edita VID entry 3 Select the entry 4 Click Edif 5 Define the fields 6 Click Apply The entry is deleted and the device is updated To delete a VID entry 1 Select the entry 2 Click Delete VID Defining Multicast Filtering The Multicast Filtering Mode Page displays the port filtering mode for unregistered Multicast groups Ports can filter or forward unregistered Multicast groups The Multicast Filtering Mode Page permits specifying the Multicast filtering mode per port or globally for all ports 1 opens e000 3 o A A a DGS 3100 48P f Configuration Click L2 Features gt Forward amp Filtering gt Multicast Filtering Mode The Multicast Filtering Mode Page Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 a logout Logout E L2 Features 2 Jumbo Frame 802 10 VLAN 2 GVRP Settings Trunking 3 Traffic Segmentation 3 LACP Port Settings IGMP Snooping 3 MLD Snooping Port Mirroring ja Spanning Tree f Forwarding amp Filtering gt Unicast Forwarding 3 Multicast Forwarding 2 Wticast Fitering Wodd BLLDP H E QoS STACKING STATUS v To Port 01 vai Filteri
11. Description Provides a description of the OUI of up to 32 characters 2 To configure a new OUI entry enter the OUI and a description and click Apply The OUI will be added to the list and the device is updated The following OUIs are pre defined OUI Entry Description 00 01 e3 Siemens AG phone 00 03 6b Cisco phone 00 09 6e Avaya phone 00 0f e2 Huawei 3Com phone 00 60 b9 Philips and NEC AG phone 00 d0 1e Pingtel phone 00 e0 75 Veritel phone 00 e0 bb 3COM phone 125 DGS 3100 Series Gigabit Stackable Managed Switch User Manual CONFIGURING QUALITY OF SERVICE Configuring 1p Priority tagging is an IEEE 802 1p defined standard function designed to provide a means of managing traffic on networks where many different types of data are transmitted simultaneously It is intended to alleviate problems associated with the delivery of time critical data over congested networks The quality of applications dependent on such data such as video conferencing can be severely and adversely affected by even very small delays in transmission IEEE 802 1p standard compliant network devices recognize the priority level of data packets and can assign priority labels or tags to packets as well as strip priority tags from packets The priority tag determines the packet s degree of expeditiousness and the queue to which it is assigned Priority tags are assigned values from 0 to 7 with 0 being assigned
12. Stack Startup Process When a stacking member is initialized either powered up or rebooted the stacking member goes through the same exact process including e Discovering the Stacking Master e Allocating Unit IDs Resolving Unit ID Conflicts e Unit and Stacking Port Configuration Discovering the Stacking Master When a stacking member is initialized in stack mode the stacking member s behavior depends on its Unit ID e Ifthe stacking member does not have a current Unit ID the stacking member operates in Factory Default mode If there is a Stacking Master the stacking member is assigned a Unit ID through Unit ID Allocation The stacking members receive a Unit ID from the Stacking Master If the stack does not have a Stacking master then the switch participates in Master Election and may be elected either the new Stacking Master or Backup Master e Ifthe stacking member s current Unit ID is 1 or 2 the stacking member participates in the Master Election For example the Unit ID was previously allocated or the stacking member was in a different stack e Ifthe stacking member has a current Unit ID the stacking members attempts to use the Unit ID in the new stack If the stacking member current ID is 3 4 5 or 6 then the stacking members attempts to connect to the running Stack Master The new stacking member does not proceed to the next stage until there is contact with the Stack Master These stacking members do not participate in t
13. To configure the system time e Click Configuration gt SNTP Settings gt TimeZone Settings The TimeZone Settings Page opens 44 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 0Gs 3100 48 B p Configuration System Information gt IP Address 3 Stacking Settings f Port Configuration gt ARP Settings 5 User Accounts System Log Host El P SNTP Settings gt Time Settings E TimeZone Settings i SNMP Settings DHCP Auto Configuration Dual Image Services gt Telnet Setting PL2 Features E aos H Security Monitoring H Ac STACKING STATUS Daylight Saving Time Daylight Saving Time Time Zone Offsetfrom GMT in HH MM Disabled C 00 00 w State Offset in Minutes DST Repeating Settings From Which week of the month From Day of Week From Month From time in HH MM To Which Day To Day of Week To Month To time in HH MM DST Annual Settings From Month From Day From time in HH MM To Month To Day To time in HH MM Apply Figure 0 11 TimeZone Settings Page The TimeZone Settings Page contains the following fields Field Description Daylight Savings Time State Defines type of DST enabled on the device The possible field values are Disable Disables DST on the device This is the default values Repeating Enables setting repeating DST This option requires defining begin and end times by specific
14. To manage the device via an Embedded Web System while SSL is enabled the web browser must support SSL encryption URL headers must begin with https for example https 10 90 90 90 The system supports up to five SSH sessions To enable SSL on the device 1 Click Security gt SSL The SSL Configuration Settings Page opens 156 DGS 3100 Series Gigabit Stackable Managed Switch User Manual X Tools 2 DGS 3100 48 E Configuration H H L2 Features aos B p Security gt Safeguard Engine Trusted Host 3 Port Security Guest VLAN A 802 1X E H H SSH Access Authentication Cor E 3 Monitoring E BHACL gt raw 00000000000 Ersson 12345 Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0100 Marca SSL Status O Enabled Disabled Ciphersuite Status RSA with RC4_128_MD5 Disable RSA with 3DES_EDE_CBC_SHA Disable RSA with RC4_40_MD5 Disable Figure 5 8 SSL Configuration Settings Page The SSL Configuration Settings Page contains the following fields Field Description SSL Status Indicates if SSL is enable on the device The possible field values are Enabled Indicates SSL is enabled on the device Disabled Indicates SSL is disabled on the device This is the default value Ciphersuite Indicates the Ciphersuite The possible field values are RSA with RC4 128 MD5 Combines the RSA key exchange stream cipher RC4 encryption
15. eT oduct Ae ca Tt Tt ttt aca PA A A A A a a a FPPP DES 310048 Tools StackID Up Time 5 days 2 00 44 Logged in as administrator 10 2 DGS 3100 48 rome 1 8 Configuration Select Frame Type H H L2 Features pa ics L2 ACL i 8 Security L31pvs ac UDP f Monitoring Po C L3IPvV6 ACL L__select__ a El ACL You can select the field in the packet to create filtering mask ACL Configuration Wizard a L2 Header IPv4 Class IPv4 Address UDP Port ACL Finder STACKING STATUS r 2 T A ssososss ssssosss Ti E A o sa Create Figure 0 14 ACL Profile L3 IPv4 UDP Page To define L3 IPv4 UDP Port ACL profile 1 Click the UDP Port button The ACL Profile L3 IPv4 UDP Port Page updates tc to Mow the following A po Pea es e E o RRR RARER ERE e 0 0 9 09 PRA 9999999 Link Ti 4 90 W128 25 2 27 202 92222 p UR 7 lalo ll ob i alto al ly la fl ll ol ll Ale II PU Ep p e A Y g a diene fm Save Tools StackID d Up Time 5 days 2 02 24 Logged in as administrator 10 5 80 57 P Logout a DGS 3100 48 Add A E f Configuration SN EH L2 Features c me f oos L2 ACL E gata L3ipvsaci UDP E Monitoring Dos 13 IPv6 ACL Select EI ACL You can select the field in the packet to create filtering mask 3 ACL Configuration Wi
16. 1 s Command Handler for command ID 1 s is console missing Command lt 1 s gt processed in 2 d 3 d secs Port changed status from notPresent to notPresent Method failed DESCRIPTION current method succeeded an access is granted The CLI session for the specified user between the specified source and destination addresses is terminated The Telnet SSH session may still be connected The CLI session for the specified user between the specified source and destination addresses is accepted The files are copied from the specified source address to the specified destination address A received BPDU message indicates that the specified port is configured as the Fast port The string parameter describes the reason this message was called sshpClientFind illegal index 1 d The specified MIB variable was not found in the Mib2cli temporary DB The SNMPServG name 2 Id function failed because MIB variable name is unknown The command handler for the specified command ID is missing It took the specified number of seconds to process the specified command An indication of not present port when this port is DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION ID already not present is wrong Valid for stackable projects only See the relevant trap message as in the case when the specified stack member Information UNIT I
17. Host and domain name size exceeds the specified number of bytes Packets corrupted and or network problems Key IDs do not match keys are expired or some other key configuration problems Key IDs do not match keys are expired or some other key configuration problems MdS keys are not found or are invalid MdS keys are not found or are invalid Key IDs do not match keys are expired or some other key configuration problems HTTPS server has been enabled but a certificate was not found For a certificate generation use the crypto certificate 1 2 generate command The service will start automatically when a certificate is generated The specified service has been enabled but an ID SEVERITY SYSLG8 77 26 SYSLG8 78 14 Warning SYSLG8 78 15 SYSLG8 78 18 SYSLG8 78 2 SYSLG8 78 23 SYSLG8 78 7 SYSLG8 79 4 SYSLG8 80 2 SYSLG8 78 6 SYSLG8 81 14 Warning SYSLG8 81 18 DGS 3100 Series Gigabit Stackable Managed Switch User Manual CATEGORY gt s gt z gt s gt gt 5 gt s Up Download SNMP MESSAGE key certificate 1 d was not found For key generation use the crypto key generate commands The service will start automatically when a host key is generated Invalid attribute 1 d ignored 2 s Msg of 1 u length received from server 3 s is bigger than maximum 2 u Information is truncated Parsing of the 1 s msg received
18. IGMP Filter table is The IGMP Filter table is SYSLG8 44 0 Warning FDB overflowed full Entries cannot be added to the table that a user has Failed to insert entry to access to because the SYSLG8 44 1 Warning FDB IGMP Filter table platform reached its limit The copy operation has The copy operation has SYSLG8 45 8 Warning Up Download failed failed The configuration file has The configuration file has SYSLG8 45 9 Warning Up Download failed to download failed to download Management ACL drop packet received on interface 1 s 2 j from A Management ACL drop 3 y to 4 y protocol packet is received on the SYSLG8 46 10 Warning Security 5 d service 6 s specified interface 1 j STP status STP status is in Blocking SYSLG8 48 35 Warning STP Blocking mode 1 j STP status STP status is in Forwarding SYSLG8 48 36 Warning STP Forwarding mode For the specified instance 1 j of instance 2 d the STP status is in SYSLG8 48 37 Warning STP STP status Blocking Blocking mode For the specified instance 1 j of instance 2 d the STP status is in SYSLG8 48 38 Warning STP STP status Forwarding Forwarding mode 1 j STP Loopback SYSLG8 48 41 Warning STP Detection 1 j STP Loopback SYSLG8 48 42 Warning STP Detection resolved sshpConld connection Excessive number of clients SYSLG8 49 10 Warning AAA 1 d outside client range serviced by the system sshpClientId connection id 1 d is in the range Excessive number of S
19. Logged in as administrator 10 5 80 57 P Logout DGS 3100 48 rome l Configuration Select Frame Type H P L2 Features pa a Q0S L2 ACL ce fa Security C L3IPv4ACL H Monitoring f PoE L3ipws aci ICMP y Select ACL You can select the field in the packet to create filtering mask ACL Configuration Wizard a L2 Header IPv6 Address ICMP ACL Finder STACKING STATUS Create Figure 0 17 ACL Profile L3 IPv6 ACL ICMP Class Page 2 Click _ Create The ACL profile is added and the device is updated To define L3 IPv6 Address ACL profile 1 Click the Pv6 Address button The ACL Profile L3 IPv4 ACL ICMP Address Page ba i to show i following AE pe TIA T A cO00c e ee r ec ss A o 229299933 Sn 4 w n 12 93 222 3333 2 ri LI D Link D link jeer tT ttt tt eS ANN AE Aa pi PU VeEr 4 re DES 3100 48 Save Tools Y Stack ID 1 Up Time 5 days 208 14 Loggedin as SETE 10 5 80 57 gt Logout DGS 3100 48 rome 0 f Configuration Select Frame Type E L2 Features pa m aos L2 ACL 3 8 Security C L3IPV4ACL 41 8 Monitoring i PoE 3ipveact ICMP z Select EHF ACL You can select the field in the packet to create filtering mask ACL Configuration Wizard 3 L2 Header IPv6 Class ICMP ACL Finder STACKING STATUS IPv6 Address T Source IP Prefix
20. Packet is corrupted and will be discarded A user cannot be authenticated because of AAA low resources Received a message indicating that authentication method is unsupported Received a message indicating the additional authentication argument is not supported Received a message indicating the replacement authentication argument is not supported Received a message indicating authentication is not supported The specified user ID is locked after an unsuccessful login from the specified source to the specified destination AAA data corruption has occurred All valid data has been saved The packet is dropped in accordance with the 262 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID_ _ SEVERITY CATEGORY MESSAGE DESCRIPTION PT pei security ote E E ee The specified packet is 1 s Packet forward by forward by the specified SYSLG8 40 14 Warning Security Policy rule no 2 s Policy rule Configuration error The TFTP connection cannot TFTP connection cannot be be started without IP started without an IP SYSLG8 43 10 Warning IP address address Empty file downloaded SYSLG8 43 7 Warning Up Download configuration unchanged Configuration file is empty IGMP Filter table is The IGMP Filter table is SYSLG8 44 0 Warning FDB overflowed full Entries cannot be added to the table that a user has Failed to insert entry to access to because the SYSLG8 44 1 Warning FDB IGMP Filter table p
21. Te TH mm Save X Tools System Information P Address Stacking Settings Add Host Table Port Configuration ARP Settings Host IP Address User Accounts SNMP Version gt System Log Host el p snte Settings ew String SNMPv3 User SNMP Settings SNMP View Table gt SNMP Group Table gt SNMP User Table gt SNMP Community T Host IP Address SNMP Version Community Name SNMPv3 User Name gt EMS SAE t Public SNMP Engine ID SNMP Trap Configu DHCP Auto Configuratic Dual Image Services gt Talnat Sattinn lt ill gt STACKING STATUS Fau y ma Re PPP mm mi pus da AA a G CO annanana anannana ananac n Figure 0 17 SNMP Host Table Page 55 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The SNMP Host Table Page contains the following fields Field Description Host IP Address Defines the IP address to which the traps are sent SNMP Version Defines the trap type The possible field values are SNMPV1 Indicates that SNMP Version 1 traps are sent SNMPV2c Indicates that SNMP Version 2 traps are sent SNMPV3 NoAuth NoPriv Indicates that the SNMP version 3 is assigned with a NoAuth NoPriv security level and traps of that level will be sent SNMPV3 Auth NoPriv Indicates that the SNMP version 3 is assigned with an Auth NoPriv security level and traps of that level will be sent SNMPV3 Auth Priv Indicates that th
22. 5 X Number of 2 s The specified number of Information configuration items configuration commands SYSLG8 86 8 al Up Download loaded 1 lu has been loaded Information XMODEM session has The XModem session is SYSLG8 92 1 al Up Download been aborted aborted Information XMODEM session has The XModem session is SYSLG8 92 2 al Up Download been completed ended 256 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID S s SEVERITY CATEGORY MESSAGE DESCRIPTION SYSLG7 14 0 Notice sf LLDP status mys fs Bad msg received from SYSLG8 1 0 Notice 1 y on intf 2 y Ignoring msg from 1 y SYSLG8 1 1 Notice on intf 2 y IP FDB Table Overflow SYSLG8 105 1 Notice IP 1 s The IP FDB Table is full Session is closed after Session is closed after SYSLG8 16 2 Notice Web timeout is expired timeout period is reached NVRAM section 1 s The specified NVRAM not found and cannot be section not found and SYSLG8 26 6 Notice erased cannot be erased The copy operation was The copy operation SYSLG8 45 7 Notice Up Download completed successfully completed successfully UNIT ID SYSLG8 63 13 Notice Stack 1 d Msg 2 s UNIT ID SYSLG8 63 5 Notice Stack 1 d Trap 2 s Start conversion of old The conversion of old SYSLG8 89 1 Notice SNMP format CDB format CDB has started End conversion of old The conversion of old SYSLG8 89 2 Notice SNMP format CDB format CDB has finished The specified type is not SY
23. Logged in as administrator 105 58057 a Logout rome Select Frame Type L2ACL v3ipvaact ICMP y C L3IPv6 ACL Select You can select the field in the packet to create filtering mask L2 Header IPv4 Class IPv4 Address T Source IP Mask I Destination IP Mask _ Mask Generate Mask Generate Create Figure 0 7 ACL Profile L3 IPv4 ACL ICMP Address Page The ACL Profile L3 IPv4 ACL ICMP Address Page contains the following fields Field Description Source IP Mask Defines the range of source IP addresses relevant to the ACL rules 0 ignore 1 check For example to set 176 212 XX XX use mask 255 255 0 0 D estination IP Mask Defines the range of destination IP addresses relevant to the ACL rules 0 ignore 1 check For example to set 176 212 XX XX use mask 255 255 0 0 2 Select Source IP Mask and or Destination IP Mask The Mask Generate button is active 3 Enter an IP mask in the box adjacent to the Mask Generate button 4 Alternatively click Mask Generate The Generate Mask by range fields appear 5 Enter an IP address range into the Generate Mask by range fields and click Calculate The mask is generated 6 crie rente The ACL profile is added and the device is updated To define L3 IPv4 ICMP ACL profile 1 Click ICMP The ACL Profile L3 IPv4 ACL ICMP Page updates to show the following 212 DGS 3100 Series Gigabi
24. Name This field is only active if the selected unit supports PoE Power Limit Defines whether a Power Limit will be set This enables saving power when the PoE devices are typically not in use The possible field values are e Unchecked The Power Limit Time Range is disabled on the ports This is the default value e Checked The Power Limit Time Range is enabled on the ports 198 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Define the Unit From Port To Port and PoE Enable fields 3 Define the Power Limit and Time Range Name fields 4 Click A The PoE Port Settings are saved and the device is updated 199 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring PoE System Settings The PoE System Setting Page contains port utilization information for specific ports To view port statistics 1 Click PoE gt PoE System Setting The PoE System Setting Page opens F Al o Ed A 3 Building Networks for People d e Tools 7 StackID 2 Dcs 2100 48 PO stem Setting Ef Configuration System Information Unit 01 po E P Address System Power Threshold SOW y 3 Stacking Settings f Port Configuration Disconnect Method Deny next port y Apply B ARP Settings User Accounts B System Log Host f SNTP Settings f SNMP Settings gt DHCP Relay DHCP Local Relay DHCP Auto Configuration Firmware Information Telnet Setting gt Ti
25. The User Accounts Page contains the following fields Field Description User Name Defines the user name The user name can contain up to 15 characters New Password Defines the password assigned to the user account The password can contain up to 15 characters Access Right Displays the user access level The possible field values are Admin Assigns the user full administrative access through both the Web Interface and the CLI Operator Assigns the user operator level access which is similar to Admin access except that the operator cannot update the firmware startup configuration user accounts or restore factory reset User Assigns the user read only access through both the Web Interface and the CLI The Following limitations appear on the Web Interface e The Save navigation tree button does not appear and only Show Stack Status feature appears under the Tools button in the Web Interface e An Access Denied window is displayed if the user clicks Apply In order to return to the Web Interface the user has to go back to the previous page or access a 37 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description different page by using the navigation bar Confirm New Password Confirms the user password 2 3 4 5 Define the User Name field Select the user access level in the Access Right field
26. The following is an example of stratums Stratum Example Stratum 0 A real time clock such as a GPS system is used as the time source Stratum 1 A server that is directly linked to a Stratum 0 time source is used as the time source Stratum 1 time servers provide primary network time standards Stratum 2 The time source is distanced from the Stratum 1 server over a network path For example a Stratum 2 server receives the time over a network link via NTP from a Stratum 1 server Information received from SNTP servers is evaluated based on the Time level and server type SNTP time definitions are assessed and determined by the following time levels Time level SNTP Time Definition T1 The time at which the original request was sent by the client T2 The time at which the original request was received by the server T3 The time at which the server sent the client a reply T4 The time at which the client recived the server s reply 41 Polling for Time Information DGS 3100 Series Gigabit Stackable Managed Switch User Manual SNTP is used to poll time information from SNTP server Using SNTP enables accurate system clock The Time Settings Page allows network managers to enable and configure the SNTP time settings on the device To enable SNTP 1 Click Configuration gt SNTP setings gt Time a The Time cea Page opens D Link 3 Vee 222 2 ee a Peer TT tt 260802 58 hf hs
27. Tools 1 Click gt Reset The F actory Reset Page opens 000000000000 HHRHH Sav Up Time 0 days 1 16 50 E Logged in as administrator 10 5 80 34 P Logout e pesa Show Stack Status actory Rese 0 E cor Device Locator 4 92 Config Backup amp Restore gi Qo Please be aware that all configuration will resetto default value Factory Reset a seco f Mot Firmware Download ac System Reboot STACKING STATUS Figure 0 4 Factory Reset Page 2 Click pac A The factory default settings are restored once it completely reloaded and the device is updated 10 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Downloading the Firmware The Firmware Download web page is used to download the firmware files that will be used to manage the device NOTE Firmware version 1 x x supports 4 SKUs od DGS 3100 series DGS 3100 24 DGS 3100 24P DGS 3100 48 and DGS 3100 48P Firmware version 2 x x supports in addition the 5 SKU DGS 3100 24TG Firmware version 2 x x includes as well additional features comparing to version 1 x x for more details please refer to the Release Notes When upgrading firmware from version 1 x x to version 2 x x on the switch the user should upgrade the boot software as well from version 1 0 0 3 to version 1 0 0 4 Previous firmware versions that do not support Green Ethernet and Fan Control cannot be downloaded into boards with Fan Control and Green Ethernet The downl
28. e Apple Safari SNMP Based Management The system also supports SNMPvl SNMPv2c and SNMPv3 The SNMP agent decodes the incoming SNMP messages and replies to requests with MIB objects stored in the database The SNMP agent updates the MIB objects to generate statistics and counters Command Line Console The device also supports device configuration using the Command Line Interface A terminal is connected to device via the serial console port iv DGS 3100 Series Gigabit Stackable Managed Switch User Manual User Guide Overview This section provides an overview to the DGS 3100 series and the DGS 3100 24TG Switch Manual including the guide structure and a chapter overview e Section 1 Getting Started Provides general background for understanding and using the Boot Startup Menu and the Embedded Web System including an explanation of the interface buttons and general system functions e Section 2 Defining the Basic Device Configuration Provides information for viewing system information defining IP addresses managing stacking defining ports configuring SNMP management and defining the system time settings e Section 3 Configuring L2 Features Provides information for enabling and configuring Jumbo frames VLANs Trunks LAGs Traffic Segmentation Multicast forwarding Spanning Tree and LLDP e Section 4 Configuring Quality of Service Provides information for ability to implement QoS and priority queuing within a
29. lt gt STACKING STATUS Figure 0 7 Forwarding EAP Page The Forwarding EAP Page contains the following field Field Description Forwarding EAP Specifies whether forwarding of EAP packets is enabled on the device The possible field values are Enabled Enables forwarding of EAP packets Disabled Disables forwarding of EAP packets This is the default 2 Define the EAP packet forwarding status in the Forwarding EAP field 3 Click Apply The EAP packet forwarding status is defined and the device is updated 155 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Secure Socket Layer Security Secure Socket Layer SSL is a security feature that provides a secure communication path between a host and client through the use of authentication digital signatures and encryption These security functions are implemented using a Ciphersuite which is a security string that determines the exact cryptographic parameters specific encryption algorithms and key sizes used for authentication sessions and that consists of e Key Exchange Cyphersuite strings specify the public key algorithm used This switch utilizes the Rivest Shamir Adleman RSA public key algorithm This is the first authentication process between client and host as they exchange keys in looking for a match and therefore authentication to be accepted to negotiate encryptions on the following
30. x y QUSERERE Sula r ATARI DLL AP no r LELT T Y 0000000000000 EE 1 a ia a E ia pt a a ors PEO FEFFE PI 003318043 sss Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 Mata MAC Address Engress 01 00 00 00 00 02 Sania ae Gate 1 10 1 25 1 27 1 28 01 00 00 00 00 03 gt ie ey es S 4 16 1 25 1 27 1 28 1 29 a EASA SSS ms 01 00 00 00 00 05 x m e as Be e 1 16 1 25 1 27 1 28 1 29 01 00 00 00 00 06 f at Ha B a 1 10 1 25 1 27 1 28 ono nara a sede ta ge Oa 28 01 00 00 00 00 09 oe es as Bes ee 1 16 1 25 1 27 1 28 1 29 cromo aa 01 00 00 00 00 11 A 1 14 1 12 1 13 1 14 1 15 1 16 1 25 1 27 1 28 1 29 1 30 1 31 1 32 1 33 1 34 383358 R 8 R SE o VID Multicast MAC Address Port Select All Engress Figure 0 25 Multicast Forwarding Page The Multicast Forwarding Page contains the following fields Unit Field Description VID Defines the VLAN ID Multicast MAC Address Defines the Multicast MAC address to which packets are forwarded Unit Defines the unit number 106 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Egress Defines the Egress ports per multicast group 2 Define the VID Multicast MAC Address Unit and Egress fields 3 Select either all or individual ports Click ai to select all ports as None or Egress
31. 10 5 80 57 P Logout Des 2100 48 A A PPP E Sms E Configuration Select Frame Type EH L2 Features pa a QoS L2 ACL fs Security C L3IPv4ACL H Monitoring a f PoE Lips aci ICMP Select E ACL You can select the field in the packet to create filtering mask B ACL Configuration Wizard gt Access Profile List L2 Header IPv6 Class IPv6 Address B ACL Finder STACKING STATUS ICMP T ICMP Type I ICMP Code Create Figure 0 19 ACL Profile L3 IPv6 ACL ICMP Page The ACL Profile L3 IPv4 ACL ICMP Page contains the following fields Field Description ICMP Type Sets the ICMP Type field as an essential field to match ICMP Code Sets the ICMP code field as an essential field to match 2 Select the ICMP Type and or ICMP Code fields 3 Click _ Create The ACL profile is added and the device is updated TCP Filtering If L3 IPv6 ACL TCP is selected the page updates as follows 220 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Beeeoeoeooeoeooooe see AB ANA 4 oN 12 93 24 25 26 27 2 29 W 31 32 2 3 f D Link 129 D Link JA eee aaa AAA P TEPPE EA a a DES 3100 48 Tools Y Stack ID 1 Up Time 5 days 2 12 34 Logged in as administrator 10 5 80 57 P Logout DGS 3100 48 rome Configuration E Se Features E Frome Type H aos EACE Security C 13 IPv4 ACL i Monitoring
32. 2 Browse Router Port gt Browse Session Table 3 IGMP Snooping Group 2 MIN Snnnninn Groin Y lt 2 STACKING STATUS E ES Sauar Unit packelsec Time Interval 1s v Record Number Show Hide iV Bytes Y Packets Figure 6 5 Received RX Page The Received RX Page contains the following fields Field Description Unit Displays the stacking member for which the transmitted packet statistics are displayed Port Indicates the port for which the received packets parameters are displayed Bytes Indicates the total number of bytes that were received on the port Packets Indicates the total number of packets that were received on the port Time Interval Indicates the time interval for which the received packets are displayed The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Indicates the transmitted record number Show Hide Displays the bytes packets received information The possible fields are Bytes checked Checked displays the total amount of received bytes Packets checked Checked displays the total amount of received packets 2 Define the Unit and Port fields 3 Click Aey to load the defined parameters Define the Time Interval and Record Number fields 5 WS The selected RX packet analysis is displayed 176 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 6 Define the Show Hide field 7 To view the gra
33. 3 Enter a MAC mask in the box adjacent to the Mask Generate button Alternatively click Mask Generate The Generate Mask by range fields appear Enter a MAC address range into the Generate Mask by range fields and click Calculate The mask is generated 4 Click Create The ACL profile is added and the device is updated To define L2 802 1Q VLAN ACL profile 1 Click the 802 10 VLAN button The ACL Profile L2 ACL Tagged VLAN Page updates to show the following 208 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Building Networks for People EFEFEF a rra 3100 48 O SS k Save Tools Stack ID e Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 ew Logout DGS 3100 48 Configuration PE L2 Features Select Frame Type j L2ACL Tagged amp H Monitoring OL3 ACL G1 ACL Lad gt ACL Configuration Wizard You can select the field in the packet to create filtering mask gt Access Profile List 3 ACL Finder gt Time Range Setting MAC Address Ether Type PayLoad 802 1Q VLAN 1802 1p O VLAN VID STACKING STATUS Figure 0 7 ACL Profile L2 ACL Tagged VLAN Page The ACL Profile L2 ACL Tagged VLAN Page contains the following fields Field Description 802 1p Sets the 802 1p field as an essential field to match VLAN VID Sets the VLAN VID field as an essential field to match 2 Define the 802 1p and VL
34. AAA SYSLG8 16 6 Up Download Illegal file type Illegal file type SYSLG8 16 9 Up Download Duplication of file name A file name is duplicated Select master IP failed on Selected master IP failed on SYSLG8 47 35 Critical IP ifIndex 1 j the specified ifIndex Primary IP address could Primary IP address could SYSLG8 47 37 Critical IP not be obtained not be obtained SYSLG8 47 8 Critical Tableisempya The table is empty za cs 3 d sshTlp_packet_read_pack SY SLG8 49 22 Critical et Padding error need SYSLG8 49 24 1 d block 2 d mod 235 sshTlp kex setup Insufficient memory SEVERITY DGS 3100 Series Gigabit Stackable Managed Switch User Manual CATEGORY MESSAGE DESCRIPTION Insufficient memory to available to perform a key perform key exchange exchange SYSLG8 63 10 SYSLG8 74 46 SYSLG8 74 48 SYSLG8 16 16 UNIT ID 1 d Msg 2 s UNIT ID 1 d Trap 2 s oe a E allocate memory for 1 s Create area 1 s cannot be inserted to list No free connection at the moment wait one minute and retry The created specified area cannot be inserted into the list Currently there is no free connection available Wait one minute and retry The system must be SYSLG8 16 18 Critical System No free UDP port restarted SYSLG8 16 29 SYSLG8 16 31 Critical Critical Cannot create private memory pool Session amount exceeded Cannot create a private memory pool
35. Click Apply The IP address information is defined and the device is updated 20 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Managing Stacking Stacking enhances network flexibility by building virtual switches with more ports then are available in a single device Stacks are managed by stacking member which called Stack Master All other stacking members serve as ports only The following paragraphs provide a stacking explanation for DGS 3100 series and include the following topics e Managing Stacking Modes e Advanced Stacking e Building Stacks Quick Start e Stack Management Examples e Configuring Stacking Managing Stacking Modes A switch operates in the following modes NOTE The DGS 3100 series family stacking connections have two HX ports e Stacking Switches operating in Stack mode run as organized group of switches known as a Stack A stack consists of one Stack Master a Backup Master and up to four Stack Member Switches However in specific scenarios a single unit can be considered a Stack of One A Stack of One is a single unit which is not connected to any other stacking members If the unit is reset to the factory defaults the unit is reloaded in stacking Auto Numbering mode Advanced Stacking This section provides information for understanding advanced stacking concepts including e Unit ID and how they are allocated e Stacking member start up process This section contains the follow
36. Create Figure 0 18 ACL Profile L3 IPv6 ACL ICMP Address Page The ACL Profile L3 IPv4 ACL ICMP Address Page contains the following fields Field Description Source IP Prefix Defines the range of source IP addresses relevant to the ACL rules 0 ignore 1 check For example to set 2002 0 0 0 0 0 b0d4 0 use mask 128 Destination IP Prefix Defines the range of destination IP addresses relevant to the ACL rules 0O ignore 219 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description 1 check For example to set 2002 0 0 0 0 0 bfd4 0 use mask 128 2 Select Source IP Mask and or Destination IP Mask The Mask Generate button is active 3 Enter an IP mask in the box adjacent to the Mask Generate button 4 Alternatively click Mask Generate The Generate Mask by range fields appear 5 Enter an IP address range into the Generate Mask by range fields and click Calculate The mask is generated 6 crie oeae The ACL profile is added and the device is updated To define L3 IPv6 ICMP ACL profile 1 Click the ICMP button The ACL Profile L3 ae ACL ICMP Page updates to show the sewing Zi TOEN FEF Dink co 22 oooo 299999999 o0o0oooo Ste th BBR BEE ARAS 25 28 27 023 522723222 Pad DLink EEEE N Dra i AA AA vere A ri AF zz mA ie 4 Save Tools StackiID d Up Time 5 days 2 10 34 Logged in as administrator
37. DHCP msg on interface 1 j indicates that Error in the DHCP server default router 2 y configuration where the mask 3 y sent by specified IP interface and DHCP server 4 y is specified default router with either a subnet name or a the specified mask are SYSLG8 10 23 Warning DHCP broadcast broadcast DHCP msg indicates that Error in the DHCP server IP interface and TFTP configuration where the IP server are not on the same interface and TFTP server SYSLG8 10 24 Warning DHCP subnet are not on the same subnet BOOTP msg indicates that A BOOTP message must SYSLG8 10 25 Warning bootup file name was configured include a TFTP server IP 270 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID SEVERITY CATEGORY MESSAGE DESCRIPTION without configuring IP address address of TFTP server IP address of TFTP server The TFTP server IP address SYSLG8 10 26 Warning IP is not configured must be configured SYSLG8 10 27 IP SYSLG8 10 28 DHCP A 7 BOOTP client received file with too long name in BOOTP msg DHCP client received file with too long name in DHCP msg Illegal auth protocol type 1 u Illegal privacy required value 1 u Authentication key change via BOOTP DHCP client not allowed Privacy key change via BOOTP DHCP client not allowed A file name is composed of a limited number of characters as defined in the system A file name is composed of a limited number of characters
38. Enables the Port Description TLV on the port Disabled Disables the Port Description TLV on the port System Name Specifies whether the System Name TLV is enabled on the port The possible field values are Enabled Enables the System Name TLV on the port Disabled Disables the System Name TLV on the port System Description Specifies whether the System Description TLV is enabled on the port The possible field values are Enabled Enables the System Description TLV on the port Disabled Disables the System Description TLV on the port System Capabilities Specifies whether the System Capabilities TLV is enabled on the port The possible field values are 113 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Enabled Enables the System Capabilities TLV on the port Disabled Disables the System Capabilities TLV on the port 2 Define the Unit From Port To Port Port Description System Name System Description and System Capabilities fields 3 Click _Apply f The LLDP basic TLV settings are defined and the device is updated Defining LLDP Dot3 TLV Settings The LLDP Dot3 TLVS Setting Page displays LLDP Dot3 TLV port information and contains parameters for configuring LLDP Dot3 TLV port settings 1 Click L2 Features gt LLDP gt LLDP Dot3 TLVS Setting The LLDP Dot3 TLVS Setting Page opens oocoooo ooo 2 AUS 224232
39. Enter a new password in the New Password field and then re enter 1t again in the Confirm New Password field Click Apply The new user accounts passwords and access rights are defined and the device is updated NOTE You are not required to enter a User Name However if you do not enter a User Name you cannot perform the following actions e Create a monitor or operator level 1 or level 14 users until an administrator user level 15 is defined e Delete the last administrator user if there are monitor and or operator users defined To edit the User Accounts Page 1 2 3 4 Select a name on the User List Click Edit Define the value Click Apply The new access rights are saved and device is updated To delete a User Accounts Page entry 1 2 Select an entry Click _Delete__ The user account is deleted and the device is updated 38 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Managing System Logs System Logs record and manage events and report errors and informational messages Event messages have a unique format as per the Syslog protocols recommended message format for all error reporting For example Syslog and local device reporting messages are assigned a severity code and include a message mnemonic which identifies the source application generating the message Messages are filtered based on their urgency or relevancy Each message severity determines the set of event
40. Force Master System Up Time Lowest Unit ID Lowest MAC Address e The process of master selection between two Stack Masters is as follows If Force Master is enabled then the Stack Master which was forced is selected The System Up Time is measured in increments of 10 minutes The Stack Master with longest System Up Time is selected as Stack Master If both Stack Masters have the same Up Time the Stack Master with the lowest Unit ID is selected as Stack Master If both Stack Master Unit IDs are equal the Stack Master with the lowest MAC address is selected The Master Election process assigns a dynamically allocated Unit ID Reassignment of Unit Id to the other Stack Master and is performed by the new Stack Master The switch is either allocated as a stack memberor the Backup Master There cannot be two stacking members with the same Unit ID at the process end The Stacking Master that loses the Master election process is shut down if the Unit ID was manually allocated It is recommended that the administrator configure the switch to Auto Assign mode before reconnecting the switch to the stack When two stacks are combined all of the configuration information for one of the stacks is lost After the discovery election process is completed only the new Stack Master maintains its configuration information If one of the merged stacks had neither a Stack Master unit nor a Backup Master then stacking members belonging to this groupare ins
41. GE L2 Features QoS lt i ME STACKING STATUS From Port To Port State Speed Flow Control Learning wjjor wlles w Disabled W auto wi auto v Enabled Enabled Auto Enabled Link Down Enabled Enabled 10M Full Disabled Link Down Enabled Enabled 100M Full Disabled Link Down Enabled Enabled Auto Enabled Link Down Enabled Enabled Disable Disabled Link Down Enabled Enabled 100M Full Disabled Link Down Enabled Enabled 10M Full Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled i _Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled _Link Down Enabled Enabled Auto Disabled Link Down Enabled Link Down Enabled Enabled Auto Disabled Figure 0 5 Port Setting Page The Port Setting Page contains the following fields Field Description Unit Defines the stacking member or LAG for which the port settings are displayed From Port Defines the port number from which the port configuration will apply This field appears only if a unit number is selected in the Unit field From LAG Defines the LAG number from which the port configuration will apply This field appears only if LAG is s
42. If L3 Pv4 ACL ICMP is selected the page updates as follows 210 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SI PCLCC CO3 L zt 21M ona 200000000 999999999 w n 12 93 I 229 227 W23 Wn www 04 ru e LS i Diink E A 25 2 D Link f E T a DPI Fi SID PDD III A DES 310048 Tools Y Stack ID 1 Up Time 5 days 1 41 04 Logged in as administrator 10 5 80 57 P Logout DGS 3100 48 rome Configuration E Se Features pan ae aos L2 ACL a Security iszipvaact cem f Monitoring f PoE C L3IPv6 ACL sele ACL You can select the field in the packet to create filtering mask ACL Configuration Wizard 5 L2 Header IPv4 Class IPv4 Address ICMP 5 ACL Finder STACKING STATUS Create Figure 0 5 Add L3 IPv4 ACL Profile Page The following sections describe how to select various ICMP filtering criteria for the ACLs To define L3 IPv4 Class ACL profile This option defines whether or not the DSCP field is checked for a match 1 Click the IPv4 button The ACL Profile L3 Ipv4 ACL ICMP Class Page updates to show the se Seeeoeeeecoe gone Lee SU OS bf A ES 999999999 4 onns 2 yayo f 9999 D Link TAN AAA PPT TTT AA Lp MIE BIBI PEI vere DES 3190 48 Logged in as administrator 10 5 80 57 P Logout Tools Y StackID Up Time 5 days 1 43 24 DGs 3100 48 rome 6
43. Packets checked Displays the total amount of transmitted packets 178 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 179 N DA eG Define the Unit and Port fields Click Apply to load the defined parameters To clear the Unit and Port fields Click Piel The fields are cleared Define the Time Interval and Record Number fields Click APP The transmitted packet graph is updated To view the graph as a table click View Table DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing RADIUS Authenticated Session Statistics The RADIUS Authentication Pageprovides RADIUS authentication sessions including how many sessions were initiated which ports intimated the authentication sessions and whether or not the sessions were granted 1 Click Monitoring gt Port Access Control gt RADIUS Authentication The RADIUS Authentication Page opens D Link oumcoecesrecsseceess Ps Link a Building Networks for People em pa Ex Ey iis ls ly o E E A A E T Configuration PL2 Features p os p Security f Monitoring 3 Stacking information B CPU Utilization B Port Utilization gt Packet Size ff Packets BB Received RX i B UMB_cast RX iB Transmitted TX B Browse ARP Table E Browse MLD Router Pc B Browse Router Port H B Browse Session Table 3 0 4 4 0 4 lt i ME STACKING STATUS Figure 6 8 RADIUS Authenticatio
44. SYSLG1 5 29 al 1 s The specified stacking cable Information Stack cable 1 s link is connected to the specified SYSLG1 5 30 al Stack 2 s on unit 3 d unit The system uses two power supply sources 1 and 2 The system can operate with one or both power Information PS 1 d status changed supply units The power SYSLG1 6 11 al 2 s supply has changed Information FAN 1 d status The specified fan status has SYSLG1 6 8 al System changed 2 s changed Add dynamic MAC 1 m Vlan 2 d Information failed 3 d mac failed to SYSLG4 10 13 al be inserted from the last 244 DGS 3100 Series Gigabit Stackable Managed Switch User Manual CATEGORY EEE DESCRIPTION tap Y1 S 242 port 3 s Coe Media changed from There has been a media Information 1 s to 2 s on port change on the specified SYSLG4 15 18 al Interface 3 s port SYSLG4 15 16 Shaper cannot be applied on port 1 s since it s Shaper cannot be applied on working in half duplex It the specified port because it will be applied when the is working in half duplex It Information port changes to full will be applied when the SYSLG4 18 2 al Security duplex port changes to full duplex 1 s of port 3 j differ from 1 s of 4 j Activating service 1 d So The system supports the boot image update A new file can be downloaded from a TFTP server The Information Boot image download message appears when this SYSLG6
45. Session amount exceeded SYSLG8 16 6 a Illegal file type o file type SYSLG8 47 35 Primary IP address could Primary IP address could SYSLG8 47 37 Critical IP not be obtained not be obtained SYSLG8 47 8 Critical Tableisempya The table is empty SYSLG8 49 22 SYSLG8 49 24 SYSLG8 63 10 SYSLG8 74 46 SYSLG8 74 48 Up Download Duplication of file name Select master IP failed on ifIndex 1 j sshTlp_packet_read_pack et Padding error need 1 d block 2 d mod sshTlp kex_ setup Insufficient memory to perform key exchange UNIT ID 1 d Msg 2 s UNIT ID 1 d Trap 2 s Cannot allocate memory for 1 s Create area 1 s cannot be inserted to list Invalid TFTP server IP Address or Invalid missing Instruction filename 1 s Auto Update aborted A file name is A file name is duplicated Selected master IP failed on the specified ifIndex Insufficient memory available to perform a key exchange The created specified area cannot be inserted into the list Invalid TFTP server IP Address or Invalid missing instruction in the specified file name The Auto Update process is 236 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID SYSLG1 0 51 SYSLG1 0 52 SYSLG1 0 53 SYSLG1 0 54 SYSLG1 0 60 SEVERITY CATEGORY MESSAGE DESCRIPTION po aborted CATEGORY oe Failed to download the Failed to download the specified ins
46. To Port Cost Edge P2P and State fields 3 Click PPY 101 The STP Port Settings are defined and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Multiple Spanning Tree Configuration Identification Multiple Spanning Tree MSTP provides various load balancing scenarios by allowing multiple VLANs to be mapped to a single spanning tree instance providing multiple pathways across the network For example while port A is blocked in one STP instance the same port can be placed in the Forwarding state in another STP instance The MST Configuration Identification Page contains information for defining global MSTP settings including region names MSTP revision level To define MSTP 1 Click L2 Features gt Spanning Tree gt MST Configuration Identification The MST Configuration Identification Page opens ET 9999999 o can 9999999999999900 SPUR BMSHVTH YH HOH OM saca Link DW Aa dd A Building Networks for Peopla BRET Ts ea M Uptime days 510 13 Logged In as administrator admins 102 106 0 100 Bor DGS 3100 48 V O guratlo de El A Configuration HPP L2 Features MST Configuration Identification Setting Jumbo Frame Configuration Name 00 11 35 80 F5 88 802 10 VLAN B Asymmetric VLAN Revision Level 0 65535 0 GVRP Settings 3 Trunking ey 3 VLAN Trunking 33 Traffic Segmentation Add Edit Instance ID Setting LACP Port Se
47. Turn on the switches the new units will become stacking members Managing a New Manually Ordered Stack System administrator can also manually assign Unit IDs to stacking members System administrator has to assign a unique Unit ID from 1 to 6 to each stack member A Unit ID that is manually assigned is not subject to automatic numbering The Unit IDs are assigned as follows e Unit ID 1 Assigned to the Stacking Master The Stack Master is indicated by the Master LED on front which is lit solid green e Unit ID 2 Assigned to the Backup Master e UnitID 3 4 5 6 Assigned to the Stacking member 25 DGS 3100 Series Gigabit Stackable Managed Switch User Manual This section contains the following topics e Building New Manually Ordered Stacks e Adding Stacking Members to an Existing Manually Ordered Stack Building New Manually Ordered Stacks To build new a self ordered stack 1 Connect the units physically through the stacking ports 2 Turn on the units one at a time 3 Assign the Stack Master the Unit ID of 1 using a Stack Management Interfaces either the console port Telnet or Embedded Web Interface 4 Assign the Backup Master the Unit ID of 2 using a Stack Management Interfaces either the console port Telnet or Embedded Web Interface 5 Assign the remaining stacking members using a Stack Management Interfaces either the console port Telnet or Embedded Web Interface 6 Ensure that none of the stacking memb
48. User Privilege Indicates the user privileged assigned to the user who imitated the system session Name Displays the name of the user that initiated the system session 184 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing IGMP Group Information The IGMP Snooping Group Page contains vital IGMP group information including the Multicast Group IP address and the corresponding MAC address through which the IGMP packets passed 1 Click Monitoring gt IGMP Snooping Group The IGMP Snooping Group Page opens osoo SES 999999999999999 ome Y Ra TRATARA Uptime days 51073 seces esse 72001022 DGS 3100 48 f Configuration H L2 Features a p QoS E Security Monitoring Stacking Information CPU Utilization gt Port Utilization Packet Size E Packets RADIUS Authentication 2 Browse ARP Table gt Browse MLD Router Pc Browse Router Port Browse Session Table gt Sakon MLD Snooping Group m e STACKING STATUS VLAN Name R amp D1 IGMP Snooping Table VLAN Name Multicast Group MAC Address R amp D1 224 0 0 1 aa 00 00 AC 15 21 A6 Unit 01 03 5 5 35 37 39 43 45 47 02 04 36 38 40 44 46 48 Figure 6 13 IGMP Snooping Group Page The IGMP Snooping Group Page contains the following fields Field Description VID Defines the VLAN ID for the IGMP Snooping Group VLAN Name Defines the VLAN name VLAN Name Displays the currently
49. aes 3100 48 Hi Save Tools 7 Stack ID X Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 Beto U DGS 3100 48 E 3 Configuration E G L2 Features GVRP Global Setting 33 Jumbo Frame OEnabled Disabled gt Unit From Port To Port GVRP Ingress Acceptable Frame Type A Traffic Segmentation e Apply 33 LACP Port Settings IGMP Snooping 3 MLD Snooping 3 Port Mirroring Ingress Acceptable Frame Type Spanning Tree k Enabled All frames 4 9 Forwarding amp Filtering E Disabled Enabled All frames LLDP 3 Disabled Enabled All frames H QoS e Disabled Enabled All frames Disabled Enabled All frames Disabled Enabled All frames Disabled Enabled All frames Disabled Enabled All frames Disabled I All frames Disabled All frames Disabled le All frames Disabled Enabled All frames Disabled Enabled Allframes Disabled Enabled All frames mios Es CRESS H Security f Monitoring g ACL STACKING STATUS e PS Py oy Co Figure 0 9 GVRP Setting Page 80 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The GVRP Setting Page contains the following fields Field Description GRVP Global Setting Defines whether GRVP is enabled on the device The possible field values are Enabled Enables GRVP on the device Disabled Disables GRVP on the device This is the default value Unit Defines the stacking member s
50. gt Traffic Segmentation gt LACP Port Settings 3 IGMP Snooping gt MLD Snooping Chassis ID Subtype MACADDRESS Port Mirroring Chassis ID 00 01 02 03 04 01 3 Spanning Tree Port ID Subtype LOCAL B Forwarding amp Filtering Port ID 13 gop Port Description RMON Port 1 on Unit 3 3 LLDP Global Setting System Name Switch 1 gt LLDP Port Setting System Description Stackable Ethernet Switch LLDP Basic TLVS System Capabilities Bridge gt LLDP Dot3 TLVS St Management Address Show Detail gt LLDP Local Port Bri_ MAC PHY Configuration Status Show Detail Unknown TLVs Show Detail Figure 0 36 LLDP Remote Port Normal Page 3 To view the detailed Management Address information for the entry click Show Detail The LLDP Management Address Detail Information Page is displayed 118 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Dink 22299000000 ooo es eooo0o000000000 2 DADAS oe 2 3 7 Ronu sie v7 S I Sa Al ery eT ty CFCC PCC CTT Gave TR Tools Y Stack ID u X Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 BA 802 10 VLAN gt GVRP Settings Trunking 3 Traffic Segmentation gt LACP Port Settings gt IGMP Snooping MLD Snooping gt Port Mirroring A Spanning Tree l Forwarding amp Filtering ge LoP i gt LLDP Global Settinc LLDP Port Setting LLDP Basic TLVS LLDP Dot3 TLVS St LLOP Local Port Bri Es
51. interface can manage Flow Control Defines the flow control scheme used for the various port configurations Interface configured for full duplex use 802 3x flow control half duplex interfaces use backpressure flow control and Auto interfaces use an automatic selection of the two The default is Disabled Learning Defines whether MAC address learning is enabled on the ports The possible field values are Enabled Enables MAC address learning on the interface If MAC address learning is enabled the source and destination MAC address are recorded in the Forwarding Table This is the default value Disabled Disables MAC address learning 2 Define the Unit From Por or From LAG t To Port or To LAG State Speed Flow Control and Learning fields 3 Click Apply The port configuration is saved and the device is updated 34 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Port Properties The Port Description Page allows network managers provide a description of device ports To define a port description 1 Click Configuration gt gt Port Configuration gt Port D The Port Description Page opens w Dik 92999900 0909 0 00010 00 99 0 CACA s9 OND 4 5 6 TRA JF AS A mere Save Tools stackIO MRE L DGS 3100 48 H H Configuration E 3 System Information From Port To Port Description a f 1 IP Address v o v as y Apply Stacking Settings aa a
52. received on backup unit SYSLG8 100 35 Error Stack The file is ignored The file is ignored The IGMP version is SYSLG8 107 0 Error FDB Bad IGMP version invalid 238 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID S s SEVERITY CATEGORY MESSAGE DESCRIPTION SYSLG8 107 1 VLAN Bad vlan tag The VLAN tag is invalid IPL4GENG init UDP The UDP port reservation SYSLG8 108 1 Error IP port reservation failed has failed The specified received received 1 s interval is interval is less than SYSLG8 110 12 Error SNMP less than min value minimum value The calculated specified calculated 1 s interval interval is less than the SYSLG8 110 13 Error SNMP 1s less than min value minimum value SYSLG8 2 2 Buffer allocation failed Buffer allocation failed SYSLG8 20 11 ARP Table Overflow The ARP Table is full The initialization process SYSLG8 20 13 Error System Init config failed failed IP forwarding result is The IP forwarding result is SYSLG8 22 1 Error IP undefined undefined Errors occurred during Errors occurred during the SYSLG8 26 1 Error System initialization initialization process The specified errors 1 s Errors occurred occurred during the SYSLG8 26 9 Error during initialization initialization process Authentication failed for SYSLG8 31 12 Error AAA 1 s source 2 s Radius returned attribute The RADIUS has found an SYSLG8 31 29 Error AAA error erroneous attribute Unknown code or s
53. 0 2 al Up Download started procedure starts ad SYSLG4 6 9 SYSLG5 3 11 The Boot image download is completed successfully The system supports the boot image update A new file can be downloaded from a TFTP server The message appears when this Information Boot image download procedure is completed SYSLG6 0 3 al Up Download completed successfully GIO SYSLG6 1 1 Port 1 lu Up The system uses two power supply sources 1 and 2 The system can operate with one or both power Information a Supply 1 d is supply units The specified SYSLG6 2 1 al Power power supply is up SYSLG7 0 0 o vs 2 8 A pata SYSLG7 0 1 1 s 2 s iS The specified port is SYSLG7 13 0 Port 1 j is Authorized authorized oe The specified MAC is Information MAC 1 m is authorized authorized on the specified SYSLG7 13 26 al on port 2 j port The specified port is Information Port 1 s suspended by suspended by Loopback SYSLG7 15 0 al Security Loopback Detection Detection 245 SYSLG7 2 0 SYSLG7 2 46 SYSLG7 5 64 SYSLG7 5 65 SYSLG7 5 66 SYSLG7 5 67 SYSLG7 5 68 SYSLG7 5 69 SYSLG7 8 11 SYSLG7 8 12 SYSLG7 8 13 SYSLG8 10 38 SYSLG8 101 6 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY VLAN VLAN VLAN Information al Information al Information al Information al Information al Information al Information al Information al la pe Infor
54. 11 1 12 AS OS 1 5 1 6 17 18 P 4 9 1 10 1 11 1 12 op 4 1 1 2 1 3 1 4 Eos 1 5 1 6 1 7 1 8 Ef Securty 1 9 1 10 4 11 1 12 E Monit DARA i 5 a p 1 1 1 3 1 4 1 5 ee a Delete VID STADKING STATUS 1 1 13 1 4 15 ioe A sooo ia EE as m 1 11 1 12 1 13 1 14 1 15 1 16 Delete VID 1 1 1 2 1 3 1 4 1 5 1 6 1 7 1 8 1 9 1 10 1 11 1 12 1 11 1 12 1 13 1 14 1 15 1 16 3 Next VLAN List Add Edit VLAN Figure 0 5 VLAN Configuration Page The VLAN Configuration Page contains the following fields Field Description VID Defines the VLAN ID VLAN Name Defines the user defined VLAN name The field ranges is 1 32 characters Untag VLAN Ports Defines the interface is an untagged VLAN member Packets forwarded by the interface are untagged Tag VLAN Ports Defines the interface is a tagged member of a VLAN All packets forwarded by the interface are tagged The packets contain VLAN information Forbidden VLAN Ports Defines the interface VLAN membership even if GVRP indicates the port is to be added NOTE The Guest VLAN should be disabled before deleting the VLAN which was defined as the Guest VLAN NOTE On the Default VLAN the user can define ports as Untagged or Tagged but not as Forbidden 2 Click the Add Edit VLAN tab The Add Edit VLAN Information Page opens 76 DGS 3100 Series Gigabit Stackable Managed Switch User Manual oo o o OE D
55. 1x 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 ssL m mj m mj mj mj mj mj mj mj mj mj m mj mj mj mj mj mj mj mj mj mj Add MAC Address IP Address 192 168 0 3 00 00 00 00 00 FE 2 192 168 0 2 00 00 0C 07 AC 01 3 192 168 0 5 00 00 21 12 13 F5 4 1 4 192 168 0 4 00 02 03 2F 12 34 5 192 168 0 7 00 02 B3 1C 50 85 T 192 168 0 6 00 02 B3 CA 5D EB 1 6 9 192 168 0 9 00 03 2F 25 7E DD 8 192 168 0 8 00 03 2F 2E 98 66 4 192 168 0 11 00 00 00 00 00 02 13 Next oonan wN STACKING STATUS oo Figure 5 16 Arp Spoofing Prevention Page The Arp Spoofing Prevention Page contains the following fields Field Description IP Address Specifies IP addresses included in ARP Binding Lists that are checked against ARP requests MAC address Specifies MAC addresses included in ARP Binding Lists that are checked against ARP requests Unit Displays the stacking member for which the ARP Spoofing Prevention is displayed Port Defines the Port Settings Mode The possible field values are e Checked Ports Indicates that a packet received on the port needs to be checked for a match with the ARP Spoofing Prevention database e Unchecked Ports Indicates that the port is not selected for ARP Spoofing trusted port ARP packets that are received on unchecked interfaces are forwarded Port Specifies IP addresses included in ARP Binding Lists that are checked agains
56. 24 Access Authentication Coi CE E a e e ee r a ee E Monitoring 25 26 27 28 29 35 36 37 38 39 40 41 42 43 44 45 46 47 48 fal ACL CE S E N N E N S E S E A Guest VLAN Pors 1 1 1 2 1 3 1 4 a STACKING STATUS Figure 5 4 Guest VLAN Page The Guest VLAN Page contains the following fields Field Description VID Defines the VLAN ID on which the Guest VLAN is created VLAN Name Defines the user defined VLAN name assigned to the guest VLAN Unit Defines the stacking member for which the Guest VLAN parameters are displayed Port Defines the ports included in the Guest VLAN 2 Define the VLAN ID in the VID field 3 Define the VLAN name in the VLAN Name field 4 Select the stacking member which the Guest VLAN parameters are displayed in the Unit field 5 Select the ports to be included in the Guest VLAN in the Port checkbox field The selected ports appear in the Port field 6 Click Add The Guest VLAN is added and the system is updated 144 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Port Authentication 802 1X Port based authentication authenticates users on a per port per mac basis via an external server Only authenticated and approved system users can transmit and receive data Ports are authenticated via the RADIUS server using the Extensible Authentication Protocol EAP The 802 1x Access Control protocol consists of the following vital
57. 28 al IP 1 d failed the specified unit has failed Information Configuration changed SYSLG1 5 29 al 1 s The specified stacking cable Information Stack cable 1 s link is connected to the specified SYSLG1 5 30 al Stack 2 s on unit 3 d unit The system uses two power supply sources 1 and 2 The system can operate with one or both power Information PS 1 d status changed supply units The power SYSLG1 6 11 al 2 s supply has changed Information FAN 1 d status The specified fan status has SYSLG1 6 8 al System changed 2 s changed Add dynamic MAC 1 m Vlan 2 d failed 3 d mac failed to Information be inserted from the last SYSLG4 10 13 al trap Information SYSLG4 15 16 al 1 s 2 s port 3 s Media changed from There has been a media Information 1 s to 2 s on port change on the specified SYSLG4 15 18 al Interface 3 s port Shaper cannot be applied on port 1 s since it s Shaper cannot be applied on working in half duplex It the specified port because it will be applied when the is working in half duplex It Information port changes to full will be applied when the SYSLG4 18 2 al Security duplex port changes to full duplex Information 1 s of port 3 j differ SYSLG4 6 9 al from 1 s of 4 j Information Activating service SYSLG5 3 11 al Dd SYSLG6 0 2 Up Download Boot image download The system supports the 251 DGS 3100 Series Gigabit Stackable Managed Switch
58. 2999999999990999 99 eee see eet eee oo 00 it donan am m u9n2 Seas he ees f ETE all lowe ad ae PSCC SERPFFTTT E N Tools Stack ID Up Time 0 days 0 32 19 Des 2100 48 E P Configuration System Information IP Address DHCP Local Relay Status O Enabled Disabled 3 Stacking Settings f Port Configuration ARP Settings VID VLAN User Accounts List Name 3 System Log Host E SNTP Settings E pa snup Settings gt DHCP Relay gt DHCP Auto Configuratir gt Firmware infarmation State DHCP Local Relay VID List A STACKING STATUS Figure 0 15 DHCP Local Relay Page The DHCP Relay Page contains the following fields Field Description DHCP Local Relay Specifies whether DHCP Local Relay is enabled on the device The possible field values are Status e Enabled Enables DHCP Local Relay on the device e Disabled Disables DHCP Local Relay on the device This is the default value VID List Specifies on which VLAN DHCP Local Relay is enabled VLAN Name Displays the name of the selected VLAN State Specifies whether DHCP Local Relay is enabled on the VLAN The possible field values are e Enabled Enables DHCP Local Relay on the VLAN e Disabled Disables DHCP Local Relay on the VLAN This is the default value DHCP Local Relay Displays the list of VLANs on which DHCP Local Relay has been defined VID List 2 Select Enabled to enable DHCP Re
59. 80 34 P Logout DGS 3100 48 E Configuration 2 System Information Static DHCP E 3 Stacking Settings 1 E Port Configuration IP Address o H5 1234 250 3 ARP Settings Subnet Mask 255 255 255 o User Accounts tc Gateway ho s 234 254 E SNTP Settings Management VLAN VID 01 M E SNMP Settings 5 DHCP Relay Ay DHCP Auto Configuration Firmware Information gt Telnet Setting AL Features s p Security f Monitoring aci PAAA STACKING STATUS Figure 0 3 IP Address Page The IP Address Page contains the following fields Field Description Static When selected the IP address is static and user defined in the ZP Address field This is the default value DHCP When selected the IP address is retrieved from a DHCP server IP Address Defines the IP address This field is active if the IP address is static Subnet Mask Defines the address mask that manages sub netting on the network The default value is 255 0 0 0 Gateway Defines the default gateway The default gateway manages connections to other subnets and other networks Management VLAN VID Defines the management VLAN s VID 2 Select the IP address type in either the Static or DHCP fields 3 If Static is the defined IP address type define the IP Address field 4 Define the Subnet Mask Gateway and Management VLAN VID fields 5
60. 92292298 C a A _ HA r crepe p ime 2 days 5 10 13 Loggedi ini mn eee Trate Segmentation A gt LACP Port Settings lb cur Snooping Unit 101 v FromPort 01 v To Port 48 Y MLD Snooping 1 AAA ias gt Port Mirroring f Spanning Tree MACIPHY Configuration Status Disabled v E Forwarding 8 Fittering LLDP 3 LLDP Global Settinc gt LLOP Port Setting Port MAC PHY Configuration Status gt LLDP Basic TLVS 1 Enabled gt 2 Enabled gt LLDP Local Port Bri 3 Enabled gt LLDP Remote Port E H os f Security E Monitoring gB AacL v oo o Figure 0 31 LLDP Dot3 TLVS Setting Page The LLDP Dot3 TLVS Setting Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP dot3 TLV port settings are defined From Port Defines the first port in a consecutive sequence of ports To Port Defines last port in a consecutive sequence of ports MAC PHY Configuration Status Specifies whether the MAC PHY Configuration Status is enabled on the port The possible field values are Enabled Enables the MAC PHY Configuration Status on the port Disabled Disables the MAC PHY Configuration Status on the port 2 Define the Unit From Port To Port and MAC PHY Configuration Status fields 3 Click eey The LLDP Dot3 TLV settings are defined and the device is updated 114 DGS 3100 Series Gig
61. ACL action will take place on pakets to this IPv6 address Service Type Defines the type of service The possible values are Any Indicates ACL action will take place for packets of all service types Ethertype Specifies Ethertype packet filtering ICMP All Specifies an ICMP packets filtering IGMP Specifies an IGMP packets filtering TCP ALL Specifies an TCP packets filtering 203 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Fields Description TCP Source Port Matches the packet to the TCP Source Port TCP Destination Port Matches the packet to the TCP Destination Port UDP All Specifies a UDP Packets filtering UDP Source Port Matches the packet to the UDP Source Port UDP Destination Port Matches the packet to the UDP Destination Port Action Defines the ACL forwarding action matching the rule criteria The possible values are Permit Forwards packets if all other ACL criteria are met Deny Drops packets if all other ACL criteria is met Rate Limiting Rate limiting is activated if all other ACL criteria is met Change Ip Priority VPT CoS value is changed if all other ACL criteria is met Replace DSCP Reassigns a new DSCP value to the packet if all other ACL criteria are met Ports Defines ports to be configured An example of possible values is 1 1 1 4 6 and 2 6 Time Range Specifies whether the configured ACL is time base
62. Defining Access Control Lists c cecccesscssccessseecesecseecaeeeseeesecsceeeceseenseensecaecaecnaecaaecaaecaeeeseseseeneeseeteereneaees 202 ACL Configuration Mii aiii 203 Defining Access Profile Lists tds 205 Detinimg Layer 3 IP VO A Cl ode es atlas Loro dle 218 IP and MAC Based ACLs on the Same Port cccecccessesssessecesecseecseeeneeeeeeseeeseceseensecaeceaeceaecnaecaeecaeeeaeseneseneeeseeeasenaees 224 Adding Access Rules ss cciecck ies Beas OR Ate Aaa yesh hal te Ree e e a a 224 Binding A CE Rules cs lola aaa ota 228 GONNECTORS AND CABLES 2 0ccccicdssateeeteeceeieacasteceesedecdeaisseerdndcccieceneadeedaateatacenaednecuicnsicachansdssnouseseedededezscnsenied 232 Pin Connections for the 10 100 1000 Ethernet Interface 0 eccececeseesseesseesceeeceseceseenscceaecaecnaecsaecseecaeeeneeeseseneseeeeerenaees 233 RIAS Ports Pan Out is ssoei oe cent oars se cece itebee si aeevep ees ee a aaa 233 Pin Connections for the HDMI Conmectot cccecccesscesscesecesecesecseecseeeseeenecsceeeesseenseensecaeesaecsaeceaecaaecaeseneeeaeenetenseenreeeaees 234 HDML Ports Pinout Ai a ida SET 234 SYSEOG ERROR Sad T 235 PASSWORD RECOVERY PROCEDURE coccoccccconccconncnnacccnnccnnanonnnnan nana ronca enana 279 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Preface This preface provides an overview to the guide and includes the following sections System Overview Viewing the Device Device Management Methods Us
63. Description Static Router Ports Defines the port numbers in the selected unit to be added as static router ports Ports Displays the unit port numbers defined as static router ports Dynamic Router Ports Displays the port numbers in the selected unit learned as dynamic router ports Ports Displays the unit port numbers defined as dynamic router ports Forbidden Router Ports Defines the port numbers in the selected unit to be added as forbidden router ports Ports Displays the unit port numbers defined as forbidden router ports 3 Define the Done Timer Host Timeout Router Timeout State Static Dynamic and Forbidden Router Ports fields 4 Click Apply MLD Snooping and Static Router Port Settings are defined and the device is updated 94 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Port Mirroring Switches inherently forward frames to relevant ports only This creates difficulty when traffic needs to be monitored either for information gathering such as statistical analysis security traces etc or for troubleshooting higher layer protocol operation The device supports up to 8 source ports To enable the use of traffic analysis and monitoring devices it is recommended enabling the user to specify that a desired target port receives a copy of all traffic passing through a designated source port All ports can be designated as source ports In order to activate Port Mirroring
64. Description Unit Indicates the stacking member for which the STP port settings are displayed From Port Defines the first port in a consecutive sequence of ports To Port Defines last port in a consecutive sequence of ports Cost 0 Auto Defines a metric that indicates the relative cost of forwarding packets to the specified port list Port cost can be set automatically or as a metric value The default value is 0 auto 0 auto Setting 0 for the external cost automatically sets the speed for forwarding packets to the specified port s in the list for optimal efficiency Default port cost 10Mbps port 2000000 100Mbps port 200000 Gigabit port 20000 Port channel 20000 Value 1 200000000 Define a value between 1 and 200000000 to determine the external cost The lower the number the greater the probability the port will be chosen to forward packets 100 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Edge Indicates whether the selected port is an edge port The possible field values are True Defines the port as an edge port Edge ports cannot create loops however they can lose edge port status if a topology change creates a potential for a loop An edge port normally should not receive BPDU packets If a BPDU packet is received it automatically loses edge port status False Indicates that the port does not have edge port status Forwarding B
65. Drop 3500 N A No 1 23 None Drop 3500 N A No Y Figure 4 3 Traffic Control Settings Page The Traffic Control Settings Page contains the following fields Field Description Traffic Trap Settings Defines whether to send out a trap when a Traffic Storm occurs The possible field values are None Do not send out traps when a Traffic Storm occurs Storm Occurred Send out traps SNMP and Syslog when a Traffic Storm occurs These traps are sent only on ports on which the action is Shutdown Unit Defines the stacking member for which the storm control parameters are displayed From Port Defines from which port storm control is configureed To Port Defines to which port storm control is configured Storm Control Type Specifies the Broadcast mode currently enabled on the device The possible field values are Broadcast Storm Broadcast and Multicast Storm Broadcast Multicast and Unknown Unicast Storm Action Indicates which storm action to perform if a Broadcast Storm occurs The possible field values are 131 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Drop Discard the packets that exceed the threshold Shutdown Shut down the port that receives the storm traffic A trap can be optionally sent The administrator can reactivate this port Time Interval 5 30 The time in seconds that the port counts the incoming traffic rate in accordan
66. EAP requests are resent The field default is 30 seconds ReAuthPeriod 300 4294967295 sec Displays the time span in seconds in which the selected port is re authenticated The field default is 3600 seconds ReAuthEnabled Indicates if ports MAC address can be re authenticated after the port MAC address authentication has timed out The possible field values are 146 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Enabled Enables re authenticating the port or MAC addresses after the port or MAC address authentication has timed out This is the default value Disabled Disables re authenticating the port or MAC addresses after the port or MAC address authentication has timed out Control Indicates the host status If there is an asterisk the port is either not linked or is down The possible field values are ForceUnauthorized Indicates that either the port control is Force Unauthorized and the port link is down or the port control is Auto but a client has not been authenticated via the port ForceAuthorized Indicates that the port control is Forced Authorized and clients have full port access Auto Indicates that the port control is Auto The user has to authenticate and get full access Unit Indicate the stacking member for which the 802 1X parameters are defined From Port Indicates the first port for which the 802
67. EEE MRS PT reer tT Save Tools Y Stack ID Ti DGS 3100 48 E Configuration H L2 Features Unit From Port To Port No Limit Rate 3500 1000000 1 208 01 x o v o RX Disabled Kbps 7 Bandwidth Controll 7 A Traffic Control No Limit i Rate 64 1000000 802 1p Defaut Priority Tx Disabled iw Kbps gt 802 1p User Priority 3 QoS Scheduling Mechanist Multi Layer CoS Setting E GB securty Unit 1 Settings E Monitoring Port RX Rate TX Rate m ac Kbit sec Kbitsec iy 1 NoLimit No Limit 1 2 No Limit No Limit 1 3 No Limit No Limit 1 4 No Limit No Limit 1 5 No Limit No Limit 1 6 No Limit No Limit STAGKING STATON 17 No Limit No Limit 1 8 No Limit No Limit 1 9 No Limit No Limit 1 10 No Limit No Limit 1 11 No Limit No Limit 1 12 No Limit No Limit 1 13 No Limit No Limit 1014 No Limit _ No Limit 1 15 No Limit No Lirnit hni Figure 4 2 Bandwidth Control Page The Bandwidth Control Page contains the following fields Field Description Unit Defines the stacking member for which the bandwidth parameters are displayed From Port Defines from which port number bandwidth settings are displayed To Port Defines to which port number bandwidth settings are displayed RX No Limit Defines if ingress bandwidth limitation is assigned to the port The field value options are Enabled Ensures no bandw
68. Failed for VLAN 1 j Mac 2 s Port 3 j Error SYSLG8 52 6 Warning FDB 4 s The MAC database is full No entry can be inserted the CPU memory limitations Port Lock action on Mac Port Lock action on the SYSLG8 52 9 Warning Port Security Table has started MAC Table has started Bridge forwarding table The bridge forwarding table SYSLG8 57 1 Warning FDB overflow is full SYSLG8 63 12 SYSLG8 63 4 SYSLG8 68 42 SYSLG8 74 55 Warning UNIT ID Stack 1 d Msg 2 s UNIT ID Stack 1 d Trap 2 s Host and domain name size exceeds 1 d bytes Packet RX on interface 1 s from 2 s type Interface 3 s 4 s Packet RX on virtual interface 1 s area 2 s type 3 s 4 s Packet RX on virtual interface 1 s area 2 s type 3 s 4 s Warning Warning Warning SYSLG8 74 68 Warning Warning Packet TX from interface 1 s md5 auth key not Warning found Packet TX from interface 1 s last authentication key has expired Packet RX on interface 1 s from 2 s last authentication key has Warning Warning expired IP SSH SSH AAA AAA AAA HTTPS server has been enabled but a certificate was not found For certificate generation use the Y crypto certificate 1 2 generate command The service will start automatically when a certificate is Web generated SYSLG8 75 0 SYSLG8 75 66 265 Warning 2 s service has been enabled but an encryption Warning
69. Filtering Mode fields 3 Select either All or specify a port LAG range in the From Port From LAG and To Port To LAG fields 4 Click L APP O The Multicast filtering settings are applied to the ports LAGs and the device is updated Defining DLF Filtering The Destination Lookup Failure DLF filtering mode allows the user to define egress filtering for unknown unicast packets Once an egress port is set to filter forward DLF packets DLF traffic on all the VLANs will be configured to filter forward DLF packets The DLF Filtering Mode Page allows users to specify DLF filtering per port or globally and define the required filtering mode By default the DLF filtering mode is defined as forwarding which causes packet flooding as opposed to packet filtering which minimizes traffic within the network 1 Click L2 Features gt Forward amp Filtering gt DLF Filtering Mode The DLF Filtering Mode Page opens Tools StackID M DGS 3100 48 cf Configuration gia rosas Unit m From Port 01 y ToPort fo 7 AI Filtering Mode Filter_DLF_Packets gt Apply Jumbo Frame 802 10 VLAN E Asymmetric VLAN DLF Filtering Mode GVRP Settings E Filter_DLF_Packets a ane Ta Filter_DLF_Packets E trunking 1 3 Forward_DLF_Packets Traffic Segmentation 14 Filter_DLF_Packets E LACP Port Settings 15 Forward_DLF_Packets a IGMP Snooping 1 6 Forward_DLF_Packets 2 MLD Snooping A Forward_DLF_Packets om arty 1 8 Filter_DLF_
70. LLDP Global Settinc Auto Negotiation Operational MAU Type Unknown LLDP Port Setting gt LLDP Basic TLVS EA LLDP Dot3 TLVS St gt LLDP Local Port Bri Ea LLDP Remote Port H H aos A Bonnis w lt ill gt STACKING STATUS Figure 0 38 LLDP Remote Misc Detail Information Page 6 Click to return the LLDP Remote Port Normal Page 7 To view the detailed information for unknown TLVs for the entry click Show Detail The LLDP Remote Unknown TLVs Detailed Information Page is coe al Diink 9909000009000000 D Link a ei Building Networks for People fel Save Tools gt Stack ID aT si 802 10 VLAN gt GVRP Settings 33 Trunking gt Traffic Segmentation gt LACP Port Settings gt IGMP Snooping MLD Snooping i gt Port Mirroring Total Entries 2 p y Unknown TLV Type Unknown TLV Information Bytes A Spanning Tree 7 mee Forwarding amp Filtering f LLoP LLDP Global Settinc gt LLOP Port Setting LLDP Basic TLVS LLDP Dot3 TLVS St LLOP Local Port Bri E 1LLDP Remote Port H os m Promoci lt il STAGKING STATUS Figure 0 39 LLDP Remote Unknown TLVs Detailed Information Page 120 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The LLDP Remote Unknown TLVs Detailed Information Page contains the following fields Field Description Port Indicates the port number Entry Indicates the entry number Unknown TLV Type Indica
71. LLDP Remote Port m as h BB Cnmcine w gt STACKING STATUS E ASS ES Total Entries 3 Port Address Subtype Address Interface Subtype 1 IPV4 00 01 02 03 04 01 Unknown 1 IPV4 00 01 02 03 04 02 Unknown 1 IPV4 00 01 02 03 04 03 Unknown v pau T T T H Figure 0 37 LLDP Management Address Detail Information Page The LLDP Management Address Detail Information Page contains the following fields Field Description Port Indicates the port number Address Subtype Displays the managed address subtype For example MAC or IPv4 Address Displays the managed address Interface Subtype Displays the port subtype 4 Click to return to the LLDP Remote Port Normal Page 5 To view the detailed MAC PHY Configuration Status information for the entry click Show Detail The LLDP Remote Misc Detail Information Page is displayed 119 DGS 3100 Series Gigabit Stackable Managed Switch User Manual LA s Td Building Networks for People DEI 310048 T Save Toos Y Stack ID Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 802 10 VLAN gt GVRP Settings Trunking Traffic Segmentation LACP Port Settings IGMP Snooping MLD Snoopin gt Port aay MAC PHY Configuration Status gt Auto Negotiation Support Supported El Spanning Tree sens Auto Negotiation Enable Enabled H Forwarding amp Filtering _ tion 1000BASE T full duplex mode E LLDP
72. Mask Defines the range of source Ports relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of FFFO Destination Port Mask Defines the range of destination IP addresses relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of FFFO 2 Select Source Port Mask and or Destination Port Mask The Mask Generate button is active 221 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 3 Enter a port ID in the box adjacent to the Mask Generate button 4 Alternatively click Mask Generate The Generate Mask by range fields appear 5 Enter a port ID range into the Generate Mask by range fields and click Calculate The mask is generated 6 Click _ Create The ACL profile is added and the device is updated To define L3 IPv6TCP Flag ACL Profile This option defines whether or not the TCP Flag field is checked for a match bs DGS 3100 48 a 1 Click the TCP Flag button The ACL Profile L3 Ipv4 TCP Flag Page updates to b show the SS Building Networks for People Save Tools 7 H Configuration MB L2 Features paos as Security f Monitoring BPE mac 3 ACL Configuration Wizard E Access Profile List B ACL Finder STACKING STATUS a Stack ID x Up Time 5 days 2 15 35 ZIJA ty A 7 83 ON 28 y Ww E ES nussa Dlink 3 a
73. Multicast Indicates the number of Multicast packets received and transmitted through the device Broadcast Indicates the number of Broadcast packets received and transmitted through the device Time Interval Indicates the time interval for which the UMB cast packets are displayed The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Indicates the transmitted record number Show Hide Displays the packets received information The possible field values are Unicast checked Displays the total amount of transmitted Unicast packets Multicast checked Displays the total amount of transmitted Multicast packets Broadcast checked Displays the total amount of transmitted Broadcast packets 2 Define the Unit and Port fields 3 Click BB Y to load the defined parameters 177 DGS 3100 Series Gigabit Stackable Managed Switch User Manual To clear the Unit and Port fields Click _ Clear The fields are cleared 2 Define the Time Interval and Record Number fields 3 Click Ay The selected UMB_Cast RX packet analysis is displayed To view the graph as a table click View Table Viewing Transmitted Packet Statistics The Transmitted TX Page contains information about packets transmitted through device ports To view transmitted packet statistics 1 Click Monitoring gt Packets gt Transmitted TX The Transmitted TX Page opens Dlink 999909000 e cz Mila
74. Port Base Disabled 1 1 16 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 17 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 18 ForceAuthorized 30 50 30 30 2 3600 Disabled Port Base Disabled gt Figure 5 5 802 1X Setting Page The 802 1X Setting Page contains the following fields Field Description 802 1X Indicates if 802 1X is enabled on the device The possible field values are Enabled Enables 802 1X on the device Disabled Disables 802 1X on the device This is the default value QuietPeriod 0 65535 sec Indicates the number of seconds that the device remains in the quiet state following a failed authentication exchange The possible field range is 0 65535 The field default is 60 seconds SuppTimeout 1 65535 sec Indicates the amount of time that lapses before EAP requests are resent to the supplicant The field value is in seconds The field default is 30 seconds ServerTimeout 1 65535 sec Defines the amount of time that lapses before the device re sends a request to the authentication server The field value is specified in seconds The field default is 30 seconds MaxReq 1 10 times Displays the total amount of EAP requests sent If a response is not received after the defined period the authentication process is restarted The field default is 2 retries TxPeriod 1 65535 sec Defines the amount of time in seconds that lapses before
75. Port Base Disabled Es 1 9 ForceAuthorized 30 60 30 30 2 3600 Disabled PortBase Disabled 1 1 10 ForceAuthorized 30 60 30 30 2 3600 Disabled PortBase Disabled 1 1 11 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 12 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 13 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 14 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 15 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 16 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 117 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 148 Forceauthorized 30 60 30 30 2 3600 Disabled PortBase Disabled The 802 1X Setting Page contains the following fields Field Description 802 1X Indicates if 802 1X is enabled on the device The possible field values are Enabled Enables 802 1X and MAC Authentication on the device Disabled Disables 802 1X on the device This is the default value QuietPeriod 0 65535 sec Indicates the number of seconds that the device remains in the quiet state following a failed authentication exchange The possible field range is 0 65535 The field default is 60 seconds SuppTimeout 1 65535 sec Indicates the amount of time that lapses before EAP requests are resent to the supplicant The field value is in seconds The field default
76. Port Settings iii dic 123 DS fan QUIS aerolineas ketene soto pecados a o do de dd dB co De ea es dle edo o O teee 124 CONFIGURING QUALITY OF SERVICE 00 cccsceeeeeceeeceeeeeeeeeeeeeeeenaeneeneaeeeseeeensnaaeeaeeeseeeenansaeeeeeeseeesaaneeeseaneeees 126 Understanding DO ink AR A ae te Se ee ee 128 Defining Bandwidth Settingss v canasivhos ted mata i aha ed a E 129 Conhiguring Stom e A A A e dl 131 Mapping Ports to Packet Pr a ias 133 Mapping Priority t Classes Queues ccs i BoA Ba ee NGA oe RA AREA A RA AA E 134 Configuring QoS Scheduling Mechanism c cccccesesssecsseeseeeseeeseeeeceeceeceseeesecseceaeceaecaaecseecaeeeaeceseeeeeeeseerenateneeseensees 135 Defining DSCP User Priority a ltda 136 Defining Multi Layer CoS Settings 0 0 ccccccecssesssesscessceseeeseceseceaecseecseecneceneeeeeseceseenseensecaeenaecsaecaaecseecseseseeeaeeeeeseeeeereeaees 137 SECURITY FEATURE S coi ainia 138 Configuring Safeguard Ene e E E R E E a AW Ea oa ER T 139 Contigurine Trust Host A a a e 140 Configuring Port Security 2008 coke ack a eR ese eile eR SOA eo a a ee ee 142 Configuring Guest VANS a tee eG 144 Configuring Port Authentication 8020190 2 22 acess hes A HH Seas Re ee 145 Configuring MAC Authentication by using Guest VLAN 802 1X and Radius pages ooocococccccoconococanononnnnncnncononanonos 150 Defining RADIUS Settid8S iii eo E EE EA E E i a e ii 153 Defining FAP Forwarding Sets oi 155 Configuring Secure Socket Layer Security
77. Read Only private PWriteView Read Write public TestReadView Read Write Figure 0 16 SNMP Community Table Page The 16 SNMP Community Table Page contains the following fields Field Description Community Name Defines advanced SNMP community name limited to 20 alphanumeric characters View Name Defines the group of MIB objects that a remote SNMP manager is allowed to access on the switch Access Rights Defines the access rights of the community The possible field values are Read Only Management access is restricted to read only and changes cannot be made to the community Read Write Management access is read write and changes can be made to the device configuration but not to the community 2 Define the Community Name and View Name Access Right fields 3 Click APP The SNMP Community Table is defined and the device is updated To delete a 16 SNMP Community Table Page List entry 1 Select a Community Name 2 Click Delete The entry is deleted and the device is updated 54 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Host Table The SNMP Host Table Page contains information for defining filters that determine whether traps are sent to specific host as well as the trap type sent To define the SNMP Host Table Page 1 Click Configuration gt SNMP Settings gt SNMP Host Table The SVMP Host Table Page opens D Link Building Networks for People
78. SSH daemon cannot use the configured TCP use the configured TCP port port the port is already the port is already being DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION PP ing usec ase fused Insufficient memory to generate an 1 s key Insufficient memory to Please close all SSH or generate an authentication SSL sessions and try key Close all SSH or SSL SYSLG8 49 52 Warning again sessions and try again SSH has been enabled but an encryption key was not SSH has been enabled but found For key an encryption key was not generation use the crypto found For key generation key generate commands use the crypto key generate The service will start commands The service automatically when a host starts automatically when a SYSLG8 49 7 Warning SSH key is generated host key is generated 1 s 2 s no such SYSLG8 5 190 Warning expression variable Failed to create multicast The system resource to group entry of VLAN support this number of SYSLG8 50 22 Warning FDB 1 d MAC 2 s multicast entries is limited IGMP group table The IGMP group table is SYSLG8 51 0 overflow full IGMP router table The IGMP router table is SYSLG8 51 1 Warning overflow full IGMP Snooping in Version 3 IGMP Snooping version 3 received version received a Version query SYSLG8 51 10 Warning 1 query msg message IGMP Snooping in Version 3 IGMP Snooping version 3 rec
79. SYSLG4 11 0 Error System failed has failed Failed to get TAPI Failed to get the TAPI SYSLG4 14 16 Error System software version software version Failed to get CORE Failed to get the CORE SYSLG4 14 17 Error System software version software version 1 s Wrong mdix The mdix operative status is SYSLG4 15 5 Error operative status wrong ifIndex 1 d operation SYSLG4 15 7 Error Interface mode 2 s 1 s Status 2 s value SYSLGS 1 0 Error 3 d Failed to add an entry for Failed to add entry for the specified VLAN and SYSLGS5 1 29 Error VLAN vlan 1 d mac 2 s specified MAC address Failed to delete entry for Failed to delete an entry for SYSLGS 1 30 Error VLAN vlan 1 d mac 2 s the specified VLAN and 237 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION HA CS SW3P_callback_rx_frame Unknown frame Unknown frame SYSLG5 4 0 Error Interface encapsulation encapsulation Boot image download The Boot image download SYSLG6 0 0 Error Up Download aborted process is aborted Flash programming has SYSLG6 0 10 Error Up Download Flash programming failed failed The Block programming SYSLG6 0 11 Error Security Block programming failed process failed Boot image code file is Boot image code file is too SYSLG6 0 4 Error Up Download too long long SYSLG6 0 6 Illegal format Illegal format encountered The file received is invalid The received file is not The file needs to
80. Session Table IGMP Snooping Group MLD Snooping Group Green Ethernet Device Environment E ACL STACKING STATUS Figure 6 16 System Log Page The System Log Page contains the following fields Field Description ID Displays the system log table entry Time Displays the time in days hours and minutes the log was entered in the Switch History Log Table Log Description Displays a description event recorded in the System Log Page Severity The following are the available log severity levels Warning The lowest level of a device warning The device is functioning but an operational problem has occurred Informational Provides device information To clear the log 2 Click maned The System Log Page is cleared 189 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Green Ethernet Green Ethernet improves the energy consumption of the switch by providing a power saving technology that automatically reduces power consumption upon detection of short cables less than 40 meters or Link Down This is accomplished without forfeiting network integrity To enable Green Ethernet 1 Building Networks for People Save vGs 3100 48 El Configuration H P L2 Features m f aos El 3 Security E P Monitoring B Stacking Information B CPU utilization Port Utilization gt Packet Size El Packets RADIUS Authentication Browse ARP Table Tools
81. Sets the Multiple Spanning Tree Protocol MSTP globally on the switch Forwarding BPDU Bridges use Bridge Protocol Data Units BPDU to provide spanning tree information STP BPDUs filtering is useful when a bridge interconnects two regions each region needing a separate spanning tree BPDU filtering functions only when STP is disabled 98 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description either globally or on a single interface The possible values are Enabled Allows the forwarding of STP BPDU packets from other network devices Disabled BPDU forwarding is disabled on the device This is the default value Bridge Priority 0 65535 Specifies the selected spanning tree instance device priority The field range is 0 65535 The default value is 32768 Bridge Max Age 6 40 Set to ensure old information is not circulated endlessly through redundant paths in the network preventing the effective propagation of the new information Set by the Root Bridge this value aids in determining that the switch has spanning tree configuration values consistent with other devices on the bridged LAN If the value ages out and a BPDU has still not been received from the Root Bridge the switch will start sending its own BPDU to all other switches for permission to become the Root Bridge If your switch has the lowest Bridge Identifier it will become the Root Bridge The user c
82. Setting Current Max Profile 2 15 Current Max Rule 2 240 Add ACL Profile STACKING STATUS Figure 0 2 ACL Profile List Page The ACL Profile List Page contains the following fields Field Description Profile ID Displays the profile Identification number Profile Summary Displays the access rule 2 To display an ACL s profile details click Show Details The ACL profile details are displayed below the ACL table 3 To define or show an access rule click Edit New Rules The Add Access Rule Page opens See Defining Access Rules Lists section below 4 To delete an ACL profile click __ Delete The ACL profile is deleted 205 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 5 To add an ACL profile Click Add ACL Profile The Add ACL Profile Page opens _ es o0000000o0o0o0o0o000 o0o0000000 o0o000000000000 00 HANDS HENU SD OG o oo 12 FAST ES OHA 4 ve ou moe MAA 84282 le le o a ct ls a cn Ocus ows o PRP eee Fees VEEP m a PO Toos v Stack ID Up Time 6 days 2 07 41 Logged in as administrator 10 5 80 57 BA Logout n f DGS 3100 48 E la Configuration Select Frame Type E G L2 Features q___ aos O L2ACL Untagged x E BB Security O 13 IPV4 ACL E Monitoring f POE L3 IPv6 ACL Ef ACL 3 ACL Configuration Wizard a 3 ACL Finder lt il E STACKING STATUS Figure 0 3 Add ACL Profile Page
83. The Add ACL Profile Page contains the following fields Field Description L2 ACL Defines the ACL profile Layer 2 protocols The possible values are Tagged Defines the profile Layer 2 to match 802 1Q fields in the Layer 2 header Untagged Defines the profile Layer 2 to check the Layer 2 header without the 802 1Q fields L3 IPv4 ACL Defines the ACL profile Layer 3 protocols The possible fields are ICMP Specifies ICMP as the Layer 4 protocol that the access profile checks IGMP Specifies IGMP as the Layer 4 protocol that the access profile checks TCP Specifies TCP as the Layer 4 protocol that the access profile checks UDP Specifies UDP as the Layer 4 protocol that the access profile checks L3 IPv6 ACL Defines the IPv6 ACL profile Layer 3 IPv6 protocols The possible fields are ICMP Specifies ICMP as the Layer 3 IPv6 protocol that the access profile checks TCP Specifies TCP as the Layer 3 IPv6 protocol that the access profile checks UDP Specifies UDP as the Layer 3 IPv6 protocol that the access profile checks 1 Define the L2 ACL or L3 ACL fields 2 Click Select The Add ACL Profile Page updates accordingly enabling selection of the packet field to create filtering masks 206 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Layer 2 ACL If L2 ACL Tagged is selected the page updates as follows 7 A Diink 2999900999909090 00000000000000 99
84. Unit ID and LAGs for which GVRP parameters are displayed From Port Defines the first port number that is displayed to which GVRP are assigned To Port Defines the last port number that is displayed to which GVRP are assigned PVID Defines the PVID assigned to the port GVRP Defines whether GVRP is enabled on the port The possible field values are Enabled Enables GVRP on the selected port Disabled Disables GVRP on the selected port This is the default value Ingress Defines whether Ingress filtering is enabled on the device The possible field values are Enabled Enables Ingress filtering on the device Ingress filtering compares an incoming VID tag packet with the PVID number assigned to the port If the PVIDs vary the port drops the packet This is the default value Disabled Disables Ingress filtering on the device Acceptable Frame Defines the packet type accepted on the port The possible field values are Type Admit Tagged Only Only tagged packets are accepted on the port Admit All Both tagged and untagged packets are accepted on the port This is the default value Select a stacking member in the Unit field Select the ports to and from which the GVRP parameters are displayed in the From To Port fields Define the PVID GVRP Ingress and Acceptable Frame Type fields 2 3 4 5 Click APY The GVRP is enabled and the device is updated NOTE When GVRP is globally enabl
85. User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION ID boot image update A new file can be downloaded from a TFTP server The message appears when this procedure starts The Boot image download is completed successfully The system supports the boot image update A new file can be downloaded from a TFTP server The message appears when this Information Boot image download procedure is completed SYSLG6 0 3 a Up Download completed successfully 1 Information SYSLG6 1 1 al Port 1 lu Up The system uses two power supply sources 1 and 2 The system can operate with one or both power Information Power Supply 1 d is supply units The specified SYSLG6 2 1 a power supply is up 1 up Information SYSLG7 0 0 al 1 s 2 s Information SYSLG7 0 1 al 1 s 2 s Information The specified port is SYSLG7 13 0 al 1x Port 1 j is Authorized authorized The specified MAC is Information MAC 1 m is authorized authorized on the specified SYSLG7 13 26 al 1x on port 2 j port The specified port is Information Port 1 s suspended by suspended by Loopback SYSLG7 15 0 al Security Loopback Detection Detection A physical port is added to a logical link that is called a Information trunk LAG or channel SYSLG7 2 0 al Interface Port 1 j added to 2 j depending on the device Port 1 j can not be Information added to 2 j SYSLG7 2 46 al Unauthorized A dynamically configured Dynamic port 2 j was port was added to a VL
86. Utilization gt Packet Size f Packets RADIUS Authentication gt Browse ARP Table 3 Browse MLD Router Port gt Browse Router Port gt Browse Session Table 3 IGMP Snooping Group MLD Snooping Group gt MAC Address Table 3 System Log 3 Green Ethernet E Device Environment aci STACKING STATUS o 999 oco0000000 1 1 4 0 TADA 02 N A N A N A 03 OK 31 63 04 OK 33 79 05 NIA NIA NIA 06 N A N A N A Figure 0 13 Device Environment Page The Device Environment Page contains the following fields Field Description Unit Indicates the stacking member for which the device environment is displayed Side Fan Status Displays the side fan status The possible values are OK Indicates the fan is operating normally Fail Indicates the fan is not operating normally N A Indicates a fan is not installed on the device Temperature The current temperature of the device Each device type has a different Warning Temperature N A means that the device HW revision does not support temperature reading Warning The maximum allowed operating temperature of the device Temperature 191 Errors DGS 3100 Series Gigabit Stackable Managed Switch User Manual The Error pages display various types of error counters for received and transmitted packets Errors in Received Packets To view Rx errors 1 Click Monitoring gt Errors gt Recei
87. and Password Sometimes passwords get forgotten or destroyed so network administrators need to reset these passwords This document will explain how the Password Recovery feature can help network administrators reach this goal The following steps explain how to use the Password Recovery feature on D Link devices to easily recover passwords Complete these steps to reset the password 4 For security reasons the Password Recovery feature requires the user to physically access the device Therefore this feature is only applicable when there is a direct connection to the console port of the device It is necessary for the user needs to attach a terminal or PC with terminal emulation to the console port of the switch 5 Power on the switch After the boot image is loaded to 100 the Switch will allow 2 seconds for the user to press the hotkey Shift 6 to enter the Password Recovery Mode Once the Switch enters the Password Recovery Mode all ports on the Switch will be disabled Performing the Power On Self Test POST UART Channel Loopback Test 0 cece cee new ceca eee PASS Boot2 Checksum Tes Flash Image Validation Test ooooooooomo PASS BOOT Software Version 1 0 1 83 Built 13 May 2009 be onored COMDTeESS essing SH from image 2 6 In the Password Recovery Mode only the following commands can be used Command Description reset config The reset config command reset
88. as defined in the system Illegal authentication protocol type has been received in the DHCP Message Log Illegal required privacy is received in the DHCP Message Log The Authentication key change via BOOTP DHCP client is not allowed A Privacy key change via BOOTP DHCP client not allowed Privacy key change A Privacy key change is SYSLG8 10 33 Warning SSH required required Privacy Key change length 1 u does not fit privacy protocol Authentication password required The modified Privacy Key length does not fit the privacy protocol An authentication key is received but not configured A Privacy password change SYSLG8 10 36 Warning SSH Privacy password required is required SYSLG8 10 39 DHCP SYSLG8 10 40 DHCP SYSLG8 10 41 DHCP 271 The device has rejected an invalid IP configuration on interface 1 j IP 2 y mask 3 y DHCP server 4 y The device has rejected a duplicated subnet configuration on interface 1 j IP 2 y mask 3 y DHCP server 4 y Malformed DHCP packet y Message type option was found in DHCP packet BOOTP client received The device has rejected an invalid IP configuration on the specified interface with the specified mask and DHCP server The device has rejected a duplicated subnet configuration on the specified interface with the specified mask and DHCP server A abnormal DHCP packet message type option was found in the DHCP packet T
89. configuration PS 1 d status changed 2 s A packet with source MAC 1 m tried to access through port 2 which is locked A packet with source MAC 1 m tried to access through port 2 which is authorize and multiple host disable Sum of the committed BW on interface 1 d is more than port speed all the services applied to it will scaled down Service 1 d is partially active up to interface 2 d Service 1 d can t be active because of erroneous 2 s The specified interface may need to be set to force full duplex and appropriate speed to match partner link configuration The specified port status has changed A security violation warning is issued to a user who activated a port as locked When data from a new MAC address arrives to such port a trap is sent A packet with a specified MAC address attempted to gain access through a port which requires authorization and which is disabled for multiple hosts The sum of the committed BW on the specified interface d is more than port speed all the services applied to it will scaled down The specified Service is partially active up to a specified interface The specified Service cannot be active because of the specified errors BW in kbits 1 d has 2 s to trunk 3 d Activating non guarantee service 1 d with ignored egress interfaces Drop profile in host parameter 1 d is bigger than the asic maximum numb
90. d 3 s 276 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID SEVERITY CATEGORY MESSAGE DESCRIPTION SYSLG8 81 14 Func 1 s Line 2 d Unknown return value 3 d Func 2 s Line 1 d Can t allocate buffer Func 2 s Line 1 d No outgoing interface 1 s state mashine State 2 s Even t 3 s GroupIp 4 s Sr SYSLG8 81 20 Warning clp 5 s received 1 s state SYSLG8 81 21 Warning Module 1 s Call In the specified module the function 2 s without specified call function is GroupIp 4 s Srclp 5 s received mashine Incompatible State 2 s Event 3 s for SYSLG8 81 6 System init without initialization The specified state is not 1 s Bad state in state correct is the specified state SYSLG8 81 7 Warning machine 2 s machine 1 s Hash table 2 s The specified hash table is SYSLG8 81 8 Warning is full full Configuration update of unit 1 lu failed The specified unit SYSLG8 86 0 Warning Up Download Reason 2 s configuration update failed Access attempted by Access attempted by an SYSLG8 86 4 Warning SNMP unauthorized NMS unauthorized NMS Error encountered while An error occurred while downloading config downloading the specified SYSLG8 86 9 Warning Up Download 1 s configuration There is an overflow in SYSLG8 89 8 Warning SNMP Overflow in CDB CDB Overflow in startup CDB offset 1 lu file end SYSLG8 89 9 Warning SNMP 2 lu The v1 Host Timer cannot be ac
91. da PoE aipveact TCP gt __select__ B p ACL You can select the field in the packet to create filtering mask ACL Configuration Wizard gt SS L2 Header IPv6 Class IPv6 Address TCP Port TCP Flag ACL Finder STACKING STATUS r E T a Ii ssssosss E pe Create Figure 0 20 ACL Profile L3 IPv6 TCP Page To define L3 IPv6 TCP Port ACL profile 1 Click the TCP Port button The ACL Profile L3 Ipv4 TCP Port Page updates to aow the following a F pr cast A ESSE eoe serere resena egeseeese seeesescs y i ll il al a a Meee Building Networks for Peoplg 4 y a Peer ry ST eee op ep a El ev 11 A ii IES o al Y Up Time 5 days 2 13 04 Logged in as administrator 10 5 80 7 P Logout a DGS 3100 48 rome C E A Configuration Select Frame Type EG L2 Features faos C L2ACL g eared C L3IPV4ACL g Monitoring PoE L3IPvV6ACL TCP y Select PG ACL You can select the field in the packet to create filtering mask ACL Configuration Wizard gt PA L2 Header IPv6 Class IPv6 Address TCP Flag ACL Finder STACKING STATUS TCP Port BE SourcePortMask Maske fee el DestinationPortMask E Sum EO RES r a E Create z Figure 0 21 ACL Profile L3 IPv6 TCP Port Page The ACL Profile L3 Ipv4 TCP Port Page contains the following fields Field Description Source Port
92. date and hour Annual Enables setting annual DST This option requires defining begin and end times by the specific dates Daylight Saving Time Offset in Minutes Defines the local DST offset in minutes The default time is 60 minutes The possible field values are 30 Defines the local offset for 30 minutes 60 Defines the local offset for 60 minutes 90 Defines the local offset for 90 minutes 120 Defines the local offset for 120 minutes Time Zone Offset from GMT Indicates the difference between Greenwich Mean Time GMT and local time For example the Time Zone Offset for Paris is GMT 1 while the Time Zone Offset for New York is GMT 5 DST Repeating Settings Sections The Repeating Mode enables setting repeating DST This option requires defining begin and end times by specific day and hour For example the network administrator defines that DST begins the second Saturday during April and ends on the last Sunday in October Field Description 45 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description From Which Week of Defines which numeric week of the month DST begins The possible field values are the Month First Indicates the first week of a month Second Indicates the second week of a month Third Indicates the third week of a month Fourth Indicates the fourth week of a month From Day
93. dropped Access Profiles and Access Rules that are made of the filters determine traffic classifications This section cotains the following topics e Methods for Defining Access Control Lists e ACL Configuration Wizard e Defining Access Profile Lists e Finding ACL Rules 201 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Methods for Defining Access Control Lists Access Control Lists ACLs can be configured in the DGS 3100 series via the WEB GUI in either of the following ways e ACL Configuration Wizard This feature automatically creates both Access Profiles and their rules After the system creates an Access Profile and an Access Rule it binds it to a port LAG or a group of ports LAG Each operation via the Wizard can create either a MAC based ACL or IP based ACL The user cannot combine both types of ACLs in the same operation This feature is described below e ACL Profile List This feature is used to manually create profiles and rules This feature is described in the Defining Access Profile Lists section 202 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ACL Configuration Wizard The ACL Configuration Wizard Page provides information for configuring Access Control Lists The ACL Configuration Wizard Page assists in configuring ACLs intuitively and quickly and creates ACL profiles and rules automatically To define ACLs 1 Click ACL gt ACL Configuration Wizard The ACL Configur
94. each of these filtering options ICMP Filtering If L3 IPv6 ACL ICMP is selected the page updates as follows Zi Esso 700090009999 0200 0900 00000000 345 e 9 OWHNHUBH HN esse ARA Ed 2 f DLink a D Link Y AAA E ET LA f o REG IR A ee VUE E AR 1100 48 A StackID E Up Time 5 days 2 03 54 Logged in as adminis tator 10 5 80 57 BA Logout 6 Save Tools 7 DGS 3100 48 rome Configuration Select Frame Type EH L2 Features c Poos L2 ACL 1 Security C L3IPv4ACL E B Monitoring o PoE L3IPV6BACL ICMP a ACL You can select the field in the packet to create filtering mask B ACL Configuration Wizard 2 Access Profile List L2 Header IPv6 Class IPv6 Address ICMP B ACL Finder STACKING STATUS Create Figure 0 16 Add L3 IPv6 ACL Profile Page To define L3 IPv6 Class ACL profile This option defines whether or not the Class field is checked for a match 1 Click the IPv6 Class button The ACL Profile L3 Ipv4 ACL ICMP Class Page updates to show the following 218 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SNA toe gt sl Speeeeeoeeooeeeeoee o00000 0 0 o sess oo 4 onns u Va 9 W 23 272 usaya 2 PE f DLink 3338 gt D Link AE seen Cee AAA PF DIS aaa BBD versus FFP a DES 310048 gt mid Eal Save Tools StackID Up Time 5 days 2 06 34
95. field values are Enabled MLD Snooping is enabled on the VLAN Disabled MLD Snooping is disabled on the VLAN This is the default value Static Router Port Setting Edit button Displays the MLD Snooping amp Static Router Ports Settings Page Multicast Entry Table View Button Displays the Multicast Entry Table 2 Click Edit The MLD Snooping amp Static Router Ports Settings Page opens 92 DGS 3100 Series Gigabit Stackable Managed Switch User Manual e 1 00000000000000 d AEREA Building Networks for People DGS 3100 48 B Configuration EMB L2 Features VLAN ID 02 gt Jumbo Frame VLAN Name RED2 gt 802 10 VLAN Done Timer 0 16711450 sec Asymmetric VLAN GVRP Settings Host Timeout 60 16711450 sec gt Trunking VLAN Trunking Router Timeout 1 16711450 sec y gt Traffi a raffic Segmentation State Enabled y LACP Port Settings gt IGMP Snooping E E Static Router Ports gt Port Mirroring Unit 01 Spanning Tree E B Forwarding amp Filtering LLOP H H QoS H H Security E Monitoring ACL Unit 01 Y Ports Forbidden Router Ports Unit 01 hd STACKING STATUS ns ss ss ss 5s Ss Ss wo wo wo wo ws ww ww Dw ff fw fw Dw Dw Dw Dw R Ports r peer oO SSSSSESS seoseses sessssssgg PP ry tt meeps a sesososo SEEKS amp we Figure 0 18 MLD Snooping amp Static Router P
96. follow To reduce the risk of bodily injury electrical shock fire and damage to the equipment observe the following precautions Do not service any product except as explained in your system documentation Opening or removing covers that are marked with the triangular symbol with a lightning bolt may expose you to electrical shock Only a trained service technician should service components inside these compartments If any of the following conditions occur unplug the product from the electrical outlet and replace the part or contact your trained service provider The power cable extension cable or plug is damaged An object has fallen into the product The product has been exposed to water The product has been dropped or damaged The product does not operate correctly when you follow the operating instructions Keep your system away from radiators and heat sources Also do not block the cooling vents Do not spill food or liquids on your system components and never operate the product in a wet environment If the system gets wet see the appropriate section in your troubleshooting guide or contact your trained service provider Do not push any objects into the openings of your system Doing so can cause a fire or an electric shock by shorting out interior components Use the product only with approved equipment Allow the product to cool before removing covers or touching internal components Operate the p
97. following fields Field Description Http Indicates that the system files are backed up or restored via an HTTP server The possible field values are Backup current setting to file Backs up the current configuration files via the HTTP server Restore saved setting from file Restores the current configuration files via the HTTP server File Type Specifies the current configuration file type The possible field values are Startup Config and Running Config TFTP Indicates that the system files are backed up or restored via an TFTP server The possible field values are Server IP Specifies the TFTP Server IP Address to which files are backed up or from which they are restored File Indicates the file that is backed up or restored File Type Specifies the current configuration file type The possible field values are Startup Config and Running Config Backup current setting to server Backs up the current configuration files via the TFTP server Restore saved setting from server Restores the current configuration files via the TFTP server DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Select HTTP or TFTP field 3 Define the selected server method fields To backup files click Backup To restore files click _ Restore Resetting the Device The Factory Reset Page restores the factory defaults To restore the device to the factory default settings
98. from TACACS server 2 s failed Unexpected TCP msg was received from server 1 s No TACACS server is configured cannot start authentication Connection to server 1 s is aborted Single Connection mode may not be supported by this server No TACACS server is configured cannot start authorization Cannot create new user too many users FLMNGG update file st ate The entry of file 1 s was not updated to the flash PIMGLG snmp bindmib variable For variable id 1 lu the snmp operation 2 s not supported Func 1 s Line 2 d 3 s Func 1 s Line 2 d Unknown return value 3 d Func 2 s Line 1 d DESCRIPTION encryption key was not found For key generation use the crypto key generate commands The service starts automatically when a host key is generated The specified attribute is ignored The message length is bigger than the specified maximum Extra characters will be truncated Parsing of the specified message received from the specified TACACS server has failed Unexpected TCP message was received from the specified server No TACACS server is configured so authentication cannot be performed A connection attempt to a specified server is terminated Single connection mode is not supported by the current server No TACACS server is configured so authorization cannot be started Cannot create new user due to too many users already configured T
99. in one STP instance the same port can be placed in Forwarding State in another STP instance The STP Bridge Global Settings Page contains parameters for enabling STP on the device This section contains the following topics e Defining Spanning Tree Global Parameters e Defining STP Port Settings e Defining Multiple Spanning Tree Configuration Identification e Defining MSTP Port Information 97 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Spanning Tree Global Parameters While Classic STP prevents Layer 2 forwarding loops in a general network topology convergence can take between 30 60 seconds This time may delay detecting possible loops and propagating status topology changes Rapid Spanning Tree Protocol RSTP detects and uses network topologies that allow a faster STP convergence without creating forwarding loops When STP is enabled Loopback Detection LBD is also enabled Loopback Detection identifies any Loopback BPDUs that the Spanning Tree application receives on a port In this case the device sends a Loopback Detection trap for the port When the condition is resolved the device sends a Loopback Detection Resolved trap and the port learns the STP configuration again The STP Bridge Global Settings Page contains parameters for enabling STP on the device 1 Click L2 Features gt Spanning Tree gt STP Bridge Global Settings The STP Bridge Global Settings Page opens 2 gt Dimk 299
100. interface ports on the front panel whereas devices are connected to create stacking by connecting the HDMI interface ports located on back panel The following pin connectors are described e Pin Connections for the 10 100 1000 Ethernet Interface e Pin Connections for the HDMI Connector 232 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Pin Connections for the 10 100 1000 Ethernet Interface The switching port can connect to stations wired with standard RJ 45 Ether straight or crossed cables The following figure illustrates the pin allocation Figure A 1 RJ 45 Pin Allocation RJ 45 Ports Pinout The following table describes the pin allocation of the RJ 45 and the console ports en SIGNAL NAME Table 2 RJ 45 Pin Assignments 233 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Pin Connections for the HDMI Connector The stacking ports are used for connecting units using a standard HDMI cable The following figure illustrates the HDMI connector pin allocation sa Figure A 2 HDMI Pin Allocation HDMI Ports Pinout The following table describes the pin allocation of the HDMI connector SIGNAL NAME TMDS Data 2 SIGNAL NAME TMDS Clock Shield TMDS Data 2 12 TMDS Clock Shield TMDS Data 1 DDC Data Shield Table 3 HDMI Pin Assignments Hot Plug Detect SHELL 234 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SYSLOG ERRORS The
101. is 30 seconds ServerTimeout 1 65535 sec Defines the amount of time that lapses before the device re sends a request to the authentication server The field value is specified in seconds The field default is 30 seconds MaxReq 1 10 times Displays the total amount of EAP requests sent If a response is not received after the defined period the authentication process is restarted The field default is 2 retries TxPeriod 1 65535 sec Defines the amount of time in seconds that lapses before EAP requests are resent The field default is 30 seconds ReAuthPeriod 300 4294967295 sec Displays the time span in seconds in which the selected port is re authenticated The field default is 3600 seconds ReAuthEnabled Indicates if ports MAC address can be re authenticated after the port MAC address authentication has timed out The possible field values are 148 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Enabled Enables re authenticating the port or MAC addresses after the port or MAC address authentication has timed out This is the default value Disabled Disables re authenticating the port or MAC addresses after the port or MAC address authentication has timed out Control Indicates the host status If there is an asterisk the port is either not linked or is down The possible field values are ForceUnautho
102. key Messages encrypted with a public key can be decrypted with the matching private key The following Public Key Algorithms are supported HMAC RSA Supports the Hash for Message Authentication Code HMAC mechanism utilizing the RSA encryption algorithm HMAC DSA Supports the Hash for Message Authentication Code HMAC Digital Signature Algorithm DSA encryption algorithm Data Integrity Algorithm Validates message authentication information transmitted between two parties which share the same key The following Data Integrity Algorithms are supported HMAC SHA Supports the Hash for Message Authentication Code HMAC Secure Hash Algorithm SHA mechanism HMAC MDS Supports the Hash for Message Authentication Code HMAC MDS Message Digest MD5 mechanism Encryption Algorithm Generates authentication keys used to authenticate communications between different applications The following Encryption Algorithms are supported 3DES CBC Support a block size of 8 bytes 64 bits its key size is 192 bits long The first 8 bytes cannot be identical to the second 8 bytes and the second 8 bytes cannot be identical to the third 8 bytes AES1I28 Provide a block cipher that encrypts and decrypts digital information The AES128 algorithm is capable of using cryptographic 128 keys AES192 Provides a block cipher that encrypts and decrypts digital information The AES192 algorithm is capabl
103. received illegal IP address in BOOTP msg DHCP client received illegal IP address in DHCP msg BOOTP msg indicates that IP interface and default router are not on the same subnet BOOTP msg indicates that IP interface and TFTP server are not on the same subnet DHCP msg on interface 1 j indicates that IP interface 2 y and default router 2 y mask 3 y are not on the same subnet DHCP msg on interface 1 j indicates that default router 2 y mask 3 y sent by DHCP server 4 y is either a subnet name or a broadcast DHCP msg indicates that IP interface and TFTP server are not on the same subnet BOOTP msg indicates that file name was configured without configuring IP address of TFTP server IP address of TFTP server DESCRIPTION removed and is indicated as being down or not present The IP address was most likely allocated statically The message appears when topology changes took place but the system failed to add an entry to the table because no memory is available The BOOTP client received an illegal IP mask in the BOOTP message The DHCP client received an illegal IP mask in DHCP message The BOOTP client received an illegal IP address in the BOOTP message The DHCP client received an illegal IP address in the DHCP message Error in the BOOTP server configuration where the IP interface and default router are not on the same subnet Error in the BOOTP server configuratio
104. selected user defined VLAN name Multicast Group Displays the IP address assigned to the Multicast group MAC Address Displays the MAC address assigned to the Multicast group Port Displays the ports where the IGMP packets were snooped 2 Define the VD and Vlan fields 3 Click 185 Find The IGMP Snooping Group Page displays relevant information DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing MLD Group Information The MLD Snooping Group Page contains vital MLD group information including the Multicast Group IP address and the corresponding MAC address through which the MLD packets passed 1 Click Monitoring gt MLD Snooping Group The MLD Snooping Group Page opens Figure 6 114 MLD Snooping Group Page The MLD Snooping Group Page contains the following fields Field Description VID Defines the VLAN ID for the MLD Snooping Group VLAN Name Defines the VLAN name VLAN Name Displays the currently selected user defined VLAN name Multicast Group Displays the IP address assigned to the Multicast group MAC Address Displays the MAC address assigned to the Multicast group Port Displays the ports where the MLD packets were snooped 2 Define the VID and VLAN Name fields 3 Click Find The MLD Snooping Group Page displays relevant information ping p Fag 186 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Dynamic and Static MAC Address
105. settings 1 Click L2 Features gt Voice VLAN gt Global Setting The Voice VLAN Global Setting Page opens Fr eee AAA o0o0o0o0o0o0o0o0o0oooc o eoo0000 000000000 c000000000000000 00 s Te vona nnman an s n ce RRA RA js AA mac Ons e A FEP l SMa z Tools Stack ID Up Time 2 days 17 58 06 Logged in as 10 5 80 10 ea Logout EEES Trunking VLAN opa q VLAN Trunking gt Traffic Segmentation Voice VLAN Setting C Create Delete gt LACP Port Settings VID gt VLAN Name Apply IGMP Snooping MLD Snooping Port Mirroring 802 1p Priority 0 E Spanning Tree sae E pP Forwarding amp Filtering Remark 802 1p Priority fg LLDP Voice VLAN Aging Time Day 0 Hour 0 Min 1Min 30Days Apply B Voice VLAN Eval seins gt Port Settings oul H H aos E B Security f Monitoring H acL 4 gt STACKING STATUS Enable y Figure 0 40 Voice VLAN Global Setting Page The Voice VLAN Global Setting Page contains the following fields Field Description Voice VLAN Setting Specifies the action to take The possible field values are e Create Creates the Voice VLAN e Delete Removes Voice VLAN from the device This is the default VID Selects the Voice VLAN ID number 122 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description VLAN Name Defines the name of the Voice VLAN 802 1p Priority Prioritizat
106. system logs for all levels of system logs Server IP Displays the IP address of the Log Server Host Facility Defines an application from which system logs are sent to the remote server Only one facility can be assigned to a single server If a second facility level is assigned the first facility is overridden UDP Port 514 or 1 65535 Defines the UDP port to which the server logs are sent The possible range is 1 65535 The default value is 514 2 Define the Index Severity Server IP Facility and UDP Port fields 3 Click Apply f 39 The System Log Host is defined and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual To delete a log entry 4 Select the entry 5 Click Delete The entry is deleted and the device is updated 40 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring SNTP The device supports the Simple Network Time Protocol SNTP SNTP assures accurate network device clock time synchronization up to the millisecond Time synchronization is performed by a network SNTP server The device operates only as an SNTP client and cannot provide time services to other systems The device polls Unicast type servers for the server time Time sources are established by stratums Stratums define the accuracy of the reference clock The higher stratum where zero is the highest the more accurate clock The device receives time from stratum 1 and above
107. tags to the video packets being sent out utilizing the Access Profile commands Then on the receiving end the administrator instructs the Switch to examine packets for this tag acquires the tagged packets and maps them to a class queue on the Switch Then in turn the administrator will set a priority for this queue so that it will be emptied before any other packet is forwarded This process results in the end user receiving all packets sent as quickly as possible thus prioritizing the queue and allowing for an uninterrupted stream of packets which optimizes the use of bandwidth available for the video conference 127 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Understanding QoS The Switch has four priority queues These priority queues are labeled as 3 the highest queue to 0 the lowest queue The eight 0 7 priority tags specified in IEEE 802 1p are mapped to the Switch s priority tags as follows e Priorities 1 and 2 are assigned to the Switch s QO queue e Priorities 0 and 3 are assigned to the Switch s Q1 queue e Priorities 4 and 5 are assigned to the Switch s Q2 queue e Priorities 6 and 7 are assigned to the Switch s Q3 queue For strict priority based scheduling any packets residing in the higher priority queues are transmitted first Multiple strict priority queues empty based on their priority tags Only when these queues are empty are packets of lower priority transmitted For weighted round robin que
108. the Administration folder This is identical to creating any other admin level User Account on the Switch including specifying a password This password is used to logon to the Switch once a secure communication path has been established using the SSH protocol e Configure the User Account to use a specified authorization method to identify users that are allowed to establish SSH connections with the Switch using the Current Accounts window Security gt Secure Shell SSH gt SSH User Authentication There is a special SSH method that mey be used to authorize the user Public Key The default value is None NOTE DGS 3100 xx only supports SSH protocol version 2 To define SSH on the device 1 Click Security gt SSH gt SSH sa cea The SSH Configuration Page opens oll Tt tT tt Ts Whe a ol Sie Sree Seer y PRR FREER Link D KEE HEENA E Building Networks for People Save X Tools Stack ID B X Up Time 2 days 5 70 mi Logged in as administrator admin 192 168 0 100 i onoi ba DGS 3100 48 E Configuration E HL Features SSH Server Status O Enabled Disabled fj QoS El 4 Security 2 gt Safeguard Engine SSH Global Setting 3 Trusted Host Port 1 65535 22 gt Port Security Guest VLAN 2 9 802 1x SSL B f SSH gt SEE 3 SSH Algorithm Settings H Access Authentication Coi E Monitoring fe ACL lt amp STACKING STATUS heseses sedessss seres dd Presuinii DISISD
109. the specified were found in CDB CDB and specified SYSLG8 89 6 Error SNMP variable 1 s variable An unknown source is SYSLG8 85 0 Error Security Unknown source received received eb There is not enough space SYSLG8 86 2 Error SSH 2 lu trap There is not enough space Not enough space for for the instance ID of the instance id of variable specified variable of the SYSLG8 86 3 Error SNMP 1 lu of trap 2 lu specified trap A a SSH MIB variable 1 lu not The specified MIB variable SYSLG8 89 7 Error System supported is not supported Keymanager Failed to SYSLG8 90 0 Error AA send to backup Failed to send to backup Keymanager Size of the SYSLG8 90 1 Error data exceeded Size of the data exceeded Autogeneration of self signed certificate was Autogeneration of self SYSLG8 96 10 Error Interface failed signed certificate has failed Buffer for notifying The buffer for notifying the applicaton 1 s could specified application could SYSLG8 97 17 Error System not be allocated not be allocated 243 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID SEVERITY CATEGORY MESSAGE DESCRIPTION Memory for notifying Memory for notifying the applicaton 1 s could specified application could SYSLG8 97 18 Error System not be allocated not be allocated Information File 1 s has been Auto The specified file has been SYSLG1 0 55 al Up Download Updated Auto Updated Auto Update is completed Information Au
110. to add an entry to the table added because of Routing because no memory is SYSLG8 1 31 Warning STP table overflow available BOOTP client received The BOOTP client received illegal IP mask in BOOTP an illegal IP mask in the SYSLG8 10 14 Warning bootup msg BOOTP message DHCP client received The DHCP client received illegal IP mask in DHCP an illegal IP mask in DHCP SYSLG8 10 15 Warning DHCP msg message BOOTP client received The BOOTP client received illegal IP address in an illegal IP address in the SYSLG8 10 16 Warning bootup BOOTP msg BOOTP message DHCP client received The DHCP client received illegal IP address in an illegal IP address in the SYSLG8 10 17 Warning DHCP DHCP msg DHCP message BOOTP msg indicates that Error in the BOOTP server IP interface and default configuration where the IP router are not on the same interface and default router SYSLG8 10 20 Warning bootup subnet are not on the same subnet BOOTP msg indicates that Error in the BOOTP server IP interface and TFTP configuration where the IP server are not on the same interface and TFTP server SYSLG8 10 21 Warning bootup subnet are not on the same subnet DHCP msg on interface Error in the DHCP server 1 j indicates that IP configuration where the interface 2 y and specified IP interface and default router 2 y specified default router with mask 3 y are not on the specified mask are not SYSLG8 10 22 Warning DHCP the same subnet on the same subnet
111. to timing out If a Leave Timeout occurs the switch notifies the Multicast device to stop sending traffic The Leave Timeout value is either user defined or an immediate leave value The default timeout is 10 seconds The field range is 0 16711450 seconds 88 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Host Timeout Description Defines the time the host waits to receive a message before timing out The default time is 260 seconds The field range is 60 16711450 seconds Router Timeout Defines the time the Multicast router waits to receive a message before it times out The default value is 300 seconds The field range is 1 16711450 seconds State Indicates if IGMP snooping is enabled on the VLAN The possible field values are Enable Enables IGMP Snooping on the VLAN Disable Disables IGMP Snooping on the VLAN This is the default value Indicates if an IGMP Querier is enabled on the VLAN The possible field values are Enabled An IGMP Querier is enabled on the VLAN Disabled An IGMP Querier is disabled on the VLAN This is the default value Querier State Querier Version Indicates the IGMP Querier version on the VLAN The possible field values are IGMPv2 and IGMPv3 The default is IGMPv2 Static Router Port Setting Edit button Displays the IGMP Snooping and Static Router Ports Settings Page Multicast Entry Table View But
112. 00000 ve 2 wa DADAS ADA DL ETS BEE gseeeeesesss 22222 Buin Wenger for Peoptd ane S40 848484 5 884055 PSCC SEPT E Up Time 2 days 51013 4 Logged in as administrator admin 192 168 0 100 Mati DGS 3100 48 3 Configuration i B L2 Features Global FDB Setting E Jumbo Frame Aging Time 10 630 __ Apply 802 10 VLAN gt GVRP Settings 1 _ Trunking VID MAC Address Unit 01 vw Port 01 v 3 Traffic Segmentation 33 LACP Port Settings E gt IGMP Snooping VID Mac Address Unit Pon MLD Snooping 01 01 00 00 00 00 02 gt Port Mirroring 01 01 00 00 00 00 03 B Spanning Tree 01 01 00 00 00 00 04 G Forwarding amp Filtering 01 01 00 00 00 00 05 gt MESSER 11 01 00 00 00 00 06 Multicast Forwardir 11 01 00 00 00 00 07 Multicast Filtering M 44 01 00 00 00 00 08 a LLOP Sa teeth a e E De STACKING STATUS De F sua y 21 01 00 00 00 00 12 edit JL De Next Edit Del De Edit De De Ctdie_ T De be ee a Te ws A a Ze as Te Figure 0 24 Unicast Forwarding Page The Unicast Forwarding Page contains the following fields Field Description Aging Time Defines the aging time of a Unicast packet If the packet is not forwarded after this interval it is discarded Aging time is a global FDB database setting VID Defines the VLAN ID MAC Address Defines the Unicast MAC address to which packets are forwarded Unit Defines the unit number
113. 1 X parameters are defined To Port Indicates the last port for which the 802 1 X parameters are defined Mode Indicates the 802 1 X mode enabled on the device The possible field values are Port Base Enables 802 1X on ports This is the default value MAC Base Enables 802 1xon MAC addresses Dynamic VLAN Assignment Indicates if Dynamic VLAN Assignment is enabled on the device The possible field values are e Enabled Enables Dynamic VLAN Assignment on the device e Disabled Disables Dynamic VLAN Assignment on the device This is the default value Define the Mode field N DARDO Enable or disable the 802 1X status in the 802 1X field In the 802 1X Port Access Control section define the fields Set the ReAuthEnabled field and the Control fields Set the values in the Unit From Port and To Port fields Click SS The 802 1x Access Control is configured and the device is updated MAC Authentication MAC Based MAC Access Control 1 MAC Authentication is configured in DGS 3100 series via 802 1x Setting WEB page 2 This functionality enables the user to allow specific MAC address to enter the switch while rejecting the unauthorized MAC addresses 3 The database of the authorized MAC addresses resides in a Radius Server 147 NOTE MAC based authentication doesn t require 802 1X client enabled To enable MAC Authentication 1 Click Security gt 802 D
114. 1 d status changed The specified port status SYSLG1 6 10 Warning Power 2 s has changed A security violation warning is issued to a user A packet with source who activated a port as MAC 1 m tried to locked When data from a access through port 2 j new MAC address arrives SYSLG4 5 3 Warning Port Security which is locked to such port a trap is sent A packet with a specified A packet with source MAC address attempted to MAC 1 m tried to gain access through a port access through port 2 which requires which is authorize and authorization and which is SYSLG4 5 34 Warning 1x multiple host disable disabled for multiple hosts The sum of the committed Sum of the committed BW on the specified BW on interface 1 d is interface d is more than port more than port speed all speed all the services the services applied to it applied to it will scaled SYSLG5 3 10 Warning Interface will scaled down down Service 1 d is partially The specified Service is active up to interface partially active up to a SYSLG5 3 12 Warning Security 2 d specified interface Service 1 d can t be The specified Service active because of cannot be active because of SYSLG5 3 13 Warning Security erroneous 2 s the specified errors BW in kbits 1 d has SYSLG5 3 14 Warning 2 s to trunk 3 d Activating non guarantee Activating non guarantee service 1 d with specified services with SYSLG5 3 17 Warning Security Drop profile in host Dr
115. 1013 g Logged in as administrator admin 192 168 0 100 E E Monitoring gt Stacking Information gt gt Port Utilization gt Packet Size H Packets RADIUS Authentication gt Browse ARP Table gt Browse MLD Router Pc gt Browse Router Port Browse Session Table gt IGMP Snooping Group gt MLD Snooping Group MAC Address Table gt System Log E HACL y lt ME STACKING STATUS Utilization Cece SS se sssceces sessesss Unit Unity Time Interval 1s Record Number 200 Show Hide F utilization Figure 6 2 CPU Utilization Page The CPU Utilization Page contains the following fields Field Description Utilization Displays current CPU utilization by percentage Time Interval Defines the 1 60 second time intervals in which the usage samples are taken as follows 1 2 3 4 5 10 20 30 40 50 60 Record Number Defines the record number Show Hide Displays the CPU utilization information The possible fields are Utilization checked Utilization information is enabled This is the default value Utilization unchecked Utilization information is disabled 2 Define the Time Interval and Record Number fields 3 Define the Show Hide field 4 Click A AN A sample record of CPU utilization 1s stored and the device is updated 173 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Port Utilization The Port Utilization Pag
116. 40 this is another unique set of rules and the count of additional rules will be 2 Totally in the system we will use 6 rules out of the available 240 Example 2 Assume that Access IDs 1 2 3 4 are bound to ports 1 10 this is a unique set of rules and the count of rules in this case is 4 Assume that Access IDs 4 5 6 are bound to ports 11 20 this is another unique set of rules and the count of additional rules will be 3 In addition Access IDs 5 6 are bound to ports 21 30 this is another unique set of rules and the count of additional rules will be 2 Totally in the system there are 4 3 2 9 rules NOTE ACL with action of Rate Limit can be applied only on one portt LAG at a time This type of ACL is treated by the system as a unique ACL on each port it is bound to so all the rules on a portt LAG which has an ACL with Rate Limit action will be counted and consumed hardware resources From this reason ACLs with Rate Limit action should be used very carefully since the system maximum rule capacity can be reached if the user for example applies this rule on 240 ports which is less then the capacity of a full 6 unit stack of 48 ports switches DGS 3100 Series Gigabit Stackable Managed Switch User Manual CONNECTORS AND CABLES This section describes the devices physical interfaces and provides information about cable connections Stations are connected to the device ports through the physical
117. 41 days 2 hours 22 minutes and 15 seconds 17 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Boot Version Displays the installed device boot version number MAC Address Displays the MAC address assigned to the device IP Address Displays the IP address assigned to the device Subnet Mask Displays the subnet mask assigned to the device Default Gateway Displays the device default gateway assigned to the device Login Timeout minutes Indicates the amount of time after which if no user activity occurs the device times out The default is 10 minutes Time Source Provides a shortcut to viewing the system clock settings 802 1D Spanning Tree Indicates if STP is enabled on the device and provides a shortcut to viewing the STP settings DHCP Client Indicates if DCHP Client is enabled on the device and provides a shortcut to viewing the DHCP Client settings Safeguard Engine Indicates if the Safeguard Engine is enabled on the device and provides a shortcut to viewing the Safeguard Engine settings SNMP Trap Indicates if SNMP Traps are enabled on the device and provides a shortcut to viewing the SNMP Traps settings SSL Indicates if Secure Socket Layer SSL is enabled on the device and provides a shortcut to viewing the SSL settings GVRP Setting Indicates if Group VLAN Registration Protocol is enabled Telnet Setting Indicates if Teln
118. 5 Click Ay The VLAN Trunking settings are saved and the device is updated 85 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Traffic Segmentation The Traffic Segmentation Page enables administrators to force traffic from source ports to bypass the Forwarding Database FDB and forward all Unicast Multicast and Broadcast traffic to the forwarding port To define Traffic Segmentation 1 Click L2 Features gt Traffic Segmentation The Traffic Segmentation Page opens PEZ Ue Building Networks tor People E Save N Up Time days 51013 Logged in as administrator admin 192 168 0100 maon DGS 3100 48 El Configuration Ef L2 Features Add Traffic Segmentation Jumbo Frame Source Ports B 802 10 VLAN Unit 01 3 3 Asymmetric VLAN GVRP Settings Port Trunking Port 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 li AAA gt 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 LACP Port Settings gt IGMP Snooping m m m m m m m m A eee AA eee AO A A oe MLD Snooping Port Mirroring Forwarding Ports B Spanning Tree i Forwarding amp Fitering Unit 01 z por Port E Qi ae Port 123 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 E Monitoring All Bee m A m A AAA m m AAA m mj mj pact 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 m mj m m m mj a AAA OA eee Add ndex Source Ports Forwarding Ports 11 S
119. 5 days 1 57 24 Logged in as administrator 10 5 80 57 WA Logout a DGS 3100 48 rome C E BH Configuration Select Frame Type EH L2 Features c poos L2 ACL f Security 3ipvaact TCP y g Bi Monitoring i PoE L3IPv6 ACL Select a ACL You can select the field in the packet to create filtering mask ACL Configuration Wizard gt SA L2 Header IPv4 Class IPv4 Address TCP Flag ACL Finder STACKING STATUS TCP Port BE T Source Port Mask si Mask Generate fee DestinationPortMask E See i E Ht gt EO EOS Ds A sssi ES sees sess csi E Create z Figure 0 12 ACL Profile L3 Ipv4 TCP Port Page The ACL Profile L3 Ipv4 TCP Port Page contains the following fields Field Description Source Port Mask Defines the range of source Ports relevant to the ACL rules O ignore 1 check For example to set 0 15 set mask of FFFO Destination Port Mask Defines the range of destination IP addresses relevant to the ACL rules O ignore 1 check For example to set 0 15 set mask of FFFO 2 Select Source Port Mask and or Destination Port Mask The Mask Generate button is active 215 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 3 Enter a port ID in the box adjacent to the Mask Generate button 4 Alternatively click Mask Generate The Generate Mask by range fields appear 5 Enter a port ID range into the
120. 6G m a ES ESE r JAZENS Jisai Figure 0 23 MSTI Config Information Page The MSTI Config Information Page contains the following fields Field Description Unit Defines the unit to find Port Defines the Port to find Instance ID Lists the MSTP instances configured on the device Possible field range is 0 7 Internal Path Cost Indicates the port contribution to the Spanning Tree instance The range should always be 1 200 000 000 The default value is automatically set cost according to its speed Default port cost 10Mbps port 2000000 100Mbps port 200000 Gigabit port 20000 Port channel 20000 103 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Priority Defines the interface priority for the specified instance The default value is 128 Status Indicates whether the port is enabled for the specific instance The possible field values are Forwarding Enables the port for the specific instance Listening Processes BPDUs received from the system module Learning Incorporates station location into its address database Blocking Discards frames received from the attached segment and frames switched from another port for forwarding Disabled Disables the port for the specific instance Role Indicates the port role assigned by the STP algorithm to provide to STP paths The possible field values are Enabled E
121. 8 31 44 SYSLG8 40 13 SEVERITY Warning Warning Warning Warning Warning Warning Warning Warning Warning Warning Warning DGS 3100 Series Gigabit Stackable Managed Switch User Manual CATEGORY MESSAGE 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x DHCP client received illegal magic cookie 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x must be 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x DHCP snooping received illegal magic cookie 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x must be 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x Cannot create a user Received unsupported authentication REPLY msg status 1 u server msg 2 s Unsupported arguments for adding received in authorization RESPONSE msg 1 s Unsupported arguments for replacement received in authorization RESPONSE msg 1 s Received unsupported authentication RESPONSE msg status 1 u New 1 s connection for user 2 s source 5 s 3 y destination 5 s 4 y REJECTED User 1 s LOCKED after unsuccessful login from 2 s source 5 s 3 y destination 5 s A y AAA FILE data corruption occurs Valid data ONLY saved 1 s Packet dropped by Policy rule no 2 s A AAA DESCRIPTION The 4 byte value of the received cookie must match the 4 byte value of the legal cookie The 4 byte value of the received cookie must match the 4 byte value of the legal cookie Pane PS Unexpected PDU code
122. 9 9 Warning SNMP 2 lu The v1 Host Timer cannot be activated and a router SYSLG8 9 11 Warning FDB Timer allocation failed will stay in the v1 state Querier gt NonQueirier transition on Interface An interface stopped to be a SYSLG8 9 14 Warning FDB 1 j Querier No entry can be inserted IGMP Cache table is the platform reached its SYSLG8 9 7 Warning FDB overflowed limit Received IGMP wrong Received a wrong IGMP SYSLG8 9 8 Warning FDB version V1 query version v1 query Received IGMP wrong Received a wrong IGMP SYSLG8 9 9 Warning FDB version V2 query version v2 query Configuration upload has Configuration file upload SYSLG8 95 0 Warning Up Download been aborted has been aborted SYSLG8 95 1 Up Download Configuration download Configuration file 267 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION Ye igs oF has been aborted download has been aborted Unknown certificate SYSLG8 96 7 Warning subject field SYSLG8 98 6 Warning System Bad OS status Bad OS status Reached Maximum number of IGMP The IGMP database is full SYSLG8 98 7 Warning FDB memberships No entry can be inserted You may need to set interface 1 s to force The specified interface may full duplex and need to be set to force full appropriate speed to duplex and appropriate match partner link speed to match partner link SYSLG1 0 32 Warning Interface configuration configuration PS
123. 9909099999999 soso 9909999999990900 RE RR RR RRE RAP 229 TPA ae S amp S BEER ERR 28020802088 Hed DGS 3100 48 H Configuration L2 Features STP Global Setting nba Frome STP Status C Enabled Disabled Apply B 802 10 VLAN gt Asymmetric VLAN B GVRP Settings STP Version STP h gt Trunking A Disabiea B VLAN Trunking Forwarding BPDU Disabled y 3 Traffic Segmentation Loopback Detection Disabled LACP Port Settings E me 3 IGMP Snooping Bridge Priority 0 65535 2768 33 MLD Snooping Bridge Max Age 6 40 20 sec gt Port Mirroring j y E f Spanning Tree Bridge Hello Time 1 10 2 sec a _ ERES Bridge Forward Delay 4 30 15 sec ort Settings B MST Configuration Ider Max Hops 1 20 20 times MSTP Port Information f E 60 Appl Forwarding amp Fitering LBD Recovery Time 60 1000000 sec pply ES B LLOP 4 Q0S H Security E B Monitoring ACL i Bl Figure 0 20 STP Bridge Global Settings Page The STP Bridge Global Settings Page contains the following fields Field Description STP Status Enable or disables STP globally on the switch The default is Disabled STP Version Defines the desired version of STP to be implemented on the switch There are three choices STP Sets the Spanning Tree Protocol STP globally on the switch RSTP Sets the Rapid Spanning Tree Protocol RSTP globally on the switch MSTP
124. 99999 4 wn nans 4S 6 A A nus EEE D Link aaa oe eee Ad Building Networks for People d 4 i e O EUA A ME E E Pro ERF A Oe 965 319948 Tools StackiD Up Time 5 days 0 56 43 Logged in as admin S Talore 10 5 80 57 P Logout DGS 3100 48 rome Configuration Select Frame Type H L2 Features gi aos L2ACL Tagged z Security C L3IPv4ACL H Monitoring l PoE C L3IPv6 ACL ACL You can select the field in the packet to create filtering mask B ACL Configuration Wizard 3 MAC Address 802 10 VLAN Ether Type PayLoad B ACL Finder STACKING STATUS Create Figure 0 4 ACL Profile L2 ACL Tagged Page If L2 ACL Untagged is selected the page updates as follows F A a cose A a Diink 9990090000009000 000 0000000000000000 oc000000000000 123 485 7 89 sus 7 W 9 2 231422722 2 D MI M 3736 39 4041 2S 4 D Link J ee A ee da cE a a e ogee 0 ages TETTETETT TEVTTEI Ay DOS 3100 48 d A e Hi Save X Tools StackID E Up Time 5 days 18 24 40 Logged in as administrator 10 5 80 57 P Logout DGS 3100 48 rome 4 H Configuration Select Frame Type PP L2 Features poos L2ACL Untagged x A Security L3IPV4 ACL f Monitoring Poe C L3IPV6 ACL ge ACL You can select the field in the packet to create filtering mask ACL Configuration Wizard MAC Address Ether Type PayLoad ACL Finder STAC
125. 999999 2 D Link ae on TAARNR DADA Building Networks for People n Pay X r Stack ID al y Up Time PPP Time days 51 days 5 w E Logged in as administrator admin 192 1680 Save Tools DGS 3100 48 E 3 Configuration 9 L2 Features Priority Class ID A QoS 00 ass 0 v A Bandwidth Control Tm 01 z Traffic Control 3 802 1p Default Priority 02 2 802 1p User Priority 03 33 QoS Scheduling Mechanisi gt Multi Layer CoS Setting 04 H Security 05 E Monitoring E HACL us 07 o ass 0 ass 4 vw ass 1 v v v f lololo lass 2 ass 2 y mi lalola lass 3 ass 3 w Apply gt STACKING STATUS Figure 4 5 802 1P User Priority Page The 802 1P User Priority Page contains the following fields Field Description Priority Indicates the packet priority that is assigned to the queue Class ID Defines the class queue that is assigned to the priority Class 0 is the lowest priority queue whereas Class 3 is the highest 2 Define the queuing priority for 00 07 in the Class ID fields 3 Click Apply The User priority tags are assigned to classes and the device is updated 134 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring QoS Scheduling Mechanism The QoS Scheduling Mechanism Page contains fields for defining the QoS scheduling forwarding scheme To define the QoS scheduling mechanism 1 Click QoS gt QoS Schedu
126. A Ta Tools Stack ID 1 Up Time 2 days 7 16 14 Logged in as administrator 105 8057 P Logout DGS 3100 48 G H Configuration E P L2 Features Unit From Port To Port PoE Enable Power Limit Time Range Bows 01 x fo Y o z enabled E CY qm Rangename TM 2 apply refresh fienorns de SEE Note The max power output of Class 0 is 15 4W Class 1is 4W Class 2is 7W Class 3is 15 4W DEA Saa Unit 01 doesnt support PoE pac STACKING STATUS Figure 0 1 PoE Port Setting Page The PoE Port Setting Page contains the following fields Fields Description Unit Defines the stacking member for which the PoE settings are displayed From Port Defines the port number from which the PoE settings will apply To Port Defines the port number to which ports the PoE settings will apply PoE Enable Indicates if PoE is enabled on the interface The possible field values are Enabled PoE is enabled on the ports This is the default value Disabled PoE is disabled on the ports Power Limit Defines whether a Power Limit will be set This enables saving power when the PoE devices are typically not in use The possible field values are e Unchecked The Power Limit Time Range is disabled on the ports This is the default value e Checked The Power Limit Time Range is enabled on the ports Time Range Defines a preset time range Specific Time Ranges can be defined in the Time Range Setting Page
127. A A eS A o da me OR 86 Configuring A A o da 87 Defining IGMP Snooping A ie da dias 88 Defining MLD Snooping ii 91 Configuring Port Mii a cai 95 Configuring Pam Me eos etanol den castor os lo ad O 97 Defining Spanning Tree Global Parameters ccccecccesccsseesceeseeeseeeeeeseeesecescensecaeceaecsaecaaecaeecaeeeneseneseeeseeeeeeeeeenneecseeenes 98 Defining STP Port Settings i ccs nae Rae Ae he AGRA eon one ee RGR on an eked Re ee 100 Defining Multiple Spanning Tree Configuration Identification cc eceseceseeeeeseceeeceeeeceaeeecsecseesecaessecsaeeeeeaeeetenee 102 Defining MSTP Port Intotmatioties da A tee 103 Defining Forwarding and Filtering ss c cxe A A on ee ee 105 Defining Unicast Forwarding 3 ucts en E Sede eee a ate 105 Defining Multicast Forwarding ii ista 106 Defining Multicast Filtering ii aaa 107 Defining DLE Filtering aiii ada it 108 Contour aldo tada cl dla ds el dd da tan al did Le do avieie 110 Defining LLDP Global Settings 2 0 0 cccccccccesssssseesscseeceseeeseeeaecseecseecaeeeneeeneseeesaeenseceseceaeceaecnaecsaecaaecseeeaeseaeeeeeseeeeeaeentees 110 Defining LEDP Port Settings oc 111 Detming LLDP Basic TEV Settings tt a aah seas inte deans theaters daa asian 113 Defining LLDP DOE TLV Settings cc c ccs nk cie 114 Viewing LLDP Local Port Information srias ieee etn aetna da 115 Viewing LLDP Remote Port Information iaa e hg aici bate dave ee 117 Configuring Voice MLA Ni aia 122 Defining Voice VLAN
128. AN Information added to VLAN 1 by during a GVRP protocol SYSLG7 5 64 al GVRP operation A dynamically configured Dynamic port 2 j was port was removed from a Information removed from VLAN VLAN during a GVRP SYSLG7 5 65 al 1 by GVRP protocol operation A dynamically configured Information Dynamic VLAN 1 j VLAN was added during a SYSLG7 5 66 al was added by GVRP GVRP protocol operation 252 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE ID Information Dynamic VLAN 1 j SYSLG7 5 67 al VLAN was removed by GVRP Information SYSLG7 5 68 al Information SYSLG7 5 69 al eee SYSLG7 8 11 SYSLG7 8 12 Information SYSLG7 8 13 al ada SYSLG8 10 37 bootup The device has been configured on interface 1 j IP 2 y mask 3 y DHCP server DHCP 4 y VLAN 1 j changed from Dynamic to Static VLAN 1 j changed from Static to Dynamic Failed to allocated memory for key Information SYSLG8 10 38 al Information SYSLG8 101 6 al a Epa SYSLG8 15 0 Information SYSLG8 15 1 al 2 d and reason 6 m DST IP 7 y 1 s 2 s 3 s 4 s 5 s 6 s TELNETD I CONNECTION telnet connection from 7 s at Information SYSLG8 17 0 al SYSLG8262 253 8 s 9 s 10 s 11 s 12 s 13 s Warm Startup ARP packet dropped from port 1 j with VLAN tag 3 s SRC MAC 4 m SRC IP 5 y DST MAC Ping completion status 1 s P
129. AN VID fields 3 Click Create The ACL profile is added and the device is updated To define L2 Ether Type ACL profile This option defines whether or not the Ether Type field is checked for a match 1 Click the Ether Type button The 8 ACL Profile L2 ACL Tagged Ether Type Page updates to show the following 209 DGS 3100 Series Gigabit Stackable Managed Switch User Manual e Diink 9999909099999 oo HERE BRA s or 0 112 9 4 95 6 2 2222 97 O 2 nus gis a a aan cS FCCC PPP PPP El Save Tools 7 Stack ID Up Time 2 days 5 70 13 LEE EUR E AA la PEA 0GS 3100 48 E f Configuration 5 Bw Features Select Eme TAS s Security L2AcL Tagged D Monitoring OL3ACL B ACL ma You can select the field in the packet to create filtering mask a fst ic Wizard E 802 10 ACL Finder MAC Address AN gt Time Range Setting PayLoad Ether Type Ether Type STACKING STATUS Figure 0 8 ACL Profile L2 ACL Tagged Ether Type Page 2 Click _ Create The ACL profile is added and the device is updated NOTE A combination of one or several filtering masks can be selected simultaneously The page updates with the relevant field s Defining Layer 3 IPv4 ACL Layer 3 IPv4 ACLs can be defined using the following filtering criteria e ICMP e IGMP e TCP e UDP The following sections describe each of these filtering options ICMP Filtering To define ICMP filtering select the ICMP option
130. Accounting Port field 6 Define the authentication and encryption key in the Key field 7 Reenter the RADIUS Key in the Confirm Key field 8 Click MIMOS To edit the Radius Server list click Edit adjacent to the required listed server The upper fields display the current values which then can be edited To delete a radius server from the list click _Delete_ adjacent to the relative list entry The radius servers are defined and the device is updated 154 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining EAP Forwarding Settings Ports use the Extensible Authentication Protocol EAP forwarding mechanism when 802 1x authentication is disabled The Forwarding EAP Page allows the user to enable or disable forwarding EAP packets to an authentication server 1 Click Security gt 802 1X gt eee EAP The Forwarding EAP Page opens Pink 99000 coco co eensa DNA 9999000 of Cea o S67 6 9 MOH 2D 4 15 ao HEMUN MON Oe Ei SE lle ll e a a anna lla ETT PETIT PPPE TTY m Hi Save Tools Stack ID X Up Time 2 days 10 13 Logged in as administrator admin 192 168 0 100 Traffic Control 802 1p Default Priority j gt sort ON Forwarding EAP Enabled Disabled gt Multi Layer CoS Setting O Security gt Safeguard Engine gt Trusted Host Port Security Guest VLAN I 802 1X 2 802 1X Setting gt Authentic RADIUS Serv _ ARTES A SSL 2 SSH Access Authentication Con El Monitoring
131. Authentication Server Host Page contains the following fields Field Description IP Address Defines the IP address of the RADIUS or TACACS server authenticating network users Protocol Indicates the authentication protocol used to authenticate network users The possible field values are RADIUS Indicates that network users are authenticated via a RADIUS server TACACS Indicates that network users are authenticated via a TACACS server Key Defines the key used to authenticate network users The key may contain up to 128 characters Priority Defines the priority assigned to the server The field range is First Third where Third is the lowest priority and First is the highest priority Port 1 65535 The port number for authentication requests The host is not used for authentication if set to 0 If unspecified the Radius port number defaults to 1812 TACACS port number defaults to 49 163 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Timeout 1 30secs Indicates the amount of time that passes in which no authentication activity occurs after which the authentication session times out Retransmit 1 10 times Indicates the number of times the port attempts to re authenticate a timed out session 2 Define the IP Address Protocol Key Port Timeout and Retransmit fields Apply 3 Click The Authentication Host properties are defi
132. B GUI or the CLI NOTE In case of STP loopback the port will be shutdown the port will be activated after the loopback is removed DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining STP Port Settings STP can be set up on a port per port basis In addition to setting Spanning Tree parameters for use at the switch level the switch enables configuring groups of ports in which case each port group has its own spanning tree and requires some of its own configuration settings An STP group uses the switch level parameters entered above with the addition of Port Priority and Port Cost An STP group spanning tree works in the same way as the switch level spanning tree however the root bridge concept is replaced with a root port concept A root port is a group port designated as the connection to the network for the group based on port priority and port cost Redundant links are blocked just as redundant links are blocked at the switch level The switch level STP blocks redundant links between switches and similar network devices The port level STP blocks redundant links within an STP Group It is advisable to define an STP Group to correspond to a VLAN group of ports 1 Click L2 Features gt Spanning Tree gt STP Port Settings The STP Port Settings Page opens Dlink 99999900 0000000 0000 099099999999090 onn w s 6 nenon USA DADAS o ess a PA i D a a A Soe Pree Peer ee ee ll le A rene ET a Up Tim
133. BASIC CONFIGURATION coccccooocooconcccnccccnnnnnnnnnnnnnnnnnnnnnnnnn nn nena nano nece nn nr enn eeaeeeseeseeeseeeessaneeseeeens 16 Viewing Device Tora iiizd 17 Defining System IOMA a eva 19 Defining eaa LK S a A A A A A 20 Managing Stacking ii A O ins oda 21 Managing Stacking Modest a 21 Advanced Stackin 62 vc 2 02 Sort see ee Ra sen a lee ns A won Oe eh ee A we te eo a et 21 Stack Startup Process e eee 23 Building Stacks Quick Stat A A A ess 25 Stack Management Examples ii a a isis 26 Configuring Stack dde eiiie 32 Detining POrts ie heed hee tos setool cdo ree iocin A Mn ll datan T O do e do to ln E O 33 Configuring Port Properties ccccsccessesscesscesscsecesecseceaecsaecseecseeesecenesceesecneeesecsaeceaecsaecaaecaeecaeeeneseaeseseseseeeeeeenseceeenes 33 Viewing Port Propertiese ise teva pe ene lo Mes o e date avid o o eee 35 ARP SEHIN o de ld de er des ll el 36 Contiguring User Accounts ae en EEES 37 Manageme System Los iia 39 COn UA NE A e e d ee dd o R 41 Configuring Daylight Savings A oe 43 Configuring SNMP i232 A eh A west ea coe tow a loses et BO ee R 47 Detming SNMP Settings o a 48 Defining SNMP Vi A ia a 49 Defining SNMP Groups aiii iii 50 Defining SNMP Users sennen innne ieii iiie E E EE A Siiegedeseedsaceddh ciaveleesodeedgvedsdedevisacuide Wasueevcedanteveceses 52 Defining SNMP COMMUNES tado ele 54 Definng SNMP Host Table a r e a o di 55 Defining SNMP Engine Dreineer A ai aa 57 Ena
134. CRCError Displays the number of packets received whose length excluding framing bits but including FCS octets was between 64 and 1518 octets inclusive but had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error UnderSize Displays the number of packets received that were shorter than 64 octets excluding framing bits but including FCS octets and were otherwise well formed 192 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description OverSize Displays the number of packets received that were longer than 1518 octets excluding framing bits but including FCS octets and were otherwise well formed Fragment Displays the number of packets received that were shorter than 64 octets excluding framing bits but including FCS octets and had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Jabber Displays the number of packets received that were longer than 1518 octets excluding framing bits but including FCS octets and had either a bad Frame Check Sequence FCS with an integral number of octets FCS Error or a bad FCS with a non integral number of octets Alignment Error Drop Displays the number of events in which packets were dropped by the probe due to lack of resources Note that thi
135. Cs a d sat ll nln i om e rome Select Frame Type L2ACL L3IPv4 ACL sipveac TCP Select You can select the field in the packet to create filtering mask IPv6 Address TCP Port Toa TCP Flag I urg Pack I psh I rst L syn I fin Create L2 Header IPv6 Class zS 9000000009090090 90 o0ooo 000000 0090090909999 mi f A A PETE Logged in as administrator 10 5 80 57 P Logout Figure 0 22 ACL Profile L3 IPv6 TCP Flag Page 2 Click _ Ceste The ACL profile is added and the device is updated UDP Filtering If L3 IPv6 ACL UDP is selected the page updates as follows 222 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Peeegeeooeocooooe o 4 1 12 33 Ed 2 3 f D Link J 922 J D Link Til h AA AAPP EMT DI ER ea PEPE TEPE DES 310048 Tools StackID Up Time 5 days 2 17 05 DGS 2100 48 rome ls Configuration Select Frame Type H H L2 Features e H aos L2 ACL H Security C L31Pv4 ACL i Monitoring ESG PoE 31pveacL UDP y E H ACL You can select the field in the packet to create filtering mask ACL Configuration Wizard E Access Profile List L2 Header IPv6 Class IPv6 Address UDP Port 5 ACL Finder STACKING STATUS r 2 T A Is ssssosss a Ti A o sa Create Figure 0 23 ACL Profile L3 IPv6 UDP Page To define L3 IPv6 UDP Port ACL profile 1 Click the UDP Port button
136. D operating in the standalone SYSLG8 63 14 al Stack 1 d Msg 2 s mode issues it Valid for stackable projects only See the relevant trap message as in the case when the specified stack member Information UNIT ID operating in the standalone SYSLG8 63 6 al Stack 1 d Trap 2 s mode issues it Information Interface 1 s state SYSLG8 74 51 al Interface 2 s Information Virtual interface 1 s SYSLG8 74 52 al Interface area 2 s state 3 s Information File Delete file URL The file at the specified SYSLG8 79 5 al Web 1 s URL has been deleted Information Synchronization with unit Synchronization with the SYSLG8 83 2 al stack 1 d is failed specified unit has failed Synchronization with unit Synchronization with the Information 1 d is finished specified unit has SYSLG8 83 3 al Stack successfully succeeded Wrong source unit id The specified source unit Information 1 d message discarted ID is incorrect the message SYSLG8 83 4 al Stack is discarded Information NTP Packet received from The NTP packet is received SYSLG8 84 0 al IP UDP from the UDP Information SYSLG8 84 5 al Illegal data size The data size is too large NTP received Mode 1 d src_ip 2 s Information dst_ip 3 s Interface SYSLG8 84 9 al 4 d SNMP Package 1 s Information Routine 2 d Location SYSLG8 86 30 al SNMP 3 d Error 4 s Syslog testing logging of UINT_64 parameters Information 1 u 2 i 3 d 4 x SYSLG8 86 31 al
137. DESCRIPTION The specified MIB variable was not found in the Mib2cli temporary DB The SNMPServG name 2 Id function failed because MIB variable name is unknown The command handler for the specified command ID is missing It took the specified number of seconds to process the specified command An indication of not present port when this port is already not present is wrong Valid for stackable projects only See the relevant trap message as in the case when the specified stack member operating in the standalone mode issues it Valid for stackable projects only See the relevant trap message as in the case when the specified stack member operating in the standalone mode issues it The file at the specified URL has been deleted Synchronization with the specified unit has failed Synchronization with the specified unit has succeeded The specified source unit ID is incorrect the message is discarded Information NTP Packet received from The NTP packet is received SYSLG8 84 0 al IP UDP from the UDP Information SYSLG8 84 5 al 249 Illegal data size The data size is too large DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION ID NTP received Mode 1 d src_ip 2 s Information dst_ip 3 s Interface SYSLG8 84 9 al SNMP Package 1 s Information Routine 2 d Location SYSLG8 86 30 al 3 d Error 4 s Syslog testing loggi
138. DUTAGA STATUS SNMP Settings Enabled Disabled Figure 0 12 SNMP Global Settings Page 2 Select either Enabled or Disabled to enable disable SNMP 3 Click PPY The SNMP is enabled 48 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Views SNMP views provide or block access to device features or aspects of features For example a view can be defined to show that SNMP view A has included access to Multicast groups while SNMP view B has excluded access to Multicast groups Feature access is granted via the MIB name or MIB Object ID 1 Click Configuration gt SNE Settings gt SNMP View Table The SNMP View Table Page opens AAA 20999990999999 P2345 6 7 nuon sonnn ara A a ancla AAA le D Link Building Networks tor People sa e a Pee PEI aa Up Time 1 days 0 40 19 Logged in as administrator 10 5 80 34 P Logout DGS 3100 48 AEE E f Configuration 3 System Information IP Address 3 Stacking Settings 8 Port Configuration gt ARP Settings gt User Accounts gt System Log Host H SNTP Settings B p SNMP Settings gt SNMP Group Table gt SNMP User Table SNMP Community T B SNMP Host Table SNMP Engine ID B SNMP Trap Configu B DHCP Relay gt DHCP Auto Configuratic gt Firmware Information Telnet Setting L2 Features os El a X 4 STACKING STATUS
139. Delete B p Access Authentication Cor Login_Method_1 RADIUS Delete 3 Application Authentical gt Authentication Server 3 Login Method Lists Enable Method Lists 3 Configure Local Enable 9 ARP Spoofing Prevention B Monitoring ACL STACKING STATUS Figure 5 13 Login Method Lists Page The Login Method Lists Page contains the following fields Field Description 164 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Method List Name Displays the method list name The field is user defined besides the http method list and https_method_list which cannot be deleted or renamed Method 1 Indicates the first method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication Method 2 Indicates the second method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for
140. Dunk 2 D LINK DGS 3100 SERIES GIGABIT STACKABLE MANAGED SWITCH USER MANUAL v3 6 Information in this document is subject to change without notice 2009 D Link Computer Corporation All rights reserved Reproduction in any manner whatsoever without the written permission of D Link Computer Corporation is strictly forbidden Trademarks used in this text D Link and the D Link logo are trademarks of D Link Computer Corporation Microsoft and Windows are registered trademarks of Microsoft Corporation Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products D Link Computer Corporation disclaims any proprietary interest in trademarks and trade names other than its own FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with this user s guide may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense CE Mark Warning This is
141. E Port Configuration Port Setting Unit Descriptions ARP Settings User Accounts A a ss gt System Log Host E H SNTP Settings SNMP Settings DHCP Auto Configuratic 3 Dual Image Services gt Telnet Setting gee Y 3 For test only lt m amp STACKING STATUB The highest speed The highest speed Figure 0 6 Port Description Page The Port Description Page contains the following fields Field Description Unit Defines the stacking member for which the port settings are displayed From Port Defines the port number from which the port parameters are configured To Port Defines the port number to which the port parameters are configured Description Defines a user defined port description 2 Define the Unit From Port To Port and Description fields 3 Click Apply _ The port description is saved and the device is updated 35 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ARP Settings The Address Resolution Protocol ARP converts IP addresses into physical addresses and maps the IP address to a MAC address ARP allows a host to communicate with other hosts only when the IP addresses of its neighbors are known To define ARP information 1 Click Configuration gt ARP Settings The ARP Settings Page opens A 22 99 eee DGS 3100 48 E Configuration System Informat
142. ES saasaa 5 a rn errar ee Masssssss aaaanaba Deneck e gy was PP so egegses ceeseees eeeeeete ft Tessssess sesssess cocesete ug es sore Figure 5 9 SSH Configuration Page The SSH Configuration Page contains the following fields Field Description SSH Server Status Indicates if SSH is enabled on the device The possible field values are 158 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Enable Enables SSH on the device Disable Disables SSH on the device This is the default value Port 1 65535 Displays the port number used to authenticate the SSH session The possible field range is 1 65535 The field default is 22 2 Enable or disable the SSH server status in the SSH Server Status field 3 Define the SSH global setting port number in the Port 1 65535 field 4 Click _Apply The SSH configuration is defined and the device is updated Defining SSH Algorithm Settings This SSH Algorithm Settings Page allows network administrators to enable a public key for SSH authentication encryption The following authentication keys are enabled for SSH Public Key Algorithm Encrypt a cryptographic key pair composed of a public key and a private key The private key is kept secret while the public key can be distributed The encryption keys are mathematically similar but a private key cannot be derived from the public
143. El Security E B Monitoring ACL STACKING STATUS y Asymmetric VLAN Status C Enabled Disabled Apply Figure 0 8 Asymmetric VLAN Page The Asymmetric VLAN Page contains the following fields Field Description Asymmetric VLAN Defines whether Asymmetric VLAN is enabled on the device The possible field values are Status Enabled Enables Asymmetric VLAN on the device Disabled Disables Asymmetric VLAN on the device This is the default value 2 Select Enabled Disabled in the Asymmetric VLAN Status field 3 Select Enable in the DLF Filtering see Defining DLF Filtering 4 Click 79 Apply The Asymmetric VLAN option is enabled and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring GVRP GVRP timers need to be in the default values on all Layer 2 connected devices If the GVRP timers are set differently on the Layer 2 connected devices the GVRP application does not operate successfully GARP VLAN Registration Protocol GVRP is specifically provided for automatic distribution of VLAN membership information between VLAN aware bridges GVRP allows VLAN aware bridges to automatically learn VLANs to bridge port mapping without requiring the individual configuration of each bridge and register VLAN membership To define GVRP on the device 1 Click L2 Features gt GVRP Settings The GVRP Setting Page opens Building Networks for People
144. Generate Mask by range fields and click Calculate The mask is generated 6 Click _ Create The ACL profile is added and the device is updated To define L3 IPv4 TCP Flag ACL Profile This option defines whether or not the TCP Flag field is checked for a match 1 Click the TCP Fi lag button The ACL Profile L3 Ipv4 TCP Flag Page updates to show the bi 2 x i A RRaNaS S TOE 20 pee a t Bese a a A 4 f a vr op ep a j d DES 3100 48 Tools Y StackID EA Logged in as adminis E 10 5 80 57 P Logout DGS 3100 48 Configuration Select Frame Type L2 Features c aos L2 ACL E Security 3ipvaact TCP gt g WB Monitoring J PoE C L3IPv6 ACL Select ACL You can select the field in the packet to create filtering mask B ACL Configuration Wizard gt eS ee L2 Header IPv4 Class IPv4 Address TCP Port B ACL Finder STACKING STATUS TCP Flag l urg L ack L psh TU rst L syn C fin eS aa E Se r HE Create re Tu Saks SEER E ns Figure 0 13 ACL Profile L3 Ipv4 TCP Flag Page 2 Click _ Create The ACL profile is added and the device is updated UDP Filtering To define UDP filtering select the UDP option If L3 IPv4 ACL UDP is selected the page updates as follows 216 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Peeeoeeooegcoooee o 4 1 12 93 Ed D Link
145. Gigabit Stackable Managed Switch User Manual DHCP Relay The DHCP Relay Page allows the user to enable DHCP relay and define DHCP relay servers on the device The Relay agent information option known as Option 82 is part of the DHCP protocol and allows a DHCP relay agent to send additional client information upon requesting an IP address A DHCP relay agent detects DHCP broadcasts from DHCP clients and relays those broadcasts to DHCP servers on different subnets In addition when client ingress VLAN information differs from the VLAN on which DHCP servers are connected Option 82 information is added to the packets relayed to DHCP server Option 82 specifies the relaying switch s MAC address the port identifier and specifies the VLAN forwarding the packet To define DHCP Relay Server Information 1 Click Configuration gt DHCP Relay The DHCP Relay Page opens 2 i 7 EE Er ereceseee eeeeeeseee Link A e Building Networks for People DGS 3100 48 Configuration gt System Information DHCP Relay Status Enabled Disabled Apply B IP Address Stacking Settings H H Port Configuration Server IP Address 0 0 0 0 Add B ARP Settings B User Accounts gt System Log Host H SNTP Settings i E f SNMP Settings 192 168 0 101 Edit Delete 2 SNMP View Table 192 168 0 102 Edit _ Delete 2 SNMP Group Table 192 168 0 103 Edit Delete SNMP User Table gt SNMP Community Table SNMP Host Tab
146. H L2 Features Device Information j Hos Device Type DGS 3100 Gigabit Ethernet Switch H Security System Contact Peter is peo System Name R amp D SD8 MAC Address 00 40 14 65 12 58 System Location 5F 1 IP Address 172 17 3 10 Firmware Version 1 00 04 Subnet Mask 255 255 255 0 Hardware Version 0 000 01 Default Gateway 172 17 3 254 Serial Number 1234 unit 1 Login Timeout minutes 20 System Time 30 11 2006 System Up Time 0 days 2 hours 7 mins 18 seconds Boot version 1 0 Device Status and Quick Configurations Time Source System Clock setting Jumbo Frame Disabled setting 802 1D Spanning Tree Disabled setting BPDU Forwarding Disabled setting DHCP Client Disabled setting IGMP Snooping Disabled setting Safeguard Engine Enabled setting MLD Snooping Disabled setting SNMP Trap Disabled setting Broadcast Storm Control Disabled setting SSL Disabled setting 802 1x Status Disabled setting GVRP Setting Disabled setting SSH Disabled setting Telnet Setting Enabled setting Port Mirroring Disabled setting Figure 0 1 Device Information Page The following table describes the main 6 areas on the Device Information Page View Description 1 Tree View Select the folder or window to be displayed The folder icons can be opened to display the hyperlinked menu buttons and subfolders contained within them 2 Device Presents Switch information based on the selection and the entry of configuration data Information View 3 Menu Pre
147. HCP Auto Configuratic Dual Image Services 2 Telnet Cattinn Bl STACKING STATUS Figure 0 18 SNMP Engine ID Page The SNMP Engine ID Page contains the following fields Field Description Engine ID Defines the local device Engine ID The field value is a hexadecimal string Each byte in hexadecimal character strings is two hexadecimal digits Each byte can be separated by a period or a colon The Engine ID must be defined before SNMPv3 is enabled Select a default Engine ID that is comprised of an Enterprise number and the default MAC address Use Default When selected provides the device generated Engine ID The default Engine ID is based on the device MAC address and is defined per standard as First 4 octets first bit 1 the rest is IANA Enterprise number Fifth octet Set to 3 to indicate the MAC address that follows Last 6 octets MAC address of the device 2 Define the Engine ID or Use Default checkbox 3 Click APP The SNMP Engine ID is defined and the device is updated 57 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Enabling SNMP Traps The SNMP Configuration Trap Page contains parameters for defining SNMP notification parameters To enable SNMP notifications To enable SNMP Traps 1 Click Configuration gt SNMP Settings gt SNMP Trap Configuration The SVMP Configuration Trap Page opens Building Networks for People 9900 49 one oe
148. KING STATUS SeSEREES ds ay ror PP o cewevers Create Figure 0 5 ACL Profile L2 ACL Untagged Page 207 DGS 3100 Series Gigabit Stackable Managed Switch User Manual To define L2 MAC Address ACL profile 1 Click the MAC Address button The ACL Profile L2 ACL Tagged MAC Address Page updates to show the following Building Networks for People Save Tools Stack ID E X Up Time 2 days 5 10 13 ASES ERE AA K DGS 3100 48 E Con figuration E J L2 Features H os El 3 Security Monitoring ACL gt ACL Configuration Wizard ACL Finder 3 Time Range Setting STACKING STATUS Select Frame Type izact Tagged y OL3 ACL You can select the field in the packet to create filtering mask 802 10 VLAN Ether Type PayLoad MAC Address CI Source MAC Mask C Destination MAC Mask Figure 0 6 ACL Profile L2 ACL Tagged MAC Address Page The ACL Profile L2 ACL Tagged MAC Address Page contains the following fields Field Description Source MAC Mask Defines the range of source addresses relative to the ACL rules 0 ignore 1 check For example to set 00 00 00 00 10 XX use mask FF FF FF FF FF 00 Destination MAC Mask Defines the range of destination addresses relative to the ACL rules O ignore 1 check For example to set 00 00 00 00 10 XX use mask FF FF FF FF FF 00 2 Select Source MAC Mask and or Destination MAC Mask The Mask Generate button is active
149. LANs access to a remote server without accessing other hosts When Assymetric VLAN is enabled if a port is an untagged member in VLAN 1 VLAN 1 must be the PVID The following scenerio illustrates the feature VLAN2 Figure 0 7 Asymmetric VLAN scenerio Port 1 connect to Server port 1 port 3 port 9 and port 17 are untagged ports PC3 amp PC4 are in the same VLAN 3 port 1 is a untagged member of VLAN 2 and VLAN 3 untagged member overlap Then the server can talk with VLAN 2 VLAN 3 PC3 and PC4 can talk to the server and to each other PC2 can talk to the Server VLAN 2 can t communicate with VLAN3 In this example port 1 need to be untagged member in VLAN 2 amp VLAN 3 so Asymmetric VLAN should be enabled NOTE In order to support this network scenario the user will need to activate also DLF Filtering feature which will be released in DGS 3100 xx R3 0 as well The default VLAN VID 1 cannot be used as shared VLAN 1 Click L2 Features gt Asymmetric VLAN The Asymmetric VLAN Page opens 78 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Building Networks for People Tools 7 2 0GS 3100 48 H Configuration EPA L2 Features B Jumbo Frame 802 10 VLAN metric VLAN GVRP Settings Trunking 3 VLAN Trunking gt Traffic Segmentation gt LACP Port Settings gt IGMP Snooping 3 MLD Snooping gt Port Mirroring E D Spanning Tree Forwarding amp Filtering or ce aos
150. LG8 51 1 Warning overflow full IGMP Snooping in Version 3 IGMP Snooping version 3 received version received a Version query SYSLG8 51 10 Warning 1 query msg message IGMP Snooping in Version 3 IGMP Snooping version 3 received version received a Version 2 query SYSLG8 51 11 Warning 2 query msg message BIGMPP _ indication warning Unknown value Unknown frame type value of frame type received for received for IGMP igmp snooping 1 d snooping The specified igmp control frames IGMP control frames are dropped from the last dropped from the last SYSLG8 51 39 Warning warning warning IGMP Snooping in Version IGMP Snooping version received leave received a Version 2 leave SYSLG8 51 5 Warning v2 msg message IGMP Snooping in Version 1 IGMP Snooping version received version received a Version 2 query SYSLG8 51 6 Warning version received version received a Version 3 query SYSLG8 51 7 Warning 3 query msg message 2 query msg message i IGMP Snooping in Version 2 IGMP Snooping SYSLG8 51 8 Warning version 2 received version received a Version 3 query IGMP Snooping in Version IGMP Snooping H es wW wW 274 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID SEVERITY CATEGORY MESSAGE IGMP Snooping in version 2 received version 1 query msg DESCRIPTION 3 query msg message Version 2 IGMP Snooping received a Version query message Port Lock ac
151. LOCKED after unsuccessful login from 2 s source 5 s 3 y destination 5 s o A y AAA FILE data Packet is corrupted and will be discarded A user cannot be authenticated because of AAA low resources Received a message indicating that authentication method is unsupported Received a message indicating the additional authentication argument is not supported Received a message indicating the replacement authentication argument is not supported Received a message indicating authentication is not supported The specified user ID is locked after an unsuccessful login from the specified source to the specified destination AAA data corruption has 272 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID S s SEVERITY CATEGORY MESSAGE DESCRIPTION corruption occurs Valid occurred All valid data has data ONLY saved been saved The packet is dropped in 1 s Packet dropped by accordance with the SYSLG8 40 13 Warning Security Policy rule no 2 s specified security criteria The specified packet is 1 s Packet forward by forward by the specified SYSLG8 40 14 Warning Security Policy rule no 2 s Policy rule Configuration error The TFTP connection cannot TFTP connection cannot be be started without IP started without an IP SYSLG8 43 10 Warning address address IP Empty file downloaded SYSLG8 43 7 Warning Up Download configuration unchanged Configuration file is empty
152. Lin Diink z 7 ee Onno w 4 R Building Nenwarks for People sanan DI yy Save Tools gt Stack ID E X Up Time 2 days 5 7073 Logged in as administrator admin 192 168 0100 Po DGS 3100 48 E Configuration B L2 Features Jumbo Frame 2 gt 3 GVRP Settings gt Trunking s VID VLAN Name Name should be less than 32 characters Apply gt Traffic Segmentation Unit 01 3 LACP Port Settings 3 IGMP Snooping Port Select All 1 5 MLD Snooping Untag Port Mirroring Tag E Spanning Tree Forbidden A amp Filtering Not Member E pos H Security E 3 Monitoring y ACL M Forbidden STACKING STATUS Not Member VLAN List Add Edit VLAN N pe ney N h w A on J de co b o i So N N N N Les N gt OOOCOKOO0O0 OOOOHOO0OO OOOOKO00 Om OOOOHO O00 Of 000 0 OOO OOOOBOO0 OM OOOOKRS O00 OR GOOONOGOOON 0O0O0O0HO0O0O0ON OOOOKRO O00 OOOCOHOO00 OOOOHO O00 OOOOKROO0O0 OOOCOHOO00 OOOOHO O00 OOOOBOOCOO OOOORHOOOO OOOOKOO0O OOO OKOOO00 OOOORO O00 OOOOHOOO0O0 OOO OBOO00 OOOCOKO O00 OOOOKOO0O0 Untag Port Tag Port Forbidden Port Figure 0 6 Add Edit VLAN Information Page The Add Edit VLAN Information Page contains the following fields Field Description VID Defines the VLAN ID VLAN Name Defines the user defined VLAN name The field ranges up to 32 characters Unit Defines the s
153. Link Building Networks j a 2 Des 3100 48 E P Configuration G92 Features i p Q0S Ef Security gt Safeguard Engine hentic RADIUS Server Forwarding EAP SSL H B SSH H Access Authentication Control ARP Spoofing Prevention El Monitoring f PoE E HACL STACKING STATUS DGS 3100 Series Gigabit Stackable Managed Switch User Manual 1X Setting The 802 1X Setting Page opens 802 1X Enabled Disabled Ay 802 1X Port Access Control QuietPeriod 0 65535 sec SuppTimeout 1 65535 30 sec ServerTimeout 1 65535 sec MaxReq 1 10 TxPeriod 1 65535 sec ReAuthPeriod 300 4294957295 ReAuthEnabled Control Unit From Port To Port Mode 01 zj 01 zj 1 zj Dynamic VLAN Assignment Apply E Dynamic Control TxPeriod Quiet Period Supp Timeout m MaxReq Mode VLAN Timeout Assignment 1 1 1 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 12 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled E 1 3 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 2 1 4 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 15 Forceauthorzed 30 so 2 350 Disabled PortBase Disabled 1 1 6 ForceAuthorized 30 50 30 30 2 3600 Disabled Port Base Disabled E 17 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 8 ForceAuthorized 30 60 30 30 2 3600 Disabled
154. Member OO0O0CM OOOON 10 OO Of Untag Tag Forbidden Not Member 0000 0000 Untag Port Tag Port Forbidden Port 0000k OOOO OOOO 10000 QOOOE 0000 0000 gO OOO OOOO 0000 0000 OOOO 0000 0000 0000 0000 OOOO OOOO OOOO 0000 0000 OOOO 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000 Building Networks for People Save DGS 3100 48 Configuration H L2 Features H Q0S B Security 3 Safeguard Engine gt Trusted Host gt Port Security f 8021x a SSL H SSH E f Access Authentication Cor f Monitoring Bact A il STACKING STATUS il L rA ee Tanannnna ana asas apanacid ra r SSUBEES kisasili i iE 1 Tools Stack ID 1E ooo GAIA OO 2999929999900900 EF a MEG a Up Time 2 days 5 0 13 Logged in as administrator admin 192 168 0 100 E men PO O Guest VLAN Setting Create Delete VID 01 v Unit Port OOOO0 25 26 27 28 29 guna 8 GEE aa 30 31 OO VLAN Name E O 33 o 8 O 32 O R8D1 Apply 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 CIA AA AA eee 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 C E A A Guest VLAN Ports 1 1 1 2 1 3 1 4 150 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 3 After the ports were assigned to the Guest VLAN the us
155. OG OM D Link A rrrTrrrTT a a at werd P O FPPP PEPE EEEE EEEE Up Time Z E 3 38 25 Logged in as administrator 10 5 80 57 P Logout Tools 7 Stack ID DGs 2100 48 H Configuration H L2 Features a gaos Profile ID Access ID Profile Type Summary Action H Security O alt al Ethernet Source MAC Address Destination MAC Address Permit ed Add Rule Delete E o B p Ace ACL Configuration Wizard cess Profile List ACL Finder a il ES i Sa ss sm Figure 0 26 Add Access Rule Page IP based ACL 225 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Click Add Rule The Add Access Rule Page opens The fields in this page depend on the type of ACL to 2 3 ar Building Networks forPeopla f f E Save Tools a which a rule is being added The page below is displayed for a MAC Address ACL al 0000000000000 c0000000000000000 nano am 25 27 28 2 o oo0ooo o o ooo 8 9 10 1 12 13 6 15 a a 2 33 14 35 MM 37 38 39 40 41 42 4 4 Ml all olla ell e Ain yy oy A Ws h a O Casale ors n eee Peery Ferre DOS 3100 48 oa a _ gt Up Time 5 days 2 29 01 Logged in as administrator 10 5 80 57 BA Logout DGS 3100 48 Configuration an Profile ID 02 Source MAC Mask 00 00 00 00 00 01 E G Monitoring PoE Egg Ace Rule Detail 2 ACL Configuration Wizard Keep an input field as blank to treat the corresponding option as dont c
156. ON pa emabdes The specified IfIndex is configured with auto negotiation enabled Committing BW on the specified egress interface d more than the specified percentages of interface speed The specified interface changes to half duplex mode and some committed services cannot be fulfilled The specified interface speed is modified to a higher speed The specified power supply is down The system uses two power supply sources 1 and 2 The system can operate with one or both power supply units Failed to allocate ASIC tules in a specified change Failed to add the specified rules to the ASIC on the specified if ndex eo ee 1 j is The specified port is un w authorized The specified MAC address was rejected on the specified port The management address entry deletion from CDB failed Resource are unavailable DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION Port 1 j removed from The specified port is SYSLG7 2 1 Warning Interface 2 j removed Port 1 j removed from The specified port is 2 j port is removed and is indicated as SYSLG7 2 2 Warning Interface down notPresent being down or not present Network IP address 1 s The IP address was most SYSLG8 0 4 Warning IP is unavailable likely allocated statically The message appears when topology changes took Active change failed place but the system failed unreachable route not
157. Onno sy 2999 v DLink EA APETITO FCCC PEPP H Save N Tools 7 r Stack ID B Si Up Time 2 days 5 10 y Logged in as administrator admin 192 168 0 1 802 10 VLAN gt GVRP Settings A Trunking 3 Traffic Segmentation LACP Port Settings HB cur Snooping LLDP Forward Status O Enabled Disabled 3 MLD Snooping 3 Port Mirroring 3 Spanning Tree Message TX Interval 5 32768 l f Forwarding amp Filtering f LoP gt mE LLDP TX Delay 1 8192 LLOP Port Setting Re RACE TUES LLDP Reinit Delay 1 10 Apply LLDP Dot3 TLVS Si LLDP Local Port Bri v Chassis ID Subtype MACADDRESS gt Chassis ID 00 FF FF 34 FF FF 3 System Name Switch System Description Stackable Ethernet Switch System Capabilities Bridge LLDP Status O Enabled Disabled Message TX Hold Multiplier 2 10 Figure 0 28 LLDP Global Setting Page 110 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The LLDP Global Setting Page contains the following fields Field Description LLDP Status Specifies the LLDP status on the device The possible field values are Enabled Enables LLDP on the device Disabled Disables LLDP on the device This is the default LLDP Forward Status Specifies the LLDP packet forwarding status when LLDP is disabled on the device The possible field values are Enabled Enables LLDP packet forwarding on the device Disabled Disables LLDP pac
158. P Source IP TCP Source Port TCP Flag Time Range Permit Time Range Setting STACKING STATUS Figure 0 31 ACL Finder Page The ACL Finder Page contains the following fields Field Description Profile ID list box Defines the Profile ID for the search Ports Indicates the ports or LAGs for which rules are sought Profile ID Indicates the Profile ID Access ID Indicates the ACL rule ID number Profile Type Indicates if the profile is IP or Ethernet Summary Displays the access rule Action Displays the action chosen for the profile 2 Define the Profile ID and Ports fields 3 Click Find The ACL rule is displayed To delete an ACL Profile entry 1 Select the entry 2 Click Delete _ The entry is deleted 3 Click A The entry is deleted To view or define the rule details 1 Click the Access ID linked number The Rule Detail Page opens 228 DGS 3100 Series Gigabit Stackable Managed Switch User Manual DGS 3100 48 E Configuration H L2 Features gt MEE 2 Time Range Setting Destination MAC 9 Qos Profile Information El Security E Monitoring f acl ACL Configuration Wizard Profile ID 01 i Benne trots Le Source MAC 00 00 00 00 00 00 00 00 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 32 Ether Type Yes Rule Detail Keep an input field as blank to treat the corresponding option as dont care Access ID
159. PDU Bridges use Bridge Protocol Data Units BPDU to provide spanning tree information STP BPDUs filtering is useful when a bridge interconnects two regions each region needing a separate spanning tree BPDU filtering functions only when STP is disabled either globally or on a single interface The possible field values are Disabled BPDU filtering is enabled on the port Enabled BPDU forwarding is enabled on the port if STP is disabled Global BPDU filtering functions according to the device wide setting see STP Bridge Global Settings Page P2P Indicates whether the P2P of selected port is enabled The possible field values are True Indicates a point to point P2P link P2P ports transition to a forwarding state rapidly thus benefiting from RSTP False Indicates that the port cannot have P2P status Auto Allows the port to have P2P status whenever possible and operate as 1f the P2P status were true A port that operates in full duplex is assumed to be point to point while a half duplex port is considered as a shared port If the port cannot maintain this status for example if the port is forced to half duplex operation the P2P status changes to operate as if the P2P value were False The default setting is Auto State Set to enable or disable STP for the selected group of ports The default is Enabled The port STP State overrides the STP Global State 2 Define the Unit From Port
160. PEPEPEPE Fees FEES Es yadi g ji X E Save Tools Y Stack ID System Information IP Address gt Stacking Settings 3 Port Configuration gt ARP Settings 3 User Accounts System Log Host SNTP Settings E H SNMP Settings SNMP View Table SNMP Group Table gt SNMP User Table SNMP Community T gt SNMP Host Table NMP Engine ID DHCP Auto Configuratic Dual Image Services gt Telnet Sattinn lt M gt STACKING STATUS X Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 Mego SNMP Traps Enable x SNMP Authentication Traps Enable w Figure 0 19 SNMP Configuration Trap Page The SNMP Configuration Trap Page contains the following fields Field Description SNMP Traps Specifies whether the device can send SNMP notifications The possible field values are Enable Enables SNMP notifications This is the default value Disable Disables SNMP notifications SNMP Authentication Traps Specifies whether the device can send traps upon authentication failure notification Enable Enables the device to send authentication failure notifications This is the default value Disable Disables the device from sending authentication failure notifications 2 Define the SNMP Traps and SNMP Authentication Traps fields 3 Click Ay The SNMP trap status is modified and the device is updated 58 DGS 3100 Series
161. Packets panning Tree 49 Filter_DLF_Packets ae ene ae 1 10 Forward_DLF_Packets Unicast Forwarding 11 Filter_DLF_Packets Muticast Forwarding m 2 MEEPS Muticast Fitering Mode 113 Forward_DLF_Packets DLF Filtering Mode 114 Filter_DLF_Packets 1 15 Forward_DLF_Packets 1 16 Forward_DLF_Packets 117 Forward_DLF_Packets E so ansni PIE Darina E E j STACKING STATUS Figure 0 27 DLF Filtering Mode Page 108 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The DLF Filtering Mode Page contains the following fields Field Description Unit Defines the stacking unit number to specify a port range or LAG to specify a LAG range From Port or From LAG Defines the first port or LAG in a consecutive sequence of ports or LAGs To Port or To LAG Defines the last port or LAG in a consecutive sequence of ports or LAGs All Specifies that the filtering mode applies to all ports or LAGs Filtering Mode Defines the DLF filtering mode for unregistered Multicast groups The possible field values are Filter DLF Packets Prevents DLF Packets flooding Forward DLF Packets Floods DLF packets within the network This is the default mode 2 Define the Unit and Filtering Mode fields 3 Select either All or specify a port LAG range in the From Port From LAG and To Port To LAG fields 4 Click ope The DLF filtering settings are applied to the ports LAGs and the devi
162. Port Defines the port number 2 Define the VID MAC Address Unit and Port fields 3 Click Apply The Unicast are defined and the device is updated To edit a FDB table entry 105 1 Select the entry 2 Click Edit DGS 3100 Series Gigabit Stackable Managed Switch User Manual 3 Define the values 4 Click Apply The entry is updated and the device is updated To delete a FDB table entry 1 Select the entry 2 Click Delete The entry is deleted and the device is updated Defining Multicast Forwarding The Multicast Forwarding Page displays the ports and LAGs attached to the Multicast service group in the Ports and LAGs tables Ports can be added either to existing groups or to new Multicast service groups The Multicast Forwarding Page permits new Multicast service groups to be created The Multicast Forwarding Page also assigns ports to a specific Multicast service address group 1 Click L2 Features gt Forward amp Filtering gt Multicast Forwarding The Multicast Forwarding Page opens Building Networks for People DGS 3100 48 Bi Configuration P L2 Features gt Jumbo Frame 2 802 10 VLAN 3 GVRP Settings Trunking 3 Traffic Segmentation LACP Port Settings IGMP Snooping MLD Snooping gt Port Mirroring E Spanning Tree B Forwarding amp Filtering 3 Unicast Forwarding 2 MENEN gt Multicast Filtering Mode E p Monitoring aci il E STACKING STATUS
163. S User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication Method 4 Indicates the fourth method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication 167 Define the Method List Name in the Method List Name field Select the methods used to authenticate network users in the Method 1 Method 2 Method 3 and Method 4 fields Click Apply The Enable method and passwords are defined and the device is updated To edit the Enable Method List click Edit adjacent to an Enable Method List Name on the list The upper fields display the current values which then can be edited To delete an Enable Method List Name click Delete L The Enable Method Lists are defined and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Local Enable Password The Configure Local Enable Password Page allows network administrators to configure the local enabled passw
164. SLG8 9 10 Notice Interface Type 1 u not supported supported SYSLG8 1 1 xose OOOO on inf 6 2 y IP FDB Table Overflow SYSLG8 105 1 Notice IP 1 s The IP FDB Table is full Illegal chksum igmp_size 1 lu LLDP status 1 s Bad msg received from 1 y on intf 2 y Ignoring msg from 1 y Session is closed after Session is closed after SYSLG8 16 2 Notice timeout is expired timeout period is reached SYSLG8 26 6 The copy operation was The copy operation SYSLG8 45 7 Notice Up Download completed successfully completed successfully UNIT ID SYSLG8 63 13 Notice Stack 1 d Msg 2 s NVRAM section 1 s The specified NVRAM not found and cannot be section not found and erased cannot be erased UNIT ID SYSLG8 63 5 Notice Stack 1 d Trap 2 s Start conversion of old The conversion of old SYSLG8 89 1 Notice SNMP format CDB format CDB has started SYSLG8 89 2 SNMP End conversion of old The conversion of old 257 SEVERITY SYSLG8 9 10 SYSLG1 0 32 SYSLG4 5 3 SYSLG4 5 34 SYSLG5 3 10 SYSLG5 3 13 SYSLG5 3 17 SYSLGS 3 18 DGS 3100 Series Gigabit Stackable Managed Switch User Manual CATEGORY MESSAGE DESCRIPTION ie format CDB format CDB has finished The specified type is not Interface Type 1 u not supported supported Power Illegal chksum igmp_size 1 lu You may need to set interface 1 s to force full duplex and appropriate speed to match partner link
165. Safeguard Engine Page opens LA Building Networks for People Save vols Stack ID y Cogg rato 192 168 0 e Configuration 9L2 Features i 0s Safeguard Engine Enabled C Disabled B p Security E safeguard Engine Rising Threshold 20 100 70 Trusted Host z gt Port Security Falling Threshold 20 100 20 Apply Guest VLAN ee eo 1x a SSL AssH Note D Link Safeguard Engine is a robust and innovative technology developed by D Link which will automatically throttle the impact of packet flooding into the switch s CPU Access Authentication Cor It will keep D Link Switches better protected from being too frequently interrupted by malicious viruses or worm attacks l ARP Spoofing Prevention Monitoring ACL 2a BB 6 4 4 w Figure 5 1 Safeguard Engine Page The Safeguard Engine Page contains the following field Field Description Safeguard Engine Indicates if the safeguard engine is enabled on the device The possible field values are Enabled Enables the safeguard engine on the device This is the default value Disabled Disables the safeguard engine on the device Rising Threshold Indicates the rising CPU Utilization thresholds enabling Safegard The possible field range is 20 100 between 20 100 The default value is 70 Falling Threshold Indicates the falling CPU Utilization thresholds disabling Safeguard The possible fiel
166. Se Sh pese 5 ree FererErre VU DI E Configuration gt System information gt IP Address Status gt Stacking Settings E snTP O System Clock f Port Configuration S ESG gt ARP Settings Current Time 30 11 2006 21 21 21 gt User Accounts gt System Log Host F SNTP Settings E Time Settings SNTP Settings 3 TimeZone Settings A 0000 SNMP Settings SNTP First Server 0 0 DHCP Auto Configuratic SNTP Second Server 0 0 0 0 l f Dual Image Services gt Telnet Setting H B L2 Features E a 5 Set Current Time El ecuri gt 3 Time Setting ex DD MM YYYY STACKING STATUS SNTP Poll Interval in Seconds Time in HH MM SS 00 00 00 seeas essss 2 0 0 720 Apply Figure 0 10 Time Settings Page The Time Settings Page contains the following fields Status Field Description Time Source Defines the time source by which the system time is set The possible field values are SNTP Indicates that the system time is retrieved from a SNTP server System Clock Indicates that the system time is set locally by the device Current Time Displays the current date and time SNTP Settings Section Field Description SNTP First Server Defines the IP address of primary SNTP server from which the system time is retrieved SNTP Second Server Defines the IP address of secondary SNTP server from whic
167. Size Analysis Selected Port Displays current packet size for ports Number Time Interval Displays the time intervals at which the packet samples are taken The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Displays the packet size record number Show Hide Displays or hides packets size The following packet length ranges can be displayed 64 65 127 128 255 256 511 512 1023 and 1024 1518 and 1519 10240 2 Click Apply A sample record of packet size analysis is stored and the device is updated 3 Define the Show Hide field 4 To view the graph as a table click View Table 175 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Received Packet Statistics The Received RX Page contains information about packets transmitted through device ports To view received packet statistics 1 Click Monitoring gt Packets gt Received RX The Received RX Page opens Diink 9999990000000 294 H s Up Time 2 days 5 10 13 DATE in as administrator admin 192 168 Configuration L2 Features H Qos H G Security 4 Monitoring gt Stacking Information CPU Utilization 3 Port utilization gt Packet Size jor vl 01 w View Table Apply Clear Eff Packets a x 2 bytes UMB_cast RX 2 Transmitted TX Packets RADIUS Authentication gt Browse ARP Table 2 Browse MLD Router Pc
168. Syslog Error Message Table displays a list of Syslog error messages appearing on the Switch according to level of severity and category while providing a description for each error There are seven levels of severity which are based on a hierarchy of severities Emergency is the highest and Debug is the lowest The user can only configure All Informational and Warning When a user configures a specific level it applies to the configured level and all the levels above For example if a user defines an Information error message it will apply to all messages from the Informational severity level up to the Critical level The seven severity levels are e 1 Critical e 2 Warning e 3 Error e 4 Alert 5 Notice 6 Informational 7 Debug e All Represents Debug and above The following table displays the Syslog Error Messages Table 4 Syslog Error Message Table ID____ SEVERITY _ CATEGORY MESSAGE svsucs i610 era momen sysucs iea1 era Nomenoy SSS No free connection at the Currently there is no free moment wait one minute connection available Wait SYSLG8 16 16 Critical web and retry one minute and retry The system must be SYSLG8 16 18 Critical System No free UDP port restarted Cannot create private Cannot create a private SYSLG8 16 29 Critical System memory pool memory pool SYSLG8 16 31 Critical AAA Session amount exceeded Session amount exceeded
169. T r E E r r r fe ACL 10 E E E E E T 11 E x C x L x 12 C 5 a B B a 13 ss om Mm 14 a B B B B f 15 Hs x 6 D x al in a m a B E B B STACKING STATUS 17 El El Hl E ml 18 E E E B E Mm 19 E x x L x 20 C 5 a B B a 21 m a mo om E a 22 r B a B B m 23 o E E E E B r aT Ez Figure 5 2 Trusted Host Page The Trusted Host Page contains the following fields Field Description IP Address 1 30 Defines the management station IP address from which the device can be managed Network Mask 1 30 Defines the management station IP Subnet Mask from which the device can be managed Telnet If selected permits Telnet access to be used for management access to the device SNMP If selected permits SNMP access to be used for management access to the device HTTP If selected permits HTTP access to be used for management access to the device HTTPS If selected permits HTTPS Secure HTTP access to be used for management access to the device SSH If selected permits SSH Secure Telnet access to be used for management access to the device Ping If selected permits the host to ping the device 140 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Define the IP 1 30 Address fields and Subnet Mask to define the remote management stations 3 Click Apply The management stations are defined and the device is updated 4 Toremove a station from the Trusted Hosts list clear the IP Addr
170. TACKING STATUS 4 13 2 223 3 4 Delete SOS 3 6 7 Delete 4 38 10 42 Delete 5 458 5 6 10 Delete Figure 0 13 Traffic Segmentation Page The Traffic Segmentation Page contains the following fields Field Description Source Ports The port s from which the traffic is forwarded by the forwarding port s Unit or LAG The stacking member s Unit ID and LAGs on which the source port is located Port The source port number Forwarding Ports The port s from which the traffic from the source port is transmitted Unit or LAG The stacking member s Unit ID and LAGs on which the forwarding port is located Port The forwarding port number 2 Define the Source and Forwarding Ports 3 Click Add The new traffic forwarding definition appears in the Traffic Segmentation table and the device is updated To delete a Traffic Segmentation entry 4 Select the entry in the table 5 Click_ Delete The entry is deleted and the device is updated 86 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring LACP LAG ports can contain different media types if the ports are operating at the same speed Aggregated links can be set up manually or automatically established by enabling LACP on the relevant links Aggregate ports can be linked into link aggregation port groups Each group is comprised of ports with the same speed The LACP Port Settings Page contains fields for configurin
171. The ACL Profile L3 IPv4 UDP Port Page updates t to show the eee F Sts ans alee Dink ceeseeesessee o000 0 0 0 0 co000000 0000000000000 6 POSES ess 7 8 19 20 21 72 23 04 25 28 27 2 23 39 3 32 33 34 35 M 37 36 39 40 41 42 43 4i qu D Link Jd ame AAA AAA PY E AI AA PEPE TTS s A S i Save Tools 7 Stack Up Time 5 days 2 21 45 Logged in as administrator 10 5 80 57 BA Logout DGS 3100 48 i Configuration Select Frame T PL2 Features C we paos L2 ACL f Securty C L3IPv4 ACL B Monitoring Poe L3IPV6 ACL UDP y Select B p Ace You can select the field in the packet to create filtering mask ACL Configuration Wizard gt Access Profile List L2 Header IPv6 Class IPv6 Address ACL Finder UDP Port STACKING STATUS O Source Port Mask Mask Generate I Destination Port Mask Mask Generate Create Figure 0 24 ACL Profile L3 IPv6 UDP Port Page The ACL Profile L3 IPv4 UDP Port Page contains the following fields Field Description Source Port Mask Defines the range of source Ports relevant to the ACL rules O ignore 1 check For example to set 0 15 set mask of F Destination Port Mask Defines the range of destination IP addresses relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of F 2 Select Source Port Mask and or Destination Port Mask The Mask Generate button is active 223 DGS 3100 Se
172. Type VLAN Name R8D1 v STACKING STATUS Destination MAC Address 00 00 00 00 00 FF ex 00 00 00 00 FF FF Source MAC Address 00 00 00 00 00 01 ex 00 00 00 00 00 10 Ether Type otit ex 0x05dd OxfffT Ports 121 ex 1 1 1 4 6 2 6 Ch1 Ch1 6 E Action Permit v Parisini SSRIS Co Time Range Range Name _ Previous page Apply Figure 0 32 Rule Detail Page The Rule Detail Page contains the following fields Field Description Profile ID Displays the profile ID range Source MAC Displays the Source MAC range Destination MAC Displays the destination MAC range Ether Type Displays if Ether Type is included Access ID Defines the Access ID Type Displays the profile type can be MAC based or IP based VLAN Name Defines the user defined VLAN name Destination MAC Address Matches the destination MAC address to which packets will be subject to action Source MAC Address Matches the source MAC address to which packets will be subject to action Ether Type Defines the code type used Ports Indicates the ports or LAGs for which rules are sought Action Defines the action for the profile The possible fields are Permit Forwards packets if all other ACL criteria are met Deny Drops packets if all other ACL criteria is met Rate Limiting Rate limiting is activated if all other ACL criteria are met Change IP priority VPT CoS value is changed if all ot
173. Update Time E i iaa 1 4 4 4 2 40 2007 10 22 01 12 20 Delete El pe ca os 1 2 1 1 1 10 2007 10 20 10 55 23 Set Boot J _Delete Maracas 2 1 1 1 2 10 2007 10 22 01 15 30 Delete B System Log Host 2 2 1 1 1 10 2007 10 20 11 05 03 Set Boot J_ Delete J SNTP Settings 3 se 1 1 2 10 2007 10 22 01 17 20 set Boot J _Delete J NMP Settings 3 2 1 1 1 10 2007 10 20 11 15 20 Set Boot Delete DHCP Relay 4 4 1 1 2 10 2007 10 22 01 21 35 set Boot J _ Delete DHCP Auto ii 4 2 1 1 1 10 2007 10 20 11 22 23 Set Boot J _ Delete 2g 5 4 11 210 2007 10 22 01 23 20 Set Boot Delete io roses 5 2 4 1 1 10 2007 10 20 11 40 59 Set Boot J _ Delete Qos 6 4 4 1 2 10 2007 10 22 01 45 38 Set Boot JL_ Delete H Security 6 2 1 1 1 10 2007 10 20 12 05 12 Set Boot Delete EBB Monkoring Note means boot up firmware E HACI STACKING STATUS Figure 0 23 Firmware Information Page The Firmware Information Page contains the following fields 63 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Unit Displays the stacking member for which the firmware image information is displayed Image Each device has two image files one for reboot and one for backup Upon software upgrade download the downloaded image file is designated for reboot although users can modify this in the Config Firmware Image page An indicates that this image file is used for reboot Version Displays the image file s versio
174. YSLG8 49 12 Warning AAA reserved for channels channels in the system sshpClientld connection Excessive number of clients SYSLG8 49 13 Warning AAA 1 d is outside the range serviced by the system 273 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION reserved oriens The SSH daemon can not The SSH daemon cannot use the configured TCP use the configured TCP port port the port is already the port is already being SYSLG8 49 51 Warning being used used Insufficient memory to generate an 1 s key Insufficient memory to Please close all SSH or generate an authentication SSL sessions and try key Close all SSH or SSL SY SLG8 49 52 Warning again sessions and try again SSH has been enabled but an encryption key was not SSH has been enabled but found For key an encryption key was not generation use the crypto found For key generation key generate commands use the crypto key generate The service will start commands The service automatically when a host starts automatically when a SYSLG8 49 7 Warning key is generated host key is generated 1 s 2 s no such Failed to create multicast The system resource to group entry of VLAN support this number of SYSLG8 50 22 Warning 1 d MAC 2 s multicast entries is limited IGMP group table The IGMP group table is SYSLG8 51 0 Warning overflow full 7 IGMP router table The IGMP router table is SYS
175. a Class A product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures Warnung Dies ist ein Produkt der Klasse A Im Wohnbereich kann dieses Produkt Funkstoerungen verursachen In diesem Fall kann vom Benutzer verlangt werden angemessene Massnahmen zu ergreifen Precauci n Este es un producto de Clase A En un entorno dom stico puede causar interferencias de radio en cuyo case puede requerirse al usuario para que adopte las medidas adecuadas Attention Ceci est un produit de classe A Dans un environnement domestique ce produit pourrait causer des interf rences radio auquel cas Putilisateur devrait prendre les mesures ad quates Attenzione Il presente prodotto appartiene alla classe A Se utilizzato in ambiente domestico il prodotto pu causare interferenze radio nel cui caso e possibile che l utente debba assumere provvedimenti adeguati VCCI Warning CORBIS 77 AEB CI COREA ZIER CARA SHOEBRMSSSSHCTCEMHAVET CORA CIA AAN ARA A RIE RENACER ETS January 2010 P N Table of Contents PREFACE iata decease A Ss ade de tbe a ch daa l SS AE D E A E LAE E O O O RA ii LAETTE the Device E EE lt do on A A la ln de AT iii DGS 3100 Series Front Panel incita tera rated despite Ea AA EAEE ai iii DGS 3100 24TG Front Panel Ao AMR oes oes 111 Device Management Methods coi a aE aTi iv User Guide Oyeryie Wise Bm ed oe O ade Go oe v A NN vi No
176. a2 s Dlink farTT TTT TT miitttt tt tetas Building Networks for People Fi ga d i ma AA A FESR RRR Up Time 2 days 5 10 13 3 TT in as administrator admin 192 168 0100 B PR meS See DGS 3100 48 E H Configuration E L2 Features e Load Balance layer 2 x Apply 3 Jumbo Frame 802 10 VLAN Asymmetric VLAN Trunking list GVRP Settings 2 Trunking gt VLAN Trunking 02 Static Traffic Segmentation 03 LACP LACP Port Settings IGMP Snooping 3 MLD Snooping of ol 8 E 4 8 1 9 1 10 Edit 1 14 1 12 1 13 1 14 1 15 1 16 Edit Clear 4 17 1 18 1 19 Edit Clear 04 Static Edit Clear Edit Clear il CNEA gt Port Mirroring 06 Static Edit Clear E Spanning Tree 07 Static Edit lead El Forwarding amp Fittering 08 Static Edit TR al or 09 Static edit J Clear pps Edit Clear E o H B Security anula Edit Clear v m f Monitoring ACL Edit Trunking information Unit po or y x Group ID Type LACP SA Note maximum 8 ports in static group and 16 ports in LACP group Apply JR Ports STACKING STATUS Figure 0 10 Trunking Configuration Page The Trunking Configuration Page contains the following fields Field Description Unit Defines the stacki
177. abit Stackable Managed Switch User Manual Viewing LLDP Local Port Information The LLDP Local Port Brief Page displays LLDP local port information 1 Click L2 Features gt LLDP gt LLDP Local Port Brief The LLDP Local Port Brief Page opens 000000000000 o0o0ooo e e oooo g o0o000 VADADADTOADO 2 RMS HTM ao 20 4 e 500 Ob PS SU SEESUESSE D Link foumssccrecesssee2 os EER 7 Building Nene for Peopa AAA AAA ts ts pinto A VEU PU Save Tools Stack ID B e Up Time 2 days 5 10 T Logged in as administrator admin 192 168 0 100 T n Logout 2 Traffic Segmentation gt LACP Port Settings 3 IGMP Snooping P al Show Normal 3 MLD Snooping A _ gt Port Mirroring A Spanning Tree Forwarding amp Filtering Port ID Subtype Port ID Port Description i LLop Local 111 RMON Port 1 on Unit 1 LLDP Global Setting i m 5 Local 1 2 RMON Port 1 on Unit 1 ap LLDP Port Setting Local 113 RMON Port 1 on Unit 1 2 LLDP Basic TLVS LLOP Dot3 TLVS Si gt ee gt LLDP Remote Port E B 2 D Monitoring lie 28 Figure 0 32 LLDP Local Port Brief Page The LLDP Local Port Brief Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP local port information is displayed Port Indicates the port number Port ID Subtype Displays the port ID subtype Port ID Displays the port ID Unit number Port number Port Descrip
178. act Defines the name of the contact person The field range is 0 160 characters System Name Defines the user defined system name System Location Defines the location where the system is currently running The field range is 0 160 characters Login Timeout minutes Defines the amount of time the device times out when no user activity occurs The default is 10 minutes 2 Define the System Name field 3 Define the System Location and Login Timeout minutes fields 4 Click Apply The system information is defined and the device is updated 19 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining IP Addresses The IP Address Page contains fields for assigning IP addresses Packets are forwarded to the default IP when frames are sent to a remote network via the Default Gateway The configured IP address must belong to the same IP address subnet of one of the IP interfaces The Dynamic Host Configuration Protocol DHCP assigns dynamic IP addresses to devices on a network DHCP ensures that network devices can have a different IP address every time the device connects to the network 1 Click Configuration gt IP Sade The IP Address Page opens IOT RUN E io a rai IRA EE 9000 60 oe Ree pao on 2 gt as Ditmk 33 4s e7 HR EEE ER OM 4 a A Perry yt Ty lowe b TEPEE FECES M Building Networks for People StackID Up Time 0 days 7 57 2 Logged in as administrator 10 5
179. age priority tagged data enables user specification for the data s relative priority to suit the needs of the network Circumstances can arise where it is advantageous to group two or more differently tagged packets into the same queue Generally however it is recommended that the highest priority queue Queue 3 be reserved for data packets with a priority value of 7 A weighted round robin system is employed on the switch to determine the rate at which the queues are emptied of packets The ratio used for clearing the queues is 8 1 This means that the highest priority queue Queue 3 clears eight packets for every one packet cleared from Queue 0 It is important that the priority queue settings on the switch are for all ports and all devices connected to the switch are affected The priority queuing system is especially beneficial for networks that employ priority tag assignment capable switches VLAN Description A Virtual Local Area Network VLAN is a network topology configured according to a logical scheme rather than the physical layout VLANs can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN VLANs also logically segment the network into different broadcast domains so that packets are forwarded only between ports within the VLAN Typically a VLAN corresponds to a particular subnet although not necessarily VLANs can enhance performance by conserving bandwidth and improve sec
180. alization initialization process 1 s from 2 s type are expired or some other Packet RX on interface Key IDs do not match keys SYSLG8 74 57 Error SYSLG8 74 58 Error 3 s 4 s key configuration problems interface 1 s area 2 s are expired or some other type 3 s 4 s key configuration problems SYSLG8 75 1 SVNZIP encountered data SVNZIP encountered the e Packet RX on virtual Key IDs do not match keys SSH SSH P 240 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID SEVERITY CATEGORY MESSAGE error 1 d in the file 2 s PGPRCS Failed to open the page 1 s in lt PGPRCSP _ createPageB uffer gt You must give the html path as parameter We support up to 1 d different paths DESCRIPTION DESCRIPTION ae data error in the specified file Failed to open the specified page The html path must be given as a parameter Up to the specified number of paths are supported Could not open the txt file The supplied text file could SYSLG8 75 14 Error Up Download you supplied not be opened EmbWeb init error initializing The WebServer Error occurred initializing the WebServer WEBSRVG task Failure Failure fetching data from a SYSLG8 75 16 Error Web fetching from pipe pipe WEBUTILG snprintf result too big SVNZIP out of memory extracting file 1 s The WEBUTILG snprintf result is too large SVNZIP process encountered mem
181. alla ell oa ree Sererery Pee eee FPF Fe 3 Configuration 2 Features f aos i H Security 1 5 4 Montoring a E View Table 2 Stacking information CPU Utilization gt Port Utilization gt Packet Size EJ ga Packets Received RX gt UMB_cast RX 900 800 packas RADIUS Authentication Browse ARP Table Browse MLD Router Pc gt Browse Router Port gt Browse Session Table 2 IGMP Snooping Group 2 MIN Snnonina a y STACKING STATUS 1000 Bytes Unit packet sec Time Interval v Record Number Show Hide v Y Packets Figure 6 7 Transmitted TX Page The Transmitted TX Page contains the following fields Field Description Unit Indicates the stacking member ID for which the transmitted packets parameters are displayed Port Indicates the port for which the transmitted packets parameters are displayed Bytes Indicates the total number of bytes that were transmitted through the port Packets Indicates the total number of packets that were transmitted through the port Time Interval Indicates the time interval for which the transmitted packets are displayed The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Indicates the transmitted record number Show Hide Displays the bytes packets received information The possible field values are Bytes checked Displays the total amount of transmitted bytes
182. an choose between 6 and 40 seconds The default value is 20 Bridge Hello Time 1 10 The interval between two transmissions of BPDU packets sent by the Root Bridge to indicate to all other switches that it is indeed the Root Bridge The default value is 2 Bridge Forward Delay 4 30 Defines the time any port on the switch is in the listening state while moving from the blocking state to learning state and then to the forwarding state The default value is 15 Max Hops 1 20 Specifies the total number of hops that occur before the BPDU is discarded Once the BPDU is discarded the port information is aged out The possible field range is 1 20 The field default is 20 hops LBD Recovery Time 30 86400 Defines the amount of time that passes after ports that were shut down through LBD are moved to active The possible field range is 30 86400 seconds The default is 60 seconds 2 minutes 2 Select Enable Disable in the STP Status field 3 Define the STP Version Forwarding BPDU Bridge Priority Bridge Max Age Bridge Hello Time Bridge Forward Delay Max Hops fields and LBD Recovery Time 4 Click Apply The Spanning Tree Global Parameters are defined and the device is updated NOTE The Global STP status default was Enable in previous software versions and was changed to Disable Please note that if STP enabled is the required state you should enable 99 STP via the WE
183. and on when the address is aged out Trap Interval 1 1000000 Indicates the amount of time seconds between Port Security traps sent to the interface The possible field range is 1 1000000 seconds The field default is 10 seconds Port Displays the specific port number Max Learning Addr Indicates the number of MAC addresses which learned on the port 2 Define the Unit From Port To Port Max Address 1 64 Admin State Lock Address Mode and Trap Interval 1 1000000 fields 3 Click PPY 143 Port security is enabled and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Guest VLANs Guest VLANs provide limited network access to authorized ports If a port is denied network access via port based authorization but the Guest VLAN is enabled the port receives limited network access For example a network administrator can use Guest VLANs to deny network access via port based authentication but grant internet access to unauthorized users To define Guest VLANs 1 Click Security gt Guest Vlan The Guest VLAN Page opens D Link 3 Building Networks tor People r 983 319041 im Save Tools Stack ID m DGS 3100 48 E Configuration H L2 Features Guest VLAN Setting Create Delete ee VID 01 v VLANName R amp D Apply gt Safeguard Engine Trusted Host Apply Port Port t 2 11 12 13 14 15 16 17 18 19 20 21 22 23
184. ant to the Unit ID is assigned to the new stacking member If the new stacking member was assigned the same Unit ID of the replaced stacking member then the new stacking member receives the same configuration as the failed stacking member If the new stacking member is identical to the replaced stacking member the entire configuration of the replaced stacking member is applied to the new stacking member The stack reverts to the stacking state it was running in before stacking member failed However sometimes the new stacking member is not identical to the failed stacking member The Stack Master applies the configuration as follows e Ifa 24 port switch replaces a failed 48 port switch then the new stacking member s ports are configured according first 24 ports configuration of the failed stacking member NOTE The 48 port configuration of the failed stacking member is recorded even though only the first 24 port configuration is currently applied If a 48 port switch is inserted and assigned the same Unit ID the switch is configured with the port configuration of the original 48 port stacking member e If a 48 port stacking member replaces a 24 port stacking member then the first 24 ports of thenew stacking member are configured according failed stacking member s ports configuration The remaining new stacking member ports are configured with the switch s default settings Replacing a Failed Stack Master This example assumes that th
185. anual Viewing MLD Router Ports The Browse MLD Router Port Page displays which ports are connected to MLD routers A port can be connected to an MLD router either as a static port or as a dynamic port or forbidden port 1 Click Monitoring gt Browse MLD Router Port The Browse MLD Router Port Page opens D Link Building Networks for People Tei a fal Save Tools N ee p Security E G Monitoring gt Stacking Information CPU Utilization Port Utilization Packet Size Packets gt Received RX UMB_cast RX Transmitted TX 3 RADIUS Authentication gt Browse ARP Table 2 Browse Router Port Browse Session Table IGMP Snooping Group MLD Snooping Group J MAC Address Table lt amp STACKING STATUS E AR bs i E SS o mi Note S Static Router Port D Dynamic Router Port F Forbidden Router Port Figure 0 10 Browse MLD Router Port Page The Browse MLD Router Port Page contains the following fields Field Description VID Indicates the VLAN identification Unit Indicates the stacking member for which the router ports information is displaying Port Indicates the port for which the router port settings are displayed Ports have the following settings S Indicates a statically configured port D Indicates a dynamically learned port F Indicates a forbidden port 2 Define the VID field 3 Click ABRI The selected ports appear on the se
186. arding Disabled setting DHCP Client Disabled setting IGMP Snooping Disabled setting Safeguard Engine Disabled setting MLD Snooping Disabled setting SNMP Trap Enabled setting Broadcast Storm Control Disabled setting SSL Disabled setting 802 1x Status Disabled setting Asymmetric VLAN Disabled setting GVRP Setting Disabled setting VLAN Trunking Disabled setting SSH Disabled setting Telnet Setting Enabled setting Port Mirroring Disabled setting SNMP Global Setting Disabled setting STACKING STATUS Figure 0 1 Device Information Page The Device Information Page contains the following fields Field Description Device Type Displays the factory defined device name and type System Contact Displays the name of the contact person The field range is 0 31 characters System Name Displays the user defined system name The field range is 0 31 characters System Location Displays the location where the system is currently running The field range is 0 31 characters Firmware Version Displays the installed software version number Hardware Version Displays the installed device hardware version number Serial Number Displays the installed device serial number System Time Displays the system time The field format is Day Month Y ear System Up Time Displays the amount of time since the most recent device reboot The system time is displayed in the following format Days Hours Minutes and Seconds For example
187. are Access Profie Lis Access ID ACL Finder Type MAC Source MAC Address ex 00 00 00 00 00 10 STACKING STATUS Ports ex 1 1 2 2 Ch1 Ch4 6 Action Permit y Time Range Range Name F Previous page Apply This page displays all or some of the following fields Field Description Profile ID Displays the Profile ID to which the rule is being added to Source MAC IPv4 IP v6 Displays the MASK defined in the Profile Mask Destination MAC IPv4 IP v6 Mask Displays the MASK defined in the Profile Source MAC IPv4 IP v6 Address Defines the address on which the rule is defined Destination MAC IPv4 IP v6 Address Defines the address on which the rule is defined TCP Source Port Displays The TCP Source Port TCP Flag Mask Indicates if TCP flag mask is active Access ID Defines the Access ID Type Displays the profile type IP based TCP Flag Defines the indicated TCP flag that can be triggered Source Port Displays the TCP source port Ports Defines the ports or LAGs on which the access profile will work Action Defines the action to be taken The possible values are e Permit Forwards packets if all other ACL criteria are met e Deny Drops packets if all other ACL criteria is met e Rate Limiting Rate limiting is activated if all other ACL criteria are met e Change IP priority VPT CoS value is changed if al
188. are is downloaded and the device is updated 12 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Rebooting the System The System Reboot Page provides a method for selecting one or all of the units to be rebooted To reboot the system 1 Click gt System Reboot The System Reboot Page opens So o0o0000000000000 000000000000000 0000000000000000 00 00 D Li K I 123 a57 AAA AEREA TEE ap ink TIS la 12 E 2 E pe a mia 2 pce E E E Networks People 7 ows i o o ER A Oe A a A LS es k a i Save lt Tools StackID E Up Time 0 days 1 17 40 Logged in as administrator 10 5 80 34 J Logout gt pes 2 Show Stack Status System Reboo cor Device Locator 4 912 Config Backup amp Restore BO Reset h d all the configurati Il the ch just mad be lost after system reboot le sec nsure you have saved al e configuration or al e changes you just made may be losi ler system reboot da or Firmware Download m pa Select Unit to Reboot Fan y System Reboot STACKING STATUS pa jazzi LP Poor eveveres m I ET O A T RE BEE i Figure 0 6 System Reboot Page The System Reboot Page contains the Select Unit to Reboot field The possible values are Value Description All Reboots all stacking members O1 06 Reboots the specific stack member 2 Define the Select Unit to Reboot field 3 Click _S s
189. at a stacking member acting as the Stack Master has failed in a running stack When the system administrator is notified of the Stack Master failure and replaces existing Stack Master with a new switch When the Stack Master fails the stack s Backup Master recognizes the failure and that the Stack Master no longer responds and assumes the role of Stack Master The Backup Master uses Master Discovery process to identify the failure In case of Ring topology the Backup Master directs all other stack members to route traffic around the failed stacking member At the same time the Backup Master notifies the system administrator of the failure using SYSLOG messages and SNMP traps When the failed stacking member is disconnected from the stack all traffic is already routed around the failed stacking member If all other stacking connections are left intact the stack keeps running When a new stacking member is inserted and powered up the following occurs e The new stacking member performs Master Discovery process and participates in a Master Election process For more information on the Master Election see Electing a Stacking Master Ifthe new stacking member has a Unit ID of J or 2 i e the stacking member is a master enabled Master Election process is initiated Since the running stack Backup Master has a longer run timeand if the Backup Master has been running for more then 10 minutes the Backup Master remains the elected Stack Master The
190. ata Failed to reserve the specified port while the system is initialized Could not open a socket on the specified ports The specified Listener port configured for the specified WEB service is not available Cannot add new session because of the DB overflow 242 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID SEVERITY CATEGORY MESSAGE DESCRIPTION Cannot allocate memory The system cannot allocate SYSLG8 78 8 Error System for user memory for user Cannot create timer for The system cannot create a SYSLG8 78 9 Error System user timer for user Backup 1 d failed The specified backup failed during runtime during runtime SYSLG8 83 5 Error Up Download configuration configuration Translation from url to Translation from URL to SYSLG8 85 1 Error W name had failed name had failed The enterprise given for The given enterprise for SYSLG8 86 1 Error SNMP trap is too long trap is too long Not enough space for key for the key of the specified of variable 1 lu of trap variable of the specified Memory not freed SNMP Package 1 s Routine 2 d Location 3 d Size 4 d SYSLG8 86 26 Error Unfreed block 5 s SNMP Package 1 s Routine 2 d Location SYSLG8 86 29 Error 3 d Error 4 s SNMPCOMMG StoreInit ialCommunityEntry no free community entry No free community entry is SYSLG8 86 7 Error available available Unexpected entry fields Unexpected entry fields were found in
191. ation Wizard Page opens 0GS 3100 48 E Configuration H L2 Features H H QoS H Security E Monitoring EA ACL EACL Configuration Wizard Access Profile List B ACL Finder 3 Time Range Setting STAGKING STATUS p A AA o ASS 2 004 Any v ex 1 1 1 4 6 2 6 Ch1 Ch1 6 Time Range Range Name Note ACL Wizard will create the access profile and rule automatically For advanced access profile rule setting you can manually configure it in Access Profile List Figure 0 1 ACL Configuration Wizard Page The ACL Configuration Wizard Page contains the following fields Fields Description From Defines the origin of accessible packets The possible values are Any Indicates ACL action will be on packets from any source MAC Address Indicates ACL action will be on packets from this MAC address IPv4 Addresses Indicates ACL action will be on packets from this IPv4 source address IPv6 Addresses Indicates ACL action will be on packets from this IPv6 source address To Defines the destination of accessible packets The possible values are Any Indicates ACL action will take placed for packets with any destination MAC Address Indicates ACL action will take place for packets to this MAC address only IPv4 Addresses Indicates ACL action will take place on packets to this IPv4 address IPv6 Addresses Indicates
192. authentication Method 3 Indicates the third method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication Method 4 Indicates the fourth method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication 2 Define the Method List Name in the Method List Name field 3 Select the methods used to authenticate network users in the Method 1 Method 2 Method 3 and Method 4 fields 4 Click APPI The Login methods are defined and the device is updated e To edit the Method List click Edit adjacent to a Method List Name on the list The upper fields display the current values which then can be edited e To delete a Method List Name click _Delete_ The Login Method Lists are defined and the device is updated 165 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Enable Methods Network users
193. ave the range 0 15 When mixing Strict and WRR mode Strict mode should be configured at higher class Class 3 and Class 2 Weight Assigns the specific WRR value to the Queue The weight value range is 0 15 2 Select the Class IDs in the Mechanism field 3 Click eee The QoS Scheduling Mechanism is configured and the device is updated 135 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining DSCP User Priority The DSCP User Priority Page contains fields for mapping DSCP settings to traffic queues For example a packet with a DSCP tag value of 3 can be assigned to queue 2 To map priority tags to classes 1 Click QoS gt DSCP User ane The DSCP User Priority Page Opens A a ls IA Pe ee A 20000 299999999 o0000 c00000000000 7 PERR NR nnn BHEHUN SD on o0o0o00 O O 1264 T la As Ss pt Sy a a TEEPEE 2 DGS 3100 48 l Configuration H 8 L2 Features E H Qos Bandwidth Control gt Traffic Control B 802 1p Default Priority 802 1p User Priority 3 QoS Scheduling Mechanis gt DSCP User Priority 3 Multi Layer CoS Setting Security Monitoring a Queue ojo LULL a El STACKING STATUS N 4 Trei EB Restore Defaults x Figure 4 7 DSCP User Priority Page The DSCP User Priority Page contains the following fields Parameter Description DSCP In Displays the incoming packet s DSCP value Que
194. balloc could not allocate Could not allocate the SYSLG8 49 4 Error System 1 d bytes 2 d specified bytes bfree Cannot free Cannot free memory The SYSLG8 49 5 Error Port Security memory block is corrupt memory block is corrupt bfree Freeing more SYSLG8 49 6 Error Port Security memory than was used More memory was used The specified field is SYSLG8 5 143 Error SNMP Unknown field 1 s unknown SYSLG8 5 158 Cannot update Hash Cannot update the Hash Cannot clean the Hash SYSLG8 5 160 Error System Cannot clean Hash values Cannot insert entry to Cannot insert an entry into SYSLG8 5 161 Error System Hash Hash Cannot delete entry from Cannot delete an entry from SYSLG8 5 162 Error System Hash Hash GCLIP_mib2cli_analyze command Cannot insert Cannot insert an entry to SYSLG8 5 180 Error System entry to Hash Hash Length is limited by 160 The field length is limited SYSLG8 5 181 Error SNMP characters by 160 characters Failed to set default Failed to set default SYSLG8 56 3 Error Interface priority priority SYSLG8 58 4 Failed to update queue Failed to update queue Too many VLANs are SYSLG8 6 6 Error VLAN Too Many Vlan defined 1 s Errors occurred Errors occurred during SYSLG8 61 0 Error during initialization initialization UNIT ID SYSLG8 63 11 Error Stack 1 d Msg 2 s UNIT ID SYSLG8 63 3 Error Stack 1 d Trap 2 s Errors occurred during Errors occurred during the SYSLG8 73 1 Error System initi
195. be SYSLG6 0 7 Error Up Download valid download again downloaded again Bootl programming The Bootl programming failed it is not valid any process failed because it is SYSLG6 0 8 Error Up Download more not valid any more Boot2 programming The Boot2 programming failed it is not valid any process failed because it is SYSLG6 0 9 Error Up Download more not valid any more There has been a memory SYSLG7 0 121 Error System Memory overflow overflow There is no free MAC SYSLG7 0 130 Error FDB No free mac address address Port 1 j doesn t accept The specified administrative parameter administrative parameter is SYSLG7 0 78 Error SNMP 2 s not accepted Port 1 j doesn t support The specified parameter is SYSLG7 0 79 Error Interface 2 s parameter not supported Memory overflow while Memory overflowed while creating the creating the aggregate SYSLG7 0 97 Error VLAN aggregateVlan Table VLAN table Unable to synchronize a The Master is unable to backup dmanager synchronize the backup problem error 1 s with the file The data may SYSLG8 100 30 Error function 2 s be lost Wrong file version is Wrong file version is SYSLG8 100 32 Error Up Download received by backup unit received by backup unit Wrong file size of backup The backup is not SYSLG8 100 33 Error Up Download unit synchronized with a file The file update message The file update message from old master was from old master was received on backup unit
196. bled Tanaansns sa Figure 0 17 MLD Snooping Page 91 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The MLD Snooping Page contains the following fields Field Description MLD Snooping Enables or disables MLD Snooping The possible field values are Enabled Enables MLD Snooping on the device Disabled Disables MLD Snooping on the device This is the default value VLAN ID Specifies the VLAN ID VLAN Name Displays the user defined VLAN name Done Timer Specifies the time interval in seconds after which a port is removed from the Multicast membership group Ports are removed from the Multicast membership when the port sends a Done Message indicating the port requests to leave the Multicast group The field range is 0 16711450 seconds The default timeout is 10 seconds Host Timeout Specifies the time interval in seconds after which a port is removed from a Multicast Group Ports are removed if a Multicast group MLD report was not received from a Multicast port within the defined Host Timeout period The possible field range is 60 16711450 seconds The default timeout is 260 seconds Router Timeout Specifies the time interval in seconds the Multicast router waits to receive a message before it times out The possible field range is 60 16711450 seconds The default timeout is 300 seconds State Indicates if MLD snooping is enabled on the VLAN The possible
197. bling SNMP Ta da e e a a O a e 58 DHCP Relay asain e e e di le dls do al te 59 DHCP Local da e e 60 DHCP Auto Configuratiom xe Bates RE A ee ee A a 62 Dual Image Sevi ii redada 63 Firmware Idoia t 63 Config Firmware IM iaa 64 ON 65 Defining Time Ran ge si4 nina a tens aletas le e paca e nee a eres a A 66 Serial ES AAA Peers ee ceeewttan te lest a ante eines aust acre ea ened aise aetna NR 68 CONFIGURING L2 FEATURES r a a aaa n 69 E abling Jumbo Frames tdi 70 C ntiguting VEANS essen ach fea ce ein Ae chia en NR ee nek Hooded en RE mn eR es 71 Understanding IEEE 802 1p Priority iii E A E E E EEE eA EE Ea SE EE ei 71 VLAN Description at naa 71 Notes about VLANSs on the DGS 3100 Series ec ecesesesscseeseceseeeeesecseesecneesecsaeecessecaeesecnevseceaeeeeeaecaesaecnevseeeaessesneeeres 71 MARIA A tesa E anche Sate MIM ost acess NN RNA 71 AONTAN Tags TEE TTE S A T EE A TRER 73 PENEAN ID reem aa a a a a aa a a a a a a til 74 Tagging and Ut e A ees eke en ae E R aeea o 74 EETA TENISE RUTA tte 74 Default VEAN S ws iinn ia E ee i wi EEE ld Aiea 75 VLAN Td as 75 VEAN SAUS na BR Ge iat tes Rote EA AAA E SA ate aa on AA aires 75 Defining VLAN Properties 00 ideas 76 Defining Asymmettic VEAN SE 78 Configuring ENA nd e Janene lena lo tas do on o goal E o 80 Defining Trunkint emanada a cedo dd a te ne de dd a e e a nd dd oe 82 Load Balan E BAR Oa hd ERE on ees 82 Defining VEAN Trunking vestida at 84 Traffic S comenta ata
198. by the RADIUS server the user is automatically joined to the VLAN configured on the RADIUS server The VLANs that cannot participate in the DVA are A Dynamic GVRP created VLAN A Voice VLAN A Default VLAN A Guest VLAN Port based authentication creates two access states State Description Controlled Access Permits communication between the supplicant and the system if the supplicant is authorized Uncontrolled Access Permits uncontrolled communication regardless of the port state 145 To enable the 802 1X 1 Building Networks for Peopl Af ae j Tools Stack ID P Address Stacking Settings J Port Configuration B ARP Settings User Accounts System Log Host f SNTP Settings f SNMP Settings gt DHCP Relay 3 DHCP Local Relay B DHCP Auto Configuration Firmware Information Telnet Setting Time Range Setting Serial Port Settings E L2 Features GH aos E Security gt Safeguard Engine Trusted Host Port Security Guest VLAN Ef 802 1X 2 B Authentic RADIUS Server Forwarding EAP E SSL SSH Access Authentication Control S ARP Spoofing Prevention y STACKING STATUS DGS 3100 Series Gigabit Stackable Managed Switch User Manual Click Security gt 802 1X Setting The 802 1X Setting Page opens 802 1X C Enabled Disabled Apply 802 1X Port Access Con
199. cator Page enables locating system devices by activating LED locators To locate devices Tools 7 1 Click MR Too gt evic Locator The Device Locator Page opens E pri Config Backup amp Restore 208 Reset E al el Mor a acl System Reboot Press Activate button to activate Device Locator for 20 seconds Activate Firmware Download STACKING STATUS Figure 0 2 Device Locator Page 2 Click _ hetivate The LED locator is activated for 20 seconds On which the letter L will flash on the master unit DGS 3100 Series Gigabit Stackable Managed Switch User Manual Backing up and Restoring Configuration Files The Config Backup and Restore Page contains fields for downloading and uploading the configuration file from the device through HTTP or TFTP server To back up and restore configuration files gt Config Backup amp Restore The Config Backup and Restore Page opens hoc Sack Sias onfig Backup and Restore g E Cor Device Locator La HTTP H Qo Reset giver Firmware Download Backup current setting to file Backup H ach System Reboot Restore saved setting from file Browse File Type Startup Config Restore TFTP Server IP File File Type Backup current setting to server Restore saved setting from server STACKING STATUS Figure 0 3 Config Backup and Restore Page The Config Backup and Restore Page contain the
200. ce is updated 109 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring LLDP The Link Layer Discovery Protocol LLDP allows troubleshooting and enhancing network management by discovering and maintaining network topologies over multi vendor environments LLDP discovers network neighbors by standardizing methods for network devices to advertise themselves to other systems and to store discovered information Device discovery information includes Device Identification Device Capabilities Device Configuration The advertising device transmits multiple advertisement message sets in a single LAN packet The multiple advertisement sets are sent in the packet Type Length Value TLV field LLDP devices must support chassis and port ID advertisement as well as system name system ID system description and system capability advertisements This section contains information for configuring LLDP parameters and includes the following topics e Defining LLDP Global Settings e Defining LLDP Port Settings e Defining LLDP Basic TLV Settings e Defining LLDP Dot3 TLV Settings e Viewing LLDP Local Port Information e Viewing LLDP Remote Port Information Defining LLDP Global Settings The LLDP Global Setting Page displays LLDP system information and contains parameters for configuring LLDP global settings 1 Click L2 Features gt LLDP gt LLDP Global Setting The LLDP Global Setting Page opens eoeoVeceeeoeoooos oo 7 e9
201. ce to the storm control type Threshold 3500 1000000 Indicates the maximum rate kilobits per second at which storm packets are forwarded The range is 3500 1 000 000 The default value is 3 500 2 Define the Unit From Port To Port Storm Control Type State and Threshold fields 3 Click LAPP The storm control settings are configured and the device is updated 132 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Mapping Ports to Packet Priorities The 802 1P Default Priority Page provides traffic classification by assigning priority values per port The priority value is assigned when packet arrives to a port with an empty priority tag 1 Click QoS gt 802 1p Default Priority The 802 1P Default Priority Page opens soss OTTO D Link Dumsscesceecssss2 ee PE EE CEDEDE 92752322292 a No wa Ra a sree Sperry PRCT SEPT Building Networks for People Save Tools Stack ID E X Up Time 2 days 5 1013 ESE EUR E AA DGS 3100 48 f Configuration 4 L2 Features Unit From Port To Port Priority eae 01 01 E 01 y 00 x a Bandwidth Control a 3 802 1p User Pay Unit 1 Settings QoS Scheduling Mechanis Port Priority Multi Layer CoS Setting 11 f Security 42 E Monitoring 13 H AacL 14 1 5 1 6 1 7 1 8 gt 1 9 STACKING STATUS 1 10 111 1 12 1 13 1 14 1 15 1 16 1 17 1 18 4 40 o A
202. ch via a console terminal or PC with a Terminal Emulation Program CIC A AAA Pen OA Ss gt ee ase ae 45 6 ona ia 7 TB 39 40 41 42 43 48 an Marape reve E APRA A i i i a a a aaa T m F Srl SE ae vor PPP FPP FEES m Figure 1 DGS 3100 Series 48 Port Front Panel DGS 3100 24TG Front Panel The DGS 3100 24TG provides eight high performance 1000BASE TX ports The ports operate at 10 100 1000 and connect to backbones end stations and servers The DGS 3100 24TG also provides 16 Mini GBIC SFP ports which connect fiber optic media to switches servers or network backbone The DGS 3100 24TG provides an additional RS 232 port console port for managing the switch via a console terminal or PC with a Terminal Emulation Program PA gt os a A ee ven mm ESA A E EA mE Ea Figure 2 DGS 3100 24TG Front Panel iii DGS 3100 Series Gigabit Stackable Managed Switch User Manual Device Management Methods The DGS 3100 series and DGS 3100 24TG provide different methods for managing the device including e Web Based Management Interface e SNMP Based Management e Command Line Console Web Based Management Interface Once the device is installed network managers can configure the switch monitor the LED panel and display statistics graphically via a web browser including e Netscape Navigator version 7 0 and higher e Microsoft Internet Explorer version 5 0 and higher e Mozilla Firefox version 2 0 and higher
203. cified number of bytes Packets corrupted and or network problems Key IDs do not match keys are expired or some other key configuration problems Key IDs do not match keys are expired or some other key configuration problems MdS keys are not found or are invalid Md5 keys are not found or are invalid Key IDs do not match keys are expired or some other key configuration problems HTTPS server has been enabled but a certificate was not found For a certificate generation use the crypto certificate 1 2 generate command The service will start automatically when a DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION ID when a certificate is certificate is generated generated 2 s service has been enabled but an encryption The specified service has key certificate 1 d been enabled but an was not found For key encryption key was not generation use the crypto found For key generation key generate commands use the crypto key generate The service will start commands The service automatically when a host starts automatically when a SYSLG8 75 66 Warning key is generated host key is generated Invalid attribute 1 d The specified attribute is SYSLG8 77 26 Warning AAA ignored 2 s ignored Msg of 1 u length received from server The message length is 3 s is bigger than bigger than the specified maximum 2 u ma
204. ckup Master was not acting as the Stack Master prior to the split the Back Master initiates a Topology Database and port learning process Traffic can be halted for a short period until the stack is synchronized i e stacking member and port configuraiton is completed New stacking members are learnt by the Backup Master are notified to the system administrator using SYSLOG messages and SNMP traps The divided stack continues to operate normally the only difference is there are less stacking members than prior to the stack division No Unit ID changes are performed in each the divided stacks Even if each stacking section has a Stack Master one section retains the Stack Master and the other section the Backup Master both stacks have the same configuration and the same IP address NOTE If both stacks have the same IP Address this can lead to network problem There is no way for users to connect to any stacks through the stack IP address If neither the Stack Master nor the Backup Master remain in the divided group e This is identical to failed Stack Master where no backup is available e Stacking members whose Unit IDs are 3 4 5 or 6 in original stack do not renumber themselves The stacking members network ports remains shut down until a Stack Master is enabled is connected and is operating as the Stack Master The Master Discovery process recognized that the Stack Master has been separated from the stack e The stacking me
205. components which stabilize Access Control Security Component Description Authenticators The Authenticator is an intermediary between the Authentication Server and the Client The authenticator Requests certification information via the Client EAPOL packets The EAPOL packets are the only information allowed to pass between supplicants and the authentication server until the authenticator is granted system access Verifies the information gathered from the Client with the Authentication Server and relays the information to the Client Supplicants Clients Specifies the host connected to the authenticated port requesting to access the system services Authentication Server Specifies the server that performs the authentication on behalf of the authenticator and indicates whether the supplicant is authorized to access system services The Authentication Server is a remote device connected to the Client network and Authenticator The Authentication Server must have RADIUS Server application enabled and configured Clients connected to a port on the Switch must be authenticated by the Authentication Server before accessing any system services The Authentication Server certifies the client s identity attempting to access the network by exchanging secure information between the RADIUS server and the Client Dynamic VLAN Assigns users to VLANs during the RADIUS server authentication When a user is Assignment DVA authenticated
206. configured on interface 1 j IP 2 y mask 3 y DHCP server 4 y ARP packet dropped from port 1 j with VLAN tag 2 d and reason The device has been configured on the specified interface with the specified IP address and mask on the specified DHCP server ARP Inspection Log The ARP packet is dropped according to the specified 246 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION IDO 3 s SRC MAC 4 m reason SRC IP 5 y DST MAC 6 m DST IP 7 y Information Ping completion status SYSLG8 15 0 al 1 s Ping completion status 1 s Sent 2 u R eceived 3 u Times Min Information 4 u Max 5 u Avg SYSLG8 15 1 al 6 u 1 s 2 s 3 s 4 s 5 s 6 s TELNETD I CONNECTION telnet connection from 7 s at Information 8 s 9 s 10 s SYSLG8 17 0 al 11 s 12 s 13 s Warm Startup the system Information re initialization with no SYSLG8 26 2 al Warm Startup changes in configuration Cold Startup the system re Information initialization with possible SYSLG8 26 3 al Up Download Cold Startup changes in configuration The system supports a few NVRAM sections Each user can access its NVRAM section only All data from all user sections can be deleted from NVRAM then Information All NVRAM sections are NVRAM is set to default SYSLG8 26 4 al Up Download erased values The system supports a few NVRAM users Each user can access it
207. configures one VLAN VID 1 called default The factory default setting assigns all ports on the switch to the default Ports can be removed from the default VLAN by either setting the port on the default VLAN as a non member or if the port is configured as Untagged on another VLAN Packets cannot cross VLANs If a member of one VLAN wants to connect to another VLAN the link must be through an external router NOTE If no VLANs are configured on the switch then all packets are forwarded to any destination port Packets with unknown source addresses are flooded to all ports Broadcast and multicast packets are also flooded to all ports An example is presented in this table VLAN Name VID Switch Ports System default 1 5 6 7 8 21 22 23 24 Engineering 2 9 10 11 12 Marketing 3 13 14 15 16 Finance 4 17 18 19 20 Sales 5 1 2 3 4 Table 0 1 VLAN Example Assigned Ports VLAN and Trunk Groups Trunk Groups LAGs can be added as member to a VLAN similar to ports The members of a trunk group have the same VLAN setting Any VLAN setting on trunk group members applies to the other member ports NOTE In order to use VLAN segmentation in conjunction with port trunk groups the port trunk group s can first be set and then the VLAN settings may be configured Changing the port trunk grouping with VLANs already in place doesn t require reconfiguration of the VLAN setting
208. d Range Name Selects the user defined time range name to apply to the configured ACL 2 Define the From To Service Type Action and Ports fields 3 To configure a time based ACL Check the Time Range box and select the Range Name from the list 4 Click Apply The ACLs are configured and the device is updated For advanced ACL setting please see the section below 204 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Access Profile Lists This section contains the following topics e Adding Access Rules e Adding ACL Profiles e Defining Layer 2 ACL e Defining Layer 3 IPv4 ACL e Defining Layer 3 IPv6 ACL e Adding Access Rules Adding ACL Profiles The ACL Profile List Page provides information for configuring ACL Profiles manually ACL profiles are attached to interfaces and define how packets are forwarded if they match the ACL criteria 1 Click ACL gt Access Profile List The ACL Profile List Page Opens D Link EZS E TE ORBE RE RERER ooo Building Networks tor People ps Pair li io ui a al ul Bl WU qe Sr T Save Tools Stack ID AA mea days 5 Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 Pora DES 3100 48 E Configuration H L2 Features Source MAC Destination MAC Ether Type VLAN ID Show Details _ Edit New Rules Delete Source IP TCP Source Port TCP Flag Time Range Show Details Edit New Rules Delete 3 ACL Finder 2 Time Range
209. d off NOTE The Factory default IP address for the Switch is 10 90 90 90 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Accessing the Boot Startup Menu Functions The following configuration functions are performed from the Boot Startup menu e Downloading Software e Set Terminal Baud Rate e Defining Stacking Units To display the Startup menu 1 During the boot process after the first part of the POST is completed press Ctrl shift within 2 seconds after the following message is displayed Autoboot in 2 seconds press RETURN or Esc to abort and enter prom 2 Press Enter to access the Startup menu 3 The Startup menu is displayed and contains the following configuration functions Startup Menu 1 Download Software 2 Set Terminal Baud Rate 3 Stack menu 4 Back Enter your choice or press ESC to exit The following sections describe the Startup menu options If no selection is made within 25 seconds default the switch times out and the device continues to load normally Downloading Software Use the software download option when a new software version must be downloaded to replace corrupted files update or upgrade the system software It is recommended to set the Baud Rate to 38400 prior to downloading software therefore allowing the software download to be faster See Set Terminal Baud Rate To download software from the Startup menu 1 On the Startup menu press 1 The fol
210. d on the device Disable Indicates that port security is disabled on the device This is the default value 142 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Max Address 1 64 Defines the number of MAC addresses The field value is 1 64 The field default is 1 Lock Address Mode The Lock Address Mode allows network administrators to limit the number of MAC addresses learned on a port or to stop learning MAC address completely Ports can be assigned a MAC address which is not aged out nor is the MAC address relearned therefore Locking the port to the MAC address After the port is locked the all the dynamic MAC addresses associated with the port are deleted The possible field values are Permanent Learns up to the maximum number of dynamic addresses allowed on the port The learned addresses are not aged out or relearned on other port for as long as the port is locked Delete on Reset Deletes the current dynamic MAC addresses associated with the port Learn up to the maximum addresses allowed on the port this number is also configurable Aging is disabled the addresses are deleted on reset Delete on Timeout Deletes the current dynamic MAC addresses associated with the port The port learns up to the maximum addresses allowed on the port Re learned MAC addresses and address aging out are also enabled The MAC addresses are deleted when the device is reset
211. d on the port LAG the port joins the Voice VLAN Timeout is as defined in the Defining Voice VLAN Global Settings section If the MAC Address of the IP phones OUI was added manually to a port in the Voice VLAN the user cannot add it to the Voice VLAN Security Indicates if port security is enabled on the Voice VLAN Port security ensures that packets arriving with an unrecognized OUI are dropped The possible field values are e Enable Enables port security on the Voice VLAN e Disable Disables port security on the Voice VLAN Membership Indicates whether the Voice VLAN member is a static or dynamic member Dynamic indicates that the VLAN membership was dynamically created when a packet with Voice VLAN OUI was captured by the device Static indicates that the VLAN membership is user defined An indicates that the port is not a member of the Voice VLAN This is only used when Voice VLAN is disabled on this port 2 To configure Voice VLAN Port Settings select the particular unit as well as the range of ports to set Select a Mode and a Security setting and click Apply The Voice VLAN Ports are set and the device is updated Defining OUls The OUI Setting Page lists the Organizationally Unique Identifiers OUIs associated with the Voice VLAN The first three bytes of the MAC Address contain a manufacturer identifier While the last three bytes contain a unique station ID Using the OUI network managers can add sp
212. d range 20 100 is between 20 100 The default value is 20 2 Set the safeguard engine status in the Safeguard Engine field 3 Define the Rising Threshold and Falling Threshold fields 4 Click Apply The Safeguard Engine is enabled and the device is updated 139 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Trust Host The Trusted Host Page enables network managers to apply restrictions on managing the device from remote stations Network managers can configure up to 30 remote stations Only those stations that are included in this list may manage the device Ensure that the IP address from which the device is currently being configured is included to prevent disconnection To enable Trust Host 1 Click Security gt Trusted Host The Trusted Host Page opens 9999000 PR ecere DGS 3100 24 H Configuration el p Features Host IP Address Network Mask Telnet SNMP HTTP HTTPS SSH Ping a QoS 1 l O IO A A Security 2 sl gt Safeguard Engine Ey Trusted Host 3 E C x L x 3 Port Security 4 r jE r r r 3 Guest VLAN Seco E E m a E L z E 2 ssi 6 r a a x m B J SSH B Authentication Co E m E E m B E gt ARP Spoofing Prevention 8 E E a E Mm E H Monitoring 9
213. dard that allows network administrators a method of reserving bandwidth for important functions that require a large bandwidth or have a high priority such as VoIP voice over Internet Protocol Web browsing applications file server applications or video conferencing Not only a larger bandwidth can be created but also a less critical traffic can be limited so excessive bandwidth can be saved The Switch has separate hardware queues on every physical port to which packets from various applications can be mapped to and in turn prioritized View the following map to see how the DGS 3100 series implements 802 1P priority queuing 126 DGS 3100 Series Gigabit Stackable Managed Switch User Manual How 802 1p works 4 Priority Queues Queues Priority o 4 A Port 1 2 3 4 5 6 7 HORARIA 4140400 0501001114 20035 Port default priority Figure 4 1 Mapping QoS on the Switch The picture above shows the default priority setting for the Switch Class 3 has the highest priority of the four priority queues on the Switch In order to implement QoS the user is required to instruct the Switch to examine the header of a packet to see if it has the proper identifying tag tagged Then the user may forward these tagged packets to designated queues on the Switch where they will be emptied based on priority For example let us say a user wishes to have a video conference between two remotely set computers The administrator can add priority
214. de and the other stacking member is in manual mode the stacking member in Manual mode maintains its Unit ID The other stacking member is assigned anew Unit ID Stacking members are shut down if e Ifboth duplicate stacking members are in Manual mode then both stacking members are shut down e Ifthe Stack Master is able to allocate a Unit ID to each stacking member then all stacking members operate as a stack If the Stack Master is unable to allocate a Unit ID to any stacking member that stacking member is effectively shut down and does not participate in the stack e Stacking members with a conflicting manually set ID are shut down as the Stack Master cannot override the system administrator s Unit ID assignment to resolve the conflict e If there are more stacking members than the maximum number allowed in a stack and the incoming stacking members are already in Factory Default mode the Stack Master is elected following Master Discovery and Master Election processes All other stacking members are shut down in some extreme cases due to during the boot process where some stacking members may be connected and join the stack If the new stacking members are already assigned a Unit then the new stacking members cannot join the stack The switches are remains shut down If a stacking member is shut down the stacking members stacking links are inactive Moreover if the stacking members are connected in a chain topology the shut down of o
215. ding status is defined and the device is updated Defining LLDP Port Settings The LLDP Port Setting Page displays LLDP port information and contains parameters for configuring LLDP port settings 111 Click L2 Features gt LLDP gt LLDP Port Setting The LLDP Port Setting Page opens gt LACP Port Settings gt IGMP Snooping MLD Snooping 3 Port Mirroring Spanning Tree 3 Forwarding amp Fitering f op LLDP Global Settinc 2 LLDP Basic TLVS LLDP Dot3 TLVS St LLDP Local Port Bri LLDP Remote Port E 0 4 E E Monitoring E DACL lt i gt STACKING STATUS vv DGS 3100 Series Gigabit Stackable Managed Switch User Manual eoo0o0000 0000 oooooo venon nu BRR DADAS s 2 SS 22 9 2 aa Up Time 2 days E Cogged in as administrator admin 192 168 0 100 ooo gt Traffic Segmentation A SS O Traci Unit From Port To Port Notification Admin Status 01 w 01 y 48 y Disabled TXAndRX Subtype Action Address Enabled PotiD Notification Admin Status Subtype Address 1 Disabled TX And RX IPv4 10 90 90 90 2 Disabled TXAnd RX IPv4 10 90 90 90 3 Disabled TXAnd RX 4 Disabled TX And RX oo SS 2 Figure 0 29 LLDP Port Setting Page The LLDP Port Setting Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP port settings are defined From Port Defines the
216. e Read View Name Write View Name and Notify View Name fields 3 Select a security model from the Security Model list 4 Click PPY The SNMP groups are defined and the device is updated To delete a Group Name from the SNMP Group Table Page List 5 Select a Group Name 6 Click Delete 51 The Group Name is deleted and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Users The SNMP User Table Page enables assigning system users to SNMP groups and defining the user authentication method To assign system users 1 Click Configuration gt SNMP Settings gt SNMP User Table The SNMP User Table Page opens OO COCOON DGS 3100 48 E Configuration System Information gt Stacking Settings 3 Port Configuration S 3 User Accounts System Log Host E SNTP Settings Add User gt IP Address User Name ARP Settings F SNMP V3 Encryption None Auth Protocol by Password Group Name public Confirm Password o F SNMP Settings Auth Protocol by Key 5 Key Confirm SNMP View Table gt SNMP Group Table Eur User Tobe SNMP Community T SNMP Host Table SNMP Engine ID SNMP Trap Configu Y Jl gt Key Apply User Name Group Name SNMP Version Auth Protocol public STACKING STATUS test123 private Figure 0 145 SNMP User Table Page The SNMP User Table Page contains the follo
217. e days 51013 s Logged in as administrator admin 192 168 0 100 DGS 3100 48 El Configuration Cost Forwarding Eg 12 Features i From Port To Port Edge E Jumbo Frame O Auto E BPDU 3 802 10 VLAN vfo v 48 True Global v True y Enabled v gt GVRP Settings 7 z z gt gt Trunking gt Traffic Segmentation 3 LACP Port Settings E IGMP Snooping 4 AUTO 20000 Oe Global Disable aa Samay AUTO 20000 AUTO NES Enabled Disable Disable E Spanning Tree AUTO 20000 AUTONES Enabled Global Enable STP Bridge Global 1 AUTO 20000 IO NO AUTONES Enabled Enable Enable gt S AUTO 20000 AUTONES Enabled Global Disable MST Configuration AUTO 20000 AUTONES Enabled EnablelEnable gt MSTP Port Informat E AUTO 20000 E IO NC AUTO YES Enabled Global Enable G Forwarding amp Fitering Y E AUTO 20000 AUTONES Enabled Disable Disable lt gt A AUTO 20000 AUTONES Enabled Enable Enable STACKING STATUS E AUTO 20000 AUTO YES Enabled Enable Enable Al AUTO 20000 AUTONES Enabled Global Disable AUTO 20000 AUTONES Enabled Enable Enable AUTO 20000 AUTO YES Enabled Enable Enable AUTO 20000 AUTONES Enabled Disable Disable AUTO 20000 AUTO YES Enabled Global Enable AUTO 20000 AUTONES Enabled Global Disable P2P State Figure 0 21 STP Port Settings Page The STP Port Settings Page contains the following fields Field
218. e Confirm Local Enable Password field 5 The new local enable password is configured and the device is updated 168 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining ARP Spoofing Prevention Settings Classic Address Resolution Protocol ARP is a TCP IP protocol that translates IP addresses into MAC addresses ARP Spoofing Prevention eliminates man in the middle attacks where false ARP packets are inserted into the subnet ARP requests and responses are inspected and their MAC Address to IP Address binding is checked Packets with invalid ARP Spoofing Prevention Bindings are logged and dropped If the incoming packet s source IP address is not one of the gateways defined in the ARP Spoofing prevention database the packet is forwarded The Arp Spoofing Prevention Page provides parameters for enabling and setting global ARP Spoofing Prevention parameters as well as defining ARP Spoofing Prevention Log parameters Up to 240 entries can be defined To define ARP Spoofing Prevention 1 Click Security gt Arp Spoofing Prevention The Arp Spoofing Prevention Page opens Up Time 2 days 10 13 Logged in as administrator admin 192 168 0100 Marcas IP Address MAC Address E 5 saa Unit 01 y a Safeguard Engine Port Trusted Host gt Port Security Port 2 3 45 6 7 8 9 40 44 1251344 151146141 18 19 20 21 22 23 24 Guest VLAN Al m mj m m lll mj m mj m m mj a mj mj mj mj mj j mj a n E p 202
219. e Managed Switch User Manual 4 Click ABRI The Application Authentication settings are defined and the device is updated 162 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Authentication Server Hosts The Authentication Server is a remote device connected to the same network as the Client and Authenticator Users are authenticated using either RADIUS or TACACS and must be authenticated by the server before attaining network access To define the Authentication Server information 1 Click Security gt Access Authentication Control gt Authentication Server Host The Authentication Server Host Page opens Link 4 Building Networks for People o z MESS StackiD 1d DGS 3100 48 T B Configuration H 9L2 Features IP Address Port 1 65535 ce aos Protocol RADIUS y Timeout 1 30secs Tess ES 128 charact Retransmit 1 1 0times ERE 3 Safeguard Engine ii Max 1 28 characters B Trusted Host Priority First El 3 Port Security gt Guest VLAN 802 1 B SSL E ASSH A Access Authentication Cor Enable Method Lists gt Configure Local Enable D ARP Spoofing Prevention lonitoring ic 5 acl El E 4 STACKING STATUS Mi A gt I 10 1 1 15 10 1 1 16 Protocol Retransmit Priority RADIUS 24 10 12345 20 1 TACACS 3 5 67890 2 1 Delete Figure 5 12 Authentication Server Host Page The
220. e SNMP version 3 is assigned with an Auth Priv security level and traps of that level will be sent Community String SNMPv3 User Name Defines the community string or assigned to the SNMP V3 user 2 Define the Host IP Address field 3 Select the trap type in the SNMP Version field 4 Define the Community String SNMPv3 User Name field 5 Click PPY The SNMP Host Table is defined and the device is updated To delete a SNMP Host Table Page List entry 1 Select an entry 2 Click Delete The entry is deleted and the device is updated 56 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Engine ID The Engine ID is a unique identifier used for SNMP V3 implementations This is an alphanumeric string used to identify the SNMP engine on the switch To define the SNMP Engine ID 1 Click Configuration gt SNMP Settings gt SNMP Engine ID The SNMP Engine ID Page opens ecooo00000 0000000 eooo0000000000 Te nonn nunaa a Building Networks for People ae a ao E Hi Save N Tools Stack ID Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 Mati System Information IP Address gt Stacking Settings H Port Configuration Engine ID gt ARP Settings Re Use Default gt System Log Host Hl SNTP Settings E H SNMP Settings SNMP View Table gt SNMP Group Table gt SNMP User Table SNMP Community T NMP Host Table SNMP Trap Configu D
221. e address bar and press Enter The user interface provides access to various switch configuration and management windows allows you to view performance statistics and permits you to graphically monitor the system status The screen captures in this Guide represent the DGS 3100 48 48 port device The Web pages in the 24 port and the DGS 3100 24TG devices may vary slightly DGS 3100 Series Gigabit Stackable Managed Switch User Manual Understanding the D Link Embedded Web Interface The D Link Embedded Web Interface Device Information Page contains the following information View Description Tree View Displays the different system features and configuration options Zoom View Located at the top of the home page the port LED indicators provide a visual representation of the ports on the D Link front panel Menu Information View Located below the Zoom View displays Save Tool menu Stack ID and Logout buttons Also displays Up Time information and User Loggin Identification Device Information View Located in the main part of the home page the device view provides a view of the device an information or table area and configuration instructions Stacking Status View Located at the bottom left corner of the home page the stacking status view provides a graphic representation of the stacking links and ports status Table 0 1 Web Interface Views gt ou DGS 3100 48 E Configuration
222. e at which DST starts The field format is HH MM based on the 24 hour clock Military Time For example 9 00PM is configured as 21 00 To Month Defines the month of the year in which DST ends The field options are January December To Day Defines the date on which DST ends The field options are 1 31 To Time Defines the time at which DST ends The field format is HH MM based on the 24 hour clock Military Time For example 9 00PM is configured as 21 00 1 Select a daylight savings time source in the Daylight Saving Time State field 2 Define the fields Apply 3 Click Daylight Savings Time is configured and the device is updated 46 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring SNMP Simple Network Management Protocol SNMP provides a method for managing network devices The device supports the following SNMP versions e SNMP version 1 e SNMP version 2c e SNMP version 3 SNMP vl and v2c The SNMP agents maintain a list of variables used to manage the device The variables are defined in the Management Information Base MIB The SNMP agent defines the MIB specification format as well as the format used to access the information over the network Access rights to the SNMP agents are controlled by access strings SNMP v3 SNMP v3 applies access control and a new traps mechanism In addition User Security Model USM parameters are defined for SNMPv3 including Parame
223. e contains port utilization information for specific ports To view port statistics 1 Click Monitoring gt Port Utilization The Port Utilization Page opens Diink 999990000 oo Building Networks for People 3 Configuration H AL Features f aos Security 1 de l 3 Stacking Information CPU Utilization E gt Packet Size B Packets RADIUS Authentication 2 Browse ARP Table gt Browse MLD Router Pc gt Browse Router Port Browse Session Table 2 IGMP Snooping Group gt MLD Snooping Group MAC Address Table 3 System Log FAC Y i gt STACKING STATUS Utilization Unit 96 Time interval 1s v Record Number 1200 Show Hide IV Utilization Figure 0 3 Port Utilization Page The Port Utilization Page contains the following fields Field Description Unit Defines the unit number Port Defines the port number Utilization Displays current CPU utilization by percentage Time Interval Defines the 1 60 second time intervals in which the usage samples are taken as follows 1 2 3 4 5 10 20 30 40 50 60 Record Number Defines the record number Show Hide Displays the CPU utilization information The possible fields are Utilization checked Utilization information is enabled This is the default value Utilization unchecked Utilization information is disabled 2 Define the Unit Port Time Interval and Record Number fie
224. e of using cryptographic 192 keys AES256 Provide a block cipher that encrypts and decrypts digital information The AES256 algorithm is capable of using cryptographic 256 keys RC4 Supports a cipher with an up to 2048 bits key size All algorithms are enabled by default To enable SSH Algorithms 1 159 Click Security gt SSH gt SSH Algorithm Settings The SSH Algorithm Settings Page opens re a 2 E E g E E s Building Networks tor People DGS 3100 Series Gigabit Stackable Managed Switch User Manual o0o00000000 23456 363 310048 D A a Save Tools Y Stack ID X Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 JE DGS 3100 48 3 Configuration A L2 Features Hs p Security gt Safeguard Engine Trusted Host A Port Security Guest VLAN H 802 1X ASSL H H SSH SSH Configuration SSH Algorithm Settings Access Authentication Coi H Monitoring pact amp STACKING STATUB Public key O Enabled Disabled Public Key Algorithm Data Integrity Algorithm MD5 Encryption Algorithm 3DES 3DES CBC RC4 Figure 5 10 SSH Algorithm Settings Page The SSH Algorithm Settings Page contains the following fields Field Description Public key Indicates Publickey SSH User Authentication enabled on the device The possible field values are Enabled Enables Publickey SSH User Authentication on the d
225. e to stop sending traffic The Leave Timeout value is either user defined or an immediate leave value The default timeout is 10 seconds The field range is 0 16711450 seconds Host Timeout Defines the time the host waits to receive a message before timing out The default time is 260 seconds The field range is 60 16711450 seconds Router Timeout Defines the time the Multicast router waits to receive a message before it times out The default value is 300 seconds The field range is 1 16711450 seconds State Indicates if IGMP snooping is enabled on the VLAN The possible field values are Enable Enables IGMP Snooping on the VLAN Disable Disables IGMP Snooping on the VLAN Querier State Defines the IGMP Querier status on the VLAN The possible field values are Enabled Enables an IGMP Querier on the VLAN Disabled Disables an IGMP Querier on the VLAN Querier Version Defines the IGMP Querier version on the VLAN The possible field values are IGMPv2 and IGMPv3 Unit Defines the unit number Static Router Ports Defines the port numbers which can be added as static router ports Ports Indicates the units and allocated ports as static router ports Dynamic Router Ports Displays the port numbers which was learned as dynamic router ports Forbidden Router Ports Defines the ports to be added as forbidden router ports Ports Indicates the units and por
226. easured in increments of 10 minutes The stacking member running the longest is elected the Stack Master If they have been running for the same amount of time the stacking member with the Unit ID 1 is the stack Master If both stacking members have been running for the same amount of time and both stacking membes have the same Unit ID the stacking members with the lowest MAC addressis selected as the Stack Master The other unit is rebooted and is assigned the Unit ID 2 Ifthe stack contains one or more stacking members set to the factory default states and there is no Unit ID assigned to a stacking member then the Stack Master is one of these stacking members The stacking member selected to be the Master is the stacking member running for the longest time If all stacking members are running the same amount of time the stacking member with the lowest MAC address is selected as the Stack Master The Master Election results in an elected Stack Master The Stack master has a Unit ID of 1 and the Backup Master has a Unit ID of 2 if a Backup Master was included in the stack If a Master Enabled stacking member a Unit ID of 1 or 2 is added to a stack and powered on the newly added switch invokes Master Election process The Master Election process occurs even though the stack has an elected master However the newly added switch loses in the election process lower up time and joins the stack as a stacking member or Backup Master
227. eatures IGMP Global Setting Sere IGMP Snooping Enabled O Disabled 802 10 VLAN gt GVRP Settings Trunking gt Traffic Segmentation The VLAN Setting of IGMP snooping VLAN Leave Host Router Querier Static Router Multicast Entry LACP Port Setti VLAN ID 4 2 tat Q Stat Ee Name Timer Timeout Timeout ee uenier Sia version Ports Setting Table _ MLD Snooping Disabled Disabled IGMPv2 Port Mirroring Enabled Enabled IGMPv3 Edit View BSomnng Tree Disabled Disabled IGMPV2 Enabled Enabled IGMPv2 edt view spus Disabled Disabled IGMPV f Security Enabled Enabled IGMPv2 Edit View f Monitoring Disabled Disabled IGMPv3 Edit View ie Du Y Enabled Enabled IGMPv2 STAGKING STATUS z Disabled Disabled IGMPYG aa Enabled Enabled IGMPv2 Edit View Figure 0 15 IGMP Snooping Page The IGMP Snooping Page contains the following fields Field Description IGMP Snooping Enables or disables IGMP Snooping Bridge Multicast Filtering must first be enabled in order to enable IGMP Snooping The possible field values are Enabled Enables IGMP Snooping on the device Disabled Disables IGMP Snooping on the device This is the default value VLAN ID Specifies the VLAN ID VLAN Name Displays the user defined VLAN name Leave Timer Defines the time a host waits to receive a Join message from another station after requesting to leave the IGMP group prior
228. ecific manufacturer s MAC addresses to the OUI table Once the OUIs are added all traffic received on the Voice VLAN ports from the specific IP phone with a listed OUI is forwarded on the voice VLAN 1 Click L2 Features gt Voice VLAN gt OUI The OUI Setting Page opens 124 DGS 3100 Series Gigabit Stackable Managed Switch User Manual gt Fil s i Wa E 7 Diink 29290000000 c0000000000000000 o0000o0o0000 2 3 J 123 45 7 93 E 192212232325 a a mu D UI MAA Building Networks forPeopia 4 1 2 d o ae Bel Save Tools StackID Ey Up Time 1 days 0 59 14 Logged in as administrator 10 5 80 57 P Logout DGS 3100 48 wos Setting c l Configuration L2 Features Add OUI Entry Jumbo Frame oul 3 highest Octets Description Apply 2 802 10 VLAN B Asymmetric VLAN GVRP Settings OUI List a VLAN Trunking z Traffic Segmentation 00 01 83 siemens_phone____ Delete xl 00 03 6b Cisco_phone Delete 00 09 6e Avaya_phone Delete 00 0fe2 Huawei 3COM_phone Delete 00 60 b9 nec philips_phone Delete 00 d0 1e pingtel_phone Delete 00 80 75 veritel_phone Delete 00 e0 bb 3Com_phone Delete Figure 0 42 OUI Setting Page The OUI Setting Page contains the following fields Field Description OUI Defines the manufacturer s identifier which is the first three bytes of the MAC address for the devices
229. ecurity gt 802 10 VLAN Asymmetric VLAN 01 01 y 01 Disabled y Disabled Apply gt GVRP Settings Trunking VLAN Trunking arar ro 11 Disabled Disabled IGMP Snooping 1 MLD Snooping 1 2 Disabled Disabled E Port Mirroring 1 3 Disabled Disabled El Spanning Tree 1 4 Disabled Disabled H Forwarding amp Filtering i 1 5 Disab ed Disabled LLP 1 6 Disabled Disabled EH Voice VLAN 17 Disabled Disabled Global Settings 18 Disabled Disabled a ee of 49 Disabled Disabled 4 4 10 Disabled Disabled a Disabled _Disabled ES 1 12 Disabled Disabled r 8 Be ee 143 Disabled Disabled E Be gE es eee m Seg E x isabled Disabled AAA 1 16 Disabled Disabled H E sss sess s y Micahlad Nicahled I ix Figure 0 41 Voice VLAN Port Setting Page The Voice VLAN Port Setting Page contains the following fields 123 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Unit Defines the stacking member for which the Voice VLAN parameters are displayed From Port Defines from which port number bandwidth settings are displayed To Port Defines to which port number bandwidth settings are displayed Mode Defines the Voice VLAN mode The possible field values are e Disabled Disables the selected port on the Voice VLAN e Auto Indicates that if traffic with an IP Phone MAC address is transmitte
230. ed 194 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Cable Diagnostics The Cable Diagnostics Page contains fields for performing tests on copper cables Cable testing provides information about where errors occurred in the cable the last time a cable test was performed and the type of cable error which occurred The tests use Time Domain Reflectometry TDR technology to test the quality and characteristics of a copper cable attached to a port Cables up to 140 meters long can be tested Cables are tested when the ports are in the down state with the exception of the Approximated Cable Length test The cable length returned is an approximation in the ranges of less than 50 meters 50m 80m or 80m 100m The deviation may be up to 20 meters To run the Cable Diagnostics 1 Click Monitoring gt Cable ena The Cable Diagnostics opens 000 9999999 0 90 0 9 90 0 0 oo nn us ao reaus Ows on PPP eee Fee SERVE m 0 Xx Tools 7 StackID Monitoring gt Stacking Information CPU Utilization Unit 01 v From Port 01 ToPort 01 2 Port Utilization ai x Apply gt Packet Size E Packets Test Result Cable Fault Distance Last Update Cable Length gt RADIUS Authentication gt Browse ARP Table gt Browse MLD Router Pc Browse Router Port gt Browse Session Table IGMP Snooping Group MLD Snooping Group MAC Address Table System Log Green Ethernet De
231. ed GVRP is enabled on all the ports Users can still disable the GVRP state on a per port basis 81 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Trunking The Trunking Configuration Page contains information for assigning ports to LAGs and defining LAG parameters Load Balancing Traffic forwarded to the trunk interface LAG is load balanced across the physical links thus achieving an effective bandwidth close to the aggregate bandwidth of each of the port members of the trunk group LAG Traffic load balancing over trunk groups is managed by a hash based distribution function that distributes Unicast traffic based on Layer 2 or Layer 3 packet header information Multicast traffic always uses a single unique LAG member The information used for the trunk is as follows e Layer 2 MAC source and destination addresses e Layer 3 IP source and destination addresses Layer 2 and layer 3 can be used either separately or together as needed A hash function based on the above criteria is calculated and saved in the packet descriptor The egress process uses this hash function to select the specific trunk group member as the egress destination link The hash algorithm ensures that the order of packets within a specific flow is preserved To assign ports to LAGs 1 Click L2 Features gt mies The Trunking ee Manas Page opens 009000909999999 9999999909 2 2 9 0 caa o 4 o ooo 2 E pik 4 7 012 7 gt 40 4
232. eecseeeneceneeeeeeseesseesseceaecaecaecssecsaecaeeeaeeeseeeeeenseeeeenaees 178 Viewing RADIUS Authenticated Session Statistics cccccccscccssessseesceesceesceeceecesecsecaecaaecaaecaeseaeeeseeeeeseeeseeneseeeseenaees 180 Viewing ARP Tableioiiiin A dead it 181 Viewing MED Router Ports odos date odo dis ds E do on aioe 182 Viewing Router Port sii a as E E 183 Viewing Session Table iii ion od rae tie ARRAN oe ohh RAH A RA Rae at Renee 184 Viewing IGMP Group Information ccceccceeccesscesccesecssecscecseeeseeesecsaeeseceseensecnsecaeceaecaaecaaecaeecaeeeaeeeseseeeeeeesreneseeeneensees 185 Viewing MED Group Information sesc0s ccecte ahd e arch niin wha ea cian AA Ahsan nadneties 186 Defining Dynamic and Static MAC Addresses ccsccesesssessseeseeeseeeseeecesecesecsecaecnaeceaecaaecaaecaeeeaeeeseseeteeeesreneeseseneenaees 187 Viewing System LO Gis ses A e AE de e Doc 189 Green Ethemet impis easiest nila eatin ae ee ene eee del ee eee O 190 Device Environment ise i ate iscsi ih iecds aeons tic 191 O O NO ROS 192 Cable DIAS td solos 195 MANAGING POWER OVER ETHERNET DEVICEG 2 ccccceseesseeeeeeeeeeeeeeeseeeeeeeeeeeeseeaseaneeseeeseaeesseaeeeseeeeneees 197 Defining PoE Port Information a aa OE aar EREA Ee aa E ETER 198 Configuring RoE Systemi Settings A A Ae RA A A ee 200 DEFINING ACCESS PROFILE LISTS asec cccccsecstecicecctccstesatecceccececaseesecedeceteeconsasuedaceesenchaessvequccesaedanssazeecheecenectns 201 Methods for
233. efined Start Time HH MM Specifies the time at which the time based feature is enabled The field format is HH MM The possible field values are e HH 00 23 hours in military format e MM 00 59 minutes End Time HH MM Specifies the time at which the time based feature is disabled The field format is HH MM The possible field values are e HH 00 23 hours in military format e MM 00 59 minutes Weekdays Specifies the weekdays for which the time range applies Select All Days Specifies that the time range is applied daily 2 Define the Range Name Start Time and End Time fields 3 To define the applicable days check the specific Weekdays or check Select All Days 4 Click Apply The Time Range is defined To delete a Time Range entry 1 Select the entry 2 Click Delete A confirmation window is displayed 3 Click A The entry is deleted To view or modify Time Range settings 66 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 4 Click Edit The Time e Range Edit di Time Range Edit Page opens D Link a a ka oe i a NS A 4 Tools 7 Stack ID gt ess e 5 08 Logged n as administrator 10 a 2 GS 3100 48 E y organos a System Information me Range WE P Agote RangeName Mondays Stacking Settings 5 Ss H Ti v Lares Hours HH MM Start Time 00 End Time ARP Settings Weekdays Y Mon O Tue O wed O Thu O Fri O sat O Sun O Select All Days Apply
234. eived version received a Version 2 query SYSLG8 51 11 Warning 2 query msg message BIGMPP _ indication warning Unknown value Unknown frame type value of frame type received for received for IGMP igmp snooping 1 d snooping The specified igmp control frames IGMP control frames are dropped from the last dropped from the last SYSLG8 51 39 Warning warning warning IGMP Snooping in Version IGMP Snooping version received leave received a Version 2 leave SYSLG8 51 5 Warning v2 msg message IGMP Snooping in Version IGMP Snooping version received version received a Version 2 query SYSLG8 51 6 Warning 2 query msg message IGMP Snooping in Version IGMP Snooping version received version received a Version 3 query SYSLG8 51 7 Warning 3 query msg message IGMP Snooping in Version 2 IGMP Snooping version 2 received version received a Version 3 query SYSLG8 51 8 Warning 3 query msg message IGMP Snooping in Version 2 IGMP Snooping version 2 received version received a Version query SYSLG8 51 9 Warning 1 query msg message 264 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID SEVERITY CATEGORY MESSAGE SYSLG8 52 10 Warning DESCRIPTION Port Lock action on Mac Port Lock action on the Port Security Table has ended MAC Table has ended Bridge forwarding table The bridge forwarding table SYSLG8 52 2 Warning FDB overflow is full BRMNP_nttb_hash_set_e ntry Hash Insert
235. elected in the Unit field To Port Defines the port number to which ports the configuration will apply This field appears only if a unit number is selected in the Unit field To LAG Defines the LAG number to which the port configuration will apply This field appears only if LAG is selected in the Unit field State Defines whether the interface interface is currently operational or non operational The possible field values are 33 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Enabled Indicates that the interface is currently receiving and transmitting traffic Disabled Indicates that the interface is currently not receiving and not transmitting traffic This is the default value Speed Defines the configured rate for the interface The port rate determines what speed setting options are available The possible field values are 10M Full Indicates the interface is currently operating at 10 Mbps and full duplex mode 10M Half Indicates the interface is currently operating at 10 Mbps and half duplex mode 100M Full Indicates the interface is currently operating at 100 Mbps and full duplex mode 100M Half Indicates the interface is currently operating at 100 Mbps and half duplex mode 1000M Full Indicates the interface is currently operating at 1000 Mbps and full duplex mode Auto Indicates the interface is automatically configured to the fastest network traffic the
236. entication Cor a Application Authenticat gt Authentication Server gt Login Method Lists Enable Method Lists 3 Configure Local Enable E B ARP Spoofing Prevention monitoring ce HACI Doo E Figure 5 11 Application Authentication Settings Page The Application Authentication Settings Page contains the following fields Field Description Application Indicates the authentication application for which the Login Method or Enable Method lists are defined The possible field values are Console Indicates that Authentication profiles are used to authenticate console users Telnet Indicates that Authentication profiles are used to authenticate Telnet users Secure Telnet SSH Indicates that Authentication profiles are used to authenticate Secure Shell SSH users SSH provides clients secure and encrypted remote connections to a device Login Method List Defines the method used by the application to authenticate normal login http_method list and https method list are fixed method names for http and https respectively Enable Method List Defines the method used by the application to enable a normal login 2 Select the login method for the Console Telnet and Secure Telnet SSH from the list under Login Method List 3 Select the enable method for the Console Telnet and Secure Telnet SSH from the list under Enable Method List 161 DGS 3100 Series Gigabit Stackabl
237. er 2 d IfIndex 1 d is now auto negotiation enable IfIndex 1 d is configured with auto Activating non guarantee specified services with ignored egress interfaces Drop profile in specified host parameter is bigger than the ASIC maximum specified number The specified IfIndex is now auto negotiation enabled The specified IfIndex is configured with auto 258 DGS 3100 Series Gigabit Stackable Managed Switch User Manual MID SEVERITY CATEGORY SYSLG5 3 7 Warning Interface SYSLGS5 3 8 Interface SYSLGS5 3 9 Interface SYSLG6 2 0 Power svs c70a Waning svsicn0s wamm svsroros wamm sysicr07 wamm SYSLG7 0 8 SYSLG7 10 9 Security SYSLG7 14 107 SNMP 259 MESSAGE DESCRIPTION negotiation enable negotiation enabled Committing BW on egress interface 1 d more than 2 d percentages of interface speed Interface 1 d changes to half duplex mode some committed services can t be fulfilled Interface 1 d changes to higher speed rate Current speed in Kbit 2 d Port 1 lu Down Power Supply 1 d is down 1 s 2 s 1 s 2 s 1 s 2 s 1 s 2 s 1 s 2 s 1 s 2 s 1 s 2 s 1 s 2 s 1 s 2 s failed to allocate rules in Asic for ifIndex 1 d failed to add 1 d rules to the Asic on ifIndex 2 d Port 1 j is unAuthorized MAC 1 m was rejected on port 2 j LLDP 1 s Warning Deleting Mngmnt address entr
238. er Guide Overview Intended Audience Notes Notices and Cautions Safety Cautions General Precautions for Rack Mountable Products DGS 3100 Series Gigabit Stackable Managed Switch User Manual System Overview The DGS 3100 series and the DGS 3100 24TG Gigabit Ethernet Switches enhance networks by providing a powerful switch that eliminates network bottlenecks enabling network administrators to fine tune network configurations The DGS 3100 series and the DGS 3100 24TG are perfect for departmental and enterprise connections and are ideal for backbone and server connections DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing the Device The devices described in this section are stackable Gigabit Ethernet Managed Switches Device management is performed using an Embedded Web Server EWS or through a Command Line Interface CLI The device configuration is performed via an RS 232 interface This section contains descriptions for the following e DGS 3100 series Front Panel e DGS 3100 24TG Front Panel DGS 3100 Series Front Panel The DGS 3100 series provides 24 48 high performance 1000BASE T ports The 1000Base T ports operate at 10 100 1000 and connect to backbones end stations and servers The DGS 3100 series also provides 4 Mini GBIC SFP combo ports which connect fiber optic media to switches servers or network backbone The DGS 3100 series provides an additional RS 232 port console port for managing the swit
239. er needs to configure a Radius Server that will hold the MAC Authentication database This should be done via click Security gt 802 1X gt Authentic RADIUS Server page according to the example below D Link Building Networks toz People 2 DGS 3100 48 P Configuration A L2 Features f aos B f Security Safeguard Engine gt Trusted Host gt Port Security Guest VLAN 2 802 1X 802 1X Setting gt Authentic RADIUS Forwarding EAP B SSL SSH Access Authentication E Monitoring H a ACL lt n STACKING STATUS Up Time 2 days 5 10 13 Logged in as administrator admin Succession RADIUS Server Authentic Port Accounting Port Key Confirm Key Apply RADIUS Server List Succession First Second Third Auth UDP Port Acct UDP Port 1812 1813 1812 1813 1812 1813 RADIUS Server 1 23 4 2 3 4 5 3 4 5 6 Edit J Delete _ 4 Click Security gt 802 1X gt 802 1X Setting page first 802 1x should be enabled globally and in the port level 802 1x Control should be configured as ForceAuthorized e Dik 99900000900000900 2 0000o Building Networks toz People 10 112 19 4 15 as pas Ml al ol ollo lo o o cla oe O Casse ons oe EREEREER Ferry Serran re ji EG 2 DGS 3100 48 Ef Configuration Up Time 2 days 5 10 13 4 Logged in as administrator admin
240. ers have the same Unit ID 7 Reboot all the stack units Adding Stacking Members to an Existing Manually Ordered Stack To add units to an existing manually ordered stack 1 Reset the new stacking units to the factory defaults by pressing the Reset button 2 Connect the stacking members physically to the stack 3 Turn on the switches the new units become stacking members but with automatically assigned Unit IDs 4 Reassign the Unit ID manually to each of the newly added stacking members using a Stack Management Interfaces either the console port Telnet or Embedded Web Interface This step is optional and the stack is operational even if some unit IDs were manually configured while others are self assigned 5 Reboot the stacking members to ensure the Unit ID is permanent Stack Management Examples This section contains information for troubleshooting stacking and includes the following topics e Replacing Failed Stacking Members in a Running Stack e Replacing a Failed Stack Master e Dividing Stacks e Merging Stacks e Stacking Cable Failure e Inserting Excess Stacking Members Replacing Failed Stacking Members in a Running Stack This example assumes that a stacking member other than master has failed in a running stack when the system administrator is notified of the system failure the stacking member is removed and replaced with a new switch When the stacking member fails the Stack Master identifies the failed stacking membe
241. erted into the stack as in Replacing Failed Stacking Members in a Running Stack The Stack Master either connects stacking members to the stack using thecurrent Unit Ids or reallocates the Unit IDs necessary For more information see Replacing Failed Stacking Members in a Running Stack If two stacks are merged into one stack both stack configuration cannot be to maintained All stacking member s dynamic information that belong to the portion of the stack that was not reelected is lost and the new Stack Master relearns the information Stacking Cable Failure This example assumes that Stacking Connection Cables failed and caused the stack to split as described in Dividing Stacks When the stacking cable connection is fixed and stacking members are reconnected it results in merging two stacks as described in Merging Stacks This can be occured only if the topology of the stack is Chain topology Single stacking cable failure does not causes a stack split if a Ring topology is used Inserting Excess Stacking Members This example assumes that the user attempts to insert too many stacking members into s into a stack e All stacking members existing and newly inserted are powered on at the same time A Stack Master is elected following Master Discovery and Master Election processes All excess stacking members are shutdown 30 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 31 A running stacking member group is added t
242. es Packets addressed to destinations stored in either the Static or Dynamic databases are immediately forwarded to the port The MAC Address Table Page can be sorted by interface VLAN or MAC Address whereas MAC addresses are dynamically learned as packets from sources that arrive at the device Static addresses are configured manually An address becomes associated with a port by learning the port from the frame s source address however if a frame addressed to a destination MAC address is not associated with a port that frame is flooded to all relevant VLAN ports To prevent the Bridging table from overflowing a dynamic MAC address from which no traffic arrives for a set period is erased To prevent static MAC addresses from being deleted when the device is reset ensure that the port attached to the MAC address is locked 1 Click Monitoring gt MAC Address Table The MAC Address Table Page opens PATO A VAR e H Security Monitoring Stacking Information CPU Utilization i gt Port utilization gt Packet Size VLAN Name El Packets Received RX 2 UMB_cast RX MAC Address gt Transmitted TX RADIUS Authentication _ Clear Static Entries Clear Dynamic Entries View All Entry Clear All Entry gt Browse ARP Table Browse MLD Router Pc Browse Router Port Total Entries 256 gt Browse Session Table MAC Address Table IB ICMP Snooping Group VID VLANName MAC Address gt MLD Snooping Group de
243. ess field and click Apply 141 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Port Security Network security can be increased by limiting access on a specific port only to users with specific MAC addresses The MAC addresses can be dynamically learned or statically configured Locked port security monitors both received and learned packets that are received on specific ports Access to the locked port is limited to users with specific MAC addresses These addresses are either manually defined on the port or learned on that port up to the point when it is locked When a packet is received on a locked port and the packet source MAC address is not tied to that port either it was learned on a different port or it is unknown to the system the protection mechanism is invoked and can provide various options Unauthorized packets arriving at a locked port are either e Discarded with no trap e Discarded with a trap Locked port security also enables storing a list of MAC addresses in the configuration file The MAC address list can be restored after the device has been reset To define port security 1 Click er gt Port Security The Port Security Page opens Dimo 909990009999099 oo0o0000000 bse eoo0000 S00 MERA AS o LA s 9 10 H 12 13 14 15 37 18 19 20 21 22 23 24 26 28 29 W 31 32 MFN 34 3 38 39 40 41 D Link f cl li o e ie Perr Ty ME AEB PE PPD E Building Networks for People Up Time 2 days 5 10 13 L
244. et is enabled Jumbo Frame Indicates if Jumbo Frames are enabled on the device and provides a shortcut to viewing the Jumbo Frames settings BPDU Forwarding Indicates if BPDU Forwarding is enabled on the device and provides a shortcut to viewing the BPDU Forwarding settings IGMP Snooping Indicates if IGMP Snooping is enabled on the device and provides a shortcut to viewing the IGMP Snooping settings MLD Snooping Indicates if MLD Snooping is enabled on the device and provides a shortcut to viewing the MLD Snooping settings Broadcast Storm Control Indicates if Broadcast Storm Control is enabled on the device and provides a shortcut to viewing the Broadcast Storm Control settings 802 1X Status Indicates if 802 1X is enabled on the device and provides a shortcut to viewing the 802 1X settings SSH Indicates if Secure Shell Protocol SSH is enabled on the device and provides a shortcut to viewing the SSH settings Port Mirroring Indicates if Port Mirroring is enabled To view settings for a device feature 1 Select a device feature under the Device Status and Quick Configuration Section 2 Click setting next to the feature name The configuration page for the selected device feature opens 18 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining System Information The System Information Page provides device information about specific stacking members To v
245. evice Disable Disables Publickey SSH User Authentication on the device Disable is the default value Public Key Algorithm Displays the currently enabled Public Key Algorithms Data Integrity Algorithm Displays the currently enabled Data Integrity Algorithms Encryption Algorithm Displays the currently enabled Encryption Algorithms 2 Enable or disable the public key status in the Public key field 3 Click PPY The Publickey SSH User Authentication setting is defined and the device is updated 160 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Application Authentication Settings Application Authentication permits network administrators to assign authentication methods for user authentication For example console users can be authenticated by Authentication List 1 while Telnet users are authenticated by Authentication List 2 1 Click Security gt Access Authentication Control gt Application Authentication Settings The Application Authentication Settings Page opens Tools StackID 1 DGS 3100 48 Applica Configuration El L2 Features H Q0S Ef Security Application Login Method List Enable Methad List Safeguard Engine Console default default E Trusted Host Telnet default y default Pa A Port Security Guest VLAN SSH default y default v 02 1 HTTP http_method_list SSL HTTPS https_method_list SSH ABE Ef Access Auth
246. evice is rboot New Stack ID after Defines the unit ID assigned to the Stacking Member after the device rboot reset Select the Stacking Master in the Stacking Master field 3 Select a Unit ID in the New Stack ID after reboot field 4 Click Apply If force master was selected then current master will be rebooted If unit ID was change then the changes will be applied and occurd after the reboot 32 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Ports e Configuring Port Properties e Viewing Port Properties Configuring Port Properties The Port Setting Page contains parameters for configuring port or LAG properties Gigabit ports operate in full duplex mode only and take on certain characteristics that are different from the other choices listed The copper ports also support auto MDI MDIX for cross over cables To define port parameters 1 Click Configuration gt Port Configuration gt Port Setting The Port Setting Page opens D Link Building Networks for People 99900999999 oo O12 9 4 5 98 Save Tools 7 i Stack ID E Up Time 2 days 5 10 17 MESE ER 192 168 0 1 DGS 3100 48 2 42 Configuration System Information gt IP Address gt Stacking Settings Port Configuration 2 Port Description gt ARP Settings User Accounts gt System Log Host A SNTP Settings f SNMP Settings 33 DHCP Auto Configuratic Dual Image Services gt Telnet Setting
247. fault 00 00 00 00 00 01 rn default 00 00 00 00 00 FE act default 00 00 0C 07 AC 01 lt i default 00 00 21 12 13 F5 STACKING STATUS default 00 02 03 2F 12 34 default 00 02 B3 1C 50 85 default 00 02 B3 CA 5D EB default 00 03 2F 25 7E DD default 00 03 2F 2E 98 66 default 00 00 00 00 00 02 2 Type Dynamic Dynamic Dynamic Dynamic Dynamic Dynamic Static Dynamic Dynamic Dynamic a v CONAN FWH AAA a pos o Figure 6 15 MAC Address Table Page The MAC Address Table Page contains the following fields Field Description Unit Displays the Stacking member Unit 1 for which the MAC address parameters are displayed Port Defines the port for which the MAC address parameters are displayed VLAN Name Defines the VLAN for which the MAC address parameters are displayed MAC Address Displays the MAC address assigned to the port or VLAN VID Displays the VLAN ID to which the MAC address is assigned Type Indicates how the MAC was assigned The possible values are Dynamic Indicates that the MAC address is dynamically created Static Indicates the MAC address is a static IP address 2 Select the Stacking member in the Unit field 3 Define the Port VLAN Name and MAC Address fields 187 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Click Mind To view all entries click View All Entry i To clear static entries click Clear Static Entries
248. fields Click Apply The ARP settings are saved and the device is updated 36 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring User Accounts User accounts including user passwords and access rights are defined on the User Accounts Page To define user account information 1 Click Configuration gt User Accounts The User Accounts Page opens D Link Building Networks tor Peopla DGS 3100 48 Ef Configuration System Information gt IP Address gt Stacking Settings f Port Configuration ARP Settings gt gt System Log Host E SNTP Settings E G SNMP Settings 3 DHCP Relay 3 DHCP Auto Configuration Firmware Information gt Telnet Setting L2 Features pos Security f Monitoring aci i a STACKING STATUS a ITH Ff asm GHA EA na T i rit oles pl Per TTT TT ARA ys 2 80 2 oO 4 eee ta ballad Up Time 1d Logged in as administrator 10 5 80 34 P Logout User Accounts Add User Accounts User Name el New Password Access Right Admin Confirm New Password Apply Note Password User Name should be up to 15 characters User List User Name admin Access Right Admin Confirm Password Edit Note lf you only want to edit the account name or access right without modify the original password please keep the password column in blank when editing Delete Figure 0 8 User Accounts Page
249. first port in a consecutive sequence of ports To Port Defines last port in a consecutive sequence of ports Notification Specifies whether notification is sent when an LLDP topology change occurs on the port The possible field values are Enabled Enables LLDP notification on the port Disabled Disables LLDP notification on the port This is the default Admin Status Specifies the LLDP transmission mode on the port The possible field values are TX Enables transmitting LLDP packets only RX Enables receiving LLDP packets only TX and RX Enables transmitting and receiving LLDP packets This is the default Disabled Disables LLDP on the port Subtype Defines the address subtype For example Always IPv4 Action Specifies whether the management address is advertised from the port The possible field values are Enabled Enables advertisement from the port This is the default Disabled Disables advertisement from the port Address Defines the management address advertised from the interface It is always the Switch s management address 2 Define the Unit From Port To Port Notification Admin Status Subtype Action and Address fields 3 Click Apply The LLDP port settings are defined and the device is updated 112 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining LLDP Basic TLV Settings The LLDP Basic TLVS Setti
250. for backup When a software download is successfully completed the new image automatically becomes the active image after the reboot The user can also manually configure the other file to be the bootup image instead In a stacked system the user can define the bootup image file for every unit in the stack When the user is downloading a new image it will always be downloaded to the location of the non active image It means that if image is the currently active image the new firmware will be always downloaded as image2 The user can also delete an image however only the non active image can be deleted The Firmware Information Page contains information about the image files stored for the device or in case of a stacked system for all devices in the stack To view the list of device images e Click Configuration gt Dual Image Services gt Firmware eo The Fi irmware Information Page opens FA e Dims 992929222222 am 2999999999999999 000000000000000 2 12345 67 0 9 10 1 1293 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 35 37 41 42 Dlink A AAA EEE Building Networks for People Sp oreen al ri Ty y y EES eS BAe IE Lara 4 id C Tools STAN Ei Up Time2 days 51013 amp Logged in as administrator aamin 102 160 0100 MB DGS 3100 48 E H Configuration System Information IP Address Unit ds Image Version
251. g Multicast Filtering Mode LLDP MAC PHY Configuration Status LLDP Global Setting Auto Negotiation Support Supported oe Auto Negotiation Enable Enabled LLDP Basic TLVS Settir Auto Negotiation Advertised Capability 1000BASE T full duplex mode LLOP Dot3 TLVS Settin Auto Negotiation Operational MAU Type Unknown DP Local Port Brief 2 LLDP Remote Port Brief Ef QoS gt Bandwidth Control Traffic Control gt 802 1p Default Priority gt 802 1p User Priority lt i gt STACKING STATUS eas a AAA LERA PP ro o o Figure 0 34 LLDP Local Misc Detail Information Page 116 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The LLDP Local Misc Detail Information Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP local detail information is displayed Port Indicates the port number Auto Negotiation Support Indicates the port speed auto negotiation support status Auto Negotiation Enable Indicates the port speed auto negotiation active status Auto Negotiation Advertised Capability Displays the port speed auto negotiation advertised capability For example 1000BASE T full duplex mode Auto Negotiation Operational MAU Type Displays the Medium Attachment Unit MAU type The MAU performs physical layer functions including digital data conversion from the Ethernet interfaces collision detectio
252. g LACP LAGs 1 Click L2 features gt LACP Port ec The LACP Port Settings Page opens oooooo 29999 9099999999009099 9 22999999 7 9 0 SPURDMHHRUADRUNR 23993 3 999 D Link 748 x gt s gt qE_ _ EE A A A A A S ys 3 a gg S j gt g E H Configuration L2 Features Unit From Port To Port Port Priority 1 65535 LACP Timeout TA o C C 4 asec w Car 802 10 VLAN kaz ia AH sss gt GVRP Settings gt Trunking gt Traffic Segmentation 2 gt IGMP Snooping LACP Timeout 141 1 3sec 1 2 23 3sec 2 MLD Snooping 1 3 94 3sec Port Mirroring 1 4 44 3sec H Spanning Tree 4 5 1 90sec js Forwarding amp Filtering 4 6 5660 90sec LLDP 17 1 3sec A H Qos 1 8 1 90sec 2 Security 1 9 1 3sec E Monitoring 4 10 187 90sec H E ACL w 1 11 65535 90sec STACKING STATUS 1 12 1 3sec 1 13 1 3sec 1 14 1 3sec 1 15 8887 90sec 1 16 23 90sec 1 17 1 3sec 4 40 4 Dear Figure 0 14 LACP Port Settings Page The LACP Port Settings Page contains the following fields Field Description Unit Defines the stacking member s Unit ID for which LACP parameters are displayed From Port Defines the first port number that is displayed to which timeout and priority values are assigned To Port Defines the last port number that is displayed to which timeout and priority values are assigned Port Priority 1 65535 Displays the LACP priority value for the port The f
253. g SNMP DHCP Relay DHCP Local Relay DHCP Auto Configuration Dual Image Services Telnet Setting Defining Time Ranges Serial Port Settings 16 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Device Information The Device Information Page contains parameters for configuring general device information including the system name location and contact the system MAC Address System Up Time and MAC addresses and both software boot and hardware versions In addition the Device Information Page provides shortcuts to device feature pages To define the general system information e Click DGS 3100 xx in the Tree View The Device Information Pa ge opens r Z ES E Building Networks for Peoplg HERA Up Time 1 days 02314 Logged in as administrator 10 5 6057 A Logout E Configuration ak Device Information 5 SE Device Type DGS 3100 48 ST H Security System Contact E Monitoring System Name DGS 3100 MAC Address 00 11 03 09 18 46 PoE System Location IP Address 10 5 234 250 E fBaci Firmware Version 3 60 21 Subnet Mask 255 255 255 0 Hardware Version 01 Default Gateway 10 5 234 254 Serial Number F3DU286000001 unit 1 Login Timeout minutes 10 System Time 02 01 2000 System Up Time 1 days 0 hours 21 mins 5 seconds Bootversion 1 0 1 05 Device Status and Quick Configurations Time Source System Clock setting Jumbo Frame Disabled setting 802 1D Spanning Tree Disabled setting BPDU Forw
254. ghput and significantly reduce the CPU utilization of large file transfers like large multimedia files or large data files by enabling more efficient larger payloads per packet The Jumbo Frame Page allows network managers to enable Jumbo Frames on the device 1 Click L2 Features gt Jumbo Frame The Jumbo Frame Page opens Sita WA o0o00000000000000 Dlink 73 s e7 s9 wnuro i is i mi cc Mila llo lo ie ie i ol O Casse ors m E Fever SS id Building Networks tor People H Save Tools Y Stack ID X Up Time 2 days E Logged in as administrator admin 192 168 0 100 BA Logout 0GS 3100 48 E 3 Configuration 4 L2 Features A JumboFrame OEnabled Disabled A 802 10 VLAN gt GVRP Settings gt Trunking Note This configuration will take place after next reboot The maximum size of jumbo frame is 10K bytes gt Traffic Segmentation 3 LACP Port Settings IGMP Snooping gt MLD Snooping 3 Port Mirroring Spanning Tree Forwarding amp Fitering op EH Qos H B Security f Monitoring ACL STACKING STATUB Figure 0 1 Jumbo Frame Page The Jumbo Frame Page contains the following field Field Description Jumbo Frame Defines whether Jumbo Frames are enabled on the device The possible field values are Enabled Enables Jumbo Frames on the device Disabled Disables Jumbo Frames on the device This is the default value 2 Select Enable in the Jumbo Frames field Jumb
255. guration or Disabled to turn it off Disabled is the default 3 Click APP The DHCP automatic configuration update is modified and the device is updated 62 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Dual Image Services The device contains two software images in its flash memory one is for reboot and the other one is for backup When a software download is successfully completed the new image automatically becomes the new reboot file unless the user manually configures the other file to be active In a stacked system the user can define the active image file for every unit in the stack When the user is downloading a new image it will always be downloaded to the location of the second image It means that if image is the currently running image the new firmware will be always downloaded as image 2 nothing else will happened untill the next reboot By default the newly downloaded image will be marked as the next image which will run after the reboot However the user can identify the next image which will run after reboot by viewing the page Dual Image Services Firmware Information and change the next image that will run after reboot if user config the page Dual Image Services Config Firmware Image This feature includes two screens e Firmware InformationConfig Firmware Image Firmware Information The device contains two software images in its flash memory one is for bootup and the other one is
256. h the system time is retrieved SNTP Poll Interval in Seconds Defines the interval in seconds at which the SNTP server is polled for Unicast information The range is 60 86400 seconds The Poll Interval default is 1024 seconds Set Current Time Field Description Time Setting Defines the current system date The field format is Day Month Y ear Time in HH MM SS Defines the current system time The field format is HH MM SS based on the 24 hour 42 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description clock Military Time For example 9 00PM is configured as 21 00 00 2 Select a time source in the Time Source field 3 Define the fields 4 Click Apply The SNTP settings are defied and the device is updated Configuring Daylight Savings Time The TimeZone Settings Page contains fields for defining system time parameters for both the local hardware clock and the external SNTP clock If the system time is kept using an external SNTP clock and the external SNTP clock fails the system time reverts to the local hardware clock Daylight saving times can be enabled on the device The following is a list of daylight savings start and end times in specific countries 43 Albania From the last weekend of March until the last weekend of October Australia From the end of October until the end of March Australia Tasmania From the beginning of October
257. he 4 byte value of the SEVERITY CATEGORY ID SYSLG8 10 9 Warning SYSLG8 100 11 Warning SYSLG8 109 1 Warning SYSLG8 16 25 Warning FDB gt gt gt SYSLG8 31 42 Warning SYSLG8 31 44 Warning z DGS 3100 Series Gigabit Stackable Managed Switch User Manual MESSAGE illegal magic cookie 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x must be 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x DHCP client received illegal magic cookie 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x must be 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x DHCP snooping received illegal magic cookie 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x must be 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x DESCRIPTION received cookie must match the 4 byte value of the legal cookie The 4 byte value of the received cookie must match the 4 byte value of the legal cookie The 4 byte value of the received cookie must match the 4 byte value of the legal cookie rae Unexpected PDU code Cannot create a user Received unsupported authentication REPLY msg status 1 u server msg 2 s Unsupported arguments for adding received in authorization RESPONSE msg 1 s Unsupported arguments for replacement received in authorization RESPONSE msg 1 s Received unsupported authentication RESPONSE msg status 1 u New 1 s connection for user 2 s source 5 s 3 y destination 5 s 4 y REJECTED User 1 s
258. he Master Election process and if no Stack Master is present the stacking members network ports are shut down Only the stacking ports are operational Both the Stack Master and all other stacking members carry out a continuous process of Master Discovery by frequently exchanging stack control messages This allows the stacking members to discover when a stacking member fails or is unreachable 23 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Allocating Unit IDs Resolving Unit ID Conflicts Once the Stack Master is elected it allocates the Unit IDs to the stacking members that do not have a Unit ID Stacking members that do not have a Unit ID operate in the Factory Default mode In addition the stack Master attempts to resolve all duplicate Unit IDs occurrences among stacking members The Stack Master reallocates the duplicate Unit ID if there are available Unit IDs If two stacks are merged stacking units that were initially in the Stack Master s sub group retain their Unit ID New stacking member are allocated new Unit IDs If a conflict occurs after the stacking members are rebooted the following occurs e If both duplicate stacking members are in Auto Assign mode then the Unit ID is assigned by the MAC address The stacking member with the lowest MAC address maintains its Unit ID The other stacking member is assigned a new Unit ID e If one of the stacking members with duplicate Unit IDs is in Auto Assign mo
259. he VLAN Trunking Page opens 2 Fi e muaxsoooooocoererase eegep222222289 Building Networks for People Up Time 2 days 5 10 13 DGS 3100 48 H Configuration EA L2 Features VLAN Trunking Setting Enable Disable B Jumbo Frame 802 10 VLAN Unit m g pen Asymmetric VLAN GVRP Settings Uplink Ports Re 3 Trunking gt Traffic Segmentation B LACP Port Settings gt IGMP Snooping 3 MLD Snooping gt Port Mirroring B Spanning Tree Forwarding amp Filtering LLP QoS H Security E Monitoring aac STACKING STATUS r A 84 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Figure 0 12 VLAN Trunking Page The VLAN Trunking Page contains the following fields Field Description VLAN Trunking Defines whether VLAN Trunking Settings are enabled on the device The possible field Setting values are Enable Enables VLAN Trunking Settings on the device Disable Disables VLAN Trunking Settings on the device This is the default value Unit Defines the stacking member s Unit ID for which VLAN Trunking parameters are displayed Uplink Ports Displays the Uplink ports which are included in the VLAN Trunking Ports Displays the ports which are included in VLAN Trunking 2 Enable VLAN Trunking 3 Select a stacking unit in the Unit field 4 Check the ports to be added to the VLAN Trunking The port numbers are displayed in the Uplink Ports field
260. he entry to the specified file was not updated to the flash For the specified variable ID the SNMP operation is not supported 266 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID SEVERITY CATEGORY MESSAGE DESCRIPTION pO Can t allocate buffer Func 2 s Line 1 d SYSLG8 81 19 Warning No outgoing interface AAA 1 s state mashine State 2 s Even t 3 s GroupIp 4 s Sr SYSLG8 81 20 Warning cIp 5 s received 1 s state mashine Incompatible State 2 s Event 3 s for GroupIp 4 s SrcIp o SYSLG8 81 21 Warning 5 s received Module 1 s Call In the specified module the function 2 s without specified call function is SYSLG8 81 6 Warning System init without initialization The specified state is not 1 s Bad state in state correct is the specified state SYSLG8 81 7 Warning machine 2 s machine 1 s Hash table 2 s The specified hash table is SYSLG8 81 8 Warning is full full Configuration update of unit 1 lu failed The specified unit SYSLG8 86 0 Warning Up Download Reason 2 s configuration update failed Access attempted by Access attempted by an SYSLG8 86 4 Warning SNMP unauthorized NMS unauthorized NMS Error encountered while An error occurred while downloading config downloading the specified SYSLG8 86 9 Warning Up Download 1 s configuration There is an overflow in SYSLG8 89 8 Warning SNMP Overflow in CDB CDB Overflow in startup CDB offset 1 lu file end SYSLG8 8
261. her ACL criteria is met Replace DSCP Reassigns a new DSCP value to the packet if all other ACL criteria are met Time Range Specifies whether the access rule is time based Range Name Selects the user defined time range name to apply to the access rule 229 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Define the Rule Detail fields 3 Click Apply The rule is defined and the device is update 230 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Notes about ACLs capacity in the DGS 3100 Series 231 The user can create up to 15 Access Profiles The user can configure up to 240 Access IDs each Access ID is unique i e the same Access ID can t be created from two different Access Profiles The maximum capacity of DGS 3100 series is 240 rules The rules count will be done according to the following guidelines The user should accumulate the rules of every unique set of rules a unique set of rules is the same set of rules which is bound to one or more than one ports LAG s The outcome of the above is that Access ID will be counted as a rule n times where n is the number of different settings of rules on different ports LAG s Examples for capacity calculations Example 1 Assume that Access IDs 1 2 3 4 are bound to ports 1 30 this is a unique set of rules and the count of rules in this case is 4 Assume that Access IDs 5 6 are bound to ports 31
262. idth limitations on the port This is the default value Disabled Enables ingress bandwidth limitations on the port When disabled user can enter a limit value in the RX Rate field RX Rate 3500 1000000 kbps Specifies the maximum ingress rate on the port The possible field range is 3500 1000000 Kbps TX No Limit Specifies whether egress bandwidth limitation applies to the port The possible field values are Enabled Specifies no egress bandwidth limitations on the port This is the default value Disabled Enables egress bandwidth limitations on the port When disabled the user can enter a limit value in the TX Rate field TX Rate 64 1000000 Kbps Specifies the maximum egress rate on the port The possible field range is 64 1000000 Kbps 129 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Define the Unit From Port To Port No Limit and Ingress Rate fields 3 Click Apply The bandwidth settings are defined and the device is updated 130 DGS 3100 Series Gigabit St ackable Managed Switch User Manual Configuring Storm Control Storm control limits the amount of Multicast Broadcast and Unknown Unicast frames accepted and forwarded by the device When Layer 2 frames are forwarded Broadcast Multicast and Unknown Unicast frames are flooded to all ports on the relevant VLAN This occupies bandwidth and loads all nodes on all ports A Broadcast Storm is a res
263. ield range is 1 65535 Timeout Defines the administrative LACP timeout The possible field values are Short 3 Sec Defines the LACP timeout as 3 seconds Long 90 Sec Defines the LACP timeout as 90 seconds This is the default value Select a stacking member in the Unit field Select the ports to and from which the LACP parameters are displayed in the From To Port fields Define the Port Priority and LACP Timeout fields a epr Click PPY The LACP parameters are defined and the device is updated 87 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining IGMP Snooping When IGMP Snooping is enabled globally all IGMP packets are forwarded to the CPU The CPU analyzes the incoming packets and determines the following information Which ports want to join which Multicast groups Which ports have Multicast routers generating IGMP queries Which routing protocols are forwarding packets and Multicast traffic Ports requesting to join a specific Multicast group issue an IGMP report specifying that this Multicast group is accepting members This results in the creation of the Multicast filtering database IGMP Snooping configuration page supports also IGMP Querier 1 Click L2 Features gt IGMP Snooping The IGMP Snooping ela opens o0000o0o0 AAA ARA a oo Be Up Time 2 days 5 10 13 a Logged in as administrator admin 192 168 0 100 ra Ey Logout E GB configuration E H L2 F
264. iew system information 1 Click Configuration gt System Information The System Information Page opens eee Diink 9999900000000 o 0000 gt dh eee TT tt ile Gs ls os eo e oe os LA gt lla Dla wl lta Ws ere al Serer e 7 a Sg a LES Tools Stack ID DGS 3100 48 E H Configuration Building Networks tor People dal MESA Uptime days 51013 Logged in as administrator admin 192 168 0 100 PA Logout System Information IP Address gt Stacking Settings Port Configuration ARP Settings User Accounts Unit ID MAC Address Firmware Version Hardware Version Serial Number 01 00 40 14 65 12 58 1 00 01 0 000 01 1234 unit 1 gt System Log Host SNTP Settings f SNMP Settings DHCP Relay DHCP Auto Configuration Firmware Information Telnet Setting 9 L2 Features E E El f Monitoring m AacL System Contact Peter R amp D SD8 System Name System Location 5F 1 Login Timeout minutes 20 STACKING STATUS Figure 0 2 System Information Page The System Information Page contains the following fields Field Description Unit ID Displays the stack unit ID MAC Address Displays the MAC address assigned to the device Firmware Version Displays the stacking member s software version number Hardware Version Displays the stacking member s hardware version number System Cont
265. incoming multicast frame Two port types can be defined in the system Host port a port connected to an end node device running an IGMP MLD multicast communication application Multicast Router mrouter port a port connecting multicast router ports to the switch This port receives all IGMP MLD control packets reports and queries as well as all multicast data traffic associated with dynamic Multicast groups A port can be both a host port and mrouter port simultaneously 1 Click L2 Features gt MLD Snooping The MLD Snooping Page opens Ps o000000000 o0ooooooo C7 sIwnwy ws 6 DADAS D Link EPR EE Building Networks for People icon ll a ali cl a C f ello Ji Jal Ja pod or leal ala ll ad TP EEY yA BES 318048 H Save N Tools Stack ID Uptime days 51013 Logged in as administrator admin 192 168 010 0GS 3100 48 E Configuration H H L2 Features MLD Global Setting 33 Jumbo Frame MLD Snooping Enabled Disabled 802 10 VLAN gt GVRP Settings Trunking 3 Traffic Segmentation 3 LACP Port Settings VLAN Name A IGMP Snooping gt al The VLAN Setting of MLD snooping Done Host Router State Static Router Multicast Entry Timer TimeoutTimeout Ports Setting Table Snooping Disabled 2 Port Mirroring Enabled ja Spanning Tree Disabled E Earm amp Filtering Enabled w ga LLDP ss QoS Disabled f Security Enabled Monitoring Disabled v mg ACL Y Enabled STACKING STATUB i Ena
266. ined IEEE 802 1Q Tag Octets o 1 2 3 4 Destination Address 6 octets Ether Type 0x8100 Tag Control Information 3 bits 1 bit 12 bits Figure 0 3 IEEE 802 1Q Tag The EtherType and VLAN ID are inserted after the MAC source address but before the original EtherType Length or Logical Link Control Due to the packet now being a bit longer than it was originally the Cyclic Redundancy Check CRC must be recalculated Adding an IEEE 902 10 Tag Figure 0 4 Adding an IEEE 802 1Q Tag 73 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Port VLAN ID Tagged packets carrying the 802 1Q VID information can be transmitted from one 802 1Q compliant network device to another with the VLAN information intact This allows 802 1Q VLANs to span network devices and the entire network providing all network devices are 802 1Q compliant Not all network devices are 802 1Q compliant Such devices are referred to as tag unaware 802 1Q devices are referred to as tag aware Prior to the adoption of 802 1Q VLANs port based and MAC based VLANs were in common use These VLANs relied upon a Port VLAN ID PVID to forward packets A packet received on a given port would be assigned that port s PVID and then be forwarded to the port that corresponds to the packet s destination address found in the switch s forwarding table If the PVID of the port receiving the packet is different from the PVID of the port that is to transm
267. ing completion status 1 s Sent 2 u R eceived 3 u Times Min 4 u Max 5 u Avg 6 u DESCRIPTION A dynamically configured VLAN was removed during a GVRP protocol operation A dynamically configured VLAN was deleted from the list of dynamic VLANs and was then added to the statically configured VLANs during a GVRP protocol operation A statically configured VLAN was deleted from the list of static VLANs and was then added to the dynamically configured VLANs during a GVRP protocol operation The system did not provide sufficient memory for the key The device has been The device has been configured via BOOTP configured via BOOTP The device has been configured on the specified interface with the specified IP address and mask on the specified DHCP server ARP Inspection Log The ARP packet is dropped according to the specified reason Warm Startup the system DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION al re initialization with no changes in configuration Cold Startup the system re Information initialization with possible SYSLG8 26 3 al Up Download Cold Startup changes in configuration The system supports a few NVRAM sections Each user can access its NVRAM section only All data from all user sections can be deleted from NVRAM then Information All NVRAM sections are NVRAM is set to default SYSLG8 26 4 al Up Download erased value
268. ing is enabled for a port the switch examines the VLAN information in the packet header if present and decides whether or not to forward the packet If the packet is tagged with VLAN information the ingress port first determines if the ingress port itself is a member of the tagged VLAN If it is not the packet is dropped If the ingress port is a member of the 802 1Q VLAN the switch determines if the destination port is a member of the 802 1Q VLAN If it is not the packet is dropped If the destination port is a member of the 802 1Q VLAN the packet is forwarded and the destination port transmits it to its attached network segment If the packet is not tagged with VLAN information the ingress port tags the packet with its own PVID as a VID if the port is a tagging port The switch then determines if the destination port is a member of the same VLAN has the same VID as 74 DGS 3100 Series Gigabit Stackable Managed Switch User Manual the ingress port If it does not the packet is dropped If it has the same VID the packet is forwarded and the destination port transmits it on its attached network segment This process is referred to as ingress filtering and is used to conserve bandwidth within the switch by dropping packets that are not on the same VLAN as the ingress port at the point of reception This eliminates the subsequent processing of packets that is just dropped by the destination port Default VLANs The switch initially
269. ing page should be setting the port control to Auto this will complete the setting of MAC Authentication for the required ports D Link Building Networks fox People a WA en o o0000o0000 o DA gt 5 5 29 o 99929929299999 paee o i ey i A eo O Cama lone EEES ALAN PP E pE yY y MIA an a Stack ID gi Up Time 2 days 10 13 Logged in as administrator admin 192 168 0 1 DGS 3100 48 Configuration 2 Features 802 1X Enabled Disabled Pas 1 Security gt Safeguard Engine NR a 3 Trusted Host QuietPeriod 0 65535 60 sec SuppTimeout 1 65535 30 sec 3 Port Security ServerTimeout 1 65535 30 sec MaxReg 1 10 2 times B Guest VLAN 3 i A B f 802 1x TxPeriod 1 65535 30 sec ReAuthPeriod 300 4294967295 3600 sec ReAuthEnabled Enabled Control Auto e Y iS Unit From Port To Port Mode 33 Forwarding EAP i pu Bss 01 x 2 Mm 2 e MAC Base v ssh Access Authentication B Monitoring fa Last aci T ReAuth u Enabled STACKING STATUB Auto 2 Disabled a o AR 1 4 2 Forceauthorized 30 60 30 30 2 3600 Disabled MAC Fe 1 13 ForceUnauthorized 30 60 30 30 2 3600 Enabled _ PortBase 1 1 4 Auto 30 60 30 30 2 3600 Disabled PortBasej 1 1 5 Auto 30 60 30 30 2 3600 Disabled PortBasel 1 1 6 Auto 30 60 30 30 2 3600 Disabled PortBasej 1 1 7 Auto 30 60 30 30 2 3600 Disabled P
270. ing topics e Allocating Unit IDs e Assigning Unit IDs Allocating Unit IDs Switches are shipped from the factory without a Unit ID and in Auto Assign mode All switches must be assigned a Unit ID before switches can operate as stacking members More than one stacking member cannot receive the same Unit ID Unit IDs are assigned by e Assigned by the system administrator Unit IDs that are assigned by the system administrator and can only be changed manually by the system administrator e Ifthe system administrator does not set the Unit IDs manually the Auto Assign initializes the switches when they are powered up From the switches who are automatically assigned a Unit ID one of the stacking members is assigned the Unit ID 1 That stacking member is the Stack Master If there were more than one switch in the stack there is a Master Election and Backup Master Election process Following the Master Election process the other stacking members are assigned a Unit ID by the stack Master For more information on the Master Election process please see Electing a Stacking Master Stacking members maintain the assigned Unit ID even after the stacking member is rebooted The Stack Master may reallocate IDs during system initialization to resolve duplicate ID conflicts Manually assigned IDs cannot be changed by the Stack Master even if there is a conflict 21 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Unit ID assignments or
271. ion Global Setting IP Address gt Stacking Settings J Port Configuration ARP Aging Time 1 rer eee 65535 Apply User Accounts gt System Log Host l SNTP Settings A ff SNMP Settings ee DHCP Auto Configuratic IP MAC Address Address H Dual Image Services gt Telnet Setting P L2 Features J 00s i Security Static ARP List I Monitoring Bl IP Address MAC Address 2 ooo 00 01 2e 4a 76 c5 Interface Name 7 STAO G STATUS Sa ee 10 0 11 00 13 b5 2a 77 88 z 10 416 00 5d c6 33 22 14 Figure 0 7 ARP Settings Page The ARP Settings Page contains the following fields Field Description Interface Name Defines the interface VLAN name ARP Aging Time 1 65535 Defines the amount of time in seconds that passes between ARP Table entry requests Following the ARP Entry Age period the entry is deleted from the table The range is 1 65535 The default value is 300 seconds IP Address Defines the station IP address associated with the MAC address MAC Address Defines the station MAC address associated in the ARP table with the IP address Static ARP Settings Displays current static ARP settings table detailing the user defined interface name IP address and MAC address of each entry 2 Define the Interface Name and ARP Aging Time fields 3 Click ABBY The ARP global setting is updated Define the IP Address and MAC Address
272. ion that groups packets into various traffic classes Remark 802 1p Priority Specifies whether 802 1p Priority replaces the 802 1p Priority written in the packet Enable or used only for forwarding within the device Disable Voice VLAN Aging Time Indicates the amount of time after the last IP phone s OUI was received on a port after which this port will be removed from the Voice VLAN The default time is one day The field format is Day Hour Minute The aging time starts after the MAC Address is aged out from the Dynamic MAC Address table The default time is for this is 300 seconds 2 To configure Voice VLAN Global Settings select Create in the Voice VLAN Setting field select a VID enter a VLAN Name 3 To configure the 802 1p Priority select the priority in the 802 p Priority field and enable or disable Remark 802 1p Priority 4 To configure Voice VLAN Aging define the Voice VLAN Aging Time field 5 Click Apply The Voice VLAN is created its global settings are defined and the device is updated Defining Voice VLAN Port Settings The Voice VLAN Port Setting Page contains fields for assigning ports or LAGs to the voice VLAN 1 Click L2 Features gt Voice VLAN gt Port Settings The Voice VLAN Port Setting Page opens Building Networks for People Tools StackID m Configuration E f L2 Features E Jumbo Frame Unit FromPort To Port Mode S
273. is being SYSLG1 0 56 al Up Download rebooting the switch rebooted Active image is Information Active image successfully successfully changed to the SYSLG1 0 59 al Up Download changed to image 1 d specified image Information entity configuration SYSLG1 2 4 al change trap Information Pse Port 1 s delivering The specified PSE port is SYSLG1 3 0 al Interface power to the PD delivering power to the PD Information PSE power usage 1 d The PSE power used by the SYSLG1 3 1 al in unit 2 d is above the specified unit is above the 250 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION PY threshold threshold IDO PSE power usage 1 d The PSE power used by the Information in unit 2 d is below the specified unit is below the SYSLG1 3 2 al System threshold threshold Unit 1 d was shutdown The specified unit is Information JUMBO frames not shutdown because Jumbo SYSLG1 5 23 al Interface supported frames are not supported Information Master switchover unit The specified unit is now SYSLG1 5 24 al Stack 1 d is now master the Master unit Backup master unit 1 d The specified backup Information was removed from the master is removed from the SYSLG1 5 25 al Stack stack stack Information Unit 1 d was removed The specified unit is SYSLG1 5 26 al Stack from the stack removed from the stack Information Ipc connection with unit The IPC connection with SYSLG1 5
274. it the packet the switch drops the packet Within the switch different PVIDs mean different VLANs remember that two VLANs cannot communicate without an external router So VLAN identification based upon the PVIDs cannot create VLANs that extend outside a given switch or switch stack Every physical port on a switch has a PVID 802 1Q ports are also assigned a PVID for use within the switch If no VLANs are defined on the switch all ports are then assigned to a default VLAN with a PVID equal to 1 Untagged packets are assigned the PVID of the port on which they were received Forwarding decisions are based upon this PVID in so far as VLANs are concerned Tagged packets are forwarded according to the VID contained within the tag Tagged packets are also assigned a PVID but the PVID is not used to make packet forwarding decisions the VID is Tag aware switches must keep a table to relate PVIDs within the switch to VIDs on the network The switch compares the VID of a packet to be transmitted to the VID of the port that is to transmit the packet If the two VIDs are different the switch drops the packet As a result of the existence of the PVID for untagged packets and the VID for tagged packets tag aware and tag unaware network devices can coexist on the same network A switch port can only have one PVID but it can have as many VIDs that the switch s memory storage capacity has in its VLAN table to store them As some devices on a ne
275. ket forwarding on the device Message TX Interval Defines the LLDP message update transmission interval in seconds The possible field values are 5 32768 seconds The default is 30 seconds Message TX Hold Multiplier Configures the Time To Live TTL of an LLDP packet which is the time interval that a receiving device holds an LLDP packet before discarding it The TTL is defined as the Message TX Hold Multiplier times the Message TX Interval The possible field values are 2 10 The default is 4 LLDP TX Delay Defines the time delay in seconds between successive LLDP frame transmissions initiated by value or status changes The possible field values are 1 8192 seconds The default is 2 seconds LLDP Reinit Delay Defines the time interval in seconds before reinitializing an LLDP transmission after LLDP is disabled The possible field values are 1 10 seconds The default is 2 seconds To configure LLDP Global parameters select Enabled in the LLDP Status field and click Apply LLDP is enabled and the device is updated To configure the LLDP packet forwarding status when LLDP is disabled define the LLDP Forward Status field and click Apply The LLDP packet forwarding status is defined and the device is updated To configure LLDP Global parameters when LLDP is enabled define the Message TX Interval Message TX Hold Multiplier LLDP TX Delay and LLDP Reinit Delay fields and click Apply The LLDP packet forwar
276. l is the latest downloaded image file e 2 Image 2 is the previously downloaded image file 2 Select the Unit and choose its reboot Image file 3 Click Apply The device will use the defined image file to reboot next time DGS 3100 Series Gigabit Stackable Managed Switch User Manual Telnet Setting The Telnet Setting allows users to enable or disable Telnet on the device To enable or disable Telnet 1 Click Configuration gt pees Setting The Telnet opens D Link Building Networks tor Peopia X Tools Y StackID B System Log H Host sur Settings A SNMP Settings gt DHCP Relay Telnet Setting Enabled Disabled O DHCP Local Relay Display information i 3 DHCP Auto Configurati logs Enabled O Disabled Apply Firmware Information ET cnet sein Time Range Setting 3 Serial Port Settings pP L2 Features RE 8 7 STACKING STATUS Figure 0 25 Telnet Setting Page The Telnet Setting contains the following fields Field Description Telnet Setting Defines the Telnet status on the device The possible values are e Enabled Enables Telnet e Disabled Disables Telnet Display Information Defines the Telnet logging on the device The possible values are Logs Enabled Enables all Telnet logging messages to be displayed Disabled Disables Telnet logging so that only high severity messages are displayed If this is selected logging
277. l other ACL criteria is met e Replace DSCP Reassigns a new DSCP value to the packet if all other ACL criteria are met 226 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Time Range Specifies whether the access rule is time based Range Name Selects the user defined time range name to apply to the access rule 3 Define the Rule Detail fields 4 Click Apply The rule is changed and the device is updated NOTE Each Access Profile must create rules with unique Access IDs Access IDs cannot overlap in two different Access Profiles 227 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Finding ACL Rules The ACL Finder Page identifies any rule which has been assigned to a specific port To find ACL rules 1 Click ACL gt ACL Finder The ACL Finder Page opens Fira A A M qa 000000000000000 LA gt DLink 345 67 8 E Building Networks tor People ons ve PPR eee Fees FEES 283 310043 Save Tools Stack ID y Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 Po DGS 3100 48 E 3 Configuration H L2 Features E HOS ACL rule finder helps you identify any rule has been assigned to a specific port fc Proein Ay Ba Por E Monitoring Be a coros Mar Profile ID Access ID Profile Type Summary Action gt Access Profe List 1 a Etherent Source MAC Destination MAC Ether Type VLAN ID Permit a m 2 2 I
278. lacement that can only occur if the new stacking member has a manually assigned Unit ID e The Stack Master performs Unit and Stacking Port Configuration for the new stacking member e Any configuration information the Stack Master retains that is relevant to the Unit ID of the new stacking member is applied If the new stacking member was assigned the same Unit ID of the replaced stacking member then the new stacking member receives the same switch configuration as the failed stacking member described in Replacing Failed Stacking Members in a Running Stack Dividing Stacks This example assumes that a working stack is divided into two groups The stack is divided either by a failed stacking link connected to two stacking members in the stack or by a failed stacking members in a chain topology which causes disconnection between two units in the stack In this case we should consider each sub group as an independent running stack configuration For each sub group we should consider three sub options e Both the Stack Master and the Backup Master are part of the sub group e Either the Stack Master or the Backup Master is part of the sub group e Neither the Stack Master nor the Backup Master is part of the sub group When a stack is split into two parts the following occurs in each partial stack according to the following scenario Both the Stack Master and the Backup Master are part of the sub group Nothing changes except the Stack Master recog
279. latform reached its limit The copy operation has The copy operation has SYSLG8 45 8 Warning Up Download failed failed The configuration file has The configuration file has SYSLG8 45 9 Warning Up Download failed to download failed to download Management ACL drop packet received on interface 1 s 2 j from A Management ACL drop 3 y to 4 y protocol packet is received on the SYSLG8 46 10 Warning Security 5 d service 6 s specified interface 1 j STP status STP status is in Blocking SYSLG8 48 35 Warning STP Blocking mode 1 j STP status STP status is in Forwarding SYSLG8 48 36 Warning STP Forwarding mode For the specified instance 1 j of instance 2 d the STP status is in SYSLG8 48 37 Warning STP STP status Blocking Blocking mode For the specified instance 1 j of instance 2 d the STP status is in SYSLG8 48 38 Warning STP STP status Forwarding Forwarding mode 1 j STP Loopback SYSLG8 48 41 Warning STP Detection 1 j STP Loopback SYSLG8 48 42 Warning STP Detection resolved SYSLG8 49 10 SYSLG8 49 12 reserved for channels channels in the system sshpClientId connection 1 d is outside the range Excessive number of clients SYSLG8 49 13 Warning AAA reserved for clients serviced by the system 263 sshpConld connection Excessive number of clients 1 d outside client range serviced by the system sshpClientId connection id 1 d is in the range Excessive number of The SSH daemon can not The
280. lay on the device 3 Click the upper Apply The DHCP Local Relay feature is activated and the device is updated 4 Select a VLAN on which DHCP Local Relay is to be activated 60 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 5 Click Apply DHCP Local Relay is defined on the selected VLAN and it is displayed in the DHCP Local Relay VID List 6 Repeat steps 4 and 5 for all required VLANs 61 DGS 3100 Series Gigabit Stackable Managed Switch User Manual DHCP Auto Configuration In the DHCP Auto Configuration Page users can enable or disable automatic download of the latest image and configuration files from the DHCP server During reboot if DHCP Auto Configuration is enabled the device polls the TFTP Server From the DHCP server the device receives the following if necessary e IP address The device will receive IP from the DHCP server regardless of current IP configuration whether static or dynamic If the device already has a DHCP defined IP address it will retain the current address If Static IP is present in the configuration file it will be ignored e Image file If an updated image file is available on the network and the DHCP server s latest instruction file refers to it the device downloads the image file e Configuration file If an updated configuration file is available on the network and the DHCP server s latest instruction file refers to it the device downloads the file as its new Runni
281. lds 3 Define the Show Hide field 4 Click Ay A sample record of CPU port utilization is stored and the device is updated 174 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Packet Size Information The Packet Size Page displays packets received by the switch arranged in seven groups and classed by size to be viewed as either a line graph or a table 1 Click Monitoring gt Packet Size The Packet Size Page opens 2999999999999 on Up Time 2 days 5 10 17 Toaged in as administrator admin 192 168 0100 3 Configuration H L2 Features Hoos H Security r 7 E es Sr gt 91 B View Table gt Stacking Information CPU Utilization Port utilization 2 E Packets RADIUS Authentication gt Browse ARP Table 2 Browse MLD Router Pc cA 65 127 gt Browse Router Port gt Browse Session Table gt IGMP Snooping Group 250 256 511 MLD Snooping Group 2 MAC Address Table 512 1023 O System Log 1024 1510 MO Fr ACI va lt i E 1519 10240 STACKING STATUS p p Apply f Clear 64 128 255 Unit packetsec Time Interval 1s Record Number 200 v Show Hide IV 64 Y 65 127 4128 255 256 511 Y 512 1023 4 1024 1518 1519 10240 Figure 6 4 Packet Size Page The Packet Size Page contains the following fields Field Description Unit Defines the unit number Port Defines the port number Packet
282. le gt SNMP Engine ID B SNMP Trap Configurati 7 ESJDHCP Relay 3 DHCP Auto Configuration H Dual Image Services gt Telnet Setting 4 92 Features QoS H B Security H B Monitoring ACL 4 Figure 0 20 DHCP Relay Page The DHCP Relay Page contains the following fields Field Description DHCP Relay Status Specifies whether the DHCP is enabled on the device The possible field values are e Enabled Enables DHCP Relay on the device e Disabled Disables DHCP Relay on the device This is the default value Server IP Address Defines the DHCP relay server s IP address Server IP Display the list of user defined DHCP Relay servers 2 Select Enabled to enable DHCP Relay Disabled is the default 3 Click 4BPM The DHCP Relay servers are defined and the device is updated 59 DGS 3100 Series Gigabit Stackable Managed Switch User Manual DHCP Local Relay The DHCP Local Relay Page allows the user to configure DHCP Local Relay This is done by enabling the DHCP Local Relay feature Requests e DHCP broadcasts are trapped by the switch CPU and replacement broadcasts are forwarded with Option 82 Replies from the DHCP servers are trapped by the switch CPU the Option 82 is removed and the reply is sent to the DHCP Client To define DHCP Local Relay Server Information 1 Click Configuration gt DHCP Local Relay The DHCP Relay Page opens eens oe o e si 0099909009099000 090
283. le 1 s not found EmbWeb init error initializing The UPNP BIN File PGPRCS Field posted value exceeded allowed size GOAHEADG Received illegal length 1 d for field 2 s in HTTP request GOAHEADG Received illegal URL in HTTP request GOAHEADG Couldn t open a socket on port 1 d Will open the socket on port 2 d GOAHEADG Received HTTP header request exceeded allowed size GOAHEADG Couldn t find web service struct entry GOAHEADG Couldn t create web service struct entry GOAHEADG missing HTTP file transfer mandatory Data GOAHEADG Failed to Reserve Port 1 d on System Initialization GOAHEADG Couldn t open a socket on ports 1 d 2 d Listener port 1 u configured for WEB service 2 s is not available Cannot add new session DB overflow DESCRIPTION SVNZIP found an error while extracting the specified file The specified SVNZIP file not found Error occurred initializing the UPNP BIN file Posted field value exceeded the allowed size In the HTTP request the specified field length is illegal Received an illegal URL in an HTTP request Could not open a socket on the specified port The socket will be opened on the second specified port Received an HTTP header request to exceeded allowed size Could not find a web service struct entry Could not create a web service struct entry Missing mandatory HTTP file transfer d
284. lected VLAN 182 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Router Ports The Browse Router Port Page displays which ports are connected to routers Ports can be connected to routers either as a static port or as a dynamic port 1 Click Monitoring gt Browse Router Port The Browse Router Port Page opens Building Networks for People sessa gt O _ Save Tools 7 Stack ID X Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 10 o El Security E G Monitoring 3 Stacking Information CPU Utilization gt Port Utilization gt Packet Size El Packets Received RX Port gt UMB_cast RX Unit 01 03 07 09 11 13 15 17 19 21 23 25 27 29 31 33 35 37 39 41 43 Transmitted TX 02 04 08 10 12 14 16 18 20 22 24 26 28 30 32 34 36 38 40 42 44 3 RADIUS Authentication no 5 Ss 100 DD U D D gt Browse ARP Table s S D gt Browse MLD Router Pc 02 D gt EQ Browse Session Table 03 A IGMP Snooping Group A MLD Snooping Group 04 gt MAC Address Table B 05 STACKING STATUS 06 Note S Static Router Port D Dynamic Router Port F Forbidden Router Port Figure 0 11 Browse Router Port Page The Browse Router Port Page contains the following fields Field Description VID Indicates the VLAN identification Unit Indicates the stacking member for which the router ports information is displaying Port Indicates the port for which the
285. level e Encryption The second part of the ciphersuite that includes the encryption used for encrypting the messages sent between client and host The Switch supports two types of cryptology algorithms Stream Ciphers There are two types of stream ciphers on the Switch RC4 with 40 bit keys and RC4 with 128 bit keys These keys are used to encrypt messages and need to be consistent between client and host for optimal use CBC Block Ciphers Cipher Block Chaining CBC links encrypted text blocks The Switch supports the 3DES EDE encryption code defined by the Data Encryption Standard DES to create the encrypted text e Hash Algorithm This part of the ciphersuite allows the user to choose a message digest function which will determine a Message Authentication Code This Message Authentication Code will be encrypted with a sent message to provide integrity and prevent against replay attacks The Switch supports two hash algorithms Message Digest 5 MDS and Secure Hash Algorithm SHA The SSL Configuration Settings Page permits network managers to enable SSL with all supported ciphersuites on the Switch Ciphersuites are security strings that determines the exact cryptographic parameters specific encryption algorithms and key sizes to be used for an authentication session The Switch possesses three possible ciphersuites for the SSL function which are enabled by default NOTE Once SSL is enabled the Web and Telnet are disabled
286. ling Mechanism The QoS Scheduling Mechanism Page opens 0000 OO SESS SESS Building Networks for People Save Tools Stack ID Up Time 2 days SOs Logged in as administrator admin 192 168 0 100 egon DGS 3100 48 E Configuration H H L2 Features A F QoS Class ID Mechanism Z Bandwidth Control Class 0 strict a Traffic Control z Class 1 strict A 802 1p Default Priority 3 802 1p User Priority Class 2 strict 2 QoS Scheduling Mechanis Class 3 strict a N jl ane Mubi Lay er CoS Setting Apply H Security E Monitoring Note When mixing Strict and WRR mode Strict mode should be configured at hgher class E HACL a STAGKING STATUB Figure 4 6 QoS Scheduling Mechanism Page The QoS Scheduling Mechanism Page contains the following fields Field Description Class ID Indicates the Class queue for which the scheduling method is defined Mechanism Defines the QoS class queue scheduling method The possible field values are Strict Specifies whether traffic scheduling is based strictly on the queue priority Traffic with the highest Class of Service is the first traffic That is the highest class of service will finish before other queues empty Round Robin Assigns WRR weights to queues This field is enabled only for queues in WRR queue mode If a queue is set to 0 weight the queue is not operational and is effectively closed Each queue has a weight range queues 0 3 h
287. logging devices that are sent per each event message 1 Click Configuration gt System Log Host The System Log Host Page opens mo 299000000000000 o00 o gt 9999 299999999990 o ON 2D 4 3 8 vw a nanona LA x Dunk AAA tee oe M Oy cer PU PU EE Up Time 2 days 5 10 Tee Logged in as administrator admin 192 168 0 100 E Logout ra HEM E Si DGS 3100 48 E Configuration gt System Information Add System Log Host P Address Index 3 Stacking Settings Server IP Severity Warning E Facility Local0 da UDP Port 1 65535 am ARP Settings 3 User Accounts System Log Host 2 SNTP Settings System Log Host List BSNUP Settings Index DHCP Auto Configuratic 1 Dual Image Services 2 gt Telnet Setting L2 Features H aos H Security E Monitoring lt Jl amp STACKING STATUS Server IP Severity Facility UDP Port 10 0 0 5 All Local 1 514 10 0 0 6 Informational Local 7 514 Figure 0 9 System Log Host Page The System Log Host Page contains the following fields Field Description Index Defines syslog host index 1 out of 4 Severity Defines the minimum severity from which warning logs are sent to the server There are two levels warning high and informational low Warning The device is functioning but an operational problem has occurred Informational Provides device information through system logs All Sends
288. lowing prompt is displayed Downloading code using XMODEM When using HyperTerminal click Transfer on the HyperTerminal menu bar From the Transfer menu click Send File The Send File window is displayed Enter the file path for the file to be downloaded Ensure the protocol is defined as Xmodem 6 Click Send The software is downloaded Software downloading takes several minutes The terminal emulation application such as HyperTerminal may display the progress of the loading process After software downloads the device reboots automatically Refer to the Set Terminal Baud Rate section to define the Terminal Baud Rate A Pr po NOTE Previous firmware versions that do not support Green Ethernet and Fan Control cannot be downloaded into boards with Hardware version B1 The download fails after the device recognizes a firmware version that does not support these features DGS 3100 Series Gigabit Stackable Managed Switch User Manual Set Terminal Baud Rate Use the Set Terminal Baud Rate option to define the Baud Rate The Baud Rate is the serial bit rate used to communicate with the management host The Baud Rates values are 2400 4800 9600 19200 38400 The default Baud Rate value is 9600 To set the terminal Baud Rate 1 On the Startup menu press 2 The following prompt is displayed Set new device Baud rate _ 2 Press Enter to apply changes Defining Stacking Units Use the Stack menu option to display the cu
289. ly view management access is restricted to read only and changes cannot be made to the assigned SNMP view The possible values are Community View TestReadView PWrite View Private View Write View Name Defines a Write view The Management view access is read write and changes can be made to the assigned SNMP view The possible values are Community View TestReadView PWrite View Private View 50 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Notify View Name Defines a Notify view The Notify view sends traps for the assigned SNMP view This is applicable for SNMPv3 only The possible values are Community View TestReadView PWrite View PrivateView Security Model Defines the SNMP version attached to the group The possible field values are SNMPv1 Defines SNMPv1 as the security model for the group SNMPv2 Defines SNMPv2 as the security model for the group SNMPv3 Defines SNMPv3 as the security model for the group Security Level Defines the security level attached to the group Security levels apply to SNMPv3 only The possible field values are NoAuthNoPriv Defines that neither the Authentication nor the Privacy security levels are assigned to the group AuthNoPriv Authenticates SNMP messages and ensures that the SNMP message s origin is authenticated AuthPriv Encrypts SNMP messages 2 Define the Group Nam
290. m the specified source address to the specified destination address A received BPDU message indicates that the specified port is configured as the Fast port The string parameter describes the reason this message was called 248 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY IDs Information SYSLG8 49 9 al AAA Information SYSLG8 5 168 al Information SYSLG8 5 169 al Information SYSLG8 5 170 al Information SYSLG8 5 171 al Information SYSLG8 50 18 al Information SYSLG8 63 14 al Stack Information SYSLG8 63 6 al Stack Information SYSLG8 74 51 al Interface Information SYSLG8 74 52 al Interface Information SYSLG8 79 5 al Web Information SYSLG8 83 2 al Stack 1 d is finished Information SYSLG8 83 3 al Stack successfully Wrong source unit id Information SYSLG8 83 4 al Stack MESSAGE MIB variable 1 s not console found in temporary DB SNMP console console Unknown field name 1 s Command Handler for command ID 1 s is missing Command lt 1 s gt processed in 2 d 3 d secs Port changed status from notPresent to notPresent UNIT ID 1 d Msg 2 s UNIT ID 1 d Trap 2 s Interface 1 s state 2 s Virtual interface 1 s area 2 s state 3 s File Delete file URL 1 s Synchronization with unit 1 d is failed Synchronization with unit 1 d message discarted sshpClientFind illegal index 1 d
291. mation al DIN SYSLG8 10 37 bootup Information al DHCP Information al MESSAGE Port 1 j added to 2 j Port 1 j can not be added to 2 j Unauthorized Dynamic port 2 j was added to VLAN 1 j by GVRP Dynamic port 2 j was removed from VLAN 1 j by GVRP Dynamic VLAN 1 j was added by GVRP Dynamic VLAN 1 j was removed by GVRP VLAN 1 j changed from Dynamic to Static VLAN 1 j changed from Static to Dynamic Failed to allocated memory for key DESCRIPTION A physical port is added to a logical link that is called a trunk LAG or channel depending on the device A dynamically configured port was added to a VLAN during a GVRP protocol operation A dynamically configured port was removed from a VLAN during a GVRP protocol operation A dynamically configured VLAN was added during a GVRP protocol operation A dynamically configured VLAN was removed during a GVRP protocol operation A dynamically configured VLAN was deleted from the list of dynamic VLANs and was then added to the statically configured VLANs during a GVRP protocol operation A statically configured VLAN was deleted from the list of static VLANs and was then added to the dynamically configured VLANs during a GVRP protocol operation The system did not provide sufficient memory for the key The device has been The device has been configured via BOOTP configured via BOOTP The device has been
292. mbers lose connection with the Stack Master Since the stacking members started as a running stack and the stacking members are not in the Factory Default Mode the stacking members are not reassigned Unit IDs Resetting the stacking members will initiate Unit ID auto assignment No Unit ID changes are performed in each one of the two stacking sections of the original stacks NOTE None of the stacking members in either stacking sections can remember themselves 29 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Merging Stacks This example assumes that the user would like to merge two working stacks This creates one stack from two separate stacks There are two scenarios If new stacking members are powered down during insertion and then powered up e This is identical to insert stacking members into a running stack see Replacing Failed Stacking Members in a Running Stack The only difference is that an additional stacking member is inserted into the stack Therefore for each stacking member inserted the same process occurs If stacks being merged are connecting via stacking cables and both stacks are running the following occurs e If each of the joined stacks has a Stack Master both Stack Masters s perform the Master Discovery process Both Stack Masters participate in the Master Election process One Stack Master is selected as the Stack Master The criteria for selecting a Stack Master in a merged stack as follows
293. me Range Setting Serial Port Settings 2 BL2 Features 9 aos E H Security E Monitoring B f PoE 3 POE Port Setting pac Unit 01 doesnt support PoE STACKING STATUS F say mT Ca AS Figure 0 2 PoE System Setting Page The PoE System Setting Page contains the following fields Fields Description Unit Defines the unit number System Power Threshold Indicates the power in Watts consumed before an alarm is generated The possible field values are 50W Indicates 50 watts 100W Indicates 100 watts 170W Indicates 170 watts Disconnect Method Defines the method used to deny power to a port once the threshold is reached The possible fields are Deny next port Denies power to the next port that makes a PoE request after the threshold has been reached This is the default value Deny Low priority port Denies power to the lowest priority port after the threshold has been reached 200 DGS 3100 Series Gigabit Stackable Managed Switch User Manual DEFINING ACCESS PROFILE LISTS Access Control Lists ACL allow network managers to define classification actions and rules for specific ingress ports Packets entering an ingress port with an active ACL are either admitted denied or subject to Quality of Service action For example a network administrator defines an ACL rule that states port number 20 can receive TCP packets however if a UDP packet is received the packet is
294. member Backup Master serves as a backup in case the Stack Master fails or disconnected If the Stack Master fails or disconnected the Backup Master takes over as the Stack Master The Stack Master stores an active configuration which copied on the Backup Master The active configuration copy is used if the Backup Master takes over for the Stack Master Only the configuration file is copied Any dynamically filled tables for example learnt address are not copied from the Stack Master to the Backup Master If the Backup Master takes over the role of Stack Master the Backup Master builds new dynamic tables Defining Stacking Members Switches assigned the Unit IDs 3 4 5 6 are called stacking members The Stack Master or Backup Master if the Stack Master fails manages the stack members operation Stacking members cannot be directly managed or configured If neither the Stack Master nor the Backup Master were operating the stacking members cannot function Master Enabled Stacking Members Only Stacking members assigned to Unit ID 1 or 2 are called Master Enabled stacking members Only the Master Enabled stacking members participate in the Master Election process and therefore can become master or backup master that means the s with assigned IDs of 3 4 5 and 6 can never become neither a master nor a backup master unless their ID is changed by the system administrator or reset to the factory default firstly Electing a Stacking Master Wheneve
295. modifications are effective only during system initialization and do not occur during the system up time Stacking members do not have to be numbered in sequence and can be interconnected as long as each stacking has a unique ID and at least one stacking member serves as the Stack Master Assigning Unit IDs Each stacking member has an assigned unique Unit ID Unit ID numbers are assigned as follows e Unit ID 1 Assigned to the Stack Master The Stack Master is indicated by the Master LED on front which is lit solid green e Unit ID2 Assigned to the Backup Master e Unit ID 3 4 5 and 6 Assigned to Stacking members NOTE There are cases in which a unit to which Unit ID 1 is assigned is not the stack Master but a Backup Master This section contains the following topics e Defining a Stacking Master e Defining a Stacking Back Up Master e Defining Stacking Members e Master Enabled Stacking Members e Electing a Stacking Master Defining a Stacking Master The stacking member assigned the Unit ID1 operates as the Stack Master The Stack Master provides a single point of control configuration and management for the entire stack In addition the Stack Master stores all stack member configuration The individual stacking members do not store any configuration information Defining a Stacking Back Up Master The stacking member assigned the Unit ID 2 is defined as the stack s Backup Master In addition to being a stack
296. must first login to the device on the Enable Method Lists Page Access as non administrative users is granted The Enable Method Lists Page allows network mangers to assign user privileges using authentication methods on the device Once a user is assigned a normal user level privileges the network user is authenticated and granted network access and configuration privileges A maximum of four Enable Method Lists can be defined on the device The Enable Method List cannot be deleted but can be configured User authentication occurs in the order the methods are selected If the first authentication method is not available the next selected method is used For example if the selected authentication method is RADIUS Local and the RADIUS server is not available the user is authenticated locally To define authentication methods 1 Click Security gt Access Authentication Control gt Enable Method Lists The Enable Method Lists Page opens Building Networks for People Save DGS 3100 48 P Configuration L2 Features Method List Name Method 3 E a gaos Method 1 Method 4 Ef Security E 2 Safeguard Engine Ea Trusted Host Apply Port Security gt Guest VLAN E Eo Method List Name Method 1 Method 2 Method 3 Method 4 E ssh default Local E Delete E F Access Authentication Cor Login_Method_1 RADIUS gt Application Authentical gt Authentication Server 3 Login Method Li
297. n Page The RADIUS Authentication Pagecontains the following fields Field Description Time Interval Indicates the how often the RADIUS authentication session information is updated The various time intervals are 15 30 60 no refresh Server Displays the RADIUS server IP address UDP Port Displays the UDP port through which the RADIUS session was initiated Timeouts Indicates the number of session timeouts that occurred during the authentication session Requests Indicates the amount of times the port requested an authentication session Challenges Indicates the amount of times the port was challenged during an authentication session Accepts Indicates the amount of authentication sessions initiated by the port which were accepted Rejects Indicates the amount of authentication sessions initiated by the port which were rejected 180 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing ARP Table The Browse ARP Table Page provides information regarding ARP VLANs including which IP address was mapped to what MAC address To view the ARP table 1 Click Monitoring gt Browse ARP Table The Browse ARP Table Page opens oc 000 SST Building Networks for People X Tools Stack ID Uptime daye 1073 s Logged in as administrator admin 192 168 0100 BALogout En p Security B P Monitoring Stacking Information VLAN Name IP Address Find Clear All CPU Utilizati
298. n a switch where packets are flowing out of the switch either to another switch or to an end station and tagging decisions must be made IEEE 802 10 tagged VLANs are implemented on the switch 802 1Q VLANs require tagging which enables them to span the entire network assuming all switches on the network are IEEE 802 1Q compliant VLANs allow a network to be segmented in order to reduce the size of broadcast domains All packets entering a VLAN are only forwarded to the stations over IEEE 802 1Q enabled switches that are members of that VLAN and this includes broadcast multicast and unicast packets from unknown sources VLANs can also provide a level of security to a network IEEE 802 1Q VLANs only deliver packets between stations that are members of the VLAN Any port can be configured as either tagged or untagged The untagging feature of IEEE 802 1Q VLANs allows VLANs to work with legacy switches that don t recognize VLAN tags in packet headers The tagging feature allows VLANs to span multiple 802 1Q compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally The IEEE 802 1Q standard restricts the forwarding of untagged packets to the VLAN in which the receiving port is a member The main characteristics of IEEE 802 1Q are as follows e Assigns packets to VLANs by filtering e Assumes the presence of a single global spanning tree e Uses an explicit tagging
299. n and bit injection into the network For example 100BASE TX full duplex mode Viewing LLDP Remote Port Information The LLDP Remote Port Brief Page displays LLDP remote neighbor port information 1 Click L2 Features gt LLDP gt LLDP Remote Port Brief The LLDP Remote Port Brief Page opens LEA MA a es OOOO D Link ETH 222 Bees 22929222922 oem I a Corto rior a all al lo cl cl ola ol cl La Aa la E 2a4 ons L ae cs ee 4 Save Tools Stack ID X Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 JR Traffic Segmentation 1 gt LACP Port Settings gt CER Unit 01 B Port Mirroring H B Spanning Tree E A Forwarding 8 Filtering Port Entry Chassis ID Subtype Chassis ID PortID Subtype PortID Port Description Ep LLDP 114 Entry1 MACADDRESS 00 01 02 02 04 01 LOCAL 13 RMON Port 1 on Unit 3 edi 12 Enty1 MACADDRESS 00 01 02 04 04 01 LOCAL 13 RMON Port 1 on Unit 3 D LLDP Basie TLVS 1 3 Entry1 MACADDRESS 00 01 02 06 04 01 LOCAL 113 RMON Port 1 on Unit 3 2 LLDP Dot3 TLVS Si 1 4 Entry2 MACADDRESS 00 01 03 07 04 01 LOCAL 1 3 RMON Port 1 on Unit 3 LLOP Local Port Bri 15 Entry1 MACADDRESS 00 01 03 08 04 01 LOCAL 13 RMON Port 1 on Unit 3 aos e 16 Entry1 MACADDRESS 00 01 03 09 04 01 LOCAL 113 RMON Port 1 on Unit 3 E Security 17 Entry3 MACADDRESS 00 01 03 03 05 01 LOCAL 113 RMON Port 1 on Unit3 f Monitoring 18 Enty1 MACADDRESS 00 01 04 03 06 01 LOCAL 1 4 RMON Por
300. n number Update Time Displays the time and date which the software was saved to the server Set Boot Selects the image to be become the active image at the next bootup Delete Deletes the selected image The image is deleted immediately Config Firmware Image The Config Firmware Image Page allows users to change each device s image file To change the reboot file 1 Click Configuration gt Dual Image Services gt Config Firmware Image The Config Firmware Image Page opens SSS ES Oo SSUES SSS EES ESE 3 y 7 PEE EA at eet Pee tT TT tT eee et T aa En poa le e o dde de o Up Time 2 days 5 10 13 e Logged in as administrator admin 192 168 0 100 IP Address gt Stacking Settings P Port Configuration 3 p 7 ae Settings Unit q iM gt User Accounts Image 1 v gt System Log Host a A SNTP Settings p snmp Settings Note The configuration will take place on the next reboot gt DHCP Auto Configuratic 4 Dual Image Services gt Firmware Informati gt RT gt Telnet Setting H B L2 Features m f QoS H Security E Monitoring y lt a E E E STACKING STATUS Figure 0 24 Config Firmware Image Page The Config Firmware Image Page contains the following fields Field Description Unit Defines the stacking member for which the reboot image file is defined Image Defines the image file used for reboot The possible values are e 1 Image
301. n where the IP interface and TFTP server are not on the same subnet Error in the DHCP server configuration where the specified IP interface and specified default router with the specified mask are not on the same subnet Error in the DHCP server configuration where the specified IP interface and specified default router with the specified mask are broadcast Error in the DHCP server configuration where the IP interface and TFTP server are not on the same subnet A BOOTP message must include a TFTP server IP address The TFTP server IP address 260 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID SEVERITY CATEGORY SYSLG8 10 28 DHCP MESSAGE DESCRIPTION 1s not configured must be configured BOOTP client received file with too long name in BOOTP msg DHCP client received file with too long name in DHCP msg Illegal auth protocol type 1 u Illegal privacy required value 1 u Authentication key change via BOOTP DHCP client not allowed Privacy key change via BOOTP DHCP client not allowed A file name is composed of a limited number of characters as defined in the system A file name is composed of a limited number of characters as defined in the system Illegal authentication protocol type has been received in the DHCP Message Log Illegal required privacy is received in the DHCP Message Log The Authentication key change via BOOTP DHCP client is not allo
302. nables the port for the specific instance Root Provides the lowest cost path to forward packets to the root device Designated Indicates the port or LAG through which the designated device is attached to the LAN Alternate Provides an alternate path to the root device from the root interface Backup Provides a backup path to the designated port path toward the Spanning Tree leaves Backup ports occur only when two ports are connected in a loop by a point to point link or when a LAN has two or more connections connected to a shared segment Disabled Indicates the port is not participating in the Spanning Tree 2 Define the values in the Unit and Port fields Find 3 Click 4 Define the Internal Path Cost and Priority fields 5 Cr 6 Click Edit adjacent to an MSTI ID row to edit the values for Internal Path Cost and Priority 104 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Forwarding and Filtering This section contains information for configuring both Unicast and Multicast filtering and contains the following topics e Defining Unicast Forwarding e Defining Multicast Forwarding e Defining Multicast Filtering e Defining DLF Filtering Defining Unicast Forwarding The Unicast Forwarding Page contains parameters for configuring Unicast entries 1 Click L2 Features gt Forward amp Filtering gt Unicast Forwarding The Unicast Forwarding Page opens oooo eooo00000
303. nded to make sure that Master and Backup Master s are connected to a redundant power supply Managing a Self Ordered Stack This section describes managing a self ordered stack Self ordered stacks are automatically assigned Unit IDs by the system through the Master Election process This section contains the following topics e Building a New Self Ordered Stack e Adding Members to a Self Ordered Running Stack Building a New Self Ordered Stack To build a self ordered stack 1 Connect the units physically through the stacking ports 2 Turn on the units After a short interval the stack will become operational with one of the units selected as the Master of the stack The Master and Backup selection is known as Master Election Master Election takes place if there are one or more eligible candidates contending to be the Master unit The Master Unit is indicated by the green Master LED on the front panel The Master LED is located near the Unit ID LEDs If a serial console is connected the serial cable must be connected to the Stack Master console port since the only operational console port in the stack is the one of the Master unit NOTE To reset the stacking members to the factory defaults press the Reset button for at least 5 seconds Adding Members to a Self Ordered Running Stack 1 Reset the new stacking units to the factory defaults by pressing the Reset button optional 2 Connect the stacking members physically to the stack 3
304. ne stacking member breaks the chain This may cause other stacking members to be disconnected and shut down if the stacking members have no active link to the Stack Master Unit and Stacking Port Configuration Each stacking member has a Unit ID one of the stacking members is the stack Master and possibly one of the stacking members serves as Backup Master The Stack Master now configures each stacking member according to the Configuration file stored on the Stack Master If the stack has a Backup Master the Configuration file are also be copied to the Backup Master Once all the stacking members are configured the stack proceeds to a normal operational mode If any change is made to the system configuration the change is stored by the stack Master and is copied to the Backup Master 24 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Building Stacks Quick Start The DGS 3100 series supports the following stacking scenarios e Building a new stack from scratch e Increasing the stack by adding units to an existing stack This section contains the following topics e Stack Resiliency e Managing a Self Ordered Stack e Managing a New Manually Ordered Stack Stack Resiliency Topologies of stack can be either Ring or Chain Best practice is to configure the stack in Ring topology due to the high resiliency in case of unit failure or stacking link failure Additionally in case of redundant power supply usage it is recomme
305. ned and the device is updated e To edit an authentication click Edit adjacent to the relevant IP Address on the list The upper fields display the current values which then can be edited e To delete an authentication click _Delete_ adjacent to the relevant IP Address on the list The Authentication Server settings are defined and the device is updated Defining Login Methods Network users must first login to the device on the Login Method Lists Page Access as non administrative users is granted To configure the device as a Network Administrator the user must also log on to the device on the Enable Method Lists Page User authentication occurs in the order the methods are selected If the first authentication method is not available the next selected method is used For example if the selected authentication method is RADIUS Local and the RADIUS server is not available the user is authenticated locally To define the user only login method 1 Click Security gt Access Authentication Control gt Login Method Lists The Login Method Lists Page opens 0000000000000009 BOUNRBMNBATADRHNR EEEE DGS 3100 48 B Configuration H 2 Features Method List Name Method 3 z H E aos Method 1 z kd Method 4 L E E f Security CE Safeguard Engine panini a 2 Trusted Host Apply 2 Port Security Guest VLAN peo Method List Name Method 1 Method 2 Method 3 Method 4 ib ss default Local 2 z
306. network e Section 5 Security Features Provides information for enabling and configuring device security e Section 6 Monitoring the Device Provides information for monitoring the device e Section 7 Managing Power over Ethernet Devices Provides information configuring the PoE function e Section 8 Defining Access Profile Lists Provides information for configuring the ACL DGS 3100 Series Gigabit Stackable Managed Switch User Manual Intended Audience The DGS 3100 series DGS 3100 24TG User Guide contains information for configuring and managing the DGS 3100 series DGS 3100 24TG Switches This guide is intended for network managers familiar with network management concepts and terminology vi DGS 3100 Series Gigabit Stackable Managed Switch User Manual Notes Notices and Cautions NOTE A NOTE indicates important information that helps you make better use of your device NOTICE A NOTICE indicates either potential damage to hardware or loss of data and tells you how to avoid the problem CAUTION A CAUTION indicates a potential for property damage personal injury or death vil DGS 3100 Series Gigabit Stackable Managed Switch User Manual Safety Cautions Use the following safety guidelines to ensure your own personal safety and to help protect your system from potential damage Throughout this safety section the caution icon A is used to indicate cautions and precautions that you need to review and
307. new stacking member does not become the new Stack Master This may result in new stacking member using 27 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Unit ID 1 and serving as the stack Backup master while the already running stacking member with Unit ID 2 remains the active Stack Master e The Stack Master performs Unit ID Allocation and Conflict Resolution process Ifthe new stacking member is in the Factory Default mode the new stacking member is assigned the lowest available Unit ID by the Stack Master It is strongly recommended that Auto Assign mode is used to assign the Unit ID The Auto Assign mode provides better stack resiliency Ifthe new stacking member already has an assigned Unit ID and that Unit ID is unused in the current stack the incoming stacking member is assigned Unit ID The Stack Master applies any device configuration to the new stacking member Ifthe new stacking member already has an assigned Unit ID and that UnitID conflicts with an existing Unit ID the Stack Master reallocates a new Unit ID to the new stacking member The lowest available Unit ID is applied to the new stacking member This occurs only if new stacking member does not have a manually assigned Unit ID which the Stack Master cannot change If the new stacking member cannot be assigned an available Unit ID then the new stacking member is effectively shut down and cannot join stack For example if stacking member rep
308. ng Configuration and also saves it as the Startup Configuration If Static IP is present in the configuration file it will be ignored To enable DHCP Auto Configuration 1 Click Configuration gt DHCP Auto Configuration The DHCP Auto Configuration Page opens o o00 0 0 745 E Sonno ws Up Time 2 days 5 10 13 a Logged in as administrator admin 192 168 0 100 rogoi A DHCP Auto Configuration O Enabled Disabled El P Configuration gt System Information IP Address gt Stacking Settings 3 Port Configuration gt ARP Settings gt User Accounts 3 System Log Host A SNTP Settings SNMP Settings 3 Dual image Services gt Telnet Setting E E E E A L2 Features BOs Security f Monitoring ACL Y lt amp STACKING STATUS A A A A 0 Figure 0 22 DHCP Auto Configuration Page The DHCP Auto Configuration Page contains the following fields Field Description DHCP Auto Specifies whether the device gets an updated image file and updated configuration file through Configuration the DHCP Server whenever the device reboots The DHCP server maintains the TFTP Server IP address where the files are saved The possible field values are e Enabled Enables automatic updates from the DHCP server e Disabled Disables automatic updates from the DHCP server This is the default value 2 Select Enabled to turn on DHCP Auto confi
309. ng Mode Filter_Unregistered_Groups JC e Multicast Filtering Mode Filter_Unregistered_Groups Filter_Unregistered_Groups Filter_Unregistered_Groups Forward_Unregistered_Groups Forward_Unregistered_Groups Forward_Unregistered_Groups Forward_Unregistered_Groups Forward_Unregistered_Groups Filter_Unregistered_Groups Filter_Unregistered_Groups Filter_Unregistered_Groups Filter_Unregistered_Groups Filter_Unregistered_Groups Forward_Unregistered_Groups Forward_Unregistered_Groups Forward_Unregistered_Groups Forward_Unregistered_Groups Canward linranictarnd A Figure 0 26 Multicast Filtering Mode Page 107 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The Multicast Filtering Mode Page contains the following fields Field Description Unit Defines the stacking unit number to specify a port range or LAG to specify a LAG range From Port or From LAG Defines the first port or LAG in a consecutive sequence of ports or LAGs To Port or To LAG Defines the last port or LAG in a consecutive sequence of ports or LAGs All Specifies that the filtering mode applies to all ports or LAGs Filtering Mode Defines the multicast filtering mode for unregistered Multicast groups The possible field values are Filter Unregistered Groups Filters unregistered Multicast groups Forward Unregistered Groups Forwards unregistered Multicast groups This is the default mode 2 Define the Unit and
310. ng Page displays LLDP basic TLV port information and contains parameters for configuring LLDP basic TLV port settings 1 Click L2 Features gt LLDP gt LLDP Basic TLVS Setting The LLDP Basic TLVS Setting Page opens Traffic Segmentation gt LACP Port Settings gt IGMP Snooping MLD Snooping 3 Port Mirroring P Spanning Tree Forwarding amp Fitering EG LLDP gt LLDP Global Setting LLOP Port Setting gt ETA LLDP Dot3 TLVS St LLDP Local Port Bri LLDP Remote Port E H A m f Qos E Security E Monitoring m f Aac v lt i gt STACKING STATUS DADAS 0 Unit 01 w From Port lor Y To Port 48 w Por Description Cs y System Name Disabled vw v Disabled v Apply System Capabilities Port Port Description System Name System Description System Capabilities 1 Disabled Disabled Enabled Disabled 2 Disabled Enabled Disabled Enabled 3 Disabled Disabled Enabled Disabled S Figure 0 30 LLDP Basic TLVS Setting Page The LLDP Basic TLVS Setting Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP basic TLV port settings are defined From Port Defines the first port in a consecutive sequence of ports To Port Defines last port in a consecutive sequence of ports Port Description Specifies whether the Port Description TLV is enabled on the port The possible field values are Enabled
311. ng member s Unit ID for which LAG parameters are displayed Load Balance Defines the method used for load balancing over physical links This allows for effective port 82 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description bandwidth management The possible field values are e Layer 2 Load balance is achieved using the source and destination MAC addresses e Layer 3 Load balance is achieved using the source and destination IP addresses e Layer 2 3 Load balance is achieved using the source and destination MAC and IP addresses Group ID Displays the LAG number Type Defines the LAG type The possible field values are Static The LAG is static LACP is disabled on the LAG This is the default value LACP LACP is enabled on the device Ports Displays the ports which are included in the LAG O M2 Select a stacking unit in the Unit field Select the Load Balance to use Define the Group ID and Type fields Check the ports to be added to the LAG The port numbers are displayed in the Ports field Click Amy The LAG settings are saved and the device is updated Notes about Trunking on the DGS 3100 Series DGS 3100 series supports up to 32 LAGs per device or stack NOTE A port must belong to the default VLAN when the user is adding the port to a LAG After adding the port to the LAG the LAG itself can be joined t
312. ng of UINT_64 parameters Information 1 u 2 i 3 d 4 x SYSLG8 86 31 al 5 X Number of 2 s The specified number of Information configuration items configuration commands SYSLG8 86 8 al Up Download loaded 1 lu has been loaded Information XMODEM session has The XModem session is SYSLG8 92 1 al Up Download been aborted aborted Information XMODEM session has The XModem session is SYSLG8 92 2 al Up Download been completed ended The configuration file Information Configuration Download download process has SYSLG8 95 10 al Up Download has been started started The configuration file Information Configuration Upload has upload process has been SYSLG8 95 3 al Up Download been completed successfully completed The configuration file Information Configuration Download download process has been SYSLG8 95 4 al Up Download has been completed successfully completed Information Configuration Upload has The configuration file SYSLG8 95 9 al Up Download been started upload process has started Starting autogeneration of Information self signed certificate SYSLG8 96 8 al 1 u bits Autogeneration of self The Autogeneration for a Information signed certificate was self signed certificate was SYSLG8 96 9 al AAA successfully completed successfully completed Information File 1 s has been Auto The specified file has been SYSLG1 0 55 al Up Download Updated Auto Updated Auto Update is completed Information Auto Update Completed The switch
313. nizes the missing stacking members as removed stacking members and routes traffic around them Since both the Stack Master and Backup Master are in this stacking section this section is operating and the other section cannot operate The following occurs when the stack is divided and both the Master and Backup master are in the sub group e The Master Discovery Master Election and Unit ID Allocation amp Duplicate Unit ID Conflict Resolution processes are performed resulting in the following Any configuration information stored by Stack Master which remained in the group that is relevant to the stacking members remains unchanged Topology information inter stacking member forwarding information for transmitting traffic to any other stacking member managed by the Stack Master includes only stacking members that remain connected after the stack is divided The divided stack continues to operates normally the only difference is there are less stacking members than prior to the stack division No Unit ID changes are performed in each divided stack The Stack Master notifies the system administrator using SYSLOG messages and SNMP traps of the removed stacking members In addition the Stack Master also notifies the system administrator whichd ports belong to unreachable stacking members and are reported as Not Present e Either the Stack Master or the Backup Master remain in the divided group 28 DGS 3100 Serie
314. nload Page enables downloading files either via an HTTP or a TFTP server To download Firmware Desa Show Stack Status a cor Device Locator Ea 2121 Config Backup amp Restore Http Download E Boos Reset Se El nor Firmware Download unit an m aci System Reboot File Browse Download TFTP Download Unit All y Server IP File STACKING STATUS 11 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Figure 0 5 Firmware Download Page The Firmware Download Page contains the following fields Field Description HTTP Download Indicates that the Firmware file is downloaded via an HTTP server Unit Indicates if the Firmware file is downloaded to a specific stacking member or to All stacking members File Indicates the Firmware file that is downloaded to the stack or specific device TFTP Download Indicates that the Firmware file is downloaded via a TFTP server Unit Indicates if the Firmware file is downloaded to a specific stacking member or to All stacking members Server IP Address Specifies the TFTP Server IP Address from which files are downloaded File Indicates the Firmware file that is downloaded to the stack or specific device 2 Select HTTP or TFTP Download field 3 Define the Unit field 4 For Http download define the File field or alternatively browse to select the file 5 Click _Download_ The Firmw
315. nsmitted Tx Page 193 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The Received Rx Page contains the following fields Field Description Unit Indicates the stacking member for which the device environment is displayed Port Displays error counters for the selected port Time Interval Indicates the time interval for which packets are displayed The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Indicates the transmitted record number exDefer Displays the number of frames for which the first transmission attempt is delayed because the medium is busy LateColl Displays the number of times that a collision is detected later than one time slot into the transmission of a packet ExColl Displays the number of frames for which transmission fails due to excessive collisions SingColl Displays the number of frames that are involved in a single collision and are subsequently transmitted successfully MultColl Displays the number of frames that are involved in more than one collision and are subsequently transmitted successfully 2 Select a unit and port and click Apply Information for the selected port in the selected unit is displayed 3 Click View Table to see the results in table format 4 Enter Time Interval Record Number and the types of error counters that you want to display Click Apply The information is display
316. o Frames are enabled only after the configuration is saved and the device is rebooted 3 Click PPY Jumbo Frames are enabled after the device is reset 70 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring VLANs Understanding IEEE 802 1p Priority Priority tagging is an IEEE 802 1p defined standard function designed to provide a means of managing traffic on networks where many different types of data are transmitted simultaneously It is intended to alleviate problems associated with the delivery of time critical data over congested networks The quality of applications dependent on such data such as video conferencing can be severely and adversely affected by even very small delays in transmission IEEE 802 1p standard compliant network devices recognize the priority level of data packets and can assign priority labels or tags to packets as well as strip priority tags from packets The priority tag determines the packet s degree of expeditiousness and the queue to which it is assigned Priority tags are assigned values from 0 to 7 with 0 being assigned to the lowest priority data and 7 to the highest Generally tag 7 is used for data associated with video or audio applications sensitive to even slight delays or for data from specified end users whose data transmissions warrant special consideration The switch enables increased definition for handling priority tagged data packets on the network Using queues to man
317. o an existing stack assuming each one of the stack groups has an elected Stack Master The total of existing stacking members and new stacking members exceeds the maximum allowed number of stacking members in a stack which is 6 stacking members Master Detection and Master Election processes determine the master out of one of two combined stacking groups When switches are added to a running stack the Unit ID Allocation and Duplicate ID Conflict Resolution process detects an error if too many switches are present in the stack and no changes are to stacking members that originally belonged to the group managed by the newly elected master The original switches retain their ID assignments and configurations The stacking members that originally belonged to the group managed by the Stack Master that lost the Master Election process are shut down DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Stacking The Stacking Settings Page allows network managers to execute force master and to change each and every unit its own unit ID To complete the changing process the user need to reboot the unit 1 Click Configuration gt Stacking Settings The Stacking Settings Page opens ES OR eee Dim 92929999209299 Es Se NN AA 00 T 2 gt S o amMHNT BAHN BUBHYV SY 8 OM O eo ee ee ee me Toe ETT i REGA PURA GEA bs nen 3100 48 A Building Networks tor Peopla Tools Y StackID Up Time 0 da
318. o or out of a rack the slide rails can pinch your fingers After a component is inserted into the rack carefully extend the rail into a locking position and then slide the component into the rack Do not overload the AC supply branch circuit that provides power to the rack The total rack load should not exceed 80 percent of the branch circuit rating Ensure that proper airflow is provided to components in the rack Do not step on or stand on any component when servicing other components in a rack NOTE A qualified electrician must perform all connections to DC power and to safety grounds All electrical wiring must comply with applicable local or national codes and practices CAUTION Never defeat the ground conductor or operate the equipment in the absence of a suitably installed ground conductor Contact the appropriate electrical inspection authority or an electrician if you are uncertain that suitable grounding is available DGS 3100 Series Gigabit Stackable Managed Switch User Manual CAUTION The system chassis must be positively grounded to the rack cabinet frame Do not attempt to connect power to the system until grounding cables are connected Completed power and safety ground wiring must be inspected by a qualified electrical inspector An energy hazard will exist if the safety ground cable is omitted or disconnected Protecting Against Electrostatic Discharge Static electricity can harm delicate components inside your
319. o other VLAN When a port is added to a LAG the port s configuration is stopping to be active this configuration will return to be active only after the port will be removed from the LAG 83 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining VLAN Trunking VLAN Trunking allows frames belonging to unknown VLAN groups to pass through the switch VLAN Trunking is activated by enabling VLAN Trunking on the device and defining up to 48 ports as Uplink ports In addition Ingress Filtering must be enabled on all ports see GVRP Setting Page The following limitations are applied to the user defined Uplink ports The Uplink ports can be defined only on Units 1 2 on a stacking device The Uplink ports can not be added to a LAG The Port Lock option is disabled on both ports Port Mirroring is disabled on both ports The pass through functionality applies to all VLANs that were not created on the switch for example if only VLAN 1 is defined on the switch VLANs 2 4094 will pass traffic between the Uplink ports In the example below the user defined VLAN Trunking ports Uplinks are ports 23 and 24 In this case the packet belonging to VLAN 500 enters port 23 defined as one of the Uplink Ports and therefore will be forwarded to port 24 DGS 3100 xx VLAN Range 1 256 Figure 0 11 VLAN Trunking example between 2 switchs To define VLAN Trunking on the device 1 Click L2 Features gt VLAN Trunking T
320. o select the MAC Base option 11 In addition to that the user needs to switch the port Control to Auto and enable reauthentication 12 In order to complete the configuration the port must be member in the guest VLAN 149 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring MAC Authentication by using Guest VLAN 802 1X and Radius pages This is the sequence of operatons required to configure MAC Authentication in DGS 3100 series 1 In order to configure a guest VLAN the user is required to create a VLAN first in the following example the user creates VLAN 100 via click L2 Features gt 802 1Q VLAN The 802 10 VLAN page opens Building Networks for People Tools 7 Up Time 2 days 5 10 El Logged in as administrator admin 192 168 0 1 TA m Save T N 2 DGS 3100 48 E Configuration H 5 L2 Features 3 Jumbo Frame gt ERAN 3 GVRP Settings Trunking Traffic Segmentation LACP Port Settings VID Unit 01 x R amp D100 Name should be less than 32 characters Pry en N w ar gt par a a rea ery o N N N N N a N Port Select All 1 1 12 1 d 16 1 0 21 4 IGMP Snooping MLD Snooping 33 Port Mirroring El BB Spanning Tree H H Forwarding amp Filtering El GBLLOP Has P Security E Monitoring Bac Y STACKING STATUB sens et eeneees sseeeees eeeseee i Untag O Tag O Forbidden O Not
321. oad fails after the device recognizes a firmware version that does not support these features Upgrade Procedure Important Notes ACL backward compatibility issue In firmware 1 x x TCP UDP ports of access profile are in hexadecimal instead of decimal values In version 2 x x TCP UDP port value entries are in decimal value However if the user upgrades the switch firmware from version 1 x x to version 2 x x the value will be retained as hexadecimal value ACLs access rules priority did not work in firmware version 1 x x In firmware version 2 x x the priority is supported and it is not allowed two identical access rules priority from different access profiles If the user download configuration file from version 1 x x which including ACLs which has more than one rule it might not work and there will be an error message The user can delete and create the ACLs again if he encountered a problem Tacacs Radius backwards compatibility issue In firmware version 1 x x it is possible to configure up to 4 Tacacs Radius servers In firmware version 2 x x it is possible to configure up to 3 servers from each type In addition to that it was not required to configure priority to Tacacs servers in 1 x x while in 2 x x it is required If the user configured 4 servers in version 1 x x and try to download the configuration to firmware 2 x x he will get an error message the same event will happened because of the Tacacs priority The Firmware Dow
322. of Week Defines the week day DST starts The field range is Sunday Saturday From Month Defines the month DST starts The field range is January December From time in HH MM Defines the time of day DST starts The field format is Hour Minutes based on the 24 hour clock Military Time For example 9 00PM is configured as 21 00 To Which Week of Defines which numeric week of the month DST ends The possible field values are the Month First Indicates the first week of a month Second Indicates the second week of a month Third Indicates the third week of a month Fourth Indicates the fourth week of a month To Day of Week Defines the week day DST ends The field range is Sunday Saturday To Month Defines the month DST ends The field range is January December To time in HH MM Defines the time of day DST ends The field format is Hour Minutes based on the 24 hour clock Military Time For example 9 00PM is configured as 21 00 DST Annual Settings Section The Annual Mode enables setting a DST seasonal time adjustment This option requires defining begin and end times by the specific dates For example the network administrator defines that DST begins April 3 and ends October 14 Field Description From Month Defines the month of the year that DST starts The field options are January December From Day Defines the date on which DST starts The field options are 1 31 From Time Defines the tim
323. ogged in as administrator admin 192 168 0 100 la 2 DGS 3100 48P e PA Configuration E Pa ath Features Unit From Port To Port Admin State Max Addr 1 64 Lock Address Mode Trap Interval 1 1000000 o1 x 01 01 v Disabled 1 Permanent x 1 E H Access Authentication Control ARP Spoofing Prevention 3 El Actors a Unit 1 Settings H P PoE Port Admin State Max Learning Addr Lock Address Mode Trap Interval En aci 11 Disabled 1 DeleteOnReset 12 Disabled 5 DeleteOnReset 60 13 Disabled 10 DeleteOnReset 60 14 Disabled 15 DeleteOnReset 60 15 Disabled 20 DeleteOnReset 50 1 6 Disabled 25 DeleteOnReset 60 17 Disabled 30 DeleteOnReset 60 18 Disabled 35 DeleteOnReset 60 1 9 Disabled 40 DeleteOnReset 60 1 10 Disabled 45 DeleteOnReset 120 4 14 Disabled 50 DeleteOnReset 120 1 12 Disabled 55 DeleteOnReset 60 1 13 Disabled 60 DeleteOnReset 120 1 14 Disabled 64 AS 60 amp STACKING STATUS Figure 5 3 Port Security Page The Port Security Page contains the following fields Field Description Unit Displays the stacking member s ID for which the port security parameters are displayed From Port Indicates the port number from which the port security parameters are displayed To Port Indicates the port number to which the port security parameters are displayed Admin State Indicates if port security on the device The possible field values are Enable Indicates that port security is enable
324. on gt Port utilization gt Packet Size ie Packets Total Entries 5 gt Received RX IP Address Mac Address Type UMB_cast RX 10 0 0 1 00 01 2e 4a 76 09 Dynamic A Transmitted TX 10 0 0 2 00 01 2e 4a 76 1a Dynamic gt RADIUS Authentication 40 0 0 3 00 01 2e 4a 76 c5 Static ES 10 0 0 4 00 01 2e 4a 76 0b Dynamic gt Browse MLD Router Pc 10 0 0 5 00 01 2e 4a 76 d7 Dynamic gt Browse Router Port gt Browse Session Table gt IGMP Snooping Group MLD Snooping Group A MAC Address Table lt i amp STACKING STATUS Figure 6 9 Browse ARP Table Page The Browse ARP Table Page contains the following fields Field Description VLAN Name Defines the VLAN for which the ARP mappings are defined IP Address Defines the station IP address which is associated with the MAC address Total Entries Displays current ARP table entries detailing the user defined interface name IP address MAC address and type dynamic or static of each entry MAC Address Displays the MAC address associated with the IP address Type Indicates how the MAC was assigned The possible values are Dynamic Indicates that the MAC address is dynamically created Static Indicates the MAC address is a static IP address 2 Click Find The table updates and displays the values required 3 Click araser to clear the Browse ARP Table Page 181 DGS 3100 Series Gigabit Stackable Managed Switch User M
325. on SSH and console sessions is also disabled 2 Select the Telnet Setting 3 Click Ay The Telnet setting on the device is updated 65 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Time Ranges Time ranges may be used to define time based ACLs and to configure time ranges for PoE port settings The Time Range Setting Page defines a time range To define a time range 1 Click Configuration gt Time Range Setting The Time Range Setting Page opens 9099000900000000 oo ee Re o000000 nanus y PERETE A her errr TTY ae TT tT tT tT A A Tools StackID MM Up Time 0 days 24036 5 me Range Setting System Information gt P Address Stacking Settings Time Range El Port Configuration Range Name BB ARP Settings Hours HH MM Start Time 00 00 End Time 00 00 w User Accounts System Log Host E SNTP Settings E SNMP Settings Weekdays O mon O tue Owed O Thu O Fri O sat O sun O SelectAll Days Note Ifthe End Time is before the Start Time the End Time will be setto the following day DHCP Relay 3 2 NCD I anal Dala Total Entries 0 STACKING STATUS Tesessasa sasazasa sessaaii HET Range Name BEVE Start Time End Time Figure 2 166 Time Range Setting Page The Time Range Setting Page contains the following fields Field Description Range Name Defines the Time Range Name Up to 32 time ranges can be d
326. on with the current method failed and Information SYSLG8 31 46 al authentication is repeated Information once more by using the SYSLG8 31 5 al Method being retried same method SYSLG8 31 6 omaa Method succeeded Authentication with the 254 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE ID AE User CLI session for user 2 s over 1 s source 3 y destination 5 s 4 y TERMINATED The Telnet SSH session may still be connected Information SYSLG8 31 63 al Information SYSLG8 31 64 al Information SYSLG8 31 7 al Information SYSLG8 31 8 al Information SYSLG8 45 18 al Information SYSLG8 48 31 al Information SYSLG8 49 11 al Information SYSLG8 49 14 al Information SYSLG8 49 2 al Information SYSLG8 49 9 al Information SYSLG8 5 168 al Information SYSLG8 5 169 al Information SYSLG8 5 170 al Information SYSLG8 5 171 al console Information SYSLG8 50 18 al Interface 255 User CLI session for user 2 s over 1 s source 3 y destination 5 s AAA 4 y ACCEPTED Files Copy source URL 1 s destination URL 2 s Attention port 1 j from which the bpdu was received is configured as Fast Port sshpClientld illegal connection id 1 d Up Download STP Closed SSH connection to 1 y CATEGORY AAA Security SSH SSH log 1 s MIB variable 1 s not console found in temporary DB Unknown field name
327. op profile in specified parameter 1 d is bigger host parameter is bigger than the asic maximum than the ASIC maximum SYSLG5 3 18 Warning Security number 2 d specified number IfIndex 1 d is now auto The specified IfIndex is SYSLG5 3 5 Warning Interface negotiation enable now auto negotiation i ignored egress interfaces ignored egress interfaces 268 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ID SEVERITY CATEGORY SYSLG6 1 0 Warning lA svsuc702 Waning svsuc70s Waning svsucrea Waning svsuc7os Waning svsuc7 6 Waning svsuc707 Waning fsvsuc7ax wamne SYSLG7 13 1 Sy SYSLG7 14 107 SNMP 269 MESSAGE IfIndex 1 d is configured with auto negotiation enable Committing BW on egress interface 1 d more than 2 d percentages of interface speed Interface 1 d changes to half duplex mode some committed services can t be fulfilled Interface 1 d changes to higher speed rate Current speed in a Port Port 1 lu Down Down Power Supply 1 d is down 1 s 2 s 1 s 2 s 1 s 2 s 1 s 2 s 1 s 2 s 1 s 2 s 1 s 2 s 1 s 2 s 1 s 2 s failed to allocate rules in Asic for ifIndex 1 d failed to add 1 d rules to the Asic on ifIndex 2 d MAC 1 m was rejected on port 2 j LLDP 1 s Warning Deleting Mngmnt address entry from CDB was failed resource unavailable DESCRIPTI
328. ord To define the network Local Enable password 1 Click Security gt Access Authentication Control gt Configure Local Enable Password The Configure Local Enable Password Page opens Building Networks for People Save Tools 7 Stack ID X Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 E Logout DGS 3100 48 E 3 Configuration E H L2 Features H aos ES Security New Local Enable Password gt Safeguard Engine A Trusted Host gt Port Security Guest VLAN 8 802 1X 5 SSL SSH P Access Authentication Application Authen Authentication Sen 3 Login Method Lists Enable Method List 2 Tar Y lt f gt STACKING STATUS Pis mac saa F SUSEEEEN ki i ES o room Old Local Enable Password Confirm Local Enable Password E GESEREBS Scan Figure 5 15 Configure Local Enable Password Page The Configure Local Enable Password Page contains the following fields Field Description Old Local Enable Password Provide the current network Enable password New Local Enable Password Defines the new network Enable password The field range is 1 15 characters Confirm Local Enable Password Confirms the new network Enable password 2 Enter the old local enable password In the Old Local Enable Password field 3 Define the new local enable password in the New Local Enable Password field 4 Re enter the new password in th
329. ortBase 1 1 8 Auto 30 60 30 30 2 3600 Disabled PortBasej v 152 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining RADIUS Settings Remote Authorization Dial In User Service RADIUS servers provide additional security for networks RADIUS servers provide a centralized authentication method for management access The default parameters are user defined and are applied to newly defined RADIUS servers If new default parameters are not defined the system default values are applied to newly defined RADIUS servers 1 Click Security gt 802 1X gt Authentic RADIUS Server The Authentic RADIUS Server Page opens EERE mo StackID 1 DOS 3100 48 B Configuration lo p2 Features Succession First y m as RADIUS Server 0 0 0 0 B p Security E Safeguard Engine Amene non Trusted Host Accounting Port Port Security Key a Guest VLAN Confirm Key Apply 802 1 gt 802 1X Setti z gt mEn Cm m3 RADIUS Server List Fa 7 SEARS is Succession RADIUS Server Auth UDP Port Acct UDP Port e First 1 2 3 4 1812 1813 Delete ma ssh Second 2 3 4 5 1812 1813 J Access Authentication Cor Third 3 4 5 6 1812 1813 E ARP Spoofing Prevention H Monitoring ACL if en STack 6 STATUS Figure 5 6 Authentic RADIUS Server Page The Authentic RADIUS Server Page contains the following fields Field Descrip
330. orts Settings Page The MLD Snooping amp Static Router Ports Settings Page contains the following fields Field Description VLAN ID Specifies the VLAN ID VLAN Name Displays the user defined VLAN name Done Timer 0 16711450 sec Defines the time interval in seconds after which a port is removed from the Multicast membership group Ports are removed from the Multicast membership when the port sends a Done Message indicating the port requests to leave the Multicast group The field range is 0 16711450 seconds The default timeout is 10 seconds Host Timeout 60 16711450 sec Defines the time interval in seconds after which a port is removed from a Multicast Group Ports are removed if a Multicast group MLD report was not received from a Multicast port within the defined Host Timeout period The possible field range is 60 16711450 seconds The default timeout is 260 seconds Router Timeout 1 16711450 sec Defines the time interval in seconds the Multicast router waits to receive a message before it times out The possible field range is 1 16711450 seconds The default timeout is 300 seconds State Indicates if MLD snooping is enabled on the VLAN The possible field values are Enable Enables MLD Snooping on the VLAN Disable Disables MLD Snooping on the VLAN Unit Defines the unit number 93 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field
331. ory problems while extracting the specified file A hostname cannot be SYSLG8 75 4 Error IP Can t get hostname received SVNZIP found CRC Error extracting file 1 s PGPRCS Found no end tag between two tags PGPRCS Trying to set tag 1 s which does not exist in the page GOAHEADG Received illegal buffer length in HTTP Post request WARNING The if modified since date can not be taken from the system so it will be set to 1 1 1970 Bad 1 s pointer The HTTP Buffer sent is to big The buffer size can be up to 1 d bytes WB_KERN in WEBSRVG sendSslIGoA SVNZIP found a CRC error while extracting the specified file No end tag encountered between two tags Trying to set the specified tag which does not exist in the page Received an illegal buffer length error in an HTTP Post request WARNING The if modified since date can not be taken from the system so it will be set to 1 1 1970 The specified pointer is invalid The HTTP Buffer sent is to big The buffer size can be up to the specified number of bytes SEVERITY ID SYSLG8 75 63 SYSLG8 75 67 SYSLG8 75 68 SYSLG8 75 69 SYSLG8 75 7 SYSLG8 75 70 SYSLG8 75 71 SYSLG8 75 65 SYSLG8 75 80 SYSLG8 77 25 DGS 3100 Series Gigabit Stackable Managed Switch User Manual CATEGORY MESSAGE head got post header chunk without Content Length Attribute SVNZIP found an error 1 u extracting file 2 s SVNZIP fi
332. ost E SNTP Settings l SNMP Settings gt DHCP Relay gt DHCP Auto Configuratic gt Firmware Information gt Telnet Setting gt Biases H 8 L2 Features fj Qos FG Security S 41 STACKING STATUS Tesssssss aiii creo PX Figure 0 188 Serial Port Settings Page The Serial Port Page contains the following fields Field Description Baud Rate Defines the Baud Rate on the device The possible values are e 2400 e 4800 e 9600 e 19200 e 38400 Auto Logout Defines the allowable inactivity length before the device automatically logs out The possible values are e Never e 2min e 5min e 10min e 15 min 2 Select the appropriate values 3 Click APPly The Serial Port Settings on the device are updated 68 DGS 3100 Series Gigabit Stackable Managed Switch User Manual CONFIGURING L2 FEATURES This section contains information for enabling and configuring L2 Features This section contains the following topics 69 Enabling Jumbo Frames Configuring VLANs Configuring GVRP Defining Trunking Traffic Segmentation Configuring LACP Defining IGMP Snooping Defining MLD Snooping Configuring Port Mirroring Configuring Spanning Tree Defining Forwarding and Filtering Configuring LLDP Configuring Voice VLAN DGS 3100 Series Gigabit Stackable Managed Switch User Manual Enabling Jumbo Frames Jumbo Frame support is designed to enhance Ethernet networking throu
333. p y C L3IPv6 ACL Select You can select the field in the packet to create filtering mask L2 Header IPv4 Class IGMP Y Type Create Figure 0 10 ACL Profile L3 IPv4 IGMP Selected Page 214 22s RAB DGS 3100 Series Gigabit Stackable Managed Switch User Manual coc eocoee eecssn cs 0000000000 02090009 4 12 3 AEREAS EEES et RA 2 3 F D Link 9 D Link fj oll wie s cis pa ony pt ae li oy By oly ln oy oo i PPP eee SEES FEEF DES 3100 48 Tools Y Stack ID Up Time 5 days 1 52 24 Logged in as administrator 10 5 80 57 P Logout DGS 3100 48 rome 5 ee Select Frame Type Bos L2ACL ie L3ipvsaci TCP Monitoring Po C L3IPvS ACL __select__ AAAA E ACL You can select the field in the packet to create filtering mask ACL Configuration Wizard 2 Access Profile List L2 Header IPv4 Class IPv4 Address TCP Port TCP Flag ACL Finder STACKING STATUS r E T a is os ES Create Figure 0 11 ACL Profile L3 IPv4 TCP Page To define L3 IPv4 TCP Port ACL profile 1 Click the TCP Port button The ACL Profile L3 Ipv4 TCP Port Page updates to Tow the tolling e e F pr a e A ERRE 00009000000 FEI 2229 999999999 y NA oll in esi loin ln fs Building Networks for People i d 4 A a SSCS eSe SSPE FETT i EY Fa A AA EEE yo gt Save Tools StackID W Up Time
334. ph as a table click View Table Viewing UMB_cast Packet Statistics The UMB_cast RX Page displays the number of UMB cast Unicast Multicast and Broadcast packets received on the device 1 Click Monitoring gt Packets gt UMB_cast RX The UMB_cast RX Page opens 0000000 o e a a 00000000000 2299 nona xn uuw en gon eoooo 78 10 Bar 38 AAA ql En a a oe An sola soy E PS eo PU A e y E A g g 1013 MESE REA AU E Configuration H L2 Features H Qos E Security E Monitoring 3 Stacking Information CPU Utilization Port utilization gt Packet Size El Packets gt Received RX E gt Transmitted TX Multicast RADIUS Authentication gt Browse ARP Table Browse MLD Router Pc gt Browse Router Port gt Browse Session Table 2 IGMP Snooping Group MIN Snonnina Groun ME STACKING STATUB NN ow View Tabie Unicast Broadcast in ep p Unit packet sec Time Interval 1s v Record Number 200 ShowfHide Y Unicast IF Multicast Y Broadcast Figure 6 6 UMB_cast RX Page The UMB cast RX Page contains the following fields Field Description Unit Indicates the stacking member for which the UMB cast packets are displayed Port Indicates the port for which the UMB cast packets parameters are displayed Unicast Indicates the number of Unicast packets received and transmitted through the device
335. ple Save T Up Time 2 days 5 10 17 ESE EUR E AA E p oos H Security E H Monitoring Master ID E Stacking Information Backup ID CPU Utilization 3 Port utilization gt Packet Size H Packets Model name Runtime version HN version RADIUS Authentication DGS 3100 Browse ARP Table DGS 3100 Browse MLD Router Pc DGS 3100 Browse Router Port DGS 3100 Browse Session Table DGS 3100 IGMP Snooping Group DGS 3100 MLD Snooping Group MAC Address Table 3 System Log p AacL lt iy Y gt gt gt 2 gt ay STAGKING STATUS Tess ET T Y Peas er coer Figure 6 1 Stacking Information Page The Stacking Information Page contains the following fields Field Description Master ID Displays the Stacking Master Unit ID number unit ID 1 or 2 Backup ID Displays the Backup Master Unit ID number unit ID 1 or 2 Box ID Displays the Unit ID numbers assigned to the stacking members Runtime version Indicates the software version running on the device H W version Displays the stacking member s hardware version 172 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing CPU Utilization The CPU Utilization Page contains information about the system s CPU utilization 1 Click Monitoring gt CPU Utilization The CPU Utilization Page opens D Link ES eecsocesececcss ee eeaseeeceesese Ebro ar Pana AAA ows Save X Tools Y Up Time 2 days 5
336. r a stacking member or more than one comes up one of the stacking members is elected to be the stack Master The Stack Master is selected as follows e If one of the master enabled stacking members in the stack was set to Force Master by the system administrator through the GUI Stacking Master selector that master enabled stacking member is the Stack Master Stacking 22 DGS 3100 Series Gigabit Stackable Managed Switch User Manual members which are defined as Force Master stacking members are manually selected as the Stack Master Only a master enabled stacking member can be selected as the Force Master e Ifthe stack contains more than one stacking member whose Unit ID is either 1 or 2 then one of the stacking members are elected the Stack Master It does not matter if the Unit ID was originally automatically or manually assigned These stacking members are called Master Enabled If there is only one stacking member that stacking member is selected as the Stack Master even if the stacking member s Unit ID is 2 If there is a stacking member Unit ID 2 which up time is 30 minutes and Unit ID 1 s uptime is 19 minutes The difference is 11 which is greater than 10 minutes thus the Unit ID 2 is the elected Stack Master e If there are more than one stacking members the two stacking members decide which stacking member is elected Stack Master by checking Which stacking member has been running for a longer time The up time is m
337. r using the Master Discovery process The Stack Master recognizes that the stacking member no longer responds If the stack topology was ring topology the Stack Master directs all other stack members to route traffic around the failed stacking member At the same time the Stack Master notifies the system administrator of the failure using SYSLOG messages and SNMP traps When the failed stacking member is disconnected from the stack all traffic is routed around the failed stacking member as stated above As long as all other stacking connections are intact the stack continues to run When a new stacking member is inserted and the stack is powered up the following occurs e The new stacking member which is in stacking mode performs the Master Discovery process and perhaps participates in a Master Election For more information on the Master Election process see Electing a Stacking Master 26 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Ifthe new stacking member has a Unit ID of or 2 i e the stacking member is a master enabled unit the new stacking member initiates the Master Election process However since the running Stack Master has a longer up time it remains the Stack Master and the new stacking member does not become a new Stack Master Ifthe new stacking member has a Unit ID of 3 to 6 the new unit attempts to become a stacking member and is subject to the already running Stack Master The Master Election p
338. ral Precautions for Rack Mountable Products Observe the following precautions for rack stability and safety Also refer to the rack installation documentation accompanying the system and the rack for specific caution statements and procedures Systems are considered to be components in a rack Thus component refers to any system as well as to various peripherals or supporting hardware CAUTION Installing systems in a rack without the front and side stabilizers installed could cause the rack to tip over potentially resulting in bodily injury under certain circumstances Therefore always install the stabilizers before installing components in the rack After installing system components in a rack never pull more than one component out of the rack on its slide assemblies at one time The weight of more than one extended component could cause the rack to tip over and may result in serious injury e Before working on the rack make sure that the stabilizers are secured to the rack extended to the floor and that the full weight of the rack rests on the floor Install front and side stabilizers on a single rack or front stabilizers for joined multiple racks before working on the rack Always load the rack from the bottom up and load the heaviest item in the rack first Make sure that the rack is level and stable before extending a component from the rack Use caution when pressing the component rail release latches and sliding a component int
339. ries Gigabit Stackable Managed Switch User Manual 3 Enter a port ID in the box adjacent to the Mask Generate button 4 Alternatively click Mask Generate The Generate Mask by range fields appear 5 Enter a port ID range into the Generate Mask by range fields and click Calculate The mask is generated 6 Click _ Ceste The ACL profile is added and the device is updated NOTE A combination of one or several filtering masks can be selected simultaneously The page updates with the relevant field s IP and MAC Based ACLs on the Same Port IPv6 based ACLs and MAC based ACLs cannot be defined on the same port The user can however set IPv4 based ACL and MAC based ACL on the same port s This is performed in the following way Go to Add Access Profile page Add L2 Access Profile with the desired fields Add L3 IPv4 based Access Profile with the desired fields Go to Access Rule List page create rules for both profiles and apply it on the same port s LAG s Now you have both an IPv4 based ACL and MAC based ACL on the port s LAG s NOTE Adding rules to specific profile generates a unique Access ID in the range 1 240 When the user adds a rule to different profiles he cannot use the same Access ID for different rules Adding Access Rules The following conditions can be defined as Access Rules Filter Description Source Port IP Address and Wildcard Mask Filte
340. rized Indicates that either the port control is Force Unauthorized and the port link is down or the port control is Auto but a client has not been authenticated via the port ForceAuthorized Indicates that the port control is Forced Authorized and clients have full port access Auto Indicates that the port control is Auto and at least single client or single MAC has been authenticated via the port Unit Indicate the stacking member for which the 802 1X parameters are defined From Port Indicates the first port for which the 802 1X parameters are defined To Port Indicates the last port for which the 802 1 X parameters are defined Mode Indicates the 802 1 X mode enabled on the device The possible field values are Port Base Enables 802 1X on ports This is the default value MAC Base Enables 802 1X on MAC addresses 2 Enable or disable the 802 1X status in the 802 1X field 3 Define the Mode field MAC Base for MAC Authentication 4 Inthe 802 1X Port Access Control section define the time fields 5 Set the ReAuthEnabled field and the Control fields 6 Set the values in the Unit From Port and To Port fields 7 Click The MAC Authentication is configured and the device is updated 8 In order to activate MAC Based Authentication the user should first enable 802 1X globally on the switch 9 Then the user should define the port s that needs to be configured for MAC Authentication 10 In the Mode control the user needs t
341. rocess does not occur e The Stack Master performs a Unit ID Allocation and Conflict Resolution process Ifthe new stacking member was in Factory Default mode the unit does not have an assigned Unit ID The new stacking member is assigned the lowest available Unit ID by the Stack Master It is strongly recommended that automatic assigned Unit ID mode be used since it provides improved stack resiliency Ifthe new stacking member already has an assigned Unit ID and that Unit ID is unused in the current stack the new stacking member retains its assigned Unit ID The Stack Master applies any configuration relevant to that Unit ID Ifthe new stacking member already has an assigned Unit ID and that Unit ID conflicts with an existing Unit ID the Stack Master reallocates a new Unit ID to the new stacking member The lowest available Unit ID is applied to the new stacking member This occurs only if new stacking member does not have a manually assigned Unit ID which the Stack Master cannot change If the new stacking member cannot be assigned an available Unit ID then the new stacking member is effectively shut down and cannot join the stack For example the stacking member replacement can only occur if the new stacking member has a manually assigned Unit ID e The Stack Master now performs Unit and Stacking Port Configuration for the new stacking member e Any configuration information which the Stack Master stores that is relev
342. roduct only from the type of external power source indicated on the electrical ratings label If you are not sure of the type of power source required consult your service provider or local power company To help avoid damaging your system be sure the voltage selection Switch if provided on the power supply is set to match the power available at your location 115 volts V 60 hertz Hz in most of North and South America and some Far Eastern countries such as South Korea and Taiwan 100 V 50 Hz in eastern Japan and 100 V 60 Hz in western Japan 230 V 50 Hz in most of Europe the Middle East and the Far East Also be sure that attached devices are electrically rated to operate with the power available in your location Use only approved power cable s If you have not been provided with a power cable for your system or for any AC powered option intended for your system purchase a power cable that is approved for use in your country The power cable must be rated for the product and for the voltage and current marked on the product s electrical ratings label The voltage and current rating of the cable should be greater than the ratings marked on the product To help prevent an electric shock plug the system and peripheral power cables into properly grounded electrical outlets These cables are equipped with three prong plugs to help ensure proper grounding Do not use adapter plugs or remove the grounding prong from a cable If you mu
343. router port settings are displayed Ports have the following settings S Indicates a static port D Indicates a dynamic port F Indicates a forbidden port 2 Define the VID field 3 Click APP The selected ports appear on the selected VLAN 183 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Session Table The Browse Session Table Page displays information regarding device sessions which were initiated by system Users To view session table information 1 Click Monitoring gt Browse Session Table The Browse Session Table Page opens D Link Building Networks for People Save Tools gt Stack ID y Up Time 2 days 5 10 13 4 Logged in as administrator admin 192 168 0 100 ogon po eS H 3 Security E Monitoring gt Stacking Information a zA CPU Utilization Port Utilization gt Packet Size 12 User Privilege Packets 5 Admin gt Received RX gt UMB_cast RX 2 Transmitted TX RADIUS Authentication Browse ARP Table Browse MLD Router Pc Browse Router Port IGMP Snooping Group MLD Snooping Group MAC Address Table a gt gt 2 gt gt ily Figure 6 12 Browse Session Table Page The Browse Session Table Page contains the following fields Field Description ID Displays the browse session table entry From Indicates the type of interface from which the system session was initiated
344. rrent stack unit ID list and define an alternative unit ID stack membership number Unit ID 0 is allocated for auto numbering which is the factory default Refer to Managing Stacking for further reference To access the stack menu 1 On the Startup menu press 3 The following prompt is displayed Stack menu 1 Show unit stack id 2 Set unit stack id 8 Back Enter your choice or press ESC to exit 2 To display the current unit stack ID list press 1 The following prompt is displayed Stack menu 1 Show unit stack id 2 Set unit stack id 3 Back Enter your choice or press ESC to exit Current working mode is stacking Unit stack id set to 0 Press Enter to Continue 3 To change the unit ID stack membership number press 2 The following prompt is displayed DGS 3100 Series Gigabit Stackable Managed Switch User Manual Stack menu 1 Show unit stack id 2 Set unit stack id 3 Back Enter your choice or press ESC to exit Enter unit stack id 0 6 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Using the Web Based User Interface This section contains information on starting the D Link Embedded Web Interface To access the D Link user interface 1 Open an Internet browser Ensure that pop up blockers are disabled If pop up blockers are enabled edit add and device information messages may not open 2 Enter the device IP address in th
345. rs the packets by the Source port IP address and wildcard mask Destination Port IP Address and Wildcard Mask Filters the packets by the Source port IP address and wildcard mask Protocol Filters the packets by the Layer 4 protocol DSCP Filters the packets by the DiffServ Code Point DSCP value Class Filters the packets by the Class value IP Precedence Filters the packets by the IP Precedence Action Indicates the action assigned to the packet matching the ACL conditions Packets are forwarded dropped or going through QoS action To add change an access rule 1 Click ACL gt Access Profile List The Access Profile List Page opens 224 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 999990009990999 90000000000 Tee en a OM A Vee PNRM Dw 2 maana S99 9 0 0 D Link 4 88880888 dada Networks i E O PPRPP PEE EPEE F Tools 7 Stack ID Up Time TS DGS 2100 48 ccess Prote H Configuration L2 Features oe Profile ID Profile Summary an A A p Security Source MAC Mask Destination MAC Mask Show Details Edit New Rules Delete B Monitoring Current Max Profile 1 15 Current Max Rule 1 240 PPPoE p acl Add ACL Profile 0 2 2 L Configuration Wizard 3 cess Profile List A ACL Finder Figure 0 25 Access Profile List Page 1 Select a profile and click Edit New Rules The Access Rule List Page opens JAAR o0o00000000 oo pan o 4s ers Tee nna n n MERU BD
346. s From the last weekend of March until the last weekend of October e New Zealand From the first Sunday in October until the first Sunday on or after March 15 e Norway From the last weekend of March until the last weekend of October e Paraguay From April 6 until September 7 e Poland From the last weekend of March until the last weekend of October e Portugal From the last weekend of March until the last weekend of October e Romania From the last weekend of March until the last weekend of October e Russia From the last weekend of March until the last weekend of October e Serbia From the last weekend of March until the last weekend of October e Slovak Republic From the last weekend of March until the last weekend of October e South Africa South Africa does not use daylight saving time e Spain From the last weekend of March until the last weekend of October e Sweden From the last weekend of March until the last weekend of October e Switzerland From the last weekend of March until the last weekend of October e Syria From March 31 until October 30 e Taiwan Taiwan does not use daylight saving time e Turkey From the last weekend of March until the last weekend of October e United Kingdom From the last weekend of March until the last weekend of October e United States of America From the second Sunday in March at 02 00 to the first Sunday in November at 02 00
347. s The system supports a few NVRAM users Each user can access its NVRAM section only A given user Information NVRAM section 1 sis section can be erased from SYSLG8 26 5 al erased NVRAM The system informs that Information Initialization task is tasks are created and ready SYSLG8 26 7 al System completed to be run by GO functions Information The application must SYSLG8 31 0 al AA New request to create user authenticate a new user A new user is created in the Information current table of SYSLG8 31 1 al AAA User created successfully authenticated users Information Authentication with the SYSLG8 31 11 al A Authentication succeeded current method succeeded Information The user authentication SYSLG8 31 3 al AAA Request for authentication process is started A new connection for the Information SYSLG8 31 40 al New 1 s connection for specified user between the user 2 s source specified source and 5 s 3 y destination destination addresses is 5 s 4 y ACCEPTED accepted AAA FILE overflow Compression is The AAA file is full perfomred Within a Compression is performed compression not valid during which invalid records are deleted records are deleted A AA AA AA AA A connection for the 1 s connection for user specified user between the 2 s source 5 s 3 y specified source and Information destination 5 s 4 y destination addresses is SYSLG8 31 43 al A TERMINATED terminated Authenticati
348. s 3 y destination 5 s 4 y TERMINATED AAA FILE overflow Compression is perfomred Within a compression not valid records are deleted Method being retried Method succeeded User CLI session for user 2 s over 1 s source 3 y destination 5 s 4 y TERMINATED The Telnet SSH session may still be connected User CLI session for user 2 s over 1 s source 3 y destination 5 s 4 y ACCEPTED Files Copy source URL 1 s destination URL 2 s Attention port 1 j from which the bpdu was received is configured as Fast Port sshpClientld illegal connection id 1 d Information SYSLG8 31 7 al AAA Method failed Closed SSH connection to 1 y SSH log 1 s DESCRIPTION destination addresses is accepted A connection for the specified user between the specified source and destination addresses is terminated The AAA file is full Compression is performed during which invalid records are deleted Authentication with the current method failed and authentication is repeated once more by using the same method Authentication with the current method succeeded an access is granted The CLI session for the specified user between the specified source and destination addresses is terminated The Telnet SSH session may still be connected The CLI session for the specified user between the specified source and destination addresses is accepted The files are copied fro
349. s Gigabit Stackable Managed Switch User Manual Ifthe Stack Master remains in this sub group the behavior is the same as described above If the Backup Master remains in this sub group the behavior is the same as described in0 Replacing a Failed Stack Master NOTE If a stack is divided into two parts with one section which containing the Stack Master and the other section Backup Master was operate The following occurs if either the Stack Master or the Backup Master remains in the divided group e The Master Discovery Master Election and Unit ID Allocation amp Duplicate Unit ID Conflict Resolution processes are performed resulting in the following When the stack is divided and if the Stack Master remains in the split stack the Stack Master recognizes that the stacking units were no longer responds This occurs using the Master Detection Process The Stack Master notifies the system administrator using SYSLOG messages and SNMP traps of the removed stacking members In addition the Stack Master also notifies the system administrator whichd ports belong to unreachable stacking members and are reported as Not Present if the Backup Master remains in the split stack when the stack is divided the Backup Master identifies this as of the Stack Master failing The Backup Master takes over and manages the remaining stacking members as a stack The Backup Master retains the same Unit ID as before the stack was divided Since the Ba
350. s NVRAM section only A given user Information NVRAM section 1 sis section can be erased from SYSLG8 26 5 al erased NVRAM The system informs that Information Initialization task is tasks are created and ready SYSLG8 26 7 al System completed to be run by GO functions Information The application must SYSLG8 31 0 al New request to create user authenticate a new user A new user is created in the Information current table of SYSLG8 31 1 al AAA User created successfully authenticated users Information Authentication with the SYSLG8 31 11 al Authentication succeeded current method succeeded Information The user authentication SYSLG8 31 3 al Request for authentication process is started New 1 s connection for A new connection for the Information user 2 s source specified user between the SYSLG8 31 40 al 5 s 3 y destination specified source and 247 SEVERITY ID Information SYSLG8 31 43 al Information SYSLG8 31 46 al Information SYSLG8 31 5 al Information SYSLG8 31 6 al Information SYSLG8 31 63 al Information SYSLG8 31 64 al Information SYSLG8 31 8 al Information SYSLG8 45 18 al Information SYSLG8 48 31 al DGS 3100 Series Gigabit Stackable Managed Switch User Manual CATEGORY AAA AAA Up Download STP Information SYSLG8 49 11 al Information SYSLG8 49 14 al Security Information SYSLG8 49 2 al MESSAGE 5 s 4 y ACCEPTED 1 s connection for user 2 s source 5
351. s after changing the port trunk group settings VLAN settings automatically change in conjunction with the change of the port trunk group settings VLAN Status The VLAN List displays VLANs VLAN membership and membershiop type This window displays the ports on the switch that are currently Egress or Tag ports To view the following table open the L2 features gt VLAN folder and click the VLAN Status Link This section contains the following topics e Defining VLAN Properties e Configuring GVRP 75 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining VLAN Properties The VLAN Configuration Page provides information and global parameters for configuring and working with VLANs 1 Click L2 Features gt 802 1Q VLAN The VLAN Configuration Page opens i 90086 os SSUES SEESEES o00o00 D Link Ce Se ee LEE 2225 22292930 Semen a of cl la la lla la Ce a a d i eile iy oo a sie LE ree A GREENE EEES E Save X Tools Y Stack ID E X Up Time 2 days 5 10 17 Logged in as administrator admin 192 168 0100 procs Building Networks for People DGS 3100 48 E Configuration L2 Features gt Jumbo Frame a gt GVRP Settings VID VLAN Name Untag VLAN Ports Tag VLAN Ports Forbidden VLAN Ports Trunking 1 1 1 2 1 3 1 4 gt Traffic Segmentation 01 R amp D1 1 5 1 6 1 7 1 8 33 LACP Port Settings 1 9 1 10 1 11 1 12 gt IGMP Snooping 1 1 1 2 1 3 1 4 MLD Snooping 1 5 1 6 17 1 8 dt 1 9 1 10 1
352. s number is not necessarily the number of packets dropped it is just the number of times that this condition was detected Select a unit and port and click Apply Information for the selected port in the selected unit is displayed Click View Table to see the results in table format Enter Time Interval Record Number and the types of error counters that you want to display a RYN Click Ay The information is displayed Errors in Transmitted Packets To view Tx errors 1 Click Monitoring gt Errors gt Transmitted Tx The Transmitted Tx Page opens J Wh Aen O AA i o0o0000 LA 3 F ABASI Building Networks for People Up Tim 2 DGS 3100 48 Transmitted TX EE Configuration Unit Port E p fone oa y lor y View Table apply J _ Clear El Security Monitoring 3 Stacking Information CPU Utilization 3 Port Utilization gt Packet Size EARS El i Packets 3 RADIUS Authentication aoe Browse ARP Table 4 ExColl Browse MLD Router Port 3 Browse Router Port SingColl Browse Session Table IGMP Snooping Group MultColl 3 MLD Snooping Group 3 MAC Address Table gt System Log Green Ethernet 3 Device Environment E Errors 3 Received Rx 2 3 Cable Diagnostics E fj PoE m acl Unit Packets Aani Time interval Y Record Number 200 Apply on Show Hide E ExDefer LateColl ExColl Y SingColl E muttcoll Figure 0 15 Tra
353. s the whole configuration back to the default values with the exception of the account settings reboot The reboot command exits the Password Recovery Mode and restarts the switch reset account The reset account command deletes all of the created user accounts reset password The reset password command resets the password of the specified user If a username is not lt username gt specified the password of all the users will be reset show account The show account command displays all previously created accounts 279
354. scheme with one level tagging e 802 1Q VLAN Packet Forwarding Packet forwarding decisions are made based upon the following three types of rules e Ingress rules rules relevant to the classification of received packets belonging to a VLAN e Forwarding rules between ports decides whether to filter or forward the packet e Egress rules determines if the packet must be sent tagged or untagged 802 1Q Packet Forwarding Tagging or Untogging Figure 0 2 IEEE 802 1Q Packet Forwarding 72 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 802 1Q VLAN Tags The figure below shows the 802 1Q VLAN tag There are four additional octets inserted after the source MAC address Their presence is indicated by a value of 0x8100 in the EtherType field When a packet s EtherType field is equal to 0x8100 the packet carries the IEEE 802 1Q 802 1p tag The tag is contained in the following two octets and consists of 3 bits of user priority 1 bit of Canonical Format Identifier CFI used for encapsulating token ring packets so they can be carried across Ethernet backbones and 12 bits of VLAN ID VID The 3 bits of user priority are used by 802 1p The VID is the VLAN identifier and is used by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLANs can be identified The tag is inserted into the packet header making the entire packet longer by 4 octets All of the information originally contained in the packet is reta
355. sents the Save button a menu for accessing device tools and a menu for Stack ID Information View selection The current Up Time and current User Loggin information is reported The Logout button is also here 4 Zoom View Presents a graphical near real time image of the front panel of the Switch This area displays DGS 3100 Series Gigabit Stackable Managed Switch User Manual View Description the Switch s ports and expansion modules showing port activity duplex mode or flow control depending on the specified mode Various areas of the graphic can be selected for performing management functions including port configuration 5 Device Provides access to the device logout and provides information about the Safe Guard mode Application Buttons currently enabled on the device 6 Stacking Status Provides a graphic representation of the stacking links and ports status View Table 0 2 Main Areas DGS 3100 Series Gigabit Stackable Managed Switch User Manual Using the Tool Menu The tool menu contains menu options for e Displaying the Stack Status e Locating Devices e Backing up and Restoring Configuration Files e Resetting the Device e Downloading the Firmware e Rebooting the System Displaying the Stack Status The Stacking Information Page provides specific information for stacked devices For more information regarding the stacking setup see Managing Stacking section Locating Devices The Device Lo
356. st use an extension cable use a 3 wire cable with properly grounded plugs Observe extension cable and power strip ratings Make sure that the total ampere rating of all products plugged into the extension cable or power strip does not exceed 80 percent of the ampere ratings limit for the extension cable or power strip To help protect your system from sudden transient increases and decreases in electrical power use a surge suppressor line conditioner or uninterruptible power supply UPS Position system cables and power cables carefully route cables so that they cannot be stepped on or tripped over Be sure that nothing rests on any cables Do not modify power cables or plugs Consult a licensed electrician or your power company for site modifications Always follow your local national wiring rules viii DGS 3100 Series Gigabit Stackable Managed Switch User Manual e When connecting or disconnecting power to hot pluggable power supplies if offered with your system observe the following guidelines Install the power supply before connecting the power cable to the power supply Unplug the power cable before removing the power supply Ifthe system has multiple sources of power disconnect power from the system by unplugging all power cables from the power supplies Move products with care ensure that all casters and or stabilizers are firmly connected to the system Avoid sudden stops and uneven surfaces A Gene
357. sts EJEnatle Method Lists gt Configure Local Enable E J ARP Spoofing Prevention H B Monitoring a f acL LE STACKING STATUS Figure 5 14 Enable Method Lists Page The Enable Method Lists Page contains the following fields Field Description Method List Name Defines the method list name The field is user defined besides the http method list and https_method_list which cannot be deleted or renamed Method 1 Indicates the first method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication 166 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Method 2 Indicates the second method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication Method 3 Indicates the third method used to authenticate the network user The possible field values are RADIU
358. system To prevent static damage discharge static electricity from your body before you touch any of the electronic components such as the microprocessor You can do so by periodically touching an unpainted metal surface on the chassis You can also take the following steps to prevent damage from electrostatic discharge ESD 1 When unpacking a static sensitive component from its shipping carton do not remove the component from the antistatic packing material until you are ready to install the component in your system Just before unwrapping the antistatic packaging be sure to discharge static electricity from your body 2 When transporting a sensitive component first place it in an antistatic container or packaging 3 Handle all sensitive components in a static safe area If possible use antistatic floor pads and workbench pads and an antistatic grounding strap Battery Handling Reminder CAUTION This is danger of explosion if the battery is incorrectly replaced Replace only with the same or equivalent type recommended by the manufacturer Discard used batteries according to the manufacturer s instructions DGS 3100 Series Gigabit Stackable Managed Switch User Manual GETTING STARTED To begin managing the device simply run the browser installed on the management station and point it to the IP address defined for the device For example http 123 123 123 123 Please note that the proxy for session connection should be turne
359. t 169 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description ARP requests 2 Click _Apply O The device is updated with the ARP Spoofing Prevention configuration 170 DGS 3100 Series Gigabit Stackable Managed Switch User Manual MONITORING THE DEVICE This section contains information for view device and packet statistics as well as viewing IGMP information and MAC address information This section includes the following topics 171 Device Environment Errors Cable Diagnostics Viewing Stacking Information Viewing CPU Utilization Viewing Port Utilization Viewing Packet Size Information Viewing Received Packet Statistics Viewing RADIUS Authenticated Session Statistics Viewing ARP Table Viewing MLD Router Ports Viewing Router Ports Viewing Session Table Viewing IGMP Group Information Viewing MLD Group Information Defining Dynamic and Static MAC Addresses Viewing System Log Green Ethernet Device Environment Errors Cable Diagnostics DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Stacking Information The Stacking Information Page provides specific information for stacked devices To show the Stacking Information Page 1 Click and from the menu select Show Stack Status 2 Alternatively click Monitoring gt Stacking Information in the Tree View The Stacking Information Page opens D Link coon Building Networks for Peo
360. t s Notices and Cautions hi Peet occ A E AAA A A sae A Dd NE vil Safety Cautions ada vill General Precautions for Rack Mountable Products ccsccesecsseesseeseeeseeseeececeeecnsecesecaeceaecnaecaeecaeeeaeceaeeeeeeneseerenaeeneeeaeenaees ix GETTING STARTED 6000 T A A A A 1 Accessing the Boot Startup Menu Functions s sssssseesseserseeseeesssteressesetstesersessreressestestesttstssteresststesestestsstentsststessestestessetets 2 Downloading Software A es we ee ee 2 Set Terminal Batid Rates ta dd a tom Alt a Akl a a et cme ial ee 3 Defining Stacking Until 3 Using the Web Based User Tita ti ee 5 Understanding the D Link Embedded Web Interface ccccceccceseesseesseeseesseeeeeesecesecnseceaecnaecaaecaaecaeeeseeeeeseeeseresreneenseeaees 6 Using th Tool Mea a detal da 8 Displaying the Stack Status dd a tdt diia 8 E catino DEVICES lt 2 cir tetast Shit tes epect vi tata ea elas tat eo el o A ue ota ere ines 8 Backing up and Restoring Configuration Files ccccesccssscsseesseeseesseeeeceecesecesecaecnaecnaecaaecsaecaeeeaeeeseseeeeeeeerenrseeeeeenaees 9 Resetting Ds leo eo a en al 10 Downloading the Firmware it dedo waitin ede las 11 Rebooting the System sarera RAGAN AGE A A hd Se ak Ae eee 13 View Add Update Delete User Accounts Using the Web System Components ccscccssesssesseeeseeeeceeeeneeeseenseenseeneenes 14 User Level Support on the WEB A aod en I ee a RA ce eA en eet 15 CONFIGURING
361. t 1 on Unit 3 BAcL Y 1 9 Entry1 MACADDRESS 00 01 05 03 04 01 LOCAL 115 RMON Port 1 on Unit3 u 2 1 10 Enty3 MACADDRESS 00 01 06 03 04 01 LOCAL 115 RMON Port 1 on Unit 3 STAGKING STATUS Next a o to anno eececese sena Figure 0 35 LLDP Remote Port Brief Page The LLDP Remote Port Brief Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP remote port information is displayed Port Indicates the port number Entry Indicates the the device s Media Service Access Point MSAP entry number Chassis ID Subtype Displays the chassis ID subtype For example MAC address 117 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Chassis ID Displays the chassis identification of the device transmitting the LLDP frame Port ID Subfype Displays the port ID subtype For example IPv4 address Port ID Displays the port ID Unit number Port number of the port transmitting the LLDP frame Port Description Displays the port description 2 Click Show Normal The LLDP Remote Port Normal Page is displayed codo Soros 990909900999999 eee ss D Li gt 3 THER nanan es nu gt ink 3 A al a ds e e d Co T bed Sree AA VEU PAI Hi Save Tools Stack ID B Up Time 2 days 5 10 17 ESE ERE AA Broan Too Building Networks tor People 802 10 VLAN gt GVRP Settings 33 Trunking
362. t Stackable Managed Switch User Manual j EI a 45 po A saki e eeasaseessseceae seeessess lr ars fA Ml AAA ETITI A d i Pree eee FPP ee Sere 1 DES 3100 48 Up Time 5 days 1 46 24 Loggedin as administrator 10 5 80 57 P Logout IEG Tools StackID e bs DGS 3100 48 rome l Configuration Select Frame Type L2 Features a QoS L2 ACL a SB Security i3ipvaact ICMP gt H Monitoring fj PoE C L3IPv6 ACL Selet ACL You can select the field in the packet to create filtering mask ACL Configuration Wizard a L2 Header IPv4 Class IPv4 Address 5 ACL Finder STACKING STATUS ICMP r Y _ A T ICMP Type I ICMP Code E y E S a TE E 32 20 F nn T y Create Figure 0 8 ACL Profile L3 IPv4 ACL ICMP Page The ACL Profile L3 IPv4 ACL ICMP Page contains the following fields Field Description ICMP Type Sets the ICMP Type field as an essential field to match ICMP Code Sets the ICMP code field as an essential field to match 2 Select the ICMP Type and or ICMP Code fields 3 Click _ Create The ACL profile is added and the device is updated IGMP Filtering To define IGMP filtering select the IGMP option To define L3 IPv4 IGMP ACL profile 1 Select IGMP The ACL Profile L3 IPv4 IGMP Page updates as follows 213 1 4 4 4
363. t numbers defined as forbidden router ports 3 Define the Leave Timer Host Timeout Router Timeout State Querier State Querier Version Static Dynamic and Forbidden Router Ports fields 4 Click Apply IGMP Snooping and Static Router Port Settings are defined and the device is updated 90 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining MLD Snooping Multicast Listener Discovery MLD Snooping performs the same function for IPv6 multicast routers as IGMP Snooping does for IPv4 multicast routers The device supports two versions of MLD Snooping MLDvl Snooping detects MLDv1 control packets and sets up traffic bridging based on IPv6 destination multicast addresses MLDv1 is equivalent to IGMPv2 MLDv2 Snooping uses control packets to set up traffic forwarding based on source IPv6 address and destination IPv6 multicast address MLDv2 is equivalent to IGMPv3 In a similar approach to IGMP snooping MLD frames are snooped as they are forwarded by the switch from stations to an upstream multicast router This facility allows a switch to determine the following Where on which ports stations interested in joining a specific multicast group are located Where on which ports multicast routers sending multicast frames are located This knowledge is used to exclude irrelevant ports ports for which no stations have registered to receive a specific multicast group from the forwarding set of an
364. t weekend of March until the last weekend of October Germany From the last weekend of March until the last weekend of October Greece From the last weekend of March until the last weekend of October Hungary From the last weekend of March until the last weekend of October India India does not use daylight saving time Iran From Farvardin 1 until Mehr 1 Iraq From April 1 until October 1 Ireland From the last weekend of March until the last weekend of October Israel Varies year to year Italy From the last weekend of March until the last weekend of October Japan Japan does not use daylight saving time Jordan From the last weekend of March until the last weekend of October Latvia From the last weekend of March until the last weekend of October Lebanon From the last weekend of March until the last weekend of October DGS 3100 Series Gigabit Stackable Managed Switch User Manual e Lithuania From the last weekend of March until the last weekend of October e Luxembourg From the last weekend of March until the last weekend of October e Macedonia From the last weekend of March until the last weekend of October e Mexico From the first Sunday in April at 02 00 to the last Sunday in October at 02 00 e Moldova From the last weekend of March until the last weekend of October e Montenegro From the last weekend of March until the last weekend of October e Netherland
365. tacking member for which the VLAN parameters are displayed Untag Port Defines the interface is an untagged VLAN member Packets forwarded by the interface are untagged Tag Port Defines the interface is a tagged member of a VLAN All packets forwarded by the interface are tagged The packets contain VLAN information Forbidden Port Defines the interface VLAN membership even if GVRP indicates the port is to be added Not Member Indicates that the interface is not a member of the VLAN Port Select All Selects all ports and either untags tags excludes or removes the VLAN membership 3 Define the VID VLAN Name and port related fields 4 Select the Tagged Untagged and Forbidden ports 5 Click Apply The VLAN is saved and the device is updated To modify a VLAN Click L2 Features gt 802 1Q VLAN The VLAN Configuration Page opens Select a VLAN in the VLAN Table Click Edit The configured VLAN parameters are displayed in the Add Edit VLAN Information section Modify the VLAN parameters ar 2 PNTE Click ptr The VLAN information is modified and the device is updated 77 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Asymmetric VLAN The device configuration allows a port to be defined as an untagged member only in one VLAN and tagged in multiple VLANs By enabling Asymmetric VLAN on the device a port is defined as an untagged member in multiple VLANs This allows ports from separate V
366. tatus is SYSLG8 31 30 Error SNMP Unknown variable encountered User name received empty The user name is an empty SYSLG8 31 31 Error AAA string string Failed to creating update an Creating updating entry in entry in the Copy History SYSLG8 45 15 Error Up Download copy history table failed table Could not add message to Could not add a message to SYSLG8 45 21 Error Up Download copy messages table the Copy Messages table COPYG init Errors Errors occurred during SYSLG8 45 5 Error System occurred during init initialization Primary IP Address 1 s The specified primary IP SYSLG8 47 33 Error IP was deleted address was deleted SYSLG8 49 1 SSH error 1 s sshHostKeySave DER formatted private key string too long 1 d The DER formatted private bytes The key could key string too long The key SYSLG8 49 16 Error SSH not be saved to flash could not be saved to flash sshAuthpTreatMessage Unable to allocate Unable to allocate a SYSLG8 49 21 Error SSH connection connection 239 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SEVERITY CATEGORY MESSAGE DESCRIPTION ID Unable to allocate Unable to allocate a SYSLG8 49 3 Error SSH memory pool for SSH memory pool for SSH sshp_text_handler Unable to allocate memory for Unable to allocate memory incoming text from the ssh for incoming text from the connection Data may SSH connection Data may SYSLG8 49 30 Error SSH have been lost have been lost
367. tem Reboot The selected unit s is are rebooted 13 DGS 3100 Series Gigabit Stackable Managed Switch User Manual View Add Update Delete User Accounts Using the Web System Components The following table contains information regarding the list of buttons Component Name Description Activate Activate Activates field commands Add Add Adds selected items All ALL Selects all Apply Apply Applies field settings Backup Backup Evokes backup Cancel Cancel Cancels settings Clear Clear Clears selected settings and fields Clear All Entry Clear All Clears all settings and fields Delete Delete Deletes selected fields Delete VID Delete VID Deletes VLAN Identification Download Download Starts downloading system files Edit Edit Modifies configuration Information Factory Reset Factory Reset Resets the factory defaults Find Find Finds a table entry System Reboot System Reboot Reboot the system Refresh Refresh Refreshes device information Restore Restore Restores the specific configuration file View All Entry View All Entry Displays table entries Table 1 3 User Interface Buttons 14 DGS 3100 Series Gigabit Stackable Managed Switch User Manual User Level Support on the WEB P3 0 firmware release will support additional user level in addition to Operator and Admin on the WEB GUI The new level will be User level 1 User will ha
368. ters Description Authentication Provides data integrity and data origin authentication Privacy Prevents message content disclosure Cipher Block Chaining CBC is used for encryption Either authentication is enabled on a SNMP message or both authentication and privacy are enabled on an SNMP message However privacy cannot be enabled without authentication Key Management Defines key generation key updates and key use The device supports SNMP notification filters based on Object IDs OIDs OIDs are used by the system to manage device features SNMP v3 supports the following features e Security e Feature Access Control e Traps The system comes up with SNMP disabled The following communities are defined by default e PRIVATE Read write community e PUBLIC Read only community The user cannot connect through an NMS application without enabling the SNMP service 47 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Settings You can globally enable or disable SNMP in the SNMP Global Settings Page 4 Click Configuration gt SNMP Settings gt SAMP Global Settings The SNMP Global Settings i opens elo F egese 222292223 D Link a a AAA ttt tT 7 a E PYPP Tools Y Stack ID 2 DGs 2100 48 E Configuration System Information IP Address a Stacking Settings Port Configuration ARP Settings A User Accounts El System Log Host GBSNTP Settings 193 Settings y
369. tes the unknown TLV type field Unknown TLV Information Bytes Displays the unknown TLV information bytes in hexadecimal format 121 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Voice VLAN Voice VLAN enables network administrators to improve VoIP service by configuring ports to carry IP voice traffic from IP phones on a specific VLAN VolP traffic has a preconfigured OUI prefix in the source MAC address Network administrators can configure VLANs on which voice IP traffic is forwarded Non VolP traffic is dropped from the Voice VLAN in Auto Voice VLAN Secure mode Voice VLAN also provides QoS ensuring that the quality of voice does not deteriorate if the IP traffic is received unevenly The system supports one Voice VLAN There are two operational modes for IP Phones e IP phones are configured with VLAN mode as enabled ensuring that tagged packets are used for all communications e Ifthe IP phone s VLAN mode is disabled the phone uses untagged packets The phone uses untagged packets while retrieving the initial IP address through DHCP The phone eventually uses the Voice VLAN and begins sending tagged packets This section contains the following topics e Defining Voice VLAN Global Settings e Defining Voice VLAN Port Settings e Defining OUIs e Defining Voice VLAN Global Settings The Voice VLAN Global Setting Page displays the parameters for creating and configuring the Voice VLAN global
370. the port Rx Indicates the receive stream of data on the port 95 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Both Defines the port mirroring on both receiving and transmitting ports None Defines that port mirroring is not applied to the ports 2 Define the Status Unit and Target fields 3 Click APP to activate the Port Mirroring function 4 Define the Unit Tx and Rx fields under Source Port Setting 5 Click Add to capture the configured Source Ports in order to display them in the Source Port Setting table 96 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Spanning Tree Spanning Tree Protocol STP provides tree topography for any arrangement of bridges as well as providing a single path between end stations on a network thus eliminating loops Loops occur when alternate routes exist between hosts Loops in an extended network can cause bridges to forward traffic indefinitely resulting in increased traffic and reducing network efficiency The device supports the following STP versions Version Description Classic STP Provides a single path between end stations preventing loops from occurring Rapid STP Detects and uses network topologies that provide faster convergence of the spanning tree without creating forwarding loops Multiple STP Provides various load balancing scenarios For example if port A is blocked
371. the target port must belong to the default VLAN 1 Click L2 Features gt Port Mirroring The Port Mirroring Page opens e 4 299 99999 oo 99999 299929999909 7 9 oes na an CEREA D Link m a ado Se anna HII seo TETTETETT PU EH pes 3188 48 Uptime days 51013 Logged in as administrator admin 102 168 0 100 pel ogout DGS 3100 48 2 8 Configuration 2 OQ Features Target Port Setting gt Jumbo Frame Status OEnabled Disabled gt gt nigh ha a Unit Target Port gt Trunking Source Port Sniffer mode Ports 2 Traffic Segmentation Tx 1 8 1 32 1 7 1 31 2 LACP Port Settings 1 9 1 33 1 7 1 31 gt IGMP Snooping 2 MLD Snooping E Spanning Tree El 3 Forwarding amp Filtering G1 LLOP H Qos H Security El Monitoring cn acL Note Maximum 8 ports 27 28 29 3 7 38 39 40 41 42 43 44 45 46 47 STACKING STATUS a dadas T G Poo ooo Figure 0 19 Port Mirroring Page The Port Mirroring Page contains the following fields Field Description Status Enables or disables target port setting The default is Disabled Unit Defines the unit number Target Port Defines the target port Source Port Displays the Sniffer Mode and the source port Source Port Setting Field Description Unit Selects the Unit to be displayed Tx Indicates the transmit stream of data on
372. thentication MD5 32 or 64 digits SHA 40 or 70 digits Confirm Key Confirms the authentication key for authentication 2 Define the User Name Group Name and SNMP V3 Encryption fields 3 Define the authentication password or authentication key 4 Clicky The SNMP authentication method is defined and the device is updated 53 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Communities Access rights are managed by defining communities using the 16 SNMP Community Table Page When the community names are changed access rights are also changed SNMP communities are defined only for SNMP v1 and SNMP v2c To define SNMP communities 1 Click Configuration gt SNMP Settings gt SNMP Community Table The 76 SNMP Community Table Page opens System Information 3 IP Address gt Stacking Settings 3 Port Configuration gt ARP Settings gt User Accounts gt System Log Host S SNTP Settings E H SNMP Settings SNMP View Table gt SNMP Group Table NMP User Table NMP Community SNMP Host Table SNMP Engine ID SNMP Trap Configu DHCP Auto Configuratic Dual Image Services gt Telnet Cattinn STACKING STATUS a 00000000000 o 22299299999999 CEI EOE s23 9 10 n n29 4 s Add Community Community Name View Name CommunityView v Access Right Read Only List Community Name View Name Access Right public CommunityView
373. tion Succession Defines the desired RADIUS server to configure Network managers use up to 3 RADIUS servers for port authentication The possible field values are First Indicates the RADIUS parameters are defined for the first RADIUS server Second Indicates the RADIUS parameters are defined for the second RADIUS server Third Indicates the RADIUS parameters are defined for the third RADIUS server RADIUS Server Defines the RADIUS server IP addresses The field format is X X X X Authentic Port Identifies the authentication port The authentication port is used to verify the RADIUS server authentication The authenticated port default is 1812 Accounting Port Defines the port used to send Start and Stop authentication messages Information received through the RADIUS Accounting Port is recorded in the RADIUS Authentication Page The default port is 1813 Key Defines the authentication and encryption key for communications between the device and the 153 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description server This key must match the encryption used on the server Confirm Key Confirms the RADIUS key defined in the Key field 2 Define the RADIUS server to configure in the Succession field 3 Define the RADIUS server IP address in the RADIUS Server field 4 Define the authentication port in the Authentic Port field 5 Define the accounting port in the
374. tion Displays the port description 2 Click Show Normal The LLDP Local Port Normal Page is displayed 115 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 D Link D Link ta ORO co RARE IE a a b 103 3100 40P Save Tools Y Stack ID i Up Time 2 days 5 10 13 Logged in as administrator admin 192 Building Networks tor People gt Port Mirroring Spanning Tree ee E H Forwarding amp Filtering S Show Brief Unicast Forwarding 3 Multicast Forwarding 2 Multicast Filtering Mode TRAE Pons ff LLDP a 3 LLOP Global Setting ponia Port Description 2 gt por MACIPHY Configuration Status LLDP Basic TLVS Settir LLDP Dot3 TLVS Settini LLOP Remote Port Brief E H Qos 3 Bandwidth Control gt Traffic Control gt 802 1p Default Priority gt 802 1p User Priority gt STAGKING STATUS a Masssssss anananes A Seeseees PP SSZEREEE Seessess anos Figure 0 33 LLDP Local Port Normal Page 3 To view the detailed MAC PHY Configuration Status for the port click Show Detail The LLDP Local Misc Detail Information Page is displayed c0000000000000000 ooooo Diink O12 4 S ie Tanan o D Link ARES 4 68 78 8 DLink sar TTT TTT att ORO cox EDS PAE BES 3100 007 Trey 7 7 im Save Tools Stack ID gt Port Mirroring P Spanning Tree A Forwarding amp Filtering gt Unicast Forwarding 3 Multicast Forwardin
375. tion Wizard to create a new ACL rule gt 802 1p User Priority 3 QoS Scheduling Mechanist Ea Multi Layer CoS Setting Security f Monitoring E BHACL j gt STACKING STATUS Figure 4 8 Multi Layer CoS Setting Page The Multi Layer CoS Setting Page contains the following links Access Profile List ACL Configuration Wizard 2 Click the desired link The relevant page opens see Defining Access Profile Lists 137 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SECURITY FEATURES This section contains information for enabling and configuring device security including user accounts Configuring Safeguard Engine Configuring Trust Host Configuring Port Security Configuring Guest VLANs Configuring Port Authentication 802 1X Defining EAP Forwarding Settings Configuring Secure Socket Layer Security Configuring Secure Shell Security Defining Application Authentication Settings 138 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Safeguard Engine The Safeguard Engine Page allows network administrators to set network alarms to protect the CPU from attacks based on rising and falling threshold levels of Broadcasts and CPU Utilization The Safeguard mechanism immediately implements Broadcast Storm Control with a low threshold in order to hold the attack and release the CPU resources To enable the safeguard engine 1 Click Security gt Safeguard Engine The
376. tion on Mac Port Lock action on the SYSLG8 52 10 Warning Port Security Table has ended MAC Table has ended Bridge forwarding table The bridge forwarding table SYSLG8 52 2 Warning FDB overflow is full BRMNP_nttb_hash_set_e ntry Hash Insert Failed for VLAN 1 j Mac 2 s Port 3 j Error 4 s The MAC database is full No entry can be inserted the CPU memory limitations Port Lock action on Mac Port Lock action on the SYSLG8 52 9 Warning Port Security Table has started MAC Table has started Bridge forwarding table overflow UNIT ID 1 d Msg 2 s UNIT ID 1 d Trap 2 s Host and domain name size exceeds 1 d bytes 68 i IP SYSLG8 74 56 Packet RX on interface 1 s from 2 s type 3 s 4 s Packet RX on virtual interface 1 s area 2 s type 3 s 4 s Packet RX on virtual interface 1 s area 2 s type 3 s 4 s Warning SYSLG8 74 60 SYSLG8 74 65 Packet TX from interface 1 s md5 auth key not found Packet TX from interface 1 s last authentication key has expired Packet RX on interface 1 s from 2 s last authentication key has expired HTTPS server has been enabled but a certificate was not found For certificate generation use the Y crypto certificate 1 2 generate command The service will start automatically SYSLG8 74 67 SYSLG8 74 68 275 SSH The bridge forwarding table is full Host and domain name size exceeds the spe
377. tivated and a router SYSLG8 9 11 Warning FDB Timer allocation failed will stay in the v1 state Querier gt NonQueirier transition on Interface An interface stopped to be a SYSLG8 9 14 Warning FDB 1 Querier No entry can be inserted IGMP Cache table is the platform reached its SYSLG8 9 7 Warning FDB overflowed limit Received IGMP wrong Received a wrong IGMP SYSLG8 9 8 Warning FDB version V1 query version v1 query SYSLG8 9 9 Received IGMP wrong Received a wrong IGMP 277 DGS 3100 Series Gigabit Stackable Managed Switch User Manual oo e pe MESSAGE DESCRIPTION version V2 query version v2 query ee upload has Configuration file upload SYSLG8 95 0 Warning Up Download been aborted has been aborted Configuration download Configuration file SYSLG8 95 1 Warning Up Download has been aborted download has been aborted SYSLG8 95 6 Unknown certificate SYSLG8 96 7 Warning subject field SYSLG8 98 6 Bad OS status Bad OS status Reached Maximum number of IGMP The IGMP database is full SYSLG8 98 7 Warning FDB memberships No entry can be inserted 278 DGS 3100 Series Gigabit Stackable Managed Switch User Manual PASSWORD RECOVERY PROCEDURE This document describes the procedure for resetting passwords on D Link Switches Authenticating any user who tries to access networks is necessary and important The basic authentication method used to accept qualified users is through a local login utilizing a Username
378. to Update Completed The switch is being SYSLG1 0 56 al Up Download rebooting the switch rebooted Active image is Information Active image successfully successfully changed to the SYSLG1 0 59 al Up Download changed to image 1 d specified image Information entity configuration SYSLG1 2 4 al change trap Information Pse Port 1 s delivering The specified PSE port is SYSLG1 3 0 al Interface power to the PD delivering power to the PD PSE power usage 1 d The PSE power used by the Information in unit 2 d is above the specified unit is above the SYSLG1 3 1 al System threshold threshold PSE power usage 1 d The PSE power used by the Information in unit 2 d is below the specified unit is below the SYSLG1 3 2 al System threshold threshold Unit 1 d was shutdown The specified unit is Information JUMBO frames not shutdown because Jumbo SYSLG1 5 23 al Interface supported frames are not supported Information Master switchover unit The specified unit is now SYSLG1 5 24 al Stack 1 d is now master the Master unit Backup master unit 1 d The specified backup Information was removed from the master is removed from the SYSLG1 5 25 al Stack stack stack Information Unit 1 d was removed The specified unit is SYSLG1 5 26 al Stack from the stack removed from the stack Information Ipc connection with unit The IPC connection with SYSLG1 5 28 al IP 1 d failed the specified unit has failed Information Configuration changed
379. to the lowest priority data and 7 to the highest Generally tag 7 is used for data associated with video or audio applications sensitive to even slight delays or for data from specified end users whose data transmissions warrant special consideration The switch enables increased definition for handling priority tagged data packets on the network Using queues to manage priority tagged data enables user specification for the data s relative priority to suit the needs of the network Circumstances can arise where it is advantageous to group two or more different tagged packets into the same queue Generally however it is recommended that the highest priority queue Queue 1 be reserved for the data packets with a priority value of 7 1 Classes not Queues should be used when explaining traffic handling techniques 2 The ratio is Class0 Class1 Class2 Class3 1 2 4 8 A Weighted Round Robin system is employed on the switch to determine the rate which the queues are emptied of packets The ratio used for clearing the queues is 4 1 This means that the highest priority queue Queue 1 clears four packets for every packet which cleared from Queue 0 It is important that the priority queue settings on the switch are for all ports and all devices connected to the switch are affected The priority queuing system is especially beneficial for networks that employ priority tag assignment capable switches QoS is an implementation of the IEEE 802 1p stan
380. ton Displays the Multicast Entry Table Edit 2 Click The IGMP Snooping and Static Router Ports Settings Page opens 0000000000000000 243 678 DGS 3100 48 a Configuration EL Features VLAN ID 02 Jumbo Frame VLAN Name R amp D2 ER E Leave Timer 0 16711450 sec Asymmetric VLAN gt GVRP Settings Host Timeout 60 16711450 sec 3 Trunking B VLAN Trunking Router Timeout 1 16711450 sec 3 Traffic Segmentation State enabled 7 gt LACP Port Settings g Querier State Enabled y gt MLD Snooping gt Port Mirroring Querier Version IGMPv2 y H B Spanning Tree H B Forwarding amp Filtering Ee a A A A A A A a a hs Sue Static Router Ports 4 oos Unit 01 i H B Security 02 03 E Monitoring ACL Dynamic Router Ports Unit 01 hd E a im Ports Forbidden Router Ports Unit 01 y STACKING STATUS a eet Figure 0 16 IGMP Snooping and Static Router Ports Settings Page 89 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The IGMP Snooping and Static Router Ports Settings Page contains the following fields Field Description VLAN ID Specifies the VLAN ID VLAN Name Displays the user defined VLAN name Leave Timer Defines the time a host waits to receive a Join message from another station after requesting to leave the IGMP group prior to timing out If a Leave Timeout occurs the switch notifies the Multicast devic
381. trol QuietPeriod 0 65535 sec SuppTimeout 1 65535 30 sec ServerTimeout 1 65535 sec MaxReq 1 10 2 times TxPeriod 1 65535 sec ReAuthPeriod 300 4294967295 360 sec ReAuthEnabled Enabled Y Control Unit From Port To Port Mode 20 01 el 01 el 4 z Dynamic VLAN Assignment Disabled Apply List Server Dynamit Unit Port Control TxPeriod Quiet Period Supp Timeout Timeout MaxReq ReAuth Period ReAuth Enabled Mode VLAN Assignment 1 11 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 12 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 13 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 4 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 15 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 16 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 7 ForceAuthorized 30 50 30 30 2 3600 Disabled Port Base Disabled 3 1 8 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 19 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 4 10 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 11 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 12 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 13 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 114 ForceAuthorized 30 60 30 30 2 3600 Disabled Port Base Disabled 1 1 15 ForceAuthorized 30 60 30 30 2 3600 Disabled
382. truction File instruction File 1 s The Auto Update process is Up Download Auto Update aborted aborted Failed to download File Failed to download 1 s Auto Update specified file The Auto Up Download aborted Update process is aborted Failed to download specified file The Auto Failed to download File Update process is aborted 1 s Auto Update because of the specified Up Download aborted reason 2 s reason Copy failed Please verify Copy failed Please verify that the configuration line that the configuration line in the instruction matches in the instruction matches the name of the the name of the configuration file and that configuration file and that AAA file exists on the server file exists on the server Invalid auto update The auto update instruction instruction file Auto file is invalid The Auto Up Download update aborted update process is aborted The system could not Can t restore factory restore the factory defaults defaults during auto during the auto update SYSLG1 0 61 AAA update operation operation Connection with the Lost connection with unit specified unit has been lost 1 d reason 0x 2 x due to the specified reason SYSLG1 5 21 Error Stack Unit will be rebooted The unit will be rebooted The specified unit was SYSLG1 5 22 Error Stack Unit 1 d was shutdown shutdown SYSLG4 10 1 Error Transmission failed Transmission has failed Reset to asic num 1 d The specified ASIC reset
383. ts to specific device features or feature aspects To define SNMP groups 1 Click Configuration gt SNMP Settings gt SNMP a Table The SVMP Group Table Page opens 2 DIMK92920 9900009000000 c0000000000000000 9 ON D 4 95 6 DADAS A om Tt tt ttt Peery TT m a o Save Tools 7 r Stack ID E Up Time 2 days 5 10 17 ESE ERE AA 0GS 3100 48 Ef Configuration 3 System Information Add Group gt IP Address Group Name gt za Stacking Settings 3 r v Port Configuration Read ViewName Communiyview _ 3 ARP Settings Write ViewName CommunitWiew v 3 User Accounts ee SS E system Log Host Noti ViewName Communitview y El GB SNTP Settings Security Model SNMPV1 Y E H SNMP Settings 3 SNMP View Table Security Level SNMP User Table SNMP Community T SNMP Host Table SNMP Engine ID List SNMP Trap Configu Y Group Name Read View Name Write ViewName Notify ViewName Security Model Security Level M gt public CommunitWiew CommunityView SNMPv1 NoAuthNoPriv STAGKING STATUS private PrivateView PWriteView SNMPv2 NoAuthNoPriv pr public TestReadView SNMPv3 AuthPriv Figure 0 13 SNMP Group Table Page The SNMP Group Table Page contains the following fields Field Description Group Name Defines the user defined group name to which access control rules are applied limited to 30 alphanumeric characters Read View Name Defines a Read Only view The Read On
384. ttings IGMP Snooping MSTIID MLD Snooping Type Add v Port Mirroring Bg Spanning Tree VID List 1 4094 STP Bridge Global Setti Apply 3 STP Bert EIA B MsTP Information E gar orwersing amp Filtering MSTI ID VID List es oe CIST 1 4094 i ae 01 Edit En 4 Security E Monitoring 02 dt haci 03 04 Edie 05 Edit 06 Edit 07 Edit 08 Edit 09 Edit 10 Edit 11 Edit AZ Edit 13 Edit aaa wane 5 eee STACKING STATUS 15 Edit Figure 0 22 MST Configuration Identification Page The MST Configuration Identification Page contains the following fields Field Description Configuration Name A configured name set on the switch to uniquely identify the MSTI multiple spanning tree instance If a configuration name is not set this field shows the MAC address of the device running MSTP Revision Level 0 65535 This value together with the configuration name and identical vlans mapped for STP instance IDs identifies the MST region configured on the switch MSTI ID Displays the MSTI ID associated with the VID List Type Defines the type of edit The possible values are Add Indicates that edit type is add Remove Indicates that edit type is remove VID List 1 4094 Displays the VID List 102 DGS 3100 Series Gigabit Stackable Managed Switch User Manual N Define the configuration name and revision level Click LAPP Click Edit to an ID row to edit the ID
385. twork may be tag unaware a decision must be made at each port on a tag aware device before packets are transmitted Should the packet to be transmitted have a tag or not If the transmitting port is connected to a tag unaware device the packet should be untagged If the transmitting port is connected to a tag aware device the packet should be tagged Tagging and Untagging Every port on an 802 1Q compliant switch can be configured as tagged or untagged Tagging enabled ports put the VID number priority and other VLAN information into the header of all packets that flow into and out of it If a packet has previously been tagged the port does not alter the packet thus keeping the VLAN information intact The VLAN information in the tag is then used by other 802 1Q compliant devices on the network to make packet forwarding decisions Ports with untagging enabled strip the 802 1Q tag from all packets flowing into and out of those ports If the packet doesn t have an 802 1Q VLAN tag the port does not alter the packet As a result all packets received by and forwarded by an untagging port have no 802 1Q VLAN information as the PVID is only used internally within the switch Untagging is used to send packets from an 802 1Q compliant network device to a non compliant network device Ingress Filtering A port on a switch where packets are flowing into the switch and VLAN decisions must be made is referred to as an ingress port If ingress filter
386. tworks for People AMAT ERG 2 DGS 3100 48 P Configuration DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Features 802 1X Enabled Disabled Bos ire 802 1X Port Access Control Safeguard Engine 3 Trusted Host QuietPeriod 0 65535 60 sec SuppTimeout 1 55535 ec 5 pinsan ServerTimeout 1 65535 30 sec MaxReq 1 10 2 fimes z Guest VLAN y EA 202 1X TxPeriod 1 65535 30 jsec ReAuthPeriod 300 4294967295 3600 sec ReAuthEnabled Enabled Control ForceAuthorized u EET NAA Unit From Port To Port Mode Forwardin f p Per 2 ssi i 01 x 02 Y 2 MAC Base Y apply ssh Access Authentication Monitoring List MBAcL lt ji gt S ReAuth ReAuth Period Server Timeout Supp SaLi Timeout TxPeriod Quiet Period Enabled STACKING STATUS Auto 2 Disabled a A E 1 42 ForceAuthorized 30 60 30 30 2 3600 Disabled ls peers A 1 1 3 ForceUnauthorized 30 60 30 30 2 3600 Enabled PortBase ns ii seesesst 1 14 Auto 30 60 30 30 2 3600 Disabled PortBase Teseeseae saaziiis seese T ES Auto 30 60 30 30 2 3600 Disabled PortBase e 1116 Auto 30 60 30 30 2 3600 Disabled PortBasel AA 1 17 Auto 30 60 30 30 2 3600 Disabled PortBase ea 1 18 Auto 30 60 30 30 2 3600 Disabled PortBase Pr 6 The last step on Security gt 802 1X gt 802 1X Sett
387. ue Specifies the traffic forwarding queue to which the DSCP priority is mapped Four traffic priority queues are supported Restore Defaults Restores the Switch factory defaults for mapping DSCP values to a forwarding queue 2 Modify the Queue values 3 Click Ay The DSCP mapping configuration is modified and the Switch is updated 136 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Multi Layer CoS Settings For network administrators wanting to configure Multi Layer CoS settings implementation in the switch is done via the Access Control List Hence the Multi Layer CoS Setting Page has two hyperlinks one to the Access Profile List which enables the utilization of existing ACL rules to perform traffic classification and the other to the ACL Configuration Wizard which enables network administrators to create new ACL traffic classification rules To define CoS QoS settings 1 Click QoS gt Multi Layer CoS Settings The Multi Layer CoS Sern Page opens Diink 99999009099999990 D Link 7 9 n ono u is Building Networks for People Ty Y Y Save Tools 0GS 3100 48 E 3 Configuration E Su Features You can utilize existing ACL rules to perform traffic classification H H QoS Go to Access Profile List to find an existing ACL rule 3 Bandwidth Control gt Traffic Control You can also create a new ACL rule to perform traffic classification 2 802 1p Default Priority Go to ACL Configura
388. uing the number of packets sent from each priority queue depends upon the assigned weight For weighted round robin queuing if each CoS queue has the same weight value then each CoS queue has an equal opportunity to send packets just like round robin queuing For weighted round robin queuing if the weight for a CoS is set to 0 then it will stop processing the packets from this CoS The other CoS queues that have been given a nonzero value and depending upon the weight will follow a common weighted round robin scheme Strict Priority should be configured at higher class than WRR If the user configures WRR at least two queues should be configured as WRR Remember that the DGS 3100 series has four priority queues and eight Classes of Service for each port on the Switch This section contains the following topics e Defining Bandwidth Settings e Configuring Storm Control e Mapping Ports to Packet Priorities e Mapping Priority to Classes Queues e Configuring QoS Scheduling Mechanism e Defining DSCP User Priority e Defining Multi Layer CoS Settings 128 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Bandwidth Settings The Bandwidth Control Page allows network managers to define the bandwidth settings for a specified interface 1 Click QoS gt Bandwidth Control The Bandwidth Control Page opens Building Networks for People o oo ry e D Link im sie LAA 00000 eoooo000000 000000 2BBNMENT BARN
389. ult of an excessive amount of broadcast messages simultaneously transmitted across a network by a single port Forwarded message responses are heaped onto the network straining network resources or causing the network to time out 1 Click Qos gt Traffi Tools Stack ID c Control The Traffic Control Settings Page opens ESSE B Logout gt DGS 3100 48 E Configuration El Se Features asi None Apply B p Qos Bandwidth Control 2 Unit From Port To Port Storm Control Type Action pane Threshold 3500 1000000 3 802 1p Default Priority Interval 5 30 B 2021p user Prorty Tor a ore for Blfmone o Elf Jsecfsoo kbps Apply QoS Scheduling Mechanis B DSCP User Priority Multi Layer CoS Setting Unit 1 Settings di A Storm Control Type Action Threshold Time Interval Shutdown Forever Bact None Drop 3500 NIA No _None _Dr p 3500 NA No E None Drop 3500 NIA No None Drop 3500 na No None Drop 3500 NIA No None Drop 3500 N A No None Drop 3500 N A No None Drop 3500 NIA No None Drop 3500 N A No None Drop 3500 NIA No None Drop 3500 N A No None Drop 3500 N A No None Drop 3500 N A No None Drop 3500 N A No E e None Drop 3500 N A No STACKING STATUS None Drop 3500 NIA No None Drop 3500 N A No 1 18 None Drop 3500 N A No 1 19 None Drop 3500 N A No 1 20 None Drop 3500 N A No 1 21 None Drop 3500 N A No 1 22 None
390. until the end of March Armenia From the last weekend of March until the last weekend of October Austria From the last weekend of March until the last weekend of October Bahamas From April to October in conjunction with daylight savings in the United States Belarus From the last weekend of March until the last weekend of October Belgium From the last weekend of March until the last weekend of October Brazil From the third Sunday in October until the third Saturday in March Clocks go forward one hour in most areas of southeast Brazil for daylight savings Chile Easter Island from March 9 until October 12 The rest of the country from the first Sunday in March or after March 9 China China does not use daylight saving time Canada From the first Sunday in April until the last Sunday of October Daylight saving times are usually regulated by provincial and territorial governments Exceptions may exist in certain municipalities Cuba From the last Sunday of March to the last Sunday of October Cyprus From the last weekend of March until the last weekend of October Denmark From the last weekend of March until the last weekend of October Egypt From the last Friday in April until the last Thursday in September Estonia From the last weekend of March until the last weekend of October Finland From the last weekend of March until the last weekend of October France From the las
391. urity by limiting traffic to specific domains A VLAN is a collection of end nodes grouped by logic instead of physical location End nodes that frequently communicate with each other are assigned to the same VLAN regardless of where they are physically on the network Logically a VLAN can be equated to a broadcast domain because broadcast packets are forwarded to only members of the VLAN on which the broadcast was initiated Notes about VLANs on the DGS 3100 Series No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership packets cannot cross VLANs without a network device performing a routing function between the VLANs The DGS 3100 series supports IEEE 802 1Q VLANs The port untagging function can be used to remove the 802 1Q tag from packet headers to maintain compatibility with devices that are tag unaware The switch s default is to assign all ports to a single 802 1Q VLAN named default The default VLAN has a VID 1 IEEE 802 1Q VLANs Some relevant terms Term Description Tagging The act of putting 802 1Q VLAN information into the header of a packet 71 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Term Description Untagging The act of stripping 802 1Q VLAN information out of the packet header Ingress port A port on a switch where packets are flowing into the switch and VLAN decisions must be made Egress port A port o
392. value Define the new value Or ie p Click Apply The Multiple Spanning Tree Configuration Identification is defined and the device is updated Defining MSTP Port Information Network Administrators can assign MSTP Interface settings in the MSTI Config Information Page To define MSTP interface settings 1 Click L2 Features gt Spanning Tree gt MSTP Port Information The MSTI Config Information Page opens 2 3 Building Networks for People gt DGS 3100 48 E Configuration E L2 Features Jumbo Frame wa o w 802 10 VLAN ese GVRP Settings Trunking Edit MSTI Port Setting 3 Traffic Segmentation Instance ID LACP Port Settings IGMP Snooping Internal Path Cost MLD Snooping Port Mirroring 1 Spanning Tree gt STP Bridge Global Sett gt STP Port Settings gt MST Configuration Ider gt SR Asti Designated Bridge Internal Path Cost Priority E Forwarding amp Filtering H LLoP p aos 3 Security f Monitoring aci Priority Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated SaSRERSS gt STACKING STATUS Passsssss S0geRERE diaaa e pe aaa a p eetesess ceseeses cecesete ee Po SEBEEEES GbubSs 7
393. ve access as reader without possibility to change configuration to most of the web pages except the pages that controls the following functionality that will be blocked to user level e Update Firmware e Modify Delete startup configuration e Factory Reset e View Add Update Delete User Accounts If the User is trying to modify any configuration by pressing the le Apply button the Access Denied page will be displayed e A 000000 0 00000 ji t2345 67 6 O SR D Link oT oe tT aace Building Networks for Peopl y y RTs cack BS e DGS 3100 24 Configuratii E Configuration Note Access control configuration prevents your request from being allowed a Boos ae Back to previous page m DP Security H P Monitoring H P acl STACKING STATUS Figure 0 7 Access Denied Page 15 DGS 3100 Series Gigabit Stackable Managed Switch User Manual CONFIGURING BASIC CONFIGURATION This section contains information for viewing device information defining IP addresses managing stacking defining port parameters configuring system user accounts configuring and managing system logs defining the system time and configuring SNMP system management This section contains the following topics Viewing Device Information Defining System Information Defining IP Addresses Managing Stacking Defining Ports ARP Settings Configuring User Accounts Managing System Logs Configuring SNTP Configurin
394. ved Rx The Received Rx Page opens Building Networks for People f lx DGS 3100 48 E H Configuration m f L2 Features H Q0S E Security H H Monitoring 3 Stacking Information 3 CPU Utilization A Port Utilization Packet Size E Packets RADIUS Authentication gt Browse ARP Table 3 Browse MLD Router Port 3 Browse Router Port gt Browse Session Table IGMP Snooping Group MLD Snooping Group Z MAC Address Table 3 System Log Green Ethernet 3 Device Environment ived Rx Transmitted Tx 3 Cable Diagnostics fj PoE ACL STACKING STATUS WD 2000000000000 Dlink gt SaS e7 ep hea nw y mv View Table Apply CRCError UnderSize OverSize Fragment Jabber 0 Drop oas Unit Packets Time interval 5s mal Record Number 200 b Apply Show Hide Y CRCError UnderSize Y Oversize Y Fragment V Jabber Drop Figure 0 14 Received Rx Page The Received Rx Page contains the following fields Field Description Unit Indicates the stacking member for which the error counters are displayed Port Indicates the port for which the error counters are displayed Time Interval Indicates the time interval for which packets are displayed The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Indicates the transmitted record number
395. vice Environment gt E HACL SS STACKING STATUS Figure 6 16 Cable Diagnostics Page The Cable Diagnostics Page contains the following fields Fields Description Unit Defines the stacking member for which the port settings are displayed From Port Defines the port number from which the diagnostics will apply To Port Defines the port number to which ports the diagnostics will apply Port Lists the ports to be tested Test Result The cable test results Possible values are e No Cable A cable is not connected to the port Whether the fiber is connected to the port or not e Open Cable A cable is connected on only one side e Short Cable A short has occurred in the cable e OK The cable passed the test Cable Fault Distance The distance from the port where the cable error occurred Last Update The last time the port was tested Cable Length The approximate cable length This test can only be performed when the port is up and operating at 1 Gbps 195 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Ensure that both ends of the copper cable are connected to a device 3 Define the Unit From Port and To Ports fields 4 Click Apply The diagnostic tests are carried out and the list is updated 196 DGS 3100 Series Gigabit Stackable Managed Switch User Manual MANAGING POWER OVER ETHERNET DEVICES NOTE This chapter is valid only
396. wed A Privacy key change via BOOTP DHCP client not allowed Privacy key change A Privacy key change is SYSLG8 10 33 Warning SSH required required Privacy Key change length 1 u does not fit privacy protocol Authentication password required The modified Privacy Key length does not fit the privacy protocol An authentication key is received but not configured A Privacy password change SYSLG8 10 36 Warning SSH Privacy password required is required SYSLG8 10 39 DHCP SYSLG8 10 40 DHCP SYSLG8 10 41 DHCP SYSLG8 10 8 IP 261 The device has rejected an invalid IP configuration on interface 1 j IP 2 y mask 3 y DHCP server 4 y The device has rejected a duplicated subnet configuration on interface 1 j IP 2 y mask 3 y DHCP server 4 y Malformed DHCP packet y Message type option was found in DHCP packet BOOTP client received illegal magic cookie 1 x 2 x 3 x 4 x 5 x 6 x 7 x 8 x must be The device has rejected an invalid IP configuration on the specified interface with the specified mask and DHCP server The device has rejected a duplicated subnet configuration on the specified interface with the specified mask and DHCP server A abnormal DHCP packet message type option was found in the DHCP packet The 4 byte value of the received cookie must match the 4 byte value of the legal cookie ID SYSLG8 109 1 SYSLG8 16 25 SYSLG8 31 2 SYSLG
397. when using devices on which Power over Ethernet PoE is supported Power over Ethernet PoE provides power to devices over existing LAN cabling without updating or modifying the network infrastructure Power over Ethernet removes the necessity of placing network devices next to power sources Power over Ethernet can be used in the following applications IP Phones Wireless Access Points IP Gateways Audio and Video Remote Monitoring Powered Devices are devices that receive power from the device power supplies for example IP phones Powered Devices are connected to the device via Ethernet ports Guard Band protects the device from exceeding the maximum power level For example if 400W is the maximum power level and the Guard Band is 20W if the total system power consumption exceeds 380W no additional PoE components can be added The accumulated PoE components power consumption is rounded down for display purposes This section includes the following topics 197 Defining PoE Port Information Configuring PoE System DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining PoE Port Information The PoE Port Setting Page contains information about the system s CPU utilization 1 Click PoE gt PoE Port Setting The PoE Port Setting Page opens q e 0000000000000 ooo 22 0 oo o 2 367 89 Te 9 ww BD DAS ST F D Link oo 0000 D Link 12 3 4 URS ss D Link Aa 228 rr A Gat itiiitl ait fi k A d pr PE
398. wing fields Field Description User Name Defines the SNMP user name included in the SNMP user group Group Name Defines the SNMP group and assigned to a user SNMP V3 Encryption Defines the SNMPv3 user authentication method The possible field values are None No user authentication is used Password Provides user authentication via the HMAC SHA 96 authentication level password or HMAC MDS5 96 password Key Provides user authentication via the HMAC MDS algorithm or the HMAC SHA 96 authentication level Auth Protocol by Password Selects the authentication password type used to authenticate users The possible field values are MD5 Defines that HMAC MDS5 96 password is used for authentication SHA Defines that HMAC SHA 96 authentication level password is used for authentication Password Defines the password used for authentication 1 32 digits Confirm Password Confirms the password used for authentication 1 32 digits 52 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Auth Protocol by Key Selects the authentication key type used to authenticate users The possible field values are MDS5 Defines that users are authenticated via a HMAC MDS algorithm key SHA Defines that users are authenticated via a HMAC SHA 96 authentication level key Key Defines the authentication key for au
399. with 128 bit keys and the MDS Hash Algorithm RSA with 3DES EDE CBC SHA This ciphersuite combines the RSA key exchange CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm RSA EXPORT with RC4 40 MD5 This ciphersuite combines the RSA Export key exchange and stream cipher RC4 encryption with 40 bit keys Status Indicates if the selected Ciphersuite is enable or disabled for SSL The possible field values are Enable Enables the Ciphersuite for SSL Disable Disables the Ciphersuite for SSL 157 3 Click 2 Enable or disable the SSL status in the SSL Status field Apply The SSL status is defined and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Secure Shell Security Secure Shell permits network users to securely login to the network from a remote location over an insecure network SSH a secure login to remote host computers a safe method of executing commands on a remote end node and will provide secure encrypted and authenticated communication between two non trusted hosts SSH with its array of unmatched security features is an essential tool in today s networking environment It is a powerful guardian against numerous existing security hazards that now threaten network communications Ensure the following steps are completed before configuring SSH e Create a user account with admin level access using the User Accounts window in
400. ximum Extra characters SYSLG8 78 14 Warning Information is truncated will be truncated Parsing of the specified Parsing of the 1 s msg message received from the SYSLG8 78 15 Warning SYSLG8 78 18 received from TACACS specified TACACS server SYSLG8 78 2 Unexpected TCP msg was Unexpected TCP message received from server was received from the 1 s specified server No TACACS server is No TACACS server is configured so configured cannot start authentication cannot be authentication performed A connection attempt to a Connection to server specified server is 1 s is aborted Single terminated Single Connection mode may not connection mode is not be supported by this supported by the current server server No TACACS server is No TACACS server is configured cannot start configured so authorization authorization cannot be started server 2 s failed has failed SYSLG8 78 23 SYSLG8 78 6 SYSLG8 78 7 Cannot create new user due Cannot create new user to too many users already Warning too many users configured FLMNGG update file st ate The entry of file The entry to the specified 1 s was not updated to file was not updated to the Warning Up Download the flash flash PIMGLG snmp bindmib variable For variable id 1 lu the snmp For the specified variable operation 2 s not ID the SNMP operation is SYSLG8 79 4 SYSLG8 80 2 Warning SNMP supported not supported Func 1 s Line 2
401. y from CDB was failed resource unavailable Port 1 j removed from Q Port 1 j removed from Committing BW on the specified egress interface d more than the specified percentages of interface speed The specified interface changes to half duplex mode and some committed services cannot be fulfilled The specified interface speed is modified to a higher speed The specified power supply is down The system uses two power supply sources 1 and 2 The system can operate with one or both power supply units Failed to allocate ASIC rules in a specified change Failed to add the specified rules to the ASIC on the specified if ndex The specified port is un authorized The specified MAC address was rejected on the specified port The management address entry deletion from CDB failed Resource are unavailable The specified port is removed The specified port is SEVERITY ID SYSLG8 1 31 SYSLG8 10 20 SYSLG8 10 21 SYSLG8 10 22 SYSLG8 10 23 DGS 3100 Series Gigabit Stackable Managed Switch User Manual CATEGORY DHCP DHCP DHCP DHCP SYSLG8 10 24 DHCP SYSLG8 10 25 Warning bootup MESSAGE 2 j port is down notPresent Network IP address 1 s is unavailable Active change failed unreachable route not added because of Routing table overflow BOOTP client received illegal IP mask in BOOTP msg DHCP client received illegal IP mask in DHCP msg BOOTP client
402. ys 7 5 Logged in as administrator 10 5 80 34 P Logout DGS 3100 48 stacking Settings Ef Configuration System Information Note Stacking master can only be chosen from unit 1 or unit 2 If you choose unit 1 as master then unit 2 will automatically be backup P Address master and vice versa 2 Stacking Master Uniti C Unit2 H Port Configuration ARP Settings a Current Stack ID New Stack ID after reset System Log Host f SNTP Settings 01 Auto y H SNMP Settings 02 Auto y DHCP Relay auto 7 DHCP Auto Configuration Auto i gt Firmware Information 04 Auto y gt Telnet Setting 05 auto H L2 Features QoS 06 Auto y E Security Apply E f Monitoring aci STACKING STATUS E au Saas Sass E Figure 0 4 Stacking Settings Page The Stacking Settings Page contains the following fields Field Description Defines the stacking member with either stacking ID of 1 or 2 as the Stacking Master The possible field values are Unit 1 Defines the member with the Unit ID 1 as the Stacking Master if unit ID 2 will be selected unit ID 1 will be reboot and ID 2 will become stack master Unit 2 Defines the member with the Unit ID 2 as the Stacking Master if unit ID 1 will be selected unit ID 2 will be reboot and ID 1 will become stack master Stacking Master Current Stack ID Displays the Stacking Member ID that the new Unit ID will replace after the d
403. zard 2 Access Profile List L2 Header IPv4 Class IPv4 Address wero ACL Finder STACKING STATUS UDP Port Tl Source Port Mask si ag DestinationPortMask ECHES A ET sai r E E E Create z Figure 0 15 ACL Profile L3 IPv4 UDP Port Page The ACL Profile L3 IPv4 UDP Port Page contains the following fields Field Description Source Port Mask Defines the range of source Ports relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of F Destination Port Mask Defines the range of destination IP addresses relevant to the ACL rules 0 ignore 1 check For example to set 0 15 set mask of F 2 Select Source Port Mask and or Destination Port Mask The Mask Generate button is active 217 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 3 Enter a port ID in the box adjacent to the Mask Generate button 4 Alternatively click Mask Generate The Generate Mask by range fields appear 5 Enter a port ID range into the Generate Mask by range fields and click Calculate The mask is generated 6 Click _ Create The ACL profile is added and the device is updated NOTE A combination of one or several filtering masks can be selected simultaneously The page updates with the relevant field s Defining Layer 3 IPv6 ACL Layer 3 IPv6 ACLs can be defined using the following filtering criteria e ICMP e TCP e UDP The following sections describe
Download Pdf Manuals
Related Search