D-Link DGS-3100-24
Contents
1. ex 1 1 1 4 6 2 6 Ch1 Ch1 6 Time Range Range Name STACKING STATUS RN Note ACL Wizard will create the access profile and rule automatically For advanced access profile rule setting you can manually configure it in Access Profile List Figure 8 1 ACL Configuration Wizard Page The ACL Configuration Wizard Page contains the following fields Fields Description From Defines the origin of accessible packets The possible values are Any Indicates ACL action will be on packets from any source MAC Address Indicates ACL action will be on packets from this MAC address IPv4 Addresses Indicates ACL action will be on packets from this IPv4 source address To Defines the destination of accessible packets The possible values are Any Indicates ACL action will take placed for packets with any destination MAC Address Indicates ACL action will take place for packets to this MAC address only IPv4 Addresses Indicates ACL action will take place on packets to this IPv4 address Service Type Defines the type of service The possible values are Any Indicates ACL action will take place for packets of all service types Ethertype Specifies Ethertype packet filtering ICMP All Specifies an ICMP packets filtering IGMP Specifies an IGMP packets filtering TCP ALL Specifies an TCP packets filtering TCP Source Port Matches the packet to the TCP Source Port2. Field Description Unit Defines the unit to find Port Defines the Port to find Instance ID Lists the MSTP instances configured on the device Possible field range is 0 7 Internal Path Cost Indicates the port contribution to the Spanning Tree instance The range should always be 1 91 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description 200 000 000 The default value is automatically set cost according to its speed Default port cost 10Mbps port 2000000 100Mbps port 200000 Gigabit port 20000 Port channel 20000 Priority Defines the interface priority for the specified instance The default value is 128 Status Indicates whether the port is enabled for the specific instance The possible field values are Forwarding Enables the port for the specific instance Listening Processes BPDUs received from the system module Learning Incorporates station location into its address database Blocking Discards frames received from the attached segment and frames switched from another port for forwarding Disabled Disables the port for the specific instance Role Indicates the port role assigned by the STP algorithm to provide to STP paths The possible field values are Enabled Enables the port for the specific instance Root Provides the lowest cost path to forward packets to the root device Designated Indicates the port
3. ll Oy e E O Click Ay The 802 1x Access Control is configured and the device is updated MAC Authentication MAC Based MAC Access Control MAC Authentication is configured in DGS 3100 series via 802 1x Setting WEB page This functionality enables the user to allow specific MAC address to enter the switch while rejecting the unauthorized MAC addresses The database of the authorized MAC addresses resides in a Radius Server NOTE The system does not support dynamic VLAN assignment within mac based authentication via the radius server NOTE MAC based authentication doesn t require 802 1X client enabled 127 To enable MAC Authentication 1 Click Security gt 802 1X Setting The 802 1X o Page opens D Link Building Networks for People pl ny z ji X y Save Tools Stack ID DGS 3100 48 DGS 3100 Series Gigabit Stackable Managed Switch User Manual i 0990909000099999 4 7 HH Up Time 2 days 5 10 cl ESE EUR E AA E 3 Configuration H P L2 Features 802 1X Enabled Disabled H os Fagan 802 1X Port Access Control za Safeguard Engine gt Trusted Host QuietPeriod 0 65535 60 sec SuppTimeout 1 65535 30 sec 2 Port Security ServerTimeout 1 65535 30 sec MaxReq 1 10 2 times Guest VLAN pam 5 ee TxPeriod 1 65535 30_ _ sec ReAuthPeriod 300 4294967295
4. DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Select HTTP or TFTP field 3 Define the selected server method fields To backup files click m Backup To restore files click _ Restore Resetting the Device The Factory Reset Page restores the factory defaults To restore the device to the factory default settings Tools 7 1 Click gt Reset The Factory Reset Dage o opens dt D Link E J Building Networks for People os iy oa e H Save Tools Stack ID i gt Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 er DGS 3100 48 E Configuration PP L2 Features s See a f Security Please be aware that all configuration will reset to default value H Monitoring pac STAGKING STATU prssceuaaa 32 SEEN ESA TEEN XP mi Tiis p USTEEN es Pereeeeet i m Figure 1 4 Factory Reset Page 2 Click Rectory Reset The factory default settings are restored once it completely reloaded and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual Downloading the Firmware The Firmware Download web page is used to download the firmware files that will be used to manage the device NOTE Firmware version 1 x x supports 4 SKUs od DGS 3100 series DGS 3100 24 DGS 3100 24P DGS 3100 48 and DGS 3100 48P Firmware version 2 x x supports in addition the 5 SKU DGS 3100 24TG Firmware version 2 x x includes as well
5. 3 ACL Configuration Wizard You can select the field in the packet to create filtering mask gt Access Profile List gt ACL Finder gt Time Range Setting L2 Header IPv4 DSCP IPv4 Address UDP Port C Source Port Mask o C Destination Port Mask STACKING STATUS Figure 8 19 ACL Profile L3 UDP Port Page The ACL Profile L3 UDP Port Page contains the following fields Field Description 185 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Source Port Mask Defines the range of source Ports relevant to the ACL rules O ignore 1 check For example to set O 15 set mask of F Destination Port Mask Defines the range of destination IP addresses relevant to the ACL rules O ignore 1 check For example to set O 15 set mask of F 2 Select Source Port Mask and or Destination Port Mask The Mask Generate button is active 3 Enter a port ID in the box adjacent to the Mask Generate button Alternatively click Mask Generate The Generate Mask by range fields appear Enter a port ID range into the Generate Mask by range fields and click Calculate The mask is generated 4 Click Create The ACL profile is added and the device is updated NOTE A combination of one or several filtering masks can be selected simultaneously The page updates with the relevant field s 186 DGS 3100 Series Gigabit Stack
6. ii i PoE S E Gac System Budget Power 170 00 W Support Total Power 0 00 W Remainder Power 170 00 W The ratio of system power supply 0 00 A Figure 7 2 PoE System Setting Page The PoE System Setting Page contains the following fields Fields Description Unit Defines the unit System Power Threshold Indicates the power in Watts consumed before an alarm is generated The possible field values are SOW Indicates 50 watts 100W Indicates 100 watts 170W Indicates 170 watts Disconnect Method Indicates the method by which the powered device is disconnected from the interface The possible values are Deny next port Indicates device disconnects by next port denial Deny Low priority port Indicates device disconnects by next low priority port System Power Status Indicates the current system power status The possible values are System Budget Power Indicates the power that can be supplied by the system Support Total Power Indicates the actual power which is consumed by the devices Remainder Power Indicates the remaining power that can be consumed by the devices budget total The ratio of system power supply total power budget power 170 DGS 3100 Series Gigabit Stackable Managed Switch User Manual DEFINING ACCESS PROFILE LISTS Access Control Lists ACL allow network managers to define classi
7. 168 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Fields Description Class 2 Indicates the power consumption is 7W Class 3 Indicates the power consumption is 15 4W Status Indicates the inline power source status The possible field values are Normal Indicates that the power supply unit is functioning Off Indicates that the power supply unit is not functioning Faulty Indicates that the power supply unit is functioning but an error has occurred For example a power overload or a short circuit 2 Define the Unit From Port To Port PoE Enable and Power Limit fields 3 Click PPY The system PoE parameters are defined and the device is updated 169 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Displaying and Editing PoE System Information The PoE System Setting Page displays system PoE information on the device monitoring the current power usage and enabling PoE traps To display system PoE information on the device 1 Click PoE gt PoE System Setting The PoE System Setting Page opens sses OOO SSS USS ESSER 0GS 3100 48P E Configuration E 9 L2 Features m f aos E P Security f Monitoring EI PoE PoE Port some Seeeeeeeoeoce 123468 67 10 1 12 13 94 15 1 TO al lo cla cl ol o o h Unit om A System Power Threshold 50W x Disconnect Method Deny next port System Power Status STACKING STATUS ia
8. DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining System Information The System Information Page provides device information about specific stacking members To view system information 1 Click Configuration gt System Information The System Information Page opens e gt Dumerstssetsssssces 2 eeeneseesesceos 09999999990 223292 aa DA A PRA q Building Networks for People GS 3100 48 E 5 Santer ston Unit ID 01 3 Stacking Settings LAS Address 00 40 14 65 1 2 58 E G Port Configuration Firmware Version 1 00 01 gt ARP Settings Hardware Version 0 000 01 User Accounts System Contact Peter B System Log Host H B SNTP Settings System Name R amp D SDB EB BBSNMP Settings System Location 5F 1 A DHCP Auto Configuration E Dual Image Services Login Timeout minutes 20 E L2 Features a4 Apply STACKING STATUS E AURA aida possesses cani Figure 2 2 System Information Page The System Information Page contains the following fields Field Description Unit ID Displays the stack unit ID MAC Address Displays the MAC address assigned to the device Firmware Version Displays the stacking member s software version number Hardware Version Displays the stacking member s hardware version number System Contact Defines the name of the contact person The field range is 0 160 characters System
9. Goto Access Rule List page create rules for both profiles and apply it on the same port s LAG s Now you have on the port s LAG s IP Based ACL and MAC Based ACL NOTE Adding rules to specific profile will have a unique Access ID in the range 1 240 When the user is adding a rule to different profiles he can t use the same Access ID for different rules 195 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Notes about ACLs capacity in the DGS 3100 Series The user can create up to 15 Access Profiles The user can configure up to 240 Access IDs each Access ID is unique i e the same Access ID can t be created from two different Access Profiles The maximum capacity of DGS 3100 series is 240 rules The rules count will be done according to the following guidelines The user should accumulate the rules of every unique set of rules a unique set of rules is the same set of rules which is bound to one or more than one ports LAG s The outcome of the above is that Access ID will be counted as a rule n times where n is the number of different settings of rules on different ports LAG s Examples for capacity calculations Example 1 Assume that Access IDs 1 2 3 4 are bound to ports 1 30 this is a unique set of rules and the count of rules in this case is 4 Assume that Access IDs 5 6 are bound to ports 31 40 this is another unique set of rules and the count of addition
10. Learning Defines whether MAC address learning is enabled on the ports The possible field values are Enabled Enables MAC address learning on the interface If MAC address learning is enabled the source and destination MAC address are recorded in the Forwarding Table This is the default value Disabled Disables MAC address learning 2 Define the Unit From Por or From LAG t To Port or To LAG State Speed Flow Control and Learning fields 3 Click Apply The port configuration is saved and the device is updated 32 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Port Properties The Port Description Page allows network managers provide a description of device ports To define a port description 1 Click Configuration gt gt Port Configuration gt Port pi The Port Description Page opens gt DIMK9 92990990 CCCPCE OE e u vu 2 L 9 CACA 9 OND 4 5 6 geessesscs3ss seas JF rrr rT yt SS mere Save Tools StackID MRI L DGS 3100 48 H H Configuration E 3 System Information From Port To Port Description a f 1 IP Address v o v as y Apply Stacking Settings aa a E Port Configuration Port Setting Unit Descriptions ARP Settings User Accounts A a ss gt System Log Host E H SNTP Settings SNMP Settings DHCP Auto Configuratic 3 Dual Image Services gt Telnet Setting gee Y 3 For test only lt
11. System Up Time Displays the amount of time since the most recent device reboot The system time is displayed in the following format Days Hours Minutes and Seconds For example 41 days 2 hours 22 minutes and 15 seconds Boot Version Displays the installed device boot version number 15 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description MAC Address Displays the MAC address assigned to the device IP Address Displays the IP address assigned to the device Subnet Mask Displays the subnet mask assigned to the device Default Gateway Displays the device default gateway assigned to the device Login Timeout minutes Indicates the amount of time after which if no user activity occurs the device times out The default is 10 minutes Time Source Provides a shortcut to viewing the system clock settings 802 1D Spanning Tree Indicates if STP is enabled on the device and provides a shortcut to viewing the STP settings DHCP Client Indicates if DCHP Client is enabled on the device and provides a shortcut to viewing the DHCP Client settings Safeguard Engine Indicates if the Safeguard Engine is enabled on the device and provides a shortcut to viewing the Safeguard Engine settings SNMP Trap Indicates if SNMP Traps are enabled on the device and provides a shortcut to viewing the SNMP Traps settings SSL Indicates if Secure Socket Laye
12. 3 Click Apply 89 The STP Port Settings are defined and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Multiple Spanning Tree Configuration Identification Multiple Spanning Tree MSTP provides various load balancing scenarios by allowing multiple VLANs to be mapped to a single spanning tree instance providing multiple pathways across the network For example while port A is blocked in one STP instance the same port can be placed in the Forwarding state in another STP instance The MST Configuration Identification Page contains information for defining global MSTP settings including region names MSTP revision level To define MSTP 1 Click L2 Features gt Spanning Tree gt MST Configuration Identification The MST Configuration Identification Page opens 0 oooo o0o000000 on ny u nuna BADR A Dy hy By Ba os a 2s a oo d ors con Pee ey ese Vere sebereee k i L Stack ID e Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 EAT DGS 3100 48 f Configuration B p L2 Features 3 Jumbo Frame 3 802 10 VLAN 2 GVRP Settings Trunking Traffic Segmentation LACP Port Settings IGMP Snooping MLD Snooping Port Mirroring E Spanning Tree 2 STP Bridge Global Sett gt STP Port Settings E MSTP Port Information El Forwarding amp Filtering MST Configuration Identification Setting 00 11 95
13. Field Description VID Defines the VLAN ID for the IGMP Snooping Group VLAN Name Defines the VLAN name VLAN Name Displays the currently selected user defined VLAN name Multicast Group Displays the IP address assigned to the Multicast group MAC Address Displays the MAC address assigned to the Multicast group Port Displays the ports where the IGMP packets were snooped 2 Define the VD and Vlan fields 3 Click Find The IGMP Snooping Group Page displays relevant information 162 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing MLD Group Information The MLD Snooping Group Page contains vital MLD group information including the Multicast Group IP address and the corresponding MAC address through which the MLD packets passed 1 Click Monitoring gt MLD Snooping Group The MLD Snooping Group Page opens Dlink 29999900999999 9999999999 3 4s AHHH a us E sea pen y pS ana PRA AAA gise LEF o OFC Cee FPPC Cs FCT Ts N ET Up Time 2 days 5 10 13 x Logged in as administrator admin 192 168 0 1 Monitoring Stacking Information a 3 CPU Utilization VID VLAN Name R amp D1 Port Utilization i gt Packet Size 2 i fi Packets MLD Snooping Table RADIUS Authentication VLAN Name R amp D1 Browse ARP Table Multicast Group FF02 4 4 4 v gt Browse MLD Router Pc E Browse Router Port MAC Address 33 33 00 04 00 04 gt Browse Session Table 2 IGMP Snooping Group ESIMLD Snoo
14. LLOP Basic TLVS LLDP Dot3 TLVS S gt ESET 2 LLDP Remote Port E H B Qos BH Security 3 Monitoring aci STACKING STATUB Figure 3 20 LLDP Local Port Brief Page The LLDP Local Port Brief Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP local port information is displayed Port Indicates the port number Port ID Subtype Displays the port ID subtype Port ID Displays the port ID Unit number Port number Port Description Displays the port description 102 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Click Show Normal The LLDP Local Port Normal Page is displayed D Link Building Networks for People T E 1 gt Port Mirroring A Spanning Tree F a Forwarding amp Fittering 91 e LE E Show Brief 3 Unicast Forwarding EN a z Multicast Forwarding LLDP Normal Ports Multicast Filtering Mode rr Port ID 33 LLDP Global gt F wre pa Port Description z eee MACIPHY Configuration Status LLDP Basic TLVS Settir 3 LLDP Dot3 TLVS Settini gt Ms gt LLDP Remote Port Brief El QoS gt Bandwidth Control gt Traffic Control gt 802 1p Default Priority gt 802 1p User Priority lt gt STACKING STATUS Figure 3 21 LLDP Local Port Normal Page 3 To view the detailed MAC PHY Configuration Status for the port click Show Detail
15. RX Rate 3500 1000000 kbps Specifies the maximum ingress rate on the port The possible field range is 3500 1000000 Kbps TX No Limit Specifies whether egress bandwidth limitation applies to the port The possible field values are Enabled Specifies no egress bandwidth limitations on the port This is the default value Disabled Enables egress bandwidth limitations on the port When disabled the user can enter a limit value in the TX Rate field TX Rate 64 1000000 Kbps Specifies the maximum egress rate on the port The possible field range is 64 1000000 Kbps 112 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Define the Unit From Port To Port No Limit and Ingress Rate fields 3 Click Apply The bandwidth settings are defined and the device is updated 113 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Storm Control Storm control limits the amount of Multicast Broadcast and Unknown Unicast frames accepted and forwarded by the device When Layer 2 frames are forwarded Broadcast Multicast and Unknown Unicast frames are flooded to all ports on the relevant VLAN This occupies bandwidth and loads all nodes on all ports A Broadcast Storm is a result of an excessive amount of broadcast messages simultaneously transmitted across a network by a single port Forwarded message responses are heaped onto the network straining network resources or ca
16. 51 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Host Table The SNMP Host Table Page contains information for defining filters that determine whether traps are sent to specific host as well as the trap type sent To define the SVMP Host Table Page 1 Click Configuration gt SNMP Settings gt SNMP Host Table The SNMP Host Table Page opens D Link Building Networks for People el eae Too System Information gt IP Address Stacking Settings Add Host Table 3 Port Configuration ARP Settings Host IP Address User Accounts SNMP Version System Log Host E SNTP Settings A String SNMPv3 User 4 SNMP Settings SNMP View Table 2 SNMP Group Table SNMP User Table SNMP Community T Host IP Address SNMP Version Community Name SNMPv3 User Name gt SNMP Host Table Jopri Public 2 SNMP Engine D SNMP Trap Configu DHCP Auto Configuratic Dual Image Services gt Telnet SaHinn lt m gt STACKING STATUS Ey 3 aaseeeee ans rs 5 ZZTRRREN RULE assesses EA AAA an Figure 2 16 SNMP Host Table Page 52 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The SNMP Host Table Page contains the following fields Field Description Host IP Address Defines the IP address to which the traps are sent SNMP Version Defines the trap type The possible field values are SNMPV1 Indicates that
17. Broadcast Indicates the number of Broadcast packets received and transmitted through the device Time Interval Indicates the time interval for which the UMB_cast packets are displayed The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Indicates the transmitted record number Show Hide Displays the packets received information The possible field values are Unicast checked Displays the total amount of transmitted Unicast packets Multicast checked Displays the total amount of transmitted Multicast packets Broadcast checked Displays the total amount of transmitted Broadcast packets 2 Define the Unit and Port fields 154 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 3 Click Apply to load the defined parameters To clear the Unit and Port fields Click maae The fields are cleared 1 2 Define the Time Interval and Record Number fields 3 Click Apply _ The selected UMB_Cast RX packet analysis is displayed 4 To view the graph as a table click View Table Viewing Transmitted Packet Statistics The Transmitted TX Page contains information about packets transmitted through device ports To view transmitted packet statistics 1 Click Monitoring gt Packets gt Transmitted TX The Transmitted TX Page opens Dlink AAA A 00000000 999999099 000 9999990 Dink seese nus naw f Configura
18. Field Description Profile ID Displays the Access Profile of users with access to view the rule list Profile Summary Displays the Access Rule 187 To change ACL rules DGS 3100 Series Gigabit Stackable Managed Switch User Manual 1 Click Edit New Rules The Add Access Rule Page opens DGS 3100 48 A Configuration AL Features p aos 3 Security ja Monitoring f acl ACL Configuration Wizard 2 ACL Finder gt Time Range Setting STAGKING STATUS r E GEA T Y a a sssssssoII gt ELE ET ty smn sn tt 999999999999000 BuMSBHVNHOUN OM as E ah ly ere Serres TPPP TPPP sa Profile ID Source IP TCP Source Port 80 TCP Flag Mask Rule Detail Uptime days 8 1013 i 172 168 0 1 172 168 0 255 Keep an input field as blank to treat the corresponding option as don t care i Access ID Type Source IP Address TCP Flag Source Port Ports Action Time Range P ex 192 168 1 10 24 Ack Psh Syn Fin ex 0 65535 ex 1 1 2 1 Ch1 Ch1 6 Permit x Range Name Apply Figure 8 21 Add Access Rule Page IP based ACL The Add Access Rule Page contains the following fields Togged in as administrator admin 192 168 0 100 Eur Field Description Profile ID Displays the Profile ID to which the rule is being added to Source ID Displays the source IP address TCP Source Port Displays The TCP Source
19. H Dual Image Services gt Telnet Setting H L2 Features m f Qos 4 f Security Static ARP List E Monitoring i Mi Address MAC Address lt ar STACKING STATUS ee 00 01 2e 4a 76 c5 10 0 1 1 00 13 b5 2a 77 88 10 416 00 5d c6 33 22 14 Interface Name Figure 2 7 ARP Settings Page The ARP Settings Page contains the following fields Field Description Interface Name Defines the interface VLAN name ARP Aging Time 1 65535 Defines the amount of time in seconds that passes between ARP Table entry requests Following the ARP Entry Age period the entry is deleted from the table The range is 1 65535 The default value is 300 seconds IP Address Defines the station IP address associated with the MAC address MAC Address Defines the station MAC address associated in the ARP table with the IP address Static ARP Settings Displays current static ARP settings table detailing the user defined interface name IP address and MAC address of each entry 2 Define the Interface Name and ARP Aging Time fields 3 Click PPY The ARP global setting is updated Define the IP Address and MAC Address fields 5 Click Apply The ARP settings are saved and the device is updated 34 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring User Accounts User accounts including user passwords and access rights are defined on t
20. Norway Karihaugveien 89 N 1086 Oslo Norway TEL 47 99 300 100 FAX 47 22 30 90 85 URL www dlink no Poland Budynek Aurum ul Walic w 11 00 851 Warszawa Poland TEL 48 0 22 583 92 75 FAX 48 0 22 583 92 76 URL www dlink pl Portugal Rua Fernando Palha 50 Edificio Simol 1900 Lisbon Portugal TEL 351 21 8688493 FAX 351 21 8622492 URL www dlink es Romania B dul Unirii nr 55 bl E4A sc 2 et 4 ap 39 sector 3 Bucuresti Romania TEL 40 0 21 320 23 05 FAX 40 0 21 320 23 07 URL www dlink eu Spain Avenida Diagonal 593 95 9th floor 08014 Barcelona Spain TEL 34 93 409 07 70 FAX 34 93 491 07 95 URL www dlink es Sweden Gustavslundsv gen 151B S 167 51 Bromma Sweden TEL 46 0 8 564 619 00 FAX 46 0 8 564 619 01 URL www dlink se Switzerland Glatt Tower 2 0G Postfach CH 8301 Glattzentrum Switzerland TEL 41 0 1 832 11 00 FAX 41 0 1 832 11 01 URL www dlink ch Singapore 1 International Business Park 03 12 The Synergy Singapore 609917 TEL 65 6774 6233 FAX 65 6774 6322 URL www dlink intl com Australia 1 Giffnock Avenue North Ryde NSW 2113 Australia TEL 61 2 8899 1800 FAX 61 2 8899 1868 URL www dlink com au India D Link House Plot No 5 Kurla Bandra Complex Road Off CST Road Santacruz E Mumbai 400 098 India TEL 91 22 26526696 30616666 FAX 91 22 26528914 8476 URL www dlink co in Middle East Du
21. TCP Destination Port Matches the packet to the TCP Destination Port 172 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Fields Description UDPAIl Specifies a UDP Packets filtering UDP Source Port Matches the packet to the UDP Source Port UDP Destination Port Matches the packet to the UDP Destination Port Action Defines the ACL forwarding action matching the rule criteria The possible values are Permit Forwards packets if all other ACL criteria are met Deny Drops packets if all other ACL criteria is met Rate Limiting Rate limiting is activated if all other ACL criteria is met Change Ip Priority VPT CoS value is changed if all other ACL criteria is met Replace DSCP Reassigns a new DSCP value to the packet if all other ACL criteria are met Ports Defines ports to be configured An example of possible values is 1 1 1 4 6 and 2 6 Time Range Specifies whether the configured ACL is time based Range Name Selects the user defined time range name to apply to the configured ACL 2 Define the From To Service Type Action and Ports fields To configure a time based ACL check the Time Range box and select the Range Name from the list 3 Click The ACLs are configured and the device is updated For advanced ACL setting please see the section below 173 DGS 3100 Series Gigabit Stackable Managed Switch User Ma
22. gt Browse Session Table gt IGMP Snooping Group gt MLD Snooping Group MAC Address Table 2 System Log E BACL lt La STACKING STATUS z SAURA aida E ha TU ws Utilization Unit Unit Time Interval 1s Record Number Show Hide F utilization HAR SS SS Figure 6 2 CPU Utilization Page The CPU Utilization Page contains the following fields Field Description Utilization Displays current CPU utilization by percentage Time Interval Defines the 1 60 second time intervals in which the usage samples are taken as follows 1 2 3 4 5 10 20 30 40 50 60 Record Number Defines the record number Show Hide Displays the CPU utilization information The possible fields are Utilization checked Utilization information is enabled This is the default value Utilization unchecked Utilization information is disabled 2 Define the Time Interval and Record Number fields 3 Define the Show Hide field 4 Click _Apply A sample record of CPU utilization is stored and the device is updated 150 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Port Utilization The Port Utilization Page contains port utilization information for specific ports To view port statistics 1 Click Monitoring gt Port Utilization The Port Utilization Page opens E Configuration 62 Features poos p Security 8 Moni
23. 01 00 00 00 00 08 01 00 00 00 00 09 01 00 00 00 00 10 01 00 00 00 00 11 Engress 1 1 1 3 1 4 1 5 1 6 1 7 1 8 1 9 1 10 1 25 1 27 1 28 1 29 1 30 1 31 1 32 1 33 1 34 4 14 1 12 1 13 1 14 1 15 1 16 1 25 1 27 1 28 1 29 1 30 1 31 1 32 1 33 1 34 4 1 1 3 1 4 1 5 1 6 1 7 1 8 1 9 1 10 1 25 1 27 1 28 1 29 1 30 1 31 1 32 1 33 1 34 1 11 1 12 1 13 1 14 1 15 1 16 1 25 1 27 1 28 1 29 1 30 1 31 1 32 1 33 1 34 1 1 1 3 1 4 1 5 1 6 1 7 1 8 1 9 1 10 1 25 1 27 1 28 1 29 1 30 1 31 1 32 1 33 1 34 4 44 1 12 1 13 1 14 1 15 1 16 1 25 1 27 1 28 1 29 1 30 1 31 1 32 1 33 1 34 MAR 1 4 1 3 1 4 1 5 1 6 1 7 1 8 1 9 1 10 1 25 1 27 1 28 1 29 1 30 1 31 1 32 1 33 1 34 1 14 1 12 1 13 1 14 1 15 1 16 1 25 1 27 1 28 1 29 1 30 1 31 1 32 1 33 1 34 4 5 1 6 1 7 1 8 1 9 1 10 1 25 1 27 1 28 1 29 1 30 1 31 1 32 1 33 1 34 1 11 1 12 1 13 1 14 1 15 1 16 1 25 1 27 1 28 1 29 1 30 1 31 1 32 1 33 1 34 VID Unit Multicast MAC Address Engress Figure 3 21 Multicast Forwarding Page The Multicast Forwarding Page contains the following fields Field Description VID Defines the VLAN ID Multicast MAC Address Defines the Multicast MAC address to which packets are forwarded Unit Defines the unit number 94 DGS 3100 Series Gigabit Stackable Managed Switch User Manual F
24. 3 Stacking Settings IP Address 172 i Port Configuration Subnet Mask 255 ARP Settings gt User Accounts Gateway 172 gt System Log Host Management VLAN VID 101 A SNTP Settings GBSNMP Settings DHCP Auto Configuration Dual Image Services Telnet Setting H 8 L2 Features m f aos E Security E Monitoring m g Aac STACKING STATUS Figure 2 3 IP Address Page The IP Address Page contains the following fields Field Description Static When selected the IP address is static and user defined in the JP Address field This is the default value DHCP When selected the IP address is retrieved from a DHCP server IP Address Defines the IP address This field is active if the IP address is static Subnet Mask Defines the address mask that manages sub netting on the network The default value is 255 0 0 0 Gateway Defines the default gateway The default gateway manages connections to other subnets and other networks Management VLAN VID Defines the management VLAN s VID 2 Select the IP address type in either the Static or DHCP fields 3 If Static is the defined IP address type define the IP Address field 4 Define the Subnet Mask Gateway and Management VLAN VID fields 5 Click Apply The IP address information is defined and the device is updated 18 DGS 3100 Series Gigabit Stackable Manag
25. 3600 sec ReAuthEnabled Enabled x Control Auto iM AO Unit From Port To Port Mode i Forwarding EAP a x oe 2 ssL of be 02 vi 02 Y MAC Base v p ssH Access Authentication Ej Monitoring List m acL sM T 5 Supp Server ReAuth ReAuth lt T gt Unit Control TxPeriod Quiet Period Timeout Timeout MaxReq Period Enabled STAGKING STATUS 4 E Auto Disabled 1 2 ForceAuthorized 30 60 30 30 3600 Disabled MIC 1 13 ForceUnauthorized 30 50 30 30 2 3600 Enabled PortBase 1 1 4 Auto 30 60 30 30 2 3600 Disabled PortBase 1115 Auto 230i 60M _ 30 2 3600 Disabled PortBase 1 1 6 Auto 30 60 30 30 2 3600 Disabled PortBase t 17 Auto 30 60 30 30 2 3600 Disabled PortBase 1 1 8 Auto 30 60 30 30 2 3600 Disabled PortBasej The 802 1X Setting Page contains the following fields Field Description 802 1X Indicates if 802 1X is enabled on the device The possible field values are Enabled Enables 802 1X and MAC Authentication on the device Disabled Disables 802 1X on the device This is the default value QuietPeriod 0 65535 sec Indicates the number of seconds that the device remains in the quiet state following a failed authentication exchange The possible field range is 0 65535 The field default is 60 seconds SuppTimeout 1 65535 sec Indicates the amount of time that lapses before EAP requests are resent to the supplicant The f
26. D Link warrants that the hardware portion of the D Link products described below Hardware will be free from material defects in workmanship and materials from the date of original retail purchase of the Hardware for the period set forth below applicable to the product type Warranty Period if the Hardware is used and serviced in accordance with applicable documentation provided that a completed Registration Card is returned to an Authorized D Link Service Office within ninety 90 days after the date of original retail purchase of the Hardware If a completed Registration Card is not received by an authorized D Link Service Office within such ninety 90 period then the Warranty Period shall be ninety 90 days from the date of purchase Product Type Warranty Period Product including Power Supplies and Fans One 1 Year Spare parts and pare kits Ninety 90 days D Link s sole obligation shall be to repair or replace the defective Hardware at no charge to the original owner Such repair or replacement will be rendered by D Link at an Authorized D Link Service Office The replacement Hardware need not be new or of an identical make model or part D Link may in its discretion may replace the defective Hardware or any part thereof with any reconditioned product that D Link reasonably determines is substantially equivalent or superior in all material respects to the defective Hardware The Warranty Perio
27. Field Description Unit Defines the stacking member s Unit ID for which LACP parameters are displayed From Port Defines the first port number that is displayed to which timeout and priority values are assigned To Port Defines the last port number that is displayed to which timeout and priority values are assigned Port Priority 1 65535 Displays the LACP priority value for the port The field range is 1 65535 Timeout Defines the administrative LACP timeout The possible field values are Short 3 Sec Defines the LACP timeout as 3 seconds Long 90 Sec Defines the LACP timeout as 90 seconds This is the default value Select a stacking member in the Unit field Select the ports to and from which the LACP parameters are displayed in the From To Port fields Define the Port Priority and LACP Timeout fields Click Apply The LACP parameters are defined and the device is updated A Rw 74 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining IGMP Snooping When IGMP Snooping is enabled globally all IGMP packets are forwarded to the CPU The CPU analyzes the incoming packets and determines the following information Which ports want to join which Multicast groups Which ports have Multicast routers generating IGMP queries Which routing protocols are forwarding packets and Multicast traffic Ports requesting to join a specific Multicast group issue an IGMP report specifying that this Multi
28. From the last weekend of March until the last weekend of October Denmark From the last weekend of March until the last weekend of October Egypt From the last Friday in April until the last Thursday in September Estonia From the last weekend of March until the last weekend of October Finland From the last weekend of March until the last weekend of October France From the last weekend of March until the last weekend of October Germany From the last weekend of March until the last weekend of October Greece From the last weekend of March until the last weekend of October Hungary From the last weekend of March until the last weekend of October India India does not use daylight saving time Iran From Farvardin 1 until Mehr 1 Iraq From April 1 until October 1 Ireland From the last weekend of March until the last weekend of October Israel Varies year to year Italy From the last weekend of March until the last weekend of October Japan Japan does not use daylight saving time Jordan From the last weekend of March until the last weekend of October Latvia From the last weekend of March until the last weekend of October Lebanon From the last weekend of March until the last weekend of October DGS 3100 Series Gigabit Stackable Managed Switch User Manual Lithuania From the last weekend of March until the last weekend of October Luxembourg From the last weekend
29. Polling for Time Information DGS 3100 Series Gigabit Stackable Managed Switch User Manual SNTP is used to poll time information from SNTP server Using SNTP enables accurate system clock The Time Settings Page allows network managers to enable and configure the SNTP time settings on the device To enable SNTP 1 Click Sel oka gt aalis il he gt Time Settings The Time Settings Page opens B p Configuration gt System information gt IP Address Status gt Stacking Settings E Osy f Port Configuration SNTP System Clock gt ARP Settings Current Time 30 11 2006 21 21 21 gt User Accounts gt System Log Host F SNTP Settings E Time Settings SNTP Settings 3 TimeZone Settings pl SNMP Settings SNTP First Server 0 0 0 0 DHCP Auto Configuratic SNTP Second Server 0 0 0 0 l f Dual Image Services SNTP Poll Interval in Seconds 720 gt Telnet Setting H B L2 Features E a 5 Set Current Time El ecuri gt Sao 3 Time Setting ex DD MM YYYY STACKING STATUS Time in HH MM SS 0000000000000000 DMNBRT BAR NW ve n onna 2000000 _ o E ag Ice PRA a Apply Figure 2 10 Time Settings Page The Time Settings Page contains the following fields Status Field Description Time Source Defines the time source by which the system time is set The possible field values are SNTP Indicates that the system time is
30. Protocol Indicates the authentication protocol used to authenticate network users The possible field values are RADIUS Indicates that network users are authenticated via a RADIUS server TACACS Indicates that network users are authenticated via a TACACS server Key Defines the key used to authenticate network users The key may contain up to 128 characters Priority Defines the priority assigned to the server The field range is First Third where Third is the lowest priority and First is the highest priority Port 1 65535 The port number for authentication requests The host is not used for authentication if set to 0 If unspecified the Radius port number defaults to 1812 TACACS port number defaults to 49 Timeout 1 30secs Indicates the amount of time that passes in which no authentication activity occurs after which the authentication session times out Retransmit 1 10 times Indicates the number of times the port attempts to re authenticate a timed out session 2 Define the JP Address Protocol Key Port Timeout and Retransmit fields 142 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Apply 3 Click The Authentication Host properties are defined and the device is updated e To edit an authentication click Esit_ adjacent to the relevant IP Address on the list The upper fields display the current values which then can be edited e To delete an authent
31. See Defining Access Rules Lists section below e To delete an ACL profile click __ Delete The ACL profile is deleted 2 To add an ACL profile Click Add ACL Profile The Add ACL Profile Page opens 174 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Building Networks for People ons oe PRR Fever DES 3180 48 H Save Tools Stack ID Up Time 2 days 51073 Coggedin as administrator admin 192 168 0 100 eal ogout DGs 3100 48 E Configuration i Select Frame Type El P Security O L2ACL Untagged f Monitoring OL3ACL Eg ACL 3 ACL Configuration Wizard E Access Profile List ACL Finder gt Time Range Setting STACKING STATUS Figure 8 3 Add ACL Profile Page The Add ACL Profile Page contains the following fields Field Description L2 ACL Defines the ACL profile Layer 2 protocols The possible values are Tagged Defines the profile Layer 2 to match 802 1Q fields in the Layer 2 header Untagged Defines the profile Layer 2 to check the Layer 2 header without the 802 1Q fields L3 ACL Defines the ACL profile Layer 3 protocols The possible fields are ICMP Specifies ICMP as the Layer 4 protocol the the access profile checks IGMP Specifies IGMP as the Layer 4 protocol the the access profile checks TCP Specifies TCP as the Layer 4 protocol the the access profile checks UDP Specifies UDP as the Layer 4 protocol the the acce
32. This is a Class A product In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures Warnung Dies ist ein Produkt der Klasse A Im Wohnbereich kann dieses Produkt Funkstoerungen verursachen In diesem Fall kann vom Benutzer verlangt werden angemessene Massnahmen zu ergreifen Precauci n Este es un producto de Clase A En un entorno dom stico puede causar interferencias de radio en cuyo case puede requerirse al usuario para que adopte las medidas adecuadas Attention Ceci est un produit de classe A Dans un environnement domestique ce produit pourrait causer des interf rences radio auquel cas Putilisateur devrait prendre les mesures ad quates Attenzione Il presente prodotto appartiene alla classe A Se utilizzato in ambiente domestico il prodotto pu causare interferenze radio nel cui caso possibile che Putente debba assumere provvedimenti adeguati VCCI Warning CORBIS QIAZABRRNRECT COREA RIERA CEH SHOEBRMSSSSHCTCEMHAVET CORA CIA AAN ARA ARTE RENACER ETS August 2008 P N Table of Contents PREFACE aneia E E a R TA A aa l SYSTEM OVErview ETAT ul oasescyatencaelostastessuncanus sapespysbeeaabloibeeseruensapeonsdss ii Viewing the DA E A nea ii DGS23100 Series Front Panel omitir rider o AE ER eE Ee EEES ves Ea A E AEEA TEO aS ii DG5 3100 24TG Front Panel isamaa a a aia ii Device Management Methods cceccessces
33. User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication Method 4 Indicates the fourth method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication 2 Define the Method List Name in the Method List Name field 3 Select the methods used to authenticate network users in the Method 1 Method 2 Method 3 and Method 4 fields 4 Click Apply The Login methods are defined and the device is updated To edit the Method List click Edit adjacent to a Method List Name on the list The upper fields display the current values which then can be edited To delete a Method List Name click Delete The Login Method Lists are defined and the device is updated 144 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Enable Methods Network users must first login to the device on the Enable Method Lists Page Access as non administrative users is granted The Enable Method Lists Page
34. arerioei Ai a 100 Defining LLDP Dot3 TL Sete S Sirena nnr a r E exec a r e A EE REN EER 101 Viewing LLDP Local Port Information itseasias eteh eE nn i Eae E eE ESERE EE R 102 Viewing LLDP Remote Port Information sousse nnr ee i E E E a EA E E NEE ET Taes 104 CONFIGURING QUALITY OF SERVICE c oooonocccccoconccccnnnccncnnccnnnnnn rr 109 Understanding QOS oier n E E neh E E ee RE E E E E E E OR eae 111 Definmg Bandwidth Setting S seeno a orire aaa rea ANE EE EEE EENE EEEE AA EEEE EE ETE E A AEEA SESA 112 Configuring Storm Controlado EE E EE Ea asin E EE E K AE E EE N A 114 Mapping Ports t Packet Porites seriereeks ea italianas 115 Mapping Priority to Class s Queues recrea a r ii 116 Configuring QoS Scheduling Mechanism cessssscssesecesecseesecseesecsaeeecssecseesecseesecsaeeeesaecaeesecsesseesaeeeesaecaeesessesenseaeeess 117 Defining Multi Layer CoS Settings ida A aed hae ae ana enna tans 118 SECURITY FEATURES noer EE ecuseasnecaszaneechseceeecauizsnvetaszanenchescedecahaunss Coseseneeasbetardeeses 119 Configuring Safeguard Engineers rian e aiia besides aaa E E Ea AS ee AE EE i eeraa iis 120 Configuring Trust Hostess Sheil Dee ee R A KEE aa 121 Configuring Port Security si2i c csete ities aise titesslboie et eisb eases hi E ETT 122 Configurme Guest VILANSs cotton ld ileso 124 Configuring Port Authentication 802 1 X 0 eecesesssssecseeeecseesecseeecesecseesecneesecsaeecesaecseesecnesseesaseecsaecaeesecsessecsaeenesaecateaeeness
35. e REEERE FEE E E EN BOs 318848 Up Time 2 days 5 10 13 gt DGS 3100 48 Configuration BL Features 802 1X Enabled O Disabled Hs Ef Security A 3 Safeguard Engine AR Sa Coun E Trusted Host QuietPeriod 0 65535 60 sec SuppTimeout 1 65535 30 sec 3 Port Security ServerTimeout 1 65535 30 sec MaxReq 1 10 2 times A Guest VLAN A 802 1X TxPeriod 1 65535 30 sec ReAuthPeriod 300 4294967295 3600 sec 2 1X Setting ReAuthEnabled Enabled v Control Auto m Y ear esa A Unit From Port To Port Mode Forwardin f IMM a sa 01 x 02 y 02 x MAC Base Y p ssH f Access Authentication B Monitoring List acl he 5 5 Supp Server ReAuth ReAuth lt ii gt Unit Port Control TxPeriod Quiet Period neol Timeout MaxReq Period Enabled Mode STACKING STATUB MEE Auto 30 60 30 30 2 3600 Disabled PortBase Ce A E 4 4 2 Forceauthorized 30 60 30 30 2 3600 Disabled MAC MES SULREEEE ae Base A 1 13 ForceUnauthorized 30 60 30 30 2 3600 Enabled PortBasel E SERS E 1 1 4 Auto 30 60 30 30 24 3600 Disabled PortBasej Tessesesa saasisss seesaaii Hu 1 1 5 Auto 30 60 30 30 2 3600 Disabled PortBase 1 1 6 Auto 30 60 30 30 2 3600 Disabled PortBase Ra z gt 1 17 Auto 30 60 30 30 2 3600 Disabled PortBase E 451 48 Auto 30 60 30 30 2 3600 Disabled PortBasel 132 DGS 3100 Series
36. the new units become stacking members but with automatically assigned Unit IDs 4 Reassign the Unit ID manually to each of the newly added stacking members using a Stack Management Interfaces either the console port Telnet or Embedded Web Interface This step is optional and the stack is operational even if some unit IDs were manually configured while others are self assigned 5 Reboot the stacking members to ensure the Unit ID is permanent Stack Management Examples This section contains information for troubleshooting stacking and includes the following topics e Replacing Failed Stacking Members in a Running Stack e Replacing a Failed Stack Master e Dividing Stacks e Merging Stacks e Stacking Cable Failure e Inserting Excess Stacking Members Replacing Failed Stacking Members in a Running Stack This example assumes that a stacking member other than master has failed in a running stack when the system administrator is notified of the system failure the stacking member is removed and replaced with a new switch When the stacking member fails the Stack Master identifies the failed stacking member using the Master Discovery process The Stack Master recognizes that the stacking member no longer responds If the stack topology was ring topology the Stack Master directs all other stack members to route traffic around the failed stacking member At the same time the Stack Master notifies the system administrator of the failure using
37. 02 04 01 LOCAL 13 RMON Port 1 on Unit 3 MACADDRESS 00 01 02 04 04 01 LOCAL 113 RMON Port 1 on Unit 3 MACADDRESS 00 01 02 06 04 01 LOCAL 13 RMON Port 1 on Unit 3 MACADDRESS 00 01 03 07 04 01 LOCAL 113 RMON Port 1 on Unit 3 MACADDRESS 00 01 03 08 04 01 LOCAL 13 RMON Port 1 on Unit 3 MACADDRESS 00 01 03 09 04 01 LOCAL 13 RMON Port 1 on Unit 3 MACADDRESS 00 01 03 03 05 01 LOCAL 13 RMON Port 1 on Unit3 MACADDRESS 00 01 04 03 06 01 LOCAL 1 4 RMON Port 1 on Unit 3 MACADDRESS 00 01 05 03 04 01 LOCAL 115 RMON Port 1 on Unit 3 MACADDRESS 00 01 06 03 04 01 LOCAL 115 RMON Port 1 on Unit 3 Next Figure 3 23 LLDP Remote Port Brief Page The LLDP Remote Port Brief Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP remote port information is displayed Port Indicates the port number Entry Indicates the the device s Media Service Access Point MSAP entry number Chassis ID Subtype Displays the chassis ID subtype For example MAC address 104 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Chassis ID Displays the chassis identification of the device transmitting the LLDP frame Port ID Subfype Displays the port ID subtype For example IPv4 address Port ID Displays the port ID Unit number Port number of the port transmitting the LLDP frame Port Description Displays the port description 2 Cl
38. 1 x x and try to download the configuration to firmware 2 x x he will get an error message the same event will happened because of the Tacacs priority The Firmware Download Page enables downloading files either via an HTTP or a TFTP server To download Firmware ools 7 1 Click gt Firmware Downl ad The Firmware Download opens A a me ES e200000000000000 0999900099099999 9999999992999999 o 23465 1494212022322 23333 a a T la lla la la o cla de h eee tt tT Me e yo yy posa L Sree Seer y PSEC CFE SEPT E Building Networks for People ial Save S Toos Stack ID al v Up Time 2 days 5 10 mi Loggedin as administrator admin 192 168 0 100 E Picco e JETA E Dias E HL Features m f Qos E Security Http Download oe Unit All a E File i EA O TFTP Download Unit Server IP File STACKING STATUS Figure 1 5 Firmware Download Page 10 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The Firmware Download Page contains the following fields Field Description HTTP Download Indicates that the Firmware file is downloaded via an HTTP server Unit Indicates if the Firmware file is downloaded to a specific stacking member or to All stacking members File Indicates the Firmware file that is downloaded to the stack or specific device TFTP Download Indicates that the Firmware file is downloaded via a TFTP server Unit Indicates if the Firmwa
39. 3 wire cable with properly grounded plugs Observe extension cable and power strip ratings Make sure that the total ampere rating of all products plugged into the extension cable or power strip does not exceed 80 percent of the ampere ratings limit for the extension cable or power strip To help protect your system from sudden transient increases and decreases in electrical power use a surge suppressor line conditioner or uninterruptible power supply UPS Position system cables and power cables carefully route cables so that they cannot be stepped on or tripped over Be sure that nothing rests on any cables Do not modify power cables or plugs Consult a licensed electrician or your power company for site modifications Always follow your local national wiring rules DGS 3100 Series Gigabit Stackable Managed Switch User Manual e When connecting or disconnecting power to hot pluggable power supplies if offered with your system observe the following guidelines Install the power supply before connecting the power cable to the power supply Unplug the power cable before removing the power supply Ifthe system has multiple sources of power disconnect power from the system by unplugging all power cables from the power supplies Move products with care ensure that all casters and or stabilizers are firmly connected to the system Avoid sudden stops and uneven surfaces A General Precautions for Rack Mountable Produc
40. 3100 Series Gigabit Stackable Managed Switch User Manual Field Description value Disabled Disables re authenticating the port or MAC addresses after the port or MAC address authentication has timed out Control Indicates the host status If there is an asterisk the port is either not linked or is down The possible field values are ForceUnauthorized Indicates that either the port control is Force Unauthorized and the port link is down or the port control is Auto but a client has not been authenticated via the port ForceAuthorized Indicates that the port control is Forced Authorized and clients have full port access Auto Indicates that the port control is Auto The user has to authenticate and get full access Unit Indicate the stacking member for which the 802 1X parameters are defined From Port Indicates the first port for which the 802 1 X parameters are defined To Port Indicates the last port for which the 802 1 X parameters are defined Mode Indicates the 802 1X mode enabled on the device The possible field values are Port Base Enables 802 1X on ports This is the default value MAC Base Enables 802 1xon MAC addresses Enable or disable the 802 1X status in the 802 1X field Define the Mode field In the 802 1X Port Access Control section define the fields Set the ReAuthEnabled field and the Control fields Set the values in the Unit From Port and To Port fields
41. 8 Click MI To edit the Radius Server list click Edit adjacent to the required listed server The upper fields display the current values which then can be edited To delete a radius server from the list click __Delete adjacent to the relative list entry The radius servers are defined and the device is updated 134 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining EAP Forwarding Settings Ports use the Extensible Authentication Protocol EAP forwarding mechanism when 802 1x authentication is disabled The Forwarding EAP Page allows the user to enable or disable forwarding EAP packets to an authentication server 1 Click Security gt 802 1X gt ciclo EAP The Forwarding EAP Page opens Pink 9900 coco cn snn TIRAHA o S67 6 9 MOH 2D 4 15 0 HEMUN MON ROM Ei SE lll ell e a a anna la TITO PETIT PET S M hl Save Tools Stack ID X Up Time 2 days 10 13 Logged in as administrator admin 192 168 0 100 Traffic Control 802 1p Default Priority j gt sort ON Forwarding EAP Enabled Disabled gt Multi Layer CoS Setting O Security gt Safeguard Engine gt Trusted Host Port Security Guest VLAN I 802 1X 2 802 1X Setting gt Authentic RADIUS Serv _ ARTES A SSL 2 SSH Access Authentication Con El Monitoring lt 2 STACKING STATUS Figure 5 1 Forwarding EAP Page The Forwarding EAP Page contains the following field Field Des
42. 8D F5 8B 0 Configuration Name Revision Level 0 65535 Apply Add Edit Instance ID Setting MSTIID Type VID List 1 4094 Apply El B LLOP Bos H E Security CIST 1 4094 E Monitoring l o 03 04 05 06 lt a val STAGKING STATUS E 08 SSS 09 E 10 A tetere vecina 11 1 Fisica Sa Sacco 14 asian 15 Pa SSRREES iaaii Figure 3 18 MST Configuration Identification Page The MST Configuration Identification Page contains the following fields Field Description Configuration Name A configured name set on the switch to uniquely identify the MSTI multiple spanning tree instance If a configuration name is not set this field shows the MAC address of the device running MSTP Revision Level 0 65535 This value together with the configuration name and identical vlans mapped for STP instance IDs identifies the MST region configured on the switch MSTI ID Displays the MSTI ID associated with the VID List Type Defines the type of edit The possible values are Add Indicates that edit type is add 90 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Remove Indicates that edit type is remove VID List 1 4094 Displays the VID List 2 Define the configuration name and revision level Click MI 3 R 4 Click E to an ID row to edit the ID value 5 De
43. Configuration P L2 Features Bos B f Security gt Safeguard Engine gt Trusted Host gt Port Security Guest VLAN B f 802 1X 802 1X Setting thentic RA Forwarding EAP B SSL SSH Access Authentication E Monitoring H ACL lt E STACKING STATUS ee OP ower O Carso or o PERE TEE EEEE menaa A Up Time 2 days 5 10 13 4 Log Succession RADIUS Server Authentic Port Accounting Port Key Confirm Key RADIUS Server List Succession RADIUS Server Auth UDP Port am e Ee ged in as administrator admin 192 168 0 100 Acct UDP Port 1813 1813 1813 Edit J _Delete 4 Click Security gt 802 1X gt 802 1X Setting page first 802 1x should be enabled globally and in the port level 802 1x Control should be configured as Force Authorized D Link Building Networks fos People ENTA 2 DGS 3100 48 P Configuration e ON noun piu is O Casse StackID 11M 0000000 r a M 000000000 o 1402122232722 N59 one we A y Ferrers sesyon Up Time 2 days 5 10 13 Log ged in as administrator admin BL Features 802 1X Enabled O Disabled Bos ae 802 1X Port Access Control gt Trusted Host QuietPeriod 0 65535 60 sec SuppTimeout 1 65535 30 sec 7 ort Security ServerTimeout 1 65535 30 sec MaxReg 1 10 2 times Guest VLAN z ff 8021X TxPeriod 1 65535 30 sec ReAuthP
44. Description Enabled Enables the System Capabilities TLV on the port Disabled Disables the System Capabilities TLV on the port 2 Define the Unit From Port To Port Port Description System Name System Description and System Capabilities fields 3 Click Apply f The LLDP basic TLV settings are defined and the device is updated Defining LLDP Dot3 TLV Settings The LLDP Dot3 TLVS Setting Page displays LLDP Dot3 TLV port information and contains parameters for configuring LLDP Dot3 TLV port settings 1 Click L2 Features gt LLDP gt LLDP Dot3 TLVS Setting The LLDP Dot3 TLVS Setting Page opens o ASA ERA AAA Pr Sc i e r T Y T pre gt LACP Port Settings a e gt IGMP Snooping Unit 01 v FromPort 01 v ToPortl48 yv MLD Snooping __ ES gt Port Mirroring H Spanning Tree MAC PHY Configuration Status D Disabled vw Apply E Forwarding amp Filtering TAE LLDP a LLDP Global Settinc 2 LLDP Port Setting Port MACI PHY Configuration Status gt LLDP Basic TLVS 1 Enabled gt 2 Enabled gt LLDP Local Port Bri 3 Enabled gt LLDP Remote Port E H os E Security 1 3 Monitoring E BBACL v lt i gt STACKING STATUS pe pe se ansnnasa k E SES gt __ SSS I Figure 3 19 LLDP Dot3 TLVS Setting Page The LLDP Dot3 TLVS Setting Page contains the following fields Field Description Unit Indi
45. Disable Disables IGMP Snooping on the VLAN This is the default value Querier State Indicates if an IGMP Querier is enabled on the VLAN The possible field values are Enabled An IGMP Querier is enabled on the VLAN Disabled An IGMP Querier is disabled on the VLAN This is the default value Querier Version Indicates the IGMP Querier version on the VLAN The possible field values are IGMPv2 and IGMPv3 The default is IGMPv2 Static Router Port Setting Edit button Displays the IGMP Snooping and Static Router Ports Settings Page Multicast Entry Table View Button Displays the Multicast Entry Table 76 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Click Edit The IGMP iiei and Static Router Ports a Page opens 0000000000000000 OF e Diink 99999099999 o DARAN 1 AA 34 7 j 8 TT heh eet tT Bei SG oe se ss Pee a PPP eee FPP Building Networks for People DGS 3100 48 3 Configuration fP L2 Features Jumbo Frame di Leave Timer 0 16711450 sec GVRP Settings Trunking Host Timeout 60 16711450 sec 3 Traffic Segmentation y 3 LACP Port Settings Router Timeout 1 16711450 sec EEE m MLD Snooping Port Mirroring Querier State H Spanning Tree l Forwarding amp Filtering Querier Version 2 LLOP ae A sail Static Router Ports f Monitoring Unit 01 aci
46. Dynamic Router Ports Unit 01 x Ports Forbidden Router Ports Unit 01 o aaa ee ee Figure 3 12 IGMP Snooping and Static Router Ports Settings Page The IGMP Snooping and Static Router Ports Settings Page contains the following fields Field Description VLAN ID Specifies the VLAN ID VLAN Name Displays the user defined VLAN name Leave Timer Defines the time a host waits to receive a Join message from another station after requesting to leave the IGMP group prior to timing out If a Leave Timeout occurs the switch notifies the Multicast device to stop sending traffic The Leave Timeout value is either user defined or an immediate leave value The default timeout is 10 seconds The field range is 0 16711450 seconds Host Timeout Defines the time the host waits to receive a message before timing out The default time is 260 seconds The field range is 60 16711450 seconds Router Timeout Defines the time the Multicast router waits to receive a message before it times out The default value is 300 seconds The field range is 1 16711450 seconds State Indicates if IGMP snooping is enabled on the VLAN The possible field values are 77 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Enable Enables IGMP Snooping on the VLAN Disable Disables IGMP Snooping on the VLAN Querier State Defines the IGMP Querier status on the VLAN T
47. E Monitoring A er StackID 1 Up Time days 51013 Click PoE gt PoE Port i The PoE Port Setting Page opens sses OS SEES SS ESSSES Logged in as administrator admin 192 168 0 100 E oaout To Port RE PoE Enable y Enabled Power limit o From Port 101 w B f PoE El Note The max power output of Class 0 is 15 4W Class 1 is 4W Class 2is 7W Class 3 is 15 4W 3 PoE System Setting EH BHACL Enabled Auto 0 00 0 00 0 00 Class 0 Normal p Enabled Auto 0 00 0 00 0 00 Class 1 Normal 1 3 Enabled Auto 0 00 0 00 0 00 Class 2 Normal 1 4 Enabled Auto 0 00 000 000 Class3 Normal 1 5 Enabled Auto 0 00 0 00 0 00 z Normal 1 6 Enabled Auto 0 00 il 0 00 0 00 x Normal Ad Enabled Auto 0 00 0 00 0 00 y Normal 1 8 Enabled B Auto 0 00 0 00 0 00 A Normal 1 9 Enabled Auto 0 00 0 00 0 00 a Normal SAREE A 1 10 Enabled Auto 0 00 0 00 0 00 Normal ES a 4 11 Enabled Auto 0 00 0 00 0 00 Normal Ueseseess TELE 1 12 Enabled Auto 0 00 0 00 0 00 i Normal AA 1 13 Enabled Auto 0 00 0 00 0 00 ai Normal A 1 14 Enabled Auto 0 00 0 00 0 00 z Normal A pee A 1 15 Enabled i Auto 0 00 0 00 0 00 Normal parissa nanm uunin 1 16 Enabled Auto 0 00 0 00 0 00 z Normal eo 117 Enabled Auto 0 00 000 000 Normal a o E 1 18 Enabled Auto 0 00 000 0 00 r Normal y Figure 7 1 PoE Port Setting Page Th
48. HL Features Unit From Port To Port Priority Sos w CE m x o x Bandwidth Control 33 Traffic Control 802 1p Default Priority ES 802 1p User Priority Unit 1 Settings QoS Scheduling Mechanis Port Priority Multi Layer CoS Setting 11 0 E aid 12 0 E Monitorin a a H AacL a A A 15 0 1 6 0 1 7 0 18 0 lt gt 1 9 0 O STADKINO STATUB _ 1 10 0 P JERZEU siasa UNS H 111 0 ERA 1 12 0 1 13 0 1 14 0 1 15 0 creer crece ue 1 16 0 EXA 1 17 0 eins pa sa 1 18 0 e Figure 4 4 802 1P Default Priority Page The 802 1P Default Priority Page contains the following fields Field Description Unit Defines the stacking member for which the port packet priorities are displayed From Port Defines the starting port for which the port packet priorities are defined To Port Defines the ending port to which the port packet priorities are defined Priority Defines the priority assigned to the port The field range is 00 07 where 00 is the lowest priority and 07 is the highest priority 2 Define the Unit From Port To Port Prioirity fields 3 Click O a Ports are mapped to packet priorities and the device is updated 115 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Mapping Priority to Classes Queues The 802 1P User Priority Page allows network managers to assign priority tags to classes queues If a network ma
49. IP addresses that can access the switch Your local host IP address must be one of the IP addresses to avoid a SSL disconnection SSH l Access Authentication Col E Monitoring i gp ACL amp STAGKING STATUS r USAR bs ery a O In EESESEEN Es MIT a sosoosos soosoosois Figure 5 2 Trusted Host Page The Trusted Host Page contains the following fields Field Description IP1 Access to Switch Defines the first management station IP address from which the device can be managed IP2 Access to Switch Defines the second management station IP address from which the device can be managed IP3 Access to Switch Defines the third management station IP address from which the device can be managed 2 Define the IP1 IP2 and IP3 Address fields to define the remote management stations 3 Click Apply The management stations are defined and the device is updated 121 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Port Security Network security can be increased by limiting access on a specific port only to users with specific MAC addresses The MAC addresses can be dynamically learned or statically configured Locked port security monitors both received and learned packets that are received on specific ports Access to the locked port is limited to users with specific MAC addresses These addresses are either manually defined on the port or l
50. Kunden k nnen technische Unterstutzung Uber unsere Website per E Mail oder telefonisch anfordern Web http www dlink de E Mail support dlink de Telefon 49 1805 2787 0 12 Min aus dem Festnetz der Deutschen Telekom Telefonische technische Unterst tzung erhalten Sie Montags bis Freitags von 09 00 bis 17 30 Uhr Unterst tzung erhalten Sie auch bei der Premiumhotline fur D Link Produkte unter der Rufnummer 09001 475767 Montag bis Freitag von 6 22 Uhr und am Wochenende von 11 18 Uhr 1 75 Min aus dem Festnetz der Deutschen Telekom D Link Building Networks for People 206 207 Assistance technique Vous trouverez la documentation et les logiciels les plus r cents sur le site web D Link Vous pouvez contacter le service technique de D Link par notre site internet ou par t l phone Support technique destin aux clients tablis en France Assistance technique D Link par t l phone 0820 0803 03 N INDIGO 0 12 TTC min Prix en France M tropolitaine au 3 mars 2005 Du lundi au samedi de 9h00 a 19h00 Assistance technique D Link sur internet http www dlink fr e mail support dlink fr Support technique destin aux clients tablis au Canada Assistance technique D Link par t l phone 800 361 5265 Lun Ven 7h30 21h00 HNE Assistance technique D Link sur internet http support dlink ca e mail support dlink ca D Link Building Networks for People Asistenci
51. Name Defines the user defined system name System Location Defines the location where the system is currently running The field range is 0 160 characters Login Timeout minutes Defines the amount of time the device times out when no user activity occurs The default is 10 minutes 2 Define the System Name field 3 Define the System Location and Login Timeout minutes fields 4 Click Apply 17 The system information is defined and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining IP Addresses The JP Address Page contains fields for assigning IP addresses Packets are forwarded to the default IP when frames are sent to a remote network via the Default Gateway The configured IP address must belong to the same IP address subnet of one of the IP interfaces The Dynamic Host Configuration Protocol DHCP assigns dynamic IP addresses to devices on a network DHCP ensures that network devices can have a different IP address every time the device connects to the network 1 Click Configuration gt IP Address The P Address Page opens Y E Tan 90005 ob DSU ES EESEEESS D L Diink 999990909999099 2 AMA ooooo 2 2 gil Hid Oe i i a i a a ana ela ll a ty es sl Save X Tools Y stack ID B X Up Time 2 days 5 10 Iy Logged in as administrator admin 192 168 0 100 p onoi DGS 3100 48 Configuration 2 System Information Static gt GEES
52. Page opens 99000000 29 2 DGS 3100 48 E Configuration L2 Features Jumbo Frame 2 gt GVRP Settings VID VLAN Name Untag VLAN Ports Tag VLAN Ports Forbidden VLAN Ports Trunking 4 4 1 2 1 3 1 4 gt Traffic Segmentation 01 R amp D1 1 5 1 6 1 7 1 8 LACP Port Settings 1 9 1 10 1 11 1 12 A IGMP Snooping 4 1 1 2 1 3 1 4 B ULD Snooping 02 1 5 1 6 1 7 1 8 1 9 1 10 1 11 1 12 1 1 12 1 3 1 4 B soaring Tree me 03 1 5 16 17 18 Forwarding amp Filtering 4 9 1 10 1 11 1 12 1 1 1 2 1 3 1 4 04 1 5 1 6 1 7 1 8 E Soci 1 9 1 10 1 11 1 12 H Monitoring a ACL 05 11 13 14 15 ao i ASAE Boner es 1 2 1 6 1 7 1 8 m 14 430415 me A 1 11 1 12 1 13 1 14 1 15 1 16 1 1 1 2 1 3 1 4 1 5 1 6 17 18 1 9 1 10 1 11 1 12 1 11 1 12 1 13 1 14 1 15 1 16 3 Next VLAN List Add Edit VLAN 3 Port Mirroring Figure 3 5 VLAN Configuration Page The VLAN Configuration Page contains the following fields Field Description VID Defines the VLAN ID VLAN Name Defines the user defined VLAN name The field ranges is 1 32 characters Untag VLAN Ports Defines the interface is an untagged VLAN member Packets forwarded by the interface are untagged Tag VLAN Ports Defines the interface is a tagged member of a VLAN All packets forwarded by the interface are tagged The packets contain VLAN information Forbidden VLAN Ports Defines the interface VLAN membership even
53. R amp D SD8 5F 1 1 00 01 0 000 01 1234 unit 1 30 11 2006 0 days 2 hours 7 mins 18 seconds 1 0 System Clock setting Disabled setting Disabled setting Enabled setting Disabled setting Disabled setting Disabled setting Enabled setting MAC Address IP Address Subnet Mask Default Gateway Login Timeout minutes Jumbo Frame BPDU Forwarding IGMP Snooping MLD Snooping Broadcast Storm Control 802 1x Status SSH Port Mirroring 00 40 f4 65 12 58 172 17 3 10 255 255 255 0 172 17 3 254 20 Disabled settina Disabled setting Disabled settina Disabled setting Disabled setting Disabled setting Disabled setting Disabled setting Figure 2 1 Device Information Page The Device Information Page contains the following fields Field Description Device Type Displays the factory defined device name and type System Contact Displays the name of the contact person The field range is 0 31 characters System Name Displays the user defined system name The field range is 0 31 characters System Location Displays the location where the system is currently running The field range is 0 31 characters Firmware Version Displays the installed software version number Hardware Version Displays the installed device hardware version number Serial Number Displays the installed device serial number System Time Displays the system time The field format is Day Month Year
54. SNMP agents maintain a list of variables used to manage the device The variables are defined in the Management Information Base MIB The SNMP agent defines the MIB specification format as well as the format used to access the information over the network Access rights to the SNMP agents are controlled by access strings SNMP v3 SNMP v3 applies access control and a new traps mechanism In addition User Security Model USM parameters are defined for SNMPv3 including Parameters Description Authentication Provides data integrity and data origin authentication Privacy Prevents message content disclosure Cipher Block Chaining CBC is used for encryption Either authentication is enabled on a SNMP message or both authentication and privacy are enabled on an SNMP message However privacy cannot be enabled without authentication Key Management Defines key generation key updates and key use The device supports SNMP notification filters based on Object IDs OIDs OIDs are used by the system to manage device features SNMP v3 supports the following features e Security e Feature Access Control e Traps 45 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Views SNMP views provide or block access to device features or aspects of features For example a view can be defined to show that SNMP view A has included access to Multicast groups while SNMP view B has excluded access to
55. SYSLOG messages and SNMP traps When the failed stacking member is disconnected from the stack all traffic is routed around the failed stacking member as stated above As long as all other stacking connections are intact the stack continues to run When a new stacking member is inserted and the stack is powered up the following occurs e The new stacking member which is in stacking mode performs the Master Discovery process and perhaps participates in a Master Election For more information on the Master Election process see Electing a Stacking Master 24 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Ifthe new stacking member has a Unit ID of or 2 i e the stacking member is a master enabled unit the new stacking member initiates the Master Election process However since the running Stack Master has a longer up time it remains the Stack Master and the new stacking member does not become a new Stack Master Ifthe new stacking member has a Unit ID of 3 to 6 the new unit attempts to become a stacking member and is subject to the already running Stack Master The Master Election process does not occur e The Stack Master performs a Unit ID Allocation and Conflict Resolution process Ifthe new stacking member was in Factory Default mode the unit does not have an assigned Unit ID The new stacking member is assigned the lowest available Unit ID by the Stack Master It is strongly recommended that automa
56. Save X Tools Y Stack ID E X Up Time 2 days 5 10 ut Coggedin as administrator admin 192 168 0100 i ooi z System an A gt IP Address gt Stacking Settings H Port Configuration Engine ID Fins Use Default User Accounts gt System Log Host Hl SNTP Settings E H SNMP Settings SNMP View Table gt SNMP Group Table gt SNMP User Table SNMP Community T gt SNMP Host Table gt GUETTA SNMP Trap Configu DHCP Auto Configuratic Dual Image Services 2 Telnet Satine a STACKING STATUS Figure 2 17 SNMP Engine ID Page The SNMP Engine ID Page contains the following fields Field Description Engine ID Defines the local device Engine ID The field value is a hexadecimal string Each byte in hexadecimal character strings is two hexadecimal digits Each byte can be separated by a period or a colon The Engine ID must be defined before SNMPv3 is enabled Select a default Engine ID that is comprised of an Enterprise number and the default MAC address Use Default When selected provides the device generated Engine ID The default Engine ID is based on the device MAC address and is defined per standard as First 4 octets first bit 1 the rest is IANA Enterprise number Fifth octet Set to 3 to indicate the MAC address that follows Last 6 octets MAC address of the device 2 Define the Engine ID or Use Default checkbox 3 Click APP The SNMP Engine ID is de
57. Switch User Manual Configuring Guest VLANs Guest VLANs provide limited network access to authorized ports If a port is denied network access via port based authorization but the Guest VLAN is enabled the port receives limited network access For example a network administrator can use Guest VLANs to deny network access via port based authentication but grant internet access to unauthorized users To define Guest VLANs 1 Click Security gt Guest Vlan The Guest VLAN Page opens D Link 3 Building Networks tor People r 983 319041 im Save Tools Stack ID m DGS 3100 48 E Configuration H L2 Features Guest VLAN Setting Create Delete ee VID 01 v VLANName R amp D Apply gt Safeguard Engine Trusted Host Apply Port Port t 2 11 12 13 14 15 16 17 18 19 20 21 22 23 24 Access Authentication Coi CE E a e e ee r a ee E Monitoring 25 26 27 28 29 35 36 37 38 39 40 41 42 43 44 45 46 47 48 fal ACL CE S E N N E N S E S E A Guest VLAN Pors 1 1 1 2 1 3 1 4 a STACKING STATUS Figure 5 4 Guest VLAN Page The Guest VLAN Page contains the following fields Field Description VID Defines the VLAN ID on which the Guest VLAN is created VLAN Name Defines the user defined VLAN name assigned to the guest VLAN Unit Defines the stacking member for which the Guest VLAN parameters are displayed Port Defines the ports included in the Guest VLAN
58. Switch User Manual The ACL Profile L3 TCP Port Page contains the following fields Field Description Source Port Mask Defines the range of source Ports relevant to the ACL rules O ignore 1 check For example to set O 15 set mask of FFFO Destination Port Mask Defines the range of destination IP addresses relevant to the ACL rules O ignore 1 check For example to set O 15 set mask of FFFO 2 Select Source Port Mask and or Destination Port Mask The Mask Generate button is active 3 Enter a port ID in the box adjacent to the Mask Generate button Alternatively click Mask Generate The Generate Mask by range fields appear Enter a port ID range into the Generate Mask by range fields and click Calculate The mask is generated 4 Click Create The ACL profile is added and the device is updated To define L3 TCP Flag ACL Profile This option defines whether or not the TCP Flag field is checked for a match 1 Click the TCP F lag button The ACL Profile L3 TCP Flag Page updates to show the following LA 2 Building Networks for People 0GS 3100 48 E f Configuration H L2 Features m QoS E P Security E Monitoring f ACL gt ACL Configuration Wizard A ACL Finder gt Time Range Setting STACKING STATUS EA E U U U U OOOO 0000000000 99 9999999929999999 9 on s nn DANA A al js eo lt a ee as TPPP EPpy Save Tools r Stack ID N X Up Time 2 da
59. The password can contain up to 15 characters Access Right Displays the user access level The possible field values are Admin Assigns the user full administrative access through both the Web Interface and the CLL Operator Assigns the user operator level access which is similar to Admin access except that the operator cannot update the firmware startup configuration user accounts or restore factory reset User Assigns the user read only access through the CLI only A User cannot access the Web Interface Confirm New Password Confirms the user password 2 Define the User Name field 3 Select the user access level in the Access Right field 4 Enter a new password in the New Password field and then re enter it again in the Confirm New Password field 5 Click Apply The new user accounts passwords and access rights are defined and the device is updated 35 DGS 3100 Series Gigabit Stackable Managed Switch User Manual To edit the User Accounts Page 1 Select a name on the User List 2 Click Edit 3 Define the value 4 Click Apply The new access rights are saved and device is updated To delete a User Accounts Page entry 1 Select an entry 2 Click Delete The user account is deleted and the device is updated 36 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Managing System Logs System Logs record and manage events and report errors and informational mess
60. _ _ _ _ _ _ _ Figure 5 8 SSH Configuration Page The SSH Configuration Page contains the following fields Field Description SSH Server Status Indicates if SSH is enabled on the device The possible field values are Enable Enables SSH on the device Disable Disables SSH on the device This is the default value Port 1 65535 Displays the port number used to authenticate the SSH session The possible field range is 1 65535 The field default is 22 2 Enable or disable the SSH server status in the SSH Server Status field 138 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 3 Define the SSH global setting port number in the Port 1 65535 field 4 Click Apply The SSH configuration is defined and the device is updated Defining SSH Algorithm Settings This SSH Algorithm Settings Page allows network administrators to enable a public key for SSH authentication encryption The following authentication keys are enabled for SSH 139 Public Key Algorithm Encrypts a cryptographic key pair composed of a public key and a private key The private key is kept secret while the public key can be distributed The encryption keys are mathematically similar but a private key cannot be derived from the public key Messages encrypted with a public key can be decrypted with the matching private key The following Public Key Algorithms are supported HMAC RSA Supports the Hash for M
61. a Traffic Segmentation entry 1 Select the entry in the table 2 Click _ Delete The entry is deleted and the device is updated 73 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring LACP LAG ports can contain different media types if the ports are operating at the same speed Aggregated links can be set up manually or automatically established by enabling LACP on the relevant links Aggregate ports can be linked into link aggregation port groups Each group is comprised of ports with the same speed The LACP Port Settings Page contains fields for configuring LACP LAGs 1 Click L2 features gt LACP Port Settings The LACP Port Settings Page opens o n DGS 3100 48 H Configuration H L2 Features Unit From Port To Port Port Priority 1 65535 LACP Timeout iR inho rae 01 y 01 y 01 x 3sec 3 802 10 VLAN y e gt GVRP Settings Trunking Traffic Segmentation Port Priority LACP Timeout 2 gt IGMP Snooping 1 2 23 3sec MLD Snooping SS 94 3sec gt Port Mirroring 1 4 44 3sec E e Spanning Tree 15 1 90sec E Forwarding amp Filtering 1 6 5660 90sec LLDP 17 1 3sec a A im 1 8 3 90sec 1 9 1 3sec 1 10 187 90sec 1 11 65535 90sec 1 12 1 3sec 1 13 1 3sec 1 14 1 3sec 1 15 8887 90sec 1 16 23 90sec 1 17 1 3sec z 4 40 4 Iann Figure 3 10 LACP Port Settings Page The LACP Port Settings Page contains the following fields
62. a Unit ID and in Auto Assign mode All switches must be assigned a Unit ID before switches can operate as stacking members More than one stacking member cannot receive the same Unit ID Unit IDs are assigned by e Assigned by the system administrator Unit IDs that are assigned by the system administrator and can only be changed manually by the system administrator e Ifthe system administrator does not set the Unit IDs manually the Auto Assign initializes the switches when they are powered up From the switches who are automatically assigned a Unit ID one of the stacking members is assigned the Unit ID 1 That stacking member is the Stack Master If there were more than one switch in the stack there is a Master Election and Backup Master Election process Following the Master Election process the other stacking members are assigned a Unit ID by the stack Master For more information on the Master Election process please see Electing a Stacking Master Stacking members maintain the assigned Unit ID even after the stacking member is rebooted The Stack Master may reallocate IDs during system initialization to resolve duplicate ID conflicts Manually assigned IDs cannot be changed by the Stack Master even if there is a conflict 19 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Unit ID assignments or modifications are effective only during system initialization and do not occur during the system up time Stacking members d
63. allows network administrators to configure the local enabled password To define the network Local Enable password 1 Click Security gt Access Authentication Control gt Configure Local Enable Password The Configure Local Enable Password Page opens r Dimk 9990900000000000 0 o ss Building Networks for People 0GS 3100 48 E Configuration E HL Features m aos Security New Local Enable Password gt Safeguard Engine 3 Trusted Host gt Port Security Guest VLAN H 6 802 1X a SSL Old Local Enable Password Confirm Local Enable Password 2 SSH E Access Authentication 3 Application Authen Authentication Ser Login Method Lists Enable Method List z be gt STACKING STATUS Figure 5 15 Configure Local Enable Password Page The Configure Local Enable Password Page contains the following fields Field Description Old Local Enable Password Provide the current network Enable password New Local Enable Password Defines the new network Enable password The field range is 1 15 characters Confirm Local Enable Password Confirms the new network Enable password 2 Enter the old local enable password In the Old Local Enable Password field 3 Define the new local enable password in the New Local Enable Password field 4 Re enter the new password in the Confirm Local Enable Password field The new local enable password is configured and the device
64. allows network mangers to assign user privileges using authentication methods on the device Once a user is assigned a normal user level privileges the network user is authenticated and granted network access and configuration privileges A maximum of four Enable Method Lists can be defined on the device The Enable Method List cannot be deleted but can be configured User authentication occurs in the order the methods are selected If the first authentication method is not available the next selected method is used For example if the selected authentication method is RADIUS Local and the RADIUS server is not available the user is authenticated locally To define authentication methods 1 Click Security gt Access Authentication Control gt Enable Method Lists The Enable Method Lists Page opens 000 Oros e20000000000000 oooo ss geese 0 009o Cc Cees tes ongo we venoz 1 4004 Tools stackIO MM Up Time 2 days 5 TREN Logged in as administrator admin 192 168 0 100 par Logout 0GS 3100 48 E Configuration H L2 Features H H QoS B Security gt Safeguard Engine A Trusted Host gt Port Security Guest VLAN 802 1X a SSL JP SSH P Access Authentication 3 Application Authen Authentication Ser gt Login Method Lists Erei nehod List 3 Configure Local En i gt STACKING STATUS Tanananan ancnsa a saasaaii LUERE uy ary PP eo Cesssssss cesses seeeeete fe Tansana
65. an implementation of the IEEE 802 1p standard that allows network administrators a method of reserving bandwidth for important functions that require a large bandwidth or have a high priority such as VoIP voice over Internet Protocol Web browsing applications file server applications or video conferencing Not only a larger bandwidth can be created but also a less critical traffic can be limited so excessive bandwidth can be saved The Switch has separate hardware queues on every physical port to which packets from various applications can be mapped to and in turn prioritized View the following map to see how the DGS 3100 series implements 802 1P priority queuing 109 DGS 3100 Series Gigabit Stackable Managed Switch User Manual How 802 1p works 4 Priority Queues Port default priority Figure 4 1 Mapping QoS on the Switch The picture above shows the default priority setting for the Switch Class 3 has the highest priority of the four priority queues on the Switch In order to implement QoS the user is required to instruct the Switch to examine the header of a packet to see if it has the proper identifying tag tagged Then the user may forward these tagged packets to designated queues on the Switch where they will be emptied based on priority For example let us say a user wishes to have a video conference between two remotely set computers The administrator can add priority tags to the video packets being sent out utilizing
66. captures in this Guide represent the DGS 3100 48 48 port device The Web pages in the 24 port and the DGS 3100 24TG devices may vary slightly DGS 3100 Series Gigabit Stackable Managed Switch User Manual Understanding the D Link Embedded Web Interface The D Link Embedded Web Interface Device Information Page contains the following information View Description Tree View Displays the different system features and configuration options Zoom View Located at the top of the home page the port LED indicators provide a visual representation of the ports on the D Link front panel Located below the Zoom View displays Save Tool menu Stack ID and Logout buttons Also displays Up Time information and User Loggin Identification Menu Information View Device Information View Located in the main part of the home page the device view provides a view of the device an information or table area and configuration instructions Stacking Status View Located at the bottom left corner of the home page the stacking status view provides a graphic representation of the stacking links and ports status Table 1 1 Web Interface Views gt DGS 3100 48 El 3 Configuration H L2 Features QoS pP Security Monitoring Bact Device Information Device Type System Contact System Name System Location Firmware Version Hardware Version Serial Number System Time System Up Time Boot version Device S
67. deleted To view or define the rule details 1 Click the Access ID linked number The Rule Detail Page opens 190 DGS 3100 Series Gigabit Stackable Managed Switch User Manual DGS 3100 48 E Configuration H L2 Features gt MEE 2 Time Range Setting STACKING STATUS Destination MAC 0000 venan 000000 no y 4 os 6 9 Qos Profile Information El Security E Monitoring f acl ACL Configuration Wizard Profile ID 01 i Benne trots Le Source MAC 00 00 00 00 00 00 00 00 00 00 00 32 00 00 00 00 00 00 00 00 00 00 00 32 Ether Type Yes Rule Detail Keep an input field as blank to treat the corresponding option as dont care Access ID Type VLAN Name R8D1 v Destination MAC Address 00 00 00 00 00 FF ex 00 00 00 00 FF FF a a Source MAC Address 00 00 00 00 00 01 ex 00 00 00 00 00 10 A AS Ether Type otit ex 0x05dd Oxffff Ports 121 ex 1 1 1 4 6 2 6 Ch1 Ch1 6 Action Permit M Time Range Range Name _ Previous page Apply Figure 8 23 Rule Detail Page The Rule Detail Page contains the following fields Field Description Profile ID Displays the profile ID range Source MAC Displays the Source MAC range Destination MAC Displays the destination MAC range Ether Type Displays if Ether Type is included Access ID Defines the Access ID Type Displays
68. functioning but an operational problem has occurred Informational Provides device information To clear the log 2 Click Clear The System Log Page is cleared 166 DGS 3100 Series Gigabit Stackable Managed Switch User Manual MANAGING POWER OVER ETHERNET DEVICES Power over Ethernet PoE provides power to devices over existing LAN cabling without updating or modifying the network infrastructure Power over Ethernet removes the necessity of placing network devices next to power sources Power over Ethernet can be used with e IP Phones e Wireless Access Points e IP Gateways e Audio and video remote monitoring Powered Devices are devices which receive power from the DGS 3100 series device power supplies for example IP phones Powered Devices are connected to the DGS 3100 series device via Ethernet ports PoE is enabled only on the DGS 3100 24P and DGS 3100 48P devices This section includes the following topics e Defining PoE System Information e Displaying and Editing PoE System Information 167 Defining DGS 3100 Series Gigabit Stackable Managed Switch User Manual PoE System Information The PoE Port Setting Page contains system PoE information for enabling PoE on the device monitoring the current power usage and enabling PoE traps To enable PoE on the device 1 Building Networks for People El Save Tools 2 0GS 3100 48P E Configuration H 8 L2 Features m f aos E P Security
69. gt Configure Local En Y pa STACKING STATUS E ERA sasse seccesss UE A Chesceses sedesise cessed aa PP os o Figure 5 13 Login Method Lists Page The Login Method Lists Page contains the following fields Field Method List Name Description Displays the method list name The field is user defined besides the http_method_list and https_method_list which cannot be deleted or renamed Indicates the first method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Method 1 Local User authentication occurs at the device level The device checks the user name and password for authentication Method 2 Indicates the second method used to authenticate the network user The possible field values 143 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication Method 3 Indicates the third method used to authenticate the network user The possible field values are RADIUS
70. gt ES D Link amp 88822 2 ee ARAS ee A os da T CE E G Save Tools 7 Tr Stack ID E X Up Time 2 days 5 10 13 LCoggedin as administrator admin DGS 3100 48 3 Configuration a Select Frame Type OL2ACL p Security E H Monitoring OL3ACL IGMP v B p ACL gt 3 ACL Configuration Wizard You can select the field in the packet to create filtering mask Access Profile List gt ACL Finder L2 Header IPv4 DSCP IPv4 Address gt Time Range Setting STAGKING STATUS Figure 8 13 ACL Profile L3 IGMP Page 1 Click the IGMP button The ACL Profi le L3 IGMP Selected Page updates to show the following HEHE THAE D Link ES HE EZ Building Nenati tor Peopld oe Se reer lt a ee lalala ls ls Lele lle le Save Tools ia Stack ID E X Up Time 2 days EXIGE Cogged in as administrator admin 192 168 0 10 DGS 3100 48 Configuration lt Select Frame Type OL2ACL p Security A H Monitoring OL3ACcL IGMP v B p ACL e ACL Configuration Wizard You can select the field in the packet to create filtering mask gt Access Profile List ACL Finder gt Time Range Setting L2 Header IPv4 DSCP IPv4 Address STACKING STATUS gegenses seeseees seeeeste ge PP o ro ESA E Figure 8 14 ACL Profile L3 IGMP Selected Page 2 Click Create The ACL profile is added and the device is updated 182 DGS 3100 Series Gigabit Stackable Managed Switch User
71. is the default value QuietPeriod 0 65535 sec Indicates the number of seconds that the device remains in the quiet state following a failed authentication exchange The possible field range is 0 65535 The field default is 60 seconds SuppTimeout 1 65535 sec Indicates the amount of time that lapses before EAP requests are resent to the supplicant The field value is in seconds The field default is 30 seconds ServerTimeout 1 65535 sec Defines the amount of time that lapses before the device re sends a request to the authentication server The field value is specified in seconds The field default is 30 seconds MaxReq 1 10 times Displays the total amount of EAP requests sent If a response is not received after the defined period the authentication process is restarted The field default is 2 retries TxPeriod 1 65535 sec Defines the amount of time in seconds that lapses before EAP requests are resent The field default is 30 seconds ReAuthPeriod 300 4294967295 sec Displays the time span in seconds in which the selected port is re authenticated The field default is 3600 seconds ReAuthEnabled Indicates if ports MAC address can be re authenticated after the port MAC address authentication has timed out The possible field values are Enabled Enables re authenticating the port or MAC addresses after the port or MAC address authentication has timed out This is the default 126 DGS
72. m amp STACKING STATUB The highest speed The highest speed Figure 2 6 Port Description Page The Port Description Page contains the following fields Field Description Unit Defines the stacking member for which the port settings are displayed From Port Defines the port number from which the port parameters are configured To Port Defines the port number to which the port parameters are configured Description Defines a user defined port description 2 Define the Unit From Port To Port and Description fields 3 Click Apply _ The port description is saved and the device is updated 33 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ARP Settings The Address Resolution Protocol ARP converts IP addresses into physical addresses and maps the IP address to a MAC address ARP allows a host to communicate with other hosts only when the IP addresses of its neighbors are known To define ARP information 1 Click Configuration gt ARP Settings The ARP Settings Page opens A se U U U U U U OO U 2 200 0GS 3100 48 E Configuration System Information Global Setting IP Address gt Stacking Settings J Port Configuration ARP Aging Time 1 rer eee 65535 Apply User Accounts gt System Log Host l SNTP Settings A ff SNMP Settings ee DHCP Auto Configuratic IP MAC Address Address
73. network operating system s does your organization use OD Link LANsmart ONovell NetWare NetWare Lite OSCO Unix Xenix OPC NFS 03Com 3 Open OCisco Network OBanyan Vines ODECnet Pathwork Windows NT Windows 98 OWindows 2000 ME Windows XP DOthers 5 What network management program does your organization use OD View OHP OpenView Windows OHP OpenView Unix OSunNet Manager Novell NMS ONetView 6000 Others 6 What network medium media does your organization use OFiber optics OThick coax Ethernet OThin coax Ethernet 010BASE T UTP STP O100BASE TX 001000BASE T Wireless 802 11b and 802 11g wireless 802 11a Others 7 What applications are used on your network ODesktop publishing OSpreadsheet OWord processing DCAD CAM ODatabase management DAccounting DOthers 8 What category best describes your company DAerospace Engineering OEducation OFinance OHospital OLegal Olnsurance Real Estate Manufacturing ORetail Chain store Wholesale Government OTransportation Utilities Communication OVAR System house company OOther 9 Would you recommend your D Link product to a friend OYes ONo ODon t know yet 10 Your comments on this product 229 230
74. of the replaced stacking member is applied to the new stacking member The stack reverts to the stacking state it was running in before stacking member failed However sometimes the new stacking member is not identical to the failed stacking member The Stack Master applies the configuration as follows e If a24 port switch replaces a failed 48 port switch then the new stacking member s ports are configured according first 24 ports configuration of the failed stacking member NOTE The 48 port configuration of the failed stacking member is recorded even though only the first 24 port configuration is currently applied If a 48 port switch is inserted and assigned the same Unit ID the switch is configured with the port configuration of the original 48 port stacking member e If a 48 port stacking member replaces a 24 port stacking member then the first 24 ports of thenew stacking member are configured according failed stacking member s ports configuration The remaining new stacking member ports are configured with the switch s default settings Replacing a Failed Stack Master This example assumes that that a stacking member acting as the Stack Master has failed in a running stack When the system administrator is notified of the Stack Master failure and replaces existing Stack Master with a new switch When the Stack Master fails the stack s Backup Master recognizes the failure and that the Stack Master no longer responds and assu
75. or LAG through which the designated device is attached to the LAN Alternate Provides an alternate path to the root device from the root interface Backup Provides a backup path to the designated port path toward the Spanning Tree leaves Backup ports occur only when two ports are connected in a loop by a point to point link or when a LAN has two or more connections connected to a shared segment Disabled Indicates the port is not participating in the Spanning Tree Bno od En Define the values in the Unit and Port fields Click Find Define the Internal Path Cost and Priority fields Clic Apply Click Edit adjacent to an MSTI ID row to edit the values for Internal Path Cost and Priority 92 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Forwarding and Filtering This section contains information for configuring both Unicast and Multicast filtering and contains the following topics e Defining Unicast Forwarding e Defining Multicast Forwarding e Defining Multicast Filtering Defining Unicast Forwarding The Unicast Forwarding Page contains parameters for configuring Unicast entries 1 Click L2 Features gt Forward amp Filtering gt Unicast Forwarding The Unicast Forwarding Page opens o0ooooo 0000000000000 9 9 n 2D 1 Is nnn Rm n D Link ea gt Save Tools 7 Stack ID B x Up Time 2 days 5 10 E Logged in as administrator admin 192 168 0 100 Po
76. per 14 floor 6 Moscow 129626 Russia TEL 7 495 744 0099 FAX 7 495 744 0099 350 URL www dlink ru Japan K K Level 6 Konan YK Building Konan 2 4 12 Minato Ku Tokyo 108 0075 Japan URL www dlink jp com China No 202 C1 Building Huitong Office Park No 71 Jianguo Road Chaoyang District Beijing 100025 China TEL 86 10 58635800 FAX 86 10 58635799 URL www dlink com cn Taiwan No 289 Sinhu 3rd Rd Neihu District Taipei City 114 Taiwan TEL 886 2 6600 0123 FAX 886 2 6600 1188 228 International Offices Registration Card All Countries and Regions Excluding USA Print type or use block letters Your name Mr Ms Organization Dept Your title at organization Telephone Fax Organization s full address Country Date of purchase Month Day Year Product Model Product Serial No Product installed in type of Product installed in computer computer serial No Applies to adapters only Product was purchased from Reseller s name Telephone Answers to the following questions help us to support your product 1 Where and how will the product primarily be used OHome OOffice Travel Company Business DHome Business Personal Use 2 How many employees work at installation site O1 employee 012 9 1110 49 0150 99 0100 499 0500 999 111000 or more 3 What network protocol s does your organization use OXNS IPX OTCP IP ODECnet DOthers 4 What
77. retrieved from a SNTP server System Clock Indicates that the system time is set locally by the device Current Time Displays the current date and time SNTP Settings Section Field Description SNTP First Server Defines the IP address of primary SNTP server from which the system time is retrieved SNTP Second Server Defines the IP address of secondary SNTP server from which the system time is retrieved SNTP Poll Interval in Seconds Defines the interval in seconds at which the SNTP server is polled for Unicast information The range is 60 86400 seconds The Poll Interval default is 1024 seconds Set Current Time Field Description Time Setting Defines the current system date The field format is Day Month Year Time in HH MM SS Defines the current system time The field format is HH MM SS based on the 24 hour 40 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description clock Military Time For example 9 00PM is configured as 21 00 00 2 Select a time source in the Time Source field 3 Define the fields 4 Click Apply The SNTP settings are defied and the device is updated Configuring Daylight Savings Time The TimeZone Settings Page contains fields for defining system time parameters for both the local hardware clock and the external SNTP clock If the system time is kept using an external SNTP clock and the external SNTP clock fai
78. sample record of CPU port utilization is stored and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Packet Size Information The Packet Size Page displays packets received by the switch arranged in seven groups and classed by size to be viewed as either a line graph or a table 1 Click Monitoring gt Packet Size The Packet Size Page opens 0000 nu DM Configuration H L2 Features m aos E G Security 1 Monitoring 3 Stacking information gt CPU Utilization gt Port utilization 2 E Packets RADIUS Authentication gt Browse ARP Table Browse MLD Router Pc 65 127 gt Browse Router Port gt Browse Session Table 2 IGMP Snooping Group 250 256 511 2 MLD Snooping Group kz MAC Address Table Rae System Log O O Ga ac gt lt l a 1519 10240 ff o a ov View Table Ca er 64 128 255 Az STACKING STATUS Unit packetsec Time Interval is Record Number 200 v Show Hide IV 64 Y 65 127 4128 255 256 511 Y 512 1023 4 1024 1518 1519 10240 Figure 6 4 Packet Size Page The Packet Size Page contains the following fields Field Description Unit Defines the unit number Port Defines the port number Packet Size Analysis Selected Port Displays current packet size for ports Number Time Interval Disp
79. the Access Profile commands Then on the receiving end the administrator instructs the Switch to examine packets for this tag acquires the tagged packets and maps them to a class queue on the Switch Then in turn the administrator will set a priority for this queue so that it will be emptied before any other packet is forwarded This process results in the end user receiving all packets sent as quickly as possible thus prioritizing the queue and allowing for an uninterrupted stream of packets which optimizes the use of bandwidth available for the video conference 110 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Understanding QoS The Switch has four priority queues These priority queues are labeled as 3 the highest queue to 0 the lowest queue The eight 0 7 priority tags specified in IEEE 802 1p are mapped to the Switch s priority tags as follows Priorities 1 and 2 are assigned to the Switch s QO queue Priorities O and 3 are assigned to the Switch s Q1 queue Priorities 4 and 5 are assigned to the Switch s Q2 queue Priorities 6 and 7 are assigned to the Switch s Q3 queue For strict priority based scheduling any packets residing in the higher priority queues are transmitted first Multiple strict priority queues empty based on their priority tags Only when these queues are empty are packets of lower priority transmitted For weighted round robin queuing the number of packets sent from each priority queue
80. the Backup Master takes over as the Stack Master The Stack Master stores an active configuration which copied on the Backup Master The active configuration copy is used if the Backup Master takes over for the Stack Master Only the configuration file is copied Any dynamically filled tables for example learnt address are not copied from the Stack Master to the Backup Master If the Backup Master takes over the role of Stack Master the Backup Master builds new dynamic tables Defining Stacking Members Switches assigned the Unit IDs 3 4 5 6 are called stacking members The Stack Master or Backup Master if the Stack Master fails manages the stack members operation Stacking members cannot be directly managed or configured If neither the Stack Master nor the Backup Master were operating the stacking members cannot function Master Enabled Stacking Members Only Stacking members assigned to Unit ID 1 or 2 are called Master Enabled stacking members Only the Master Enabled stacking members participate in the Master Election process and therefore can become master or backup master that means the s with assigned IDs of 3 4 5 and 6 can never become neither a master nor a backup master unless their ID is changed by the system administrator or reset to the factory default firstly Electing a Stacking Master Whenever a stacking member or more than one comes up one of the stacking members is elected to be the stack Master The Stack Master i
81. the EtherType field When a packet s EtherType field is equal to 0x8100 the packet carries the IEEE 802 1Q 802 1p tag The tag is contained in the following two octets and consists of 3 bits of user priority 1 bit of Canonical Format Identifier CFI used for encapsulating token ring packets so they can be carried across Ethernet backbones and 12 bits of VLAN ID VID The 3 bits of user priority are used by 802 1p The VID is the VLAN identifier and is used by the 802 1Q standard Because the VID is 12 bits long 4094 unique VLANs can be identified The tag is inserted into the packet header making the entire packet longer by 4 octets All of the information originally contained in the packet is retained IEEE 802 1Q Tag Octets o 1 2 3 4 Source Address 6 octets EherType s0800 Tag Control Information 3 bits 1 bit 12 bits Figure 3 3 IEEE 802 1Q Tag The EtherType and VLAN ID are inserted after the MAC source address but before the original EtherType Length or Logical Link Control Due to the packet now being a bit longer than it was originally the Cyclic Redundancy Check CRC must be recalculated Adding an IEEE 802 1Q Tag Figure 3 4 Adding an IEEE 802 1Q Tag 64 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Port VLAN ID Tagged packets carrying the 802 1Q VID information can be transmitted from one 802 1Q compliant network device to another with the VLAN information intact This allows 80
82. to the system administrator using SYSLOG messages and SNMP traps The divided stack continues to operate normally the only difference is there are less stacking members than prior to the stack division No Unit ID changes are performed in each the divided stacks Even if each stacking section has a Stack Master one section retains the Stack Master and the other section the Backup Master both stacks have the same configuration and the same IP address NOTE If both stacks have the same IP Address this can lead to network problem There is no way for users to connect to any stacks through the stack IP address If neither the Stack Master nor the Backup Master remain in the divided group e This is identical to failed Stack Master where no backup is available e Stacking members whose Unit IDs are 3 4 5 or 6 in original stack do not renumber themselves The stacking members network ports remains shut down until a Stack Master is enabled is connected and is operating as the Stack Master The Master Discovery process recognized that the Stack Master has been separated from the stack e The stacking members lose connection with the Stack Master Since the stacking members started as a running stack and the stacking members are not in the Factory Default Mode the stacking members are not reassigned Unit IDs Resetting the stacking members will initiate Unit ID auto assignment No Unit ID changes are performed in each one of the two
83. to Friday 8 30am to 8 30pm Saturday 9 00am to 5 00pm http www dlink co nz e mail support dlink co nz D Link Building Networks for People 220 221 Technical Support You can find software updates and user documentation on the D Link website Tech Support for customers in Egypt Tel 202 2919035 or 202 2919047 Sunday to Thursday 9 00am to 5 00pm http support dlink me com e mail amostafa dlink me com Iran Tel 98 21 88822613 Sunday to Thursday 9 00am to 6 00pm http support dlink me com e mail support ir dlink me com Israel Tel 972 9 9715701 Sunday to Thursday 9 00am to 5 00pm http www dlink co il support e mail support dlink co il Pakistan Tel 92 21 4548158 or 92 21 4548310 Sunday to Thursday 9 00am to 6 00pm http support dlink me com e mail support pk dlink me com South Africa and Sub Sahara Region Tel 27 12 665 2165 08600 DLINK for South Africa only Monday to Friday 8 30am to 9 00pm South Africa Time http www d link co za Turkey Tel 90 212 2895659 Monday to Friday 9 00am to 6 00pm http www dlink com tr e mail turkiye dlink me com e mail support d link co za U A E and North Africa Tel 971 4 391 6480 U A E Sunday to Wednesday 9 00am to 6 00pm GMT 4 Thursday 9 00am to 1 00pm GMT 4 http support dlink me com e mail support dlink me com D Link Building Networks for People TexHuyueckaa noAnepxka O6HoBneHua mporpammHoro obecneyenua n JOKYMEeHT
84. under this Limited Warranty will be at D Link s option to replace the non conforming Software or defective media with software that substantially conforms to D Link s functional specifications for the Software or to refund the portion of the actual purchase price paid that is attributable to the Software Except as otherwise agreed by D Link in writing the replacement Software is provided only to the original licensee and is subject to the terms and conditions of the license granted by D Link for the Software Replacement Software will be warranted for the remainder of the original Warranty Period and is subject to the same limitations and exclusions If a material non conformance is incapable of correction or if D Link determines in its sole discretion that it is not practical to replace the non conforming Software the price paid by the original licensee for the non conforming Software will be refunded by D Link provided that the non conforming Software and all copies thereof is first returned to D Link The license granted respecting any Software for which a refund is given automatically terminates Non Applicability of Warranty The Limited Warranty provided hereunder for Hardware and Software portions of D Link s products will not be applied to and does not cover any refurbished product and any product purchased through the inventory clearance or liquidation sale or other sales in which D Link the sellers or the liquidators expressly discl
85. 0 series also provides 4 Mini GBIC SFP combo ports which connect fiber optic media to switches servers or network backbone The DGS 3100 series provides an additional RS 232 port console port for managing the switch via a console terminal or PC with a Terminal Emulation a Diink ea BE ee el ee AAAAAAAA a o 314 oo o UP n Figure 1 DGS 3100 Series 48 Port Front Panel DGS 3100 24TG Front Panel The DGS 3100 24TG provides eight high performance 1000BASE TX ports The ports operate at 10 100 1000 and connect to backbones end stations and servers The DGS 3100 24TG also provides 16 Mini GBIC SFP ports which connect fiber optic media to switches servers or network backbone The DGS 3100 24TG provides an additional RS 232 port console port for managing the switch via a console terminal or PC with a Terminal Emulation Program o0ooo0 o a eS o0 oo D Link managod suites 123456798 ba ci EOR AA E PEET Figure 2 DGS 3100 24TG Front Panel DGS 3100 Series Gigabit Stackable Managed Switch User Manual Device Management Methods The DGS 3100 series and DGS 3100 24TG provide different methods for managing the device including e Web Based Management Interface e SNMP Based Management e Command Line Console Web Based Management Interface Once the device is installed network mangers can configure the switch monitor the LED panel and display statistics graphically via a web browser including e Netsc
86. 00M Full Disabled Link Down Enabled Enabled Auto Enabled Link Down Enabled Enabled Disable Disabled Link Down Enabled Enabled 100M Full Disabled Link Down Enabled Enabled 10M Full Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled i _Auto Disabled Link Down Enabled Enabled Auto Disabled Link Down Enabled Enabled Auto Disabled _Link Down Enabled Enabled Auto Disabled Link Down Enabled Link Down Enabled Enabled Auto Disabled Figure 2 5 Port Setting Page The Port Setting Page contains the following fields Field Description Unit Defines the stacking member or LAG for which the port settings are displayed From Port Defines the port number from which the port configuration will apply This field appears only if a unit number is selected in the Unit field From LAG Defines the LAG number from which the port configuration will apply This field appears only if LAG is selected in the Unit field To Port Defines the port number to which ports the configuration will apply This field appears only if a unit number is selected in the Unit field To LAG Defines the LAG number to which the port configuration will apply This field appears only if LAG is selected in the Unit field State
87. 1 Setting E 3 Configuration L Features 802 1X OEnabled Disabled H Q0S EA Y 802 1X Port Access Control za Safeguard Engine E gt Trusted Host QuietPeriod 0 65535 isec SuppTimeout 1 65535 sec zi pe Security ServerTimeout 1 65535 sec MaxReq 1 10 limes 3 Guest VLAN A A ee me TxPeriod 1 65535 sec ReAuthPeriod 300 4294957295 sec SERTE ReAuthEnabled Control gt Authentic RADIUS Unit From Port To Port Mode a Forwarding EAP ini p ssH Access Authentication f Monitoring List H E Ac vi 3 2 a 5 m gt Unit Port Control TxPeriod Quiet Period Tale rer MaxReq a os Mode STAGKING STATUS NETE Auto 30 60 30 30 2 3600 Disabled_ PorBase 1 2 ForceAuthorized 30 50 30 30 2 3600 Disabled MAC _1 13 ForceUnauthorized 30 50 30 30 2 3600 Enabled PortBase al a Auto 30 60 30 30 2 3600 Disabled PortBase 1 45 Auto 3 60 30 _30_ 2 3600 Disabled PortBase 1 16 Auto 30 60 30 30 2 3600 Disabled PortBase t Auto 30 so 30 30 2 3600 Disabled PorBase a Auto 30 60 30 30 2 3600 Disabled PortBasel y Figure 5 5 802 1X Setting Page The 802 1X Setting Page contains the following fields Field Description 802 1X Indicates if 802 1X is enabled on the device The possible field values are Enabled Enables 802 1X on the device Disabled Disables 802 1X on the device This
88. 125 Configuring MAC Authentication by using Guest VLAN 802 1X and Radius pages ocoooconoccnonocnnoncnnconononononinanannnon 130 Defining RADIUS Set ri dt ii eee eee 133 Defining EAP Forwarding Sette itinerario loaded dish decidas di died mantis de betas dois decias ins 135 Configuring Secure Socket Layer Security ois neton reee n aoe neire aE ae EEA o Se NEE E EE eE eK EE n eae Er iaae 136 Configuring Secure Shell Securities 138 Defining SSH Algorithm Settings nense asia ER Eea EE EEE E a REEE ETE EERE AE A 139 Defining Application Authentication Settings sessesesesseesseesreserstsestteretetrsesteteeretstesestettetstseststettstetsseststeeretsssesreteseee 141 Configuring Authentication Server Hosts scessesesoseseesessnenonencoesoseneeonssssvenencnonensesesosenenbavsnenennsnersosenesessenverenee 142 Defining Login Methodos eaea area a eap a aroa ia aae oaaae ae a a EA E S sys sense E Eea EERTSE EEEa iea 143 Defining Enable Methods ssrin a a sida 145 Configirins Local Enable PassWord coat it A ie 147 MONITORING THE DEVICE iiaia ARAKEA OAA In ENa SLAA AARE EA AA ISLA OERE TREAS AA NEA ARETAS 148 Viewing Stacking Information monene ai e bleed bas 149 Viewing CPU Utilization iaa 150 Viewing Port Utlizai on AAA 151 Viewing co AAA O ea Ea aE 152 Viewing Received Packet Statistics sci e ea lt E EE ERES 153 Viewing UMB cast Packet Ofa STOS a a e ibas 154 Viewing Transmitted Packet Statisties isinna a E e E RNE 155 Viewi
89. 2 Define the VLAN ID in the VID field 3 Define the VLAN name in the VLAN Name field 4 Select the stacking member which the Guest VLAN parameters are displayed in the Unit field 5 Select the ports to be included in the Guest VLAN in the Port checkbox field The selected ports appear in the Port field 6 Click Add The Guest VLAN is added and the system is updated 124 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Port Authentication 802 1X Port based authentication authenticates users on a per port per mac basis via an external server Only authenticated and approved system users can transmit and receive data Ports are authenticated via the RADIUS server using the Extensible Authentication Protocol EAP The 802 1x Access Control protocol consists of the following vital components which stabilize Access Control Security Component Description Authenticators The Authenticator is an intermediary between the Authentication Server and the Client The authenticator Requests certification information via the Client EAPOL packets The EAPOL packets are the only information allowed to pass between supplicants and the authentication server until the authenticator is granted system access Verifies the information gathered from the Client with the Authentication Server and relays the information to the Client Supplicants Clients Specifies the host connected to the authenticated port requesting
90. 2 1Q VLANs to span network devices and the entire network providing all network devices are 802 1Q compliant Not all network devices are 802 1Q compliant Such devices are referred to as tag unaware 802 1Q devices are referred to as tag aware Prior to the adoption of 802 1Q VLANs port based and MAC based VLANs were in common use These VLANs relied upon a Port VLAN ID PVID to forward packets A packet received on a given port would be assigned that port s PVID and then be forwarded to the port that corresponds to the packet s destination address found in the switch s forwarding table If the PVID of the port receiving the packet is different from the PVID of the port that is to transmit the packet the switch drops the packet Within the switch different PVIDs mean different VLANs remember that two VLANs cannot communicate without an external router So VLAN identification based upon the PVIDs cannot create VLANs that extend outside a given switch or switch stack Every physical port on a switch has a PVID 802 1Q ports are also assigned a PVID for use within the switch If no VLANs are defined on the switch all ports are then assigned to a default VLAN with a PVID equal to 1 Untagged packets are assigned the PVID of the port on which they were received Forwarding decisions are based upon this PVID in so far as VLANs are concerned Tagged packets are forwarded according to the VID contained within the tag Tagged packets are also
91. 6 7 8 21 22 23 24 Engineering 2 9 10 11 12 Marketing 3 13 14 15 16 Finance 4 17 18 19 20 Sales 5 1 2 3 4 Table 3 1 VLAN Example Assigned Ports VLAN and Trunk Groups Trunk Groups LAGs can be added as member to a VLAN similar to ports The members of a trunk group have the same VLAN setting Any VLAN setting on trunk group members applies to the other member ports NOTE In order to use VLAN segmentation in conjunction with port trunk groups the port trunk group s can first be set and then the VLAN settings may be configured Changing the port trunk grouping with VLANs already in place doesn t require reconfiguration of the VLAN settings after changing the port trunk group settings VLAN settings automatically change in conjunction with the change of the port trunk group settings VLAN Status The VLAN List displays VLANs VLAN membership and membershiop type This window displays the ports on the switch that are currently Egress or Tag ports To view the following table open the L2 features gt VLAN folder and click the VLAN Status Link This section contains the following topics e Defining VLAN Properties e Configuring GVRP 66 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining VLAN Properties The VLAN Configuration Page provides information and global parameters for configuring and working with VLANs 1 Click L2 Features gt 802 1Q VLAN The VLAN Configuration
92. 92 168 0100 Total Entries 2 Unknown TLV Type Unknown TLV Information Bytes XX XX XX XX XX XX hexl XXXXXX XX XX XX hex o BA Logout DGS 3100 Series Gigabit Stackable Managed Switch User Manual The LLDP Remote Unknown TLVs Detailed Information Page contains the following fields Field Description Port Indicates the port number Entry Indicates the entry number Unknown TLV Type Indicates the unknown TLV type field Unknown TLV Information Bytes Displays the unknown TLV information bytes in hexadecimal format 108 DGS 3100 Series Gigabit Stackable Managed Switch User Manual CONFIGURING QUALITY OF SERVICE Configuring 1p Priority tagging is an IEEE 802 1p defined standard function designed to provide a means of managing traffic on networks where many different types of data are transmitted simultaneously It is intended to alleviate problems associated with the delivery of time critical data over congested networks The quality of applications dependent on such data such as video conferencing can be severely and adversely affected by even very small delays in transmission IEEE 802 1p standard compliant network devices recognize the priority level of data packets and can assign priority labels or tags to packets as well as strip priority tags from packets The priority tag determines the packet s degree of expeditiousness and the queue to which it is assigned Priority tags are assigned
93. COKRO O00 OOOOKOO0O0 Untag Port Tag Port Forbidden Port Figure 3 6 Add Edit VLAN Information Page The Add Edit VLAN Information Page contains the following fields Field Description VID Defines the VLAN ID VLAN Name Defines the user defined VLAN name The field ranges up to 32 characters Unit Defines the stacking member for which the VLAN parameters are displayed Untag Port Defines the interface is an untagged VLAN member Packets forwarded by the interface are untagged Tag Port Defines the interface is a tagged member of a VLAN All packets forwarded by the interface are tagged The packets contain VLAN information Forbidden Port Defines the interface VLAN membership even if GVRP indicates the port is to be added Not Member Indicates that the interface is not a member of the VLAN Port Select All Selects all ports and either untags tags excludes or removes the VLAN membership 3 Define the VID VLAN Name and port related fields 4 Select the Tagged Untagged and Forbidden ports 5 Click Apply To modify a VLAN Ww PY NA The VLAN is saved and the device is updated Click L2 Features gt 802 1Q VLAN The VLAN Configuration Page opens Select a VLAN in the VLAN Table Click Edit The configured VLAN parameters are displayed in the Add Edit VLAN Information section Modify the VLAN parameters Click Apply The VLAN information is modified and the devi
94. Click Apply The time range is modified and the device is updated Notes about IP and MAC Based ACLs in the DGS 3100 Series ACLs can be configured in DGS 3100 series via the WEB GUI in two ways through the ACL Configuration Wizard screen by automatic creation of profile and rule and through the ACL Profile List page by manual creation of profiles and rules By using the ACL Configuration Wizard page the user can create simple ACLs in a simple way after setting a rule via this page the system will create an Access Profile and also an Access Rule and will bind it to a port LAG or a group of ports LAG Each operation via the Wizard can create either MAC based ACL or IP based ACL the user can t combine both types of ACLs in the same operation NOTE Access Profile can be a MAC Access Profile or an IP Access Profile when using the ACL Conriguration Wizard IP or MAC should be selected in the From and To dropdowns When using the Access Profile List page after clicking Add Access Profile the user can choose wether to create L2 ACL MAC or L3 ACL IP e The user can set IP based ACL and MAC Based ACL on the same port s is the following way Go to Add Access Profile page Add L2 Access Profile with the desired fields 194 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Add L3 Access Profile with the desired fields
95. Define the Group ID and Type fields 4 Check the ports to be added to the LAG The port numbers are displayed in the Ports field 5 Click Apply The LAG settings are saved and the device is updated 71 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Notes about Trunking on the DGS 3100 Series DGS 3100 series supports up to 32 LAGs per device or stack NOTE A port must belong to the default VLAN when the user is adding the port to a LAG After adding the port to the LAG the LAG itself can be joined to other VLAN When a port is added to a LAG the port s configuration is stopping to be active this configuration will return to be active only after the port will be removed from the LAG 72 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Traffic Segmentation The Traffic Segmentation Page enables administrators to force traffic from source ports to bypass the Forwarding Database FDB and forward all Unicast Multicast and Broadcast traffic to the forwarding port Forwarding decisions by the forwarding port overwrite those of the protected source port To define Traffic Segmentation 1 Click L2 Features gt Traffic Segmentation The Traffic Segmentation Page opens D Link oumossoscesoscesoes ee oecesoscesoese Dlink AAA AAA AAA ree A E A AAA E pl Tools Y Stack ID B gt Up Time 2 days 5 10 17 Logged in as administrator admin 192 168 0 100 ye Logout DGS 3100 48 f Configur
96. Defines whether the interface interface is currently operational or non operational The possible field values are 31 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Enabled Indicates that the interface is currently receiving and transmitting traffic Disabled Indicates that the interface is currently not receiving and not transmitting traffic This is the default value Speed Defines the configured rate for the interface The port rate determines what speed setting options are available The possible field values are 10M Full Indicates the interface is currently operating at 10 Mbps and full duplex mode 10M Half Indicates the interface is currently operating at 10 Mbps and half duplex mode 100M Full Indicates the interface is currently operating at 100 Mbps and full duplex mode 100M Half Indicates the interface is currently operating at 100 Mbps and half duplex mode 1000M Full Indicates the interface is currently operating at 1000 Mbps and full duplex mode Auto Indicates the interface is automatically configured to the fastest network traffic the interface can manage Flow Control Defines the flow control scheme used for the various port configurations Interface configured for full duplex use 802 3x flow control half duplex interfaces use backpressure flow control and Auto interfaces use an automatic selection of the two The default is Disabled
97. Disabled Disables advertisement from the port Address Defines the management address advertised from the interface It is always the Switch s management address 2 Define the Unit From Port To Port Notification Admin Status Subtype Action and Address fields 3 Click 99 Apply The LLDP port settings are defined and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining LLDP Basic TLV Settings The LLDP Basic TLVS Setting Page displays LLDP basic TLV port information and contains parameters for configuring LLDP basic TLV port settings 1 im ha Click L2 Features gt LLDP gt LLDP Basic TLVS Setting The LLDP Basic TLVS Setting Page opens eooosoecssssseee ecesaesesegecco eesesseescc2eeee eee tt tt 28 48 2 es pta II PEI FEF M EDM SRE CRITECE TCG AE GICPREPALER KEIN gt Traffic Segmentation gt LACP Port Settings IGMP Snooping gt MLD Snooping gt Port Mirroring ja Spanning Tree Forwarding amp Fittering f LLDP 2 LLOP Global Settinc 2 LLDP Port Setting BLLDP Basic TLVS lt LLDP Dot3 TLVS S LLDP Local Port Bri gt LLDP Remote Port E H aos E 3 Security f Monitoring E GHACL lt 2 STAGKING STATUS From Port ToPort 48 Port Description Disabled v System Name Disabled v System Description Disabled x System Capabilities Disabled x System Capabilities Disabled Enabled Dis
98. Disabled 30 lt a 1 8 Disabled 35 STACKING STATUS 19 Disabled 40 a 3 1 10 Disabled 45 1 11 Disabled 50 1 12 Disabled 55 1 13 Disabled 60 1 14 Disabled 64 4 45 Nisahlad R M Figure 5 3 Port Security Page The Port Security Page contains the following fields Field Description Unit Displays the stacking member s ID for which the port security parameters are displayed From Port Indicates the port number from which the port security parameters are displayed To Port Indicates the port number to which the port security parameters are displayed Admin State Indicates if port security on the device The possible field values are Enable Indicates that port security is enabled on the device Disable Indicates that port security is disabled on the device This is the default value Max Address 0 64 0 means classic lock 1 64 defines the number of MAC addresses that can be learned on the port The field value is 0 64 The field default is 0 Port Displays the specific port number 122 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Max Learning Addr Indicates the number of MAC addresses that can be learned on the port 2 Define the Unit From Port To Port Max Address 0 64 and Admin State fields 3 Click PPY 123 Port security is enabled and the device is updated DGS 3100 Series Gigabit Stackable Managed
99. Dunk ooo eee D LINK DGS 3100 SERIES GIGABIT STACKABLE MANAGED SWITCH USER MANUAL v2 30 Information in this document is subject to change without notice 2007 D Link Computer Corporation All rights reserved Reproduction in any manner whatsoever without the written permission of D Link Computer Corporation is strictly forbidden Trademarks used in this text D Link and the D Link logo are trademarks of D Link Computer Corporation Microsoft and Windows are registered trademarks of Microsoft Corporation Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products D Link Computer Corporation disclaims any proprietary interest in trademarks and trade names other than its own FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with this user s guide may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense CE Mark Warning
100. Enable or disable the public key status in the Public key field 3 Click ee The Publickey SSH User Authentication setting is defined and the device is updated 140 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Application Authentication Settings Application Authentication permits network administrators to assign authentication methods for user authentication For example console users can be authenticated by Authentication List 1 while Telnet users are authenticated by Authentication List 2 1 Click Security gt Access Authentication Control gt Application Authentication Settings The Application Authentication Settings Page opens Building Networks for People Save DGS 3100 48 H H L2 Features H aos B p Security gt Safeguard Engine Trusted Host gt Port Security Guest VLAN 4 4 802 1X a SSL H SSH E Access Authentication E Application Authen Authentication Serv Login Method Lists Enable Method List 33 Configure Local En lt gt STACKING STATUS Tools Stack ID T e IETS y cog E Configuration Application Login Method List Enable Method List Console default vl default Y Telnet default v default Y SSH default v default x HTTP http_method_list HTTPS https_method_list Apply Figure 5 11 Application Authentication Settings Page The Application Authentication Settings Page contains
101. GS 3100 48 E Configuration E G L2 Features MLD Global Setting B tito frane MLD Snooping Enabled O Disabled 802 10 VLAN gt GVRP Settings 3 Trunking 3 Traffic Segmentation LACP Port Setti N 5 de VNE VUN Mam Timer TimeoutTimeout Ports Setting Table 5 IGMP Snooping gt MLD Snooping Disabled 3 Port Mirroring Enabled ja Spanning Tree Disabled E cd amp Filtering FEE H Q0S Disabled En 3 Security Enabled f Monitoring Disabled 2 ACL Enabled STAGKING STATUS Dis Enabled The VLAN Setting of MLD snooping Done Host Router State Static Router Multicast Entry Figure 3 13 MLD Snooping Page 79 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The MLD Snooping Page contains the following fields Field Description MLD Snooping Enables or disables MLD Snooping The possible field values are Enabled Enables MLD Snooping on the device Disabled Disables MLD Snooping on the device This is the default value VLAN ID Specifies the VLAN ID VLAN Name Displays the user defined VLAN name Done Timer Specifies the time interval in seconds after which a port is removed from the Multicast membership group Ports are removed from the Multicast membership when the port sends a Done Message indicating the port requests to leave the Multicast group The field range is 0 16711450 seconds The default timeout is 10 seconds Host Timeout S
102. Gigabit Stackable Managed Switch User Manual Defining RADIUS Settings Remote Authorization Dial In User Service RADIUS servers provide additional security for networks RADIUS servers provide a centralized authentication method for management access The default parameters are user defined and are applied to newly defined RADIUS servers If new default parameters are not defined the system default values are applied to newly defined RADIUS servers 1 Click Security gt 802 1X gt Authentic RADIUS Server The Authentic RADIUS Server Page opens Dummy 9990 P PLOCOCTCTO S 1 00 2992 esse 2 22225 2 9 2 Sue 245 6 sees oo SS 7 NRBAMSE BAT BARN ree A VII ap py a A g g A a DGS 3100 48 E Configuration E HL Features Succession m f Qos RADIUS Server El 4 Security i gt Safeguard Engine OERE En 3 Trusted Host Accounting Port gt Port Security Key gt st VLAN Guest VLAN Confirm Key Apply 802 1X ona aye ic RADIUS Server List fanene Raous RADIUS Server Auth UDP Port Acct UDP Port Forwarding EAP gt AA B ssL A 1813 pas 34 1813 H Access Authentication i 4 5 1813 El 3 Monitoring Ac bd i gt STACKING STATUS Figure 5 6 Authentic RADIUS Server Page The Authentic RADIUS Server Page contains the following fields Field Description Succession Defines the desired RADIUS server to configure Network managers use up to 3 RADIUS serv
103. IMITATION ANY WARRANTY OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT IF ANY IMPLIED WARRANTY CANNOT BE DISCLAIMED IN ANY TERRITORY WHERE A PRODUCT IS SOLD THE DURATION OF SUCH IMPLIED WARRANTY SHALL BE LIMITED TO NINETY 90 DAYS EXCEPT AS EXPRESSLY COVERED UNDER THE LIMITED WARRANTY PROVIDED HEREIN THE ENTIRE RISK AS TO THE QUALITY SELECTION AND PERFORMANCE OF THE PRODUCT IS WITH THE PURCHASER OF THE PRODUCT Limitation of Liability TO THE MAXIMUM EXTENT PERMITTED BY LAW D LINK IS NOT LIABLE UNDER ANY CONTRACT NEGLIGENCE STRICT LIABILITY OR OTHER LEGAL OR EQUITABLE THEORY FOR ANY LOSS OF USE OF THE PRODUCT INCONVENIENCE OR DAMAGES OF ANY CHARACTER WHETHER DIRECT SPECIAL INCIDENTAL OR CONSEQUENTIAL INCLUDING BUT NOT LIMITED TO DAMAGES FOR LOSS OF GOODWILL LOSS OF REVENUE OR PROFIT WORK STOPPAGE COMPUTER FAILURE OR MALFUNCTION FAILURE OF OTHER EQUIPMENT OR COMPUTER PROGRAMS TO WHICH D LINK S PRODUCT IS CONNECTED WITH LOSS OF INFORMATION OR DATA CONTAINED IN STORED ON OR INTEGRATED WITH ANY PRODUCT RETURNED TO D LINK FOR WARRANTY SERVICE RESULTING FROM THE USE OF THE PRODUCT RELATING TO WARRANTY SERVICE OR ARISING OUT OF ANY BREACH OF THIS LIMITED WARRANTY EVEN IF D LINK HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES THE SOLE REMEDY FOR A BREACH OF THE FOREGOING LIMITED WARRANTY IS REPAIR REPLACEMENT OR REFUND OF THE DEFECTIVE OR NON CONFORMING PRODUCT THE MAXIMUM LIABILITY OF D LINK UNDER THIS WA
104. ING BUT NOT LIMITED TO DAMAGES FOR LOSS OF GOODWILL WORK STOPPAGE COMPUTER FAILURE OR MALFUNCTION LOSS OF INFORMATION OR DATA CONTAINED IN STORED ON OR INTEGRATED WITH ANY PRODUCT RETURNED TO D LINK FOR WARRANTY SERVICE RESULTING FROM THE USE OF THE PRODUCT RELATING TO WARRANTY SERVICE OR ARISING OUT OF ANY BREACH OF THIS LIMITED WARRANTY EVEN IF D LINK HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES THE SOLE REMEDY FOR A BREACH OF THE FOREGOING LIMITED WARRANTY IS REPAIR REPLACEMENT OR REFUND OF THE DEFECTIVE OR NON CONFORMING PRODUCT GOVERNING LAW This Limited Warranty shall be governed by the laws of the state of California Some states do not allow exclusion or limitation of incidental or consequential damages or limitations on how long an implied warranty lasts so the foregoing limitations and exclusions 202 may not apply This limited warranty provides specific legal rights and the product owner may also have other rights which vary from state to state Trademarks Copyright 2007 D Link Corporation Contents subject to change without prior notice D Link is a registered trademark of D Link Corporation D Link Systems Inc All other trademarks belong to their respective proprietors Copyright Statement No part of this publication may be reproduced in any form or by any means or used to make any derivative such as translation transformation or adaptation without permission from D Link Corporation D Link System
105. Indicates the stacking member for which the STP port settings are displayed From Port Defines the first port in a consecutive sequence of ports To Port Defines last port in a consecutive sequence of ports Cost 0 Auto Defines a metric that indicates the relative cost of forwarding packets to the specified port list Port cost can be set automatically or as a metric value The default value is 0 auto O auto Setting O for the external cost automatically sets the speed for forwarding packets to the specified port s in the list for optimal efficiency Default port cost 10Mbps port 2000000 100Mbps port 200000 Gigabit port 20000 Port channel 20000 Value 1 200000000 Define a value between 1 and 200000000 to determine the external cost The lower the number the greater the probability the port will be chosen to forward packets 88 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Edge Indicates whether the selected port is an edge port The possible field values are True Defines the port as an edge port Edge ports cannot create loops however they can lose edge port status if a topology change creates a potential for a loop An edge port normally should not receive BPDU packets If a BPDU packet is received it automatically loses edge port status False Indicates that the port does not have edge port status Forwarding BPDU Bridges use Bri
106. Manual If L3 ACL TCP is selected the page updates as follows 4 A D Link Dik oe eT eS AS cc Ml all olla la o Building Networks for People 283 310048 Tra HE DGS 3100 48 E f Configuration Select Frame Type f Security OL2ACL f Monitoring OL3AcL TCP f ACL 3 ACL Configuration Wizard You can select the field in the packet to create filtering mask E Access Profile List ACL Finder 3 Time Range Setting L2 Header IPv4 DSCP IPv4 Address TCP Port TCP Flag STACKING STATUS E ooog gug TERRES Ki siaa E AA AA y aaa soca a Tamannana sasssees soscseee im XP mos rr AA Figure 8 15 ACL Profile L3 TCP Page To define L3 TCP Port ACL profile 1 Click the TCP Port button The ACL Profile L3 TCP Port Page updates to show the following D Link Building Networks for People aessa vE T m Save X Tools Y Stack ID ds DGS 3100 48 Configuration a Select Frame Type OL2ACL P Security E f Monitoring L3 ACL TCP Eg ACL F You can select the field in the packet to create filtering mask 3 ACL Configuration Wizard s Profile List L2 Header IPv4 DSCP IPv4 Address TCP Flag Time Range Setting TCP Port C Source Port Mask E C Destination Port Mask STACKING STATUS FE sts SESEEN Us saag o ooo cnn Figure 8 16 ACL Profile L3 TCP Port Page 183 DGS 3100 Series Gigabit Stackable Managed
107. Multicast groups Feature access is granted via the MIB name or MIB Object ID 1 Click Configuration gt SNMP Berney gt on View Table The SNMP View Table st opens kuing Hats tye Peg ld p ls Ai Hime 3 b7Te CoM Ue ESS mues zens 1 SMP y oe Table ES gt EEP ber sce ARO nue zens 1 SP ca Totty Fee beer 3 nuez TT 5 SMP tot Table Ale PR Salded Zera Figure 2 12 SNMP View Table Page The SNMP View Table Page contains the following fields Field Description View Name Defines the view name limited to 30 alphanumeric characters Subtree OID Defines the OID included in or excluded from the selected SNMP view View Type Defines whether the defined OID branch will be included in or excluded from the selected SNMP view 2 Define the View Name Subtree OID and View Type fields 3 Click Apply The SNMP View Table is defined and the device is updated To delete a view from the SNMP View Table Page 1 Select an entry on the list 2 Click Delete The entry is deleted and the device is updated 46 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Groups The SNMP Group Table Page provides information for creating SNMP groups and assigning SNMP access control privileges to SNMP groups Groups enable network managers to assign access rights to specific device features or feature aspects To define SNMP groups 1 Click Configuration gt SNMP Setti
108. October 30 Taiwan Taiwan does not use daylight saving time Turkey From the last weekend of March until the last weekend of October United Kingdom From the last weekend of March until the last weekend of October United States of America From the second Sunday in March at 02 00 to the first Sunday in November at 02 00 42 DGS 3100 Series Gigabit Stackable Managed Switch User Manual To configure the system time e Click Configuration gt SNTP Settings gt TimeZone Settings The TimeZone Settings Page opens Building Networks for People Lg DGS 3100 48 E 4 Configuration Fa System Information gt IP Address Stacking Settings 4 3 Port Configuration ARP Settings User Accounts System Log Host El fl SNTP Settings gt Time Settings 3 E B SNMP Settings DHCP Auto Configuration E Dual image Services gt Telnet Setting H B L2 Features fj Qos E Security El 3 Monitoring E BBACL STACKING STATUS oo TADO 7 pes 2 z AAA APE tt tt OS a a a a a a a pr Sie E FEF Fp y y e y wa ezz Up Time 2 days 5 10 El PToggedi in as administrator admin 192 168 0 100 Mars Daylight Saving Time State Disabled y Daylight Saving Time Offsetin Minutes 60 x Time Zone Offsetfrom GMT in HH MM amp 00 00 x DST Repeating Settings From Which week of the month From Day of Week From Month From time in HH MM To Which Day To Day of Week To Month T
109. P is present in the configuration file it will be ignored To enable DHCP Auto Configuration 1 Click Configuration gt fir Auto Dead The DACP Auto an guration Page opens El p Configuration gt System Information gt IP Address gt Stacking Settings 3 Port Configuration ARP Settings gt User Accounts gt System Log Host A SNTP Settings 3 SNMP Settings 2 Dual Image Services gt Telnet Setting E H E E A L2 Features Pos H Security E Monitoring gacl lt amp STACKING STATUS Y FAA o se s Ed 40 45 22 esse eoo o 7 o nana 22232 Apply DHCP Auto Configuration Enabled Disabled Figure 2 19 DHCP Auto Configuration Page The DHCP Auto Configuration Page contains the following fields Field Description DHCP Auto Specifies whether the device gets an updated image file and updated configuration file through Configuration the DHCP Server whenever the device reboots The DHCP server maintains the TFTP Server IP address where the files are saved The possible field values are e Enabled Enables automatic updates from the DHCP server e Disabled Disables automatic updates from the DHCP server This is the default value 2 Select Enabled to turn on DHCP Auto configuration or Disabled to turn it off Disabled is the default 2 Click APP The DHCP automatic configuration update is modified an
110. PO P od 09 00 do 17 00 D Link Building Networks for People 212 213 Technikai Tamogatas Meghajt programokat s friss t seket a D Link Magyarorsz g weblapj r l t lthet le Telefonon technikai seg ts get munkanapokon h tf t l cs t rt kig 9 00 16 00 r ig s p nteken 9 00 14 00 r ig k rhet a 1 461 3001 telefonsz mon vagy a support dlink hu emailc men Magyarorsz gi technikai t mogat s D Link Magyarorsz g 1074 Budapest Als erd sor u 6 R70 Irodah z 1 em Tel 06 1 461 3001 Fax 06 1 461 3004 email support dlink hu URL http www dlink hu D Link Building Networks for People Teknisk Support Du kan finne programvare oppdateringer og bruker dokumentasjon pa D Links web sider D Link tilbyr sine kunder gratis teknisk support under produktets garantitid Kunder kan kontakte D Links teknisk support via vare hjemmesider eller pa tif Teknisk Support D Link Teknisk telefon Support 800 10 610 Hverdager 08 00 20 00 D Link Teknisk Support over Internett http www dlink no D Link Building Networks for People 214 215 Teknisk Support Du finder software opdateringer og bruger dokumentation pa D Link s hjemmeside D Link tilbyder gratis teknisk support til kunder i Danmark i hele produktets garantiperiode Danske kunder kan kontakte D Link s tekniske support via vores hjemmeside eller telefonisk D Link teknisk su
111. Port TCP Flag Mask Indicates if TCP flag mask is active Access ID Defines the Access ID Type Displays the profile type 1P based Source IP Address Displays the source IP address TCP Flag Defines the indicated TCP flag that can be triggered Source Port Displays the TCP source port Ports Defines the ports or LAGs on which the access profile will work Action Defines the action to be taken The possible values are Permit Forwards packets if all other ACL criteria are met Deny Drops packets if all other ACL criteria is met Rate Limiting Rate limiting is activated if all other ACL criteria are met Change 1P priority VPT CoS value is changed if all other ACL criteria is met Replace DSCP Reassigns a new DSCP value to the packet if all other ACL criteria are met Time Range Specifies whether the access rule is time based 188 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Range Name Selects the user defined time range name to apply to the access rule 2 Define the Rule Detail fields 3 Click Apply The rule is changed and the device is updated NOTE Each Access Profile must create rules with unuque Access IDs Access IDs canno overlap in two different Access Profiles 189 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Finding ACL Rules The ACL Finder Page identifies any rule which has be
112. RRANTY IS LIMITED TO THE PURCHASE PRICE OF THE PRODUCT COVERED BY THE WARRANTY THE FOREGOING EXPRESS WRITTEN WARRANTIES AND REMEDIES ARE EXCLUSIVE AND ARE IN LIEU OF ANY OTHER WARRANTIES OR REMEDIES EXPRESS IMPLIED OR STATUTORY Governing Law This Limited Warranty shall be governed by the laws of the State of California Some states do not allow exclusion or limitation of incidental or consequential damages or limitations on how long an implied warranty lasts so the foregoing limitations and exclusions may not apply This Limited Warranty provides specific legal rights and you may also have other rights which vary from state to state Trademarks D Link is a registered trademark of D Link Systems Inc Other trademarks or registered trademarks are the property of their respective owners Copyright Statement No part of this publication or documentation accompanying this product may be reproduced in any form or by any means or used to make any derivative such as translation transformation or adaptation without permission from D Link Corporation D Link Systems Inc as stipulated by the United States Copyright Act of 1976 and any amendments thereto Contents are subject to change without prior notice Copyright 2007 by D Link Corporation D Link Systems Inc All rights reserved CE Mark Warning This is a Class A product In a residential environment this product may cause radio interference in which case the user may be required to take adequa
113. S test123 private v3 None ees a Confirm Password Password r SZZLEERE a atte _Seeeeres cveerres vevevovv A a TS ssessses r eropeeer uy was TOS socossos ssssssso paz JLAEELEE Es MITY ras UTRERA Figure 2 14 SNMP User Table Page The SNMP User Table Page contains the following fields Field Description User Name Defines the SNMP user name included in the SNMP user group Group Name Defines the SNMP group and assigned to a user SNMP V3 Encryption Defines the SNMPv3 user authentication method The possible field values are None No user authentication is used Password Provides user authentication via the HMAC SHA 96 authentication level password or HMAC MD5 96 password Key Provides user authentication via the HMAC MDS algorithm or the HMAC SHA 96 authentication level Auth Protocol by Password Selects the authentication password type used to authenticate users The possible field values are MDS Defines that HMAC MD5 96 password is used for authentication SHA Defines that HMAC SHA 96 authentication level password is used for authentication Password Defines the password used for authentication 1 32 digits Confirm Password Confirms the password used for authentication 1 32 digits 49 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Auth Prot
114. SNMP Version 1 traps are sent SNMPV2c Indicates that SNMP Version 2 traps are sent SNMPV3 NoAuth NoPriv Indicates that the SNMP version 3 is assigned with a NoAuth NoPriv security level and traps of that level will be sent SNMPV3 Auth NoPriv Indicates that the SNMP version 3 is assigned with an Auth NoPriv security level and traps of that level will be sent SNMPV3 Auth Priv Indicates that the SNMP version 3 is assigned with an Auth Priv security level and traps of that level will be sent Community String SNMPv3 User Name Defines the community string or assigned to the SNMP V3 user 2 Define the Host IP Address field 3 Select the trap type in the SNMP Version field 4 Define the Community String SNMPv3 User Name field 5 Click PPY The SNMP Host Table is defined and the device is updated To delete a SNMP Host Table Page List entry 1 Select an entry 2 Click Delete The entry is deleted and the device is updated 53 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Engine ID The Engine ID is a unique identifier used for SNMP V3 implementations This is an alphanumeric string used to identify the SNMP engine on the switch To define the SNMP Engine ID 1 Click Configuration gt SNMP Settings gt SNMP Engine ID The SNMP Engine ID Page opens oses 66 BS SESEEESEES D Link 3 Dlink att Pere T Ty TT we Tree Te TT J Sree Seer ery PRR FERRET o el
115. Safeguard Engine Indicates if the safeguard engine is enabled on the device The possible field values are Enabled Enables the safeguard engine on the device This is the default value Disabled Disables the safeguard engine on the device 2 Set the safeguard engine status in the Safeguard Engine field 3 Click Ay The Safeguard Engine is enabled and the device is updated NOTE The CPU Utilization thresholds that activate and deactivate the Safeguard engine are predefined If Safeguard is enabled the protected mechanism is activated if the CPU Utilization is higher than 70 and deactivated if the CPU Utilization is lower than 20 120 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Trust Host The Trusted Host Page permits network managers to manage the device from remote stations Network managers can configure up to three remote stations Ensure that the remote stations are configured with the IP address from which the device is currently being configured to prevent disconnection To enable Trust Host 1 Click Security gt Trusted Host The Trusted Host Page opens w Diink 999990909999999 9 OND 4 5 6 D Link a A PU De 3100 48 e MEA ccc MM 0GS 3100 48 41 9 Configuration L2 Features IP14 Access to Switch as 5 ae IP2 Access to Switch 0 0 Safeguard Engine IP3 Access to Switch 0 2 gt Port Security Guest VLAN A 802 1X Note Create a list of
116. The LLDP Local Misc Detail Information Page is displayed Building Networks tor People AE StackID 1 gt Port Mirroring P Spanning Tree Forwarding amp Filtering 3 Unicast Forwarding Multicast Forwarding gt Multicast Filtering Mode fo LoP MACIPHY Configuration Status gt LLDP Global Setting 33 LLDP Port Setting 2 LLDP Basic TLVS Settir LDP Dot3 TLVS Settini 2 LLOP Remote Port Brief H H Qos gt Bandwidth Control gt Traffic Control gt 802 1p Default Priority gt 802 1p User Priority lt gt STACKING STATUS o ro EAS sl XP o veeseers laggesses sesssees cesseses AN pa 5 SSZEEEEN saaa 103 Auto Negotiation Support Auto Negotiation Enable Auto Negotiation Advertised Capability Auto Negotiation Operational MAU Type Figure 3 22 LLDP Local Misc Detail Information Page Supported Enabled 1000BASE T full duplex mode Unknown DGS 3100 Series Gigabit Stackable Managed Switch User Manual The LLDP Local Misc Detail Information Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP local detail information is displayed Port Indicates the port number Auto Negotiation Support Indicates the port speed auto negotiation support status Auto Negotiation Enable Indicates the port speed auto negotiation active status Auto Negotiation Advertised Capability Displays the port speed aut
117. User Manual Field Description LLDP Status Specifies the LLDP status on the device The possible field values are Enabled Enables LLDP on the device This is the default Disabled Disables LLDP on the device LLDP Forward Status Specifies the LLDP packet forwarding status when LLDP is disabled on the device The possible field values are Enabled Enables LLDP packet forwarding on the device Disabled Disables LLDP packet forwarding on the device Message TX Interval Defines the LLDP message update transmission interval in seconds The possible field values are 5 32768 seconds The default is 30 seconds Message TX Hold Multiplier Configures the Time To Live TTL of an LLDP packet which is the time interval that a receiving device holds an LLDP packet before discarding it The TTL is defined as the Message TX Hold Multiplier times the Message TX Interval The possible field values are 2 10 The default is 4 LLDP TX Delay Defines the time delay in seconds between successive LLDP frame transmissions initiated by value or status changes The possible field values are 1 8192 seconds The default is 2 seconds LLDP Reinit Delay Defines the time interval in seconds before reinitializing an LLDP transmission after LLDP is disabled The possible field values are 1 10 seconds The default is 2 seconds 2 To configure LLDP Global parameters select Enabled in the LLDP Status field a
118. View Table Viewing UMB_cast Packet Statistics The UMB_cast RX Page displays the number of UMB cast Unicast Multicast and Broadcast packets received on the device 1 Click Monitoring gt Packets gt UMB_cast RX The UMB_cast RX Page opens 0299 99 g 2 a anna PRA a PPP PEI PEI E El 3 Configuration 2 9 L2 Features H Qos E Security E Monitoring gt Stacking Information CPU Utilization gt Port utilization gt Packet Size E Packets gt Received RX 2 gt Transmitted TX Multicast RADIUS Authentication gt Browse ARP Table 2 Browse MLD Router Pc gt Browse Router Port gt Browse Session Table 2 IGMP Snooping Group 2 MIN Snnonine Gran Y L amp STACKING STATUS 01 v 01 x View Table Apply J _ Clear J Unicast Broadcast A Unit packet sec Time Interval 1s v Record Number Show Hide Y Unicast I7 Multicast Y Broadcast Figure 6 6 UMB_cast RX Page The UMB_cast RX Page contains the following fields Field Description Unit Indicates the stacking member for which the UMB_cast packets are displayed Port Indicates the port for which the UMB_cast packets parameters are displayed Unicast Indicates the number of Unicast packets received and transmitted through the device Multicast Indicates the number of Multicast packets received and transmitted through the device
119. a 1680 Bulgaria TEL 359 2 958 22 42 FAX 359 2 958 65 57 URL www dlink eu Czech Republic Vaclavske namesti 36 110 00 Praha 1 Czech Republic TEL 420 224 247 500 FAX 420 224 234 967 Hot line CZ 420 225 281 553 Hot line SK 421 263 813 628 URL www dlink cz URL www dlink sk Denmark Naverland 2 DK 2600 Glostrup Copenhagen Denmark TEL 45 43 96 9 040 FAX 45 43 42 43 47 URL www dlink dk Finland Latokartanontie 7A FIN 00700 Helsinki Finland TEL 358 10 309 8840 FAX 358 10 309 8841 URL www dlink fi France 41 boulevard Vauban 78280 Guyancourt France TEL 33 0 1 30 23 86 88 FAX 33 0 1 30 23 86 89 URL www dlink fr Germany Schwalbacher Strasse 74 D 65760 Eschborn Germany TEL 49 0 6196 77 990 FAX 49 0 6196 77 99 300 URL www dlink de Greece 101 Panagoulis Str 163 43 Heliopolis Athens Greece TEL 30 210 9914512 FAX 30 210 9916902 URL www dlink gr Hungary R k czi t 70 72 HU 1074 Budapest Hungary TEL 36 0 1 461 30 00 FAX 36 0 1 461 30 04 URL www dlink hu Italy Via Nino Bonnet n 6 b 20154 Milano Italy TEL 39 02 2900 0676 FAX 39 02 2900 1723 URL www dlink it Luxembourg Rue des Colonies 11 B 1000 Brussels Belgium TEL 32 0 2 517 7111 FAX 32 0 2 517 6500 URL www dlink be Netherlands Weena 290 3012NJ Rotterdam Netherlands TEL 31 0 10 282 1445 FAX 31 0 10 282 1331 URL www dlink nl
120. a T cnica Puede encontrar las ultimas versiones de software asi como documentaci n t cnica en el sitio web de D Link D Link ofrece asistencia t cnica gratuita para clientes residentes en Espa a durante el periodo de garant a del producto Asistencia T cnica de D Link por tel fono 34 902 30 45 45 Lunes a Viernes de 9 00 a 14 00 y de 15 00 a 18 00 Asistencia T cnica de D Link a trav s de Internet http www dlink es support e mail soporte dlink es D Link Building Networks for People 208 209 Supporto tecnico Gli ultimi aggiornamenti e la documentazione sono disponibili sul sito D Link Supporto tecnico per i clienti residenti in Italia D Link Mediterraneo S r L Via N Bonnet 6 B 20154 Milano Supporto Tecnico dal lunedi al venerdi dalle ore 9 00 alle ore 19 00 con orario continuato Telefono 199 400057 URL http Awww dlink it supporto html Email tech dlink it D Link Building Networks for People Technical Support You can find software updates and user documentation on the D Link website D Link provides free technical support for customers within Benelux for the duration of the warranty period on this product Benelux customers can contact D Link technical support through our website or by phone Tech Support for customers within the Netherlands D Link Technical Support over the Telephone 0900 501 2007 Monday to Friday 9 00 am to 10 00 pm D Link Technical Support over the I
121. a tagging port The switch then determines if the destination port is a member of the same VLAN has the same VID as 65 DGS 3100 Series Gigabit Stackable Managed Switch User Manual the ingress port If it does not the packet is dropped If it has the same VID the packet is forwarded and the destination port transmits it on its attached network segment This process is referred to as ingress filtering and is used to conserve bandwidth within the switch by dropping packets that are not on the same VLAN as the ingress port at the point of reception This eliminates the subsequent processing of packets that is just dropped by the destination port Default VLANs The switch initially configures one VLAN VID 1 called default The factory default setting assigns all ports on the switch to the default Ports can t be removed from the default VLAN If a port is configured as Untagged member to other VLAN it will be authomatically removed from the default VLAN Packets cannot cross VLANs If a member of one VLAN wants to connect to another VLAN the link must be through an external router NOTE If no VLANs are configured on the switch then all packets are forwarded to any destination port Packets with unknown source addresses are flooded to all ports Broadcast and multicast packets are also flooded to all ports An example is presented in this table VLAN Name VID Switch Ports System default 1 5
122. aa a aE EEE E EEEN AREATA 193 TECHNICAL SUPPORT DGS 3100 Series Gigabit Stackable Managed Switch User Manual Preface This preface provides an overview to the guide and includes the following sections System Overview Viewing the Device Device Management Methods User Guide Overview Intended Audience Notes Notices and Cautions Safety Cautions General Precautions for Rack Mountable Products DGS 3100 Series Gigabit Stackable Managed Switch User Manual System Overview The DGS 3100 series and the DGS 3100 24TG Gigabit Ethernet Switches enhance networks by providing a powerful switch that eliminates network bottlenecks enabling network administrators to fine tune network configurations The DGS 3100 series and the DGS 3100 24TG are perfect for departmental and enterprise connections and are ideal for backbone and server connections Viewing the Device The devices described in this section are stackable Gigabit Ethernet Managed Switches Device management is performed using an Embedded Web Server EWS or through a Command Line Interface CLI The device configuration is performed via an RS 232 interface This section contains descriptions for the following e DGS 3100 series Front Panel e DGS 3100 24TG Front Panel DGS 3100 Series Front Panel The DGS 3100 series provides 24 48 high performance 1000BASE T ports The 1000Base T ports operate at 10 100 1000 and connect to backbones end stations and servers The DGS 310
123. able Managed Switch User Manual Defining Access Rules Lists The following conditions can be defined as Access Rules Filter Description Source Port IP Address and Wildcard Mask Filters the packets by the Source port IP address and wildcard mask Destination Port IP Address and Wildcard Mask Filters the packets by the Source port IP address and wildcard mask Protocol Filters the packets by the Layer 4 protocol DSCP Filters the packets by the DiffServ Code Point DSCP value IP Precedence Filters the packets by the IP Precedence Action Indicates the action assigned to the packet matching the ACL conditions Packets are forwarded dropped or going through QoS action e Click ACL gt Access Profile List The Access Profile List Page opens 193 Dik 299999929229 Building Networks tor People a Save Fools S stack iD ba i ba DGS 3100 48 E Configuration E P L2 Features H B Qos H Security f Monitoring Source MAC MAC Ether Type VLAN ID Show Details _J _Edit New Rules Delete EGG ACL Source IP TCP Source Port TCP Flag Time Range Show Details _J _Edit New Rules Delete 3 ACL Configuration Wizard gt PTE A ACL Finder Time Range Setting CurrentiMax Profile 2 15 Current Max Rule 2 240 Add ACL Profile STACKING STATUS Ay An Figure 8 20 Access Profile List Page The Access Profile List Page contains the following fields
124. abled System Description Enabled Disabled Enabled Port Port Description Disabled Disabled Disabled System Name Disabled Enabled 1 2 3 Disabled Figure 3 18 LLDP Basic TLVS Setting Page The LLDP Basic TLVS Setting Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP basic TLV port settings are defined From Port Defines the first port in a consecutive sequence of ports To Port Defines last port in a consecutive sequence of ports Port Description Specifies whether the Port Description TLV is enabled on the port The possible field values are Enabled Enables the Port Description TLV on the port Disabled Disables the Port Description TLV on the port System Name Specifies whether the System Name TLV is enabled on the port The possible field values are Enabled Enables the System Name TLV on the port Disabled Disables the System Name TLV on the port System Description Specifies whether the System Description TLV is enabled on the port The possible field values are Enabled Enables the System Description TLV on the port Disabled Disables the System Description TLV on the port System Capabilities Specifies whether the System Capabilities TLV is enabled on the port The possible field values are 100 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field
125. abled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Enabled Es Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 a Logout Apply Ingress Acceptable Frame Type Apply Acceptable Frame Type All frames All frames All frames All frames All frames All frames All frames All frames All frames All frames All frames All frames All frames All frames CMRI Figure 3 7 GVRP Setting Page DGS 3100 Series Gigabit Stackable Managed Switch User Manual The GVRP Setting Page contains the following fields Field Description GRVP Global Setting Defines whether GRVP is enabled on the device The possible field values are Enabled Enables GRVP on the device Disabled Disables GRVP on the device This is the default value Unit Defines the stacking member s Unit ID and LAGs for which GVRP parameters are displayed From Port Defines the first port number that is displayed to which GVRP are assigned To Port Defines the last port number that is displayed to which GVRP are assigned PVID Defines the PVID assigned to the port GVRP Defines whether GVRP is enabled on the port The possible field values are Enabled Enables GVRP on the selected port Disabled Disables GVRP on the selected port This is the default value Ingress Defines whether Ingress filtering is enabled on the device The possible
126. acking member is initialized in stack mode the stacking member s behavior depends on its Unit ID e Ifthe stacking member does not have a current Unit ID the stacking member operates in Factory Default mode If there is a Stacking Master the stacking member is assigned a Unit ID through Unit ID Allocation The stacking members receive a Unit ID from the Stacking Master If the stack does not have a Stacking master then the switch participates in Master Election and may be elected either the new Stacking Master or Backup Master e Ifthe stacking member s current Unit ID is 1 or 2 the stacking member participates in the Master Election For example the Unit ID was previously allocated or the stacking member was in a different stack e Ifthe stacking member has a current Unit ID the stacking members attempts to use the Unit ID in the new stack If the stacking member current ID is 3 4 5 or 6 then the stacking members attempts to connect to the running Stack Master The new stacking member does not proceed to the next stage until there is contact with the Stack Master These stacking members do not participate in the Master Election process and if no Stack Master is present the stacking members network ports are shut down Only the stacking ports are operational Both the Stack Master and all other stacking members carry out a continuous process of Master Discovery by frequently exchanging stack control messages This allows the stacking me
127. additional features comparing to version 1 x x for more details please refer to the Release Notes When upgrading firmware from version 1 x x to version 2 x x on the switch the user should upgrade the boot software as well from version 1 0 0 3 to version 1 0 0 4 Upgrade Procedure Important Notes ACL backward compatibility issue In firmware 1 x x TCP UDP ports of access profile are in hexadecimal instead of decimal values In version 2 x x TCP UDP port value entries are in decimal value However if the user upgrades the switch firmware from version 1 x x to version 2 x x the value will be retained as hexadecimal value ACLs access rules priority did not work in firmware version 1 x x In firmware version 2 x x the priority is supported and it is not allowed two identical access rules priority from different access profiles If the user download configuration file from version 1 x x which including ACLs which has more than one rule it might not work and there will be an error message The user can delete and create the ACLs again if he encountered a problem Tacacs Radius backwards compatibility issue In firmware version 1 x x it is possible to configure up to 4 Tacacs Radius servers In firmware version 2 x x it is possible to configure up to 3 servers from each type In addition to that it was not required to configure priority to Tacacs servers in 1 x x while in 2 x x it is required If the user configured 4 servers in version
128. age Services gt Firmware Information The Firmware Information Page opens 09 e ce nos e a Da 9 o CMI e ee a i a d E di dh dr da i 00 008 2292 esse Tr 2 29 o 222999 D Link 5 na m2 2 Pa Stee Serer VIVIA PERF EH i SER Ber EE CO ETET TETTA a re arr i 99 Li G5 Configuration A PL AA gt System information gt IP Address gt Stacking Settings E P Port Configuration Unit Image Version Update Time gt ARP Settings 1 a 1 1 2 10 2007 10 22 01 12 20 2 User Accounts 1 2 1 1 1 10 2007 10 20 10 55 23 gt System Log Host 2 1 1 1 2 10 2007 10 22 01 15 30 E SNTP Settings 2 52 1 1 1 10 2007 10 20 11 05 03 E SNMP Settings 3 ma 1 1 2 10 2007 10 22 01 17 20 DHCP Auto Configuratic 3 2 1 1 1 10 2007 10 20 11 15 20 ff Dual Image Services 4 ms 1 1 2 10 2007 10 22 01 21 35 gt TT 4 2 1 1 1 10 2007 10 20 11 22 23 gt Config Firmware Ir 5 si 1 1 2 10 2007 10 22 01 23 20 gt Telnet Setting 5 2 1 1 1 10 2007 10 20 11 40 59 P L2 Features E 6 Le 1 1 2 10 2007 10 22 01 45 38 E oos 6 2 1 1 1 10 2007 10 20 12 05 12 H Security s l a Note means boot up firmware STACKING STATUS o ua az Figure 2 20 Firmware Information Page The Firmware Information Page contains the following fields Field Description Unit Displays the stacking member for which the firmware image information is displayed Image Each device has two image files one for reboot
129. ages Event messages have a unique format as per the Syslog protocols recommended message format for all error reporting For example Syslog and local device reporting messages are assigned a severity code and include a message mnemonic which identifies the source application generating the message Messages are filtered based on their urgency or relevancy Each message severity determines the set of event logging devices that are sent per each event message 1 Click Configuration gt System Log Host The System Log Host Page opens mk 2990009000000000 0o00 o coo 2999999999990 o TPeFVYONRH N 7 a nanona LA gt Dunk ee ele eee oe M UVA corra PU PU E Up Time 2 days 5 10 Tee Logged in as administrator admin 192 168 0 100 E Logout ra HEM E Si DGS 3100 48 E Configuration gt System Information Add System Log Host P Address Index 3 Stacking Settings Server IP Severity Warning E Facility Local0 da UDP Port 1 65535 am ARP Settings 3 User Accounts System Log Host 2 SNTP Settings System Log Host List BSNUP Settings Index DHCP Auto Configuratic 1 Dual Image Services 2 gt Telnet Setting L2 Features H 00S 3 H Security E Monitoring w lt Jl amp STACKING STATUS Prbeesene desidia bend E Da Server IP Severity Facility UDP Port 10 0 0 5 All Local 1 514 10 0 0 6 Informational Local 7 514 Figure 2 9 System Log Host Page T
130. aim their warranty obligation pertaining to the product and in that case the product is being sold As ls without any warranty whatsoever including without limitation the Limited Warranty as described herein notwithstanding anything stated herein to the contrary Submitting A Claim The customer shall return the product to the original purchase point based on its return policy In case the return policy period has expired and the product is within warranty the customer shall submit a claim to D Link as outlined below e The customer must submit with the product as part of the claim a written description of the Hardware defect or Software nonconformance in sufficient detail to allow D Link to confirm the same along with proof of purchase of the product such as a copy of the dated purchase invoice for the product if the product is not registered e The customer must obtain a Case ID Number from D Link Technical Support at 1 877 453 5465 who will attempt to assist the customer in resolving any suspected defects with the product If the product is considered defective the customer must obtain a Return Material Authorization RMA number by completing the RMA form and entering the assigned Case ID Number at https rma dlink com e After an RMA number is issued the defective product must be packaged securely in the original or other suitable shipping package to ensure that it will not be damaged in transit and the RMA number must be prominen
131. al rules will be 2 Totally in the system we will use 6 rules out of the available 240 Example 2 Assume that Access IDs 1 2 3 4 are bound to ports 1 10 this is a unique set of rules and the count of rules in this case is 4 Assume that Access IDs 4 5 6 are bound to ports 11 20 this is another unique set of rules and the count of additional rules will be 3 In addition Access IDs 5 6 are bound to ports 21 30 this is another unique set of rules and the count of additional rules will be 2 Totally in the system there are 4 3 2 9 rules NOTE ACL with action of Rate Limit can be applied only on one portt LAG at a time This type of ACL is treated by the system as a unique ACL on each port it is bound to so all the rules on a portt LAG which has an ACL with Rate Limit action will be counted and consumed hardware resources From this reason ACLs with Rate Limit action should be used very carefully since the system maximum rule capacity can be reached if the user for example applies this rule on 240 ports which is less then the capacity of a full 6 unit stack of 48 ports switches 196 Link Building Networks for People Subject to the terms and conditions set forth herein D Link Systems Inc D Link provides this Limited Warranty Only to the person or entity that originally purchased the product from D Link or its authorized reseller or distributor Only for products purchased and delivered w
132. ample https 10 90 90 90 The system supports up to five SSH sessions To enable SSL on the device 1 Click Security gt SSL The SSL ean Settings Page opens ATA fe A UOO ooo000000np LC vo o0 o00000000000000 eoooooo 9999009009000 ES Y A Sr a l Ve wPannaan a TAN mmoao DADAS a 104 e D Link o 7 ee H a a c oan dh a ol a a i a e ess Up Time 2 days 5 10 13 a y Cogged in as administrator admin 192 168 0 100 B Logout bs DGS 3100 48 E Configuration H L2 Features SSL Status O Enabled Disabled H H Qos B Security gt Safeguard Engine E Trusted Host Ciphersuite Status Dr RSA with RC4_128_MD5 Disable USAN RSA with 3DES_EDE_CBC_SHA Disable El HA 802 1X RSA with RC4_40_MD5 Disable gt ES E Ass Access Authentication Col E Monitoring E BACL gt STACKING STATUS Figure 5 8 SSL Configuration Settings Page 136 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The SSL Configuration Settings Page contains the following fields Field Description SSL Status Indicates if SSL is enable on the device The possible field values are Enabled Indicates SSL is enabled on the device Disabled Indicates SSL is disabled on the device This is the default value Ciphersuite Indicates the Ciphersuite The possible field values are RSA with RC4 128 MD5 Combines the RSA key exchange stream cipher RC4 encryption with 128 bit keys and the MD5 Hash A
133. and one for backup Upon software upgrade download the downloaded image file is designated for reboot although users can modify this in the Config Firmware Image page 57 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description An indicates that this image file is used for reboot Version Displays the image file s version number Update Time Displays the time and date which the software was saved to the server Config Firmware Image The Config Firmware Image Page allows users to change each device s image file To change the reboot file 1 Click Configuration gt Dual Image Services gt Config Firmware Image The Config Firmware Image Page opens Building Networks for People fel Save S Tools Stack ID S 3 System Information gt IP Address gt Stacking Settings 3 Port Configuration gt ARP Settings gt User Accounts Image 14 v gt System Log Host T D SNTP Settings 3 SNMP Settings Note The configuration will take place on the next reboot gt DHCP Auto Configuratic 4 Dual Image Services gt Firmware Informati 2 gt Telnet Setting H L2 Features H Qos H Security f Monitoring POS ni STACKING STATUS El Unit E y Figure 2 21 Config Firmware Image Page The Config Firmware Image Page contains the following fields Field Description Unit Defines the stacking member for which the
134. ange then the changes will be applied and occurd after the reboot 30 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Ports e Configuring Port Properties e Viewing Port Properties Configuring Port Properties The Port Setting Page contains parameters for configuring port or LAG properties Gigabit ports operate in full duplex mode only and take on certain characteristics that are different from the other choices listed The copper ports also support auto MDI MDIX for cross over cables To define port parameters 1 Click Configuration gt Port Configuration gt Port Setting The Port Setting Page opens D Link Building Networks for People 00000000000009 ooo 0 112 9 4 95 8 Save Tools 7 i Stack ID E Up Time 2 days 5 10 17 Logged in as administrator admin 192 168 0 1 DGS 3100 48 2 42 Configuration System Information gt IP Address gt Stacking Settings Port Configuration 2 Port Description gt ARP Settings User Accounts gt System Log Host A SNTP Settings f SNMP Settings 33 DHCP Auto Configuratic Dual Image Services gt Telnet Setting GE L2 Features QoS lt i ME STACKING STATUS From Port To Port State Speed Flow Control Learning wjjor wlles w Disabled W auto wi auto v Enabled Enabled Auto Enabled Link Down Enabled Enabled 10M Full Disabled Link Down Enabled Enabled 1
135. antially equivalent or superior in all material respects to the defective Hardware Repaired or replacement hardware will be warranted for the remainder of the original Warranty Period or ninety 90 days whichever is longer and is subject to the same limitations and exclusions If a material defect is incapable of correction or if D Link determines that it is not practical to repair or replace the defective Hardware the actual price paid by the original purchaser for the defective Hardware will be refunded by D Link upon return to D Link of the defective Hardware All Hardware or part thereof that is replaced by D Link or for which the purchase price is refunded shall become the property of D Link upon replacement or refund Limited Software Warranty D Link warrants that the software portion of the product Software will substantially conform to D Link s then current functional specifications for the Software as set forth in the applicable documentation from the date of original retail purchase of the Software for a period of ninety 90 days Software Warranty Period provided that the Software is properly installed on approved hardware and operated as contemplated in its documentation D Link further warrants that during the Software Warranty Period the magnetic media on which D Link delivers the Software will be free of physical defects The customer s sole and exclusive remedy and the entire liability of D Link and its suppliers
136. ape Navigator version 7 0 and higher e Microsoft Internet Explorer version 5 0 e Mozilla Firefox version 2 0 SNMP Based Management The system also supports SNMPv1 SNMPv2c and SNMPv3 The SNMP agent decodes the incoming SNMP messages and replies to requests with MIB objects stored in the database The SNMP agent updates the MIB objects to generate statistics and counters Command Line Console The device also supports device configuration using the Command Line Interface A terminal is connected to device via the serial console port User Guide Overview This section provides an overview to the DGS 3100 series and the DGS 3100 24TG Switch Manual including the guide structure and a chapter overview e Section 1 Getting Started Provides general background for understanding and using the Boot Startup Menu and the Embedded Web System including an explanation of the interface buttons and general system functions e Section 2 Defining the Basic Device Configuration Provides information for viewing system information defining IP addresses managing stacking defining ports configuring SNMP management and defining the system time settings e Section 3 Configuring L2 Features Provides information for enabling and configuring Jumbo frames VLANs Trunks LAGs Traffic Segmentation Multicast forwarding Spanning Tree and LLDP e Section 4 Configuring Quality of Service Provides information for ability to implement Q
137. assigned a PVID but the PVID is not used to make packet forwarding decisions the VID is Tag aware switches must keep a table to relate PVIDs within the switch to VIDs on the network The switch compares the VID of a packet to be transmitted to the VID of the port that is to transmit the packet If the two VIDs are different the switch drops the packet As a result of the existence of the PVID for untagged packets and the VID for tagged packets tag aware and tag unaware network devices can coexist on the same network A switch port can only have one PVID but it can have as many VIDs that the switch s memory storage capacity has in its VLAN table to store them As some devices on a network may be tag unaware a decision must be made at each port on a tag aware device before packets are transmitted Should the packet to be transmitted have a tag or not If the transmitting port is connected to a tag unaware device the packet should be untagged If the transmitting port is connected to a tag aware device the packet should be tagged Tagging and Untagging Every port on an 802 1Q compliant switch can be configured as tagged or untagged Tagging enabled ports put the VID number priority and other VLAN information into the header of all packets that flow into and out of it If a packet has previously been tagged the port does not alter the packet thus keeping the VLAN information intact The VLAN information in the tag is then used by othe
138. ate a Unit ID to each stacking member then all stacking members operate as a stack If the Stack Master is unable to allocate a Unit ID to any stacking member that stacking member is effectively shut down and does not participate in the stack e Stacking members with a conflicting manually set ID are shut down as the Stack Master cannot override the system administrator s Unit ID assignment to resolve the conflict e Jf there are more stacking members than the maximum number allowed in a stack and the incoming stacking members are already in Factory Default mode the Stack Master is elected following Master Discovery and Master Election processes All other stacking members are shut down in some extreme cases due to during the boot process where some stacking members may be connected and join the stack If the new stacking members are already assigned a Unit then the new stacking members cannot join the stack The switches are remains shut down If a stacking member is shut down the stacking members stacking links are inactive Moreover if the stacking members are connected in a chain topology the shut down of one stacking member breaks the chain This may cause other stacking members to be disconnected and shut down if the stacking members have no active link to the Stack Master Unit and Stacking Port Configuration Each stacking member has a Unit ID one of the stacking members is the stack Master and possibly one of the stacking membe
139. ation 7 EI f L2 Features Add Traffic Segmentation gt Jumbo Frame Source Ports 802 10 VLAN Unit o1 From Port ToPon gt GVRP Settings gt Trunking Forwarding Ports SMS u lor gt LACP Port Settings gt IGMP Snooping MLD Snooping gt Port Mirroring Source Ports Forwarding Ports Spanning Tree 44 21 Forwarding 8 Filtering 2 2 31 suo 23 a1 SS 4 47 5 1 E bp Security 558 64 Ed Monitoring EACL ka STACKING STATUS eeeseses sesses an Figure 3 9 Traffic Segmentation Page The Traffic Segmentation Page contains the following fields Field Description Source Ports The port protected by the forwarding port or uplink Unit The stacking member s Unit ID and LAGs on which the source port is located From Port or From LAG The first source port LAG number in a consecutive sequence of ports LAGs To Port The last source port LAG number in a consecutive sequence of ports LAGs Forwarding Ports The uplink that protects the specified source port This port s forwarding decisions overwrite the source port s forwarding settings Unit The stacking member s Unit ID and LAGs on which the forwarding port is located Port or LAG The forwarding port LAG number 2 Define the Source and Forwarding Ports 3 Click Add The new traffic forwarding definition appears in the Traffic Segmentation table and the device is updated To delete
140. ats E Trusted Host QuietPeriod 0 65535 60 sec SuppTimeout 1 65535 30 sec Port Security ServerTimeout 1 65535 30 sec MaxReg 1 10 2 times 3 Guest VLAN 3 i z B f 802 1X TxPeriod 1 65535 30 sec ReAuthPeriod 300 4294967295 3600 sec E31 902 1X Setting ReAuthEnabled Enabled Control ForceAuthorized U er e A Unit From Port To Port Mode Forwardin f A rr se 5 01 x 02 y 02 x MAC Base Y p ssH P Access Authentication B Monitoring H List acl pa 3 R Supp Server ReAuth ReAuth lt ii gt Unit Port Control TxPeriod Quiet Period Teneo neat MaxReq Period Enabled Mode STAGKING STATUS 4 168 Auto 30 60 30 30 2 3600 Disabled PortBase Pr A cress BE 1 4 2 Forceauthorized 30 60 30 30 2 3600 Disabled MAC MES SULRREEE ae Base gt 1 13 ForceUnauthorized 30 60 30 30 2 3600 Enabled PortBase E SERS E 1 1 4 Auto 30 60 30 30 2 3600 Disabled PortBase Tessesesa saasisss seesasii H 1 1 5 Auto 30 60 30 30 2 3600 Disabled PortBase Paii SORES 1 16 Auto 30 60 30 30 2 3600 Disabled PortBase E 1 T Auto 30 60 30 30 2 3600 Disabled PortBase E 1 1 8 Auto 30 60 30 30 2 3600 Disabled _ PortBase vw 6 The last step on Security gt 802 1X gt 802 1X Setting page should be setting the port control to Auto this will complete the setting of MAC Authentication for the required ports D Link ESS Link for TTT TTT AAA Building Networks for People leal or
141. ault 00 00 00 00 00 02 1 02 Dynamic Figure 6 15 MAC Address Table Page The MAC Address Table Page contains the following fields Field Description Unit Displays the Stacking member Unit 1 for which the MAC address parameters are displayed Port Defines the port for which the MAC address parameters are displayed VLAN Name Defines the VLAN for which the MAC address parameters are displayed MAC Address Displays the MAC address assigned to the port or VLAN VID Displays the VLAN ID to which the MAC address is assigned Type Indicates how the MAC was assigned The possible values are Dynamic Indicates that the MAC address is dynamically created Static Indicates the MAC address is a static IP address 2 Select the Stacking member in the Unit field 3 Define the Port VLAN Name and MAC Address fields 164 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 4 Click Find To view all entries click View All Entry To clear static entries click Clear Static Entries To clear dynamic entries click Clear Dynamic Entries To clear all entries click Clear All Entry The MAC Address Table updates and displays total entries To scroll down the table click Next To scroll up the table click Back 165 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing System Log The System Log Page provid
142. auna AoctynHb Ha MHTepHeT calTe D Link D Link npegoctaBnaet OecnnatHyto noAgepxkky ANA KNNEHTOB B TeyeHue rapaHTuMHoro cpoka KnueHTbI MOFryT OOPaTUTECA B rpynny TexHuyecko NODAEpXKN D Link no Teneqbouy nnn 4epe3 MHTepHer TexHuvueckaa noggepxka D Link 495 744 00 99 TexHnyeckan noAAaepxka wepes VHTepHer http www dlink ru e mail support dlink ru D Link Building Networks for People 222 Asistencia T cnica D Link Latin Am rica pone a disposici n de sus clientes especificaciones documentaci n y software mas reciente a trav s de nuestro Sitio Web www dlinkla com El servicio de soporte t cnico tiene presencia en numerosos pa ses de la Regi n Latino Am rica y presta asistencia gratuita a todos los clientes de D Link en forma telef nica e internet a trav s de la casilla soporte dlinkla com Soporte T cnico Help Desk Argentina TTel fono 0800 12235465 Lunes a Viernes 09 00 am a 22 00 pm Soporte T cnico Help Desk Chile Tel fono 800 8 35465 Lunes a Viernes 08 00 am a 21 00 pm Soporte T cnico Help Desk Colombia Tel fono 01800 9525465 Lunes a Viernes 07 00 am a 20 00 pm Soporte T cnico Help Desk Ecuador Tel fono 1800 035465 Lunes a Viernes 07 00 am a 20 00 pm Soporte T cnico Help Desk El Salvador Tel fono 800 6335 Lunes a Viernes 06 00 am a 19 00 pm Soporte T cnico Help Desk Guatemala Tel fono 1800 8350255 Lunes a Viernes 06 00 am a 19 00 pm Soporte T cnico Help Desk Panama Tel
143. b group e The Master Discovery Master Election and Unit ID Allocation amp Duplicate Unit ID Conflict Resolution processes are performed resulting in the following Any configuration information stored by Stack Master which remained in the group that is relevant to the stacking members remains unchanged Topology information inter stacking member forwarding information for transmitting traffic to any other stacking member managed by the Stack Master includes only stacking members that remain connected after the stack is divided The divided stack continues to operates normally the only difference is there are less stacking members than prior to the stack division No Unit ID changes are performed in each divided stack The Stack Master notifies the system administrator using SYSLOG messages and SNMP traps of the removed stacking members In addition the Stack Master also notifies the system administrator whichd ports belong to unreachable stacking members and are reported as Not Present e Either the Stack Master or the Backup Master remain in the divided group 26 DGS 3100 Series Gigabit Stackable Managed Switch User Manual If the Stack Master remains in this sub group the behavior is the same as described above If the Backup Master remains in this sub group the behavior is the same as described in0 Replacing a Failed Stack Master NOTE If a stack is divided into two parts with one section which c
144. bai P O Box 500376 Office 103 Building 3 Dubai Internet City Dubai United Arab Emirates TEL 97 1 4 3916480 FAX 971 4 3908881 URL www dlink me com Turkey Cayazaya Maslak Yolu S A Kat 5 Istanbul Turkey TEL 0212 289 5659 FAX 0212 289 7606 URL www dlink com tr Iran Unit 6 No 39 6th Alley Sanaei St Karimkhan Ave Tehran IRAN TEL 9821 8882 2613 FAX 9821 8883 5492 Pakistan Office 311 Business Avenue Main Shahrah e Faisal Karachi Pakistan TEL 92 21 4548158 4548310 FAX 92 21 4535103 Egypt 47 El Merghany street Heliopolis Cairo Egypt TEL 202 2919035 202 2919047 FAX 202 2919051 URL www dlink me com Israel 11 Hamanofim Street Ackerstein Towers Regus Business Center P O B 2148 Hertzelia Pituach 46120 Israel TEL 972 9 9715700 FAX 972 9 9715601 URL www dlink co il Latin America Av Vitacura 2939 floor 6th Las Condes Santiago RM Chile TEL 56 2 5838 950 FAX 56 2 5838 952 URL www dlinkla com Brazil Av das Nacoes Unidas 11857 14 andar cj 141 142 Brooklin Novo Sao Paulo SP Brazil CEP 04578 000 Zip Code TEL 55 11 21859300 FAX 55 11 21859322 URL www dlinkbrasil com br South Africa Einstein Park II Block B 102 106 Witch Hazel Avenue First Floor Block B Einstein Park II Highveld Techno Park Centurion Gauteng Republic of South Africa TEL 27 12 665 2165 FAX 27 12 665 2186 URL www d link co za Russia Grafsky
145. button a menu for accessing device tools and a menu for Stack ID 4 Zoom View Presents a graphical near real time image of the front panel of the Switch This area displays DGS 3100 Series Gigabit Stackable Managed Switch User Manual View Description the Switch s ports and expansion modules showing port activity duplex mode or flow control depending on the specified mode Various areas of the graphic can be selected for performing management functions including port configuration 5 Device Provides access to the device logout and provides information about the Safe Guard mode Application Buttons currently enabled on the device 6 Stacking Status Provides a graphic representation of the stacking links and ports status View Table 1 2 Main Areas DGS 3100 Series Gigabit Stackable Managed Switch User Manual Using the Tool Menu The tool menu contains menu options for e Displaying the Stack Status e Locating Devices e Backing up and Restoring Configuration Files e Resetting the Device e Downloading the Firmware e Rebooting the System Displaying the Stack Status The Stacking Information Page provides specific information for stacked devices For more information regarding the stacking setup see Managing Stacking section Locating Devices The Device Locator Page enables locating system devices by activating LED locators To locate devices i Tools 1 Click gt De
146. cast group is accepting members This results in the creation of the Multicast filtering database IGMP Snooping configuration page supports also IGMP Querier 1 Click L2 Features gt IGMP Snooping The IGMP Snooping Page opens Ms a OOU 12 om ns 2 a 7468 sane pum cc Mila ala al 428 ll E ds ds ds E o ons coe PRP SEPT SERVES m Up Time 2 days 510713 Logged in as administrator admin 192 168 0 100 MAT w Diink 9090900009090000 00 Powe Casse Building Networks tor People TPE E fm Save Tools Stack ID DGS 3100 48 E Configuration E H L2 Features IGMP Global Setting iR iiho rom IGMP Snooping Enabled Disabled 2 802 10 VLAN gt GVRP Settings Trunking gt Traffic Segmentation 33 LACP Port Settings VLAN ID The VLAN Setting of IGMP snooping VLAN Leave Host Router Querier StaticRouter Multicast Entry State Querier State Ports Setting Table Name Timer TimeoutTimeout Version nt R amp D1 10 Disabled Disabled MLD Snooping gt Port Mirroring R amp D2 10 Enabled Enabled Spanning Tree R amp D3 10 Disabled Disabled Forwarding amp Filtering R amp D4 10 Enabled Enabled LLDP E Eaa s R amp D5 10 Disabled Disabled E Security R amp D6 10 Enabled Enabled E 3 Monitoring R amp D7 10 Disabled Disabled a g ac ha R amp D8 10 Enabled Enabled STACKING STATUS z A R amp D9 10 Disabled Disabled R amp D10 10 Enabled Enabled Next Figure 3 11 IGMP Snoo
147. cates the port for which the router port settings are displayed Ports have the following settings S Indicates a static port D Indicates a dynamic port F Indicates a forbidden port 2 Define the VID field 3 Click PPP The selected ports appear on the selected VLAN 160 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Session Table The Browse Session Table Page displays information regarding device sessions which were initiated by system Users To view session table information 1 Click Monitoring gt Browse Session Table The Browse Session Table Page opens Building Networks for People a a O OMMM Save Tools Y Stack ID y Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 10 o H Security E G Monitoring 3 Stacking Information S CPU Utilization gt Port Utilization Packet Size E H Packets 5 Admin gt Received RX UMB_cast RX Transmitted Tx RADIUS Authentication Browse ARP Table gt Browse MLD Router Pc Browse Router Port Eee 3 IGMP Snooping Group MLD Snooping Group gt MAC Address Table amp ID User Privilege STAGKING STATUS Figure 6 12 Browse Session Table Page The Browse Session Table Page contains the following fields Field Description ID Displays the browse session table entry From Indicates the type of interface from wh
148. cates the stacking member for which the LLDP dot3 TLV port settings are defined From Port Defines the first port in a consecutive sequence of ports To Port Defines last port in a consecutive sequence of ports MAC PHY Configuration Status Specifies whether the MAC PHY Configuration Status is enabled on the port The possible field values are Enabled Enables the MAC PHY Configuration Status on the port Disabled Disables the MAC PHY Configuration Status on the port 2 Define the Unit From Port To Port and MAC PHY Configuration Status fields 3 Click _ _Apply The LLDP Dot3 TLV settings are defined and the device is updated 101 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing LLDP Local Port Information The LLDP Local Port Brief Page displays LLDP local port information 1 Click L2 Features gt LLDP gt LLDP Local Port Brief The LLDP Local Port Brief Page opens oon Soros D Link ERA pra aaa ana anna eo AI Peal ls el EET Save Tools Stack ID E X Up Time 2 days 5 70 13 Logged in as administrator admin 192168 0 100 Woaout Building Networks for People 33 Traffic Segmentation LACP Port Settings gt IGMP Snooping E s Ai MLD Snooping NS gt Port Mirroring P Spanning Tree Forwarding amp Filtering Port ID Subtype Port Description f LoP Local RMON Port 1 on Unit 1 LLOP Global Settinc Local RMON Port 1 on Unit 1 LLOP Port Setting RMON Port 1 on Unit 1
149. ce is updated 68 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring GVRP GVRP timers need to be in the default values on all Layer 2 connected devices If the GVRP timers are set differently on the Layer 2 connected devices the GVRP application does not operate successfully GARP VLAN Registration Protocol GVRP is specifically provided for automatic distribution of VLAN membership information between VLAN aware bridges GVRP allows VLAN aware bridges to automatically learn VLANs to bridge port mapping without requiring the individual configuration of each bridge and register VLAN membership To define GVRP on the device 1 Click L2 Features gt GVRP cia ade The GVRP Setting Page opens D Link Building Networks for People mu ua Save Tools Stack ID E se DGS 3100 48 E f Configuration gt Jumbo Frame O Enabled gt 802 10 VLAN Trunking Unit Traffic Segmentation LACP Port Settings IGMP Snooping MLD Snooping 3 Port Mirroring Spanning Tree i Forwarding amp Filtering BLLDP H Q0S f Security Monitoring ACL STACKING STATUS 69 es ee es ee ee eS DIMK929290 9900000009000 CM oe 12 Features GVRP Global Setting Disabled From Port To Port Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled Disabled rl luis PVID GVRP Ingress En
150. cking Settings The Stacking Settings Page opens 90600 SOUS UES SUS USSSSS Dimk 299999099999999 rx ON ws Up Time 2 days 5 10 13 Te Logged in as administrator admin 192 168 0 100 ma Note Stacking master can only be chosen from unit 1 or unit 2 Ifyou choose unit 1 as master then unit 2 will automatically be backup master and vice versa Stacking Master O Unit1 Ounit2 Current Stack ID New Stack ID after reset Figure 2 4 Stacking Settings Page The Stacking Settings Page contains the following fields Field Description Stacking Master Defines the stacking member with either stacking ID of 1 or 2 as the Stacking Master The possible field values are Unit 1 Defines the member with the Unit ID 1 as the Stacking Master if unit ID 2 will be selected unit ID 1 will be reboot and ID 2 will become stack master Unit 2 Defines the member with the Unit ID 2 as the Stacking Master if unit ID 1 will be selected unit ID 2 will be reboot and ID 1 will become stack master Current Stack ID Displays the Stacking Member ID that the new Unit ID will replace after the device is rboot New Stack ID after Defines the unit ID assigned to the Stacking Member after the device rboot reset 2 Select the Stacking Master in the Stacking Master field 3 Select a Unit ID in the New Stack ID after reboot field 4 Click Apply If force master was selected then current master will be rebooted If unit ID was ch
151. cription Forwarding EAP Specifies whether forwarding of EAP packets is enabled on the device The possible field values are Enabled Enables forwarding of EAP packets Disabled Disables forwarding of EAP packets This is the default 2 Define the EAP packet forwarding status in the Forwarding EAP field 3 Click Ay The EAP packet forwarding status is defined and the device is updated 135 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Secure Socket Layer Security Secure Socket Layer SSL is a security feature that provides a secure communication path between a host and client through the use of authentication digital signatures and encryption These security functions are implemented using a Ciphersuite which is a security string that determines the exact cryptographic parameters specific encryption algorithms and key sizes used for authentication sessions and that consists of e Key Exchange Cyphersuite strings specify the public key algorithm used This switch utilizes the Rivest Shamir Adleman RSA public key algorithm This is the first authentication process between client and host as they exchange keys in looking for a match and therefore authentication to be accepted to negotiate encryptions on the following level e Encryption The second part of the ciphersuite that includes the encryption used for encrypting the messages sent between client and host The Switch support
152. crypts SNMP messages 2 Define the Group Name Read View Name Write View Name and Notify View Name fields 3 Select a security model from the Security Model list 4 Click MN The SNMP groups are defined and the device is updated To delete a Group Name from the SNMP Group Table Page List 1 Select a Group Name 2 Click Delete The Group Name is deleted and the device is updated 48 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Users The SNMP User Table Page enables assigning system users to SNMP groups and defining the user authentication method To assign system users 1 Click Configuration gt SNMP Settings gt SNMP User Table The SNMP User Table Page opens UA D Link EES S E AAA RAS LS A i i e i Save Tools Stack ID Up Time 2 days 51073 Logged in as administrator admin 192 168 0100 Mati 0GS 3100 48 B f Configuration 2 System Information Add User gt IP Address User Name y za Stacking Settings 3 Port Configuration Group Name public w x ARP Settings SNMP V3 Encryption None eg dm Auth Protocol by aa Password 4 SNTP Settings f SNMP Settings Auth Protocol by Key Key Confirm SNMP View Table 1 Key E gt SNMP Group Table SNMP Community T SNMP Host Table z List SNMP Engine ID A gt SNMP Trap Configu Y User Name Group Name SNMP Version Auth Protocol HE gt test public v3 None STACKING STATU
153. d shall extend for an additional ninety 90 days after any repaired or replaced Hardware is delivered If a material defect is incapable of correction or if D Link determines in its sole discretion that it is not practical to repair or replace the defective Hardware the price paid by the original purchaser for the defective Hardware will be refunded by D Link upon return to D Link of the defective Hardware All Hardware or part thereof that is replaced by D Link or for which the purchase price is refunded shall become the property of D Link upon replacement or refund Limited Software Warranty D Link warrants that the software portion of the product Software will substantially conform to D Link s then current functional specifications for the Software as set forth in the applicable documentation from the date of original delivery of the Software for a period of ninety 90 days Warranty Period if the Software is properly installed on approved hardware and operated as contemplated in its documentation D Link further warrants that during the Warranty Period the magnetic media on which D Link delivers the Software will be free of physical defects D Link s sole obligation shall be to replace the non conforming Software or defective media with software that substantially conforms to D Link s functional specifications for the Software Except as otherwise agreed by 200 D Link in writing the replacement Software is pro
154. d the device is updated 56 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Dual Image Services The device contains two software images in its flash memory one is for reboot and the other one is for backup When a software download is successfully completed the new image automatically becomes the new reboot file unless the user manually configures the other file to be active In a stacked system the user can define the active image file for every unit in the stack When the user is downloading a new image it will always be downloaded to the location of the second image It means that if imagel is the currently running image the new firmware will be always downloaded as image2 nothing else will happened untill the next reboot By default the newly downloaded image will be marked as the next image which will run after the reboot However the user can identify the next image which will run after reboot by viewing the page Dual Image Services Firmware Information and change the next image that will run after reboot if user config the page Dual Image Services Config Firmware Image This feature includes two screens e Firmware InformationConfig Firmware Image Firmware Information The Firmware Information Page contains information about the image files stored for the device or in case of a stacked system for all devices in the stack To view the list of device images e Click Configuration gt Dual Im
155. ddress range into the Generate Mask by range fields and click Calculate The mask is generated 4 Click Create The ACL profile is added and the device is updated To define L3 ICMP ACL profile Click the ICMP button The ACL Profile L3 ACL ICMP Page updates to show the following 1 DGS 3100 48 El 3 Configuration H P L2 Features j QoS H Security E Monitoring B f ACL 3 ACL Configuration Wizard gt ACL Finder Time Range Setting STACKING STATUS Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 Margon Select Frame Type Orc 0 OL3ACL ICMP You can select the field in the packet to create filtering mask x L2 Header IPv4 DSCP IPv4 Address ICMP CI ICMP Type C ICMP Code Figure 8 12 ACL Profile L3 ACL ICMP Page The ACL Profile L3 ACL ICMP Page contains the following fields Field Description ICMP Type Sets the ICMP Type field as an essential field to match ICMP Code Sets the ICMP code field as an essential field to match 2 Select the ICMP Type and or ICMP Code fields 3 Click Create The ACL profile is added and the device is updated To define L3 IGMP ACL profile This option defines whether or not the IGMP field is checked for a match 181 DGS 3100 Series Gigabit Stackable Managed Switch User Manual If L3 ACL IGMP is selected the page updates as follows wreenpees eo coe eees ooo HH 2
156. depends upon the assigned weight For weighted round robin queuing if each CoS queue has the same weight value then each CoS queue has an equal opportunity to send packets just like round robin queuing For weighted round robin queuing if the weight for a CoS is set to 0 then it will stop processing the packets from this CoS The other CoS queues that have been given a nonzero value and depending upon the weight will follow a common weighted round robin scheme Strict Priority should be configured at higher class than WRR If the user configures WRR at least two queues should be configured as WRR Remember that the DGS 3100 series has four priority queues and eight Classes of Service for each port on the Switch This section contains the following topics 111 Defining Bandwidth Settings Configuring Storm Control Mapping Ports to Packet Priorities Mapping Priority to Classes Queues Configuring QoS Scheduling Mechanism Defining Multi Layer CoS Settings DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Bandwidth Settings The Bandwidth Control Page allows network managers to define the bandwidth settings for a specified interface 1 Click QoS gt Bandwidth Control The Bandwidth Control Page opens Building Networks for People ere EE Tools Stack ID 1 ai AS gt gt i ini y in E Configuration H B L2 Features Unit From Port To Port No Limit Rate 3500 1000000 Bff Qos Tor e for
157. dge E Jumbo Frame O Auto E BPDU 3 802 10 VLAN vfo v 48 True Global v True y Enabled v gt GVRP Settings F i E a gt Trunking gt Traffic Segmentation 3 LACP Port Settings soa Snooping 4 AUTO 20000 TEE Global Disable ee AUTO 20000 AUTONES Enabled Disable Disable ag A AUTO 20000 AUTONES Enabled Global Enable Loge cet AUTO 20000 AUTONES Enabled Enable Enable STP sila Global gt e AUTO 20000 AUTONES Enabled Global Disable MST Comunion E AUTO 20000 AUTONES Enabled Enable Enable gt MSTP Port Informat E AUTO 20000 E IO NC AUTO YES Enabled Global Enable Forwarding amp Fitering Y S AUTO 20000 AUTONES Enabled Disable Disable lt gt AUTO 20000 AUTONES Enabled Enable Enable STACKING STATUS E AUTO 20000 AUTO YES Enabled Enable Enable F LT T G E AUTO 20000 AUTONES Enabled Global Disable AUTO 20000 AUTONES Enabled Enable Enable Pasissssa SUSEERE siisii EEN LA TEETY worereee me E AUTO 20000 AUTONES Enabled Enable Enable css aerea ca say AUTO 20000 AUTONES Enabled Disable Disable pr py AUTO 20000 AUTONES Enabled Global Enable Erns oe AUTO 20000 AUTO NYES Enabled Global Disable Psscsssss CASARES SAALERES t 2 a rro seno SEUEEEES Baca P2P State Figure 3 17 STP Port Settings Page The STP Port Settings Page contains the following fields Field Description Unit
158. dge Protocol Data Units BPDU to provide spanning tree information STP BPDUs filtering is useful when a bridge interconnects two regions each region needing a separate spanning tree BPDU filtering functions only when STP is disabled either globally or on a single interface The possible field values are Disabled BPDU filtering is enabled on the port Enabled BPDU forwarding is enabled on the port if STP is disabled Global BPDU filtering functions according to the device wide setting see STP Bridge Global Settings Page P2P Indicates whether the selected port is P2P is enabled The possible field values are True Indicates a point to point P2P link P2P ports transition to a forwarding state rapidly thus benefiting from RSTP False Indicates that the port cannot have P2P status Auto Allows the port to have P2P status whenever possible and operate as if the P2P status were true A port that operates in full duplex is assumed to be point to point while a half duplex port is considered as a shared port If the port cannot maintain this status for example if the port is forced to half duplex operation the P2P status changes to operate as if the P2P value were False The default setting is Auto State Set to enable or disable STP for the selected group of ports The default is Enabled The port STP State overrides the STP Global State 2 Define the Unit From Port To Port Cost Edge P2P and State fields
159. down The possible field values are ForceUnauthorized Indicates that either the port control is Force Unauthorized and the port link is down or the port control is Auto but a client has not been authenticated via the port ForceAuthorized Indicates that the port control is Forced Authorized and clients have full port access Auto Indicates that the port control is Auto and at least single client or single MAC has been authenticated via the port Unit Indicate the stacking member for which the 802 1X parameters are defined From Port Indicates the first port for which the 802 1 X parameters are defined To Port Indicates the last port for which the 802 1 X parameters are defined Mode Indicates the 802 1X mode enabled on the device The possible field values are Port Base Enables 802 1X on ports This is the default value MAC Base Enables 802 1X on MAC addresses 2 Enable or disable the 802 1X status in the 802 1X field 3 Define the Mode field MAC Base for MAC Authentication 4 In the 802 1X Port Access Control section define the time fields 5 Set the ReAuthEnabled field and the Control fields 6 Set the values in the Unit From Port and To Port fields 7 Click The MAC Authentication is configured and the device is updated In order to activate MAC Based Authentication the user should first enable 802 1X globally on the switch Then the user should define the port s that needs to be configured for MAC Authentica
160. e 47 Defining SN MP Users ibi es 49 Defining SNMP Communities eta taa 51 Defining SNMP Host Table omar iia 52 Define SNMP EnginelD ita iia i 54 Enabling SNMP Traps en o f ra aa aaa Eaa or a aaa Ta ea a aa ara aT EE Ea rE O Ee a TeaTS ELETERE EERE A 55 DHCP Auto CONSUMO A awh E AAEE 56 DualIMase Services esses eee sates aa A aae Ta ae pees aoe ee 57 Pirin ware Informati OM sessar ne oi e e a SEA REE ea AREE EERTSE 57 Confie Firmware mage iien etae r e e a alles 58 Telnet Seting erini itn tics n riada ante aaa Rae Ada wo Ma aT ae E o aa ae Sie aes 59 CONFIGURING L2 FEATURES 0 covccccscticeccceoccdenceteteceseecevesstticees e A Taaa Aea aaa 60 Enabling Jumbo Frames irasi iraro tendon a topa 61 Configuring VEA NSsocio snm rl lic srl 62 Understanding IEEE 802 Tp Priority i ss5 scis sbescssnsasetetessesenpescidseusbeocasbestbaseyenssaspsosdestvebsnsscnscesasgysbsaasepioabessestecbesasonge 62 VEAN Descriptions emi A Aa 62 Notes about VLANs on the DGS 3100 Series ooooconococcnonocnconcnnconononononononnonnnncn eii Nean eias k on nono none conan non NERE RSE ais Ee iiis 62 IFEE 802 IQ VLAN S en E E a id AURA a A EENE Eae ae 62 80210 VEAN Tasa ta 64 Port VEAN Dicc a a Oil heh ala ae 65 Tagging and Ut MSc A ee eee 65 Ingress Fla a 65 Default VEAN S scien ia talas osito all pci ro 66 VLAN and Trunk Groups i sc ssssescisssceshsasseusestestesssscsouceseessvesscsaunsesdestpasvassonesceassnsben spanscdsctyabapsuouscadssebsbasspoveeetesevcte
161. e Defining LLDP Port Settings e Defining LLDP Basic TLV Settings e Defining LLDP Dot3 TLV Settings e Viewing LLDP Local Port Information e Viewing LLDP Remote Port Information Defining LLDP Global Settings The LLDP Global Setting Page displays LLDP system information and contains parameters for configuring LLDP global settings 1 Click L2 Features gt LLDP gt LLDP Global Setting The LLDP Global Setting Page opens Building Networks for People one owe PPR TETEE Epy DES 318048 Save Tools 7 Stack ID Up Time 2 days 5 10 13 Togged in as administrator admin 192 168 0 100 mm 802 10 VLAN gt GVRP Settings Trunking 2 Traffic Segmentation gt LACP Port Settings BB cue Snooping LLDP Forward Status O Enabled Disabled MLD Snooping Port Mirroring l Spanning Tree Message TX Interval 5 32768 gt oo Filtering Message TX Hold Multiplier 2 10 LLDP Status O Enabled O Disabled LLOP Global Setting LLDP TX Delay 1 8192 3 LLDP Port Setting es A HETA LLDP Reinit Delay 1 10 LLDP Dot3 TLVS S gt LLDP Local Port Bri lt n EAS v Chassis ID Subtype MACADDRESS r gt Chassis ID 00 FF FF 34 FF FF System Name Switch System Description Stackable Ethernet Switch System Capabilities Bridge Figure 3 16 LLDP Global Setting Page The LLDP Global Setting Page contains the following fields 97 DGS 3100 Series Gigabit Stackable Managed Switch
162. e Managed Switch User Manual Viewing MLD Router Ports The Browse MLD Router Port Page displays which ports are connected to MLD routers A port can be connected to an MLD router either as a static port or as a dynamic port or forbidden port 1 Click Monitoring gt Browse MLD Router Port The Browse MLD Router Port Page opens Building Networks for People sense dl oe q A IN Tools m StackID 1 Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 10 E eee H Security E Monitoring Stacking Information 3 3 CPU Utilization gt Port Utilization Packet Size E H Packets Received RX Port gt UMB_cast RX Unit 01 03 OF 09 3E 43 45 1H 9 21 23725 2f 29 3 3 35 NY 39 486 43 45 AF TransmittediTX 02 04 08 10 12 u O E W 2 M 2B B H A WH WB A Y 646 4B RADIUS Authentication 01 So tS IS DD by IO O O O gt Browse ARP Table s Ss D D gt ERRE o2 D DD Browse Router Port Browse Session Table 03 gt IGMP Snooping Group MLD Snooping Group 04 gt MAC Address Table Y rm amp 05 STACKING STATUS 06 Note S Static Router Port D Dynamic Router Port F Forbidden Router Port Figure 6 10 Browse MLD Router Port Page The Browse MLD Router Port Page contains the following fields Field Description VID Indicates the VLAN identification Unit Indicates the stacking member for which the router ports information is displaying Port Indicates the port for which the router
163. e PoE Port Setting Page contains the following fields Fields Description Unit Indicates the stacking member for which the PoE settings are displayed From Port Indicates from which port the PoE settings are applied To Port Indicates to which port the PoE settings are applied PoE Enable Indicates if PoE is enabled on the interface The possible field values are Enabled Enables PoE on the interface Disabled Disables PoE on the interface This is the default value Power Limit Indicates the maximum amount of power available to the interface The field value is displayed in Watts If the Power Limit checkbox is left unchecked the amount of power assigned is determined according to the class which is read from the powered device If checked the user can enter the Power Limit value thus overriding the value defined by the Powered device Class Power W Indicates the amount of power assigned to the powered device connected to the selected interface Voltage W Indicates the amount of voltage assigned to the powered device connected to the selected interface Current mA Indicates the amount of power assigned to the provided powered device Classification Indicates Power consumption classification of the powered device The possible field values are Class 0 Indicates the power consumption is 15 4W which is the maximum output class Class 1 Indicates the power consumption is 4W
164. e Session Table 2 IGMP Snooping Group 2 MIN Snonnina ae v STACKING STATUS L Unitipacketsec aaasesaa aaaaaika sassaaii Time Interval 1s v Record Number Show Hide IV Bytes Y Packets Figure 6 5 Received RX Page The Received RX Page contains the following fields Field Description Unit Displays the stacking member for which the transmitted packet statistics are displayed Port Indicates the port for which the received packets parameters are displayed Bytes Indicates the total number of bytes that were received on the port Packets Indicates the total number of packets that were received on the port Time Interval Indicates the time interval for which the received packets are displayed The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Indicates the transmitted record number Show Hide Displays the bytes packets received information The possible fields are Bytes checked Checked displays the total amount of received bytes Packets checked Checked displays the total amount of received packets 153 2 Define the Unit and Port fields 3 Click Apply to load the defined parameters Define the Time Interval and Record Number fields 5 Click APP The selected RX packet analysis is displayed DGS 3100 Series Gigabit Stackable Managed Switch User Manual 6 Define the Show Hide field 7 To view the graph as a table click
165. e following prompt is displayed Downloading code using XMODEM When using HyperTerminal click Transfer on the HyperTerminal menu bar From the Transfer menu click Send File The Send File window is displayed Enter the file path for the file to be downloaded REA Ensure the protocol is defined as Xmodem 6 Click Send The software is downloaded Software downloading takes several minutes The terminal emulation application such as HyperTerminal may display the progress of the loading process After software downloads the device reboots automatically Refer to the Set Terminal Baud Rate section to define the Terminal Baud Rate Set Terminal Baud Rate Use the Set Terminal Baud Rate option to define the Baud Rate The Baud Rate is the serial bit rate used to communicate with the management host The Baud Rates values are 2400 4800 9600 19200 38400 The default Baud Rate value is 9600 To set the terminal Baud Rate 1 On the Startup menu press 2 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The following prompt is displayed Set new device Baud rate _ 2 Press Enter to apply changes Defining Stacking Units Use the Stack menu option to display the current stack unit ID list and define an alternative unit ID stack membership number Unit ID 0 is allocated for auto numbering which is the factory default Refer to Managing Stacking for further reference To acc
166. e members of the VLAN Any port can be configured as either tagged or untagged The untagging feature of IEEE 802 1Q VLANs allows VLANs to work with legacy switches that don t recognize VLAN tags in packet headers The tagging feature allows VLANs to span multiple 802 1Q compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally The IEEE 802 1Q standard restricts the forwarding of untagged packets to the VLAN in which the receiving port is a member The main characteristics of IEEE 802 1Q are as follows e Assigns packets to VLANs by filtering e Assumes the presence of a single global spanning tree e Uses an explicit tagging scheme with one level tagging e 802 1Q VLAN Packet Forwarding Packet forwarding decisions are made based upon the following three types of rules e Ingress rules rules relevant to the classification of received packets belonging to a VLAN e Forwarding rules between ports decides whether to filter or forward the packet e Egress rules determines if the packet must be sent tagged or untagged 802 1Q Packet Forwarding Tagging or Untoagging Figure 3 2 IEEE 802 1Q Packet Forwarding 63 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 802 1Q VLAN Tags The figure below shows the 802 1Q VLAN tag There are four additional octets inserted after the source MAC address Their presence is indicated by a value of 0x8100 in
167. e switch are affected The priority queuing system is especially beneficial for networks that employ priority tag assignment capable switches VLAN Description A Virtual Local Area Network VLAN is a network topology configured according to a logical scheme rather than the physical layout VLANs can be used to combine any collection of LAN segments into an autonomous user group that appears as a single LAN VLANs also logically segment the network into different broadcast domains so that packets are forwarded only between ports within the VLAN Typically a VLAN corresponds to a particular subnet although not necessarily VLANs can enhance performance by conserving bandwidth and improve security by limiting traffic to specific domains A VLAN is a collection of end nodes grouped by logic instead of physical location End nodes that frequently communicate with each other are assigned to the same VLAN regardless of where they are physically on the network Logically a VLAN can be equated to a broadcast domain because broadcast packets are forwarded to only members of the VLAN on which the broadcast was initiated Notes about VLANs on the DGS 3100 Series No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership packets cannot cross VLANs without a network device performing a routing function between the VLANs The DGS 3100 series supports IEEE 802 1Q VLANs The port untagging function can be used to rem
168. earned on that port up to the point when it is locked When a packet is received on a locked port and the packet source MAC address is not tied to that port either it was learned on a different port or it is unknown to the system the protection mechanism is invoked and can provide various options Unauthorized packets arriving at a locked port are either e Discarded with no trap e Discarded with a trap Locked port security also enables storing a list of MAC addresses in the configuration file The MAC address list can be restored after the device has been reset To define port security 1 Click Security gt Port Security The Port Security Page opens SSPD a5 7 on Diink 9 E 92292330 aaa ana e D 0 E d en 00000000 eoooo PPP BRTAARUNR DADA DA sane Stee Serer PSF FETT m MEA Tools stackio MR Up Time 2 days 5 10 ie Logged in as administrator admin 192 168 0 100 E JE gt DGS 3100 48 Lu 0 5 A O Salenuercies E Configuration H L2 Features Unit From Port To Port Admin State Max Addr 0 64 GB os 01 x 01 w 01 x Disabled 0 ES Security e x oe Note If Max Addr is configured to 0 Classic Lock will be applied on the port 2 gt Guest VLAN E 802 1X Unit 1 Settings SSL Port Admin State Max Learning Addr A 4 SSH Ta Disabled 0 Access Authentication Coi 1 2 Disabled 5 El Monitoring 4 3 Disabled 10 ca HAC 1 4 Disabled 15 5 Disabled 20 F 1 6 Disabled 25 17
169. ed Switch User Manual Managing Stacking Stacking enhances network flexibility by building virtual switches with more ports then are available in a single device Stacks are managed by stacking member which called Stack Master All other stacking members serve as ports only The following paragraphs provide a stacking explanation for DGS 3100 series and include the following topics e Managing Stacking Modes e Advanced Stacking e Building Stacks Quick Start e Stack Management Examples e Configuring Stacking Managing Stacking Modes A switch operates in the following modes NOTE The DGS 3100 series family stacking connections have two HX ports e Stacking Switches operating in Stack mode run as organized group of switches known as a Stack A stack consists of one Stack Master a Backup Master and up to four Stack Member Switches However in specific scenarios a single unit can be considered a Stack of One A Stack of One is a single unit which is not connected to any other stacking members If the unit is reset to the factory defaults the unit is reloaded in stacking Auto Numbering mode Advanced Stacking This section provides information for understanding advanced stacking concepts including e Unit ID and how they are allocated e Stacking member start up process This section contains the following topics e Allocating Unit IDs e Assigning Unit IDs Allocating Unit IDs Switches are shipped from the factory without
170. em car is 12 Using the Web System Component aiaeei a nea ete E rae EE able T E E E E E E E SNe 13 CONFIGURING BASIC CONFIGURATION cccccccocccccoconcccccinncccnnnncnnnnnnnnnnnnne crecer 14 Viewing Device Information iii ps 15 Defining Systeri Informati n imitan 17 Definmg P AdE SE S T a a a haiti notin chet E ese A E ES 18 IES O ao Eea aE E a Eaa e Ea E EEEo ae anor EESE ORE EIRE 19 Managing Stacking Modest 19 AGvanced Stacking et id ls 19 Stack Startup PLOCeS 8 2 accscas ts cuvess A svicuses nados G onene ensuites ce sebavscacvadys ENESE doce Nidia EEEE SE OEVER EE VAE OESTE dci odisea 21 Building Stacks Quick Start Ai 03 sinc bes eee bale ba 23 Stack Management Examples cocida lcd deis aaa EEE ecos IA a 24 Configuring Stackine ira A 30 Defining Ports uma Aaa 31 Configurmg Port Properties tica oa et 31 Viewing Port AA iad stes nseneneoste bsbuecphtatis Gash porasncobesptscstessdpestat sys seve pseddesyhseseastiiatse tashbdsvease nse 33 ARP Settings tocados talibanes ears 34 Confisurme User ACCOUNTS sx secs ex oseere er rap EER Ee E se RES a EEE EEEo eae E Ei eeey cb pauses ae EE a Meese AG 35 Manage System Lots iu lia 37 Confistrme SNTP se joists eau ian Mil aoe Sa Aide ie Ate ete bei hashes 39 Configuring Daylight Savings TimMer senesine eniin 00h tees Savio ss woes ence das A Ot AEE aiken aes 41 Conf stir SNMP sists See tal aid 45 Definine SNMP Vie WS usaras bisbal Sie dci he 46 Detinme SNMP Groups n n an a Sine a
171. en assigned to a specific port To find ACL rules 1 Click ACL gt ACL Finder The ACL Finder Page opens oo o esse gt E 2 E Building Networks tor People hl Save Tools Stack ID gt Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0100 porra Logout bs DGS 3100 48 f Configuration H 8 L2 Features E Ps ACL rule finder helps you identlly any rule has been assigned to a specific port E Security Profile ID Any Ports E Monitoring Eg ACL Profile ID Access ID Profile Type Summary 3 ACL Configuration Wizard atte Access Profile List M1 1 Etherent Source MAC Destination MAC Ether Type VLAN ID a B 2 IP Source IP TCP Source Port TCP Flag Time Range 3 Time Range Setting STACKING STATUS Figure 8 22 ACL Finder Page The ACL Finder Page contains the following fields Field Description Profile ID list box Defines the Profile ID for the search Ports Indicates the ports or LAGs for which rules are sought Profile ID Indicates the Profile ID Access ID Indicates the ACL rule ID number Profile Type Indicates if the profile is IP or Ethernet Summary Displays the access rule Action Displays the action chosen for the profile 2 Define the Profile ID and Ports fields 3 Click Find The ACL rule is displayed To delete an ACL Profile entry 1 Select the entry 2 Click _ Delete The entry is deleted 3 Click MS The entry is
172. enticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication Method 4 Indicates the fourth method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication 2 Define the Method List Name in the Method List Name field 3 Select the methods used to authenticate network users in the Method 1 Method 2 Method 3 and Method 4 fields 4 Click _ _Apply The Enable method and passwords are defined and the device is updated To edit the Enable Method List click MIMI adjacent to an Enable Method List Name on the list The upper fields display the current values which then can be edited To delete an Enable Method List Name click Delete The Enable Method Lists are defined and the device is updated 146 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Local Enable Password The Configure Local Enable Password Page
173. eriod 300 4294967295 3600 sec 2 1X Setting ReAuthEnabled Enabled v Control ForceAuthorized v U z am e s Unit From Port To Port Mode Forwardin E i S ER o 01 y ot y o1 v PortBase Y f ssH Access Authentication E Monitoring El List H E ac bd z o E Supp Server ReAuth ReAuth lt gt Unit Port Control TxPeriod Quiet Period Timeout Timeout MaxReq Period Enabled Mode 131 STACKING STATUS 1 1 1 Auto 30 60 30 30 2 3600 Disabled PortBasej 4 4 2 Forceauthorized 30 60 30 30 2 3600 Disabled MAC 1 4 3 ForceUnauthorized 30 60 30 30 2 3600 Enabled _ PortBase 1 1 4 Auto 30 60 30 30 2 3600 Disabled PortBase 1 1 5 Auto 30 60 30 30 2 3600 Disabled PortBasej 1 1 6 Auto 30 60 30 30 2 3600 Disabled PortBase 1 17 Auto 30 60 30 30 2 3600 Disabled PortBase 1 1 8 Auto 30 60 30 30 2 3600 Disabled PortBase v DGS 3100 Series Gigabit Stackable Managed Switch User Manual 5 The second step on Security gt 802 1X gt 802 1X Setting page will be configuration of the required ports as MAC Based authentication opposite to Port Based authentication 2990000090098 oo 14421202 ae n D Link ERA 22 A A AAA ons e PRP PPE Fey Bet 318848 DGS 3100 48 Configuration BL Features 802 1X Enabled O Disabled Hs f Security A 3 Safeguard Engine AR es co
174. ers for port authentication The possible field values are First Indicates the RADIUS parameters are defined for the first RADIUS server Second Indicates the RADIUS parameters are defined for the second RADIUS server Third Indicates the RADIUS parameters are defined for the third RADIUS server RADIUS Server Defines the RADIUS server IP addresses The field format is X X X X Authentic Port Identifies the authentication port The authentication port is used to verify the RADIUS server authentication The authenticated port default is 1812 Accounting Port Defines the port used to send Start and Stop authentication messages Information received through the RADIUS Accounting Port is recorded in the RADIUS Authentication Page The default port is 1813 Key Defines the authentication and encryption key for communications between the device and the server This key must match the encryption used on the server Confirm Key Confirms the RADIUS key defined in the Key field 2 Define the RADIUS server to configure in the Succession field 3 Define the RADIUS server IP address in the RADIUS Server field 133 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Define the authentication port in the Authentic Port field Define the accounting port in the Accounting Port field Define the authentication and encryption key in the Key field Reenter the RADIUS Key in the Confirm Key field SO eS
175. es information about system logs including information when the device was booted how the ports are operating when users logged in when sessions timed out as well as other system information To view the System Log Page 1 Click Monitoring gt System Log The System Log Page opens Building Networks tor People lone gt Stacking Information CPU Utilization 3 Port utilization gt Packet Size EM Packets Received RX UMB_cast RX gt Transmitted TX RADIUS Authentication Browse ARP Table Ely iy Browse Router Port Browse Session Table IGMP Snooping Group MLD Snooping Group MAC Address Table gacl gt gt 2 2 ji STACKING STATUS Tools Stack ID Browse MLD Router Pc _ lt i a 1004 i Log Description System started up Port 1 link up 100Mbps Full duplex Successful Login through Console Console session time out Warning 2006 02 23 01 02 03 2006 02 23 01 03 03 2006 02 23 01 04 03 2006 02 23 01 05 03 Figure 6 16 System Log Page The System Log Page contains the following fields Field Description ID Displays the system log table entry Time Displays the time in days hours and minutes the log was entered in the Switch History Log Table Log Description Displays a description event recorded in the System Log Page Severity The following are the available log severity levels Warning The lowest level of a device warning The device is
176. es target port setting The default is Disabled Unit Defines the unit number Target Port Defines the target port Source Port Displays the Sniffer Mode and the source port Source Port Setting Field Description Unit Selects the Unit to be displayed Tx Indicates the transmit stream of data on the port Rx Indicates the receive stream of data on the port 83 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Both Defines the port mirroring on both receiving and transmitting ports None Defines that port mirroring is not applied to the ports 2 Define the Status Unit and Target fields Click Apply to activate the Port Mirroring function Define the Unit Tx and Rx fields under Source Port Setting Click Add to capture the configured Source Ports in order to display them in the Source Port Setting table A 29 84 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Spanning Tree Spanning Tree Protocol STP provides tree topography for any arrangement of bridges as well as providing a single path between end stations on a network thus eliminating loops Loops occur when alternate routes exist between hosts Loops in an extended network can cause bridges to forward traffic indefinitely resulting in increased traffic and reducing network efficiency The device supports the following STP versions Version D
177. escription Classic STP Provides a single path between end stations preventing loops from occurring Rapid STP Detects and uses network topologies that provide faster convergence of the spanning tree without creating forwarding loops Multiple STP Provides various load balancing scenarios For example if port A is blocked in one STP instance the same port can be placed in Forwarding State in another STP instance The STP Bridge Global Settings Page contains parameters for enabling STP on the device This section contains the following topics e Defining Spanning Tree Global Parameters e Defining STP Port Settings e Defining Multiple Spanning Tree Configuration Identification e Defining MSTP Port Information 85 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Spanning Tree Global Parameters While Classic STP prevents Layer 2 forwarding loops in a general network topology convergence can take between 30 60 seconds This time may delay detecting possible loops and propagating status topology changes Rapid Spanning Tree Protocol RSTP detects and uses network topologies that allow a faster STP convergence without creating forwarding loops When STP is enabled Loopback Detection is also enabled Loopback Detection identifies any Loopback BPDUs that the Spanning Tree application receives on a port In this case the device sends a Loopback Detection trap for the port When the condition is resolved
178. ess the stack menu 1 On the Startup menu press 3 The following prompt is displayed Stack menu 1 Show unit stack id 2 Set unit stack id 3 Back Enter your choice or press ESC to exit 2 To display the current unit stack ID list press 1 The following prompt is displayed Stack menu 1 Show unit stack id 2 Set unit stack id 3 Back Enter your choice or press ESC to exit Current working mode is stacking Unit stack id set to 0 Press Enter to Continue 3 To change the unit ID stack membership number press 2 The following prompt is displayed Stack menu 1 Show unit stack id 2 Set unit stack id 3 Back Enter your choice or press ESC to exit Enter unit stack id 0 6 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Using the Web Based User Interface This section contains information on starting the D Link Embedded Web Interface To access the D Link user interface 1 Open an Internet browser Ensure that pop up blockers are disabled If pop up blockers are enabled edit add and device information messages may not open 2 Enter the device IP address in the address bar and press Enter The user interface provides access to various switch configuration and management windows allows you to view performance statistics and permits you to graphically monitor the system status The screen
179. essage Authentication Code HMAC mechanism utilizing the RSA encryption algorithm HMAC DSA Supports the Hash for Message Authentication Code HMAC Digital Signature Algorithm DSA encryption algorithm Data Integrity Algorithm Validates message authentication information transmitted between two parties which share the same key The following Data Integrity Algorithms are supported HMAC SHA Supports the Hash for Message Authentication Code HMAC Secure Hash Algorithm SHA mechanism HMAC MD3 Supports the Hash for Message Authentication Code HMAC MD5 Message Digest MD5 mechanism Encryption Algorithm Generates authentication keys used to authenticate communications between different applications The following Encryption Algorithms are supported 3DES CBC Supports a block size of 8 bytes 64 bits its key size is 192 bits long The first 8 bytes cannot be identical to the second 8 bytes and the second 8 bytes cannot be identical to the third 8 bytes AES128 Provides a block cipher that encrypts and decrypts digital information The AES128 algorithm is capable of using cryptographic 128 keys AES192 Provides a block cipher that encrypts and decrypts digital information The AES192 algorithm is capable of using cryptographic 192 keys AES256 Provides a block cipher that encrypts and decrypts digital information The AES256 algorithm is capable of using cryptographic 256 k
180. et setting on the device is updated 59 DGS 3100 Series Gigabit Stackable Managed Switch User Manual CONFIGURING L2 FEATURES This section contains information for enabling and configuring L2 Features This section contains the following topics Enabling Jumbo Frames Configuring VLANs Configuring GVRP Defining Trunking Traffic Segmentation Configuring LACP Defining IGMP Snooping Defining MLD Snooping Configuring Port Mirroring Configuring Spanning Tree Defining Forwarding and Filtering Configuring LLDP 60 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Enabling Jumbo Frames Jumbo Frame support is designed to enhance Ethernet networking throughput and significantly reduce the CPU utilization of large file transfers like large multimedia files or large data files by enabling more efficient larger payloads per packet The Jumbo Frame Page allows network managers to enable Jumbo Frames on the device 1 Click L2 Features gt Jumbo Frame The Jumbo Frame Page opens Sos ob BSE USEESEEES D Link pumu 292229292229229 ARETE eee ee ee ee ETET prete ir dh e ali cl oe A a ana ls ei es e e a a ree A A lA O Save Tools Y Stack ID E Up Time 2 days 5 013 Cogged in as administrator admin 192 168 0 10 0GS 3100 48 E Configuration ES L2 Features a JumboFrame OEnabled Disabled A 802 10 VLAN GVRP Settings gt Trunking Note This configuration will take place after next reboot The maximum size
181. ettings gt Trunking 3 Traffic Segmentation 3 LACP Port Settings IGMP Snooping MLD Snooping gt Port Mirroring E Spanning Tree Forwarding amp Filtering E G LLDP LLDP Global Settinc LLDP Port Setting gt LLDP Basic TLVS E LLDP Dot3 TLVS St LLDP Local Port Bri JP Remote Port H aos M ABean jij gt STACKING STATUS v E ETT T ____ _ _ A l n 6 Click to return to return to the LLDP Remote Port Normal Page or mo EE ee 3100 48 EA S EE Auto Negotiation Enable Enabled Auto Negotiation Advertised Capability 1000BASE T full duplex mode Auto Negotiation Operational MAU Type Unknown Figure 3 26 LLDP Remote Misc Detail Information Page 7 To view the detailed information for unknown TLVs for the entry click Show Detail The LLDP Remote Unknown D Link Building Networks for People gt GVRP Settings gt Trunking gt Traffic Segmentation 3 LACP Port Settings gt IGMP Snooping MLD Snooping gt Port Mirroring Spanning Tree l Forwarding amp Filtering f LLDP LLDP Global Settinc LLDP Port Setting 3 LLDP Basic TLVS LLDP Dot3 TLVS S LLOP Local Port Bri ELLOP Remote Port EH Qos TH Aomori lt ill STACKING STATUS Figure 3 27 LLDP Remote Unknown TLVs Detailed Information Page 107 tl snan lt Tools 7 Stack ID i Up Time 2 days 5 10 13 Logged in as administrator admin 1
182. eue whereas Class 3 is the highest 2 Define the queuing priority for 00 07 in the Class ID fields 3 Click Apply The User priority tags are assigned to classes and the device is updated 116 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring QoS Scheduling Mechanism The QoS Scheduling Mechanism Page contains fields for defining the QoS scheduling forwarding scheme To define the QoS scheduling mechanism 1 Click QoS gt QoS Scheduling Mechanism The QoS Scheduling Mechanism Page opens 0000 SOT rs Building Networks tor People Save Tools 7 Stack ID Up Time 2 days SOs Logged in as administrator admin 192 168 0 100 egon DGS 3100 48 E Configuration H H L2 Features E H QoS Class ID Mechanism Weight Bandwidth Control Class 0 strict ST c A raffic Control Class 1 strict 802 1p Default Priority gt 802 1p User Priority Class 2 l strict ama Scheduling Mechanis Class 3 strict gt Multi Layer CoS Setting i Apply H Security E Monitoring Note When mixing Strict and WRR mode Strict mode should be configured at hgher class E HACL a STAGKING STATUB Figure 4 6 QoS Scheduling Mechanism Page The QoS Scheduling Mechanism Page contains the following fields Field Description Class ID Indicates the Class queue for which the scheduling method is defined Mechanism Defines the QoS class queue scheduling method The p
183. ew Name Defines a Read Only view The Read Only view management access is restricted to read only and changes cannot be made to the assigned SNMP view The possible values are Community View TestReadView PWrite View Private View Write View Name Defines a Write view The Management view access is read write and changes can be made to the assigned SNMP view The possible values are Community View TestReadView PWrite View Private View 47 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Notify View Name Defines a Notify view The Notify view sends traps for the assigned SNMP view This is applicable for SNMPv3 only The possible values are Community View TestReadView PWrite View PrivateView Security Model Defines the SNMP version attached to the group The possible field values are SNMPv1 Defines SNMPv1 as the security model for the group SNMPv2 Defines SNMPv2 as the security model for the group SNMPv3 Defines SNMPv3 as the security model for the group Security Level Defines the security level attached to the group Security levels apply to SNMPv3 only The possible field values are NoAuthNoPriv Defines that neither the Authentication nor the Privacy security levels are assigned to the group AuthNoPriv Authenticates SNMP messages and ensures that the SNMP message s origin is authenticated AuthPriv En
184. eys RC4 Supports a cipher with an up to 2048 bits key size DGS 3100 Series Gigabit Stackable Managed Switch User Manual All algorithms are enabled by default To enable SSH Algorithms 1 Click Security gt Building Networks for People SSH gt SSH eres Settings The SSH Algorithm Settings Page opens Ma HIS OS i DGS 3100 48 E Configuration BH L2 Features m f aos B Security gt Safeguard Engine A Trusted Host gt Port Security Guest VLAN 802 1X a SSL SSH SSH Configuration SSH Algorithm Settings Access Authentication Coi f Monitoring E HACL lt amp STACKING STATUS Public key O Enabled Disabled Public Key Algorithm Data Integrity Algorithm MD5 Encryption Algorithm 3DES 3DES CBC RC4 Figure 5 90 SSH Algorithm Settings Page The SSH Algorithm Settings Page contains the following fields Field Description Public key Indicates Publickey SSH User Authentication enabled on the device The possible field values are Enabled Enables Publickey SSH User Authentication on the device Disable Disables Publickey SSH User Authentication on the device Disable is the default value Public Key Algorithm Displays the currently enabled Public Key Algorithms Data Integrity Algorithm Displays the currently enabled Data Integrity Algorithms Encryption Algorithm Displays the currently enabled Encryption Algorithms 2
185. f bodily injury electrical shock fire and damage to the equipment observe the following precautions Do not service any product except as explained in your system documentation Opening or removing covers that are marked with the triangular symbol with a lightning bolt may expose you to electrical shock Only a trained service technician should service components inside these compartments If any of the following conditions occur unplug the product from the electrical outlet and replace the part or contact your trained service provider The power cable extension cable or plug is damaged An object has fallen into the product The product has been exposed to water The product has been dropped or damaged The product does not operate correctly when you follow the operating instructions Keep your system away from radiators and heat sources Also do not block the cooling vents Do not spill food or liquids on your system components and never operate the product in a wet environment If the system gets wet see the appropriate section in your troubleshooting guide or contact your trained service provider Do not push any objects into the openings of your system Doing so can cause a fire or an electric shock by shorting out interior components Use the product only with approved equipment Allow the product to cool before removing covers or touching internal components Operate the product only from the type of ex
186. ffic Segmentation 04 Static 3 LACP Port Settings 05 Static 3 IGMP Snooping 06 Static MLD Snooping Up Time 2 days 51073 Logged in as administrator admin 192 168 0 m a Edit Edit Edit Edit Edit Edit Edit Edit Edit Edit ea ea ea 113 M o ais in is o 4 e ear o ear ea e o sis ls ea o ear O K3 Note maximum 8 ports in static group and 16 ports in LACP group gt Port Mirrorin Be n 08 Static f Spanning Tree i H 3 Forwarding amp Filtering 09 Static LLDP 10 Static H Qos 11 Static f Security 3 Monitoring ACL v SCARE STATUS Edit Trunking Information Unit 01 y Port Group ID TO OAT R O BM AD 96 A e 010 20 24 22 23 24 C A S O O L S N O O A O O a 34 35 36 37 38 39 40 41 42 43 44 45 46 47 43 a a E E E a S E E a a E E a a Figure 3 8 Trunking Configuration Page The Trunking Configuration Page contains the following fields lt Field Description Unit Defines the stacking member s Unit ID for which LAG parameters are displayed Group ID Displays the LAG number Type Defines the LAG type The possible field values are Static The LAG is static LACP is disabled on the LAG This is the default value LACP LACP is enabled on the device Ports Displays the ports which are included in the LAG 2 Select a stacking unit in the Unit field 3
187. fication actions and rules for specific ingress ports Packets entering an ingress port with an active ACL are either admitted denied or subject to Quality of Service action For example a network administrator defines an ACL rule that states port number 20 can receive TCP packets however if a UDP packet is received the packet is dropped Access Profiles and Access Rules that are made of the filters determine traffic classifications This section cotains the following topics e Defining Time Ranges e ACL Configuration Wizard e Defining Access Profile Lists e Defining Access Rules Lists e Finding ACL Rules e Defining Time Ranges 171 DGS 3100 Series Gigabit Stackable Managed Switch User Manual ACL Configuration Wizard The ACL Configuration Wizard Page provides information for configuring Access Control Lists The ACL Configuration Wizard Page assists in configuring ACLs intuitively and quickly and creates ACL profiles and rules automatically To define ACLs 1 Click ACL gt ACL Configuration Wizard The ACL a Wizard Page opens eoo00 oo an Eg 7 oo BS PARRA PAPAS Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 E D Logout 0GS 3100 48 E Configuration H P L2 Features w Qos E 3 Security E H Monitoring Ep ac EACL Configuration Wizard Access Profile List 2 ACL Finder 3 Time Range Setting Service Type Any Acion Permit Ports
188. field values are Enabled Enables Ingress filtering on the device Ingress filtering compares an incoming VID tag packet with the PVID number assigned to the port If the PVIDs vary the port drops the packet This is the default value Disabled Disables Ingress filtering on the device Acceptable Frame Defines the packet type accepted on the port The possible field values are Type Admit Tagged Only Only tagged packets are accepted on the port Admit All Both tagged and untagged packets are accepted on the port This is the default value Select a stacking member in the Unit field Select the ports to and from which the GVRP parameters are displayed in the From To Port fields Define the PVID GVRP Ingress and Acceptable Frame Type fields Click Apply The GVRP is enabled and the device is updated wp amp 70 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Trunking The Trunking Configuration Page contains information for assigning ports to LAGs and defining LAG parameters To assign ports to LAGs 1 D Link Building Networks for People ra Save DGS 3100 48 E Configuration WHARE DEERE EEA ors coe PPR Peery FEF FEES DES 3180 48 an NS Tools Y Stack ID a EMO L2 Features Trunking list gt Jumbo Frame gt 802 10 VLAN 1 8 1 9 1 10 GVRP Settings 02 Static 1 11 1 12 1 13 1 14 1 15 1 16 F 03 LACP 4 17 1 18 1 19 3 Tra
189. fields Field Description Time Interval Indicates the how often the RADIUS authentication session information is updated The various time intervals are 15 30 60 no refresh Server Displays the RADIUS server IP address UDP Port Displays the UDP port through which the RADIUS session was initiated Timeouts Indicates the number of session timeouts that occurred during the authentication session Requests Indicates the amount of times the port requested an authentication session Challenges Indicates the amount of times the port was challenged during an authentication session Accepts Indicates the amount of authentication sessions initiated by the port which were accepted Rejects Indicates the amount of authentication sessions initiated by the port which were rejected 157 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing ARP Table The Browse ARP Table Page provides information regarding ARP VLANs including which IP address was mapped to what MAC address To view the ARP table 1 Click Monitoring gt Browse ARP Table The Browse ARP Table Page opens 0000 ob SUS SEES ss oo e 3 5 2u 2229292 Dink 9 22922222 Ei PS aos Ss a Bada PAI PPP E Save Tools Stack ID B Up Time 2 days 5 10 17 Logged in as administrator admin 192 168 0100 E Emy Logout A 4 Security E Monitoring Stacking Information 7 Clear All All CPU Uti
190. fine the new value 6 Click Apply The Multiple Spanning Tree Configuration Identification is defined and the device is updated Defining MSTP Port Information Network Administrators can assign MSTP Interface settings in the MSTI Config Information Page To define MSTP interface settings 1 Click L2 Features gt Spanning Tree gt MSTP Port Information The MSTI Config Information Page opens o 000000000000 00 DADA OO 4 2 gt DGS 3100 48 E B Configuration E H L2 Features Jumbo Frame o1 x 802 10 VLAN gt GVRP Settings Trunking Edit MSTI Port Setting 3 Traffic Segmentation Instance ID LACP Port Settings IGMP Snooping Internal Path Cost MLD Snooping Port Mirroring 5 Spanning Tree gt STP Bridge Global Sett gt STP Port Settings gt MST Configuration Ider ESTMSTP Port Information Msti Designated Bridge Internal Path Cost Priority Status Forwarding 8 Filtering Disabled por Disabled Designated Boos Disabled Designated tk Disabled Designated J Monitoring aci Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Disabled Designated Priority m gt STAGKING STATUS ortonrwn Figure 3 19 MSTI Config Information Page The MSTI Config Information Page contains the following fields
191. fined and the device is updated 54 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Enabling SNMP Traps The SNMP Configuration Trap Page contains parameters for defining SNMP notification parameters To enable SNMP notifications To enable SNMP Traps 1 Click Configuration gt SNMP Settings gt SNMP Trap Configuration The SVMP Configuration Trap Page opens ee o 3 TPFONR we 7 D Link A eo A EE EEES Cae Save Tools Y r Stack ID E y Up Time 2 days 5 1017 LEE EUR E AAA a Logout System Information gt IP Address 3 Stacking Settings 3 Port Configuration SE gt ARP Settings SNMP Traps Enable x gt User Accounts System Log Host l B SNTP Settings E H SNMP Settings SNMP View Table SNMP Group Table SNMP User Table gt SNMP Community T SNMP Host Table pe A ae ID 2 DHCP Auto Configuratii Dual Image Services 2 Teint Cattinn il gt STACKING STATUB SNMP Authentication Traps Enable x Figure 2 18 SNMP Configuration Trap Page The SNMP Configuration Trap Page contains the following fields Field Description SNMP Traps Specifies whether the device can send SNMP notifications The possible field values are Enable Enables SNMP notifications This is the default value Disable Disables SNMP notifications SNMP Authentication Specifies whether the device can send traps upon authentication failure notification Traps E
192. fono 00800 0525465 Lunes a Viernes 07 00 am a 20 00 pm Soporte T cnico Help Desk Costa Rica Tel fono 0800 0521478 Lunes a Viernes 06 00 am a 19 00 pm Soporte T cnico Help Desk Peru Tel fono 0800 00968 Lunes a Viernes 07 00 am a 20 00 pm Soporte T cnico Help Desk M xico Tel fono 001 800 123 3201 Lunes a Viernes 06 00 am a 19 00 D Link 223 Building Networks for People Suporte T cnico Voc pode encontrar atualiza es de software e documenta o de usuario no site da D Link Brasil www dlinkbrasil com br A D Link fornece suporte t cnico gratuito para clientes no Brasil durante o per odo de vig ncia da garantia deste produto Suporte T cnico para clientes no Brasil Telefone S o Paulo 11 2185 9301 Segunda sexta Das 8h30 s 18h30 Demais Regides do Brasil 0800 70 24 104 E mail e mail suporte dlinkbrasil com br D Link Building Networks for People 224 225 D Link RAR ABA Aa 5312 Bal RERA SES RAY E mtaa GS THEA Py Dosa PA gt SSBB EAS RD ink 8 103413245 LEB HGS gt D Link Sf SFR saa Se 0800 002 615 RISE AGA gt E 43 30 8 _ 9 00 ao Ara Ee A 4 YE http www dlink com tw SF BBE dssqa_service dlink com tw NRE Bt LIAR gt AS BOL ink BUD EH DA EKIM ES NLA BY 4B al Sz TE ARIS gt BEAR gt AEREA gt SSL MURAT http www dlink com tw Emig AS Bike Be E SAI ICA RATIH D Link Building Networks for People Dukungan Teknis Update perang
193. for People 218 219 Texvikh YTTroOT pISN Mnopeite va Bpeite software updates kal nAnpopopiec yia TN XENON Tv Npol VTwWV OTIC lOTOOEAIOEG TNG D Link H D Link npoo pe orouc neAdTEG TNG wpeav UNOOTNpPIEn oTov EAAddIKO XwWpo Mnop ite va EniKolvWVEITE HE TO TUNA TEXVIKAG UNOOTNPIENS HEOW TNG loTODEAIOaG n HEOW TNAEMWvoU lia neAaTEG EvTOG Tou EAMadgIKO xwpou TnAepovikrn unootnpi n D Link Tn 210 86 11 114 Dag 210 86 53 172 Ageut pa Napaokeun 09 00 17 00 e mail support dlink gr Texvikr unootnpi n D Link p ow Internet http www dlink qr ftp ftp dlink it D Link Building Networks for People Technical Support You can find software updates and user documentation on the D Link website Tech Support for customers in Australia Tel 1300 766 868 Monday to Friday 8 00am to 8 00pm EST Saturday 9 00am to 1 00pm EST http www dlink com au e mail support dlink com au India Tel 1800 222 002 Monday to Friday 9 30AM to 7 00PM http www dlink co in support productsupport aspx Indonesia Malaysia Singapore and Thailand Tel 62 21 5731610 Indonesia Tel 1800 882 880 Malaysia Tel 65 66229355 Singapore Tel 66 2 719 8978 9 Thailand Monday to Friday 9 00am to 6 00pm http www dlink com sg support e mail support dlink com sg Korea Tel 82 2 890 5496 Monday to Friday 9 00am to 6 00pm http www d link co kr e mail lee d link co kr New Zealand Tel 0800 900 900 Monday
194. formation Backup ID gt CPU Utilization gt Port utilization gt Packet Size H Packets Model name Runtime version HW version gt RADIUS Authentication DGS 3100 1 00 001 gt Browse ARP Table DGS 3100 1 00 001 gt Browse MLD Router Pc DGS 3100 1 00 001 gt Browse Router Port DGS 3100 41 00 0014 gt Browse Session Table DGS 3100 1 00 001 IGMP Snooping Group DGS 3100 41 00 0014 gt MLD Snooping Group 3 MAC Address Table 3 System Log H B AacL v lt ME STAGKING STATUS Figure 6 1 Stacking Information Page The Stacking Information Page contains the following fields Field Description Master ID Displays the Stacking Master Unit ID number unit ID 1 or 2 Backup ID Displays the Backup Master Unit ID number unit ID 1 or 2 Box ID Displays the Unit ID numbers assigned to the stacking members Runtime version Indicates the software version running on the device H W version Displays the stacking member s hardware version 149 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing CPU Utilization The CPU Utilization Page contains information about the system s CPU utilization 1 Click Monitoring gt CPU Utilization The CPU Utilization Page opens B p Monitoring gt Stacking Information 2 3 Port Utilization gt Packet Size H Packets RADIUS Authentication gt Browse ARP Table gt Browse MLD Router Pc gt Browse Router Port
195. forms Unit ID Allocation and Conflict Resolution process Ifthe new stacking member is in the Factory Default mode the new stacking member is assigned the lowest available Unit ID by the Stack Master It is strongly recommended that Auto Assign mode is used to assign the Unit ID The Auto Assign mode provides better stack resiliency Ifthe new stacking member already has an assigned Unit ID and that Unit ID is unused in the current stack the incoming stacking member is assigned Unit ID The Stack Master applies any device configuration to the new stacking member Ifthe new stacking member already has an assigned Unit ID and that UnitID conflicts with an existing Unit ID the Stack Master reallocates a new Unit ID to the new stacking member The lowest available Unit ID is applied to the new stacking member This occurs only if new stacking member does not have a manually assigned Unit ID which the Stack Master cannot change If the new stacking member cannot be assigned an available Unit ID then the new stacking member is effectively shut down and cannot join stack For example if stacking member replacement that can only occur if the new stacking member has a manually assigned Unit ID e The Stack Master performs Unit and Stacking Port Configuration for the new stacking member e Any configuration information the Stack Master retains that is relevant to the Unit ID of the new stacking member is applied If the new stacking membe
196. g What Is Not Covered The Limited Warranty provided herein by D Link does not cover Products that in D Link s judgment have been subjected to abuse accident alteration modification tampering negligence misuse faulty installation lack of reasonable care repair or service in any way that is not contemplated in the documentation for the product or if the model or serial number has been altered tampered with defaced or removed Initial installation installation and removal of the product for repair and shipping costs Operational adjustments covered in the operating manual for the product and normal maintenance Damage that occurs in shipment due to act of God failures due to power surge and cosmetic damage Any hardware software firmware or other products or services provided by anyone other than D Link and Products that have been purchased from inventory clearance or liquidation sales or other sales in which D Link the sellers or the liquidators expressly disclaim their warranty obligation pertaining to the product While necessary maintenance or repairs on your Product can be performed by any company we recommend that you use only an Authorized D Link Service Office Improper or incorrectly performed maintenance or repair voids this Limited Warranty Disclaimer of Other Warranties EXCEPT FOR THE LIMITED WARRANTY SPECIFIED HEREIN THE PRODUCT IS PROVIDED AS IS WITHOUT ANY WARRANTY OF ANY KIND WHATSOEVER INCLUDING WITHOUT L
197. g a dynamic MAC address from which no traffic arrives for a set period is erased To prevent static MAC addresses from being deleted when the device is reset ensure that the port attached to the MAC address is locked 1 Click Monitoring gt MAC Address Table The MAC Address Table Page opens A 1013 Logged in as administrator admin 192 168 0 100 o Security 2 Monitoring Stacking information gt CPU Utilization gt Port utilization gt Packet Size VLAN Name EJ p Packets gt Received RX gt UMB_cast RX MAC Address Transmitted TX RADIUS Authentication gt Browse ARP Table Browse MLO Router Pc Browse Router Port Browse Session Table IGMP Snooping Group MLD Snooping Group Clear Static Entries j Clear Dynamic Entries View All Entry J Clear All Entry J Total Entries 256 MAC Address Table VID VLAN Name default 00 00 00 00 00 01 MAC Address Type 02 Dynamic ok 4 2 default 00 00 00 00 00 FE 02 Dynamic ro ary a wz 3 default 00 00 0C 07 AC 01 1 02 Dynamic lt a 4 default 00 00 21 12 13 F5 1 02 Dynamic STAGKING STATUS 5 default 00 02 03 2F 12 34 4 02 Dynamic pe a 6 default 00 02 B3 1C 50 85 1 02 Dynamic iria ii a E 7 default 00 02 B3 CA 5D EB 11 02 Static 8 default 00 03 2F 25 7E DD 1 02 Dynamic 9 default 00 03 2F 2E 98 66 4 02 Dynamic 10 def
198. g Tree Protocol RSTP globally on the switch MSTP Sets the Multiple Spanning Tree Protocol MSTP globally on the switch Forwarding BPDU Bridges use Bridge Protocol Data Units BPDU to provide spanning tree information STP BPDUs filtering is useful when a bridge interconnects two regions each region needing a separate spanning tree BPDU filtering functions only when STP is disabled either globally or on a single interface The possible values are Enabled Allows the forwarding of STP BPDU packets from other network devices Disabled BPDU forwarding is disabled on the device This is the default value 86 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Bridge Priority 0 65535 Specifies the selected spanning tree instance device priority The field range is 0 65535 The default value is 32768 Bridge Max Age 6 40 Set to ensure old information is not circulated endlessly through redundant paths in the network preventing the effective propagation of the new information Set by the Root Bridge this value aids in determining that the switch has spanning tree configuration values consistent with other devices on the bridged LAN If the value ages out and a BPDU has still not been received from the Root Bridge the switch will start sending its own BPDU to all other switches for permission to become the Root Bridge If your switch has the lowest Bridge Ide
199. ge updates to show the following a x Dimxeoceoooooosooe oo ooo 2 9020 ooo AAA o000000 ya 711 911 000 vw PURANBAT BARN DW MMMM 3 Dlink seyret tt ett AA ZA PPP PPP TT gt Uptime days 5 1013 Logged in as administrator admin 192 168 0100 DGS 3100 48 Configuration 5 Tm res Select Frame Type f Securty OL2ACL El Monitoring O L3ACL ICMP v ac CL Configuration Wizard You can select the field in the packet to create filtering mask A Finder L2 Header IPv4 DSCP 3 Time Range Setting IPv4 Address C Source IP Mask C Destination IP Mask STACKING STATUS Figure 8 11 ACL Profile L3 ACL ICMP IPv4 Address Page 180 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The ACL Profile L3 ACL ICMP IPv4 Address Page contains the following fields Field Description Source IP Mask Defines the range of source IP addresses relevant to the ACL rules O ignore 1 check For example to set 176 212 XX XX use mask 255 255 0 0 Destination IP Mask Defines the range of destination IP addresses relevant to the ACL rules O ignore 1 check For example to set 176 212 XX XX use mask 255 255 0 0 Select Source IP Alternatively click Mask and or Destination IP Mask The Mask Generate button is active Enter an IP mask in the box adjacent to the Mask Generate button Mask Generate The Generate Mask by range fields appear Enter an IP a
200. guring and managing system logs defining the system time and configuring SNMP system management This section contains the following topics Viewing Device Information Defining System Information Defining IP Addresses Managing Stacking Defining Ports ARP Settings Configuring User Accounts Managing System Logs Configuring SNTP Configuring SNMP DHCP Auto Configuration Dual Image Services Telnet Setting 14 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Device Information The Device Information Page contains parameters for configuring general device information including the system name location and contact the system MAC Address System Up Time and MAC addresses and both software boot and hardware versions In addition the Device Information Page provides shortcuts to device feature pages To define the general system information e Click DGS 3100 xx in the Tree View The Device Information Page opens 2 DGS 2100 48 E Configuration H H L2 Features m Qos H Security E 3 Monitoring E GBACL STACKING STATUS Device Information Device Type System Contact System Name System Location Firmware Version Hardware Version Serial Number System Time System Up Time Boot version Device Status and Quick Configurations Time Source 802 1D Spanning Tree DHCP Client Safeguard Engine SNMP Trap SSL GVRP Setting Telnet Setting DGS 3100 Gigabit Ethernet Switch Peter
201. he System Log Host Page contains the following fields Field Description Index Defines syslog host index 1 out of 4 Severity Defines the minimum severity from which warning logs are sent to the server There are two levels warning high and informational low Warning The device is functioning but an operational problem has occurred Informational Provides device information through system logs All Sends system logs for all levels of system logs Server IP Displays the IP address of the Log Server Host Facility Defines an application from which system logs are sent to the remote server Only one facility can be assigned to a single server If a second facility level is assigned the first facility is overridden UDP Port 514 or 1 65535 Defines the UDP port to which the server logs are sent The possible range is 1 65535 The default value is 514 2 Define the Index Severity Server IP Facility and UDP Port fields 3 Click Apply 37 The System Log Host is defined and the device is updated DGS 3100 Series Gigabit Stackable Managed Switch User Manual To delete a log entry 1 Select the entry 2 Click Delete The entry is deleted and the device is updated 38 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring SNTP The device supports the Simple Network Time Protocol SNTP SNTP assures accurate network device clock time synchronization u
202. he User Accounts Page To define user account information 1 Click Configuration gt User Accounts The User Accounts Page opens D Link IAE use sae Dink MATA i one PFT PCF Seg TP E BE3 3100 41 Save N Tools Stack ID En v Up Time 2 days e073 Logged in as administrator admin 192 168 0 100 ogo DGS 3100 48 E G Configuration gt System Information Add User Accounts a z Stacking Settings E wo Port Configuration Access Right Admin Confirm New Password gt aq ARP Settings Note PasswordiUser Name should be up to 15 characters 3 System Log Host E SNTP Settings El f SNMP Settings DHCP Auto Configuratic User List ff Dual Image Services Access Right Password Confirm Password gt Telnet Setting Admin H L2 Features User Edit Delete m QoS F User Edit Delete H Security i 5 Edit Delet El 3 Monitorin Y Admin z meg lt i a i User Edit Delete STACKING STATUS Operator Edit Delete wuauyayy Es mers Operator e Edit Delete Note If you only want to edit the account name or access right without modify the original password please keep the password column in blank when editing Figure 2 8 User Accounts Page The User Accounts Page contains the following fields Field Description User Name Defines the user name The user name can contain up to 15 characters New Password Defines the password assigned to the user account
203. he possible field values are Enabled Enables an IGMP Querier on the VLAN Disabled Disables an IGMP Querier on the VLAN Querier Version Defines the IGMP Querier version on the VLAN The possible field values are IGMPv2 and IGMPv3 Unit Defines the unit number Static Router Ports Defines the port numbers which can be added as static router ports Ports Indicates the units and allocated ports as static router ports Dynamic Router Ports Displays the port numbers which was learned as dynamic router ports Forbidden Router Ports Defines the ports to be added as forbidden router ports Ports Indicates the units and port numbers defined as forbidden router ports 3 Define the Leave Timer Host Timeout Router Timeout State Querier State Querier Version Static Dynamic and Forbidden Router Ports fields 4 Click Apply IGMP Snooping and Static Router Port Settings are defined and the device is updated 78 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining MLD Snooping Multicast Listener Discovery MLD Snooping performs the same function for IPv6 multicast routers as IGMP Snooping does for IPv4 multicast routers The device supports two versions of MLD Snooping MLDvl Snooping detects MLDv1 control packets and sets up traffic bridging based on IPv6 destination multicast addresses MLDv1 is equivalent to IGMPv2 MLDv2 Snooping use
204. ication click Delete adjacent to the relevant IP Address on the list The Authentication Server settings are defined and the device is updated Defining Login Methods Network users must first login to the device on the Login Method Lists Page Access as non administrative users is granted To configure the device as a Network Administrator the user must also log on to the device on the Enable Method Lists Page User authentication occurs in the order the methods are selected If the first authentication method is not available the next selected method is used For example if the selected authentication method is RADIUS Local and the RADIUS server is not available the user is authenticated locally To define the user only login method 1 Click Security gt Access Authentication Control gt Login Method Lists The Login Method Lists Page opens 9000 oo 99 0000009000000000 7 VN RPRNARAMHBBAT BDH NW SS Too Diink 9 9 mn oe eee eT TT Sos a i A a pa pta odiada VIII WU E DGS 3100 48 H Configuration i L2 Features Method List Name Method 3 z wl ES s Method 1 v Method 4 i i Eer Method 2 y 3 Safeguard Engine Trusted Host 3 Port Security a Method1 Method2 Method3 Method 4 sq http_method_list Local z z fe SSH https_method_list Local E H Access Authentication default Local 5 Application Authen Login_Method_1 RADIUS Authentication Sen
205. ich the system session was initiated User Privilege Indicates the user privileged assigned to the user who imitated the system session Name Displays the name of the user that initiated the system session 161 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing IGMP Group Information The IGMP Snooping Group Page contains vital IGMP group information including the Multicast Group IP address and the corresponding MAC address through which the IGMP packets passed 1 Click Monitoring gt IGMP Snooping Group The IGMP Snooping Group Page opens 0000 ob SUSE SEEEESSE ooo o00o0oo 222 DADADADAMS vim gt s Ei Canaan Sees AAA E III PI VPPTPPIE a Save Tools Stack ID B v Up Time 2 days 5 10 13 LEE EUR admin 192 168 0 10 DGS 3100 48 f8 Configuration H L2 Features VID 01 w VLANName R8 amp D1 m oos gt i E P Security 7 1 Monitoring IGMP Snooping Table 3 Stacking Information VLAN Name R amp D1 a CE Multicast Group 224 0 0 1 w 3 Port Utilization gt Packet Size MAC Address 00 00 AC 15 21 A6 f Packets RADIUS Authentication Browse ARP Table Unit 01 03 05 35 37 3 Browse MLD Router Pc 02 04 6 36 38 gt Browse Router Port Browse Session Table eal GMP Snooping Group MLD Snooping Group fi gt STACKING STATUS Figure 6 13 IGMP Snooping Group Page The IGMP Snooping Group Page contains the following fields
206. ick Show Normal The LLDP Remote Port Normal wise is displayed RP 0990990099999999 78 12D 4 s Building Networks for People Save Tools 7 i Stack ID E TPP Up Time days 5 Time days 510 73 Logged in as administrator admin 192 168 0 1 p A 802 1Q VLAN gt GVRP Settings gt Trunking gt Traffic Segmentation gt LACP Port Settings gt IGMP Snooping 2 MLD Snooping Chassis ID Subtype MACADDRESS gt Port Mirroring Chassis ID 00 01 02 03 04 01 A Spanning Tree Port ID Subtype LOCAL Forwarding amp Filtering Port ID 13 f LLDP Port Description RMON Port 4 on Unit 3 gt LLDP Global Settinc System Name Switch 1 gt LLDP Port Setting System Description Stackable Ethernet Switch LLDP Basic TLVS System Capabilities Bridge 3 LLOP Dot3 TLVS St Management Address Show Detail gt LLDP Local Port Bri MAC PHY Configuration Status Show Detail omae Unknown Tes Show Detail m Qos Mm AB cnnuch lt i gt STACKING STATUS Figure 3 24 LLDP Remote Port Normal Page 3 To view the detailed Management Address information for the entry click Show Detail The LLDP Management Address Detail Information Page is displayed 105 DGS 3100 Series Gigabit Stackable Managed Switch User Manual QP 9000900000000900 3 7 4 s s Building Networks tor People ga Save Tools 7 B KID E X p ime a days 5 Time 2 days 5 70 13 Logged in as administrator admin 192 168 0 100 Ee Logou
207. ield Description Egress Defines the Egress ports per multicast group Define the VID Multicast MAC Address Unit and Egress fields 3 Select either all or individual ports Click All to select all ports as None or Egress Alternatively click to select the ports individually The default is 1 48 None 4 Click L Apply The Multicast forwarding settings are applied to the port and the device is updated To restore the default settings Click Cancel The default settings are restored To edit a VID entry Select the entry Click Edit Define the fields nak VND 6 Click Apply The entry is deleted and the device is updated To delete a VID entry 1 Select the entry 2 Click Delete VID Defining Multicast Filtering The Multicast Filtering Mode Page displays the port filtering mode for unregistered Multicast groups Ports can filter or forward unregistered Multicast groups The Multicast Filtering Mode Page permits specifying the Multicast filtering mode per port or globally for all ports 1 Click L2 Features gt Forward amp Filtering gt Multicast Filtering Mode The Multicast Filtering Mode Page opens 0 E Building Networks tor People Logged in as ad Save Toole Y LID Up Time 2 days 5 10 13 Stac DGS 3100 48P f Configuration f apply E G L2 Features v To Port 01 Vall C Filtering Mode Filter_Unregistered_Groups v Apply gt Jumbo Frame 802 10 VLAN
208. ield value is in seconds The field default is 30 seconds ServerTimeout 1 65535 sec Defines the amount of time that lapses before the device re sends a request to the authentication server The field value is specified in seconds The field default is 30 seconds MaxReq 1 10 times Displays the total amount of EAP requests sent If a response is not received after the defined period the authentication process is restarted The field default is 2 retries TxPeriod 1 65535 sec Defines the amount of time in seconds that lapses before EAP requests are resent The field default is 30 seconds ReAuthPeriod 300 4294967295 sec Displays the time span in seconds in which the selected port is re authenticated The field default is 3600 seconds ReAuthEnabled Indicates if ports MAC address can be re authenticated after the port MAC address authentication has timed out The possible field values are Enabled Enables re authenticating the port or MAC addresses after the port or MAC address authentication has timed out This is the default value 128 18 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Disabled Disables re authenticating the port or MAC addresses after the port or MAC address authentication has timed out Control Indicates the host status If there is an asterisk the port is either not linked or is
209. ies Gigabit Stackable Managed Switch User Manual Field Description Packets checked Displays the total amount of transmitted packets 2 Define the Unit and Port fields 3 Click Apply to load the defined parameters To clear the Unit and Port fields Click Clear The fields are cleared 1 2 Define the Time Interval and Record Number fields 3 Click PPY The transmitted packet graph is updated 4 To view the graph as a table click View Table 156 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing RADIUS Authenticated Session Statistics The RADIUS Authentication Pageprovides RADIUS authentication sessions including how many sessions were initiated which ports intimated the authentication sessions and whether or not the sessions were granted 1 Click Monitoring gt Port Access Control gt RADIUS Authentication The RADIUS Authentication Pageopens D Link ey Lai L Configuration 2 Features p aos p Security H Monitoring 3 Stacking Information B CPU utilization B Port Utilization gt Packet Size ff Packets EY Received RX UMB_cast RX iB Transmitted TX gt Browse ARP Table i B Browse MLD Router Pc B Browse Router Port Y Browse Session Table 3 lt i ia STACKING STATUS a ns sesessss 52 Figure 6 8 RADIUS Authentication Page The RADIUS Authentication Pagecontains the following
210. if GVRP indicates the port is to be added NOTE The Guest VLAN should be disabled before deleting the VLAN which was defined as the Guest VLAN NOTE On the Default VLAN the user can define ports as Untagged or Tagged but not as Forbidden or Not Member 2 Click the Add Edit VLAN tab The Add Edit VLAN Information Page opens 67 Building Networks for People al 0Gs 3100 48 Configuration B p L2 Features gt Jumbo Frame gt GVRP Settings Trunking gt Traffic Segmentation 3 LACP Port Settings IGMP Snooping MLD Snooping 3 Port Mirroring B Spanning Tree H 3 Forwarding amp Filtering G LLOP H os W Security El 3 Monitoring Hg ACL STACKING STATUB v DGS 3100 Series Gigabit Stackable Managed Switch User Manual o00o0oooooo 23456 aa fm Save Tools 7 Stack ID Add Edit VLAN VLAN Name Name should be less than 32 characters LSJ pe o k a N e N ok ary N oh w ade gt Pre a a oy J e co N o i So N ak N N N Les NO gt Select All 1 Forbidden Not Member RO O O O Forbidden Not Member O0O0OBHOO0O0O OOOCOHOO0O0 000 O 0O00 0O0O0OBHOO0OON OSOOOROO0O OM OOOOBOCO0 OR QOQOOOHMSOOOR GOOONOOOON OOOO OOOORO O00 OOOCOHOO0O OOOOHO O00 OOOOKO O00 OOOCOHOO0O OOOOKOO00 OOOOROO0O OOOORHOOOO OOOOKSD OOO OOOOKOOO0O OOO OO O00 OOOOHOOO0O OOOOHOO0O OOO
211. ines the time interval in seconds the Multicast router waits to receive a message before it times out The possible field range is 1 16711450 seconds The default timeout is 300 seconds State Indicates if MLD snooping is enabled on the VLAN The possible field values are Enable Enables MLD Snooping on the VLAN Disable Disables MLD Snooping on the VLAN 81 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Unit Defines the unit number Static Router Ports Defines the port numbers in the selected unit to be added as static router ports Ports Displays the unit port numbers defined as static router ports Dynamic Router Ports Displays the port numbers in the selected unit learned as dynamic router ports Ports Displays the unit port numbers defined as dynamic router ports Forbidden Router Ports Defines the port numbers in the selected unit to be added as forbidden router ports Ports Displays the unit port numbers defined as forbidden router ports 3 Define the Done Timer Host Timeout Router Timeout State Static Dynamic and Forbidden Router Ports fields 4 Click Apply MLD Snooping and Static Router Port Settings are defined and the device is updated 82 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Port Mirroring Switches inherently forward frames to relevant ports only This creates difficulty when
212. is updated 147 DGS 3100 Series Gigabit Stackable Managed Switch User Manual MONITORING THE DEVICE This section contains information for view device and packet statistics as well as viewing IGMP information and MAC address information This section includes the following topics e Viewing Stacking Information e Viewing CPU Utilization e Viewing Port Utilization e Viewing Packet Size Information e Viewing Received Packet Statistics e Viewing RADIUS Authenticated Session Statistics e Viewing ARP Table e Viewing MLD Router Ports e Viewing Router Ports e Viewing Session Table e Viewing IGMP Group Information e Viewing MLD Group Information e Defining Dynamic and Static MAC Addresses e Viewing System Log 148 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Stacking Information The Stacking Information Page provides specific information for stacked devices To show the Stacking Information Page Tools 1 Click 2 Alternatively click Monitoring gt Stacking Information in the Tree View The Stacking Information Page opens and from the menu select Show Stack Status 19 91 0 99 29 oo 290999 0000 9009000099 as ARMA AA RARA Y n2 232 aru Ru eT 2000 D Link DADO aca milo s la ds a ls ps e sanan pase st ls lo Lele a ap a Up Time 2 days 5 10 13 A Logged in as administrator admin 192 168 0 100 Forana PTE f Security ae Monkoring Master ID gt Stacking In
213. ischarge static electricity from your body before you touch any of the electronic components such as the microprocessor You can do so by periodically touching an unpainted metal surface on the chassis You can also take the following steps to prevent damage from electrostatic discharge ESD 1 When unpacking a static sensitive component from its shipping carton do not remove the component from the antistatic packing material until you are ready to install the component in your system Just before unwrapping the antistatic packaging be sure to discharge static electricity from your body 2 When transporting a sensitive component first place it in an antistatic container or packaging 3 Handle all sensitive components in a static safe area If possible use antistatic floor pads and workbench pads and an antistatic grounding strap Battery Handling Reminder CAUTION This is danger of explosion if the battery is incorrectly replaced Replace only with the same or equivalent type recommended by the manufacturer Discard used batteries according to the manufacturer s instructions vii DGS 3100 Series Gigabit Stackable Managed Switch User Manual GETTING STARTED To begin managing the device simply run the browser installed on the management station and point it to the IP address defined for the device For example http 123 123 123 123 Please note that the proxy for session connection should be turned off NOTE The Factor
214. ithin the fifty states of the United States the District of Columbia U S Possessions or Protectorates U S Military Installations or addresses with an APO or FPO Limited Warranty D Link warrants that the hardware portion of the D Link product described below Hardware will be free from material defects in workmanship and materials under normal use from the date of original retail purchase of the product for the period set forth below Warranty Period except as otherwise stated herein Limited Lifetime Warranty for the product is defined as follows Hardware For as long as the original customer end user owns the product or five 5 years after product discontinuance whichever occurs first excluding power supplies and fans Power supplies and fans Three 3 Year Spare parts and spare kits Ninety 90 days The customer s sole and exclusive remedy and the entire liability of D Link and its suppliers under this Limited Warranty will be at D Link s option to repair or replace the defective Hardware during the Warranty Period at no charge to the original owner or to refund the actual purchase price paid Any repair or replacement will be rendered by D Link at an Authorized D Link Service Office The replacement hardware need not be new or have an identical make model or part D Link may at its option replace the defective Hardware or any part thereof with any reconditioned product that D Link reasonably determines is subst
215. kat lunak dan dokumentasi pengguna dapat diperoleh pada situs web D Link Dukungan Teknis untuk pelanggan Dukungan Teknis D Link melalui telepon Tel 62 21 5731610 Dukungan Teknis D Link melalui Internet Email support dlink co id Website http support dlink co id D Link Building Networks for People 226 227 fF LAGE D Link HE A AIRE a ATER EA EA AA JAHH IER BAM KALAMA 36 5 IRA AID BE 26F 02 05 B49 100013 FLASIFH DIA 8008296688 028 66052968 ARiMR 028 85176948 EMS UE IERBRMKIL PRE 365 HER ARG A B EZ 26F 02 05 Ab 100013 IDEA 010 58257789 44S YEH 010 58257790 PYLE http www dlink com cn D Link Building Networks for People International Offices U S A 17595 Mt Herrmann Street Fountain Valley CA 92708 TEL 1 800 326 1688 URL www dlink com Canada 2180 Winston Park Drive Oakville Ontario L6H 5W1 Canada TEL 1 905 8295033 FAX 1 905 8295223 URL www dlink ca Europe U K D Link Europe Ltd D Link House Abbey Road Park Royal London NW10 7BX United Kingdom TEL 44 0 20 8955 9000 FAX 44 0 20 8955 9001 URL www dlink co uk Austria Millennium Tower Handelskai 94 96 A 1200 WIEN Austria TEL 43 0 1 240 27 270 FAX 43 0 1 240 27 271 URL www dlink at Belgium Rue des Colonies 11 B 1000 Brussels Belgium TEL 32 0 2 517 7111 FAX 32 0 2 517 6500 URL www dlink be Bulgaria 60A Bulgaria Blvd Office 1 Sofi
216. king Host Timeout 60 16711450 sec Traffic Segmentation y E LACP Port Settings Router Timeout 1 16711450 sec iB uP Shooping State Enabled BMD Snoop ae Port Mirroring Spanning Tree Forwarding amp Filtering Lor a p Qos El Security E G Monitoring G PoE E BAcL Static Router Ports Dynamic Router Ports Unit 01 H Ports Forbidden Router Ports Unit 01 i Y STACKING STATUS Figure 3 14 MLD Snooping amp Static Router Ports Settings Page The MLD Snooping amp Static Router Ports Settings Page contains the following fields Field Description VLAN ID Specifies the VLAN ID VLAN Name Displays the user defined VLAN name Done Timer 0 16711450 sec Defines the time interval in seconds after which a port is removed from the Multicast membership group Ports are removed from the Multicast membership when the port sends a Done Message indicating the port requests to leave the Multicast group The field range is 0 16711450 seconds The default timeout is 10 seconds Host Timeout 60 16711450 sec Defines the time interval in seconds after which a port is removed from a Multicast Group Ports are removed if a Multicast group MLD report was not received from a Multicast port within the defined Host Timeout period The possible field range is 60 16711450 seconds The default timeout is 260 seconds Router Timeout 1 16711450 sec Def
217. l Settings Section The Annual Mode enables setting a DST seasonal time adjustment This option requires defining begin and end times by the specific dates For example the network administrator defines that DST begins April 3 and ends October 14 Field Description From Month Defines the month of the year that DST starts The field options are January December From Day Defines the date on which DST starts The field options are 1 31 From Time Defines the time at which DST starts The field format is HH MM based on the 24 hour clock Military Time For example 9 00PM is configured as 21 00 To Month Defines the month of the year in which DST ends The field options are January December To Day Defines the date on which DST ends The field options are 1 31 To Time Defines the time at which DST ends The field format is HH MM based on the 24 hour clock Military Time For example 9 00PM is configured as 21 00 1 Select a daylight savings time source in the Daylight Saving Time State field 2 Define the fields 3 Click Apply Daylight Savings Time is configured and the device is updated 44 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring SNMP Simple Network Management Protocol SNMP provides a method for managing network devices The device supports the following SNMP versions e SNMP version 1 e SNMP version 2c e SNMP version 3 SNMP v and v2c The
218. lays the time intervals at which the packet samples are taken The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Displays the packet size record number Show Hide Displays or hides packets size The following packet length ranges can be displayed 64 65 127 128 255 256 511 512 1023 and 1024 1518 and 1519 10240 2 Click Apply A sample record of packet size analysis is stored and the device is updated 3 Define the Show Hide field 4 To view the graph as a table click View Table 152 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Received Packet Statistics The Received RX Page contains information about packets transmitted through device ports To view received packet Statistics jg Configuration 1 9 L2 Features s faos f Security I E Ef Monitoring 101 he 01 E View Table Apply _ __Clear__ 2 See PONT T o coccssss socossss sososs33 1 Click Monitoring gt Packets gt Received RX The Received RX Page opens 099009000 o 9999999990999 Diink 9 92 7 T ell le a a Po ems eerrrrre PPP eee Fee E 2 Stacking information CPU Utilization Port utilization gt Packet Size 4 E Packets 5 je recevar Bytes gt UMB_cast RX gt Transmitted TX 7 Eackets gt RADIUS Authentication 3 Browse ARP Table 2 Browse MLD Router Pc gt Browse Router Port i gt Brows
219. lding a New Self Ordered Stack e Adding Members to a Self Ordered Running Stack Building a New Self Ordered Stack To build a self ordered stack 1 Connect the units physically through the stacking ports 2 Turn on the units After a short interval the stack will become operational with one of the units selected as the Master of the stack The Master and Backup selection is known as Master Election Master Election takes place if there are one or more eligible candidates contending to be the Master unit The Master Unit is indicated by the green Master LED on the front panel The Master LED is located near the Unit ID LEDs If a serial console is connected the serial cable must be connected to the Stack Master console port since the only operational console port in the stack is the one of the Master unit NOTE To reset the stacking members to the factory defaults press the Reset button for at least 5 seconds Adding Members to a Self Ordered Running Stack 1 Reset the new stacking units to the factory defaults by pressing the Reset button optional 2 Connect the stacking members physically to the stack 3 Turn on the switches the new units will become stacking members Managing a New Manually Ordered Stack System administrator can also manually assign Unit IDs to stacking members System administrator has to assign a unique Unit ID from 1 to 6 to each stack member A Unit ID that is manually assigned is not subject to automatic n
220. le entry 1 Select the entry 93 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Click Edit 3 Define the values 4 Click BESABR To delete a FDB table entry 1 Select the entry The entry is updated and the device is updated 2 Click Delete The entry is deleted and the device is updated Defining Multicast Forwarding The Multicast Forwarding Page displays the ports and LAGs attached to the Multicast service group in the Ports and LAGs tables Ports can be added either to existing groups or to new Multicast service groups The Multicast Forwarding Page permits new Multicast service groups to be created The Multicast Forwarding Page also assigns ports to a specific Multicast service address group 1 Click L2 Features gt Forward amp Filtering gt Multicast Forwarding The Multicast Forwarding Page opens DGS 3100 48 P Configuration L2 Features 3 Jumbo Frame 3 802 10 VLAN GVRP Settings Trunking 3 Traffic Segmentation 3 LACP Port Settings IGMP Snooping MLD Snooping gt Port Mirroring E Spanning Tree E H Forwarding amp Filtering gt Unicast Forwarding 2 gt Multicast Filtering Mode 4 LLOP H H QoS H Security f Monitoring aci MIT i 01 02 E 04 05 06 07 08 09 de o y S Up Time 2 days 5 10 13 MAC Address 01 00 00 00 00 02 01 00 00 00 00 03 01 00 00 00 00 04 01 00 00 00 00 05 01 00 00 00 00 06 01 00 00 00 00 07
221. lgorithm RSA with 3DES EDE CBC SHA This ciphersuite combines the RSA key exchange CBC Block Cipher 3DES_EDE encryption and the SHA Hash Algorithm RSA EXPORT with RC4 40 MD5 This ciphersuite combines the RSA Export key exchange and stream cipher RC4 encryption with 40 bit keys Status Indicates if the selected Ciphersuite is enable or disabled for SSL The possible field values are Enable Enables the Ciphersuite for SSL Disable Disables the Ciphersuite for SSL 2 Enable or disable the SSL status in the SSL Status field 3 Click Apply The SSL status is defined and the device is updated 137 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Secure Shell Security Secure Shell permits network users to securely login to the network from a remote location over an insecure network SSH a secure login to remote host computers a safe method of executing commands on a remote end node and will provide secure encrypted and authenticated communication between two non trusted hosts SSH with its array of unmatched security features is an essential tool in today s networking environment It is a powerful guardian against numerous existing security hazards that now threaten network communications Ensure the following steps are completed before configuring SSH e Create a user account with admin level access using the User Accounts window in the Administration folder This is ide
222. lization A IP Address A C fma C ceara Port Utilization Packet Size a p Poms Total Entries 5 E Received RX IP Address Mac Address Type UNB_cast RX 10 0 0 1 00 01 2e 4a 76 09 Dynamic A Transmitted TX 10 0 0 2 00 01 2e 4a 76 1a Dynamic RADIUS Authentication 10 0 0 3 00 01 2e 4a 76 c5 Static 3 10 0 0 4 00 01 2e 4a 76 0b Dynamic gt Browse MLD Router Pc 40 0 0 5 00 01 2e 4a 76 d7 Dynamic gt Browse Router Port Browse Session Table IGMP Snooping Group 3 MLD Snooping Group MAC Address Table amp STACKING STATUS Figure 6 9 Browse ARP Table Page The Browse ARP Table Page contains the following fields Field Description VLAN Name Defines the VLAN for which the ARP mappings are defined IP Address Defines the station IP address which is associated with the MAC address Total Entries Displays current ARP table entries detailing the user defined interface name IP address MAC address and type dynamic or static of each entry MAC Address Displays the MAC address associated with the IP address Type Indicates how the MAC was assigned The possible values are Dynamic Indicates that the MAC address is dynamically created Static Indicates the MAC address is a static IP address 2 Click Find The table updates and displays the values required 3 Click Clear to clear the Browse ARP Table Page 158 DGS 3100 Series Gigabit Stackabl
223. ls the system time reverts to the local hardware clock Daylight saving times can be enabled on the device The following is a list of daylight savings start and end times in specific countries 41 Albania From the last weekend of March until the last weekend of October Australia From the end of October until the end of March Australia Tasmania From the beginning of October until the end of March Armenia From the last weekend of March until the last weekend of October Austria From the last weekend of March until the last weekend of October Bahamas From April to October in conjunction with daylight savings in the United States Belarus From the last weekend of March until the last weekend of October Belgium From the last weekend of March until the last weekend of October Brazil From the third Sunday in October until the third Saturday in March Clocks go forward one hour in most areas of southeast Brazil for daylight savings Chile Easter Island from March 9 until October 12 The rest of the country from the first Sunday in March or after March 9 China China does not use daylight saving time Canada From the first Sunday in April until the last Sunday of October Daylight saving times are usually regulated by provincial and territorial governments Exceptions may exist in certain municipalities Cuba From the last Sunday of March to the last Sunday of October Cyprus
224. m control is configureed To Port Defines to which port storm control is configured Storm Control Type Specifies the Broadcast mode currently enabled on the device The possible field values are Broadcast Storm Broadcast and Multicast Storm Broadcast Multicast and Unknown Unicast Storm State Indicates which storm control is enabled on the port The possible field values are Enable Enables storm control on the selected port Disable Disables storm control on the selected port This is the default value Threshold 3500 Indicates the maximum rate kilobits per second at which storm packets are forwarded The 1000000 range is 3500 1 000 000 The default value is 3 500 2 Define the Unit From Port To Port Storm Control Type State and Threshold fields 3 Click Apply The storm control settings are configured and the device is updated 114 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Mapping Ports to Packet Priorities The 802 1P Default Priority Page provides traffic classification by assigning priority values per port The priority value is assigned when packet arrives to a port with an empty priority tag 1 Click Qos gt 802 1p Default Priority The 802 1P Default Priority pe opens D Link 2 EPPPPPPPPI Building Networks tor People Save Tools Y Stack ID E X Up Time 2 days E Logged in as administrator admin 192 168 0 DGS 3100 48 f Configuration E
225. mance in sufficient detail to allow D Link to confirm the same The original product owner must obtain a Return Material Authorization RMA number from the Authorized D Link Service Office and if requested provide written proof of purchase of the product such as a copy of the dated purchase invoice for the product before the warranty service is provided After an RMA number is issued the defective product must be packaged securely in the original or other suitable shipping package to ensure that it will not be damaged in transit and the RMA number must be prominently marked on the outside of the package The packaged product shall be insured and shipped to Authorized D Link Service Office with all shipping costs prepaid D Link may reject or return any product that is not packaged and shipped in strict compliance with the foregoing requirements or for which an RMA number is not visible from the outside of the package The product owner agrees to pay D Link s reasonable handling and return shipping charges for any product that is not packaged and shipped in accordance with the foregoing requirements or that is determined by D Link not to be defective or non conforming What Is Not Covered This limited warranty provided by D Link does not cover Products that have been subjected to abuse accident alteration modification tampering negligence misuse faulty installation lack of reasonable care repair or service in any way that is not c
226. mask z ss Profile List 802 10 ACL Finder VLAN 3 Time Range Setting Ether Type PayLoad MAC Address O source MAC Mask g C Destination MAC Mask STACKING STATUS Figure 8 5 ACL Profile L2 ACL Tagged MAC Address Page 176 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The ACL Profile L2 ACL Tagged MAC Address Page contains the following fields Field Description Source MAC Mask Defines the range of source addresses relative to the ACL rules O ignore 1 check For example to set 00 00 00 00 10 XX use mask FF FF FF FF FF 00 Destination MAC Mask Defines the range of destination addresses relative to the ACL rules O ignore 1 check For example to set 00 00 00 00 10 XX use mask FF FF FF FF FF 00 2 Select Source MAC Mask and or Destination MAC Mask The Mask Generate button is active 3 Enter a MAC mask in the box adjacent to the Mask Generate button Alternatively click Mask Generate The Generate Mask by range fields appear Enter a MAC address range into the Generate Mask by range fields and click Calculate The mask is generated 4 Click Create The ACL profile is added and the device is updated To define L2 802 1Q VLAN ACL profile 1 Click the 802 1Q VLAN button The ACL Profile L2 ACL Tagged VLAN Page updates to show the following 2 fib A hi a a c0000000000000 oo0oooooo MUNROE se Ve Rana DA D Link 78 DLink ser rrr ttt RTT
227. mbers to discover when a stacking member fails or is unreachable 21 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Allocating Unit IDs Resolving Unit ID Conflicts Once the Stack Master is elected it allocates the Unit IDs to the stacking members that do not have a Unit ID Stacking members that do not have a Unit ID operate in the Factory Default mode In addition the stack Master attempts to resolve all duplicate Unit IDs occurrences among stacking members The Stack Master reallocates the duplicate Unit ID if there are available Unit IDs If two stacks are merged stacking units that were initially in the Stack Master s sub group retain their Unit ID New stacking member are allocated new Unit IDs If a conflict occurs after the stacking members are rebooted the following occurs e If both duplicate stacking members are in Auto Assign mode then the Unit ID is assigned by the MAC address The stacking member with the lowest MAC address maintains its Unit ID The other stacking member is assigned a new Unit ID e If one of the stacking members with duplicate Unit IDs is in Auto Assign mode and the other stacking member is in manual mode the stacking member in Manual mode maintains its Unit ID The other stacking member is assigned anew Unit ID Stacking members are shut down if e If both duplicate stacking members are in Manual mode then both stacking members are shut down e Ifthe Stack Master is able to alloc
228. me Unit ID the stacking members with the lowest MAC addressis selected as the Stack Master The other unit is rebooted and is assigned the Unit ID 2 If the stack contains one or more stacking members set to the factory default states and there is no Unit ID assigned to a stacking member then the Stack Master is one of these stacking members The stacking member selected to be the Master is the stacking member running for the longest time If all stacking members are running the same amount of time the stacking member with the lowest MAC address is selected as the Stack Master The Master Election results in an elected Stack Master The Stack master has a Unit ID of 1 and the Backup Master has a Unit ID of 2 if a Backup Master was included in the stack If a Master Enabled stacking member a Unit ID of 1 or 2 is added to a stack and powered on the newly added switch invokes Master Election process The Master Election process occurs even though the stack has an elected master However the newly added switch loses in the election process lower up time and joins the stack as a stacking member or Backup Master Stack Startup Process When a stacking member is initialized either powered up or rebooted the stacking member goes through the same exact process including e Discovering the Stacking Master e Allocating Unit IDs Resolving Unit ID Conflicts e Unit and Stacking Port Configuration Discovering the Stacking Master When a st
229. mes the role of Stack Master The Backup Master uses Master Discovery process to identify the failure In case of Ring topology the Backup Master directs all other stack members to route traffic around the failed stacking member At the same time the Backup Master notifies the system administrator of the failure using SYSLOG messages and SNMP traps When the failed stacking member is disconnected from the stack all traffic is already routed around the failed stacking member If all other stacking connections are left intact the stack keeps running When a new stacking member is inserted and powered up the following occurs e The new stacking member performs Master Discovery process and participates in a Master Election process For more information on the Master Election see Electing a Stacking Master If the new stacking member has a Unit ID of or 2 i e the stacking member is a master enabled Master Election process is initiated Since the running stack Backup Master has a longer run timeand if the Backup Master has been running for more then 10 minutes the Backup Master remains the elected Stack Master The new stacking member does not become the new Stack Master This may result in new stacking member using 25 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Unit ID 1 and serving as the stack Backup master while the already running stacking member with Unit ID 2 remains the active Stack Master e The Stack Master per
230. munity Name l B User Accounts View Name Communityiew System Log Host IO A El SNTP Settings Access Right Read Only xij E H SNMP Settings gt SNMP View Table SNMP Group Tab A SNMP pa dai gt mT Community Name View Name Access Right SNMP Host Table public Communityview Read Only 2 SNMP EngineID private PWriteView Read Write 2 SNMP Trap Configu public TestReadView Read Write DHCP Auto Configuratic Dual Image Services 2 Telnet Sattine il gt STACKING STATUB Figure 2 15 SNMP Community Table Page The SNMP Community Table Page contains the following fields Field Description Community Name Defines advanced SNMP community name limited to 20 alphanumeric characters View Name Defines the group of MIB objects that a remote SNMP manager is allowed to access on the switch Access Rights Defines the access rights of the community The possible field values are Read Only Management access is restricted to read only and changes cannot be made to the community Read Write Management access is read write and changes can be made to the device configuration but not to the community 2 Define the Community Name and View Name Access Right fields 3 Click APP The SNMP Community Table is defined and the device is updated To delete a SNMP Community Table Page List entry 1 Select a Community Name 2 Click Delete The entry is deleted and the device is updated
231. n y RX Disabled v kbps gt Bandwidth Control E E Trae Control No Limit Rate 64 1000000 2 802 1p Default Priority Tx Disabled Y Kbps gt 802 1p User Priority 3 QoS Scheduling Mechanisi gt Multi Layer CoS Setting H Security Unit 1 Settings E Monitoring Port RX Rate TX Rate El BHACL Kbitsec Kbitisec 3 11 NoLimit NoLimit 1 2 No Limit No Limit 1 3 No Limit No Limit 1 4 No Limit No Limit 1 5 No Limit No Limit gt 1 6 No Limit No Limit STAGKING STATUM 17 No Limit No Limit 1 8 No Limit No Limit 1 9 No Limit No Limit 1 10 No Limit No Limit 111 No Limit No Limit 1 12 NoLimit NoLimit 1 13 No Limit No Limit 1 14 NoLimit No Limit 1 15 No Limit No Limit Y Figure 4 2 Bandwidth Control Page The Bandwidth Control Page contains the following fields Field Description Unit Defines the stacking member for which the bandwidth parameters are displayed From Port Defines from which port number bandwidth settings are displayed To Port Defines to which port number bandwidth settings are displayed RX No Limit Defines if ingress bandwidth limitation is assigned to the port The field value options are Enabled Ensures no bandwidth limitations on the port This is the default value Disabled Enables ingress bandwidth limitations on the port When disabled user can enter a limit value in the RX Rate field
232. na siaii aenacdi Method List Name Method 3 3 v Method 1 Method 4 x Method 2 z Apply Method List Name Method 1 Method 2 Method 3 Method 4 default Local z Login_Method_1 RADIUS Figure 5 14 Enable Method Lists Page The Enable Method Lists Page contains the following fields Field Description Method List Name Defines the method list name The field is user defined besides the http_method_list and https_method_list which cannot be deleted or renamed Method 1 Indicates the first method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication 145 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Method 2 Indicates the second method used to authenticate the network user The possible field values are RADIUS User authentication occurs at the RADIUS server TACACS The user authentication occurs at the TACACS server None No user authentication occurs Local User authentication occurs at the device level The device checks the user name and password for authentication Method 3 Indicates the third method used to auth
233. nable Enables the device to send authentication failure notifications This is the default value Disable Disables the device from sending authentication failure notifications 2 Define the SNMP Traps and SNMP Authentication Traps fields 3 Click Apply The SNMP trap status is modified and the device is updated 55 DGS 3100 Series Gigabit Stackable Managed Switch User Manual DHCP Auto Configuration In the DHCP Auto Configuration Page users can enable or disable automatic download of the latest image and configuration files from the DHCP server During reboot if DHCP Auto Configuration is enabled the device polls the TFTP Server From the DHCP server the device receives the following if necessary e IP address The device will receive IP from the DHCP server regardless of current IP configuration whether static or dynamic If the device already has a DHCP defined IP address it will retain the current address If Static IP is present in the configuration file it will be ignored e Image file If an updated image file is available on the network and the DHCP server s latest instruction file refers to it the device downloads the image file e Configuration file If an updated configuration file is available on the network and the DHCP server s latest instruction file refers to it the device downloads the file as its new Running Configuration and also saves it as the Startup Configuration If Static I
234. nager defines a priority of 01 to Class 3 all packets arriving with an assigned value of 01 are sent to class queue 3 The default mapping is e Priority 0 3 is assigned to QO This is the lowest priority queue e Priority 1 2 is assigned to Q1 e Priority 4 5 is assigned to Q2 e Priority 6 7 is assigned to Q3 This is the highest priority queue To map priority to queues 1 Click QoS gt 802 1p User Priority The 802 1P User Priority Page opens E 9999999992999999 yano agagaou s a oa oo ns Pree Serre PPP Fee E rx all Stack ID D E TPP primes days S10 13 Logged in as administrator admin 192 168 0 Save Tools Building Networks for People DGS 3100 48 E 3 Configuration 9 L2 Features Priority Class ID A QoS 00 ass 0 v 3 Bandwidth Control ra 01 z Traffic Control 3 802 1p Default Priority 02 2 802 1p User Priority 03 33 QoS Scheduling Mechanisi gt Multi Layer CoS Setting 04 H Security 05 E Monitoring E HACL us 07 o ass 0 ass 4 xi ass 1 v v x f lololo lass 2 ass 2 y mi lalola lass 3 ass 3 w Apply gt STACKING STATUS Figure 4 5 802 1P User Priority Page The 802 1P User Priority Page contains the following fields Field Description Priority Indicates the packet priority that is assigned to the queue Class ID Defines the class queue that is assigned to the priority Class 0 is the lowest priority qu
235. nd click Apply LLDP is enabled and the device is updated 3 To configure the LLDP packet forwarding status when LLDP is disabled define the LLDP Forward Status field and click Apply The LLDP packet forwarding status is defined and the device is updated 4 To configure LLDP Global parameters when LLDP is enabled define the Message TX Interval Message TX Hold Multiplier LLDP TX Delay and LLDP Reinit Delay fields and click Apply The LLDP packet forwarding status is defined and the device is updated Defining LLDP Port Settings The LLDP Port Setting Page displays LLDP port information and contains parameters for configuring LLDP port settings 1 Click L2 Features gt LLDP gt LLDP Port Setting The LLDP Port Setting Page opens 98 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Building Networks for People Ma Save X Tools 7 gt Traffic Segmentation gt LACP Port Settings gt IGMP Snooping MLD Snooping gt Port Mirroring ja Spanning Tree Forwarding amp Fitering f op gt LLDP Global Setting 2 gt LLDP Basic TLVS LLDP Dot3 TLVS St LLDP Local Port Bri 2 LLDP Remote Port E 0 4 m f Qos E Security El 3 Monitoring H Ac p lt y gt STACKING STATUS 000000000000000 1 2 1 120 0 0 2 93 3 cal ag Ie A i i a D a a i SSS Sea Oe i a a a ee Up Time 2 days El 4 Logged in as administrator admin 192 168 0 100 Po Uni
236. ng RADIUS Authenticated Session Statistics 00 ecesssesscseesecsseeeeesecseesecneesecsseeecsaecaeesecnesseceaseeesaecatesecneseenaeeess 157 Viewing ARP Tableros pein cat kc hae aie ane Sie id is 158 Viewing MED Router Ports ui 159 Viewing Router Portas reis sith ae acl A Aes baie de aia ds alin a E a athens 160 Viewing Session Table nien a iba eas ean ae ae 161 Viewing IGMP Group Information ei eeesecssssecseeeeceseeecesecseesccneesccsaeeeesaecseesccsevscesseeesaecaeesecsevseeeaeeeesaecatesesnesseenaeeees 162 Viewing MED Group Information essa oil A E E Ea 163 Defining Dynamic and Static MAC Addresses essesescsessceseeecesecscesecneesccsaeecesaecatesecnesscesaeeeesaecatesecnesseesaeeeesaecaseneenees 164 Viewing System Di Ri esa 166 MANAGING POWER OVER ETHERNET DEVICES ccseecseseeeeeeeeeeeeeeeeeeeeeseeneeseeseeeeeseseseeeseseeneesesesnansnneeeeees 167 Defining PoE System Informations asii eie e t nites Mite ceeds adie de vies tinh Aue ater A asa ivi discal inde 168 Displaying and Editing PoE System Information ees csesesseesecseeseceseeecesecseesccneesecsseecesaecaeesecsevseesasenesaecatesesneveeenaeeess 170 DEFINING ACCESS PROFILE LISTS E E A age dines E E A E E T 171 ACL Configuration Wizard gaseste ie a a Menta pra a E Aisle e a E E e a aaa S 172 Defining Access Profile Listin ainia 174 Defining Access Rules Lists iman in 187 Finding ACI Rules acc ali AE rA 190 Defining Time Range colitis E aae Eiaa ra L
237. nge Setting The Time Range Setting Page opens Building Networks for People ons ve A A O Fever SS DEI I180 48 pl ul H Save Tools Stack ID Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 Po DGS 3100 48 E Configuration L2 Features Time Range m QoS Range Name Trinity E P Security A me P a F 7 E Monitoring Hours HH MM Start Time 00 v 00 w End Time 00 00 v gg Ace Weekdays Cmon Tue Owed Thu Ceri Csat sun SelectAll Days gt ACL Configuration Wizard gt Access Profile List Note If the End Time is before the Start Time the End Time will be set to the following day ACL Finder 5 Time Range Setting Total Entries 1 ime Range Information Range Name EVE Start Time End Time State Trinity Mon 01 00 02 00 Active STAGKING STATUS Figure 8 24 Time Range Setting Page The Time Range Setting Page contains the following fields Field Description Range Name Defines the Time Range Name Up to 32 time ranges can be defined Start Time HH MM Specifies the time at which the time based ACL is enabled The field format is HH MM The possible field values are HH 00 23 hours in military format MM 00 59 minutes End Time HH MM Specifies the time at which the time based ACL is disabled The field format is HH MM The possible field values are HH 00 23 hours in military format MM 00 59 minutes Weekdays Specifie
238. ngs gt SNMP Group Table The SVMP Group Table Page opens Building Networks for People _ Save 0GS 3100 48 1 Configuration 3 System Information gt IP Address gt Stacking Settings 3 Port Configuration ARP Settings 3 User Accounts gt System Log Host f SNTP Settings E P SNMP Settings SNMP View Table SNMP User Table SNMP Community T SNMP Host Table SNMP Engine ID SNMP Trap Configu Y il gt STAGKING STATUS ES A SENN Pcie a Ee AAA gererreee eerie pores BES bstessss seescess cacaos a ha oy a bed Greer A A o ye O Tools Stack ID EE 990909900999999 oo 999999999999999 7 AA AA DADAS LEE EUR E AA a Logout Up Time 2 days 5 70 TT Add Group Group Name Read ViewName Communityview z Communityview Communityview _ 3 EXCMO Write View Name Notify View Name Security Model Security Level Apply List Group Name Read View Name Write View Name Notify View Name Security Model public CommunityView CommunityView SNMPv1 private PrivateView SNMPv2 public TestReadView SNMPv3 Security Level NoAuthNoPriv NoAuthNoPriv AuthPriv PwriteView Figure 2 13 SNMP Group Table Page The SNMP Group Table Page contains the following fields Field Description Group Name Defines the user defined group name to which access control rules are applied limited to 30 alphanumeric characters Read Vi
239. nical Support over the Telephone 877 354 6560 Monday to Friday 7 30am to 9 00pm EST D Link Technical Support over the Internet http support dlink com email support dlink ca D Link Building Networks for People 204 205 Technical Support You can find software updates and user documentation on the D Link websites If you require product support we encourage you to browse our FAQ section on the Web Site before contacting the Support line We have many FAQ s which we hope will provide you a speedy resolution for your problem For Customers within The United Kingdom amp Ireland D Link UK amp Ireland Technical Support over the Internet http www dlink co uk ftp ftp dlink co uk D Link UK amp Ireland Technical Support over the Telephone 08456 12 0003 United Kingdom 1890 886 899 Ireland Lines Open 9 00 am 06 00 pm Mon Fri 10 00am 02 00 pm Sat Closed on Sun For Customers within Canada D Link Canada Technical Support over the Telephone 1 800 361 5265 Canada Mon to Fri 7 30AM to 9 00PM EST D Link Canada Technical Support over the Internet http support dlink ca email support dlink ca D Link Building Networks for People Technische Unterstutzung Aktualisierte Versionen von Software und Benutzerhandbuch finden Sie auf der Website von D Link D Link bietet kostenfreie technische Unterst tzung fur Kunden innerhalb Deutschlands Osterreichs der Schweiz und Osteuropas Unsere
240. nternet www dlink nl Tech Support for customers within Belgium D Link Technical Support over the Telephone 070 66 06 40 Monday to Friday 9 00 am to 10 00 pm D Link Technical Support over the Internet www dlink be Tech Support for customers within Luxemburg D Link Technical Support over the Telephone 32 70 66 06 40 Monday to Friday 9 00 am to 10 00 pm D Link Technical Support over the Internet www dlink be D Link Building Networks for People 210 211 Pomoc techniczna Najnowsze wersje oprogramowania i dokumentacji uzytkownika mo na znale w serwisie internetowym firmy D Link D Link zapewnia bezp atn pomoc techniczn klientom w Polsce w okresie gwarancyjnym produktu Klienci z Polski mog si kontaktowa z dzia em pomocy technicznej firmy D Link za po rednictwem Internetu lub telefonicznie Telefoniczna pomoc techniczna firmy D Link 0 801 022 021 Pomoc techniczna firmy D Link wiadczona przez Internet URL http www dlink pl D Link Building Networks for People Technicka podpora Aktualizovan verze software a u ivatelsk ch p ru ek najdete na webov str nce firmy D Link D Link poskytuje sv m z kazn k m bezplatnou technickou podporu Z kazn ci mohou kontaktovat odd len technick podpory p es webov str nky mailem nebo telefonicky Web http www dlink cz suppport E mail support dlink cz Telefon 224 247 503 Telefonick podpora je v provozu
241. ntical to creating any other admin level User Account on the Switch including specifying a password This password is used to logon to the Switch once a secure communication path has been established using the SSH protocol e Configure the User Account to use a specified authorization method to identify users that are allowed to establish SSH connections with the Switch using the Current Accounts window Security gt Secure Shell SSH gt SSH User Authentication There is a special SSH method that mey be used to authorize the user Public Key The default value is None To define SSH on the device 1 Click Security gt SSH gt SSH Configuration The SSH Configuration Page opens Diink 9 9 mans e oa a Ba A A ae see Serer SERPS SEPT E A a O eecce eese c000000000000 oo oo J DNAENT BARU weer yt m Up Time 2 days 5 10 E J Coggedin as administrator admin 192 168 0 100 Logout DGS 3100 48 5 H Configuration E HL Features SSH Server Status O Enabled Disabled m f QoS E Securit En paa Engine SSH Global Setting gt Trusted Host Port 1 65535 22 Port Security A Guest VLAN pply H 802 1X SSL Hp SSH gt SET SSH Algorithm Settings H Access Authentication Coi E Monitoring fe ACL lt a STACKING STATUS O TTE AAA AAA ziz as eo 0 PP oo roo sesseese seeeeees enero S SSSE5__ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
242. nticated by the server before attaining network access To define the Authentication Server information 1 Click Security gt Access Authentication Control gt Authentication Server Host The Authentication Server Host Page opens cee 009000909999999 9992999992999999 9 3 s 9 10 n 129 4 5 6 SHUR BM OM u oll MITTITI nin wy oan a bed ree PU VU WU y E Stac i y DGs 3100 48 tl Authentication server Host as O jE Che E Configuration H L2 Features IP Address Port 1 65535 EH QoS Protocol RADIUS v Timeout 1 30secs ae pasted Key Max 128 characters Retransmit 1 10times aq Safeguard Engine c gt Trusted Host Priority First v gt Port Security a 6 IP Address Protocol Port Timeout Key Retransmit Priority ssi 10 1 1 15 RADIUS 24 10 12345 20 4 ss 10 1 1 16 TACACS 9 5 67890 2 1 Access Authentication E Application Authen 3 d ogin Method Lists A Enable Method List Configure Local En lt gt STAGKING STATUS re ABRAS ia ESA RN fa ser rn re mos coveeeue m Tanananan sncnsene anacacid UUZZSZES uy ux Tanannsas anasanan saseasii iii AAA Tansanana siaii siaasdii o room eS Figure 5 12 Authentication Server Host Page The Authentication Server Host Page contains the following fields Field Description IP Address Defines the IP address of the RADIUS or TACACS server authenticating network users
243. ntifier it will become the Root Bridge The user can choose between 6 and 40 seconds The default value is 20 Bridge Hello Time 1 10 The interval between two transmissions of BPDU packets sent by the Root Bridge to indicate to all other switches that it is indeed the Root Bridge The default value is 2 Bridge Forward Delay 4 30 Defines the time any port on the switch is in the listening state while moving from the blocking state to learning state and then to the forwarding state The default value is 15 Max Hops 1 20 Specifies the total number of hops that occur before the BPDU is discarded Once the BPDU is discarded the port information is aged out The possible field range is 1 20 The field default is 20 hops 2 Select Enable Disable in the STP Status field 3 Define the STP Version Forwarding BPDU Bridge Priority Bridge Max Age Bridge Hello Time Bridge Forward Delay and Max Hops fields 4 Click Apply 87 The Spanning Tree Global Parameters are defined and the device is updated NOTE The Global STP status default was Ebable in previous software versions and was changed to Disable Please note that if STP enabled is the required state you should enable STP via the WEB GUI or the CLI NOTE In case of STP loopback the port will be shutdown the port will be activated after the loopback is removed DGS 3100 Series Gigabit Stackable Managed Switch User Man
244. nual Defining Access Profile Lists This section contains the following topics e Adding ACL Profiles e Defining Level 2 ACL e Defining Level 3 ACL Adding ACL Profiles The ACL Profile List Page provides information for configuring ACL Profiles manually ACL profiles are attached to interfaces and define how packets are forwarded if they match the ACL criteria 1 Click ACL gt Access Profile List The ACL Profile List Page opens Ss DAMAS Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 MAT bs DGS 3100 48 Configuration PL2 Features Has p Security 3 Monitoring Source MAC Destination MAC Ether Type VLAN ID Show Details_ Edit New Rules Delete f ACL Source IP TCP Source Port TCP Flag Time Range Show Details Edit New Rules Delete gt ACL Configuration Wizard 6 4 6 4 E m 3 ACL Finder gt Time Range Setting Current Max Profile 2 15 Current Max Rule 2 240 Add ACL Profile STACKING STATUS Figure 8 2 ACL Profile List Page The ACL Profile List Page contains the following fields Field Description Profile ID Displays the profile Identification number Profile Summary Displays the access rule e To display an ACL s profile details click Show Details The ACL profile details are displayed below the ACL table e To define or show an access rule click Edit New Rules The Add Access Rule Page opens
245. o create filtering mask 802 10 MAC Address VLAN PayLoad 3 Time Range Setting Ether Type Ether Type STACKING STATUS ananan n saseeees o rm Figure 8 7 ACL Profile L2 ACL Tagged Ether Type Page 2 Click Create The ACL profile is added and the device is updated NOTE A combination of one or several filtering masks can be selected simultaneously The page updates with the relevant field s 178 DGS 3100 Series Gigabit Stackable Managed Switch User Manual D Link Building Networks for People sense OEA a perea 7 HE DGS 3100 48 E Configuration ES pea Select Frame Type a OL2acL untagged 3 Monitoring OL3ACL EXA ACL ACL Configuration Wizard You can select the field in the packet to create filtering mask ss Profile List Ether ACL Finder MAC awees Type 3 Time Range Setting PayLoad STACKING STATUS rs ZESREEES ESG PP om Camanaana anancnan ananca s z y aaa coca a Figure 8 8 ACL Profile L2 ACL Untagged Page Defining Level 3 ACL If L3 ACL ICMP is selected the page updates as follows Fil r e pea D Link ne RARA Building Networks for People hoes owe PREPRESS FRPP BES 3180 48 H Save X Tools 7 Stack ID Up Time 2 days 5 10 13 Logged in as administrator admin 19 DGS 3100 48 bs Configuration D e Select Frame Type 3 Security OL2ACL H Monitoring OL3ACL ICMP v ACL e gt ACL Configurati
246. o negotiation advertised capability For example 1000BASE T full duplex mode Auto Negotiation Operational MAU Type Displays the Medium Attachment Unit MAU type The MAU performs physical layer functions including digital data conversion from the Ethernet interfaces collision detection and bit injection into the network For example 100BASE TX full duplex mode Viewing LLDP Remote Port Information The LLDP Remote Port Brief Page displays LLDP remote neighbor port information 1 Click L2 Features gt LLDP gt LLDP Remote Port Brief The LLDP Remote Port Brief Page opens oo MER im i O Canoe or o R a S a Traffic Segmentation ay gt LACP Port Settings IGMP Snooping E gt MLD Snooping San gt Port Mirroring B Spanning Tree Forwarding amp Filtering Port Entry LLDP 11 Entry1 3 LLDP Global Settinc 7 gt LLDP Port Setting 12 Eey 3 LLDP Basic TLVS 13 Entry 1 2 LLDP Dot3 TLVS Si 14 Entry2 LLDP Local Port Bri 15 Entry1 3 LLDP Remote Port iz ame H QoS E P Security 17 Enty3 El 3 Monitoring 18 Entry1 m a Y 19 Enty S L gt 14 10 Enty3 STACKING STATUS AN o0000000 eooooo00000000000 c000000000000000 sonno VORP RNRAMBMHT BA RNR RM OT on 2 ou s a s 7 Up Time 2 days 1013 E Logged in as administrator admin 192 168 0 100 Ati Chassis ID Subtype Chassis ID PortID Subtype PortID Port Description MACADDRESS 00 01 02
247. o not have to be numbered in sequence and can be interconnected as long as each stacking has a unique ID and at least one stacking member serves as the Stack Master Assigning Unit IDs Each stacking member has an assigned unique Unit ID Unit ID numbers are assigned as follows e Unit ID 1 Assigned to the Stack Master The Stack Master is indicated by the Master LED on front which is lit solid green e Unit ID2 Assigned to the Backup Master e UnitID 3 4 5 and 6 Assigned to Stacking members NOTE There are cases in which a unit to which Unit ID 1 is assigned is not the stack Master but a Backup Master This section contains the following topics e Defining a Stacking Master e Defining a Stacking Back Up Master e Defining Stacking Members e Master Enabled Stacking Members e Electing a Stacking Master Defining a Stacking Master The stacking member assigned the Unit ID1 operates as the Stack Master The Stack Master provides a single point of control configuration and management for the entire stack In addition the Stack Master stores all stack member configuration The individual stacking members do not store any configuration information Defining a Stacking Back Up Master The stacking member assigned the Unit ID 2 is defined as the stack s Backup Master In addition to being a stack member Backup Master serves as a backup in case the Stack Master fails or disconnected If the Stack Master fails or disconnected
248. o time in HH MM DST Annual Settings From Month From Day From time in HH MM To Month To Day To time in HH MM Apply Figure 2 11 TimeZone Settings Page The TimeZone Settings Page contains the following fields Field Description Daylight Savings Time State Defines type of DST enabled on the device The possible field values are Disable Disables DST on the device This is the default values Repeating Enables setting repeating DST This option requires defining begin and end times by specific date and hour Annual Enables setting annual DST This option requires defining begin and end times by the specific dates Minutes Daylight Saving Time Offset in Defines the local DST offset in minutes The default time is 60 minutes The possible field values are 30 Defines the local offset for 30 minutes 60 Defines the local offset for 60 minutes 90 Defines the local offset for 90 minutes 120 Defines the local offset for 120 minutes Time Zone Offset from GMT Indicates the difference between Greenwich Mean Time GMT and local time For example the Time Zone Offset for Paris is GMT 1 while the Time Zone Offset for New York is GMT 5 DST Repeating Settings Sections The Repeating Mode enables setting repeating DST This option requires defining begin and end times by specific day and hour For example the network administrator defines that DST begins the second Sat
249. oS and priority queuing within a network e Section 5 Security Features Provides information for enabling and configuring device security e Section 6 Monitoring the Device Provides information for monitoring the device e Section 7 Managing Power over Ethernet Devices Provides information configuring the PoE function e Section 8 Defining Access Profile Lists Provides information for configuring the ACL Intended Audience The DGS 3100 series DGS 3100 24TG User Guide contains information for configuring and managing the DGS 3100 series DGS 3100 24TG Switches This guide is intended for network managers familiar with network management concepts and terminology lil DGS 3100 Series Gigabit Stackable Managed Switch User Manual Notes Notices and Cautions NOTE A NOTE indicates important information that helps you make better use of your device NOTICE A NOTICE indicates either potential damage to hardware or loss of data and tells you how to avoid the problem CAUTION A CAUTION indicates a potential for property damage personal injury or death 1v DGS 3100 Series Gigabit Stackable Managed Switch User Manual Safety Cautions Use the following safety guidelines to ensure your own personal safety and to help protect your system from potential damage Throughout this safety section the caution icon A is used to indicate cautions and precautions that you need to review and follow To reduce the risk o
250. ocol by Key Selects the authentication key type used to authenticate users The possible field values are MDS Defines that users are authenticated via a HMAC MD5 algorithm key SHA Defines that users are authenticated via a HMAC SHA 96 authentication level key Key Defines the authentication key for authentication MD5 32 or 64 digits SHA 40 or 70 digits Confirm Key Confirms the authentication key for authentication 2 Define the User Name Group Name and SNMP V3 Encryption fields 3 Define the authentication password or authentication key 4 Click APPI The SNMP authentication method is defined and the device is updated 50 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining SNMP Communities Access rights are managed by defining communities using the SVMP Community Table Page When the community names are changed access rights are also changed SNMP communities are defined only for SNMP v1 and SNMP v2c To define SNMP communities 1 Click Configuration gt SNMP Settings gt SNMP Community Table The SVMP Community Table Page opens 0000 OSCE ESSE EESSEESS oo0oooo 29999992999999 van sanoa D Link 990 o 0990 E ESF a i i a a a a ia dh h a to O PPE FCCC PPP H iHi Save Tools Stack ID E y Up Time 2 days 5 10 del LEE EUR E AA a Logout System ASE IP Address 3 Stacking Settings Add Community 3 Port Configuration gt ARP Settings Com
251. ocseues 66 VEAN Status seectsssntis spell oi ile pelitos Radutes dbaeas ES 66 Defining VEAN Properties orar ia ta eee nae DA Ar 67 Se EE ATA S E AEE A A E A E iaa 69 Defining Trunk ias 71 Trafic Segmento ole Rie le Asia Aide Aeneid iain ue Aaa 73 Confistrme LACA in Seis Rea the Ace aie ee cele ei as 74 Defining IGMP Snooping s nennen ra a a dep ea esti a AL aU eh e E E a sels 75 Defining MED Snooping ienesa ai E doin deen igen diated RTE AEON aE aries dete 79 Configuring A Saidseysheseasesatbdssyssessvonscadasseebyscsapscnheyaussvensauionsasepstpnasauaasdeasescnapeus 83 Configuring Spanning Trees tenth beatin aretha tel a E E aha 85 Defining Spanning Tree Global Parameters cceeeeesscsssesesseeesesecseesecneeecsaeceessecseesecseseecsaeceesaecaeeseeneeseesaeeeeeneeseeeaees 86 Defining STP Port Settings culo ii di 88 Defining Multiple Spanning Tree Configuration Identification eceescsseseeesecseeseceeeeeceaeceeesecaeesecneeecsaseeeeseseeeeaees 90 Defining MS TP Port Information bbdd Antica cheats bales 91 Defining Forwarding and Filtern s sa aeea era are ee e EE EA eE a ERE PEE EE ea E T E 93 Defining Unicast Forwarding visait cai 93 Defining Multicast Forwarding ui sd 94 Defining Multicast Filtering iii e 95 Conhisurme A D D AEE E il E metas 97 Defining LEDP Global Seting S i orir eaa rori apa eaaa ra eae aE ET oa ra rE eo Ee Ea a TaT S ELET Ra EEES 97 Defining LLDP Port Seti rd aio or ative 98 Defining ELDP Basic TEV Settings
252. of March until the last weekend of October Macedonia From the last weekend of March until the last weekend of October Mexico From the first Sunday in April at 02 00 to the last Sunday in October at 02 00 Moldova From the last weekend of March until the last weekend of October Montenegro From the last weekend of March until the last weekend of October Netherlands From the last weekend of March until the last weekend of October New Zealand From the first Sunday in October until the first Sunday on or after March 15 Norway From the last weekend of March until the last weekend of October Paraguay From April 6 until September 7 Poland From the last weekend of March until the last weekend of October Portugal From the last weekend of March until the last weekend of October Romania From the last weekend of March until the last weekend of October Russia From the last weekend of March until the last weekend of October Serbia From the last weekend of March until the last weekend of October Slovak Republic From the last weekend of March until the last weekend of October South Africa South Africa does not use daylight saving time Spain From the last weekend of March until the last weekend of October Sweden From the last weekend of March until the last weekend of October Switzerland From the last weekend of March until the last weekend of October Syria From March 31 until
253. of jumbo frame is 10K bytes 2 Traffic Segmentation 3 LACP Port Settings 3 IGMP Snooping MLD Snooping gt Port Mirroring fi Spanning Tree f Forwarding amp Filtering LLDP H aos f Security E 3 Monitoring Ly ACL v STACKING STATUS nenas econo ceca Figure 3 1 Jumbo Frame Page The Jumbo Frame Page contains the following field Field Description Jumbo Frame Defines whether Jumbo Frames are enabled on the device The possible field values are Enabled Enables Jumbo Frames on the device Disabled Disables Jumbo Frames on the device This is the default value 2 Select Enable in the Jumbo Frames field Jumbo Frames are enabled only after the configuration is saved and the device is rebooted 3 Click Apply Jumbo Frames are enabled after the device is reset 61 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring VLANs Understanding IEEE 802 1p Priority Priority tagging is an IEEE 802 1p defined standard function designed to provide a means of managing traffic on networks where many different types of data are transmitted simultaneously It is intended to alleviate problems associated with the delivery of time critical data over congested networks The quality of applications dependent on such data such as video conferencing can be severely and adversely affected by even very small delays in transmission IEEE 802 1p standard complian
254. on Wizard You can select the field in the packet to create filtering mask ACI Finder L2 Header IPv4 DSCP IPv4 Address gt Time Range Setting STAGKING STATUS paz r Ea T G Figure 8 9 Add ACL Profile L3 Page To define L3 IPv4 DSCP ACL profile 179 DGS 3100 Series Gigabit Stackable Managed Switch User Manual This option defines whether or not the DSCP field is checked for a match 1 Click the IPv4 DSCP button The ACL Profile L3 ACL ICMP IPv4 DSCP Page updates to show the following 2 MERU MON GQ ink e E Building Networks for People ade ws ES Dimxeoceoooeoosoce oo weesees eo fees D KEELEN m Save Tools Time AA rime days E days 5 10 13 Logged in as administrator admin 192 168 0 1 DGS 3100 48 El Configuration L2 Features Select Frame Type OL2ACL B Monitoring L3 ACL ICMP Y Lale ne i i gt ACL Configuration Wizard You can select the field in the packet to create filtering mask L2 Header IPv4 Address 3 Time Range Setting IPv4 DSCP Type STACKING STATUS E peppereegereerred Te Da sosesses reino a IE E acia T G a pS SSI corner o AAA AAA Fania sazz i Pai y RUKEERS Saaai PP veo Figure 8 10 ACL Profile L3 ACL ICMP IPv4 DSCP Page 2 Click Create The ACL profile is added and the device is updated To define L3 IPv4 Address ACL profile 1 Click the 1Pv4 Address button The ACL Profile L3 ACL ICMP IPv4 Address Pa
255. ontaining the Stack Master and the other section Backup Master was operate The following occurs if either the Stack Master or the Backup Master remains in the divided group e The Master Discovery Master Election and Unit ID Allocation amp Duplicate Unit ID Conflict Resolution processes are performed resulting in the following When the stack is divided and if the Stack Master remains in the split stack the Stack Master recognizes that the stacking units were no longer responds This occurs using the Master Detection Process The Stack Master notifies the system administrator using SYSLOG messages and SNMP traps of the removed stacking members In addition the Stack Master also notifies the system administrator whichd ports belong to unreachable stacking members and are reported as Not Present if the Backup Master remains in the split stack when the stack is divided the Backup Master identifies this as of the Stack Master failing The Backup Master takes over and manages the remaining stacking members as a stack The Backup Master retains the same Unit ID as before the stack was divided Since the Backup Master was not acting as the Stack Master prior to the split the Back Master initiates a Topology Database and port learning process Traffic can be halted for a short period until the stack is synchronized i e stacking member and port configuraiton is completed New stacking members are learnt by the Backup Master are notified
256. ontemplated in the documentation for the product or if the model or serial number has been altered tampered with defaced or removed 201 Initial installation installation and removal of the product for repair and shipping costs Operational adjustments covered in the operating manual for the product and normal maintenance Damage that occurs in shipment due to act of God failures due to power surge and cosmetic damage Any hardware software firmware or other products or services provided by anyone other than D Link Disclaimer of Other Warranties EXCEPT FOR THE LIMITED WARRANTY SPECIFIED HEREIN THE PRODUCT IS PROVIDED AS IS WITHOUT ANY WARRANTY OF ANY KIND INCLUDING WITHOUT LIMITATION ANY WARRANTY OF MERCHANTABILITY FITNESS FOR A PARTICULAR PURPOSE AND NON INFRINGEMENT IF ANY IMPLIED WARRANTY CANNOT BE DISCLAIMED IN ANY TERRITORY WHERE A PRODUCT IS SOLD THE DURATION OF SUCH IMPLIED WARRANTY SHALL BE LIMITED TO NINETY 90 DAYS EXCEPT AS EXPRESSLY COVERED UNDER THE LIMITED WARRANTY PROVIDED HEREIN THE ENTIRE RISK AS TO THE QUALITY SELECTION AND PERFORMANCE OF THE PRODUCT IS WITH THE PURCHASER OF THE PRODUCT Limitation of Liability TO THE MAXIMUM EXTENT PERMITTED BY LAW D LINK IS NOT LIABLE UNDER ANY CONTRACT NEGLIGENCE STRICT LIABILITY OR OTHER LEGAL OR EQUITABLE THEORY FOR ANY LOSS OF USE OF THE PRODUCT INCONVENIENCE OR DAMAGES OF ANY CHARACTER WHETHER DIRECT SPECIAL INCIDENTAL OR CONSEQUENTIAL INCLUD
257. or ooo o oo m 35 i ma L WA fm Save Tools stackID MR E Configuration E HL Features a g aos Select Frame Type El es OL2ACL Tagged y E Monitoring OL3 ACL B f ACL y i gt ACL Configuration Wizard You can select the field in the packet to create filtering mask 3 ACL Finder MAC Address Ether Type PayLoad gt Time Range Setting 802 1Q VLAN C1802 1p CIVLAN VID STACKING STATUS Figure 8 6 ACL Profile L2 ACL Tagged VLAN Page The ACL Profile L2 ACL Tagged VLAN Page contains the following fields Field Description 802 1p Sets the 802 1p field as an essential field to match VLAN VID Sets the VLAN VID field as an essential field to match 2 Define the 802 p and VLAN VID fields 3 Click Create The ACL profile is added and the device is updated To define L2 Ether Type ACL profile This option defines whether or not the Ether Type field is checked for a match 1 Click the Ether Type button The ACL Profile L2 ACL Tagged Ether Type Page updates to show the following 177 DGS 3100 Series Gigabit Stackable Managed Switch User Manual D Link EP eeeese 22389 Sukg ewer orPeon Al el le el ala ala aih aa ey coe PPP A ye Fee T SERVES menses re ji gt im Save X Tools stack ID 0Gs 3100 48 E f Configuration z D Select Frame Type p Security L2acL Tagged f Monitoring OL3ACL You can select the field in the packet t
258. ossible field values are Filter Unregistered Groups Filters unregistered Multicast groups Forward Unregistered Groups Forwards unregistered Multicast groups This is the default mode 2 Define the Unit and Filtering Mode fields 3 Select either All or specify a port LAG range in the From Port From LAG and To Port To LAG fields 4 Click Apply The Multicast filtering settings are applied to the ports LAGs and the device is updated 96 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring LLDP The Link Layer Discovery Protocol LLDP allows troubleshooting and enhancing network management by discovering and maintaining network topologies over multi vendor environments LLDP discovers network neighbors by standardizing methods for network devices to advertise themselves to other systems and to store discovered information Device discovery information includes Device Identification Device Capabilities Device Configuration The advertising device transmits multiple advertisement message sets in a single LAN packet The multiple advertisement sets are sent in the packet Type Length Value TLV field LLDP devices must support chassis and port ID advertisement as well as system name system ID system description and system capability advertisements This section contains information for configuring LLDP parameters and includes the following topics e Defining LLDP Global Settings
259. ossible field values are Strict Specifies whether traffic scheduling is based strictly on the queue priority Traffic with the highest Class of Service is the first traffic That is the highest class of service will finish before other queues empty Round Robin Assigns WRR weights to queues This field is enabled only for queues in WRR queue mode If a queue is set to 0 weight the queue is not operational and is effectively closed Each queue has a weight range queues 0 3 have the range 0 15 When mixing Strict and WRR mode Strict mode should be configured at higher class Class 3 and Class 2 Weight Assigns the specific WRR value to the Queue The weight value range is 0 15 2 Select the Class IDs in the Mechanism field 3 Click Apply The QoS Scheduling Mechanism is configured and the device is updated 117 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Multi Layer CoS Settings For network administrators wanting to configure Multi Layer CoS settings implementation in the switch is done via the Access Control List Hence the Multi Layer CoS Setting Page has two hyperlinks one to the Access Profile List which enables the utilization of existing ACL rules to perform traffic classification and the other to the ACL Configuration Wizard which enables network administrators to create new ACL traffic classification rules To define CoS QoS settings 1 Click QoS gt Multi Layer CoS Set
260. ove the 802 1Q tag from packet headers to maintain compatibility with devices that are tag unaware The switch s default is to assign all ports to a single 802 1Q VLAN named default The default VLAN has a VID 1 IEEE 802 1Q VLANs Some relevant terms Term Description Tagging The act of putting 802 1Q VLAN information into the header of a packet 62 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Term Description Untagging The act of stripping 802 1Q VLAN information out of the packet header Ingress port A port on a switch where packets are flowing into the switch and VLAN decisions must be made Egress port A port on a switch where packets are flowing out of the switch either to another switch or to an end station and tagging decisions must be made IEEE 802 1Q tagged VLANs are implemented on the switch 802 1Q VLANs require tagging which enables them to span the entire network assuming all switches on the network are IEEE 802 1Q compliant VLANs allow a network to be segmented in order to reduce the size of broadcast domains All packets entering a VLAN are only forwarded to the stations over IEEE 802 1Q enabled switches that are members of that VLAN and this includes broadcast multicast and unicast packets from unknown sources VLANs can also provide a level of security to a network IEEE 802 1Q VLANs only deliver packets between stations that ar
261. p to the millisecond Time synchronization is performed by a network SNTP server The device operates only as an SNTP client and cannot provide time services to other systems The device polls Unicast type servers for the server time Time sources are established by stratums Stratums define the accuracy of the reference clock The higher stratum where zero is the highest the more accurate the clock The device receives time from stratum 1 and above The following is an example of stratums Stratum Example Stratum 0 A real time clock such as a GPS system is used as the time source Stratum 1 A server that is directly linked to a Stratum 0 time source is used as the time source Stratum 1 time servers provide primary network time standards Stratum 2 The time source is distanced from the Stratum 1 server over a network path For example a Stratum 2 server receives the time over a network link via NTP from a Stratum 1 server Information received from SNTP servers is evaluated based on the Time level and server type SNTP time definitions are assessed and determined by the following time levels Time level SNTP Time Definition T1 The time at which the original request was sent by the client T2 The time at which the original request was received by the server T3 The time at which the server sent the client a reply T4 The time at which the client recived the server s reply 39
262. pecifies the time interval in seconds after which a port is removed from a Multicast Group Ports are removed if a Multicast group MLD report was not received from a Multicast port within the defined Host Timeout period The possible field range is 60 16711450 seconds The default timeout is 260 seconds Router Timeout Specifies the time interval in seconds the Multicast router waits to receive a message before it times out The possible field range is 60 16711450 seconds The default timeout is 300 seconds State Indicates if MLD snooping is enabled on the VLAN The possible field values are Enabled MLD Snooping is enabled on the VLAN Disabled MLD Snooping is disabled on the VLAN This is the default value Static Router Port Setting Edit button Displays the MLD Snooping amp Static Router Ports Settings Page Multicast Entry Table View Button Displays the Multicast Entry Table 2 Click Edit The MLD Snooping amp Static Router Ports Settings Page opens 80 DGS 3100 Series Gigabit Stackable Managed Switch User Manual A e oo ooo oc0000000000 c000 00 2 7 6 s Ve RPannpanm 2 nn eg 7 amy n esesene sy ss es a orso i ce Pe Peers SECT m gt o o to 2 DGs 3100 48P El Con figuration 0 L2 Features Jumbo Frame VLAN Name R amp D2 SNEVA Done Timer 0 16711450 sec GVRP Settings Trun
263. pinch your fingers After a component is inserted into the rack carefully extend the rail into a locking position and then slide the component into the rack Do not overload the AC supply branch circuit that provides power to the rack The total rack load should not exceed 80 percent of the branch circuit rating Ensure that proper airflow is provided to components in the rack Do not step on or stand on any component when servicing other components in a rack NOTE A qualified electrician must perform all connections to DC power and to safety grounds All electrical wiring must comply with applicable local or national codes and practices CAUTION Never defeat the ground conductor or operate the equipment in the absence of a suitably installed ground conductor Contact the appropriate electrical inspection authority or an electrician if you are uncertain that suitable grounding is available vi DGS 3100 Series Gigabit Stackable Managed Switch User Manual CAUTION The system chassis must be positively grounded to the rack cabinet frame Do not attempt to connect power to the system until grounding cables are connected Completed power and safety ground wiring must be inspected by a qualified electrical inspector An energy hazard will exist if the safety ground cable is omitted or disconnected Protecting Against Electrostatic Discharge Static electricity can harm delicate components inside your system To prevent static damage d
264. ping Group 1 03 05 07 09 MAC Address Table 04 06 08 10 System Log E GBACL lt i a STACKING STATUS Figure 6 11 MLD Snooping Group Page The MLD Snooping Group Page contains the following fields Field Description VID Defines the VLAN ID for the MLD Snooping Group VLAN Name Defines the VLAN name VLAN Name Displays the currently selected user defined VLAN name Multicast Group Displays the IP address assigned to the Multicast group MAC Address Displays the MAC address assigned to the Multicast group Port Displays the ports where the MLD packets were snooped 2 Define the VID and VLAN Name fields 3 Click Find The MLD Snooping Group Page displays relevant information 163 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Dynamic and Static MAC Addresses Packets addressed to destinations stored in either the Static or Dynamic databases are immediately forwarded to the port The MAC Address Table Page can be sorted by interface VLAN or MAC Address whereas MAC addresses are dynamically learned as packets from sources that arrive at the device Static addresses are configured manually An address becomes associated with a port by learning the port from the frame s source address however if a frame addressed to a destination MAC address is not associated with a port that frame is flooded to all relevant VLAN ports To prevent the Bridging table from overflowin
265. ping Page The IGMP Snooping Page contains the following fields Field Description IGMP Snooping Enables or disables IGMP Snooping Bridge Multicast Filtering must first be enabled in order to enable IGMP Snooping The possible field values are Enabled Enables IGMP Snooping on the device Disabled Disables IGMP Snooping on the device This is the default value VLAN ID Specifies the VLAN ID VLAN Name Displays the user defined VLAN name Leave Timer Defines the time a host waits to receive a Join message from another station after requesting to leave the IGMP group prior to timing out If a Leave Timeout occurs the switch notifies the Multicast device to stop sending traffic The Leave Timeout value is either user defined or an immediate leave value The default timeout is 10 seconds The field range is 0 16711450 seconds 75 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description Host Timeout Defines the time the host waits to receive a message before timing out The default time is 260 seconds The field range is 60 16711450 seconds Router Timeout Defines the time the Multicast router waits to receive a message before it times out The default value is 300 seconds The field range is 1 16711450 seconds State Indicates if IGMP snooping is enabled on the VLAN The possible field values are Enable Enables IGMP Snooping on the VLAN
266. port settings are displayed Ports have the following settings S Indicates a statically configured port D Indicates a dynamically learned port F Indicates a forbidden port 2 Define the VID field 3 Click PPY The selected ports appear on the selected VLAN 159 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Viewing Router Ports The Browse Router Port Page displays which ports are connected to routers Ports can be connected to routers either as a static port or as a dynamic port 1 Click Monitoring gt Browse Router Port The Browse Router Port Page opens D Link Building Networks for People z K AE Tools StackID My eee p Security E Monitoring gt Stacking Information CPU Utilization Port Utilization Packet Size Packets gt Received RX gt UMB_cast RX Transmitted TX RADIUS Authentication 3 Browse ARP Table Browse MLD Router Pc 2 Browse Session Table IGMP Snooping Group 3 MLD Snooping Group gt MAC Address Table lt i ME STACKING STATUS E SESEEEES bs Ott RS o mi Note S Static Router Port D Dynamic Router Port F Forbidden Router Port Figure 6 11 Browse Router Port Page The Browse Router Port Page contains the following fields Field Description VID Indicates the VLAN identification Unit Indicates the stacking member for which the router ports information is displaying Port Indi
267. pport over telefonen TIf 7026 9040 Hverdager kl 08 00 20 00 D Link teknisk support pa Internettet http www dlink dk D Link Building Networks for People Teknista tukea asiakkaille Suomessa D Link tarjoaa teknista tukea asiakkailleen Tuotteen takuun voimassaoloajan Tekninen tuki palvelee seuraavasii Arkisin klo 9 21 numerosta 0800 114 677 Internetin kautta Ajurit ja lisatietoja tuotteista http www dlink fi S hk postin kautta voit my s tehd kyselyit D Link Building Networks for People 216 217 Teknisk Support Pa var hemsida kan du hitta mer information om mjukvaru uppdateringar och annan anvandarinformation D Link tillhandahaller teknisk support till kunder i Sverige under hela garantitiden for denna produkt Teknisk Support for kunder i Sverige D Link Teknisk Support via telefon 0770 33 00 35 Vardagar 08 00 20 00 D Link Teknisk Support via Internet http www dlink se D Link Building Networks for People Suporte T cnico Voc pode encontrar atualiza es de software e documenta o de utilizador no site de D Link Portugal http www dlink pt A D Link fornece suporte t cnico gratuito para clientes no Portugal durante o periodo de vig ncia de garantia deste produto Suporte T cnico para clientes no Portugal Assist ncia T cnica Email soporte dlink es http www dlink pt support ftp ftp dlink es D Link Building Networks
268. processes determine the master out of one of two combined stacking groups When switches are added to a running stack the Unit ID Allocation and Duplicate ID Conflict Resolution process detects an error if too many switches are present in the stack and no changes are to stacking members that originally belonged to the group managed by the newly elected master The original switches retain their ID assignments and configurations The stacking members that originally belonged to the group managed by the Stack Master that lost the Master Election process are shut down DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Stacking The Stacking Settings Page allows network managers to execute force master and to change each and every unit its own unit ID To complete the changing process the user need to reboot the unit Building Networks for People DGS 3100 48 Eg Configuration gt System Information gt IP Address E Stacking Settings E Port Configuration 2 ARP Settings gt User Accounts gt System Log Host E B SNTP Settings SNMP Settings gt DHCP Auto Configuration Dual Image Services gt Telnet Setting 4 92 Features Bas P Security Monitoring BACL STACKING STATUS Tsesesees secesess ceececes da XP menea seeecess seeeeste se ee pee Pas peee p A A Tanancnna anann n asnaca 1 Click Configuration gt Sta
269. r SSL is enabled on the device and provides a shortcut to viewing the SSL settings GVRP Setting Indicates if Group VLAN Registration Protocol is enabled Telnet Setting Indicates if Telnet is enabled Jumbo Frame Indicates if Jumbo Frames are enabled on the device and provides a shortcut to viewing the Jumbo Frames settings BPDU Forwarding Indicates if BPDU Forwarding is enabled on the device and provides a shortcut to viewing the BPDU Forwarding settings IGMP Snooping Indicates if IGMP Snooping is enabled on the device and provides a shortcut to viewing the IGMP Snooping settings MLD Snooping Indicates if MLD Snooping is enabled on the device and provides a shortcut to viewing the MLD Snooping settings Broadcast Storm Control Indicates if Broadcast Storm Control is enabled on the device and provides a shortcut to viewing the Broadcast Storm Control settings 802 1X Status Indicates if 802 1X is enabled on the device and provides a shortcut to viewing the 802 1X settings SSH Indicates if Secure Shell Protocol SSH is enabled on the device and provides a shortcut to viewing the SSH settings Port Mirroring Indicates if Port Mirroring is enabled To view settings for a device feature 1 Select a device feature under the Device Status and Quick Configuration Section 2 Click setting next to the feature name The configuration page for the selected device feature opens 16
270. r 802 1Q compliant devices on the network to make packet forwarding decisions Ports with untagging enabled strip the 802 1Q tag from all packets flowing into and out of those ports If the packet doesn t have an 802 1Q VLAN tag the port does not alter the packet As a result all packets received by and forwarded by an untagging port have no 802 1Q VLAN information as the PVID is only used internally within the switch Untagging is used to send packets from an 802 1Q compliant network device to a non compliant network device Ingress Filtering A port on a switch where packets are flowing into the switch and VLAN decisions must be made is referred to as an ingress port If ingress filtering is enabled for a port the switch examines the VLAN information in the packet header if present and decides whether or not to forward the packet If the packet is tagged with VLAN information the ingress port first determines if the ingress port itself is a member of the tagged VLAN If it is not the packet is dropped If the ingress port is a member of the 802 1Q VLAN the switch determines if the destination port is a member of the 802 1Q VLAN If it is not the packet is dropped If the destination port is a member of the 802 1Q VLAN the packet is forwarded and the destination port transmits it to its attached network segment If the packet is not tagged with VLAN information the ingress port tags the packet with its own PVID as a VID if the port is
271. r was assigned the same Unit ID of the replaced stacking member then the new stacking member receives the same switch configuration as the failed stacking member described in Replacing Failed Stacking Members in a Running Stack Dividing Stacks This example assumes that a working stack is divided into two groups The stack is divided either by a failed stacking link connected to two stacking members in the stack or by a failed stacking members in a chain topology which causes disconnection between two units in the stack In this case we should consider each sub group as an independent running stack configuration For each sub group we should consider three sub options e Both the Stack Master and the Backup Master are part of the sub group e Either the Stack Master or the Backup Master is part of the sub group e Neither the Stack Master nor the Backup Master is part of the sub group When a stack is split into two parts the following occurs in each partial stack according to the following scenario Both the Stack Master and the Backup Master are part of the sub group Nothing changes except the Stack Master recognizes the missing stacking members as removed stacking members and routes traffic around them Since both the Stack Master and Backup Master are in this stacking section this section is operating and the other section cannot operate The following occurs when the stack is divided and both the Master and Backup master are in the su
272. re file is downloaded to a specific stacking member or to All stacking members Server IP Address Specifies the TFTP Server IP Address from which files are downloaded File Indicates the Firmware file that is downloaded to the stack or specific device 2 Select HTTP or TFTP Download field 3 Define the Unit field For Http download define the File field or alternatively browse to select the file 5 Click _Download_ The Firmware is downloaded and the device is updated 11 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Rebooting the System The System Reboot Page provides a method for selecting one or all of the units to be rebooted To reboot the system 1 Click o00o0oooooooo o no D Link D Link y a5 7 YONRE sw ons Building Networks for People pi MIREG Tools Y Stack ID Up Time 2 days B10 13 Logged in as administrator admin 192 168 010 DGS 3100 48 Configuration PL2 Features ie Ensure you have saved all the configuration or all the changes you just made may be lost after system reboot f Monitoring Acl Select Unitto Reboot All System Reboot STACKING STATUS Figure 1 6 System Reboot Page The System Reboot Page contains the Select Unit to Reboot field The possible values are Value Description All Reboots all stacking members 01 06 Reboots the specific stack member 2 Define the Select Unit
273. reboot image file is defined Image Defines the image file used for reboot The possible values are e 1 Image l is the latest downloaded image file e 2 Image 2 is the previously downloaded image file 2 Select the Unit and choose its reboot Image file 3 Click Apply The device will use the defined image file to reboot next time 58 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Telnet Setting The Telnet Setting allows users to enable or disable Telnet on the device To enable or disable Telnet 1 Click Configuration gt Telnet Setting The Telnet Setting opens DIMK929290 9900000009000 D Link HHH Building Networks for People Yadi j Save DGS 3100 48 F Configuration E System information Telnet Setting Enabled Disabled amp IP Address 3 Stacking Settings 3 Port Configuration ARP Settings 3 User Accounts gt System Log Host P SNTP Settings GB SNMP Settings DHCP Auto Configuration J Dual Image Services H L2 Features H QoS m f Security Monitoring g Acl STACKING STATUS Figure 2 22 Telnet Setting Page The Telnet Setting contains the following fields Field Description Telnet Setting Defines the Telnet status on the device The possible values are e Enabled Enables Telnet e Disabled Disables Telnet 2 Select the Telnet Setting 3 Click Apply The Teln
274. rra Logout DGS 3100 48 E Configuration F L2 Features Global FDB Setting rica AgingTime 0 530 802 10 VLAN gt GVRP Settings _ gt Trunking VID MAC Address Unit 01 v Port 01 Apply 3 Traffic Segmentation 3 LACP Port Settings gt IGMP Snooping VID Mac Address Unit E MLD Snooping 01 01 00 00 00 00 02 Edt J gt Port Mirroring 01 01 00 00 00 00 03 3 Edit A Spanning Tree 01 01 00 00 00 00 04 E Edit Forwarding amp Filtering 01 01 00 00 00 00 05 E Edit gt MESAS 11 01 00 00 00 00 06 E Edit 3 Multicast Forwardir 41 01 00 00 00 00 07 a Edit os Multicast Filtering M 44 01 00 00 00 00 08 y Edit i LLOP 5 11 01 00 00 00 00 09 Edit 22 01 00 00 00 00 08 E Edit STACKING STATUB AA 21 01 00 00 00 00 12 E Edit Next Figure 3 20 Unicast Forwarding Page The Unicast Forwarding Page contains the following fields Field Description Aging Time Defines the aging time of a Unicast packet If the packet is not forwarded after this interval it is discarded Aging time is a global FDB database setting VID Defines the VLAN ID MAC Address Defines the Unicast MAC address to which packets are forwarded Unit Defines the unit number Port Defines the port number 2 Define the VID MAC Address Unit and Port fields 3 Click Ay The Unicast are defined and the device is updated To edit a FDB tab
275. rs serves as Backup Master The Stack Master now configures each stacking member according to the Configuration file stored on the Stack Master If the stack has a Backup Master the Configuration file are also be copied to the Backup Master Once all the stacking members are configured the stack proceeds to a normal operational mode If any change is made to the system configuration the change is stored by the stack Master and is copied to the Backup Master 22 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Building Stacks Quick Start The DGS 3100 series supports the following stacking scenarios e Building a new stack from scratch e Increasing the stack by adding units to an existing stack This section contains the following topics e Stack Resiliency e Managing a Self Ordered Stack e Managing a New Manually Ordered Stack Stack Resiliency Topologies of stack can be either Ring or Chain Best practice is to configure the stack in Ring topology due to the high resiliency in case of unit failure or stacking link failure Additionally in case of redundant power supply usage it is recommended to make sure that Master and Backup Master s are connected to a redundant power supply Managing a Self Ordered Stack This section describes managing a self ordered stack Self ordered stacks are automatically assigned Unit IDs by the system through the Master Election process This section contains the following topics e Bui
276. s Inc as stipulated by the United States Copyright Act of 1976 FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with this manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at hisown expense 203 TECHNICAL SUPPORT Technical Support You can find software updates and user documentation on the D Link website D Link provides free technical support for customers within the United States and within Canada for the duration of the service period and warranty confirmation service during the warranty period on this product U S and Canadian customers can contact D Link technical support through our website or by phone Tech Support for customers within the United States D Link Technical Support over the Telephone 877 354 6555 Monday to Friday 8 00am to 5 00pm PST D Link Technical Support over the Internet http support dlink com email support dlink com Tech Support for customers within Canada D Link Tech
277. s control packets to set up traffic forwarding based on source IPv6 address and destination IPv6 multicast address MLDv2 is equivalent to IGMPv3 In a similar approach to IGMP snooping MLD frames are snooped as they are forwarded by the switch from stations to an upstream multicast router This facility allows a switch to determine the following Where on which ports stations interested in joining a specific multicast group are located Where on which ports multicast routers sending multicast frames are located This knowledge is used to exclude irrelevant ports ports for which no stations have registered to receive a specific multicast group from the forwarding set of an incoming multicast frame Two port types can be defined in the system Host port a port connected to an end node device running an IGMP MLD multicast communication application Multicast Router mrouter port a port connecting multicast router ports to the switch This port receives all IGMP MLD control packets reports and queries as well as all multicast data traffic associated with dynamic Multicast groups A port can be both a host port and mrouter port simultaneously 1 Click L2 Features gt MLD Snooping The MLD Snooping Page opens SO acze MUl OUOU Di ee ove PPR PP TETEE EEE DIMK9 2920 9000000090009 Powe Casse H Save Tools Y Stack ID Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0 100 a Logout be D
278. s selected as follows 20 DGS 3100 Series Gigabit Stackable Managed Switch User Manual e If one of the master enabled stacking members in the stack was set to Force Master by the system administrator through the GUI Stacking Master selector that master enabled stacking member is the Stack Master Stacking members which are defined as Force Master stacking members are manually selected as the Stack Master Only a master enabled stacking member can be selected as the Force Master e If the stack contains more than one stacking member whose Unit ID is either 1 or 2 then one of the stacking members are elected the Stack Master It does not matter if the Unit ID was originally automatically or manually assigned These stacking members are called Master Enabled If there is only one stacking member that stacking member is selected as the Stack Master even if the stacking member s Unit ID is 2 e If there are more than one stacking members the two stacking members decide which stacking member is elected Stack Master by checking Which stacking member has been running for a longer time The up time is measured in increments of 10 minutes The stacking member running the longest is elected the Stack Master If they have been running for the same amount of time the stacking member with the Unit ID 1 is the stack Master If both stacking members have been running for the same amount of time and both stacking membes have the sa
279. s the weekdays for which the time range applies Select All Days Specifies that the time range is applied daily 2 Define the Range Name Start Time and End Time fields 3 To define the applicable days check the specific Weekdays or check Select All Days 4 Click Apply The Time Range is defined To delete a Time Range entry 1 Select the entry 193 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Click Delete A confirmation window is displayed 3 Click x f The entry is deleted To view or modify Time Range settings 4 Click Edit The Time Range Edit Page opens 090900009 oo 2 2 D Link as sssess EIJ r ee y a oa oe Sree lt P EE ep ee Save Tools Y Stack ID al y Up Time 2 days 5 10 dl LEE EUA admin 192 168 0 100 TE p Logout DGS 3100 48 E 3 Configuration BH L2 Features Time Range H os Range Name Trinity E Security Time Range State Active E Monitoring 1 gg Ace Hours HH MM Start Time 01 00 End Time 02 00 v gt Afi ACL Configuration Wizard Weekdays Mon Tue Owed O Thu Ofri Osat Osun SelectAll Days 3 Access Profile List gt ACL Finder A Time Range Setting Note If the End Time is before the Start Time the End Time will be set to the following day The Time Range Setting can not be edited successfully when state is active STACKING STATUS Figure 8 25 Time Range Edit Page 5 Define the Time Range Edit fields 6
280. s two types of cryptology algorithms Stream Ciphers There are two types of stream ciphers on the Switch RC4 with 40 bit keys and RC4 with 128 bit keys These keys are used to encrypt messages and need to be consistent between client and host for optimal use CBC Block Ciphers Cipher Block Chaining CBC links encrypted text blocks The Switch supports the 3DES EDE encryption code defined by the Data Encryption Standard DES to create the encrypted text e Hash Algorithm This part of the ciphersuite allows the user to choose a message digest function which will determine a Message Authentication Code This Message Authentication Code will be encrypted with a sent message to provide integrity and prevent against replay attacks The Switch supports two hash algorithms Message Digest 5 MD5 and Secure Hash Algorithm SHA The SSL Configuration Settings Page permits network managers to enable SSL with all supported ciphersuites on the Switch Ciphersuites are security strings that determines the exact cryptographic parameters specific encryption algorithms and key sizes to be used for an authentication session The Switch possesses three possible ciphersuites for the SSL function which are enabled by default When the SSL function has been enabled the Web is disabled To manage the device via an Embedded Web System while SSL is enabled the web browser must support SSL encryption URL headers must begin with hitps for ex
281. sceescesecesecesecsnecanecaeeenecnecnesseessceeseesecsaeceaeceaecaaecaeecaeeeseeeaeseeeeeeeeeeneeeesereeereneees iii User Guide Ov ryie Wisaa ienen inertia aai i nile Anish RA e en Aisa nuns EE a r Nn Arid O E avers iii Intended Audience iinn ie sn ba iii Notes Notices AAA a iv Safety Cat nar AA at v General Precautions for Rack Mountable Products 0 cceeesescsssceseeecesecseesecseesecsaeeecsaecesesecaeesecnaesecsaeceessecaeeeeeneseeeaeeseeners vi GETING STARTED o ie ea EE AE EE AE A N EE S aa OA EAE E A 1 Accessing the Boot Startup Menu Functions csssssscssssscssesecesecseesecnevsccsasccsaecaeesecsessccnaseecsaecaesaecseesecnaseeenaeeeseaesseenaees 2 Dow nloadin s Softw dai A Sesee a raven Seat NERES 2 Set Terminal Baud Rateyscosci os beccetisites sacs AAA eet ea eee td ist 2 Defining Stackins Uli IA oie Aa idad 3 Using the Web Based User Interface laca 4 Understanding the D Link Embedded Web Interface ooococonciononononnononnnoncnncnonononononnonncnncnnonon nono concern nnnon nono none ranannonnrnncn none 5 Using the Tool Med AAA 7 Displaying the Stack St tlS iia dics do eee ate avo Biles ele agp ae Bie ai ee aU ae nies 7 Locating Devices sd 7 Backing up and Restoring Configuration Files ooocnonocnonnccnnononcnannnnononononnnnnonnonnonnc nono conc on non on non nono nn nan nnn cnn non ncnn cane na rincon 8 Resetting the Devil usina A A ie 9 Downloading the Firmware Seco AA tt sea eal ee 10 Rebooting the Syst
282. ss profile checks 3 Define the L2 ACL or L3 ACL fields 4 Click Select The Add ACL Profile Page updates accordingly enabling selection of the packet field to create filtering masks 175 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Level 2 ACL If L2 ACL Tagged is selected the page updates as follows D Link 3 tees AAA Ee ee ee Save x Tools Y Stack ID i X Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 010 Building Networks for People DGS 3100 48 3 Configuration L2 Features Select Frame Type QoS EN z Dd OL2ACL Tagged x f Monitoring OL3 ACL B f ACL 3 ACL Configuration Wizard You can select the field in the packet to create filtering mask o 802 10 gt ACL Finder MAC dresa van nepe PayLoad gt Time Range Setting STAGKING STATUS Figure 8 4 ACL Profile L2 ACL Tagged Page To define L2 MAC Address ACL profile 1 Click the MAC Address button The ACL Profile L2 ACL Tagged MAC Address Page updates to show the following D Link gt SS Lin ES Sung Nemara tor Pepa E ll ee el 50 el bb ree AA o FEF El Save Tools Stack ID l X Up Time 2 days 5 70 13 Logged in as administrator admin 192 168 0 10 2 DGS 3100 48 Configuration e Select Frame Type B Securty OL2ACL Tagged Y Monitoring OL3ACL f aci E E ACL Configuration Wizard You can select the field in the packet to create filtering
283. stacking sections of the original stacks NOTE None of the stacking members in either stacking sections can remember themselves 27 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Merging Stacks This example assumes that the user would like to merge two working stacks This creates one stack from two separate stacks There are two scenarios If new stacking members are powered down during insertion and then powered up e This is identical to insert stacking members into a running stack see Replacing Failed Stacking Members in a Running Stack The only difference is that an additional stacking member is inserted into the stack Therefore for each stacking member inserted the same process occurs If stacks being merged are connecting via stacking cables and both stacks are running the following occurs e If each of the joined stacks has a Stack Master both Stack Masters s perform the Master Discovery process Both Stack Masters participate in the Master Election process One Stack Master is selected as the Stack Master The criteria for selecting a Stack Master in a merged stack as follows Force Master System Up Time Lowest Unit ID Lowest MAC Address e The process of master selection between two Stack Masters is as follows If Force Master is enabled then the Stack Master which was forced is selected The System Up Time is measured in increments of 10 minutes The Stack Master with longest Sys
284. stacks are merged into one stack both stack configuration cannot be to maintained All stacking member s dynamic information that belong to the portion of the stack that was not reelected is lost and the new Stack Master relearns the information Stacking Cable Failure This example assumes that Stacking Connection Cables failed and caused the stack to split as described in Dividing Stacks When the stacking cable connection is fixed and stacking members are reconnected it results in merging two stacks as described in Merging Stacks This can be occured only if the topology of the stack is Chain topology Single stacking cable failure does not causes a stack split if a Ring topology is used Inserting Excess Stacking Members This example assumes that the user attempts to insert too many stacking members into s into a stack e All stacking members existing and newly inserted are powered on at the same time A Stack Master is elected following Master Discovery and Master Election processes All excess stacking members are shutdown 28 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 29 A running stacking member group is added to an existing stack assuming each one of the stack groups has an elected Stack Master The total of existing stacking members and new stacking members exceeds the maximum allowed number of stacking members in a stack which is 6 stacking members Master Detection and Master Election
285. t Staci 02 1Q VLAN gt GVRP Settings gt Trunking 3 Traffic Segmentation gt LACP Port Settings gt IGMP Snooping B MLD Snooping gt Port Mirroring A Spanning Tree Total Entries 3 Port Address Subtype Address Interface Subtype i 1 IPV4 00 01 02 03 04 01 Unknown Forwarding amp Filt BBB Forwarding amp tering EA IPV4 00 01 02 03 04 02 Unknown 1 f op gt LLOP Global Settinc IPV4 00 01 02 03 04 03 Unknown LLDP Port Setting gt LLDP Basic TLVS LLDP Dot3 TLVS St LLDP Local Port Bri 2 LLDP Remote Port Boos vv AS nel iil gt STACKING STATUS ross EE ap na sssscecs seessses Masssssss ansnsa a ananacid E o sooo RN Figure 3 25 LLDP Management Address Detail Information Page The LLDP Management Address Detail Information Page contains the following fields Field Description Port Indicates the port number Address Subtype Displays the managed address subtype For example MAC or IPv4 Address Displays the managed address Interface Subtype Displays the port subtype 4 Click to return to the LLDP Remote Port Normal Page 5 To view the detailed MAC PHY Configuration Status information for the entry click Show Detail The LLDP Remote Misc Detail Information Page is displayed 106 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 gt an Building Networks for People Save Tools Y Stack I 802 10 VLAN GVRP S
286. t From Port To Port Notification Admin Status 01 01 y 48 y Disabled TXAndRX Subtype Action Address Enabled PortID Notification Admin Status Subtype Address 1 Disabled TX And RX IPv4 10 90 90 90 2 Disabled TX And RX IPv4 10 90 90 90 3 Disabled TX And RX 4 Disabled TX And RX SSS Figure 3 17 LLDP Port Setting Page The LLDP Port Setting Page contains the following fields Field Description Unit Indicates the stacking member for which the LLDP port settings are defined From Port Defines the first port in a consecutive sequence of ports To Port Defines last port in a consecutive sequence of ports Notification Specifies whether notification is sent when an LLDP topology change occurs on the port The possible field values are Enabled Enables LLDP notification on the port Disabled Disables LLDP notification on the port This is the default Admin Status Specifies the LLDP transmission mode on the port The possible field values are TX Enables transmitting LLDP packets only RX Enables receiving LLDP packets only TX and RX Enables transmitting and receiving LLDP packets This is the default Disabled Disables LLDP on the port Subtype Defines the address subtype For example Always IPv4 Action Specifies whether the management address is advertised from the port The possible field values are Enabled Enables advertisement from the port This is the default
287. t Layer Security e Configuring Secure Shell Security e Defining Application Authentication Settings 119 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Safeguard Engine The Safeguard Engine Page allows network administrators to set network alarms to protect the CPU from attacks based on rising and falling threshold levels of Broadcasts and CPU Utilization The Safeguard mechanism immediately implements Broadcast Storm Control with a low threshold in order to hold the attack and release the CPU resources To enable the safeguard engine 1 Click Security gt Safeguard Engine The Safeguard Engine Page opens 22000 000 4M 04 re oe Up Time 2 days 51013 4 Logged in as administrator admin 192 168 0 100 Meson DGS 3100 48 E 3 Configuration P L2 Features m f aos Safeguard Engine Enabled Disabled B Security 2 Trusted Host gt Port Security Guest VLAN 802 1X a SSL SSH Access Authentication Coi E Monitoring a ac Note D Link Safeguard Engine is a robust and innovative technology developed by D Link which will automatically throttle the impact of packet flooding into the switch s CPU It will keep D Link Switches better protected from being too frequently interrupted by malicious viruses or worm attacks gt STAGKING STATUB Figure 5 1 Safeguard Engine Page The Safeguard Engine Page contains the following field Field Description
288. t network devices recognize the priority level of data packets and can assign priority labels or tags to packets as well as strip priority tags from packets The priority tag determines the packet s degree of expeditiousness and the queue to which it is assigned Priority tags are assigned values from 0 to 7 with O being assigned to the lowest priority data and 7 to the highest Generally tag 7 is used for data associated with video or audio applications sensitive to even slight delays or for data from specified end users whose data transmissions warrant special consideration The switch enables increased definition for handling priority tagged data packets on the network Using queues to manage priority tagged data enables user specification for the data s relative priority to suit the needs of the network Circumstances can arise where it is advantageous to group two or more differently tagged packets into the same queue Generally however it is recommended that the highest priority queue Queue 3 be reserved for data packets with a priority value of 7 A weighted round robin system is employed on the switch to determine the rate at which the queues are emptied of packets The ratio used for clearing the queues is 8 1 This means that the highest priority queue Queue 3 clears eight packets for every one packet cleared from Queue 0 It is important that the priority queue settings on the switch are for all ports and all devices connected to th
289. tatus and Quick Configurations Time Source 802 1D Spanning Tree DHCP Client Safeguard Engine SNMP Trap SSL GVRP Setting Telnet Setting Figure 1 1 Device Information Page DGS 3100 Gigabit Ethernet Switch Peter R amp D SD8 5F 1 1 00 01 0 000 014 1234 unit 1 30 11 2006 0 days 2 hours 7 mins 18 seconds 1 0 System Clock setting Disabled setting Disabled setting Enabled setting Disabled setting Disabled setting Disabled setting Enabled setting The following table describes the main 6 areas on the Device Information Page MAC Address IP Address Subnet Mask Default Gateway Login Timeout minutes Jumbo Frame BPDU Forwarding IGMP Snooping MLD Snooping Broadcast Storm Control 802 1x Status SSH Port Mirroring 00 40 f4 65 12 58 172 17 3 10 255 255 255 0 172 17 3 254 20 Disabled setting Disabled setting Disabled setting Disabled setting Disabled setting Disabled setting Disabled setting Disabled setting View Description 1 Tree View Select the folder or window to be displayed The folder icons can be opened to display the hyperlinked menu buttons and subfolders contained within them Information View selection The current Up Time and current User Loggin information is reported The Logout button is also here 2 Device Presents Switch information based on the selection and the entry of configuration data Information View 3 Menu Presents the Save
290. te measures Bae aaee os ee Maari daiane aig Re re ona ection ainst harmful Shte rer ence ue a e rales us a O trequency inl Rafe nig no Tis eae Aull Used in ad thet aa gu ran ee ha terin re wi hot ee na cul ar Saaier E nor A Hs Sagir ment a resider ent 9 nvironmen it de e io caus nfer rene evision reception en el t eter use harmful inter ere ied o ot fey ga teas jed to iS snede Pie inte Ey fur se by one or t ment Pita rowing Reorient or relocate the receiving antenna Increase the separation between the equipment and receiver Connect the equipment into an outlet on a circuit different from that to which the receiver is connected Consult the dealer or an experienced radio TV technician for help For detailed warranty information applicable to products purchased outside the United States please contact corresponding local D Link office 198 the Product Registration Register your D Link product online at http support dlink com register Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights 199 LIMITED WARRANTY D Link provides this limited warranty for its product only to the person or entity who originally purchased the product from D Link or its authorized reseller or distributor D Link would fulfill the warranty obligation according to the local warranty policy in which you purchased our products Limited Hardware Warranty
291. tem Up Time is selected as Stack Master If both Stack Masters have the same Up Time the Stack Master with the lowest Unit ID is selected as Stack Master If both Stack Master Unit IDs are equal the Stack Master with the lowest MAC address is selected The Master Election process assigns a dynamically allocated Unit ID Reassignment of Unit Id to the other Stack Master and is performed by the new Stack Master The switch is either allocated as a stack memberor the Backup Master There cannot be two stacking members with the same Unit ID at the process end The Stacking Master that loses the Master election process is shut down if the Unit ID was manually allocated It is recommended that the administrator configure the switch to Auto Assign mode before reconnecting the switch to the stack When two stacks are combined all of the configuration information for one of the stacks is lost After the discovery election process is completed only the new Stack Master maintains its configuration information If one of the merged stacks had neither a Stack Master unit nor a Backup Master then stacking members belonging to this groupare inserted into the stack as in Replacing Failed Stacking Members in a Running Stack The Stack Master either connects stacking members to the stack using thecurrent Unit Ids or reallocates the Unit IDs necessary For more information see Replacing Failed Stacking Members in a Running Stack If two
292. ternal power source indicated on the electrical ratings label If you are not sure of the type of power source required consult your service provider or local power company To help avoid damaging your system be sure the voltage selection Switch if provided on the power supply is set to match the power available at your location 115 volts V 60 hertz Hz in most of North and South America and some Far Eastern countries such as South Korea and Taiwan 100 V 50 Hz in eastern Japan and 100 V 60 Hz in western Japan 230 V 50 Hz in most of Europe the Middle East and the Far East Also be sure that attached devices are electrically rated to operate with the power available in your location Use only approved power cable s If you have not been provided with a power cable for your system or for any AC powered option intended for your system purchase a power cable that is approved for use in your country The power cable must be rated for the product and for the voltage and current marked on the product s electrical ratings label The voltage and current rating of the cable should be greater than the ratings marked on the product To help prevent an electric shock plug the system and peripheral power cables into properly grounded electrical outlets These cables are equipped with three prong plugs to help ensure proper grounding Do not use adapter plugs or remove the grounding prong from a cable If you must use an extension cable use a
293. the device sends a Loopback Detection Resolved trap and the port learns the STP configuration again The STP Bridge Global Settings Page contains parameters for enabling STP on the device 1 Click L2 Features gt Spanning Tree gt STP Bridge Global Settings The STP Bridge Global Settings Page opens DGS 3100 48 El Configuration G H L2 Features STP Global Setting ee STP Status O Enabled Disabled 2 802 10 VLAN gt GVRP Settings 3 Trunking STP Version gt Traffic Segmentation gt LACP Port Settings Forwarding BPDU gt IGMP Snooping Bridge Priority 0 65535 MLD Snooping Port Mirroring Bridge Max Age 6 40 sec Spanning Tree Bridge Hello Time 1 10 sec EAST Bridge Giobal 4 gt STP Port Settings Bridge Forward Delay 4 30 sec E MST Configuration Max Hops 1 20 times MSTP Port Informat Forwarding amp Filtering il gt Note Loopback detection is enabled when STP is enabled STAGKING STATUS Figure 3 16 STP Bridge Global Settings Page The STP Bridge Global Settings Page contains the following fields Field Description STP Status Enable or disables STP globally on the switch The default is Disabled STP Version Defines the desired version of STP to be implemented on the switch There are three choices STP Sets the Spanning Tree Protocol STP globally on the switch RSTP Sets the Rapid Spannin
294. the following fields Field Description Application Indicates the authentication application for which the Login Method or Enable Method lists are defined The possible field values are Console Indicates that Authentication profiles are used to authenticate console users Telnet Indicates that Authentication profiles are used to authenticate Telnet users Secure Telnet SSH Indicates that Authentication profiles are used to authenticate Secure Shell SSH users SSH provides clients secure and encrypted remote connections to a device Login Method List Defines the method used by the application to authenticate normal login http_method_list and https_method_list are fixed method names for http and https respectively Enable Method List Defines the method used by the application to enable a normal login 2 Select the login method for the Console Telnet and Secure Telnet SSH from the list under Login Method List 3 Select the enable method for the Console Telnet and Secure Telnet SSH from the list under Enable Method List 4 Click PPY The Application Authentication settings are defined and the device is updated 141 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring Authentication Server Hosts The Authentication Server is a remote device connected to the same network as the Client and Authenticator Users are authenticated using either RADIUS or TACACS and must be authe
295. the profile type can be MAC based or IP based VLAN Name Defines the user defined VLAN name Destination MAC Address Matches the destination MAC address to which packets will be subject to action Source MAC Address Matches the source MAC address to which packets will be subject to action Ether Type Defines the code type used Ports Indicates the ports or LAGs for which rules are sought Action Defines the action for the profile The possible fields are Permit Forwards packets if all other ACL criteria are met Deny Drops packets if all other ACL criteria is met Rate Limiting Rate limiting is activated if all other ACL criteria are met Change IP priority VPT CoS value is changed if all other ACL criteria is met Replace DSCP Reassigns a new DSCP value to the packet if all other ACL criteria are met Time Range Specifies whether the access rule is time based Range Name Selects the user defined time range name to apply to the access rule 191 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 2 Define the Rule Detail fields 3 Click Apply The rule is defined and the device is update 192 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Defining Time Ranges Time based ACLs allow users to define Access Control Lists based on time periods The Time Range Setting Page defines a time range which can be applied to an ACL rule To define a time range 1 Click ACL gt Time Ra
296. tic assigned Unit ID mode be used since it provides improved stack resiliency Ifthe new stacking member already has an assigned Unit ID and that Unit ID is unused in the current stack the new stacking member retains its assigned Unit ID The Stack Master applies any configuration relevant to that Unit ID Ifthe new stacking member already has an assigned Unit ID and that Unit ID conflicts with an existing Unit ID the Stack Master reallocates a new Unit ID to the new stacking member The lowest available Unit ID is applied to the new stacking member This occurs only if new stacking member does not have a manually assigned Unit ID which the Stack Master cannot change If the new stacking member cannot be assigned an available Unit ID then the new stacking member is effectively shut down and cannot join the stack For example the stacking member replacement can only occur if the new stacking member has a manually assigned Unit ID e The Stack Master now performs Unit and Stacking Port Configuration for the new stacking member e Any configuration information which the Stack Master stores that is relevant to the Unit ID is assigned to the new stacking member If the new stacking member was assigned the same Unit ID of the replaced stacking member then the new stacking member receives the same configuration as the failed stacking member If the new stacking member is identical to the replaced stacking member the entire configuration
297. time 2 days 5 1013 Stack ID ii Logged in as administrator admin 192 168 0 100 Magon R amp D100 on Unit 01 N os N w en gt o J Pry Untag Tag Forbidden Not Member Port Untag Tag Forbidden Not Member All All 0000 Okeere 0101010 OOOOBOO0O 0000 0O00 000 O 00 OM 000 O OOO 0OO0O0BOOOON OOOORO O00 Om OQOOCOMSOO0C OC OGOOOMOO0COR QOOOOHODO0CO OOOCOHMOOCO QOOOOMOO0O QOOOOKROO0O OOOCORBOO0CO QOOOOHBSDO0CO OOOOBOO0O OOOO QOOOOKODO0CO QOOOOHOO0O OOO OROO0O0 0000 Untag Port Tag Port Forbidden Port N Name should be less than 32 characters N Port Select All 1 5 0 2 23 gt 6 qOOOO N N N gt DOO OBOO0O DOO ORO O00 DOO OBOO00 Guest VLAN Setting Create Delete w m x VLAN Name Unit 01 v Port 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 Can DOO OOOO OOO OOOO Oo OO Ooo oo DODD OOCOOOOOOOOOOOOOOOOG Guest VLAN Ports 1 1 1 2 1 3 1 4 gt Apply Apply 130 DGS 3100 Series Gigabit Stackable Managed Switch User Manual 3 After the ports were assigned to the Guest VLAN the user needs to configure a Radius Server that will hold the MAC Authentication database This should be done via click Security gt 802 1X gt Authentic RADIUS Server page according to the example below D Link Building Networks toz People 2 DGS 3100 48 P
298. tings The Mislead dd CoS mlb Page opens D Link Building Networks for People Save Tools DGS 3100 48 Configuration L2 Features H Qos Bandwidth Control 3 Traffic Control 3 802 1p Default Priority 2 802 1p User Priority g i a mir f Security E H Monitoring ACL gt STACKING STATUS T E AAA gecesses sossego seeeeste o EA Anne Fai i BN a IIS Ssessses eS HEBER dE DUDA Up Time 2 days 5 10 13 Logged in as administrator admin 192168 0 100 BA Logout You can utilize existing ACL rules to perform traffic classification Goto Access Profile Listto find an existing ACL rule You can also create a new ACL rule to perform traffic classification Go to ACL Configuration Wizard to create a new ACL rule Figure 4 7 Multi Layer CoS Setting Page The Multi Layer CoS Setting Page contains the following links Access Profile List ACL Configuration Wizard 2 Click the desired link The relevant page opens see Defining Access Profile Lists 118 DGS 3100 Series Gigabit Stackable Managed Switch User Manual SECURITY FEATURES This section contains information for enabling and configuring device security including user accounts e Configuring Safeguard Engine e Configuring Trust Host e Configuring Port Security e Configuring Guest VLANs e Configuring Port Authentication 802 1X e Defining EAP Forwarding Settings e Configuring Secure Socke
299. tion In the Mode control the user needs to select the MAC Base option In addition to that the user needs to switch the port Control to Auto and enable reauthentication In order to complete the configuration the port must be member in the guest VLAN 129 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Configuring MAC Authentication by using Guest VLAN 802 1X and Radius pages This is the sequence of operatons required to configure MAC Authentication in DGS 3100 series 1 In order to configure a guest VLAN the user is required to create a VLAN first in the following example the user creates VLAN 100 via click L2 Features gt 802 1Q VLAN The 802 10 VLAN page opens Building Networks for People _ fm Save Tools 7 2 DGS 3100 48 E H Configuration E br Features Jumbo Frame 2 aa GVRP P Settings 3 Trunking 3 Traffic Segmentat EA IGMP Snooping 3 MLD Snooping 33 Port Mirroring P Spanning Tree E Forwarding amp Filtering E GBLLOP H H os p Security Monitoring aci STACKING STATUS DGs 3100 48 P Configuration f L2 Features E Q0S Ey Security 3 Safeguard Engine Trusted Host gt Port Security f 202 1x a SSL f ssH E Access Authentication Cor f Monitoring aci lt il Fis car AAA seneeses seeseses seesests Anne speneaes sessies seosest i PP o rm LACP Port Settings STACKING STATUS Up
300. tion 4 92 Features E e QoS E pP Security E Montoro 01 x 01 w View Table Apply Clear 2 Stacking information CPU Utilization gt Port Utilization gt Packet Size E Packets gt Received RX Bytes gt UMB_cast RX a Packets RADIUS Authentication gt Browse ARP Table Browse MLD Router Pc gt Browse Router Port gt Browse Session Table 2 IGMP Snooping Group gt MIN Snnnninn Groun lt i STACKING STATUS Unit packet sec Time Interval 1s v Record Number V Bytes Show Hide Y Packets Figure 6 7 Transmitted TX Page The Transmitted TX Page contains the following fields Field Description Unit Indicates the stacking member ID for which the transmitted packets parameters are displayed Port Indicates the port for which the transmitted packets parameters are displayed Bytes Indicates the total number of bytes that were transmitted through the port Packets Indicates the total number of packets that were transmitted through the port Time Interval Indicates the time interval for which the transmitted packets are displayed The possible field values are 1s 5s 10s 15s 20s 30s 40s 50s and 60s Record Number Indicates the transmitted record number Show Hide Displays the bytes packets received information The possible field values are Bytes checked Displays the total amount of transmitted bytes 155 DGS 3100 Ser
301. tly marked on the outside of the package Do not include any manuals or accessories in the shipping package D Link will only replace the defective portion of the product and will not ship back any accessories e The customer is responsible for all in bound shipping charges to D Link No Cash on Delivery COD is allowed Products sent COD will either be rejected by D Link or become the property of D Link Products shall be fully insured by the customer and shipped to D Link Systems Inc 17595 Mt Herrmann Fountain Valley CA 92708 D Link will not be held responsible for any packages that are lost in transit to D Link The repaired or replaced packages will be shipped to the customer via UPS Ground or any common carrier selected by D Link Return shipping charges shall be prepaid by D Link if you use an address in the United States otherwise we will ship the product to you freight collect Expedited shipping is available upon request and provided shipping charges are prepaid by the customer 197 D Link may reject or return any product that is not packaged and shipped in strict compliance with the foregoing requirements or for which an RMA number is not visible from the outside of the package The product owner agrees to pay D Link s reasonable handling and return shipping charges for any product that is not packaged and shipped in accordance with the foregoing requirements or that is determined by D Link not to be defective or non conformin
302. to Reboot field 3 Click System Reboot The selected unit s is are rebooted 12 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Using the Web System Components The following table contains information regarding the list of buttons Component Name Description Activate Activate Activates field commands Add Add Adds selected items All ALL Selects all Apply Apply Applies field settings Backup Backup Evokes backup Cancel Cancel Cancels settings Clear Clear Clears selected settings and fields Clear All Entry Clear All Clears all settings and fields Delete Delete Deletes selected fields Delete vip Delete VID Deletes VLAN Identification Download Download Starts downloading system files Edit Edit Modifies configuration Information Factory Reset Factory Reset Resets the factory defaults Find Find Finds a table entry System Reboot System Reboot Reboot the system Refresh Refresh Refreshes device information Restore Restore Restores the specific configuration file view All Entry View All Entry Displays table entries 13 Table 1 3 User Interface Buttons DGS 3100 Series Gigabit Stackable Managed Switch User Manual CONFIGURING BASIC CONFIGURATION This section contains information for viewing device information defining IP addresses managing stacking defining port parameters configuring system user accounts confi
303. to access the system services Authentication Server Specifies the server that performs the authentication on behalf of the authenticator and indicates whether the supplicant is authorized to access system services The Authentication Server is a remote device connected to the Client network and Authenticator The Authentication Server must have RADIUS Server application enabled and configured Clients connected to a port on the Switch must be authenticated by the Authentication Server before accessing any system services The Authentication Server certifies the client s identity attempting to access the network by exchanging secure information between the RADIUS server and the Client Port based authentication creates two access states State Description Controlled Access Permits communication between the supplicant and the system if the supplicant is authorized Uncontrolled Access Permits uncontrolled communication regardless of the port state 125 DGS 3100 Series Gigabit Stackable Managed Switch User Manual To enable the 802 1X 1 Click Security gt 802 1X Setting The 802 1X Setting Page opens Fi aA hi y e num 2200000000000 ooo 2999999 000000 9999999999990909 D inki 4 AAA VADAUBDAT DADOS EE a0 4 A DLink PPP PM MET or Save Tools 7 i StackID 1 Up Time 2 days S101 Logged in as administrator admin 192 168 0 100 Pelogout D6S 3100 48 A B02
304. toring gt Stacking information CPU Utilization 2 gt Packet Size fj Packets RADIUS Authentication 2 Browse ARP Table gt Browse MLD Router Pc gt Browse Router Port Browse Session Table 3 IGMP Snooping Group 2 MLD Snooping Group MAC Address Table gt System Log FAC la STACKING STATUS Tanananas p eenaaasa TH Tanananna saesasas sacaaaii Penis Samay air E pe Maseseesa asnanina saasaai Pree a PSCC FFP m E Up Time 2 days 5 10 13 af Logged in as administrator admin 192 168 0 100 p En Utilization Unit Time interval 1s v Record Number 200 Show Hide I Utilization Figure 6 3 Port Utilization Page The Port Utilization Page contains the following fields Field Description Unit Defines the unit number Port Defines the port number Utilization Displays current CPU utilization by percentage Time Interval Defines the 1 60 second time intervals in which the usage samples are taken as follows 1 2 3 4 5 10 20 30 40 50 60 Record Number Defines the record number Show Hide Displays the CPU utilization information The possible fields are Utilization checked Utilization information is enabled This is the default value Utilization unchecked Utilization information is disabled 2 Define the Unit Port Time Interval and Record Number fields 3 Define the Show Hide field 4 Click PPY 151 A
305. traffic needs to be monitored either for information gathering such as statistical analysis security traces etc or for troubleshooting higher layer protocol operation The device supports up to 8 source ports To enable the use of traffic analysis and monitoring devices it is recommended enabling the user to specify that a desired target port receives a copy of all traffic passing through a designated source port In order to activate Port Mirroring the target port must belong to the default VLAN 1 Click L2 Features gt Port Mirroring The Port AS Page opens oo 0 3 a H DLink 2900 o 9999 1 22 223 222 Bus x Dlink TTT AAA ttt ttt yj cerrara PATIO PP mm Up Time 2 days 5 10 13 5 Logged in as administrator admin 192 168 0100 MAT gt DGS 3100 48 8 Configuration O L2 Features gt Jumbo Frame Status OEnabled Disabled 2 802 10 VLAN gt GVRP Settings Unit Target Port gt Trunking Source Port Sniffer mode Ports 2 Traffic Segmentation Tx 1 8 1 32 1 7 1 31 gt LACP Port Settings 1 9 1 33 1 7 1 31 gt IGMP Snooping 2 MLD Snooping E Spanning Tree E Forwarding amp Filtering i Note Maximum 8 ports fe geLLOP H H os i Add H Security El f Monitoring Ge BACL 39 40 41 42 43 44 45 46 47 48 STACKING STATUS Figure 3 15 Port Mirroring Page The Port Mirroring Page contains the following fields Field Description Status Enables or disabl
306. ts Observe the following precautions for rack stability and safety Also refer to the rack installation documentation accompanying the system and the rack for specific caution statements and procedures Systems are considered to be components in a rack Thus component refers to any system as well as to various peripherals or supporting hardware CAUTION Installing systems in a rack without the front and side stabilizers installed could cause the rack to tip over potentially resulting in bodily injury under certain circumstances Therefore always install the stabilizers before installing components in the rack After installing system components in a rack never pull more than one component out of the rack on its slide assemblies at one time The weight of more than one extended component could cause the rack to tip over and may result in serious injury e Before working on the rack make sure that the stabilizers are secured to the rack extended to the floor and that the full weight of the rack rests on the floor Install front and side stabilizers on a single rack or front stabilizers for joined multiple racks before working on the rack Always load the rack from the bottom up and load the heaviest item in the rack first Make sure that the rack is level and stable before extending a component from the rack Use caution when pressing the component rail release latches and sliding a component into or out of a rack the slide rails can
307. ual Defining STP Port Settings STP can be set up on a port per port basis In addition to setting Spanning Tree parameters for use at the switch level the switch enables configuring groups of ports in which case each port group has its own spanning tree and requires some of its own configuration settings An STP group uses the switch level parameters entered above with the addition of Port Priority and Port Cost An STP group spanning tree works in the same way as the switch level spanning tree however the root bridge concept is replaced with a root port concept A root port is a group port designated as the connection to the network for the group based on port priority and port cost Redundant links are blocked just as redundant links are blocked at the switch level The switch level STP blocks redundant links between switches and similar network devices The port level STP blocks redundant links within an STP Group It is advisable to define an STP Group to correspond to a VLAN group of ports 1 Click L2 Features gt Spanning Tree gt STP Port Settings The STP Port Settings Page opens S806 wo ss Diink 9999900090900909 o000000 29990090 TeIONRH MW Ve RDB A SUVS MOM o 223 ka oll A ARPA a Soe Stee Peer ee ee PRPC FPE PFEP CARS Save s Stac Up Time 2 days 5 10 5 i Coggedin as administrator admin 192 168 0 100 PIE DGS 3100 48 El Configuration Cost Forwarding Eg 12 Features i From Port To Port E
308. umbering The Unit IDs are assigned as follows e Unit ID 1 Assigned to the Stacking Master The Stack Master is indicated by the Master LED on front which is lit solid green e Unit ID 2 Assigned to the Backup Master e Unit ID 3 4 5 6 Assigned to the Stacking member 23 DGS 3100 Series Gigabit Stackable Managed Switch User Manual This section contains the following topics e Building New Manually Ordered Stacks e Adding Stacking Members to an Existing Manually Ordered Stack Building New Manually Ordered Stacks To build new a self ordered stack 1 Connect the units physically through the stacking ports 2 Turn on the units one at a time 3 Assign the Stack Master the Unit ID of 1 using a Stack Management Interfaces either the console port Telnet or Embedded Web Interface 4 Assign the Backup Master the Unit ID of 2 using a Stack Management Interfaces either the console port Telnet or Embedded Web Interface 5 Assign the remaining stacking members using a Stack Management Interfaces either the console port Telnet or Embedded Web Interface 6 Ensure that none of the stacking members have the same Unit ID 7 Reboot all the stack units Adding Stacking Members to an Existing Manually Ordered Stack To add units to an existing manually ordered stack 1 Reset the new stacking units to the factory defaults by pressing the Reset button 2 Connect the stacking members physically to the stack 3 Turn on the switches
309. urday during April and ends on the last Sunday in October 43 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Field Description From Which Week of Defines which numeric week of the month DST begins The possible field values are the Month First Indicates the first week of a month Second Indicates the second week of a month Third Indicates the third week of a month Fourth Indicates the fourth week of a month From Day of Week Defines the week day DST starts The field range is Sunday Saturday From Month Defines the month DST starts The field range is January December From time in HH MM Defines the time of day DST starts The field format is Hour Minutes based on the 24 hour clock Military Time For example 9 00PM is configured as 21 00 To Which Week of Defines which numeric week of the month DST ends The possible field values are the Month First Indicates the first week of a month Second Indicates the second week of a month Third Indicates the third week of a month Fourth Indicates the fourth week of a month To Day of Week Defines the week day DST ends The field range is Sunday Saturday To Month Defines the month DST ends The field range is January December To time in HH MM Defines the time of day DST ends The field format is Hour Minutes based on the 24 hour clock Military Time For example 9 00PM is configured as 21 00 DST Annua
310. urrent setting to file E GHACL Restore saved setting from file j Browse File Type Startup Config v OTFTP Server IP File File Type Startup Config Ml STACKING STATUS Backup current setting to server Restore saved setting from server AA sg zzz Figure 1 3 Config Backup and Restore Page The Config Backup and Restore Page contains the following fields Field Description Http Indicates that the system files are backed up or restored via an HTTP server The possible field values are Backup current setting to file Backs up the current configuration files via the HTTP server Restore saved setting from file Restores the current configuration files via the HTTP server File Type Specifies the current configuration file type The possible field values are Startup Config and Running Config TFTP Indicates that the system files are backed up or restored via an TFTP server The possible field values are Server IP Specifies the TFTP Server IP Address to which files are backed up or from which they are restored File Indicates the file that is backed up or restored File Type Specifies the current configuration file type The possible field values are Startup Config and Running Config Backup current setting to server Backs up the current configuration files via the TFTP server Restore saved setting from server Restores the current configuration files via the TFTP server
311. using the network to time out 1 Click Qos gt Traffic Control The Traffic Control Settings Page opens Building Networks tor People a 7 Save Tools 7 2 DGS 3100 48 E Con figuration L2 Features G p Qos 53 Bandwidth Control 2 802 1p Default Priority 802 1p User Priority 3 QoS Scheduling Mechanisi 3 Multi Layer CoS Setting 4 3 Security E Monitoring ACL Threshold 3500 Unit From Port To Port Storm Control Type State 4000000 01 01 v 48 y Broadcast v Disabled vw 3500 Kbps Apply Unit 1 Settings Storm Control Type Threshold S Broadcast Disabled 128 1 2 Broadcast Disabled 128 13 Broadcast Multicast_ Disabled _ 128 1 4 Broadcast Disabled 128 LS Broadcast Disabled 128 1 6 Broadcast Disabled 128 AT Broadcast Disabled 128 18 _ Broadcast _ _ Disabled 128 1 9 Broadcast Disabled _ 128 1 10 Broadcast Disabled 128 1 11 Broadcast Disabled 128 1 12 Broadcast Disabled 128 An Broadcast Disabled 128 1 14 Broadcast Disabled 128 1 15 Broadcast Disabled 128 1 16 Broadcast Disabled 128 4 47 Brnadesct Ricahled 492 s Figure 4 3 Traffic Control Settings Page The Traffic Control Settings Page contains the following fields Field Description Unit Defines the stacking member for which the storm control parameters are displayed From Port Defines from which port stor
312. values from 0 to 7 with O being assigned to the lowest priority data and 7 to the highest Generally tag 7 is used for data associated with video or audio applications sensitive to even slight delays or for data from specified end users whose data transmissions warrant special consideration The switch enables increased definition for handling priority tagged data packets on the network Using queues to manage priority tagged data enables user specification for the data s relative priority to suit the needs of the network Circumstances can arise where it is advantageous to group two or more different tagged packets into the same queue Generally however it is recommended that the highest priority queue Queue 1 be reserved for the data packets with a priority value of 7 1 Classes not Queues should be used when explaining traffic handling techniques 2 The ratio is Class0 Class1 Class2 Class3 1 2 4 8 A Weighted Round Robin system is employed on the switch to determine the rate which the queues are emptied of packets The ratio used for clearing the queues is 4 1 This means that the highest priority queue Queue 1 clears four packets for every packet which cleared from Queue 0 It is important that the priority queue settings on the switch are for all ports and all devices connected to the switch are affected The priority queuing system is especially beneficial for networks that employ priority tag assignment capable switches QoS is
313. vice Locator The Device Locator Page opens o0000000 e oooo AA AA ON DH wu 6 DAD 272220 2D See D D Link o Ei a PARRA aS oe e a E d ons ve PRR eee FEF FEES Wibal Save S Tools stackID 1 Up Time 2 days 51013 Logged in as administrator admin 192 168 0 100 BA DGS 3100 48 E Configuration H E L2 Features QoS A s z a Se Press SActivate button to activate the LED locator for 20 seconds E Monitoring fe AacL STACKING STATUS Figure 1 2 Device Locator Page 2 Click _ Activate The LED locator is activated for 20 seconds On which the letter L will flash on the master unit DGS 3100 Series Gigabit Stackable Managed Switch User Manual Backing up and Restoring Configuration Files The Config Backup and Restore Page contains fields for downloading and uploading the configuration file from the device through HTTP or TFTP server To back up and restore configuration files 1 Click gt Config Backup amp Restore The Config Backup and Restore Page opens 00000 OOO ESSE ESEESEE gt e200000000000000 o00oooo 229292999090000000 7 o4 eee 3 mus 72m D Link D 345 6 9999999992999992 ES o ir a E eea eer et ia a 8 1 a E 8 dr Save Tools Y Stack ID B X Up Time 2 days 5 10 El MS in as administrator admin 192 168 0100 e D rl DGS 3100 48 one E Configuration E L2 Features EH QoS Secur O HTTP 5 ontong Backup c
314. vided only to the original licensee and is subject to the terms and conditions of the license granted by D Link for the Software The Warranty Period shall extend for an additional ninety 90 days after any replacement Software is delivered If a material non conformance is incapable of correction or if D Link determines in its sole discretion that it is not practical to replace the non conforming Software the price paid by the original licensee for the non conforming Software will be refunded by D Link provided that the non conforming Software and all copies thereof is first returned to D Link The license granted respecting any Software for which a refund is given automatically terminates What You Must Do For Warranty Service Registration Card The Registration Card provided at the back of this manual must be completed and returned to an Authorized D Link Service Office for each D Link product within ninety 90 days after the product is purchased and or licensed The addresses telephone fax list of the nearest Authorized D Link Service Office is provided in the back of this manual FAILURE TO PROPERLY COMPLETE AND TIMELY RETURN THE REGISTRATION CARD MAY AFFECT THE WARRANTY FOR THIS PRODUCT Submitting A Claim Any claim under this limited warranty must be submitted in writing before the end of the Warranty Period to an Authorized D Link Service Office The claim must include a written description of the Hardware defect or Software nonconfor
315. x a e Settings Multicast Filtering Mode mal ee wi E Filter_Unregistered_Groups dr ie e Filter_Unregistered_Groups LACP Port Settings j Filter_Unregistered_Groups IGMP Snooping Forward_Unregistered_Groups MLD Snooping Forward_Unregistered_Groups A Port Mirroring Forward_Unregistered_Groups same e Forward_Unregistered_Groups ae Baan oe Forward_Unregistered_Groups Unicast Forwarding 3 Multicast Forwarding gt Mutticast Filtering Mode Filter Unregistered_Groups El ee Filter_Unregistered_Groups Ha 1 a Filter_Unregistered_Groups STAGEING STATUS Forward_Unregistered_Groups Forward_Unregistered_Groups Forward_Unregistered_Groups Forward_Unregistered_Groups Canward linranictarnd A i ij Ei R EN 1 f 1 TET M1 Figure 3 15 Multicast Filtering Mode Page 95 DGS 3100 Series Gigabit Stackable Managed Switch User Manual The Multicast Filtering Mode Page contains the following fields Field Description Unit Defines the stacking unit number to specify a port range or LAG to specify a LAG range From Port or From LAG Defines the first port or LAG in a consecutive sequence of ports or LAGs To Port or To LAG Defines the last port or LAG in a consecutive sequence of ports or LAGs All Specifies that the filtering mode applies to all ports or LAGs Filtering Mode Defines the multicast filtering mode for unregistered Multicast groups The p
316. y default IP address for the Switch is 10 90 90 90 DGS 3100 Series Gigabit Stackable Managed Switch User Manual Accessing the Boot Startup Menu Functions The following configuration functions are performed from the Boot Startup menu e Downloading Software e Set Terminal Baud Rate e Defining Stacking Units To display the Startup menu 1 During the boot process after the first part of the POST is completed press Ctrl shift within 2 seconds after the following message is displayed Autoboot in 2 seconds press RETURN or Esc to abort and enter prom 2 Press Enter to access the Startup menu 3 The Startup menu is displayed and contains the following configuration functions Startup Menu 1 Download Software 2 Set Terminal Baud Rate 3 Stack menu 4 Back Enter your choice or press ESC to exit The following sections describe the Startup menu options If no selection is made within 25 seconds default the switch times out and the device continues to load normally Downloading Software Use the software download option when a new software version must be downloaded to replace corrupted files update or upgrade the system software It is recommended to set the Baud Rate to 38400 prior to downloading software therefore allowing the software download to be faster See Set Terminal Baud Rate To download software from the Startup menu 1 On the Startup menu press 1 Th
317. ys 5 10 17 Logged in as administrator admin 192 168 0 100 MEG Logout Select Frame Type OL2ACL OL3aci TCP v You can select the field in the packet to create filtering mask L2 Header IPv4 DSCP IPv4 Address TCP Port Figure 8 17 ACL Profile L3 TCP Flag Page 2 Click_ Create The ACL profile is added and the device is updated 184 DGS 3100 Series Gigabit Stackable Managed Switch User Manual oc0000o0o0o0ooooo o 245 e PF OHNHRH ws D Link ER A il O ll ll e a a a O O O O FPPP EPEE ses _ 3100 08 _ A AA ia Save Tools 7 Stack ID Up Time 2 days 5 10 13 Logged n as administrator admin 192 168 0 100 DGS 3100 48 E f Configuration L2 Features 5 nbs Select Frame Type 8 Security OL2ACL f Monitoring OL3ACL UDP H ACL 3 ACL Configuration Wizard gt Access Profile List ACL Finder 3 Time Range Setting You can select the field in the packet to create filtering mask L2 Header IPv4 DSCP IPv4 Address UDP Port STACKING STATUS Figure 8 18 ACL Profile L3 UDP Page 1 Click the UDP Port button The ACL Profile L3 UDP Port Page updates to show the following Building Networks for People Can 3180 43 Save Tools Stack ID Up Time 2 days 5 10 13 Logged in as administrator admin 192 168 0100 E Logout DGS 3100 48 Configuration i Select Frame Type gi Security OL2 ACL Monitoring L3 ACL UDP G1 ACL 7
Download Pdf Manuals
Related Search