D-Link DSA-3200 Informações Técnicas Página 149
- Página / 321
- Índice
- MARCADORES
Avaliado. / 5. Com base em avaliações de clientes
xStack
®
DGS-3200 Series Layer 2 Managed Gigabit Ethernet Switch Web UI Reference Guide
135
Parameter Description
From Port/To Port
Select a range of ports to set for IP-MAC-port binding.
IPv4 State / IPv6 State
Use the drop-down menu to enable or disable these ports for IP-MAC Binding.
Enabled (Strict) – This state provides a stricter method of control. If the user selects this
mode, all packets are blocked by the Switch by default. The Switch will compare all
incoming ARP and IP Packets and attempt to match them against the IMPB white list. If the
IP-MAC pair matches the white list entry, the packets from that MAC address are
unblocked. If not, the MAC address will stay blocked. While the Strict state uses more CPU
resources from checking every incoming ARP and IP packet, it enforces better security and
is thus the recommended setting.
Enabled (Loose) – This mode provides a looser way of control. If the user selects loose
mode, the Switch will forward all packets by default. However, it will still inspect incoming
ARP packets and compare them with the Switch’s IMPB white list entries. If the IP-MAC
pair of a packet is not found in the white list, the Switch will block the MAC address. A major
benefit of Loose state is that it uses less CPU resources because the Switch only checks
incoming ARP packets. However, it also means that Loose state cannot block users who
send only unicast IP packets. An example of this is that a malicious user can perform DoS
attacks by statically configuring the ARP table on their PC. In this case, the Switch cannot
block such attacks because the PC will not send out ARP packets.
Zero IP Use the drop-down menu to enable or disable this feature. Once Enabled, the Switch will
allow ARP packets with a Source IP of 0.0.0.0 to pass through.
This is useful in some scenarios when a client (for example, a
wireless Access Point,)
sends out an ARP request packet before accepting the IP address from a DHCP server. In
this case, the ARP request packet sent out from the client will contain a Source IP of
0.0.0.0. The Switch will need to allow such packets to pass, or else the client cannot know if
there is another duplicate IP address in the network.
DHCP Packet
By default, the Switch will forward all DHCP packets. However, if the port state is set to
Strict, all DHCP packets will be dropped. In that case, select Enabled so that the port will
forward DHCP packets even under Strict state. Enabling this feature also ensures that
DHCP snooping works properly.
Mode Use the drop-down menu to select ARP or ACL mode.
ARP – When selecting this mode, the Switch will perform ARP Packet Inspection only and
no ACL rules will be used.
ACL – When selecting this mode, the Switch will perform IP Packet Inspection in addition to
ARP Packet Inspection. ACL rules will be used under this mode.
Stop Learning
Threshold
Whenever a MAC address is blocked by the Switch, it will be recorded in the Switch’s L2
Forwarding Database (FDB) and each entry associated with a particular port. To prevent
the Switch FDB from overloading in case of an ARP DoS attack, the administrator can
configure the threshold when a port should stop learning illegal MAC addresses.
Enter a stop learning threshold between 0 and 500. Entering 500 means the port will enter
the Stop Learning state after 500 illegal MAC entries and will not allow additional MAC
entries, neither legal nor illegal, to be learned on this port. In the Stop Learning state, the
port will also automatically purge all blocked MAC entries on this port. Traffic from legal
MAC entries is still forwarded.
Entering 0 means no limit has been set and the port will keep learning illegal MAC
addresses.
Click Apply to implement the changes made.
IMPB Entry Settings
This window is used to create static IP-MAC-binding port entries and view all IMPB entries on the Switch.
- Table of Contents 3
- Intended Readers 11
- Safety Cautions 12
- Lithium Battery Precaution 14
- Section 1 15
- Introduction 15
- Web-based User Interface 16
- Web Pages 17
- Configuration 18
- Device Information 19
- System Information 19
- Serial Port Settings 20
- IP Address 20
- Port Configuration 22
- Port Settings 23
- Port Description Settings 25
- Static ARP Settings 26
- Gratuitous ARP 27
- User Accounts 28
- Command Logging Settings 29
- System Log Configuration 30
- System Severity Settings 31
- MAC Address Aging Time 32
- Web Settings 32
- Telnet Settings 33
- Password Encryption 33
- CLI Paging Settings 33
- Firmware Information 34
- Dual Configuration Settings 35
- Power Saving 37
- Power Saving Settings 38
- Power Saving LED Settings 39
- Power Saving Port Settings 39
- MAC Notification Settings 40
- SNMP Settings 41
- SNMP Global State Settings 42
- SNMP View Table 43
- SNMP Group Table 44
- SNMP User Table 45
- SNMP Community Table 46
- SNMP Host Table 47
- SNMP v6Host Table 48
- SNMP Engine ID 48
- SNMP Trap Configuration 49
- Single IP Management 50
- Upgrade to v1.61 51
- Single IP Settings 52
- Topology 53
- Tool Tips 55
- Right-Click 56
- Group Icon 56
- Commander Switch Icon 57
- Member Switch Icon 58
- Candidate Switch Icon 58
- Firmware Upgrade 60
- Upload Log File 60
- SD Card Backup Settings 62
- SD Card Execute Settings 62
- L2 Features 64
- IEEE 802.1Q VLANs 65
- 802.1Q VLAN Tags 66
- Port VLAN ID 67
- Tagging and Untagging 67
- Ingress Filtering 68
- Default VLANs 68
- Port-based VLANs 68
- VLAN Segmentation 69
- VLAN and Trunk Groups 69
- 802.1v Protocol VLAN 72
- GVRP Settings 74
- MAC-based VLAN Settings 75
- Private VLAN Settings 75
- PVID Auto Assign Settings 78
- Voice VLAN 78
- Voice VLAN Port Settings 79
- Voice VLAN OUI Settings 80
- Voice VLAN Device 80
- VLAN Trunk Settings 81
- Browse VLAN 82
- Egress Filter Settings 83
- L2 Multicast Control 83
- IGMP Snooping 84
- IGMP Router Port 88
- IGMP Snooping Counter 89
- IGMP Host Table 90
- MLD Snooping 91
- MLD Router Port 95
- MLD Snooping Counter 97
- Multicast VLAN 98
- Multicast Filtering 101
- Multicast Filtering Mode 103
- Port Mirroring 104
- Spanning Tree 105
- Port Transition States 106
- Edge Port 106
- P2P Port 106
- STP Bridge Global Settings 107
- STP Port Settings 108
- STP Instance Settings 111
- MSTP Port Information 111
- Link Aggregation 112
- Forwarding & Filtering 115
- Multicast Forwarding 116
- LLDP Global Settings 117
- LLDP Port Settings 118
- LLDP Management Address List 119
- LLDP Basic TLVs Settings 119
- LLDP Dot1 TLVs Settings 120
- LLDP Dot3 TLVs Settings 121
- LLDP Statistics System 122
- LLDP Local Port Information 123
- LLDP Remote Port Information 124
- LLDP-MED 125
- NLB FDB Settings 127
- L3 Features 129
- IPv6 Interface Settings 130
- IPv6 Route Settings 131
- IPv6 Neighbor Settings 131
- Section 5 133
- Understanding QoS 134
- Bandwidth Control 135
- Traffic Control 136
- 802.1p Default Priority 139
- 802.1p User Priority 139
- QoS Scheduling Mechanism 140
- Security 141
- RADIUS Accounting Settings 142
- RADIUS Authentication 143
- RADIUS Account Client 144
- IP-MAC-Port Binding (IMPB) 145
- ARP Mode 146
- ACL Mode 146
- Strict and Loose State 146
- IMPB Global Settings 147
- IMPB Port Settings 148
- IMPB Entry Settings 149
- MAC Block List 150
- DHCP Snooping 151
- ND Snoop 152
- Port Security 153
- Port Lock Entries 154
- DHCP Server Screening 155
- DHCP Offer Filtering 156
- Authentication Server 158
- Authenticator 158
- Authentication Process 159
- 802.1X Global Settings 162
- 802.1X Port Settings 163
- 802.1X User Settings 165
- Guest VLAN Settings 165
- Authenticator State 166
- Authenticator Statistics 166
- Authenticator Diagnostics 168
- SSL Settings 171
- SSL Certification Settings 173
- SSH Settings 174
- SSH User Authentication List 176
- Enable Admin 178
- Authentication Server Group 179
- Login Method Lists Settings 182
- Enable Method Lists Settings 183
- WAC Global Settings 190
- WAC User Settings 191
- WAC Port Settings 192
- WAC Authenticating State 193
- WAC Customize Page 193
- JWAC Global Settings 194
- JWAC Port Settings 196
- JWAC User Settings 197
- JWAC Authentication State 198
- JWAC Customize Page Language 199
- JWAC Customize Page 199
- Compound Authentication 200
- 802.1X & IMPB Mode 201
- IMPB & WAC/JWAC Mode 202
- MAC & IMPB Mode 202
- IGMP Access Control Settings 206
- BPDU Attack Protection 208
- Loopback Detection Settings 209
- Traffic Segmentation 210
- Safeguard Engine Settings 211
- Trusted Host Settings 212
- Section 7 214
- ACL Configuration Wizard 214
- Access Profile List 215
- CPU Access Profile List 229
- Time Range Settings 242
- Network Application 244
- DHCPv6 Relay 247
- DHCP Server 248
- DHCP Server Global Settings 249
- DHCP Server Pool Settings 250
- DHCP Server Manual Binding 251
- DHCP Local Relay Settings 252
- DHCP Option 12 Settings 254
- DNS Resolver 254
- SMTP Settings 257
- SNTP Settings 258
- Ping Test 260
- Section 9 262
- Ethernet OAM 262
- Ethernet OAM Event Log 264
- Ethernet OAM Statistics 264
- DULD Settings 265
- Cable Diagnostics 266
- Cable Diagnostics Notes 267
- Monitoring 268
- DRAM & Flash Utilization 269
- Port Utilization 270
- Packet Size 270
- Packets 272
- UMB_Cast (RX) 274
- Transmitted (TX) 275
- Received (RX) 277
- Browse ARP Table 280
- Browse Router Port 280
- Browse MLD Router Port 281
- Browse Session Table 281
- IGMP Snooping Group 282
- MLD Snooping Group 282
- MAC Address Table 283
- System Log 284
- Save and Tools 285
- Save Configuration 286
- Save Log 286
- Save All 287
- Download Firmware to SD Card 288
- Reboot System 290
- Using Packet Content ACL 291
- Ethernet Header 294
- Example topology 295
- Appendix D – Trap Logs 318
Manuais e produtos relacionados com Redes D-Link DSA-3200
Redes D-Link DSL-300 Manual do Utilizador
(5 páginas)
(5 páginas)
Redes D-Link DHP-306AV Manual do Utilizador
(56 páginas)
(56 páginas)
Redes D-Link DVG-2032S Manual do Utilizador
(3 páginas)
(3 páginas)
Redes D-Link DSL-320T Guia do Utilizador
(66 páginas)
(66 páginas)
Redes D-Link DSL-320B Manual do Utilizador
(40 páginas)
(40 páginas)
Redes D-Link 707P - DI Router Especificações
(109 páginas)
(109 páginas)
Redes D-Link AirPlus G DWL-G510 Especificações
(47 páginas)
(47 páginas)
Redes D-Link DGE-550SX Guia do Utilizador
(25 páginas)
(25 páginas)
Redes D-Link DI 704 - Gateway Manual do Utilizador
(47 páginas)
(47 páginas)
Redes D-Link DCM-301 Manual do Utilizador
(20 páginas)
(20 páginas)
Redes D-Link DWL-3600AP Guia de Instalação
(4 páginas)
(4 páginas)
Redes D-Link DI-206 Manual do Utilizador
(15 páginas)
(15 páginas)
Redes D-Link DAP-3220 Manual do Utilizador
(84 páginas)
(84 páginas)
Redes D-Link DWR-510 Manual do Utilizador
(62 páginas)
(62 páginas)
© 2020, manymanuals-pt.com. Todos os direitos reservados. | 0.081 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentários a estes Manuais