- Manuals
- Brands
- D-Link Manuals
- Switch
- DES-3528 — xStack Switch — Stackable
- User manual
Xstack
-
Contents
-
Table of Contents
-
Bookmarks
Quick Links
User Manual
TM
DES-3528
Product Model:
Layer 2 Managed Stackable Fast Ethernet Switch
Release 1.2
Related Manuals for D-Link DES-3528
Summary of Contents for D-Link DES-3528
-
Page 1: User Manual
User Manual DES-3528 Product Model: Layer 2 Managed Stackable Fast Ethernet Switch Release 1.2…
-
Page 2
Reproduction in any manner whatsoever without the written permission of D-Link Computer Corporation is strictly forbidden. Trademarks used in this text: D-Link and the D-LINK logo are trademarks of D-Link Computer Corporation; Microsoft and Windows are registered trademarks of Microsoft Corporation. -
Page 3
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual FCC Warning This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. -
Page 4: Table Of Contents
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Table of Contents Preface ………………………………..x Intended Readers…………………………….. xi Typographical Conventions ……………………………..xi Notes, Notices, and Cautions ………………………….. xi Safety Instructions …………………………….xii Safety Cautions ………………………………..xii General Precautions for Rack-Mountable Products ………………………. xiii Protecting Against Electrostatic Discharge …………………………xiv…
-
Page 5
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Introduction………………………………18 Login to Web Manager ………………………………18 Web-based User Interface ……………………………….19 Web Pages………………………………….20 Configuration …………………………21 Device Information …………………………….22 System Information…………………………….22 Serial Port Settings…………………………….23 IP Address………………………………23 Port Configuration……………………………. -
Page 6
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNMP Host Table ………………………………..53 SNMP Engine ID ………………………………..53 SNMP Trap Configuration ………………………………54 Time Range Settings …………………………….54 Single IP Settings…………………………….55 SIM Settings………………………………….56 Topology ………………………………….57 Tool Tips………………………………….60 Right-Click………………………………….61 Menu Bar ………………………………….63… -
Page 7
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MLD Snooping Settings………………………………94 Port Mirror ………………………………96 Loopback Detection Settings …………………………. 97 Spanning Tree ………………………………98 STP Bridge Global Settings …………………………….100 STP Port Settings ………………………………..102 MST Configuration Identification…………………………..103 STP Instance Settings………………………………104… -
Page 8
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual IMP Entry Settings………………………………..131 DHCP Snooping Entries ……………………………….132 MAC Block List………………………………..132 Port Security………………………………132 Port Security Settings………………………………132 Port Security FDB Entries……………………………..133 DHCP Server Screening Settings…………………………. 134 DHCP Screening Port Settings…………………………….134 DHCP Offer Filtering………………………………135… -
Page 9
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Web-based Access Control Settings…………………………..165 Web-based Access Control User Settings …………………………166 JWAC (Japanese Web-based Access Control)……………………… 167 JWAC Global Settings ………………………………167 JWAC Port Settings ………………………………169 JWAC User Account………………………………170 NetBIOS Filtering …………………………….170 NetBIOS Filtering Settings …………………………….170… -
Page 10
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual JWAC Host Table …………………………….232 MAC Address Table ……………………………. 233 System Log ………………………………233 Save Services and Tools……………………..235 Save Configuration ID 1 …………………………..235 Save Configuration ID 2 …………………………..236 Save Log ……………………………… -
Page 11: Preface
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Preface The DES-3528 Manual is divided into sections that describe the system installation and operating instructions with examples. Section 1, Introduction – Describes the Switch and its features.
-
Page 12: Intended Readers
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Intended Readers The DES-3528 Manual contains information for setup and management of the Switch. This manual is intended for network managers familiar with network management concepts and terminology.
-
Page 13: Safety Instructions
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Safety Instructions Use the following safety guidelines to ensure your own personal safety and to help protect your system from potential damage. Throughout this document, the caution icon ( ) is used to indicate cautions and precautions that you need to review and follow.
-
Page 14: General Precautions For Rack-Mountable Products
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual ratings label. The voltage and current rating of the cable should be greater than the ratings marked on the product. • To help prevent electric shock, plug the system and peripheral power cables into properly grounded electrical outlets.
-
Page 15: Protecting Against Electrostatic Discharge
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual CAUTION: Never defeat the ground conductor or operate the equipment in the absence of a suitably installed ground conductor. Contact the appropriate electrical inspection authority or an electrician if you are uncertain that suitable grounding is available.
-
Page 16: Introduction
Side Panel Description Gigabit Combo Ports The DES-3528 layer 2 Fast Ethernet switch is a member of the D-Link xStack family. Ranging from 10/100Mbps edge switches to core gigabit switches, the xStack switch family has been future-proof designed to provide a stacking architecture with fault tolerance, flexibility, port density, robust security and maximum throughput with a user-friendly management interface for the networking professional.
-
Page 17: Gigabit Ethernet Technology
Switch’s settings for priority queuing, VLANs, and port trunk groups, port monitoring, and port speed. NOTE: For the remainder of this manual, all hardware versions of the DES-3528 switch will be referred to as simply the Switch or the DES-3528.
-
Page 18: Ports
LED Indicators The Switch supports LED indicators for Power, Console, RPS and Port LEDs. The following shows the LED indicators for the DES-3528 switch along with an explanation of each indicator. LEDs and there corresponding meanings are displayed below. Figure 1- 2. LED Indicators on DES-3528 switch…
-
Page 19
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Solid Light RPS is in Use Green Light Off RPS Off Solid Light When the device is the stacking master. Master(MS) Green Light Off Not the Stacking Master. -
Page 20: Rear Panel Description
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Rear Panel Description The rear panel of the Switch contains an AC power connector. Figure 1- 3. Rear panel view of the DES-3528 The AC power connector is a standard three-pronged connector that supports the power cord. Plug-in the female connector of the provided power cord into this socket, and the male side of the cord into a power outlet.
-
Page 21
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 1- 6. Installing the SFP Module… -
Page 22: Installation
Four rubber feet with adhesive backing RS-232 console cable If any item is found missing or damaged, please contact your local D-Link Reseller for replacement. Before You Connect to the Network The site where you install the Switch may greatly affect its performance. Please follow these guidelines for setting up the Switch.
-
Page 23: Installing The Switch Without The Rack
Attach these cushioning feet on the bottom at each corner of the device. Allow enough ventilation space between the Switch and any other objects in the vicinity. Figure 2- 1. Preparing the DES-3528 for installation on a desktop or shelf Installing the Switch in a Rack The Switch can be mounted in a standard 19″…
-
Page 24: Mounting The Switch In A Standard 19″ Rack
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Mounting the Switch in a Standard 19″ Rack CAUTION: Installing systems in a rack without the front and side stabilizers installed could cause the rack to tip over, potentially resulting in bodily injury under certain circumstances. Therefore, always install the stabilizers before installing components in the rack.
-
Page 25: Connecting The Switch
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 3 Connecting the Switch Switch to End Node Switch to Hub or Switch Connecting To Network Backbone or Server NOTE: All 24 high-performance NWay Ethernet ports can support both MDI-II and MDI-X connections.
-
Page 26
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 3- 2. DES-3528 connected to a normal (non-Uplink) port on a hub or switch using a straight or crossover cable… -
Page 27: Connecting To Network Backbone Or Server
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Connecting To Network Backbone or Server The two SFP combo ports are ideal for linking to a network backbone or server. The copper ports operate at a speed of 1000, 100 or 10Mbps in full or half duplex mode.
-
Page 28: Introduction To Switch Management
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 4 Introduction to Switch Management Management Options Web-based Management Interface SNMP-Based Management Managing User Accounts Command Line Console Interface through the Serial Port Connecting the Console Port (RS-232 DCE)
-
Page 29: Command Line Interface
12. Enter the commands to complete your desired tasks. Many commands require administrator-level access privileges. Read the next section for more information on setting up user accounts. See the DES-3528 CLI Manual on the documentation CD for a list of all commands and additional information on using the CLI.
-
Page 30: First Time Connecting To The Switch
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual First Time Connecting to the Switch The Switch supports user-based security that can allow you to prevent unauthorized users from accessing the Switch or changing its settings. This section tells how to log onto the Switch.
-
Page 31: Snmp Settings
The DES-3528 supports SNMP versions 1, 2c, and 3. You can specify which version of SNMP you want to use to monitor and control the Switch. The three versions of SNMP vary in the level of security provided between the management station and the network device.
-
Page 32: Ip Address Assignment
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Identifier (OID) associated with a specific MIB. An additional layer of security is available for SNMP v.3 in that SNMP messages may be encrypted. To read more about how to configure SNMP v.3 settings for the Switch read the section entitled Management.
-
Page 33
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Starting at the command line prompt, enter the commands config ipif System ipaddress xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy Where the x’s represent the IP address to be assigned to the IP interface named System and the y’s represent the corresponding subnet mask. -
Page 34: Web-Based Switch Configuration
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 5 Web-based Switch Configuration Introduction Login to Web manager Web-Based User Interface Basic Setup Reboot Basic Switch Setup Network Management Switch Utilities Network Monitoring IGMP Snooping Status…
-
Page 35: Web-Based User Interface
Area 1 Select the folder or window to be displayed. The folder icons can be opened to display the hyper- linked window buttons and subfolders contained within them. Click the D-Link logo to go to the D- Link website. Area 2 Presents a graphical near real-time image of the front panel of the Switch.
-
Page 36: Web Pages
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual configuration. Area 3 Presents switch information based on your selection and the entry of configuration data. NOTICE: Any changes made to the Switch configuration during the current session must be saved in the Save Changes web menu (explained below) or use the command line interface (CLI) command save.
-
Page 37: Configuration
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 6 Configuration System Information Serial Port Settings IP Address Port Configuration Static ARP Settings User Accounts System Log Configuration System Severity Settings DHCP/BOOTP Relay MAC Address Aging Time…
-
Page 38: Device Information
This window contains the main settings for all major functions on the Switch and appears automatically when you log on. To return to the Device Information window, click the DES-3528 Web Management Tool folder. The Device Information window shows the Switch’s MAC Address (assigned by the factory and unchangeable), the Boot PROM Version, Firmware Version, and Hardware Version.
-
Page 39: Serial Port Settings
The IP address may initially be set using the console interface prior to connecting to it through the Ethernet. If the Switch IP address has not yet been changed, read the introduction of the DES-3528 CLI Manual or return to Section 4 of this manual for more information.
-
Page 40
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual management station that will access the Switch. The Switch will allow management access from stations with the same VID listed here. NOTE: The Switch’s factory default IP address is 10.90.90.90 with a subnet mask of 255.0.0.0 and a default gateway of 0.0.0.0. -
Page 41
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual… -
Page 42: Port Configuration
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Port Configuration This section contains information for configuring various attributes and properties for individual physical ports, including port speed and flow control. Port Settings Click Configuration > Port Configuration > Port Settings to display the following window: To configure switch ports: 1.
-
Page 43
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual a 1000BASE-T cable for connection between the Switch port and other device capable of a gigabit connection. The master setting (1000M/Full_M) will allow the port to advertise capabilities related to duplex, speed and physical layer type. -
Page 44: Port Description
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Port Description The Switch supports a port description feature where the user may name various ports on the Switch. To assign names to various ports, click Configuration > Port Configuration > Port Description to view the following window: Use the From and To pull-down menu to choose a port or range of ports to describe, and then enter a description of the port(s).
-
Page 45: Port Error Disabled
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Port Error Disabled The following window will display the information about ports that have had their connection status disabled, for reasons such as STP loopback detection or link down status. To view this window, click Configuration > Port Configuration >…
-
Page 46: Static Arp Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Static ARP Settings The Address Resolution Protocol (ARP) is a TCP/IP protocol that converts IP addresses into physical addresses. This table allows network managers to view, define, modify and delete ARP information for specific devices. Static entries can be defined in the ARP Table.
-
Page 47: User Accounts
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual User Accounts Use the User Account Management window to control user privileges, create new users and view existing User Accounts. To view this window, click Configuration > User Accounts.
-
Page 48
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The following table summarizes the Admin, Operator and User privileges: Management Admin Operator User Configuration Read-only Network Monitoring Read-only Community Strings and Trap Stations Read-only Update Firmware and Configuration Files… -
Page 49: System Log Configuration
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual System Log Configuration This section contains information for configuring various attributes and properties for System Log Configurations, including System Log Settings and System Log Host. System Log Settings This window allows the user to enable or disable the System Log and specify the System Log Save Mode Settings.
-
Page 50
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Facility Some of the operating system daemons and processes have been assigned Facility values. Processes and daemons that have not been explicitly assigned a Facility may use any of the «local use»… -
Page 51: System Severity Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual System Severity Settings The Switch can be configured to allow alerts be logged or sent as a trap to an SNMP agent or both. The level at which the alert triggers either a log entry or a trap message can be set as well.
-
Page 52: Dhcp/Bootp Relay
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual DHCP/BOOTP Relay The relay hops count limit allows the maximum number of hops (routers) that the DHCP/BOOTP messages can be relayed through to be set. If a packet’s hop count is more than the hop count limit, the packet is dropped. The range is between 1 and 16 hops, with a default value of 4.
-
Page 53
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual check and policy settings will have no effect. DHCP Relay Agent This field can be toggled between Enabled and Disabled using the pull-down menu. It is Information Option 82 used to enable or disable the Switches ability to check the validity of the packet’s option 82… -
Page 54: Dhcp/Bootp Relay Interface Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The Implementation of DHCP Information Option 82 in the DES-3528 Switch. The config dhcp_relay option_82 command configures the DHCP relay agent information option 82 setting of the switch. The formats for the circuit ID sub-option and the remote ID sub-option are as follows: NOTE: For the circuit ID sub-option of a standalone switch, the module field is always zero.
-
Page 55: Dhcp Auto Configuration Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 6- 15. DHCP/BOOTP Relay Interface Settings and DHCP/BOOTP Relay Interface Table window The following parameters may be configured or viewed. Parameter Description Interface The IP interface on the Switch that will be connected directly to the Server.
-
Page 56: Web Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Web Settings Web-based management is Enabled by default. If you choose to disable this by selecting Disabled, you will lose the ability to configure the system through the web interface as soon as these settings are applied.
-
Page 57: Firmware Information
States the user who downloaded the firmware. This field may read “Anonymous” or “Unknown” for users that are unidentified. Dual Configuration Settings The following window is used to configure firmware information set in the Switch. The xStack DES-3528 has the capability to store two firmware images in its memory.
-
Page 58
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To access this table, click Configuration > Dual Configuration Settings: Figure 6- 23. Dual Configuration Settings This window holds the following information: Parameter Description States the ID number of the configuration file located in the Switch’s memory. The Switch can store two configuration files for use. -
Page 59: Ping Test
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Ping Test Ping is a small program that sends ICMP Echo packets to the IP address you specify. The destination node then responds to or «echoes» the packets sent from the Switch. This is very useful to verify connectivity between the Switch and other nodes on the network.
-
Page 60: Sntp Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNTP Settings Time Settings To configure the time settings for the Switch, click Configuration > SNTP Settings > Time Settings: Figure 6- 25. Time Settings window The following parameters can be set or are displayed:…
-
Page 61: Timezone Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual TimeZone Settings The following window is used to configure time zones and Daylight Savings time settings for SNTP. To configure the time Zone Settings for the Switch, click Configuration > SNTP Settings > TimeZone Settings: Figure 6- 26.
-
Page 62: Mac Notification Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Week From: Month Enter the month DST will start on. From: Time in Enter the time of day that DST will start on. HH:MM To: Which Week of Enter the week of the month the DST will end.
-
Page 63: Mac Notification Port Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Parameter Description State Enable or disable MAC notification globally on the Switch. Interval The time in seconds between notifications. (1-2147483647 sec) History Size The maximum number of entries listed in the history log used for notification. Up to 500 entries (1-500) can be specified.
-
Page 64: Snmp Settings
The DES-3528 supports the SNMP versions 1, 2c, and 3. The default SNMP setting is disabled. You must enable SNMP. Once SNMP is enabled you can choose which version you want to use to monitor and control the Switch. The three versions of SNMP vary in the level of security provided between the management station and the network device.
-
Page 65: Snmp Global State
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNMP Global State Use this table to globally enable or disable the SNMP Settings on the switch. To view this window, click Configuration > SNMP Settings > SNMP Global State: Figure 6- 29.
-
Page 66: Snmp Group Table
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNMP Group Table An SNMP Group created with this table maps SNMP users (identified in the SNMP User Table) to the views created in the previous menu. To view this window, click Configuration > SNMP Settings > SNMP Group Table: Figure 6- 31.
-
Page 67: Snmp User Table
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNMP User Table This window displays all of the SNMP User’s currently configured on the Switch and also allows you to add new users. To view this window, click Configuration > SNMP Settings > SNMP User Table: Figure 6- 32.
-
Page 68: Snmp Community Table
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To implement changes made, click Apply. SNMP Community Table Use this table to view existing SNMP Community Table configurations and to create a SNMP community string to define the relationship between the SNMP manager and an agent. The community string acts like a password to permit access to the agent on the Switch.
-
Page 69: Snmp Host Table
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNMP Host Table Use the SNMP Host Table window to set up SNMP trap recipients. To configure SNMP Host Table entries, click Configuration > SNMP Settings > SNMP Host Table: Figure 6- 34.
-
Page 70: Snmp Trap Configuration
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SNMP Trap Configuration The following window is used to enable and disable trap settings for the SNMP function on the Switch. To view this window for configuration, click Configuration > SNMP Settings > SNMP Trap Configuration: Figure 6-36.
-
Page 71: Single Ip Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Single IP Settings Simply put, D-Link Single IP Management is a concept that will stack switches together over Ethernet instead of using stacking ports or modules. There are some advantages in implementing the «Single IP Management» feature: 1.
-
Page 72: Sim Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The Upgrade to v1.6 To better improve SIM management, the DES-3528 Switch has been upgraded to version 1.6 in this release. Many improvements have been made, including: 1. The Commander Switch (CS) now has the capability to automatically rediscover member switches that have left the SIM group, either through a reboot or web malfunction.
-
Page 73: Topology
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 6- 39. Single IP Settings window (enabled) The following parameters can be set: Parameters Description SIM State Use the pull-down menu to either enable or disable the SIM state on the Switch. Disabled will render all SIM functions on the Switch inoperable.
-
Page 74
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 6- 40. Single IP Management window — Tree View The Tree View window holds the following information under the Data tab: Parameter Description Device Name This field will display the Device Name of the switches in the SIM group configured by the user. If no Device Name is configured by the name, it will be given the name default and tagged with the last six digits of the MAC Address to identify it. -
Page 75
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 6- 41. Topology view This window will display how the devices within the Single IP Management Group are connected to other groups and devices. Possible icons in this screen are as follows:… -
Page 76: Tool Tips
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Tool Tips In the Topology view window, the mouse plays an important role in configuration and in viewing device information. Setting the mouse cursor over a specific device in the topology window (tool tip) will display the same information about a specific device as the Tree view does.
-
Page 77: Right-Click
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Right-Click Right-clicking on a device will allow the user to perform various functions, depending on the role of the Switch in the SIM group and the icon associated with it.
-
Page 78: Commander Switch Icon
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Commander Switch Icon Figure 6- 46. Right-Clicking a Commander Icon The following options may appear for the user to configure: Collapse — To collapse the group that will be represented by a single icon.
-
Page 79: Menu Bar
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Add to group — Add a candidate to a group. Clicking this option will reveal the following dialog for the user to enter a password for authentication from the Candidate Switch before being added to the SIM group. Click OK to enter the password or Cancel to exit the window.
-
Page 80: Firmware Upgrade
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 6- 52. About window Firmware Upgrade This screen is used to upgrade firmware from the Commander Switch to the Member Switch. Member Switches will be listed in the table and will be specified by Port (port on the CS where the MS resides), MAC Address, Model Name and Version.
-
Page 81: Upload Log
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Upload Log The following window is used to upload log files from SIM member switches to a specified PC. To upload a log file, enter the Server IP address of the SIM member switch and then enter a Path\Filename on your PC where you wish to save this file.
-
Page 82: L2 Features
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 7 L2 Features Jumbo Frame 802.1Q VLAN QinQ 802.1v Protocol VLAN GVRP Settings GVRP Timer Settings Asymmetric VLAN Settings MAC-based VLAN Settings PVID Auto Assign Settings Port Trunking…
-
Page 83: Vlan Description
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual dependent on such time critical data, such as video conferencing, can be severely and adversely affected by even very small delays in transmission. Network devices that are in compliance with the IEEE 802.1p standard have the ability to recognize the priority level of data packets.
-
Page 84: Q Vlan Tags
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Egress port — A port on a switch where packets are flowing out of the Switch, either to another switch or to an end station, and tagging decisions must be made.
-
Page 85
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 3. IEEE 802.1Q Tag The EtherType and VLAN ID are inserted after the MAC source address, but before the original EtherType/Length or Logical Link Control. Because the packet is now a bit longer than it was originally, the Cyclic Redundancy Check (CRC) must be recalculated. -
Page 86: Port Vlan Id
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Port VLAN ID Packets that are tagged (are carrying the 802.1Q VID information) can be transmitted from one 802.1Q compliant network device to another with the VLAN information intact. This allows 802.1Q VLANs to span network devices (and indeed, the entire network, if all network devices are 802.1Q compliant).
-
Page 87: Default Vlans
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual same VID) as the ingress port. If it does not, the packet is dropped. If it has the same VID, the packet is forwarded and the destination port transmits it on its attached network segment.
-
Page 88
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual NOTE: In order to use VLAN segmentation in conjunction with port trunk groups, you can first set the port trunk group(s), and then you may configure VLAN settings. If you wish to change the port trunk grouping with VLANs already in place, you will not need to reconfigure the VLAN settings after changing the port trunk group settings. -
Page 89: Double Vlans
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Double VLANs Double or Q-in-Q VLANs allow network providers to expand their VLAN configurations to place customer VLANs within a larger inclusive VLAN, which adds a new layer to the VLAN configuration. This basically lets large ISP’s create L2 Virtual Private Networks and also create transparent LANs for their customers, which will connect two or more customer LAN points without over-complicating configurations on the client’s side.
-
Page 90: 802.1Q Vlan
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Customer VLANs using SPVLANs, thus greatly regulating traffic and routing on the Service Provider switch. This information is then routed to the Service Provider’s main network and regarded there as one VLAN, with one set of protocols and one routing behavior.
-
Page 91
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual NOTE: After all IP interfaces are set for your configurations, VLANs on the switch can be routed without any additional steps. Figure 7- 8. 802.1Q VLAN window – Add/Edit VLAN Tab To return to the 802.1Q VLAN window, click the VLAN List Tab at the top of the window. -
Page 92
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The following fields can then be set in either the Add/Edit VLAN or Edit 802.1Q VLAN windows: Parameter Description VID (VLAN ID) Allows the entry of a VLAN ID, or displays the VLAN ID of an existing VLAN in the Edit window. -
Page 93: Click Apply To Implement Changes Made.qinq
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 11. 802.1Q VLAN window – VLAN Batch Settings window The following fields can be set in the VLAN Batch Settings windows: Parameter Description VID List (e.g 2-5) Enter a VLAN ID List that can be added, deleted or configured.
-
Page 94: Qinq
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual QinQ This function allows the user to enable or disable the QinQ function. QinQ is designed for service providers to carry traffic from multiple users across a network. QinQ is used to maintain customer specific VLAN and Layer 2 protocol configurations even when the same VLAN ID is being used by different customers.
-
Page 95: Vlan Translation Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual the packet will be assigned to the PVID of the received port. Outer TPID The Outer TPID is used for learning and switching packets. The Outer TPID constructs and inserts the outer tag into the packet based on the VLAN ID and Inner Priority.
-
Page 96: 802.1V Protocol Vlan
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1v Protocol VLAN 802.1v Protocol Group Settings The table allows the user to create Protocol VLAN groups and add protocols to that group. The 802.1v Protocol VLAN Group Settings supports multiple VLANs for each protocol and allows the user to configure the untagged ports of different protocols on the same physical port.
-
Page 97
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 15. Protocol VLAN Settings window The following fields can be set: Parameter Description Group ID Click the corresponding radio button to select a previously configured Group ID from the drop- down menu. -
Page 98: Gvrp Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual GVRP Settings The table allows the user to determine whether the Switch will share its VLAN configuration information with other GARP VLAN Registration Protocol (GVRP) enabled switches. In addition, Ingress Checking can be used to limit traffic by filtering incoming packets whose PVID do not match the PVID of the port.
-
Page 99: Gvrp Timer Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Type between Tagged Only, which means only VLAN tagged frames will be accepted, and Admit_All, which mean both tagged and untagged frames will be accepted. Admit_All is enabled by default.
-
Page 100: Mac-Based Vlan Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MAC-based VLAN Settings This table is used to create new MAC Based VLAN entries and search, edit and delete existing entries. To view this window click L2 Features > MAC-based VLAN Settings: Figure 7- 19.
-
Page 101: Port Trunking
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Port Trunking Understanding Port Trunk Groups Port trunk groups are used to combine a number of ports together to make a single high-bandwidth data pipeline. DES-3500 Series supports up to 8 port trunk groups with 2 to 8 ports in each group. A potential bit rate of 8000 Mbps can be achieved.
-
Page 102
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual same VLAN, and their STP status, static multicast, traffic control; traffic segmentation and 802.1p default priority configurations must be identical. Port locking, port mirroring and 802.1X must not be enabled on the trunk group. Fur- ther, the aggregated links must all be of the same speed and should be configured as full duplex. -
Page 103: Lacp Port Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual LACP Port Settings The LACP Port Settings window is used to create port trunking groups on the Switch. Using the following window, the user may set which ports will be active and passive in processing and sending LACP control frames.
-
Page 104: Traffic Segmentation
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Traffic Segmentation Traffic segmentation is used to limit traffic flow from a single port to a group of ports on either a single switch or a group of ports on another switch in a switch stack. This method of segmenting the flow of traffic is similar to using VLANs to limit traffic, but is more restrictive.
-
Page 105: Igmp Snooping
IGMP messages passing through the Switch. In order to use IGMP Snooping it must first be enabled for the entire Switch (see the DES-3528 Web Management Tool). You may then fine-tune the settings for each VLAN using the IGMP Snooping link in the L2 Features folder.
-
Page 106: Igmp Snooping Multicast Vlan Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Query Interval The Query Interval field is used to set the time (in seconds) between transmitting IGMP (1-65535) queries. Entries between 1 and 65535 seconds are allowed. Default = 125.
-
Page 107: Ip Multicast Profile Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual VID (2-4094) This is the VLAN ID that, along with the VLAN Name, identifies the VLAN the user wishes to modify the IGMP Snooping Settings for. State Use the drop-down menu to toggle between Enabled and Disabled.
-
Page 108: Limited Multicast Range Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 30. IP Multicast Address Group List Settings – Group List window Enter the multicast Address List starting with the lowest in the range, and click Add. To return to the IP Multicast Profile Settings window, click the <<Back button.
-
Page 109: Max Multicast Group Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 32. Multicast Filtering Mode window To add a new Multicast Filter enter the information and click Apply, to search for an entry click Search, and to view all the VLANs click the View All button.
-
Page 110: Mld Snooping Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MLD Snooping Settings Multicast Listener Discovery (MLD) Snooping is an IPv6 function used similarly to IGMP snooping in IPv4. It is used to discover ports on a VLAN that are requesting multicast data. Instead of flooding all ports on a selected VLAN with multicast traffic, MLD snooping will only forward multicast data to ports that wish to receive this data through the use of queries and reports produced by the requesting ports and the source of the multicast traffic.
-
Page 111
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 35. MLD Snooping Settings – Edit Window The following parameters may be viewed or modified: Parameter Description VLAN ID This is the VLAN ID that, along with the VLAN Name, identifies the VLAN for which to modify the MLD Snooping Settings. -
Page 112: Port Mirror
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual State Used to enable or disable MLD snooping for the specified VLAN. This field is Disabled by default. Querier Router Behavior This read-only field describes the current querier state of the Switch, whether Querier, which will send out Multicast Listener Query Messages to links, or Non- Querier, which will not send out Multicast Listener Query Messages.
-
Page 113: Loopback Detection Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Loopback Detection Settings The Loopback Detection function is used to detect the loop created by a specific port. This feature is used to temporarily shutdown a port on the Switch when a CTP (Configuration Testing Protocol) packet has been looped back to the switch.
-
Page 114: Spanning Tree
802.1d STP will be familiar to most networking professionals. However, since 802.1w RSTP has been recently introduced to D-Link managed Ethernet switches, a brief introduction to the technology is provided below followed by a description of how to set up 802.1d STP and 802.1w RSTP.
-
Page 115: P2P Port
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual P2P Port A P2P port is also capable of rapid transition. P2P ports may be used to connect to other bridges. Under RSTP, all ports operating in full-duplex mode are considered to be P2P ports, unless manually overridden through configuration.
-
Page 116: Stp Bridge Global Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual STP Bridge Global Settings To open the following window, click L2 features > Spanning Tree > STP Bridge Global Settings. Figure 7- 38. STP Bridge Global Settings window…
-
Page 117
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Max Hops (1-20) Used to set the number of hops between devices in a spanning tree region before the BPDU (bridge protocol data unit) packet sent by the Switch will be discarded. Each switch on the hop count will reduce the hop count by one until the value reaches zero. -
Page 118: Stp Port Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual STP Port Settings STP can be set up on a port per port basis. To view the following window click L2 Features > Spanning Tree > STP Port Settings: Figure 7- 39.
-
Page 119: Mst Configuration Identification
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Migrate Setting this parameter as Yes will set the ports to send out BPDU packets to other bridges, requesting information on their STP setting If the Switch is configured for RSTP, the port will be capable to migrate from 802.1d STP to 802.1w RSTP.
-
Page 120: Stp Instance Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The window above contains the following information: Parameter Description Configuration Name A previously configured name set on the Switch to uniquely identify the MSTI (Multiple Spanning Tree Instance). If a configuration name is not set, this field will show the MAC address to the device running MSTP.
-
Page 121: Mstp Port Information
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 42. STP Instance Settings — View window MSTP Port Information This window displays the current MSTP Port Information and can be used to update the port configuration for an MSTI ID.
-
Page 122: Forwarding & Filtering
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Forwarding & Filtering This folder contains windows for Unicast Forwarding and Multicast Forwarding. Unicast Forwarding To view this window, Click L2 Features > Forwarding & Filtering > Unicast Forwarding.
-
Page 123: Lldp
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual chosen, the port will not be a member of the Static Multicast Group. Egress — The port is a static member of the multicast group. Click Apply to implement the changes made. To delete an entry in the Static Multicast Forwarding Table, click the corresponding Delete button.
-
Page 124: Lldp Port Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual LLDP Notification LLDP Notification Interval is used to send notifications to configured SNMP trap receiver(s) when Interval (5-3600) an LLDP change is detected in an advertisement received on the port from an LLDP neighbor.
-
Page 125: Lldp Management Address List
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual LLDP Management Address List To view this window, Click L2 Features > LLDP > LLDP Management Address List Figure 7- 48. LLDP Management Address List window The following parameters can be set:…
-
Page 126: Lldp Dot1 Tlvs Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Parameter Description From Port/To Use the pull-down menu to select a range of ports to be configured. Port Port Description Use the drop-down menu to enable or disable port description.
-
Page 127: Lldp Dot3 Tlvs Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Click Apply to implement changes made. LLDP Dot3 TLVs Settings To view this window, Click L2 Features > LLDP > LLDP Dot3 TLVs Settings Figure 7- 51. LLDP Dot3 TLVs Settings window…
-
Page 128: Lldp Local Port Information
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 52. LLDP Statistics System window LLDP Local Port Information LLDP Local Port Information window displays the information on a per port basis in the local port brief table shown below.
-
Page 129: Lldp Remote Port Information
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 7- 54. LLDP Local Port Information (Show Normal) window Use the drop-down menu to select a port and click Find the information will be displayed on the lower half of the window.
-
Page 130: Qos
View the following map to see how the DES-3528 implements 802.1P priority queuing. Figure 8- 1. Mapping QoS on the Switch…
-
Page 131: Understanding Qos
CoS until there are no more packets for this CoS. The other CoS queues that have been given a nonzero value, and depending upon the weight, will follow a common weighted round-robin scheme. Remember that the xStack DES-3528 has eight priority queues (and eight Classes of Service) for each port on the Switch.
-
Page 132: Hol Blocking Pevention
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual HOL Blocking Pevention This window is used to enable HOL Prevention Settings on the Switch. To view this table Click QoS > HOL Prevention Settings Figure 8- 2. HOL Prevention Settings window…
-
Page 133: Traffic Control
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Click Apply to set the bandwidth control for the selected ports. Results of configured Bandwidth Settings will be displayed in the Bandwidth Control Table on the lower half of the window.
-
Page 134
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Parameter Description Traffic Control Settings From Port/To A consecutive group of ports may be configured starting with the selected port. Port Action Select the method of traffic Control from the pull-down menu. The choices are: Drop –… -
Page 135: 802.1P Default Priority
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual NOTE: Ports that are in the Shutdown forever mode will be seen as Discarding in Spanning Tree windows and implementations though these ports will still be forwarding BPDUs to the Switch’s CPU.
-
Page 136: 802.1P User Priority
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1p User Priority The Switch allows the assignment of a user priority to each of the 802.1p priorities. To view this window click QoS > 802.1p User Priority.
-
Page 137: Sred
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Use the weighted round-robin (WRR) algorithm to handle packets in an even distribution in priority classes of service. Click Apply to implement changes made. NOTE: The settings you assign to the queues, numbers 0-7, represent the IEEE 802.1p priority tag number.
-
Page 138
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The following parameters may be set: Parameter Description From port/To port A consecutive group of ports may be configured starting with the selected port. Class ID Select the Class ID, from 0-7, to configure for the SRED parameters. Selecting all will set the parameters configured here for all CoS queues. -
Page 139: Sred Drop Counter
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SRED Drop Counter To view this window click QoS > SRED > SRED Drop Counter Figure 8- 9. SRED Drop Counter window DSCP Trust Settings This window is used to enable DSCP Trust Settings.
-
Page 140: Dscp Map Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual DSCP Map Settings This window is used to enable DSCP Map Settings. To view this window click QoS > SRED > DSCP Map Settings Figure 8- 11. DSCP Map Settings window…
-
Page 141: 802.1P Map Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1p Map Settings This window is used to enable 802.1p Map Settings. To view this window click QoS > SRED > 802.1p Map Settings Figure 8- 12. DSCP Map Settings window…
-
Page 142: Security
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 9 Security Safeguard Engine Trusted Host IP-MAC-Port Binding Port Security DHCP Server Screening 802.1X SSL Settings Access Authentication Control MAC-based Access Control Web Authentication JWAC NetBIOS Filtering Settings…
-
Page 143
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual If the second checking third checking If the fourth interval reveals If the Switch detects interval reveals there are interval reveals there are the packet flooding has too many packets, it… -
Page 144: Trusted Host
IP-MAC binding entries is dependant on chip capability (e.g. the ARP table size) and storage size of the device. For the xStack DES-3528 switch, Active and inactive entries use the same database. The maximum entry number is 511. The creation of authorized users can be manually configured by CLI or Web. The…
-
Page 145: Imp Global Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual IMP Global Settings This window is used to enable or disable the ACL mode, Trap Log State and DHCP Snoop state on the switch. When the user enables the ACL Mode for IP-MAC Binding it will create two Access Profile Entries on the Switch. The Trap/Log field will enable and disable the sending of trap log messages for IP-MAC binding.
-
Page 146
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 5. IMP Port Settings window The following fields can be set or modified: Parameter Description From Port…To Port Select a port or range of ports to set for IP-MAC Binding. -
Page 147: Imp Entry Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual trapped by the CPU needs to be forwarded by the software. This setting controls the forwarding behavior in this situation. Max Entry Specifies the maximum number of IP-MAC-Port Binding entries. By default, per port max entry is 5.
-
Page 148: Dhcp Snooping Entries
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual DHCP Snooping Entries This table is used to view dynamic entries on specific ports. To view particular port settings, enter the port number and click Find. To view all entries click View All, and to delete an entry, click Clear.
-
Page 149: Port Security Fdb Entries
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 9. Port Security Settings window The following parameters can be set: Parameter Description A consecutive group of ports may be configured starting with the selected port.
-
Page 150: Dhcp Server Screening Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 10. Port Security FDB Entries window DHCP Server Screening Settings This function allows the user to not only restrict all DHCP Server packets but also to receive any specified DHCP server packet by any specified DHCP client, it is useful when one or more DHCP servers are present on the network and both provide DHCP services to different distinct groups of clients.
-
Page 151: Dhcp Offer Filtering
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The user may set the following parameters: Parameter Description From Port/To Port A consecutive group of ports may be configured starting with the selected port. State Choose Enabled to enable the DHCP server or Disabled to disable. The default is Disabled.
-
Page 152: 136
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1X 802.1x Port-Based and MAC-Based Access Control The IEEE 802.1x standard is a security measure for authorizing and authenticating users to gain access to various wired or wireless devices on a specified Local Area Network by using a Client and Server based access control model.
-
Page 153
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Authentication Server The Authentication Server is a remote device that is connected to the same network as the Client and Authenticator, must be running a RADIUS Server program and must be configured properly on the Authenticator (Switch). Clients connected to a port on the Switch must be authenticated by the Authentication Server (RADIUS) before attaining any services offered by the Switch on the LAN. -
Page 154: Authentication Process
Figure 9- 18. The 802.1x Authentication Process The D-Link implementation of 802.1x allows network administrators to choose between two types of Access Control used on the Switch, which are: 1. Port-Based Access Control – This method requires only one user to be authenticated per port by a remote RADIUS server to allow the remaining users on the same port access to the network.
-
Page 155: Understanding 802.1X Port-Based And Mac-Based Network Access Control
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Understanding 802.1x Port-based and MAC-based Network Access Control The original intent behind the development of 802.1X was to leverage the characteristics of point-to-point in LANs. As any single LAN segment in such infrastructures has no more than two devices attached to it, one of which is a Bridge Port.
-
Page 156: Mac-Based Network Access Control
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MAC-Based Network Access Control RADIUS Server Ethernet Switch … 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X 802.1X Client Client Client Client Client Client Client…
-
Page 157: 802.1X Force Disconnect
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1X Force Disconnect To configure the 802.1X Force Disconnect, click Security > 802.1X > 802.1X Force Disconnect Figure 9- 21. 802.1X Force Disconnect window Use the drop down menu to select either Port or MAC Address and enter the corresponding information, click Force Disconnect for the changes to take effect.
-
Page 158
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual QuietPeriod This allows you to set the number of seconds that the Switch remains in the quiet state following (0-65535) a failed authentication exchange with the client. The default setting is 60 seconds. -
Page 159: 802.1X User
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1X User To create a new 802.1X User enter a user name and password then reconfirm the password and click Apply, the new user will be displayed in the lower half of the table. To delete an entry click the corresponding Delete button.
-
Page 160: Initialize Port(S)
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Initialize Port(s) This window allows you to initialize ports for the 802.1X Settings. This window will appear in the folder when the “enable 802.1x” command is entered into the command line interface.
-
Page 161: Guest Vlan
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Guest VLAN On 802.1x security enabled networks, there is a need for non 802.1x supported devices to gain limited access to the network, due to lack of the proper 802.1x software or incompatible…
-
Page 162: Guest Vlan Configuration
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Guest VLAN Configuration To view the following window click, Security > 802.1X > Guest VLAN Figure 9- 28. Guest VLAN window The following fields may be modified to enable the 802.1x Guest VLAN:…
-
Page 163: Download Certificate
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual These three parameters are uniquely assembled in four choices on the Switch to create a three-layered encryption code for secure communication between the server and the host. The user may implement any one or combination of the ciphersuites available, yet different ciphersuites will affect the security level and the performance of the secured connection.
-
Page 164
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Cache Timeout This field will set the time between a new key exchange between a client and a host using (60-86400) the SSL function. A new SSL session is established every time the client and host go through a key exchange. -
Page 165: Ssh
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SSH is an abbreviation of Secure Shell, which is a program allowing secure remote login and secure network services over an insecure network. It allows a secure login to remote host computers, a safe method of executing commands on a remote end node, and will provide secure encrypted and authenticated communication between two non-trusted hosts.
-
Page 166: Ssh Authmode And Algorithm Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual security shell encryptions. The available options are Never, 10 min, 30 min, and 60 min. The default setting is Never. Click Apply to implement changes made. SSH Authmode and Algorithm Settings The SSH Algorithm window allows the configuration of the desired types of SSH algorithms used for authentication encryption.
-
Page 167: Ssh User Authentication Lists
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Cast128-CBC Use the pull-down to enable or disable the Cast128 encryption algorithm with Cipher Block Chaining. The default is enabled. Twofish128 Use the pull-down to enable or disable the twofish128 encryption algorithm. The default is enabled.
-
Page 168
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual SSH server for authentication purposes. Choosing this parameter requires the user to input the following information to identify the SSH user. Host Name – Enter an alphanumeric string of no more than 31 characters to identify the remote SSH user. -
Page 169: Access Authentication Control
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Access Authentication Control The TACACS/XTACACS/TACACS+/RADIUS commands allow users to secure access to the Switch using the TACACS/XTACACS/TACACS+/RADIUS protocols. When a user logs in to the Switch or tries to access the administrator level privilege, he or she is prompted for a password.
-
Page 170: Authentication Policy Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Authentication Policy Settings This command will enable an administrator-defined authentication policy for users trying to access the Switch. When enabled, the device will check the Login Method List and choose a technique for user authentication upon login.
-
Page 171: Authentication Server Group
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Login Method List Using the pull-down menu, configure an application for normal login on the user level, utilizing a previously configured method list. The user may use the default Method List or other Method List configured by the user.
-
Page 172: Authentication Server
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 37. Authentication Server Group Settings Edit window To add an Authentication Server Host to the list, enter its IP address in the IP Address field, choose the protocol associated with the IP address of the Authentication Server Host and click Add to add this Authentication Server Host to the group.
-
Page 173: Login Method Lists
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Configure the following parameters to add an Authentication Server Host: Parameter Description IP Address The IP address of the remote server host the user wishes to add. Port (1-65535) Enter a number between 1 and 65535 to define the virtual port number of the authentication protocol on a server host.
-
Page 174: Enable Method Lists
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 39. Login Method Lists window The Switch contains one Method List that is set and cannot be removed, yet can be modified. To delete a Login Method List defined by the user, click the corressponding Delete button.
-
Page 175: Local Enable Password Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 40. Enable Method List window To delete an Enable Method List defined by the user, click the the Delete button. To modify an Enable Method List, click on its corresponding Edit button.
-
Page 176: Radius Accounting Services
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To set the Local Enable Password, set the following parameters and click Apply. Parameter Description Old Local Enable If a password was previously configured for this entry, enter it here in order to change it to…
-
Page 177: Mac-Based Access Control
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MAC-Based Access Control The MAC-Based Access Control feature will allow users to configure a list of MAC addresses, either locally or on a remote RADIUS server, to be authenticated by the Switch and given access rights based on the configurations set on the Switch of the target VLAN where these authenticated users are placed.
-
Page 178
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 43. MAC Based Access Control Settings The following parameters may be viewed or set: Parameter Description Settings State Use the pull-down menu to globally enable or disable the MAC-Based Access Control function on the Switch. -
Page 179: Mac Based Access Control Local Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Guest VLAN Member Ports Displays the list of ports that have been configured for the Guest VLAN. Port Settings From Port/To Port Enter the Port range. State Use the pull-down menu to enable or disable the MAC-Based Access Control function on individual ports.
-
Page 180: Web Authentication
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Web Authentication Web-based Access Control is another port based access control method implemented similarily to the 802.1x port based access control method previously stated. This function will allow user…
-
Page 181: Web-Based Access Control Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 6. If a RADIUS server is to be used for authentication, the user must first establish a RADIUS Server with the appropriate parameters, including the target VLAN, before enabling the Web-based Access Control on the Switch.
-
Page 182: Web-Based Access Control User Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual RADIUS server. This VLAN should be pre-configured to have limited access rights to web based authenticated users. Enter the URL of the website that authenticated users placed in the VLAN are directed to once Redirection Page authenticated.
-
Page 183: Jwac (Japanese Web-Based Access Control)
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual have selected local as their web based authenticator. Confirmation Re-enter the password. User-VLAN Mapping User Name Enter the user name of a guest authenticated through this process, to be mapped to a previously configured VLAN with limited rights.
-
Page 184
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual HTTPs Ports This parameter specifies the TCP port that the JWAC Switch listens to and uses to finish the (1-65535) authentication process. This parameter enables or disables JWAC UDP Filtering. When UDP Filtering is Enabled, all… -
Page 185: Jwac Port Settings
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual JWAC Port Settings To view JWAC port settings for the Switch, click Security > JWAC > JWAC Port Settings. Figure 9- 48. JWAC Port Settings window To set the JWAC on individual ports for the Switch, complete the following fields:…
-
Page 186: Jwac User Account
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual JWAC User Account To view JWAC user settings for the Switch, go to the Security > JWAC > JWAC User Account Figure 9- 49. JWAC User Settings window…
-
Page 187
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 9- 50. NetBIOS Filtering Settings window… -
Page 188: Acl
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 10 ACL Configuration Wizard Access Profile List CPU Access Profile List ACL Finder ACL Flow Meter Access profiles allow you to establish criteria to determine whether or not the Switch will forward packets based on the information contained in each packet’s header.
-
Page 189: Access Profile List
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual From Use the drop-down menu to select from MAC Address, IPv4 Address or IPv6. Use the drop-down menu to select from MAC Address, IPv4 Address or IPv6. When IPv6 is selected the user can only enter the IPv6 source address or the IPv6 destination address at any one time.
-
Page 190
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 3. Add Access Profile (Ethernet) If creating an Ethernet ACL enter the Profile ID and Profile Name and click Select the following window will appear. -
Page 191
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 4. Add Ethernet ACL Profile window Click on the boxes at the top of the table, which will then turn red and reveal parameters for configuration. To create a new entry enter the correct information and click Create. -
Page 192
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 802.1p Selecting this option instructs the Switch to examine the 802.1p priority value of each packet header and use this as the, or part of the criterion for forwarding. -
Page 193
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 7. Access Profile Ethernet To set the Access Rule for Ethernet, adjust the following parameters and click Apply. Parameter Description Access ID (1-128) Type in a unique identifier number for this access. This value can be set from 1 to 128. -
Page 194
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Precedence header. VLAN Name Allows the entry of a name for a previously configured VLAN. 802.1p (0-7) Enter a value from 0 to 7 to specify that the access profile will apply only to packets with this 802.1p priority value. -
Page 195
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 10. Add IPv4 ACL Profile Click on the boxes at the top of the table, which will then turn red and reveal parameters for configuration. To create a new entry enter the correct information and click Create. -
Page 196
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual (IGMP) field in each frame’s header. Select Type to further specify that the access profile will apply an IGMP type value Select TCP to use the TCP port number contained in an incoming packet as the forwarding criterion. -
Page 197
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 12. Access Profile Details (IPv4) To return to the Access Profile List click Show All Profiles, to add a rule to a previously configured entry click on the corresponding Add/View Rules, which will reveal the following window. -
Page 198
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual its incoming 802.1p user priority re-written to its original value before being forwarded by the Switch. Replace Priority Enter a replace priority manually if you want to re-write the 802.1p default priority of a packet to the value entered in the Priority field, which meets the criteria specified previously in this command, before forwarding it on to the specified CoS queue. -
Page 199
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 16. Add IPv6 ACL Profile Click on the boxes at the top of the table, which will then turn red and reveal parameters for configuration. To create a new entry enter the correct information and click Create. -
Page 200
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 17. Access Profile List (IPv6) To view the configurations for previously configured entry click on the corresponding Show Details Button which will display the following window. -
Page 201
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 19. Access Profile (IPv6) The following parameters may be configured for the IP (IPv4) filter. Parameter Description Access ID (1-128) Type in a unique identifier number for this access. This value can be set from 1 to 128. -
Page 202
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Precedence bits field in IPv4. Rx Rate (1-15624) Use this to limit Rx bandwidth for the profile being configured. This rate is implemented using the following equation: 1 value = 64kbit/sec. (ex. If the user selects an Rx rate of 10 then the ingress rate is 640kbit/sec.) The user many select a value between 1 and 15624 or… -
Page 203
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 22. Add Packet Content ACL Profile Click on the boxes at the top of the table, which will then turn red and reveal parameters for configuration. To create a new entry enter the correct information and click Create. -
Page 204
With this advanced unique Packet Content Mask (also known as Packet Content Access Control List — ACL), the D-Link xStack switch family can effectively mitigate some network attacks like the common ARP Spoofing attack that is wide spread today. This is why the Packet Content ACL is able to inspect any specified content of a packet in different protocol layers. -
Page 205
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 2 . Access Profile (Packet Content) The following parameters may be configured for the Packet Content filter. Parameter Description Access ID (1-128) Type in a unique identifier number for this access. This value can be set from 1 to 128. -
Page 206: Cpu Interface Filtering
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual tick the No Limit check box. The default setting is No Limit. Tick the check box and enter the name of the Time Range settings that has been previously Time Range Name configured in the Time Range Settings window.
-
Page 207: Cpu Access Profile List
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual CPU Access Profile List In the following window, the user may globally enable or disable the CPU Interface Filtering State mechanism by using the radio buttons to change the running state.
-
Page 208
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 2 . Add CPU ACL Profile window for Ethernet Parameter Description Select Profile ID Use the drop-down menu to select a unique identifier number for this profile set. This value can (1-5) be set from 1 to 5. -
Page 209
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 3 . CPU Access Profile Detail Information window for Ethernet The window shown below is the Add CPU ACL Profile window for IP (IPv4). Figure 10- 31. Add CPU ACL Profile window for IP (IPv4) The following parameters may be configured for the IP (IPv4) filter. -
Page 210
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Source IP Mask Enter an IP address mask for the source IP address. Destination IP Mask Enter an IP address mask for the destination IP address. Selecting this option instructs the Switch to examine the protocol type value in each frame’s Protocol header. -
Page 211
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 33. Add CPU ACL Profile window for IPv6 The following parameters may be configured for the IPv6 filter. Parameter Description Select Profile ID Use the drop-down menu to select a unique identifier number for this profile set. This value can be set from 1 to 5. -
Page 212
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Click Apply to set this entry in the Switch’s memory. To view the settings of a previously correctly created profile, click the corresponding Show Details button on the CPU Access Profile List window to view the following window: Figure 10- 3 . -
Page 213
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Offset This field will instruct the Switch to mask the packet header beginning with the offset value specified: • 0-15 — Enter a value in hex form to mask the packet from the beginning of the packet to the 15th byte. -
Page 214
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 3 . Add Access Rule window for Ethernet To set the Access Rule for Ethernet, adjust the following parameters and click Apply. Parameter Description Access ID (1-100) Type in a unique identifier number for this access. -
Page 215
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To establish the rule for a previously created CPU Access Profile: To configure the Access Rules for IP, open the CPU Access Profile List window and click Add/View Rules for an IP entry. -
Page 216
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To view the settings of a previously correctly configured rule, click the corresponding Show Details button on the CPU Access Rule List window to view the following window: Figure 10- 42. -
Page 217
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To set the Access Rule for IPv6, adjust the following parameters and click Apply. Parameter Description Access ID (1-100) Type in a unique identifier number for this access. This value can be set from 1 to 100. -
Page 218
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 47. Add Access Rule window for Packet Content To set the Access Rule for Packet Content, adjust the following parameters and click Apply. Parameter Description Access ID (1-100) Type in a unique identifier number for this access. -
Page 219: Acl Finder
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 48. CPU Access Rule Detail Information window for Packet Content ACL Finder This window is used to help find a previously configured ACL entry. To search for an entry, enter the profile ID from the drop down menu, select a port that you wish to view, define the state and click Find, the table on the lower half of the screen will display the entries.
-
Page 220
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 10- 5 . ACL Flow Meter — Add window The following fields may be configured: Parameter Description Use the drop down menu to select the pre-configured Profile ID that will be used to configure the Profile ID Flow Metering parameters. -
Page 221
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Action Conform – Specifies the action when the packet is in “green color” mode. • Permit – Permits the packet. • Replace dscp – Change the dscp of the packet Exceed –… -
Page 222: Monitoring
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 11 Monitoring Device Status CPU Utilization Port Utilization Packet Size Packets Errors Port Access Control Browse ARP Table Browse VLAN Show VLAN Ports Browse Router Port Browse MLD Router Port…
-
Page 223: Port Utilization
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 2. CPU Utilization window To view the CPU utilization by port, use the real-time graphic of the Switch and/or switch stack at the top of the web page by simply clicking on a port.
-
Page 224: Packet Size
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 3. Port Utilization window To select a port to view these statistics for, select the port by using the Port pull-down menu. The user may also use the real-time graphic of the Switch at the top of the web page by simply clicking on a port.
-
Page 225
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 4. Packet Size window To view the Packet Size Table window, click the link View Table, which will show the following table: Figure 11- 5. Packet Size Table window… -
Page 226: Packets
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The total number of packets (including bad packets) received that were 64 octets in length (excluding framing bits but including FCS octets). The total number of packets (including bad packets) received that were between 65 and 65-127 127 octets in length inclusive (excluding framing bits but including FCS octets).
-
Page 227
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 6. Received (RX) window (for Bytes and Packets) To view the Received (RX) Table window, click View Table. Figure 11- 7. Received (RX) Table window (for Bytes and Packets) -
Page 228
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual value is one second. Record Number Select number of times the Switch will be polled between 20 and 200. The default value is 200. Bytes Counts the number of bytes received on the port. -
Page 229: Umb_Cast (Rx)
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual UMB_cast (RX) This table displays the UMB_cast RX Packets on the Switch. To select a port to view these statistics for, select the port by using the Port pull-down menu. The user may also use the real-time graphic of the Switch at the top of the web page by simply clicking on a port.
-
Page 230: Transmitted (Tx)
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The following fields may be set or viewed: Parameter Description Port Use the drop-down menu to choose the port that will display statistics. Select the desired setting between 1s and 60s, where «s» stands for seconds. The default Time Interval value is one second.
-
Page 231
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual To view the Transmitted (TX) Table window, click the link View Table. Figure 11- 1 . Transmitted (TX) Table window (for Bytes and Packets) The following fields may be set or viewed:… -
Page 232: Errors
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Errors The Web Manager allows port error statistics compiled by the Switch’s management agent to be viewed as either a line graph or a table. Four windows are offered.
-
Page 233
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 1 . Received (RX) Table window (for errors) The following fields can be set: Parameter Description Port Use the drop-down menu to choose the port that will display statistics. -
Page 234: Transmitted (Tx)
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual View Table Clicking this button instructs the Switch to display a table rather than a line graph. View Graphic Clicking this button instructs the Switch to display a line graph rather than a table.
-
Page 235: Port Access Control
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 1 . Transmitted (TX) Table window (for errors) The following fields may be set or viewed: Parameter Description Port Use the drop-down menu to choose the port that will display statistics.
-
Page 236
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 1 . RADIUS Authentication window The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds. -
Page 237: Radius Account Client
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Signature attributes received from this server. PendingRequests The number of RADIUS Access-Request packets destined for this server that have not yet timed out or received a response. This variable is incremented when an Access- Request is sent and decremented due to receipt of an Access-Accept, Access-Reject or Access-Challenge, a timeout or retransmission.
-
Page 238
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual shares a secret. ServerPortNumber The UDP port the client is using to send requests to this server. ClientRoundTripTime The time interval between the most recent Accounting-Response and the Accounting-Request that matched it from this RADIUS accounting server. -
Page 239: Authenticator State
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Authenticator State The following section describes the 802.1X Status on the Switch. To view the Authenticator State, click Monitoring > Port Access Control > Authenticator State. Figure 11- 18. Authenticator State window (for MAC-based 802.1X)
-
Page 240: Authenticator Statistics
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 1 . Authenticator State window (for Port-based 802.1X) This window displays the Authenticator State for individual ports on a selected device. A polling interval between 1s and 60s seconds can be set using the drop-down menu at the top of the window and clicking OK.
-
Page 241
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 20. Authenticator Statistics window The user may also select the desired time interval to update the statistics, between 1s and 60s, where “s” stands for seconds. The default value is one second. -
Page 242: Authenticator Session Statistics
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Authenticator Session Statistics This window contains the session statistics objects for the Authenticator PAE associated with each port. An entry appears in this table for each port that supports the Authenticator function.
-
Page 243: Authenticator Diagnostics
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual System. Time The duration of the session in seconds. Terminate Cause The reason for the session termination. There are eight possible reasons for termination. 1) Supplicant Logoff 2) Port Failure…
-
Page 244
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual The following fields can be viewed: Parameter Description Port The identification number assigned to the Port by the System in which the Port resides. Connect Enter Counts the number of times that the state machine transitions to the CONNECTING state from any other state. -
Page 245: Browse Arp Table
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Bac Auth Success Counts the number of times that the state machine receives an Accept message from the Authentication Server (i.e., aSuccess becomes TRUE, causing a transition from RESPONSE to SUCCESS).
-
Page 246: Show Vlan Ports
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Show VLAN Ports This window allows the VLAN status for each of the Switch’s ports to be viewed by VLAN. Enter a VID (VLAN ID) in the field at the top of the window and click the Find button.
-
Page 247: Browse Session Table
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Browse Session Table This window displays the management sessions since the Switch was last rebooted. To view the Browse Session Table window, click Monitoring > Browse Session Table.
-
Page 248: Mld Snooping Group
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MLD Snooping Group The following window allows the user to view MLD Snooping Groups present on the Switch. MLD Snooping is an IPv6 function comparable to IGMP Snooping for IPv4. The user may browse this table by VLAN Name present in the Switch by entering that VLAN Name in the empty field shown below, and clicking the Find button.
-
Page 249: Mac Address Table
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual MAC Address Table This allows the Switch’s dynamic MAC address forwarding table to be viewed. When the Switch learns an association between a MAC address and a port number, it makes an entry into its forwarding table. These entries are then used to forward packets through the Switch.
-
Page 250
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure 11- 3 . System Log window The Switch can record event information in its own logs, to designated SNMP trap receiving stations, and to the PC connected to the console manager. Click Next to go to the next page of the System Log window. Clicking Clear will allow the user to clear the Switch History Log. -
Page 251: Save Services And Tools
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Section 12 Save Services and Tools Save Configuration ID 1 Save Configuration ID 2 Save Log Save All Configuration File Backup & Restore Upload Log File Reset Download Firmware Reboot System The four Save windows include: Save Configuration 1, Save Configuration 2, Save Log, and Save All.
-
Page 252: Save Configuration Id 2
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Save Configuration ID 2 Open the Save drop-down menu at the top of the Web manager and click Save Configuration ID 2 to open the following window: Figure 12- 2. Save Configuration ID 2 window…
-
Page 253: Configuration File Backup & Restore
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Configuration File Backup & Restore The Switch supports dual image storage for configuration file backup and restoration. The firmware and configuration images are indexed by ID number 1 or 2. To change the boot firmware image, use the Configuration ID drop-down menu to select the desired configuration file to backup or restore.
-
Page 254: Download Firmware
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Download Firmware The following window is used to download firmware for the Switch. Figure 12- 8. Download Firmware window Enter the Server IP address in the first field and and specify the path/file name of the firmware in the second field.
-
Page 255: Technical Specifications
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Appendix A Technical Specifications General IEEE 802.3 10BASE-T Ethernet Protocols IEEE 802.3u 100BASE-TX Fast Ethernet IEEE 802.3ab 1000BASE-T Gigabit Ethernet IEEE 802.3z Gibabit Ethernet. (SFP “Mini GBIC”) IEEE 802.1D Spanning Tree IEEE 802.1D/S/W Spanning Tree…
-
Page 256
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Physical and Environmental Input: Internal Power Supply 100~240V, AC/1.5A, 50~60Hz Output: 12V, 5A (Max) Power Consumption Max. 20.5 watts Operating Temperature 0 — 45°C Storage Temperature -40 — 70°C Humidity Operation Relative Humidity: 20 — 80% non-condensing. -
Page 257
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual When there is reception or transmission Blinking Amber (i.e. Activity—Act) of data occurring at an Ethernet connected port. Light off No link When there is a secure 1000Mbps Solid Green connection (or link) at any of the ports. -
Page 258
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Feature Detailed Description DCE RS-232 DB-9 for out-of-band configuration of the software features. Console Port Compliant to following standards: • IEEE 802.3 compliance • IEEE 802.3u compliance 24 x 10/100BaseT ports •… -
Page 259
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual 1000BASE-T ports compliant to following standards: • IEEE 802.3 compliance • IEEE 802.3u compliance 2 1000BASE-T ports in the rear • IEEE 802.3ab compliance panel • Support Full-Duplex operations •… -
Page 260: Mitigating Arp Spoofing Attacks Using Packet Content Acl
IP address is known. This protocol is vulnerable because it can spoof the IP and MAC information in the ARP packets to attack a LAN (known as ARP spoofing). This document is intended to introduce ARP protocol, ARP spoofing attacks, and the counter measure brought by D-Link’s switches to counter the ARP spoofing attack. •…
-
Page 261
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Destination Source address Ether-type address FF-FF-FF-FF-FF-FF 00-20-5C-01-11-11 Table-2 (Ethernet frame format) When the switch receives the frame, it will check the “Source Address” in the Ethernet frame’s header. If the address is not in its Forwarding Table, the switch will learn PC A’s MAC and the associated port into its Forwarding Table. -
Page 262
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Figure-3 When PC B replies to the ARP request, its MAC address will be written into “Target H/W Address” in the ARP payload shown in Table-3. The ARP reply will be then encapsulated into the Ethernet frame again and sent back to the sender. -
Page 263
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual How ARP spoofing attacks a network ARP spoofing, also known as ARP poisoning, is a method to attack an Ethernet network which may allow an attacker to sniff data frames on a LAN, modify the traffic, or stop the traffic altogether (known as a Denial of Service — DoS attack). -
Page 264
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Gratuitous ARP Ethernet Header Destination Source Ethernet H/W type Protocol Protocol Operation Sender H/W Sender Target H/W Target address address type type address address address protocol address protocol… -
Page 265
2. The switch will deny all other ARP packets which claim they are from the gateway’s IP. The design of Packet Content ACL on DES-3528 series enables users to inspect any offset_chunk. An offset_chunk is a 4-byte block in a HEX format which is utilized to match the individual field in an Ethernet frame. Each profile is allowed to contain up to a maximum of 4 offset_chunks. -
Page 266
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Chunk Chunk0 Chunk1 Chunk2 Chunk3 Chunk4 Chunk5 Chunk6 Chunk7 Chunk8 Chunk9… -
Page 267
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual… -
Page 268: System Log Entries
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Appendix C System Log Entries The following table lists all possible entries and their corresponding meanings that will appear in the System Log of this Switch. Event Category…
-
Page 269
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Log message upload Log message upload by console was Warning was unsuccessful unsuccessful! (Username: <username>) Interface Port link up Port <unitID:portNum> link up, <link state> Informational Port link down Port <unitID:portNum>… -
Page 270
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual BPDU Loop Back on BPDU Loop Back on Port <unitID:portNum> Warning port Spanning Tree Spanning Tree Protocol is enabled Informational Protocol is enabled Spanning Tree Spanning Tree Protocol is disabled… -
Page 271
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Successful login Successful login through Telnet from <userIP> Informational through Telnet authenticated by AAA local method (Username: authenticated by AAA <username>, MAC: <macaddr>) local method Login failed through Login failed through Telnet from <userIP>… -
Page 272
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Successful login Successful login through Web(SSL) from Informational through Web(SSL) <userIP> authenticated by AAA server authenticated by AAA <serverIP> (Username: <username>, MAC: server <macaddr>) Login failed through Login failed through Web(SSL) from <userIP>… -
Page 273
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Enable Admin failed Enable Admin failed through Telnet from Warning through Telnet <userIP> authenticated by AAA local_enable authenticated by AAA method (Username: <username>, MAC: local_enable method <macaddr>) Successful Enable… -
Page 274
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Enable Admin failed Enable Admin failed through Telnet from Warning through Telnet <userIP> authenticated by AAA server authenticated by AAA <serverIP> (Username: <username>, MAC: server <macaddr>) Successful Enable… -
Page 275
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual user due to AAA configuration (Username: <username>,MAC: server timeout or <mac>) improper configuration. Login failed through Login failed through SSH from <userIP> due to Warning SSH from user due to… -
Page 276
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual IP-MAC- Unauthenticated ip Unauthenticated IP-MAC address and Warning PORT address and discard discarded by ip mac port binding (IP: <ipaddr>, Binding by ip mac port binding MAC: <macaddr>, Port <portNum>) -
Page 277: Cable Lengths
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Appendix D Cable Lengths Use the following table to as a guide for the maximum cable lengths. Standard Media Type Maximum Distance 1000BASE-LX, Single-mode fiber module 10km 1000BASE-SX, Multi-mode fiber module…
-
Page 278: Glossary
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Appendix E Glossary 1000BASE-SX: A short laser wavelength on multimode fiber optic cable for a maximum length of 2000 meters 1000BASE-LX: A long wavelength for a «long haul» fiber optic cable for a maximum length of 10 kilometers 1000BASE-T: 1000Mbps Ethernet implementation over Category 5E cable.
-
Page 279
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual half duplex: A system that allows packets to be transmitted and received, but not at the same time. Contrast with full duplex. IP address: Internet Protocol address. A unique identifier for a device attached to a network using TCP/IP. The address is written as four octets separated with full-stops (periods), and is made up of a network section, an optional subnet section and a host section. -
Page 280
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual UDP — User Datagram Protocol: An Internet standard protocol that allows an application program on one device to send a datagram to an application program on another device. -
Page 281
The customer must submit with the product as part of the claim a written description of the Hardware defect or Software nonconformance in sufficient detail to allow D-Link to confirm the same, along with proof of purchase of the product (such as a copy of the dated purchase invoice for the product) if the product is not registered. -
Page 282
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual charges shall be prepaid by D-Link if you use an address in the United States, otherwise we will ship the product to you freight collect. Expedited shipping is available upon request and provided shipping charges are prepaid by the customer. -
Page 283: Product Registration
DES-3528 Series Layer 2 Stackable Fast Ethernet Managed Switch User Manual Product Registration Register your D-Link product online at http://support.dlink.com/register/ Product registration is entirely voluntary and failure to complete or return this form will not diminish your warranty rights.
-
Page 284
Warranty terms for D-LINK xStack products: All D-Link xStack products* are supplied with a 5 year warranty as standard. To enable the Limited Lifetime Warranty on this product you must register the product, within the first three months of purchase**, on the following website: http://www.dlink.biz/productregistration/… -
Page 285
To the extent allowed by local law, the remedies in this warranty statement are customer’s sole and exclusive remedies. Except as indicated above, in no event will D-Link or its suppliers be liable for loss of data or for indirect, special, incidental, consequential (including lost profit or data), or other damage, whether based in a contract, tort, or otherwise. -
Page 286: Limited Warranty
Such repair or replacement will be rendered by D-Link at an Authorized D-Link Service Office. The replacement Hardware need not be new or of an identical make, model or part; D-Link may in its discretion may replace the defective Hardware (or any part thereof) with any reconditioned product that D-Link reasonably determines is substantially equivalent (or superior) in all material respects to the defective Hardware.
-
Page 287
Registration Card. The Registration Card provided at the back of this manual must be completed and returned to an Authorized D-Link Service Office for each D-Link product within ninety (90) days after the product is purchased and/or licensed. The addresses/telephone/fax list of the nearest Authorized D-Link Service Office is provided in the back of this manual. -
Page 288: Copyright Statement
RELATING TO WARRANTY SERVICE, OR ARISING OUT OF ANY BREACH OF THIS LIMITED WARRANTY, EVEN IF D-LINK HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE SOLE REMEDY FOR A BREACH OF THE FOREGOING LIMITED WARRANTY IS REPAIR, REPLACEMENT OR REFUND OF THE DEFECTIVE OR NON-CONFORMING PRODUCT.
-
Page 289: Tech Support
Tech Support Technical Support You can find software updates and user documentation on the D-Link website. D-Link provides free technical support for customers within the United States and within Canada for the duration of the service period, and warranty confirmation service, during the warranty period on this product.
-
Page 290
Technical Support You can find software updates and user documentation on the D-Link websites. If you require product support, we encourage you to browse our FAQ section on the Web Site before contacting the Support line. We have many FAQ’s which we hope will provide you a speedy resolution for your problem. -
Page 291
Technische Unterstützung Aktualisierte Versionen von Software und Benutzerhandbuch finden Sie auf der Website von D-Link. D-Link bietet kostenfreie technische Unterstützung für Kunden innerhalb Deutschlands, Österreichs, der Schweiz und Osteuropas. Unsere Kunden können technische Unterstützung über unsere Website, per E-Mail oder telefonisch anfordern. -
Page 292: Assistance Technique
Vous trouverez la documentation et les logiciels les plus récents sur le site web D-Link. Vous pouvez contacter le service technique de D-Link par notre site internet ou par téléphone. Assistance technique D-Link par téléphone: 0 820 0803 03 0,12 €/min…
-
Page 293
Puede encontrar las últimas versiones de software así como documentación técnica en el sitio web de D-Link. D-Link ofrece asistencia técnica gratuita para clientes residentes en España durante el periodo de garantía del producto. Asistencia Técnica de D-Link por teléfono: +34 902 30 45 45 0,067 €/min… -
Page 294
Supporto tecnico Gli ultimi aggiornamenti e la documentazione sono disponibili sul sito D-Link. Supporto Tecnico dal lunedì al venerdì dalle ore 9.00 alle ore 19.00 con orario continuato Telefono: 199400057 Web: http://www.dlink.it/support… -
Page 295
Technical Support You can find software updates and user documentation on the D-Link website. D-Link provides free technical support for customers within Benelux for the duration of the warranty period on this product. Benelux customers can contact D-Link technical support through our website, or by phone. -
Page 296: Pomoc Techniczna
Pomoc techniczna Najnowsze wersje oprogramowania i dokumentacji użytkownika można znaleźć w serwisie internetowym firmy D-Link. D-Link zapewnia bezpłatną pomoc techniczną klientom w Polsce w okresie gwarancyjnym produktu. Klienci z Polski mogą się kontaktować z działem pomocy technicznej firmy D-Link za pośrednictwem Internetu lub telefonicznie.
-
Page 297
Technická podpora Aktualizované verze software a uživatelských příruček najdete na webové stránce firmy D-Link. D-Link poskytuje svým zákazníkům bezplatnou technickou podporu Zákazníci mohou kontaktovat oddělení technické podpory přes webové stránky, mailem nebo telefonicky Telefon: 225 281 553 Land Line 1,78 CZK/min — Mobile 5.40 CZK/min Telefonická… -
Page 298
Technikai Támogatás Meghajtó programokat és frissítéseket a D-Link Magyarország weblapjáról tölthet le. Tel: 06 1 461-3001 Fax: 06 1 461-3004 Land Line 14,99 HUG/min — Mobile 49.99,HUF/min Web: http://www.dlink.hu E-mail: support@dlink.hu… -
Page 299
Teknisk Support Du kan finne programvare oppdateringer og bruker dokumentasjon på D-Links web sider. D-Link tilbyr sine kunder gratis teknisk support under produktets garantitid. Kunder kan kontakte D-Links teknisk support via våre hjemmesider, eller på tlf. D-Link Teknisk telefon Support:… -
Page 300
Teknisk Support Du finder software opdateringer og bruger- dokumentation på D-Link’s hjemmeside. D-Link tilbyder gratis teknisk support til kunder i Danmark i hele produktets garantiperiode. Danske kunder kan kontakte D-Link’s tekniske support via vores hjemmeside eller telefonisk. D-Link teknisk support over telefonen: Tlf. -
Page 301
Teknistä tukea asiakkaille Suomessa D-Link tarjoaa teknistä tukea asiakkailleen. Tuotteen takuun voimassaoloajan. Tekninen tuki palvelee seuraavasti: numerosta : 0800-114 677 Arkisin klo. 9 — 21 Internetin kautta: Web: http://www.dlink.fi… -
Page 302
Teknisk Support På vår hemsida kan du hitta mer information om mjukvaru uppdateringar och annan användarinformation. D-Link tillhandahåller teknisk support till kunder i Sverige under hela garantitiden för denna produkt. D-Link Teknisk Support via telefon: 0770-33 00 35 Vardagar 08.00-20.00 D-Link Teknisk Support via Internet: Web: http://www.dlink.se… -
Page 303
Você pode encontrar atualizações de software e documentação de utilizador no site de D-Link Portugal http://www.dlink.pt. A D-Link fornece suporte técnico gratuito para clientes no Portugal durante o período de vigência de garantia deste produto. Assistência Técnica da D-Link na Internet: Web: http://www.dlink.pt… -
Page 304
Τεχνική Υποστήριξη Μπορείτε να βρείτε software updates και πληροφορίες για τη χρήση των προϊόντων στις ιστοσελίδες της D-Link Η D-Link προσφέρει στους πελάτες της δωρεάν υποστήριξη στον Ελλαδικό χώρο Μπορείτε να επικοινωνείτε µε το τµήµα τεχνικής υποστήριξης µέσω της ιστοσελίδας ή µέσω τηλεφώνου… -
Page 305
Tehnička podrška Hvala vam na odabiru D-Link proizvoda. Za dodatne informacije, podršku i upute za korištenje uređaja, molimo vas da posjetite D-Link internetsku stranicu na www.dlink.eu Web: www.dlink.biz/hr… -
Page 306
Tehnična podpora Zahvaljujemo se vam, ker ste izbrali D-Link proizvod. Za vse nadaljnje informacije, podporo ter navodila za uporabo prosimo obiščite D-Link — ovo spletno stran www.dlink.eu Web: www.dlink.biz/sl… -
Page 307
Suport tehnica Vă mulţumim pentru alegerea produselor D-Link. Pentru mai multe informaţii, suport şi manuale ale produselor vă rugăm să vizitaţi site-ul D- Link www.dlink.eu Web: www.dlink.ro… -
Page 308
Technical Support You can find software updates and user documentation on the D-Link website. Tech Support for customers in Australia: Tel: 1300-766-868 Monday to Friday 8:00am to 8:00pm EST Saturday 9:00am to 1:00pm EST http://www.dlink.com.au e-mail: support@dlink.com.au India: Tel: 1800-222-002 Monday to Friday 9:30AM to 7:00PM http://www.dlink.co.in/support/productsupport.aspx… -
Page 309
Technical Support You can find software updates and user documentation on the D-Link website. Tech Support for customers in Egypt: Tel: +202-2919035 or +202-2919047 Sunday to Thursday 9:00am to 5:00pm http://support.dlink-me.com e-mail: amostafa@dlink-me.com Iran: Tel: +98-21-88822613 Sunday to Thursday 9:00am to 6:00pm http://support.dlink-me.com… -
Page 310
Техническая поддержка Обновления программного обеспечения и документация доступны на Интернет-сайте D-Link. D-Link предоставляет бесплатную поддержку для клиентов в течение гарантийного срока. Клиенты могут обратиться в группу технической поддержки D-Link по телефону или через Интернет. Техническая поддержка D-Link: +495-744-00-99 Техническая поддержка через Интернет… -
Page 311
El servicio de soporte técnico tiene presencia en numerosos países de la Región Latino América, y presta asistencia gratuita a todos los clientes de D-Link, en forma telefónica e internet, a través de la casilla soporte@dlinkla.com Soporte Técnico Help Desk Argentina: Teléfono: 0800-12235465 Lunes a Viernes 09:00 am a 22:00 pm… -
Page 312
Você pode encontrar atualizações de software e documentação de usuário no site da D-Link Brasil www.dlinkbrasil.com.br. A D-Link fornece suporte técnico gratuito para clientes no Brasil durante o período de vigência da garantia deste produto. Suporte Técnico para clientes no Brasil: Telefone São Paulo +11-2185-9301… -
Page 313
D-Link 友訊科技 台灣分公司 技術支援資訊 如果您還有任何本使用手冊無法協助您解決的產品相關問題,台灣 地區用戶可以透過我們的網站、電子郵件或電話等方式與 D-Link台灣 地區技術支援工程師聯絡。 D-Link 免付費技術諮詢專線 0800-002-615 服務時間:週一至週五,早上8:30 到 晚上9:00 (不含周六、日及國定假日) 網 站:http://www.dlink.com.tw 電子郵件:dssqa_service@dlink.com.tw 如果您是台灣地區以外的用戶,請參考D-Link網站 全球各地 分公司的聯絡資訊以取得相關支援服務。 產品保固期限、台灣區維修據點查詢,請參考以下網頁說明: http://www.dlink.com.tw 產品維修: 使用者可直接送至全省聯強直營維修站或請洽您的原購買經銷商。… -
Page 314
Dukungan Teknis Update perangkat lunak dan dokumentasi pengguna dapat diperoleh pada situs web D-Link. Dukungan Teknis untuk pelanggan: Dukungan Teknis D-Link melalui telepon: Tel: +62-21-5731610 Dukungan Teknis D-Link melalui Internet: Email : support@dlink.co.id Website : http://support.dlink.co.id… -
Page 315
技术支持 您可以在 D-Link 的官方網站找到產品的軟件升級和使用手冊 办公地址:北京市东城区北三环东路 36 号 环球贸易中心 B 座 26F 02-05 室 邮编: 100013 技术支持中心电话:8008296688/ (028)66052968 技术支持中心传真:(028)85176948 维修中心地址:北京市东城区北三环东路 36 号 环球贸易中 心 B 座 26F 02-05 室 邮编: 100013 维修中心电话:(010) 58257789 维修中心传真:(010) 58257790 网址:http://www.dlink.com.cn 办公时间:周一到周五,早09:00到晚18:00… -
Page 316: International Offices
FAX: +46 (0)8 564 619 01 Israel Europe (U. K.) URL: www.dlink.gr URL: www.dlink.se TEL: +972-9-9715700 D-Link (Europe) Ltd FAX: +972-9-9715601 D-Link House, Abbey Road Hungary Switzerland URL: www.dlink.co.il Park Royal, London NW10 7BX Rákóczi út 70-72 Glatt Tower, 2.OG United Kingdom…
-
Page 317: Registration Card
8. What category best describes your company? Aerospace Engineering Education Finance Hospital Legal Insurance/Real Estate Manufacturing Retail/Chainstore/Wholesale Government Transportation/Utilities/Communication System house/company Other________________________________ 9. Would you recommend your D-Link product to a friend? Don’t know yet 10. Your comments on this product?_________________________________________________________…
®
CLI Reference Guide
Product Model: xStack® DES-3528/DES-3552 Series
Layer 2 Managed Stackable Fast Ethernet Switch
Release 2.60
Table of Contents |
|
INTRODUCTION …………………………………………………………………………………………………………. |
5 |
USING THE CONSOLE CLI ………………………………………………………………………………………….. |
7 |
COMMAND SYNTAX …………………………………………………………………………………………………. |
10 |
BASIC SWITCH COMMANDS …………………………………………………………………………………….. |
12 |
MODIFY BANNER AND PROMPT COMMANDS …………………………………………………………… |
24 |
SWITCH PORT COMMANDS ……………………………………………………………………………………… |
27 |
PORT SECURITY COMMANDS ………………………………………………………………………………….. |
31 |
STACKING COMMANDS……………………………………………………………………………………………. |
36 |
NETWORK MANAGEMENT (SNMP) COMMANDS ……………………………………………………….. |
40 |
SWITCH UTILITY COMMANDS…………………………………………………………………………………… |
57 |
NETWORK MONITORING COMMANDS………………………………………………………………………. |
63 |
MULTIPLE SPANNING TREE PROTOCOL (MSTP) COMMANDS…………………………………… |
76 |
FORWARDING DATABASE COMMANDS……………………………………………………………………. |
87 |
TRAFFIC CONTROL COMMANDS ……………………………………………………………………………… |
93 |
QOS COMMANDS …………………………………………………………………………………………………….. |
97 |
PORT MIRRORING COMMANDS………………………………………………………………………………. |
107 |
VLAN COMMANDS………………………………………………………………………………………………….. |
110 |
VOICE VLAN COMMANDS……………………………………………………………………………………….. |
124 |
SUBNET-BASED VLAN COMMANDS ……………………………………………………………………….. |
130 |
ASYMMETRIC VLAN COMMANDS……………………………………………………………………………. |
133 |
LINK AGGREGATION COMMANDS ………………………………………………………………………….. |
135 |
IP–MAC-PORT BINDING (IMPB) COMMANDS …………………………………………………………… |
139 |
LIMITED IP MULTICAST ADDRESS ………………………………………………………………………….. |
155 |
BASIC IP COMMANDS…………………………………………………………………………………………….. |
160 |
MULTICAST VLAN COMMANDS ………………………………………………………………………………. |
165 |
IGMP / MLD SNOOPING COMMANDS ………………………………………………………………………. |
179 |
DHCP RELAY COMMANDS ……………………………………………………………………………………… |
208 |
802.1X COMMANDS (INCLUDING GUEST VLANS) ……………………………………………………. |
221 |
ACCESS CONTROL LIST (ACL) COMMANDS …………………………………………………………… |
238 |
SAFEGUARD ENGINE COMMANDS …………………………………………………………………………. |
258 |
FILTER COMMANDS (DHCP SERVER / NETBIOS)…………………………………………………….. |
260 |
LAYER 3 CPU FILTER COMMANDS …………………………………………………………………………. |
265 |
LOOP-BACK DETECTION COMMANDS ……………………………………………………………………. |
267 |
ii |
TRAFFIC SEGMENTATION COMMANDS ………………………………………………………………….. |
271 |
SFLOW COMMANDS……………………………………………………………………………………………….. |
273 |
TIME AND SNTP COMMANDS………………………………………………………………………………….. |
281 |
ARP AND GRATUITOUS ARP COMMANDS ………………………………………………………………. |
286 |
ROUTING TABLE COMMANDS ………………………………………………………………………………… |
292 |
MAC NOTIFICATION COMMANDS……………………………………………………………………………. |
294 |
ACCESS AUTHENTICATION CONTROL COMMANDS ……………………………………………….. |
297 |
SECURE SHELL (SSH) COMMANDS ………………………………………………………………………… |
315 |
SECURE SOCKETS LAYER (SSL) COMMANDS………………………………………………………… |
321 |
D-LINK SINGLE IP MANAGEMENT COMMANDS……………………………………………………….. |
326 |
JWAC COMMANDS…………………………………………………………………………………………………. |
335 |
LINK LAYER DISCOVERY PROTOCOL (LLDP) COMMANDS ……………………………………… |
350 |
Q-IN-Q COMMANDS………………………………………………………………………………………………… |
363 |
RSPAN COMMANDS……………………………………………………………………………………………….. |
369 |
STATIC MAC-BASED VLAN COMMANDS …………………………………………………………………. |
373 |
SIMPLE RED COMMANDS……………………………………………………………………………………….. |
375 |
MAC-BASED ACCESS CONTROL COMMANDS LIST ………………………………………………… |
382 |
WEB-BASED ACCESS CONTROL COMMANDS………………………………………………………… |
392 |
POWER OVER ETHERNET (POE) COMMANDS…………………………………………………………. |
400 |
PPPOE CIRCUIT ID INSERTION COMMANDS……………………………………………………………. |
404 |
DNS RELAY COMMANDS………………………………………………………………………………………… |
405 |
POLICY ROUTE COMMANDS…………………………………………………………………………………… |
407 |
BPDU ATTACK PROTECTION COMMANDS ……………………………………………………………… |
409 |
ETHERNET OAM COMMANDS…………………………………………………………………………………. |
413 |
DHCP SERVER COMMANDS……………………………………………………………………………………. |
422 |
CABLE DIAGNOSTICS COMMANDS ………………………………………………………………………… |
434 |
CONNECTIVITY FAULT MANAGEMENT COMMANDS ……………………………………………….. |
435 |
COMMAND HISTORY LIST ………………………………………………………………………………………. |
451 |
ARP SPOOFING PREVENTION COMMANDS…………………………………………………………….. |
453 |
AUTO-CONFIGURATION COMMANDS ……………………………………………………………………… |
455 |
COMPOUND AUTHENTICATION COMMANDS ………………………………………………………….. |
458 |
DEBUG SOFTWARE COMMANDS ……………………………………………………………………………. |
464 |
DHCPV6 CLIENT COMMANDS …………………………………………………………………………………. |
469 |
DHCPV6 RELAY COMMANDS………………………………………………………………………………….. |
471 |
iii |
D-LINK UNIDIRECTIONAL LINK DETECTION (DULD) COMMANDS…………………………….. |
476 |
ETHERNET RING PROTECTION SWITCHING (ERPS) COMMANDS ……………………………. |
478 |
IPV6 NEIGHBOR DISCOVER COMMANDS………………………………………………………………… |
487 |
IPV6 ROUTE COMMANDS ……………………………………………………………………………………….. |
491 |
LAYER 2 PROTOCOL TUNNELING (L2PT) COMMANDS ……………………………………………. |
493 |
LOCAL ROUTE COMMANDS……………………………………………………………………………………. |
496 |
MSTP DEBUG ENHANCEMENT COMMANDS……………………………………………………………. |
498 |
PING COMMANDS…………………………………………………………………………………………………… |
502 |
SHOW TECHNICAL SUPPORT COMMANDS …………………………………………………………….. |
504 |
TRACE ROUTE COMMANDS……………………………………………………………………………………. |
507 |
VLAN COUNTER COMMANDS …………………………………………………………………………………. |
509 |
APPENDIX A — PASSWORD RECOVERY PROCEDURE ……………………………………………… |
512 |
APPENDIX B — TECHNICAL SPECIFICATIONS ………………………………………………………….. |
513 |
APPENDIX C — MITIGATING ARP SPOOFING ATTACKS VIA PACKET CONTENT ACL … |
516 |
iv
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
INTRODUCTION
The Switch can be managed through the Switch’s serial port, Telnet, or the Web-based management agent. The Command Line Interface (CLI) can be used to configure and manage the Switch via the serial port or Telnet interfaces.
The DES-3528/DES-3552 Series Layer 2 stackable Fast Ethernet Switch Series are members of the D-Link xStack® family. Ranging from 10/100Mbps edge Switches to core gigabit Switches, the xStack Switch family has been futureproof designed to provide a stacking architecture with fault tolerance, flexibility, port density, robust security and maximum throughput with a user-friendly management interface for the networking professional.
This manual provides a reference for all of the commands contained in the CLI for the xStack® DES-3528, DES3528P, DES-3528DC, DES-3552 and DES-3552P series of Switches. Configuration and management of the Switch via the Web-based management agent is discussed in the User’s Guide.
NOTE: For the remainder of this manual, all versions of the DES-3528, DES-3528P, DES-3528DC, DES-3552 and DES-3552P Switches will be referred to as simply the Switch or the DES-3528/52 Series.
Accessing the Switch via the Serial Port
The Switch’s serial port’s default settings are as follows:
•115200 baud
•no parity
•8 data bits
•1 stop bit
A computer running a terminal emulation program capable of emulating a VT-100 terminal and a serial port configured as above are then connected to the Switch’s serial port via an RS-232 DB-9 cable.
With the serial port properly connected to a management computer, the following screen should be visible. If this screen does not appear, try pressing Ctrl+r to refresh the console screen.
DES-3528 Fast Ethernet Switch
Command Line Interface
Firmware: Build 2.60.017
Copyright(C) 2010 D-Link Corporation. All rights reserved.
UserName:
Figure 1-1. Initial CLI screen
There is no initial username or password. Just press the Enter key twice to display the CLI input cursor − DES3528:admin# . This is the command line where all commands are input.
Setting the Switch’s IP Address
Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch’s default IP address is 10.90.90.90. Users can change the default Switch IP address to meet the specification of your networking address scheme.
The Switch is also assigned a unique MAC address by the factory. This MAC address cannot be changed, and can be found on the initial boot console screen – shown below.
5
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
Boot Procedure |
V1.00.B008 |
||
——————————————————————————- |
|||
Power On Self |
Test …………………………………. |
100 |
% |
MAC Address |
: 00-22-B0-10-8A-00 |
||
H/W Version |
: A2 |
||
Please wait, loading V2.60..017 Runtime image …………. |
100 |
% |
|
UART init …………………………………………. |
100 |
% |
|
Device Discovery …………………………………… |
100 |
% |
|
Configuration |
init …………………………………. |
| |
Figure 1-2. Boot screen
The Switch’s MAC address can also be found in the Web management program on the Switch Information (Basic Settings) window on the Configuration menu.
The IP address for the Switch must be set before it can be managed with the Web-based manager. The Switch IP address can be automatically set using BOOTP or DHCP protocols, in which case the actual address assigned to the Switch must be known.
The IP address may be set using the Command Line Interface (CLI) over the console serial port as follows:
1.Starting at the command line prompt, enter the commands config ipif System ipaddress xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy. Where the x’s represent the IP address to be assigned to the IP interface named System and the y’s represent the corresponding subnet mask.
2.Alternatively, users can enter config ipif System ipaddress xxx.xxx.xxx.xxx/z. Where the x’s represent the IP address to be assigned to the IP interface named System and the z represents the corresponding number of subnets in CIDR notation.
The IP interface named System on the Switch can be assigned an IP address and subnet mask which can then be used to connect a management station to the Switch’s Telnet or Web-based management agent.
DES-3528:admin# config ipif System ipaddress 10.24.73.21/8
Command: config ipif System ipaddress 10.24.73.21/8
Success.
DES-3528:admin#
Figure 1-3. Assigning an IP Address screen
In the above example, the Switch was assigned an IP address of 10.24.73.21 with a subnet mask of 255.0.0.0. The system message Success indicates that the command was executed successfully. The Switch can now be configured and managed via Telnet, SNMP MIB browser and the CLI or via the Web-based management agent using the above IP address to connect to the Switch.
6
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
USING THE CONSOLE CLI
The DES-3528/52 Series supports a console management interface that allows the user to connect to the Switch’s management agent via a serial port and a terminal or a computer running a terminal emulation program. The console can also be used over the network using the TCP/IP Telnet protocol. The console program can be used to configure the Switch to use an SNMP-based network management software over the network.
This chapter describes how to use the console interface to access the Switch, change its settings, and monitor its operation.
NOTE: Switch configuration settings are saved to non-volatile RAM using the save command. The current configuration will then be retained in the Switch’s NV-RAM, and reloaded when the Switch is rebooted. If the Switch is rebooted without using the save command, the last configuration saved to NV-RAM will be loaded.
Connecting to the Switch
The console interface is used by connecting the Switch to a VT100-compatible terminal or a computer running an ordinary terminal emulator program (e.g., the HyperTerminal program included with the Windows operating system) using an RS-232C serial cable. Your terminal parameters will need to be set to:
•VT-100 compatible
•115200 baud
•8 data bits
•No parity
•One stop bit
•No flow control
Users can also access the same functions over a Telnet interface. Once users have set an IP address for your Switch, users can use a Telnet program (in VT-100 compatible terminal mode) to access and control the Switch. All of the screens are identical, whether accessed from the console port or from a Telnet interface.
After the Switch reboots and users have logged in, the console looks like this:
DES-3528 Fast Ethernet Switch
Command Line Interface
Firmware: Build 2.60.017
Copyright(C) 2010 D-Link Corporation. All rights reserved.
UserName:
Figure 2-1. Initial Console screen after logging in
Commands are entered at the command prompt, DES-3528:admin# ..
There are a number of helpful features included in the CLI. Entering the ? command will display a list of all of the toplevel commands.
?
cable_diag ports cfm linktrace cfm loopback clear
clear address_binding dhcp_snoop binding_entry ports clear address_binding nd_snoop binding_entry ports clear arptable
clear attack_log clear cfm pkt_cnt clear counters clear dhcp binding
clear dhcp conflict_ip clear ethernet_oam ports clear fdb
7
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
clear igmp_snooping data_driven_group clear igmp_snooping statistics counter clear jwac auth_state
clear log
clear mac_based_access_control auth_state clear mld_snooping data_driven_group
CTRL+C ESC q Quit SPACE n Next Page ENTER Next Entry a All
Figure 2-2. The ? Command
When users enter a command without its required parameters, the CLI will prompt users with a Next possible completions: message.
DES-3528:admin# config account
Command: config account
Next possible completions: <username>
DES-3528:admin#
Figure 2-3. Example Command Parameter Help
In this case, the command config account was entered with the parameter <username>. The CLI will then prompt users to enter the <username> with the message, Next possible completions:. Every command in the CLI has this feature, and complex commands have several layers of parameter prompting.
In addition, after typing any given command plus one space, users can see all of the next possible sub-commands, in sequential order, by repeatedly pressing the Tab key.
To re-enter the previous command at the command prompt, press the up arrow cursor key. The previous command will appear at the command prompt.
DES-3528:admin# config account
Command: config account Next possible completions: <username>
DES-3528:admin# config account Command: config account
Next possible completions: <username>
DES-3528:admin#
Figure 2-4. Using the Up Arrow to Re-enter a Command
In the above example, the command config account was entered without the required parameter <username>, the CLI returned the Next possible completions: <username> prompt. The up arrow cursor control key was pressed to re-enter the previous command (config account) at the command prompt. Now the appropriate username can be entered and the config account command re-executed.
All commands in the CLI function in this way. In addition, the syntax of the help prompts are the same as presented in
this manual − angle brackets < > indicate a numerical value or character string, braces { } indicate optional parameters or a choice of parameters, and brackets [ ] indicate required parameters.
If a command is entered that is unrecognized by the CLI, the top-level commands will be displayed under the
Available commands: prompt.
DES-3528:admin#the
Available commands:
.. |
? |
cable_diag |
cfm |
clear |
config |
create |
debug |
delete |
disable |
download |
enable |
login |
logout |
no |
ping |
ping6 |
reboot |
reconfig |
reset |
save |
show |
telnet |
traceroute |
8
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
traceroute6 upload
DES-3528:admin#
Figure 2-5. The Next Available Commands Prompt
The top-level commands consist of commands such as show or config. Most of these commands require one or more parameters to narrow the top-level command. This is equivalent to show what? or config what? Where the what? is the next parameter.
For example, if users enter the show command with no additional parameters, the CLI will then display all of the possible next parameters.
DES-3528:admin# show
Command: show
Next possible completions: |
access_profile |
account |
|
802.1p |
802.1x |
||
accounting |
acct_client |
address_binding |
asymmetric_vlan |
arp_spoofing_prevention |
arpentry |
||
attack_log |
auth_client |
auth_diagnostics |
authen |
auth_session_statistics |
auth_statistics |
||
authen_enable |
authen_login |
authen_policy |
authentication |
authorization |
autoconfig |
bandwidth_control |
bpdu_protection |
cfm |
command_history |
config |
cpu |
cpu_filter |
current_config |
device_status |
dhcp |
dhcp_local_relay |
dhcp_relay |
dhcp_server |
dhcpv6_relay |
dnsr |
dot1v_protocol_group |
error |
dscp |
duld |
erps |
ethernet_oam |
|
fdb |
filter |
firmware |
flow_meter |
gratuitous_arp |
greeting_message |
gvrp |
hol_prevention |
igmp_snooping |
ipfdb |
ipif |
ipv6 |
ipif_ipv6_link_local_auto |
iproute |
||
ipv6route |
jumbo_frame |
jwac |
l2protocol_tunnel |
lacp_port |
limited_multicast_addr |
link_aggregation |
|
lldp |
local_route |
log |
log_save_timing |
log_software_module |
loopdetect |
||
mac_based_access_control |
mac_based_access_control_local |
||
mac_based_vlan |
mac_notification |
max_mcast_group |
|
mcast_filter_profile |
mef_l2_protocols |
mld_snooping |
|
mef_vlan_preservation |
mirror |
||
multicast |
multicast_fdb |
packet |
per_queue |
poe |
policy_route |
port |
port_security |
port_security_entry |
pvid |
port_vlan |
ports |
pppoe |
qinq |
radius |
|
rmon |
router_ports |
rspan |
safeguard_engine |
scheduling |
scheduling_mechanism |
sim |
serial_port |
session |
sflow |
snmp |
|
sntp |
sred |
ssh |
ssl |
stack_device |
stack_information |
stacking_mode |
stp |
subnet_vlan |
switch |
syslog |
system_severity |
tech_support |
terminal |
time |
time_range |
traffic |
traffic_segmentation |
vlan |
trap |
trusted_host |
utilization |
vlan_counter |
|
vlan_precedence |
vlan_translation |
vlan_trunk |
voice_vlan |
wac |
DES-3528:admin#
Figure 2-6. Next possible completions: Show Command
In the above example, all of the possible next parameters for the show command are displayed. At the next command prompt, the up arrow was used to re-enter the show command, followed by the account parameter. The CLI then displays the user accounts configured on the Switch.
9
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
COMMAND SYNTAX
The following symbols are used to describe how command entries are made and values and arguments are specified in this manual. The online help contained in the CLI and available through the console interface uses the same syntax.
NOTE: All commands are case-sensitive. Be sure to disable Caps Lock or any other unwanted function that changes text case.
<angle brackets>
Purpose |
Encloses a variable or value that must be specified. |
Syntax |
config ipif <ipif_name 12> [{ipaddress <network_address> | vlan <vlan_name 32> | |
state [enable | disable}] | bootp | dhcp] |
|
Description |
In the above syntax example, users must supply an IP interface name in the <ipif_name |
12> space, a VLAN name in the <vlan_name 32> space, and the network address in the |
|
<network_address> space. Do not type the angle brackets. |
|
Example Command |
config ipif Engineering ipaddress 10.24.22.5/255.0.0.0 vlan Design state enable |
[square brackets]
Purpose |
Encloses a required value or set of required arguments. One value or argument can be |
specified. |
|
Syntax |
create account [admin | operator | user] <username 15> |
Description |
In the above syntax example, users must specify either an admin or a user level account |
to be created. Do not type the square brackets. |
|
Example Command |
create account admin Tommy |
| vertical bar
Purpose |
Separates two or more mutually exclusive items in a list, one of which must be entered. |
Syntax |
create account [admin | operator | user] <username 15> |
Description |
In the above syntax example, users must specify either admin, or user. Do not type the |
vertical bar. |
|
Example Command |
create account admin Tommy |
{braces}
Purpose |
Encloses an optional value or set of optional arguments. |
Syntax |
reset {[config | system]} force_agree |
Description |
In the above syntax example, users have the option to specify config or system. It is not |
necessary to specify either optional value, however the effect of the system reset is |
|
dependent on which, if any, value is specified. Therefore, with this example there are three |
|
possible outcomes of performing a system reset. See the following chapter, Basic |
|
Commands for more details about the reset command. Do not type the braces. |
|
Example command |
reset config |
(parentheses)
10
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
(parentheses)
Purpose |
Indicates at least one or more of the values or arguments in the preceding syntax |
enclosed by braces must be specified. |
|
Syntax |
config dhcp_relay {hops <value 1-16> | time <sec 0-65535>}(1) |
Description |
In the above syntax example, users have the option to specify hops or time or both of |
them. The «(1)» following the set of braces indicates at least one argument or value within |
|
the braces must be specified. Do not type the parentheses. |
|
Example command |
config dhcp_relay hops 3 |
Line Editing Key Usage
Delete |
Deletes the character under the cursor and then shifts the remaining characters in the line |
to the left. |
|
Backspace |
Deletes the character to the left of the cursor and then shifts the remaining characters in |
the line to the left. |
|
Left Arrow |
Moves the cursor to the left. |
Right Arrow |
Moves the cursor to the right. |
Up Arrow |
Repeats the previously entered command. Each time the up arrow is pressed, the |
command previous to that displayed appears. This way it is possible to review the |
|
command history for the current session. Use the down arrow to progress sequentially |
|
forward through the command history list. |
|
Down Arrow |
The down arrow will display the next command in the command history entered in the |
current session. This displays each command sequentially as it was entered. Use the up |
|
arrow to review previous commands. |
|
Tab |
Shifts the cursor to the next field to the left. |
Multiple Page Display Control Keys
Space |
Displays the next page. |
CTRL+c |
Stops the display of remaining pages when multiple pages are to be displayed. |
ESC |
Stops the display of remaining pages when multiple pages are to be displayed. |
n |
Displays the next page. |
p |
Displays the previous page. |
q |
Stops the display of remaining pages when multiple pages are to be displayed. |
r |
Refreshes the pages currently displayed. |
a |
Displays the remaining pages without pausing between pages. |
Enter |
Displays the next line or table entry. |
11
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
BASIC SWITCH COMMANDS
The basic Switch commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Command |
Parameters |
create account |
[admin | operator | power_user | user] <username 15> |
config account |
<username> {encrypt [plain_text | sha_1] <password>} |
show account |
|
delete account |
<username> |
enable password |
|
encryption |
|
disable password |
|
encryption |
|
show session |
|
show switch |
|
show device_status |
|
show serial_port |
|
config serial_port |
{baud_rate [9600 | 19200 | 38400 | 115200] | auto_logout [never | 2_minutes | 5_minutes | |
10_minutes | 15_minutes]}(1) |
|
enable clipaging |
|
disable clipaging |
|
telnet |
<ipaddr> {tcp_port <value 1-65535>} |
enable telnet |
<tcp_port_number 1-65535> |
disable telnet |
|
enable web |
<tcp_port_number 1-65535> |
disable web |
|
save |
{[config <config_id 1-2> | log | all]} |
reboot |
{force_agree} |
reset |
{[config | system]} {force_agree} |
login |
|
logout |
|
clear |
|
config terminal width |
[default | <value 80-200>] |
show terminal width |
|
Each command is listed, in detail, in the following sections.
create account
Purpose Used to create user accounts.
12
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
create account
Syntax |
create account [admin | operator | power_user | user] <username 15> |
Description |
This command is used to create user accounts that consist of a username of 1 to 15 |
characters and a password of 0 to 15 characters. Up to 8 user accounts can be created. |
|
Parameters |
admin – Specifies that the user account will be set to admin. |
operator – Specifies that the user account will be set to operator. |
|
power_user – Specifies that the user account will be set to power user. |
|
user – Specifies that the user account will be set to user. |
|
<username 15> — Enter the account username here. This name can be up to 15 characters |
|
long. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Usernames can be between 1 and 15 characters. |
|
Passwords can be between 0 and 15 characters. |
|
Example usage:
To create an administrator-level user account with the username “dlink”.
DES-3528:admin# create account admin dlink
Command: create account admin dlink
Enter a case-sensitive new password:****
Enter the new password again for confirmation:****
Success.
DES-3528:admin#
NOTICE: In case of lost passwords or password corruption, please refer to the D-Link website and the White Paper entitled “Password Recovery Procedure”, which will guide you through the steps necessary to resolve this issue.
config account
Purpose |
Used to configure user accounts |
Syntax |
config account <username> {encrypt [plain_text | sha_1] <password>} |
Description |
When the password information is not specified in the command, the system will prompt the |
user to input the password interactively. For this case, the user can only input the plain text |
|
password. |
|
If the password is present in the command, the user can select to input the password in the |
|
plain text form or in the encrypted form. The encryption algorithm is based on SHA-I. |
|
Parameters |
<username> − Name of the account. The account must already be defined. |
plain_text − Select to specify the password in plain text form. |
|
sha_1 − Select to specify the password in the SHA-I enacrpted form. |
|
password − The password for the user account. |
|
The length for of password in plain-text form and in encrypted form are different. For the |
|
plain-text form, passwords must have a minimum of 0 character and can have a maximum of |
|
15 characters. For the encrypted form password, the length is fixed to 35 bytes long. The |
|
assword is case-sensitive. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Usernames can be between 1 and 15 characters. |
|
Passwords can be between 0 and 15 characters. |
|
Example usage:
To configure the user password of “dlink” account:
13
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
DES-3528:admin# config account dlink
Command: config account dlink
Enter a old password:****
Enter a case-sensitive new password:****
Enter the new password again for confirmation:****
Success.
DES-3528:admin#
show account
Purpose |
Used to display user accounts. |
Syntax |
show account |
Description |
This command is used to display all user accounts created on the Switch. Up to 8 user |
accounts can exist at one time. |
|
Parameters |
None. |
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To display the accounts that have been created:
DES-3528:admin# show account |
|
Command: show account |
|
Current Accounts: |
Access Level |
Username |
|
————— |
———— |
dlink |
Admin |
Total Entries: 1 |
|
DES-3528:admin# |
delete account
Purpose |
Used to delete an existing user account. |
Syntax |
delete account <username> |
Description |
This command is used to delete an existing entry. |
Parameters |
<username> − Name of the user who will be deleted. |
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To delete the user account “System”:
DES-3528:admin# delete account System
Command: delete account System
Success.
DES-3528:admin#
enable password encryption
Purpose |
Used to enable password encryption. |
Syntax |
enable password encryption |
Description |
The user account configuration information will be stored in the configuration file, and can be |
14
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
enable password encryption
applied to the system later. |
|
If the password encryption is enabled, the password will be in encrypted form. |
|
When password encryption is diabled, if the user specifies the password in plain text form, |
|
the password will be in plain text form. However, if the user specifies the password in |
|
encrypted form, or if the password has been converted to encrypted form by the last enable |
|
password encryption command, the password will still be in the encrypted form. It cannot be |
|
reverted to the plaintext. |
|
Parameters |
None. |
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To enable password encryption:
DES-3528:admin# enable password encryption
Command: enable password encryption
Success.
DES-3528:admin#
disable password encryption
Purpose |
Used to disable password encryption. |
Syntax |
disable password encryption |
Description |
The user account configuration information will be stored in the configuration file, and can be |
applied to the system later. |
|
If the password encryption is enabled, the password will be in encrypted form. |
|
When password encryption is disabled, if the user specifies the password in plain text form, |
|
the password will be in plan text form. However, if the user specifies the password in |
|
encrypted form, or if the password has been converted to encrypted form by the last enable |
|
password encryption command, the password will still be in the encrypted form. It cannot be |
|
reverted to the plaintext. |
|
Parameters |
None. |
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To disable password encryption:
DES-3528:admin# disable password encryption
Command: disable password encryption
Success.
DES-3528:admin#
show session
Purpose |
Used to display a list of currently logged-in users. |
Syntax |
show session |
Description |
This command displays a list of all the users that are logged-in at the time the command is |
issued. |
|
Parameters |
None. |
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage: |
15
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
To display the way that the users logged in:
DES-3528:admin# show session
Command: show session
ID |
Live Time |
From |
Level |
Name |
— |
——— |
———— |
—— |
——- |
8 |
00:00:16.250 |
Serial Port |
5 |
Anonymous |
Total Entries: 1
CTRL+C ESC q Quit SPACE n Next Page p Previous Page r Refresh
show switch
Purpose |
Used to display general information about the Switch. |
Syntax |
show switch |
Description |
This command displays information about the Switch. |
Parameters |
None. |
Restrictions |
None. |
Example usage:
To display the Switch’s information:
DES-3528:admin# show switch |
|
Command: show switch |
|
Device Type |
: DES-3528 Fast Ethernet Switch |
MAC Address |
: 1C-AF-F7-AD-33-20 |
IP Address |
: 10.90.90.90 (Manual) |
VLAN Name |
: default |
Subnet Mask |
: 255.0.0.0 |
Default Gateway |
: 0.0.0.0 |
Boot PROM Version |
: Build 1.00.B008 |
Firmware Version |
: Build 2.60.B010 |
Hardware Version |
: A4 |
Serial Number |
: P1UQ3A4000012 |
System Name |
: |
System Location |
: |
System Uptime |
: 0 days, 0 hours, 3 minutes, 58 seconds |
System Contact |
: |
Spanning Tree |
: Disabled |
GVRP |
: Disabled |
IGMP Snooping |
: Disabled |
MLD Snooping |
: Disabled |
VLAN Trunk |
: Disabled |
Telnet |
: Enabled (TCP 23) |
Web |
: Enabled (TCP 80) |
SNMP |
: Disabled |
CTRL+C ESC q Quit SPACE n Next Page ENTER Next Entry a All
show device_status
Purpose |
Used to display the current Switch’s power and fan status. |
Syntax |
show device_status |
Description |
This command displays status of both the Switch’s internal and external power and the fan |
status. |
|
Parameters |
None. |
16
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
show device_status
Restrictions None.
Example usage:
To display the Switch’s device status:
DES-3528:admin# show device_status
Command: show device_status
Internal Power: Active
External Power: Fail
DES-3528:admin#
show serial_port
Purpose |
Used to display the current serial port settings. |
Syntax |
show serial_port |
Description |
This command displays the current serial port settings. |
Parameters |
None. |
Restrictions |
None |
Example usage:
To display the serial port setting:
DES-3528:admin#show serial_port
Command: show serial_port
Baud Rate |
: 115200 |
||
Data |
Bits |
: 8 |
|
Parity Bits |
: None |
||
Stop |
Bits |
: |
1 |
Auto-Logout |
: |
Never |
DES-3528:admin#
config serial_port
Purpose |
Used to configure the serial port. |
Syntax |
config serial_port {baud_rate [9600 | 19200 | 38400 | 115200] | auto_logout [never | |
2_minutes | 5_minutes | 10_minutes | 15_minutes]}(1) |
|
Description |
This command is used to configure the serial port’s baud rate and auto logout settings. |
Parameters |
baud_rate [9600 | 19200 | 38400 | 115200] − The serial bit rate that will be used to |
communicate with the management host. There are four options: 9600, 19200, 38400, |
|
115200. Factory default setting is 115200. |
|
never − No time limit on the length of time the console can be open with no user input. |
|
2_minutes − The console will log out the current user if there is no user input for 2 minutes. |
|
5_minutes − The console will log out the current user if there is no user input for 5 minutes. |
|
10_minutes − The console will log out the current user if there is no user input for 10 |
|
minutes. |
|
15_minutes − The console will log out the current user if there is no user input for 15 |
|
minutes. |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To configure baud rate:
17
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
DES-3528:admin# config serial_port baud_rate 115200
Command: config serial_port baud_rate 115200
Success.
DES-3528:admin#
NOTE: If a user configures the serial port’s baud rate, the baud rate will take effect and save |
|
immediately. Baud rate settings will not change even if the user resets or reboots the Switch. The |
|
Baud rate will only change when the user configures it again. The serial port’s baud rate setting is not |
|
stored in the Switch’s configuration file. Resetting the Switch will not restore the baud rate to the |
|
default setting. |
|
enable clipaging |
|
Purpose |
Used to pause the scrolling of the console screen when a command displays more than one |
page. |
|
Syntax |
enable clipaging |
Description |
This command is used when issuing a command which causes the console screen to rapidly |
scroll through several pages. This command will cause the console to pause at the end of |
|
each page. The default setting is enabled. |
|
Parameters |
None. |
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To enable pausing of the screen display when the show command output reaches the end of the page:
DES-3528:admin# enable clipaging
Command: enable clipaging
Success.
DES-3528:admin#
disable clipaging
Purpose |
Used to disable the pausing of the console screen scrolling at the end of each page when a |
command displays more than one screen of information. |
|
Syntax |
disable clipaging |
Description |
This command is used to disable the pausing of the console screen at the end of each page |
when a command would display more than one screen of information. |
|
Parameters |
None. |
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To disable pausing of the screen display when show command output reaches the end of the page:
DES-3528:admin# disable clipaging
Command: disable clipaging
Success.
DES-3528:admin#
telnet
Purpose Used to login the remote device system through the network.
18
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
telnet
Syntax |
telnet <ipaddr> {tcp_port <value 1-65535>} |
Description |
This command is used when the manager want to manage the device system which isn’t on |
local. So can use this command to login in the remote system which is located on other side. |
|
If connect successful, some actions can be done as local. |
|
Parameters |
<ipaddr> − The network ip address. This is the destination which wants to login. |
<value 1-65535> − The TCP port number. TCP ports are numbered between 1 and 65535. |
|
The “well-known” TCP port for the Telnet protocol is 23. |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
Telnet to the remote Switch:
DES-3528:admin# telnet 172.18.168.12 tcp_port 50
Command: telnet 172.18.168.12 tcp_port 50
Connecting to server,please wait….
DES-3528 Gigabit Ethernet Switch
Command Line Interface
Firmware: Build 2.60.B010
UserName:
Copyright(C) 2009 D-Link Corporation. All rights reserved.
PassWord:
enable telnet
Purpose |
Used to enable communication with and management of the Switch using the Telnet |
protocol. |
|
Syntax |
enable telnet <tcp_port_number 1-65535> |
Description |
This command is used to enable the Telnet protocol on the Switch. The user can specify the |
TCP or UDP port number the Switch will use to listen for Telnet requests. |
|
Parameters |
<tcp_port_number 1-65535> − The TCP port number. TCP ports are numbered between 1 |
and 65535. The “well-known” TCP port for the Telnet protocol is 23. |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To enable Telnet and configure port number:
DES-3528:admin# enable telnet 23
Command: enable telnet 23
Success.
DES-3528:admin#
disable telnet
Purpose |
Used to disable the Telnet protocol on the Switch. |
Syntax |
disable telnet |
Description |
This command is used to disable the Telnet protocol on the Switch. |
Parameters |
None. |
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage: |
19
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
To disable the Telnet protocol on the Switch:
DES-3528:admin# disable telnet
Command: disable telnet
Success.
DES-3528:admin#
enable web
Purpose |
Used to enable the HTTP-based management software on the Switch. |
Syntax |
enable web <tcp_port_number 1-65535> |
Description |
This command is used to enable the Web-based management software on the Switch. The |
user can specify the TCP port number the Switch will use to listen for Telnet requests. |
|
Parameters |
<tcp_port_number 1-65535> − The TCP port number. TCP ports are numbered between 1 |
and 65535. The “well-known” port for the Web-based management software is 80. |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To enable HTTP and configure port number:
DES-3528:admin# enable web 80
Command: enable web 80
Success.
DES-3528:admin#
disable web
Purpose |
Used to disable the HTTP-based management software on the Switch. |
Syntax |
disable web |
Description |
This command disables the Web-based management software on the Switch. |
Parameters |
None. |
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To disable HTTP:
DES-3528:admin# disable web
Command: disable web
Success.
DES-3528:admin#
save
Purpose |
Used to save changes in the Switch’s configuration to non-volatile RAM. |
Syntax |
save {[config <config_id 1-2> | log | all]} |
Description |
This command is used to enter the current Switch configuration into non-volatile RAM. The |
saved Switch configuration will be loaded into the Switch’s memory each time the Switch is |
|
restarted. |
|
Parameters |
config <config_id 1-2> – Specify to save current settings to configuration file 1 or 2. |
log – Specify to save current Switch log to NV-RAM. |
|
20
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
save
all – Specify to save all configuration settings. If nothing is specified after “save”, the Switch |
|
will save all. |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To save the Switch’s current configuration to non-volatile RAM:
DES-3528:admin# save
Command: save
Saving all configurations to NV-RAM… Done.
DES-3528:admin#
reboot
Purpose |
Used to restart the Switch. |
Syntax |
Reboot {force_agree} |
Description |
This command is used to restart the Switch. |
Parameters |
force_agree − When force_agree is specified, the reboot command will be executed |
immediatedly without further confirmation. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To restart the Switch:
DES-3528:admin# reboot
Command: reboot
Are you sure you want to proceed with the system reboot? (y|n)y
Please wait, the switch is rebooting…
reset
Purpose |
Used to reset the Switch to the factory default settings. |
Syntax |
reset {[config | system]} {force_agree} |
Description |
This command is used to restore the Switch’s configuration to the default settings assigned |
from the factory. |
|
Parameters |
config − If the keyword ‘config’ is specified, all of the factory default settings are restored on |
the Switch including the IP address, user accounts, and the Switch history log. The Switch |
|
will not save or reboot. |
|
system − If the keyword ‘system’ is specified all of the factory default settings are restored on |
|
the Switch. The Switch will save and reboot after the settings are changed to default. |
|
Rebooting will clear all entries in the Forwarding Data Base. |
|
force_agree − When force_agree is specified, the reset command will be executed |
|
immediatedly without further confirmation. |
|
If no parameter is specified, the Switch’s current IP address, user accounts, and the Switch |
|
history log are not changed. All other parameters are restored to the factory default settings. |
|
The Switch will not save or reboot. |
|
NOTE: The serial port baud rate will not be changed by the reset command. |
|
It will not be restored to the factory default setting. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Example usage: |
21
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
To restore all of the Switch’s parameters to their default values:
DES-3528:admin# reset config
Command: reset config
Are users sure to proceed with system reset?(y/n)y
Success.
DES-3528:admin#
login
Purpose |
Used to log in a user to the Switch’s console. |
Syntax |
login |
Description |
This command is used to initiate the login procedure. The user will be prompted for a |
Username and Password. |
|
Parameters |
None. |
Restrictions |
None. |
Example usage:
To initiate the login procedure:
DES-3528:admin# login
Command: login
UserName:
logout
Purpose |
Used to log out a user from the Switch’s console. |
Syntax |
logout |
Description |
This command terminates the current user’s session on the Switch’s console. |
Parameters |
None. |
Restrictions |
None. |
Example usage:
To terminate the current user’s console session:
DES-3528:admin# logout
clear
Purpose |
The command is used to clear screen. |
Syntax |
clear |
Description |
The command is used to clear screen. |
Parameters |
None. |
Restrictions |
None. |
Example usage: |
22
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
To clear screen:
DES-3528:admin# clear
Command: clear
DES-3528:admin#
config terminal width
Purpose |
The command is used to set current terminal width. |
Syntax |
config terminal width [default | <value 80-200>] |
Description |
The usage is described as below: |
1.Users login and configure the terminal width to 120, this configuration take effect on this login section. If users implement “save” command, the configuration is saved. After users log out and log in again, the terminal width is 120.
2.If user did not save the configuration, another user login, the terminal width is default value.
3.If at the same time, two CLI sessions are running, once section configure to 120 width and save it, the other section will not be effected, unless it log out and then log in.
Parameters |
default — The default setting of terminal width. The default value is 80. |
<value 80-200> — The terminal width which will be configured. The width is between 80 and |
|
200 characters. |
|
Restrictions |
None. |
Example usage:
To configure the current terminal width:
DES-3528:admin# config terminal width 120
Command: config terminal width 120
Success.
DES-3528:admin#
show terminal width
Purpose |
The command is used to display the configuration of current terminal width. |
Syntax |
show terminal width |
Description |
The command is used to display the configuration of current terminal width. |
Parameters |
None. |
Restrictions |
None. |
Example usage:
To display the configuration of current terminal width:
DES-3528:admin#show terminal width |
||
Command: show terminal width |
||
Global terminal width |
: |
80 |
Current terminal width |
: |
80 |
DES-3528:admin#
23
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
MODIFY BANNER AND PROMPT COMMANDS
Administrator level users can modify the login banner (greeting message) and command prompt by using the commands described below.
Command |
Parameters |
config command_prompt |
[<string 16> | username | default] |
config greeting_message |
{default} |
show greeting_message |
|
The Modify Banner and Prompt commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
config command prompt
Purpose |
Used to configure the command prompt. |
Syntax |
config command_prompt [<string 16> | username | default] |
Description |
This command is used to change the command prompt. |
Parameters |
string 16 –The command prompt can be changed by entering a new name of no more that 16 |
characters. |
|
username – The command prompt will be changed to the login username. |
|
default – The command prompt will reset to factory default command prompt. |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. Other restrictions |
include: |
|
• If the “reset” command is executed, the modified command prompt will remain |
|
modified. However, the “reset config/reset system” command will reset the |
|
command prompt to the original factory banner. |
|
Example usage:
To modify the command prompt to “AtYourService”:
DES-3528:admin#config command_prompt AtYourService
Command: config command_prompt AtYourService
Success.
AtYourService:admin#
config greeting _message
Purpose |
Used to configure the login banner (greeting message). |
|
Syntax |
config greeting _message {default} |
|
Description |
This command is used to modify the login banner (greeting message). |
|
Parameters |
default – If the user enters default to the modify banner command, then the banner will be |
|
reset to the original factory banner. |
||
To open the Banner Editor, click enter after typing the config greeting_message command. |
||
Type the information to be displayed on the banner by using the commands described on the |
||
Banner Editor: |
||
Quit without save: |
Ctrl+C |
|
Save and quit: |
Ctrl+W |
|
Move cursor: |
Left/Right/Up/Down |
|
Delete line: |
Ctrl+D |
|
24
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
config greeting _message
Erase all setting: |
Ctrl+X |
|
Reload original setting: |
Ctrl+L |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. Other restrictions |
|
include: |
•If the “reset” command is executed, the modified banner will remain modified. However, the “reset config/reset system” command will reset the modified banner to the original factory banner.
•The capacity of the banner is 6*80. 6 Lines and 80 characters per line.
•Ctrl+W will only save the modified banner in the DRAM. Users need to type the “save” command to save it into FLASH.
•Only valid in threshold level.
Example usage:
To modify the banner:
DES-3528:admin#config greeting_message
Command: config greeting_message
Greeting Messages Editor
================================================================================
DES-3528 Fast Ethernet Switch
Command Line Interface
Firmware: Build 2.60.017
Copyright(C) 2010 D-Link Corporation. All rights reserved.
================================================================================
<Function Key> |
<Control Key> |
||
Ctrl+C |
Quit without save |
left/right/ |
Move cursor |
Ctrl+W |
Save and quit |
up/down |
|
Ctrl+D |
Delete line |
||
Ctrl+X |
Erase all setting |
||
Ctrl+L |
Reload original setting |
———————————————————————————
show greeting_message
Purpose |
Used to view the currently configured greeting message configured on the Switch. |
Syntax |
show greeting_message |
Description |
This command is used to view the currently configured greeting message on the Switch. |
Parameters |
None. |
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To view the currently configured greeting message:
25
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
DES-3528:admin#show greeting_message
Command: show greeting_message
================================================================================
DES-3528 Fast Ethernet Switch
Command Line Interface
Firmware: Build 2.60.017
Copyright(C) 2010 D-Link Corporation. All rights reserved.
================================================================================
DES-3528:admin#
26
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
SWITCH PORT COMMANDS
The Switch port commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Command |
Parameters |
config ports |
[<portlist> | all] {medium_type [fiber | copper]} {speed [auto | 10_half | 10_full | 100_half | |
100_full | 1000_full {[master | slave]}] | flow_control [enable | disable] | learning [enable | |
|
disable ] | state [enable | disable] | mdix [auto | normal | cross] | [description <desc 1-32> | |
|
clear_description]} |
|
show ports |
{<portlist>} {[description | err_disabled | details | media_type]} |
enable jumbo_frame |
|
disable jumbo_frame |
|
show jumbo_frame |
|
Each command is listed, in detail, in the following sections.
config ports
Purpose |
Used to configure the Switch’s port settings. |
Syntax |
config ports [<portlist> | all] {medium_type [fiber | copper]} {speed [auto | 10_half | |
10_full | 100_half | 100_full | 1000_full {[master | slave]}] | flow_control [enable | |
|
disable] | learning [enable | disable ] | state [enable | disable] | mdix [auto | normal | |
|
cross] | [description <desc 1-32> | clear_description]} |
|
Description |
This command is used to configure the Switch’s Ethernet ports. Only the ports listed in the |
<portlist> will be affected. |
|
Parameters |
all − Configure all ports on the Switch. |
<portlist> − Specifies a port or range of ports to be configured. |
|
speed – Allows the user to adjust the speed for a port or range of ports. The user has a |
|
choice of the following: |
|
auto − Enables auto-negotiation for the specified range of ports. |
|
[10 | 100 | 1000] − Configures the speed in Mbps for the specified range of ports. |
|
Gigabit ports are statically set to 1000. When setting port speed to 1000_full,user should |
|
specify master or slave mode for 1000 base TX interface, and leave the 1000_full |
|
without any master or slave setting for other interfaces. |
|
[half | full] − Configures the specified range of ports as either full-duplex or half-duplex. |
|
flow_control [enable | disable] – Enable or disable flow control for the specified ports. |
|
learning [enable | disable] − Enables or disables the MAC address learning on the specified |
|
range of ports. |
|
medium_type – Specify the medium type while the configured ports are combo ports. It’s an |
|
optional parameter for configuring medium type combo ports. For no combo ports, user does |
|
not need to specify medium_type in the commands. |
|
state [enable | disable] − Enables or disables the specified range of ports. |
|
description − Enter an alphanumeric string of no more than 32 characters to describe a |
|
selected port interface. |
|
clear description – To clear the description. |
|
mdix [auto | normal | cross] – MDIX mode can be specified as auto, normal, or cross. If set to |
|
normal state, the port is in MDIX mode and can be connected to a port on an end node, such |
|
as a server or PC, using a straight-through cable. If set to cross state, the port is in MDI |
|
mode, and can be connected to a port on another Switch or hub that uses MDI-X ports |
|
through a straight-through cable. If set to auto state, the ports can be connected to any |
|
connections by using straight-through or cross-over cable. The ports make the necessary |
|
adjustments to accommodate either cable for correct operation. |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. |
27
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
Example usage:
To configure the speed of ports 1-3 of unit 1 to be 10 Mbps, full duplex, learning enabled, state enabled and flow control enabled:
DES-3528:admin# config ports 1-3 speed 10_full learning enable state enable flow_control enable
Command: config ports 1-3 speed 10_full learning enable state enable flow_control enable
Success. DES-3528:admin#
show ports
Purpose |
Used to display the current configuration of a range of ports. |
Syntax |
show ports {<portlist>} {[description | err_disabled | details | media_type]} |
Description |
This command is used to display the current configuration of a range of ports. |
Parameters |
<portlist> − Specifies a port or range of ports to be displayed. |
description – Adding this parameter to the show ports command indicates that a previously |
|
entered port description will be included in the display. |
|
err_disabled – Use this to list disabled ports including connection status and reason for being |
|
disabled. |
|
details – Use this to show the detail information of ports. |
|
media_type – Specifies the media type used. |
|
Restrictions |
None. |
Example usage:
To display the configuration of all ports on a Switch:
DES-3528:admin# show ports |
|||||||||||||||
Command: show ports |
|||||||||||||||
Port |
State/ |
Settings |
Connection |
Address |
|||||||||||
——- |
MDIX |
Speed/Duplex/FlowCtrl |
Speed/Duplex/FlowCtrl |
Learning |
|||||||||||
——— |
——————— |
———————- |
——— |
||||||||||||
1 |
Enabled |
Auto/Disabled |
Link Down |
Enabled |
|||||||||||
2 |
Auto |
Auto/Disabled |
Link Down |
Enabled |
|||||||||||
Enabled |
|||||||||||||||
3 |
Auto |
Auto/Disabled |
Link Down |
Enabled |
|||||||||||
Enabled |
|||||||||||||||
4 |
Auto |
Auto/Disabled |
Link Down |
Enabled |
|||||||||||
Enabled |
|||||||||||||||
5 |
Auto |
Auto/Disabled |
Link Down |
Enabled |
|||||||||||
Enabled |
|||||||||||||||
6 |
Auto |
Auto/Disabled |
Link Down |
Enabled |
|||||||||||
Enabled |
|||||||||||||||
7 |
Auto |
Auto/Disabled |
Link Down |
Enabled |
|||||||||||
Enabled |
|||||||||||||||
8 |
Auto |
Auto/Disabled |
Link Down |
Enabled |
|||||||||||
Enabled |
|||||||||||||||
9 |
Auto |
Auto/Disabled |
Link Down |
Enabled |
|||||||||||
Enabled |
|||||||||||||||
Auto |
|||||||||||||||
CTRL+C |
ESC |
q |
Quit |
SPACE |
n |
Next Page |
p |
Previous Page |
r |
Refresh |
|||||
Example usage: |
|||||||||||||||
To display the configuration of all ports on a standalone Switch, with description: |
|||||||||||||||
DES-3528:admin# show ports description |
|||||||||||||||
Command: show ports description |
28
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
Port |
State/ |
Settings |
Connection |
Address |
||||||||||||
——- |
MDIX |
Speed/Duplex/FlowCtrl |
Speed/Duplex/FlowCtrl |
Learning |
||||||||||||
——— |
——————— |
———————- |
——— |
|||||||||||||
1 |
Enabled |
Auto/Disabled |
Link Down |
Enabled |
||||||||||||
Auto |
||||||||||||||||
2 |
Description: |
Link Down |
Enabled |
|||||||||||||
Enabled |
Auto/Disabled |
|||||||||||||||
Auto |
||||||||||||||||
3 |
Description: |
Link Down |
Enabled |
|||||||||||||
Enabled |
Auto/Disabled |
|||||||||||||||
Auto |
||||||||||||||||
4 |
Description: |
Link Down |
Enabled |
|||||||||||||
Enabled |
Auto/Disabled |
|||||||||||||||
Auto |
||||||||||||||||
5 |
Description: |
Link Down |
Enabled |
|||||||||||||
Enabled |
Auto/Disabled |
|||||||||||||||
Auto |
||||||||||||||||
6 |
Description: |
Link Down |
Enabled |
|||||||||||||
Enabled |
Auto/Disabled |
|||||||||||||||
Auto |
||||||||||||||||
Description: |
||||||||||||||||
Quit |
Next Page |
Previous Page |
Refresh |
|||||||||||||
CTRL+C |
ESC |
q |
SPACE |
n |
p |
r |
||||||||||
Example usage: |
To display disabled ports including connection status and reason for being disabled on a standalone Switch:
DES-3528:admin# show ports err_disabled
Command: show ports err_disabled
Port |
Port |
Connection Status |
Reason |
—— |
State |
——————— |
—————- |
——— |
DES-3528:admin#
Example usage:
To display detail information of ports on the Switch:
DES-3528:admin# show ports details
Command: show ports details
Port : 1
———————
Port Status |
: Link Down |
|||||||||||||||
Description |
: |
|||||||||||||||
HardWare Type |
: Fast Ethernet |
|||||||||||||||
MAC Address |
: |
00-22-B0-10-8A-01 |
||||||||||||||
Bandwidth |
: |
100000Kbit |
||||||||||||||
Auto-Negotiation |
: |
Enabled |
||||||||||||||
Duplex Mode |
: |
Full Duplex |
||||||||||||||
Flow Control |
: |
Disabled |
||||||||||||||
MDI |
: |
Auto |
||||||||||||||
Address Learning |
: |
Enabled |
||||||||||||||
Last Clear of Counter |
: |
0 hours 3 mins ago |
||||||||||||||
BPDU Hardware Filtering Mode: |
Disabled |
|||||||||||||||
Queuing Strategy |
: |
FIFO |
||||||||||||||
TX Load |
: |
0/100, |
0bits/sec, |
0packets/sec |
||||||||||||
RX Load |
: |
0/100, |
0bits/sec, |
0packets/sec |
||||||||||||
CTRL+C |
ESC |
q |
Quit |
SPACE |
n |
Next Page |
p |
Previous Page |
r |
Refresh |
29
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
enable jumbo_frame
Purpose |
Used to enable the jumbo frame function on the Switch. |
Syntax |
enable jumbo_frame |
Description |
This command will allow ethernet frames larger than 1536 bytes to be processed by the |
Switch. The maximum size of the jumbo frame may not exceed 9220 Bytes tagged. |
|
Parameters |
None. |
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To enabled the jambo frame:
DES-3528:admin# enable jumbo_frame
Command: enable jumbo_frame
The maximum size of jumbo frame is 9216 bytes.
Success.
DES-3528:admin#
disable jumbo_frame
Purpose |
Used to disable the jumbo frame function on the Switch. |
Syntax |
disable jumbo_frame |
Description |
This command will disable the jumbo frame function on the Switch. |
Parameters |
None. |
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To disable the jumbo frame:
DES-3528:admin# disable jumbo_frame
Command: disable jumbo_frame
Success.
DES-3528:admin#
show jumbo_frame
Purpose |
Used to show the status of the jumbo frame function on the Switch. |
Syntax |
show jumbo_frame |
Description |
This command will show the status of the jumbo frame function on the Switch. |
Parameters |
None. |
Restrictions |
None. |
Example usage:
To show the jumbo frame status currently configured on the Switch:
DES-3528:admin# show jumbo_frame
Command: show jumbo_frame
Jumbo Frame State : Disabled
Maximum Frame Size : 1536 Bytes
DES-3528:admin#
30
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
PORT SECURITY COMMANDS
The Switch’s port security commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Command |
Parameters |
config port_security ports |
[<portlist> | all] [{admin_state [enable | disable] | max_learning_addr |
<max_lock_no 0-16384> | lock_address_mode [permanent | deleteontimeout | |
|
deleteonreset]} |{vlan [<vlan_name 32> | vlanid <vidlist>] max_learning_addr |
|
[<max_lock_no 0-16384> | no_limit]}] |
|
delete port_security_entry |
[vlan <vlan_name 32> | vlanid <vlanid 1-4094>] mac_address <macaddr> |
clear port_security_entry |
{ports [<portlist> | all] {[vlan <vlan_name 32> | vlanid <vidlist>]}} |
show port_security |
{ports [<portlist> | all] {[vlan <vlan_name 32> | vlanid <vidlist>]}} |
enable port_security trap_log |
|
disable port_security trap_log |
|
config port_security system |
[<max_lock_no 1-16384> | no_limit] |
max_learning_addr |
|
config port_security vlan |
[<vlan_name 32> | vlanid <vidlist>] max_learning_addr [<max_lock_no 0-16384> |
| no_limit] |
|
Each command is listed, in detail, in the following sections.
config port_security ports
Purpose |
Used to configure port security settings. |
Syntax |
config port_security ports [<portlist> | all] [{admin_state [enable | disable] | |
max_learning_addr <max_lock_no 0-16384> | lock_address_mode [permanent | |
|
deleteontimeout | deleteonreset]} |{vlan [<vlan_name 32> | vlanid <vidlist>] |
|
max_learning_addr [<max_lock_no 0-16384> | no_limit]}] |
|
Description |
This command allows for the configuration of the port security feature. Only the ports listed |
in the <portlist> are affected. |
|
Parameters |
portlist − Specifies a port or range of ports to be configured. |
all − Configure port security for all ports on the Switch. |
|
admin_state [enable | disable] – Enable or disable port security for the listed ports. |
|
max_learning_addr <max_lock_no 0-16384> − Use this to limit the number of MAC |
|
addresses dynamically listed in the FDB for the ports. |
|
lock_address_mode [permanent | deleteontimout | deleteonreset] – Indicates the method of |
|
locking addresses. The user has three choices: |
|
permanent – The locked addresses will not age out after the aging timer expires. |
|
deleteontimeout – The locked addresses will age out after the aging timer expires. |
|
deleteonreset – The locked addresses will not age out until the Switch has been |
|
reset. |
|
vlan – Specifies the VLAN name used. |
|
vlanid – Specifies the VLAN ID used. |
|
max_learning_addr – Specifies the maximum learning address value. To specify this value to |
|
have no limit, select the ‘no_limit’ option. |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To configure the port security:
DES-3528:admin# config port_security ports 1-5 admin_state enable max_learning_addr 5 lock_address_mode deleteonreset
31
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
Command: config port_security ports 1-5 admin_state enable max_learning_addr 5 lock_address_mode deleteonreset
Success.
DES-3528:admin#
delete port_security_entry
Purpose |
Used to delete a port security entry by MAC address, port number and VLAN ID. |
Syntax |
delete port_security_entry [vlan <vlan_name 32> | vlanid <vlanid 1-4094>] |
mac_address <macaddr> |
|
Description |
This command is used to delete a single, previously learned port security entry by port, |
VLAN name, and MAC address. |
|
Parameters |
vlan name − Enter the corresponding VLAN name of the port to delete. |
vlanid – Specifies the VLAN ID used. |
|
mac_address <macaddr> − Enter the corresponding MAC address, previously learned by the |
|
port, to delete. |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To delete a port security entry:
DES-3528:admin# delete port_security_entry vlan default mac_address 00-01-30-10-2C-
C7
Command: delete port_security_entry vlan default mac_address 00-01-30-10-2C-C7 Success.
DES-3528:admin#
clear port_security_entry
Purpose |
Used to clear MAC address entries learned from a specified port for the port security |
function. |
|
Syntax |
clear port_security_entry {ports [<portlist> | all] {[vlan <vlan_name 32> | vlanid |
<vidlist>]}} |
|
Description |
This command is used to clear MAC address entries which were learned by the Switch by a |
specified port. This command only relates to the port security function. |
|
Parameters |
ports − Specifies a port or port range to clear. |
vlan – Specifies the VLAN name used. |
|
vlanid – Specifies the VLAN ID used. |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To clear a port security entry by port:
DES-3528:admin#clear port_security_entry ports all
Command: clear port_security_entry ports all
Success.
DES-3528:admin#
show port_security
Purpose |
Used to display the current port security configuration. |
32
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
show port_security
Syntax |
show port_security {ports [<portlist> | all] {[vlan <vlan_name 32> | vlanid <vidlist>]}} |
Description |
This command is used to display port security information of the Switch’s ports. The |
information displayed includes port security trap/log state, admin state, maximum number of |
|
learning address and lock mode. |
|
Parameters |
ports − Specifies a port or range of ports to be viewed. |
vlan – Specifies the VLAN name used. |
|
vlanid – Specifies the VLAN ID used. |
|
Restrictions |
None. |
Example usage:
To display the port security configuration:
DES-3528:admin#show port_security |
|
Command: show port_security |
|
Port Security Trap/Log |
: Enabled |
System Maximum Address |
: no_limit |
VLAN Configuration (Only VLANs with limitation are displayed): |
||
VID |
VLAN Name |
Max. Learning Addr. |
—- |
——————————— |
—————— |
1 |
default |
2 |
DES-3528:admin#
enable port_security trap_log
Purpose |
Used to enable the trap log for port security. |
Syntax |
enable port_security trap_log |
Description |
This command, along with the disable port_security trap_log, will enable and disable the |
sending of log messages to the Switch’s log and SNMP agent when the port security of the |
|
Switch has been triggered. |
|
Parameters |
None. |
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To enable the port security trap log setting:
DES-3528:admin# enable port_security trap_log
Command: enable port_security trap_log
Success.
DES-3528:admin#
disable port_security trap_log
Purpose |
Used to disable the trap log for port security. |
Syntax |
disable port_security trap_log |
Description |
This command, along with the enable port_security trap_log, will enable and disable the |
sending of log messages to the Switch’s log and SNMP agent when the port security of the |
|
Switch has been triggered. |
|
Parameters |
None. |
33
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
disable port_security trap_log
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To disable the port security trap log setting:
DES-3528:admin# disable port_security trap_log
Command: disable port_security trap_log
Success.
DES-3528:admin#
config port_security system max_learning_addr
Purpose |
This command sets the maximum number of port security entries that can be authorized |
system wide. |
|
Syntax |
config port_security system max_learning_addr [<max_lock_no 1-16384> | no_limit] |
Description |
There are four levels of limitations on the learned entry number; for the entire system, for a |
port, for a VLAN, and for a specific VLAN on a port. If any limitation is exceeded, the new |
|
entry will be discarded. |
|
The setting for system level maximum learned users must be greater than the total of |
|
maximum learned users allowed on all ports. |
|
Parameters |
max_learning_addr — Specifies the maximum number of port security entries that can be |
learned by the system. If the setting is smaller than the number of current learned entries on |
|
all enabled ports, the command will be rejected. |
|
<max_lock_no 1-16384> — Enter the maximum learning address value here. This value must |
|
be between 1 and 16384. |
|
no_limit — No limitation on the number of port security entries that can be learned by the |
|
system. By default, the number is set to no_limit. |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To configure the maximum number of port security entries on the Switch to be 256:
DES-3528:admin# config port_security system max_learning_addr 256
Command: config port_security system max_learning_addr 256
Success.
DES-3528:admin#
config port_security vlan
Purpose |
This command sets the maximum number of port security entries that can be learned on a |
specific VLAN. |
|
Syntax |
config port_security vlan [<vlan_name 32> | vlanid <vidlist>] max_learning_addr |
[<max_lock_no 0-16384> | no_limit] |
|
Description |
There are four levels that limit the number of learned entries; the entire system, a port, a |
VLAN, and a specific VLAN on a port. If any limitation is exceeded, the new entry will be |
|
discarded. |
|
Parameters |
vlan — Specifies the VLAN by name. |
<vlan_name 32> — Enter the VLAN name here. This name can be up to 32 characters long. |
|
vlanid — Specifies a list of VLANs by VLAN ID. |
|
<vidlist> — Enter the VLAN ID list here. |
|
max_learning_addr — Specifies the maximum number of port security entries that can be |
34
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
config port_security vlan
learned by this VLAN. If this parameter is set to 0, it means that no user can be authorized |
|
on this VLAN. If the setting is lower than the number of current learned entries on the VLAN, |
|
the command will be rejected. The default value is “no_limit” |
|
<max_lock_no 0-16384> — Enter the maximum number of port security entries that can be |
|
learned here. This value must be between 0 and n. |
|
no_limit — No limitation on the number of port security entries that can be learned by a |
|
specific VLAN. |
|
Restrictions |
Only Administrator and Operator-level users can issue this command. |
Example usage:
To configure the maximum number of VLAN-based port security entries on VLAN 1 to be 64:
DES-3528:admin# config port_security vlan vlanid 1 max_learning_addr 64
Command: config port_security vlan vlanid 1 max_learning_addr 64
Success.
DES-3528:admin#
35
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
STACKING COMMANDS
The stacking configuration commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Command |
Parameters |
config box_priority current_box_id |
<value 1-8> priority <value 1-63> |
config box_id current_box_id |
<value 1-8> new_box_id [auto | <value 1-8>] |
show stack_information |
|
config stacking_mode |
[disable(0) | enable(1)] |
show stacking_mode |
|
show stack_device |
|
config stacking force_master_role |
state [enable | disable] |
Each command is listed, in detail, in the following sections.
config box_priority
Purpose |
Used to configure box priority so as to determine which box (Switch) becomes the |
master. A lower number denotes a higher priority. |
|
Syntax |
config box_priority current_box_id <value 1-8> priority <value 1-63> |
Description |
This command is used to configure the box (Switch) priority. |
Parameters |
current_box_id <value 1–8> – Identifies the Switch being configured. Range is 1 to 8. |
priority <value 1–63> – Assigns a priority value to the box. A Lower number denotes a |
|
higher priority. The valid priority range is 1 to 63. |
|
Restrictions |
Only Administrator and Operator and Power-User-level users can issue this command. |
Usage example:
To configure box priority:
DES-3528:admin# config box_priority current_box_id 1 priority 1
Command: config box_priority current_box_id 1 priority 1
Success.
DES-3528:admin#
config box_id
Purpose |
Used to configure box ID. Users can use this command to reassign box IDs. |
Syntax |
config box_id current_box_id <value 1-8> new_box_id <value 1-8> new_box_id |
[auto | <value 1-8>] |
|
Description |
This command is used to assign box IDs to Switches in a stack. |
Parameters |
current_box_id – Identifies the Switch being configured. Range is 1 to 8. |
new_box_id – The new ID being assigned to the Switch (box). Range is 1 to 8. |
|
• auto – Allows the box ID to be assigned automatically. |
|
Restrictions |
Only Administrator and Operator and Power-User-level users can issue this command. |
Usage example:
To change a box ID:
DES-3528:admin# config box_id current_box_id 1 new_box_id 2
Command: config box_id current_box_id 1 new_box_id 2
Success.
36
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
DES-3528:admin#
show stack_information
Purpose |
Used to display the stack information table. |
|||||||
Syntax |
show stack_information |
|||||||
Description |
This command display stack information. |
|||||||
Parameters |
None. |
|||||||
Restrictions |
Only Administrator and Operator and Power-User-level users can issue this command. |
|||||||
Usage example: |
||||||||
To display stack information: |
||||||||
DES-3528:admin# show stack_information |
||||||||
Command: show stack_information |
||||||||
Topology |
:Duplex_Chain |
|||||||
My Box ID |
:1 |
|||||||
Master ID |
:1 |
|||||||
Box |
Count |
:1 |
||||||
Force Master Role: Disabled |
||||||||
Box |
User |
Type |
Prio- |
MAC |
Prom |
Runtime |
H/W |
|
ID |
Set |
Exist rity |
version |
version |
version |
|||
— |
—- |
————- —— —- —————— ——— ——— ——— |
||||||
1 |
Auto |
DES-3528 |
Exist 32 |
00-22-B0-10-8A-00 1.00.B008 2.60.017 |
A2 |
|||
2 |
— |
NOT_EXIST |
No |
|||||
3 |
— |
NOT_EXIST |
No |
|||||
4 |
— |
NOT_EXIST |
No |
|||||
5 |
— |
NOT_EXIST |
No |
|||||
6 |
— |
NOT_EXIST |
No |
|||||
7 |
— |
NOT_EXIST |
No |
|||||
8 |
— |
NOT_EXIST |
No |
|||||
DES-3528:admin# |
config stacking_mode
Purpose |
Used to configure the stacking mode. |
Syntax |
config stacking_mode [disable(0) | enable(1)] |
Description |
This command will enable or disable the stacking mode for the Switch. When enabled, |
the last two ports on the rear of the Switch will be enabled for stacking. |
|
Parameters |
enable | disable – Use these parameters to enable or disable the stacking mode for the |
Switch. Once this command is executed, it will cause the Switch to reboot. Before |
|
configuring the stacking mode of a Switch to disable status, the Switch must be |
|
physically removed from the stacking swtitches. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Usage example:
To disable the stacking mode:
DES-3528:admin# config stacking mode disable
Command: config stacking mode disable
Change Box bootmode may cause devices work restart, still continue? (y/n)y
37
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
show stacking_mode
Purpose |
Used to view the current stacking mode. |
Syntax |
show stacking_mode |
Description |
This command will display whether the current stacking mode is enabled or disabled. |
Parameters |
None. |
Restrictions |
Only Administrator and Operator and Power-User-level users can issue this command. |
Usage example:
To view the current stacking mode:
DES-3528:admin# show stacking mode
Command: show stacking mode
Stacking mode : Enabled
DES-3528:admin#
show stack_device
Purpose |
Used to display the information for devices in the stack. |
||||
Syntax |
show stack_device |
||||
Description |
Used to display the information for devices in the stack. |
||||
Parameters |
None. |
||||
Restrictions |
None. |
||||
Usage example: |
|||||
To display the stack information: |
|||||
DES-3528:admin# |
show stack_device |
||||
Command: show stack_device |
|||||
Box ID |
Box Type |
H/W Version |
Serial Number |
||
——- ————— |
———— |
—————- |
|||
1 |
DES-XXXXS |
0A1 |
1234567890123 |
||
3 |
DES-XXXXS |
0A1 |
2345678901234 |
||
DES-3528:admin# |
config stacking force_master_role
Purpose |
This command is used to enable or disable the force master role. |
Syntax |
config stacking force_master_role state [enable | disable] |
Description |
If state is enabled, when device is in election state, it still uses old priority setting and |
MAC to compare device priority. After stacking is stable, master’s priority will become |
|
zero. If stacking topology change again, Master will use priority zero and MAC address to |
|
determine who new primary master is. |
|
Parameters |
force_master_role — Enable or disable the Switch’s Stacking Force Master Role state. |
Default setting is disabled. |
|
enable — Specifies that Switch’s stacking force master role will be enabled. |
|
disable — Specifies that Switch’s stacking force master role will be disabled. |
|
Restrictions |
Only Administrator and Operator and Power-User-level users can issue this command. |
Usage example:
To enable stacking force master role state:
38
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
DES-3528:admin# config stacking force_master_role state enable
Command: config stacking force_master_role state enable
Success.
DES-3528:admin#
39
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
NETWORK MANAGEMENT (SNMP) COMMANDS
The Switch supports the Simple Network Management Protocol (SNMP) versions 1, 2c, and 3. Users can specify which version of the SNMP users want to use to monitor and control the Switch. The three versions of SNMP vary in the level of security provided between the management station and the network device. The following table lists the security features of the three SNMP versions:
SNMP |
Authentication Method |
Description |
Version |
||
v1 |
Community String |
Community String is used for authentication − NoAuthNoPriv |
v2c |
Community String |
Community String is used for authentication − NoAuthNoPriv |
v3 |
Username |
Username is used for authentication − NoAuthNoPriv, AuthNoPriv or |
AuthPriv |
||
v3 |
MD5 or SHA |
Authentication is based on the HMAC-MD5 or HMAC-SHA algorithms − |
AuthNoPriv |
||
v3 |
MD5 DES or SHA DES |
Authentication is based on the HMAC-MD5 or HMAC-SHA algorithms − |
AuthPriv. |
||
DES 56-bit encryption is added based on the CBC-DES (DES-56) |
||
standard |
||
The network management commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Command |
Parameters |
create snmp user |
<user_name 32> <groupname 32> {encrypted [by_password auth [md5 |
<auth_password 8-16 > | sha <auth_password 8-20>] priv [none | des |
|
<priv_password 8-16>] | by_key auth [md5 <auth_key 32-32> | sha |
|
<auth_key 40-40>] priv [none | des <priv_key 32-32>]]} |
|
delete snmp user |
<user_name 32> |
show snmp user |
|
create snmp view |
<view_name 32> <oid> view_type [included | excluded] |
delete snmp view |
<view_name 32> [all | oid] |
show snmp view |
{<view_name 32>} |
create snmp community |
<community_string 32> view <view_name 32> [read_only | read_write] |
delete snmp community |
<community_string 32> |
show snmp community |
{<community_string 32>} |
config snmp engineID |
<snmp_engineID 10-64> |
show snmp engineID |
|
create snmp group |
<groupname 32> [v1 | v2c | v3 [noauth_nopriv | auth_nopriv | auth_priv]] |
{read_view <view_name 32> | write_view <view_name 32> | notify_view |
|
<view_name 32>}(1) |
|
delete snmp group |
<groupname 32> |
show snmp groups |
|
create snmp host |
[<ipaddr> | v6host <ipv6addr>] [v1 | v2c | v3 [noauth_nopriv | auth_nopriv | |
auth_priv]] <auth_string 32> |
|
delete snmp host |
[<ipaddr> | v6host <ipv6addr>] |
show snmp host |
{<ipaddr>} |
show snmp v6host |
{<ipv6addr>} |
40
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
Command |
Parameters |
create trusted_host |
[<ipaddr> | <ipv6addr> | network <network_address> | ipv6_prefix |
<ipv6networkaddr>] {snmp | telnet | ssh | http | https | ping} |
|
config trusted_host |
[<ipaddr> | <ipv6addr> | network <network_address> | ipv6_prefix |
<ipv6networkaddr>] [add | delete] {snmp | telnet | ssh | http | https | ping | all} |
|
delete trusted_host |
[ipaddr <ipaddr> | ipv6address <ipv6addr> | network <network_address> | |
ipv6_prefix <ipv6networkaddr> | all] |
|
show trusted_host |
|
enable snmp traps |
|
enable snmp authenticate_traps |
|
show snmp traps |
{linkchange_traps {ports <portlist>}} |
disable snmp traps |
|
disable snmp authenticate_traps |
|
config snmp system_contact |
<sw_contact> |
config snmp system_location |
<sw_location> |
config snmp system_name |
<sw_name> |
enable snmp |
|
disable snmp |
|
Each command is listed, in detail, in the following sections.
create snmp user
Purpose |
Used to create a new SNMP user and adds the user to an SNMP group that is also created |
by this command. |
|
Syntax |
create snmp user <user_name 32> <groupname 32> {encrypted [by_password auth |
[md5 <auth_password 8-16> | sha <auth_password 8-20>] priv [none | des |
|
<priv_password 8-16>] | by_key auth [md5 <auth_key 32-32> | sha <auth_key 40-40>] |
|
priv [none | des <priv_key 32-32> ]]} |
|
Description |
This command creates a new SNMP user and adds the user to an SNMP group that is also |
created by this command. SNMP ensures: |
|
Message integrity − Ensures that packets have not been tampered with during transit. |
|
Authentication − Determines if an SNMP message is from a valid source. |
|
Encryption − Scrambles the contents of messages to prevent it from being viewed by an |
|
unauthorized source. |
|
Parameters |
<user_name 32> − An alphanumeric name of up to 32 characters that will identify the new |
SNMP user. |
|
<groupname 32> − An alphanumeric name of up to 32 characters that will identify the SNMP |
|
group the new SNMP user will be associated with. |
|
encrypted – Allows the user to choose a type of authorization for authentication using SNMP. |
|
The user may choose: |
|
by_password – Requires the SNMP user to enter a password for authentication and |
|
privacy. The password is defined by specifying the auth_password below. This |
|
method is recommended. |
|
by_key – Requires the SNMP user to enter a encryption key for authentication and |
|
privacy. The key is defined by specifying the key in hex form below. This method is |
|
not recommended. |
|
auth − The user may also choose the type of authentication algorithms used to authenticate |
|
the snmp user. The choices are: |
|
md5 − Specifies that the HMAC-MD5-96 authentication level will be used. md5 may be |
|
utilized by entering one of the following: |
|
41
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
create snmp user
•<auth password 8-16> — An alphanumeric string of between 8 and 16 characters that will be used to authorize the agent to receive packets for the host.
•<auth_key 32-32> — Enter an alphanumeric string of exactly 32 characters, in hex form, to define the key that will be used to authorize the agent to receive packets for the host.
sha − Specifies that the HMAC-SHA-96 authentication level will be used.
•<auth password 8-20> — An alphanumeric string of between 8 and 20 characters that will be used to authorize the agent to receive packets for the host.
•<auth_key 40-40> — Enter an alphanumeric string of exactly 40 characters, in hex form, to define the key that will be used to authorize the agent to receive packets for the host.
priv – Adding the priv (privacy) parameter will allow for encryption in addition to the authentication algorithm for higher security. The user may choose:
des – Adding this parameter will allow for a 56-bit encryption to be added using the DES-56 standard using:
•<priv_password 8-16> — An alphanumeric string of between 8 and 16 characters that will be used to encrypt the contents of messages the host sends to the agent.
•<priv_key 32-32> — Enter an alphanumeric key string of exactly 32 characters, in hex form, that will be used to encrypt the contents of messages the host sends to the agent.
none – Adding this parameter will add no encryption. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To create an SNMP user on the Switch:
DES-3528:admin# create snmp user dlink default encrypted by_password auth md5 canadian priv none
Command: create snmp user dlink default encrypted by_password auth md5 canadian priv none
Success. DES-3528:admin#
delete snmp user
Purpose |
Used to remove an SNMP user from an SNMP group. |
Syntax |
delete snmp user <user_name 32> |
Description |
This command removes an SNMP user from its SNMP group. |
Parameters |
<user_name 32> − An alphanumeric string of up to 32 characters that identifies the SNMP |
user that will be deleted. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To delete a previously entered SNMP user on the Switch:
DES-3528:admin# delete snmp user dlink
Command: delete snmp user dlink
Success.
DES-3528:admin#
show snmp user
42
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
show snmp user
Purpose |
Used to display information about each SNMP username in the SNMP group username |
table. |
|
Syntax |
show snmp user |
Description |
This command displays information about each SNMP username in the SNMP group |
username table. |
|
Parameters |
None. |
Restrictions |
None. |
Example usage:
To display the SNMP users currently configured on the Switch:
DES-3528:admin# show snmp user
Command: show snmp user
Username |
Group Name |
VerAuthPriv |
——— |
————- |
———— |
initial |
initial |
V3 NoneNone |
Total Entries: 1 |
DES-3528:admin#
create snmp view
Purpose |
Used to assign views to community strings to limit which MIB objects and SNMP manager |
can access. |
|
Syntax |
create snmp view <view_name 32> <oid> view_type [included | excluded] |
Description |
This command assigns views to community strings to limit which MIB objects an SNMP |
manager can access. |
|
Parameters |
<view_name 32> − An alphanumeric string of up to 32 characters that identifies the SNMP |
view that will be created. |
|
<oid> − The object ID that identifies an object tree (MIB tree) that will be included or |
|
excluded from access by an SNMP manager. |
|
view type – Sets the view type to be: |
•included − Include this object in the list of objects that an SNMP manager can access.
•excluded − Exclude this object from the list of objects that an SNMP manager can access.
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To create an SNMP view:
DES-3528:admin# create snmp view dlinkview 1.3.6 view_type included
Command: create snmp view dlinkview 1.3.6 view_type included
Success.
DES-3528:admin#
delete snmp view
Purpose |
Used to remove an SNMP view entry previously created on the Switch. |
Syntax |
delete snmp view <view_name 32> [all | <oid>] |
43
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
delete snmp view
Description |
This command is used to remove an SNMP view previously created on the Switch. |
Parameters |
<view_name 32> − An alphanumeric string of up to 32 characters that identifies the SNMP |
view to be deleted. |
|
all − Specifies that all of the SNMP views on the Switch will be deleted. |
|
<oid> − The object ID that identifies an object tree (MIB tree) that will be deleted from the |
|
Switch. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To delete a previously configured SNMP view from the Switch:
DES-3528:admin# delete snmp view dlinkview all
Command: delete snmp view dlinkview all
Success.
DES-3528:admin#
show snmp view
Purpose |
Used to display an SNMP view previously created on the Switch. |
||
Syntax |
show snmp view {<view_name 32>} |
||
Description |
This command displays an SNMP view previously created on the Switch. |
||
Parameters |
<view_name 32> − An alphanumeric string of up to 32 characters that identifies the SNMP |
||
view that will be displayed. |
|||
Restrictions |
None. |
||
Example usage: |
|||
To display SNMP view configuration: |
|||
DES-3528:admin# show snmp view |
|||
Command: show snmp view |
|||
Vacm View Table Settings |
View Type |
||
View Name |
Subtree |
||
——— |
———- |
———- |
|
ReadView |
1 |
Included |
|
WriteView |
1 |
Included |
|
NotifyView |
1.3.6 |
Included |
|
restricted |
1.3.6.1.2.1.1 |
Included |
|
restricted |
1.3.6.1.2.1.11 |
Included |
|
restricted |
1.3.6.1.6.3.10.2.1 |
Included |
|
restricted |
1.3.6.1.6.3.11.2.1 |
Included |
|
restricted |
1.3.6.1.6.3.15.1.1 |
Included |
|
CommunityView |
1 |
Included |
|
CommunityView |
1.3.6.1.6.3 |
Excluded |
|
CommunityView |
1.3.6.1.6.3.1 |
Included |
|
Total Entries: 11 |
|||
DES-3528:admin# |
create snmp community
Purpose |
Used to create an SNMP community string to define the relationship between the SNMP |
manager and an agent. The community string acts like a password to permit access to the |
|
agent on the Switch. One or more of the following characteristics can be associated with the |
44
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
create snmp community
community string: |
|
An Access List of IP addresses of SNMP managers that are permitted to use the community |
|
string to gain access to the Switch’s SNMP agent. |
|
An MIB view that defines the subset of all MIB objects that will be accessible to the SNMP |
|
community. |
|
read_write or read_only level permission for the MIB objects accessible to the SNMP |
|
community. |
|
Syntax |
create snmp community <community_string 32> view <view_name 32> [read_only | |
read_write] |
|
Description |
This command is used to create an SNMP community string and to assign access-limiting |
characteristics to this community string. |
|
Parameters |
<community_string 32> − An alphanumeric string of up to 32 characters that is used to |
identify members of an SNMP community. This string is used like a password to give remote |
|
SNMP managers access to MIB objects in the Switch’s SNMP agent. |
|
view <view_name 32> − An alphanumeric string of up to 32 characters that is used to identify |
|
the group of MIB objects that a remote SNMP manager is allowed to access on the Switch. |
|
read_only − Specifies that SNMP community members using the community string created |
|
with this command can only read the contents of the MIBs on the Switch. |
|
read_write − Specifies that SNMP community members using the community string created |
|
with this command can read from and write to the contents of the MIBs on the Switch. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To create the SNMP community string “dlink:”
DES-3528:admin# create snmp community dlink view ReadView read_write
Command: create snmp community dlink view ReadView read_write
Success.
DES-3528:admin#
delete snmp community
Purpose |
Used to remove a specific SNMP community string from the Switch. |
Syntax |
delete snmp community <community_string 32> |
Description |
This command is used to remove a previously defined SNMP community string from the |
Switch. |
|
Parameters |
<community_string 32> − An alphanumeric string of up to 32 characters that is used to |
identify members of an SNMP community. This string is used like a password to give remote |
|
SNMP managers access to MIB objects in the Switch’s SNMP agent. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To delete the SNMP community string “dlink”:
DES-3528:admin# delete snmp community dlink
Command: delete snmp community dlink
Success.
DES-3528:admin#
show snmp community
45
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
show snmp community
Purpose |
Used to display SNMP community strings configured on the Switch. |
Syntax |
show snmp community {<community_string 32>} |
Description |
This command is used to display SNMP community strings that are configured on the Switch. |
Parameters |
<community_string 32> − An alphanumeric string of up to 32 characters that is used to |
identify members of an SNMP community. This string is used like a password to give remote |
|
SNMP managers access to MIB objects in the Switch’s SNMP agent. |
|
Restrictions |
None. |
Example usage:
To display the currently entered SNMP community strings:
DES-3528:admin# show snmp community
Command: show snmp community
SNMP Community Table
Community Name |
View Name |
Access Right |
————— |
———— |
———— |
dlink |
ReadView |
read_write |
private |
CommunityView |
read_write |
public |
CommunityView |
read_only |
Total Entries: 3
DES-3528:admin#
config snmp engineID
Purpose |
Used to configure a name for the SNMP engine on the Switch. |
Syntax |
config snmp engineID <snmp_engineID 10-64> |
Description |
This command configures a name for the SNMP engine on the Switch. |
Parameters |
<snmp_engineID 10-64> − An alphanumeric string that will be used to identify the SNMP |
engine on the Switch. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To give the SNMP agent on the Switch the name “0035636666”:
DES-3528:admin# config snmp engineID 0035636666
Command: config snmp engineID 0035636666
Success.
DES-3528:admin#
show snmp engineID
Purpose |
Used to display the identification of the SNMP engine on the Switch. |
Syntax |
show snmp engineID |
Description |
This command displays the identification of the SNMP engine on the Switch. |
Parameters |
None. |
Restrictions |
None. |
Example usage: |
46
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
To display the current name of the SNMP engine on the Switch:
DES-3528:admin# show snmp engineID
Command: show snmp engineID
SNMP Engine ID : 0035636666
DES-3528:admin#
create snmp group
Purpose |
Used to create a new SNMP group, or a table that maps SNMP users to SNMP views. |
Syntax |
create snmp group <groupname 32> [v1 | v2c | v3 [noauth_nopriv | auth_nopriv | |
auth_priv]] {read_view <view_name 32> | write_view <view_name 32> | notify_view |
|
<view_name 32>}(1) |
|
Description |
This command creates a new SNMP group, or a table that maps SNMP users to SNMP |
views. |
|
Parameters |
<groupname 32> − An alphanumeric name of up to 32 characters that will identify the SNMP |
group the new SNMP user will be associated with. |
|
v1 – Specifies that SNMP version 1 will be used. The Simple Network Management Protocol |
|
(SNMP), version 1, is a network management protocol that provides a means to monitor and |
|
control network devices. |
|
v2c – Specifies that SNMP version 2c will be used. The SNMP v2c supports both centralized |
|
and distributed network management strategies. It includes improvements in the Structure of |
|
Management Information (SMI) and adds some security features. |
|
v3 – Specifies that the SNMP version 3 will be used. SNMP v3 provides secure access to |
|
devices through a combination of authentication and encrypting packets over the network. |
|
SNMP v3 adds: |
|
• Message integrity − Ensures that packets have not been tampered with during |
|
transit. |
|
• Authentication − Determines if an SNMP message is from a valid source. |
|
• Encryption − Scrambles the contents of messages to prevent it being viewed by an |
|
unauthorized source. |
|
noauth_nopriv − Specifies that there will be no authorization and no encryption of packets |
|
sent between the Switch and a remote SNMP manager. |
|
auth_nopriv − Specifies that authorization will be required, but there will be no encryption of |
|
packets sent between the Switch and a remote SNMP manager. |
|
auth_priv − Specifies that authorization will be required, and that packets sent between the |
|
Switch and a remote SNMP manger will be encrypted. |
|
read_view – Specifies that the SNMP group being created can request SNMP messages. |
|
write_view – Specifies that the SNMP group being created has write privileges. |
|
notify_view − Specifies that the SNMP group being created can receive SNMP trap |
|
messages generated by the Switch’s SNMP agent. |
|
<view_name 32> − An alphanumeric string of up to 32 characters that is used to identify the |
|
group of MIB objects that a remote SNMP manager is allowed to access on the Switch. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To create an SNMP group named “sg1”:
DES-3528:admin# create snmp group sg1 v3 noauth_nopriv read_view v1 write_view v1 notify_view v1
Command: create snmp group sg1 v3 noauth_nopriv read_view v1 write_view v1 notify_view v1
Success. DES-3528:admin#
47
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
delete snmp group
Purpose |
Used to remove an SNMP group from the Switch. |
Syntax |
delete snmp group <groupname 32> |
Description |
This command is used to remove an SNMP group from the Switch. |
Parameters |
<groupname 32> − An alphanumeric name of up to 32 characters that will identify the SNMP |
group the new SNMP user will be associated with. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To delete the SNMP group named “sg1”:
DES-3528:admin# delete snmp group sg1
Command: delete snmp group sg1
Success.
DES-3528:admin#
show snmp groups
Purpose |
Used to display the group-names of SNMP groups currently configured on the Switch. The |
security model, level, and status of each group are also displayed. |
|
Syntax |
show snmp groups |
Description |
This command displays the group-names of SNMP groups currently configured on the |
Switch. The security model, level, and status of each group are also displayed. |
|
Parameters |
None. |
Restrictions |
None. |
Example usage:
To display the currently configured SNMP groups on the Switch:
DES-3528:admin# show snmp groups |
||
Command: show snmp |
groups |
|
Vacm Access Table Settings |
||
Group |
Name |
: public |
ReadView Name |
: CommunityView |
|
WriteView Name |
: |
|
Notify View Name |
: CommunityView |
|
Securiy Model |
: SNMPv1 |
|
Securiy Level |
: NoAuthNoPriv |
|
Group |
Name |
: public |
ReadView Name |
: CommunityView |
|
WriteView Name |
: |
|
Notify View Name |
: CommunityView |
|
Securiy Model |
: SNMPv2 |
|
Securiy Level |
: NoAuthNoPriv |
|
Group |
Name |
: initial |
ReadView Name |
: restricted |
|
WriteView Name |
: |
|
Notify View Name |
: restricted |
|
Securiy Model |
: SNMPv3 |
|
Securiy Level |
: NoAuthNoPriv |
CTRL+C ESC q Quit SPACE n Next Page ENTER Next Entry a All
48
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
create snmp host
Purpose |
Used to create a recipient of SNMP traps generated by the Switch’s SNMP agent. |
Syntax |
create snmp host [<ipaddr> | v6host <ipv6addr>] [v1 | v2c | v3 [noauth_nopriv | |
auth_nopriv | auth_priv]] <auth_string 32> |
|
Description |
This command creates a recipient of SNMP traps generated by the Switch’s SNMP agent. |
Parameters |
<ipaddr> − The IP address of the remote management station that will serve as the SNMP |
host for the Switch. |
|
<ipv6addr> − The IPv6 address of the remote management station that will serve as the |
|
SNMP host for the Switch. |
|
v1 – Specifies that SNMP version 1 will be used. The Simple Network Management Protocol |
|
(SNMP), version 1, is a network management protocol that provides a means to monitor and |
|
control network devices. |
|
v2c – Specifies that SNMP version 2c will be used. The SNMP v2c supports both centralized |
|
and distributed network management strategies. It includes improvements in the Structure of |
|
Management Information (SMI) and adds some security features. |
|
v3 – Specifies that the SNMP version 3 will be used. SNMP v3 provides secure access to |
|
devices through a combination of authentication and encrypting packets over the network. |
|
SNMP v3 adds: |
|
• Message integrity − ensures that packets have not been tampered with during |
|
transit. |
|
• Authentication − determines if an SNMP message is from a valid source. |
|
• Encryption − scrambles the contents of messages to prevent it being viewed by an |
|
unauthorized source. |
|
noauth_nopriv − Specifies that there will be no authorization and no encryption of packets |
|
sent between the Switch and a remote SNMP manager. |
|
auth_nopriv − Specifies that authorization will be required, but there will be no encryption of |
|
packets sent between the Switch and a remote SNMP manager. |
|
auth_priv − Specifies that authorization will be required, and that packets sent between the |
|
Switch and a remote SNMP manger will be encrypted. |
|
<auth_string 32> − An alphanumeric string used to authorize a remote SNMP manager to |
|
access the Switch’s SNMP agent. |
|
Restrictions |
Only Administrator-level users can issue this command. |
Example usage:
To create an SNMP host to receive SNMP messages:
DES-3528:admin# create snmp host 10.48.74.100 v3 auth_priv public
Command: create snmp host 10.48.74.100 v3 auth_priv public
Success.
DES-3528:admin#
delete snmp host
Purpose |
Used to remove a recipient of SNMP traps generated by the Switch’s SNMP agent. |
Syntax |
delete snmp host [<ipaddr> | v6host <ipv6addr>] |
Description |
This command deletes a recipient of SNMP traps generated by the Switch’s SNMP agent. |
Parameters |
<ipaddr> − The IP address of a remote SNMP manager that will receive SNMP traps |
generated by the Switch’s SNMP agent. |
|
<ipv6addr> − The IPv6 address of a remote SNMP manager that will receive SNMP traps |
|
generated by the Switch’s SNMP agent. |
|
Restrictions |
Only Administrator-level users can issue this command. |
49
xStack® DES-3528/DES-3552 Series Layer 2 Fast Ethernet Managed Switch CLI Reference Guide
Example usage:
To delete an SNMP host entry:
DES-3528:admin# delete snmp host 10.48.74.100
Command: delete snmp host 10.48.74.100
Success.
DES-3528:admin#
show snmp host
Purpose |
Used to display the recipient of SNMP traps generated by the Switch’s SNMP agent. |
Syntax |
show snmp host {<ipaddr>} |
Description |
This command is used to display the IP addresses and configuration information of remote |
SNMP managers that are designated as recipients of SNMP traps that are generated by the |
|
Switch’s SNMP agent. |
|
Parameters |
<ipaddr> − The IP address of a remote SNMP manager that will receive SNMP traps |
generated by the Switch’s SNMP agent. |
|
Restrictions |
None. |
Example usage:
To display the currently configured SNMP hosts on the Switch:
DES-3528:admin# show snmp host
Command: show snmp host
SNMP |
Host Table |
SNMP Version Community |
Name/SNMPv3 User Name |
Host |
IP Address |
||
————— |
———— —————————— |
||
10.48.76.23 |
V2c |
authpriv |
private |
10.48.74.100 |
V3 |
public |
Total Entries: 2
DES-3528:admin#
show snmp v6host
Purpose |
This command is used to display the recipient for which the traps are targeted. |
Syntax |
show snmp v6host {<ipv6addr>} |
Description |
This command is used to display the recipient for which the traps are targeted. |
Parameters |
v6host — (Optional) Specifies the IPv6 host address. |
<ipv6addr> — Enter the IPv6 address used for the configuration here. |
|
If no parameter specified, all SNMP hosts will be displayed. |
|
Restrictions |
None. |
Example usage:
To show SNMP host:
50
Loading…
Сегодня настроил очередной коммутатор D-Link DES-3528.
Выложу ниже конфигурацию и кратко опишу её.
При наборе команд можно использовать клавишу TAB чтобы коммутатор предлагал варианты, а также после любой команды через пробел можно написать знак вопроса «?» и увидеть возможные подкоманды.
Просмотреть текущую конфигурацию коммутатора можно командой:
show config current_config
Приступим к настройке.
Подключимся к коммутатору консольным кабелем на скорости 9600 или по стандартному IP-адресу 10.90.90.90 и добавим администратора (изначально вход без логина и пароля):
create account admin admin
Включим шифрование пароля чтобы он не хранился в конфиге открыто:
enable password encryption
Добавим vlan для управления и для пользователей (у меня 207 core для управления, 226 для пользователей, 25 порт использую как входящий):
create vlan core tag 207 config vlan core add tagged 25 create vlan local_smart tag 226 config vlan local_smart add untagged 1-28 config port_vlan 1-28 acceptable_frame admit_all pvid 226 config vlan default delete 1-28
Изменим IP-адрес коммутатору и укажем шлюз:
config ipif System ipaddress 192.168.0.50/24 vlan core create iproute default 192.168.0.1 1 primary
Включим ограничение широковещательного трафика на клиентских портах:
config traffic control 1-24,26-28 broadcast enable action drop broadcast_threshold 100 countdown 0 time_interval 5
Включим защиту от петель на клиентских портах:
enable loopdetect config loopdetect recover_timer 300 interval 10 mode port-based config loopdetect log state enable config loopdetect ports 1-24,26-28 state enable config loopdetect trap loop_detected
Включим сегментацию трафика, чтобы клиенты не видели друг друга:
config traffic_segmentation 1-24,26-28 forward_list 25 config traffic_segmentation 25 forward_list 1-24,26-28
Включим блокировку DHCP-серверов со стороны клиентов чтобы они не раздавали IP:
config filter dhcp_server ports 1-24,26-28 state enable config filter dhcp_server illegal_server_log_suppress_duration 30min config filter dhcp_server trap_log enable
Укажем с каких IP разрешено заходить администратору на коммутатор (чтобы пользователи не видели его):
create trusted_host network 192.168.0.2/32 snmp telnet ssh http https ping create trusted_host network 192.168.1.5/32 snmp telnet ssh http https ping
Настроим SNMP если оно нужно:
enable snmp delete snmp community public delete snmp community private delete snmp user initial create snmp community КОМЬЮНИТИ view CommunityView read_only
Включим защиту от BPDU флуда:
enable bpdu_protection config bpdu_protection recovery_timer 2400 config bpdu_protection log none config bpdu_protection ports 1-24,26-28 state enable config bpdu_protection ports 1-28 mode drop
Включим защиту коммутатора, чтобы в случае полной загрузки процессора на него можно было зайти:
config safeguard_engine state enable utilization rising 100 falling 95 trap_log enable mode fuzzy
По необходимости настроим синхронизацию времени с NTP сервером:
enable sntp config time_zone operator + hour 2 min 0 config sntp primary 10.0.0.18 poll-interval 5000
На этом основная настройка коммутатора D-Link DES-3528 завершена.
3.0
Rated 3 out of 5
3 out of 5 stars (based on 1 review)
Your overall rating
D-LINK XSTACK DES-3528 (01) PDF MANUAL
Click here to download D-LINK XSTACK DES-3528 (01) PDF MANUAL
D-LINK XSTACK DES-3528 (01) PDF MANUAL
FREE ENGLISH PDF
OPERATING INSTRUCTIONS
USER GUIDE – USER MANUAL
OWNER GUIDE – OWNER MANUAL
REFERENCE GUIDE – REFERENCE MANUAL
INSTRUCTION GUIDE – INSTRUCTION MANUAL
Your overall rating
- YouTube
D-LINK XSTACK DES-3528 (01) PDF MANUAL
D-LINK XSTACK DES-3528 (01) PDF MANUAL
Просмотр
Доступно к просмотру 522 страницы. Рекомендуем вам скачать файл инструкции, поскольку онлайн просмотр документа может сильно отличаться от оригинала.
-
® CLI Reference Guide ® Product Model: xStack DES-3528/DES-3552 Series Layer 2 Managed Stackable Fast Ethernet Switch Release 2.60
-
Table of Contents INTRODUCTION ......................................................................................................................... 5 USING THE CONSOLE CLI ........................................................................................................ 7 COMMAND SYNTAX ................................................................................................................ 10 BASIC SWITCH COMMANDS .................................................................................................. 12 MODIFY BANNER AND PROMPT COMMANDS ..................................................................... 24 SWITCH PORT COMMANDS ................................................................................................... 27 PORT SECURITY COMMANDS ............................................................................................... 31 STACKING COMMANDS .......................................................................................................... 36 NETWORK MANAGEMENT (SNMP) COMMANDS ................................................................. 40 SWITCH UTILITY COMMANDS ................................................................................................ 57 NETWORK MONITORING COMMANDS .................................................................................. 63 MULTIPLE SPANNING TREE PROTOCOL (MSTP) COMMANDS .......................................... 76 FORWARDING DATABASE COMMANDS ............................................................................... 87 TRAFFIC CONTROL COMMANDS .......................................................................................... 93 QOS COMMANDS .................................................................................................................... 97 PORT MIRRORING COMMANDS ........................................................................................... 107 VLAN COMMANDS ................................................................................................................. 110 VOICE VLAN COMMANDS ..................................................................................................... 124 SUBNET-BASED VLAN COMMANDS ................................................................................... 130 ASYMMETRIC VLAN COMMANDS ........................................................................................ 133 LINK AGGREGATION COMMANDS ...................................................................................... 135 IP–MAC-PORT BINDING (IMPB) COMMANDS ..................................................................... 139 LIMITED IP MULTICAST ADDRESS ...................................................................................... 155 BASIC IP COMMANDS ........................................................................................................... 160 MULTICAST VLAN COMMANDS ........................................................................................... 165 IGMP / MLD SNOOPING COMMANDS .................................................................................. 179 DHCP RELAY COMMANDS ................................................................................................... 208 802.1X COMMANDS (INCLUDING GUEST VLANS) ............................................................. 221 ACCESS CONTROL LIST (ACL) COMMANDS ..................................................................... 238 SAFEGUARD ENGINE COMMANDS ..................................................................................... 258 FILTER COMMANDS (DHCP SERVER / NETBIOS) .............................................................. 260 LAYER 3 CPU FILTER COMMANDS ..................................................................................... 265 LOOP-BACK DETECTION COMMANDS ............................................................................... 267 ii
-
TRAFFIC SEGMENTATION COMMANDS ............................................................................. 271 SFLOW COMMANDS.............................................................................................................. 273 TIME AND SNTP COMMANDS ............................................................................................... 281 ARP AND GRATUITOUS ARP COMMANDS ......................................................................... 286 ROUTING TABLE COMMANDS ............................................................................................. 292 MAC NOTIFICATION COMMANDS ........................................................................................ 294 ACCESS AUTHENTICATION CONTROL COMMANDS ........................................................ 297 SECURE SHELL (SSH) COMMANDS .................................................................................... 315 SECURE SOCKETS LAYER (SSL) COMMANDS .................................................................. 321 D-LINK SINGLE IP MANAGEMENT COMMANDS ................................................................. 326 JWAC COMMANDS ................................................................................................................ 335 LINK LAYER DISCOVERY PROTOCOL (LLDP) COMMANDS ............................................. 350 Q-IN-Q COMMANDS ............................................................................................................... 363 RSPAN COMMANDS .............................................................................................................. 369 STATIC MAC-BASED VLAN COMMANDS ............................................................................ 373 SIMPLE RED COMMANDS ..................................................................................................... 375 MAC-BASED ACCESS CONTROL COMMANDS LIST ......................................................... 382 WEB-BASED ACCESS CONTROL COMMANDS .................................................................. 392 POWER OVER ETHERNET (POE) COMMANDS ................................................................... 400 PPPOE CIRCUIT ID INSERTION COMMANDS ...................................................................... 404 DNS RELAY COMMANDS ...................................................................................................... 405 POLICY ROUTE COMMANDS ................................................................................................ 407 BPDU ATTACK PROTECTION COMMANDS ........................................................................ 409 ETHERNET OAM COMMANDS .............................................................................................. 413 DHCP SERVER COMMANDS ................................................................................................. 422 CABLE DIAGNOSTICS COMMANDS .................................................................................... 434 CONNECTIVITY FAULT MANAGEMENT COMMANDS ........................................................ 435 COMMAND HISTORY LIST .................................................................................................... 451 ARP SPOOFING PREVENTION COMMANDS ....................................................................... 453 AUTO-CONFIGURATION COMMANDS ................................................................................. 455 COMPOUND AUTHENTICATION COMMANDS .................................................................... 458 DEBUG SOFTWARE COMMANDS ........................................................................................ 464 DHCPV6 CLIENT COMMANDS .............................................................................................. 469 DHCPV6 RELAY COMMANDS ............................................................................................... 471 iii
- 1
- 2
- 3
- 4
- 522