Home » D-Link Manuals » Hubs & Switches » D-Link DES-3326SRM » Manual Viewer

D-Link DES-3326SRM Product Manual - Page 95

CPU Interface Filtering, CPU Interface Filtering State Settings

UPC - 790069255304

Add to My Manuals
Save this manual to your list of manuals

Page 95 highlights

D-Link DES-3326S Layer 3 Switch CPU Interface Filtering There are specific circumstances under which the ACL cannot filter a packet even when there is a condition match that should deny forwarding. This is a limitation that may arise if: • the destination MAC is the same as the Switch (system) MAC • a packet is directed to the system IP interface such as multicast IP packets or if the hardware IP routing table is full and Switch software routes the packet according to routing protocol. In order to address this functional limitation of the chip set, an additional function, CPU Interface Filtering, has been added. CPU Filtering may be universally enabled or disabled. Setting up CPU Interface Filtering follows the same basic procedure as ACL configuration and requires some of the same input parameters. CPU Interface Filtering is configured in a manner similar to creating an Access Profiles. First a mask is created to specify which part or parts of a frame the Switch will examine, such as the MAC source address or the IP destination address. Then rules are used to define criteria the Switch will use to determine what to do with the frame. The entire process is described below. CPU Interface Filtering State Settings In the following window, the user may globally enable or disable the CPU Interface Filtering mechanism by using the pulldown menu to change the running state. To access this window, click CPU Interface Filtering State in the Advanced Setup directory folder. Choose Enabled to enable CPU packets to be scrutinized by the Switch and Disabled to disallow this scrutiny. Figure 14- 7. CPU Interface Filtering State Settings window 85

Section	Page
About This Manual	7
Intended Readers	7
Notes, Notices, and Cautions	7
Safety Instructions	8
	8
	8
Safety Cautions	8
General Precautions for Rack-Mountable Products	9
Protecting Against Electrostatic Discharge	10
Introduction	11
	11
	11
	11
	11
Switch Description	11
Features	11
Front Panel Components	11
LED Indicators	11
Rear Panel Description	11
Plug-in Modules	11
Switch Stacking	11
Management Options	11
Switch Description	11
Features	12
Front Panel Components	13
LED Indicators	13
Stacking LED Indicators	14
Rear Panel Description	15
Side Panels	15
Optional Plug-in Modules	16
	16
DES-132 2-port 100BASE-TX Module	16
	16
	16
	16
	16
Port Functions	16
LED Indicators	16
DES-131F/132F 1/2-port 100BASE-FX Module	17
	17
	17
	17
	17
Port Functions	17
LED Indicators	17
DES-131FL/132FL 1/2-port 100BASE-FX Module	18
	18
	18
	18
	18
Port Functions	18
LED Indicators	18
DES-132T 2-port 1000BASE-T Module	19
	19
	19
	19
	19
Port Functions	19
LED Indicators	19
DES-132G 2-port 1000BASE-SX Gigabit Ethernet Module	20
	20
	20
	20
	20
Port Functions	20
DEM-320S 2-port 1000BASE-SX Gigabit Ethernet Module	20
	20
	20
	20
	20
Port Functions	20
LED Indicators	20
DES-132GL 2-port 1000BASE-LX Gigabit Ethernet Module	21
	21
	21
	21
	21
Port Functions	21
DEM-320L 2-port 1000BASE-LX Gigabit Ethernet Module	21
	21
	21
	21
	21
Port Functions	21
LED Indicators	21
DES-132GB 2-port GBIC-based Gigabit Ethernet Module	22
	22
	22
	22
	22
Port Functions	22
DEM-320GH 2-port GBIC-based Gigabit Ethernet Module	22
	22
	22
	22
	22
Port Functions	22
LED Indicators	22
DES-332GS 1-port GBIC-Based Gigabit Ethernet Switch and stacking Module	23
	23
	23
	23
	23
Port Functions	23
Stacking Port Function	23
DEM-320GS 1-port GBIC-Based Gigabit Ethernet Switch and stacking Module	23
	23
	23
	23
	23
Port Functions	23
Stacking Port Function	23
LED Indicators*	23
Management Options	25
	25
Web-based Management Interface	25
Command Line Console Interface through the Serial Port or Telnet	25
SNMP-Based Management	25
Installation	26
	26
	26
	26
	26
Package Contents	26
Before You Connect to the Network	26
Connecting the Console Port	26
Password Protection	26
SNMP Settings	26
IP Address Assignment	26
Connecting Stacked Switch Groups	26
Configuring a Switch Group for Stacking	26
Connecting Devices to the Switch	26
Package Contents	26
Before You Connect to the Network	27
Connecting the Console Port	27
Password Protection	28
IP Address Assignment	29
SNMP Settings	31
Traps	31
MIBs	31
Installing the Switch without the Rack	32
Installing the Switch in a Rack	33
Connecting Stacked Switch Groups	34
	34
Stacking Connections with IEEE 1394 Cabling	34
Notes on Stacking Switches	35
Configuring a Switch Group for Stacking	36
	37
Notes on Standalone Operation	38
To Disable Stacking	38
Unit ID Display for Switches in a Switch Stack	39
	39
Connecting Devices to the Switch	39
Switch Management	40
	40
	40
	40
	40
Before You Start	40
General Deployment Strategy	40
Web-based User Interface	40
Basic Setup	40
Switch Information	40
Switch IP Settings	40
User Accounts Management	40
Saving Changes	40
Factory Reset	40
Restart System	40
Before You Start	40
General Deployment Strategy	41
VLAN Setup	41
Defining Static Routes	41
Web-based User Interface	42
Areas of the User Interface	42
Login to Web Manager	43
Web Pages and Menus	43
Basic Setup	44
Switch Information	44
Switch IP Settings	45
	46
Setting the Switch’s IP Address using the Console	46
User Accounts Management	47
Admin and User Privileges	49
Saving Changes	50
Factory Reset	50
Restart System	51
Stacking Mode	52
Port Configuration	55
	55
	55
	55
	55
Configure Ports	55
Serial Port Settings	55
Port Security Settings	55
Traffic Segmentation	55
Configure Ports	56
Serial Port Settings	58
Port Security Settings	59
Traffic Segmentation	60
Link Aggregation	61
	61
	61
	61
	61
Configure Link Aggregation	61
Configure Link Aggregation	62
Choose the Link Aggregation Algorithm	62
Configure the Link Aggregation Groups	63
Port Mirroring	65
MAC Forwarding	66
	66
	66
	66
	66
Static Unicast Forwarding	66
Static Multicast Forwarding	66
Broadcast/Multicast Storm Control	66
MAC Address Aging Time	66
Unicast MAC Address Forwarding	66
Multicast MAC Address Forwarding	68
	68
Broadcast/Multicast Storm Control	69
Spanning Tree Protocol	71
	71
	71
	71
	71
802.1w Rapid Spanning Tree	71
Configure STP	71
802.1w Rapid Spanning Tree	71
Port Transition States	71
	72
	72
	72
	72
802.1w/802.1d Compatibility	72
Configure STP Switch Settings	72
STP Port Settings	74
Quality of Service Configuration	76
	76
	76
	76
	76
Configure QoS Output Scheduling	76
Configure 802.1p User Priority	76
Configure Default Priority	76
Configure Bandwidth	76
Configure QoS Output Scheduling	77
Configure 802.1p User Priority	78
Configure Default Priority	79
Configure Bandwidth Control	80
MAC Notification	81
	81
	81
	81
	81
MAC Notification Global Setting	81
MAC Notification Port Settings	81
MAC Notification Global Settings	81
MAC Notification Port Settings	82
System Log	83
	83
	83
Configure System Log State	83
SNTP Settings	85
	85
	85
Current Time Settings	85
Time Zone and DST	86
Security Management	88
	88
	88
	88
	88
Access Profile Configuration	88
CPU Interface Filtering	88
802.1X Port-based Network Access Control	88
802.1X Configuration	88
Access Profile Configuration	88
	88
Access Profile Mask	88
CPU Interface Filtering	95
	95
CPU Interface Filtering State Settings	95
CPU Interface Filtering Mask	96
802.1X Port-based Network Access Control	101
802.1X Configuration	103
	103
802.1X State	103
802.1X Port Settings	104
Port Capability	106
Initialize Ports	107
Re-Authenticate Ports	108
Radius Server Settings	109
SNMP Network Management	110
	110
	110
	110
	110
SNMP View Table	110
SNMP Group Table	110
SNMP Community Table	110
SNMP Engine ID	110
SNMP Host Table	110
SNMP User Table	110
Security IP Management	110
SNMP Version	110
SNMP View Table	111
SNMP Group Table	112
SNMP Community Table	113
SNMP Engine ID	114
SNMP Host Table	115
SNMP User Table	116
Security IP Management	117
Network Monitoring and Statistics	118
	118
	118
	118
	118
Port Utilization Statistics	118
Port Packets Statistics	118
MAC Address Table	118
IP Address Table	118
Routing Table	118
ARP Table	118
OSPF Information	118
DVMRP Information	118
PIM Neighbor Address Table	118
GVRP Status	118
Router Ports	118
IGMP and IGMP Snooping Information	118
IP Multicast Forwarding Table	118
802.1X Authentication Status	118
Switch History	118
Port Utilization Statistics	119
Port Packet Statistics	120
	120
Port Packet Analysis	120
Port Error Packets	120
Port Packet Analysis	120
Port Error Packets	121
MAC Address Table	123
Routing Table	124
ARP Table	125
OSPF Information	126
	126
OSPF LSDB Table	126
OSPF Neighbor Table	126
OSPF Virtual Neighbor Table	126
OSPF Link State Database Table	126
OSPF Neighbor Table	127
OSPF Virtual Neighbor Table	127
DVMRP Information	128
	128
DVMRP Routing Table	128
DVMRP Neighbor Address Table	128
DVMRP Next Hop Table	128
DVMRP Routing Table	128
DVMRP Neighbor Address Table	129
DVMRP Next Hop Table	129
PIM Neighbor Address Table	130
GVRP Status	130
Router Ports	131
IGMP Snooping Group Table	132
IGMP Snooping Forwarding Table	132
IGMP Group Table	133
IP Multicast Forwarding Table	134
802.1X Authentication Status	134
Switch History	135
Switch Utilities	136
	136
	136
	136
	136
Download Firmware	136
Download Configuration File	136
Save Settings to TFTP Server	136
Save Switch History to TFTP Server	136
Ping Test	136
BOOTP/DHCP Relay	136
BOOTP/DHCP Relay Interface Configuration	136
DNS Relay	136
DNS Relay Interface Configuration	136
TFTP Services	136
	136
Download Firmware	136
Download Configuration File	136
Save Settings to Server	137
Save History Log to Server	137
Ping Test	138
DHCP, BOOTP and DNS Relay	139
	140
BOOTP/DHCP Relay Interface Configuration	140
DNS Relay	141
DNS Relay Interface Configuration	142
VLANs in Layer 2	143
Layer 3-Based VLANs	143
Planning VLAN Layout	143
Assigning IP Network Addresses and Subnet Masks to VLANs	143
Understanding 802.1Q VLANs	143
	144
IEEE 802.1Q VLANs	144
802.1Q VLAN Packet Forwarding	144
802.1Q VLAN Tags	144
Port VLAN ID	145
Tagging and Untagging	146
Ingress Filtering	146
Configure VLANs	147
	147
	147
	147
	147
Configure 802.1Q Static VLANs	147
802.1Q Port Settings	147
Switch GVRP	147
Configure 802.1Q Static VLANs	147
802.1Q Port Settings	150
Switch GVRP	151
IP Interface Configuration	152
	152
	152
Set Up IP Interfaces	152
Multicast Routing Configuration	155
	155
	155
	155
	155
Multicast Global Configurations	155
IGMP Snooping Settings	155
IGMP Interface Configurations	155
DVMRP Interface Configuration	155
PIM-DM Settings	155
Multicast Global Configurations	155
IGMP Snooping Settings	156
IGMP Interface Configuration	158
DVMRP Interface Configuration	160
PIM-DM Settings	161
Static Route, Static ARP and RIP Configuration	163
	163
	163
	163
	163
Configure Static Routes	163
Configure Static ARP	163
Routing Information Protocol (RIP) Configuration	163
Configure Static Routes	163
Configure Static ARP	164
Routing Information Protocol (RIP) Configuration	165
Introduction to OSPF	167
	167
	167
The Link-State Algorithm	167
The Shortest Path Algorithm	167
OSPF Cost	168
Shortest Path Tree	168
Areas and Border Routers	170
Link-State Packets	170
OSPF Authentication	171
Message Digest Authentication (MD-5)	171
Simple Password Authentication	171
The Backbone and Area 0	171
Virtual Links	171
Areas Not Physically Connected to Area 0	171
Partitioning the Backbone	171
Neighbors	172
Adjacencies	172
Designated Router Election	172
Building Adjacency	173
Adjacencies on Point-to-Point Interfaces	173
OSPF Packet Formats	173
The OSPF Packet Header	173
The Hello Packet	174
The Database Description Packet	175
The Link-State Request Packet	176
The Link-State Update Packet	177
The Link-State Acknowledgment Packet	178
Link-State Advertisement Formats	178
The Link State Advertisement Header	178
Router Links Advertisements	180
For each link, separate metrics may be specified for each Type of Service (TOS). The metric for TOS 0 must always be included, and was discussed above. Metrics for non-zero TOS are described below. Note that the cost for non-zero TOS values that are	181
Network Links Advertisements	182
Summary Link Advertisements	182
Autonomous Systems External Link Advertisements	184
Configure OSPF	185
	185
	185
	185
	185
MD5 Key Table Configuration	185
Configure OSPF Settings	185
OSPF Area Setting	185
OSPF Interface Configuration	185
OSPF Virtual Interface Settings	185
Area Aggregation Configuration	185
OSPF Host Route Settings	185
Route Redistribution Settings	185
MD5 Key Table Configuration	186
Configure OSPF Settings	187
	187

Match case Limit results 1 per page

D-Link DES-3326S Layer 3 Switch

CPU Interface Filtering

There are specific circumstances under which the ACL cannot filter a packet even when there is a condition match that should

deny forwarding. This is a limitation that may arise if:

•

the destination MAC is the same as the Switch (system) MAC

•

a packet is directed to the system IP interface such as multicast IP packets or if the hardware IP routing table is full

and Switch software routes the packet according to routing protocol.

In order to address this functional limitation of the chip set, an additional function,

CPU Interface Filtering

, has been added.

CPU Filtering may be universally enabled or disabled. Setting up CPU Interface Filtering follows the same basic procedure as

ACL configuration and requires some of the same input parameters.

CPU Interface Filtering is configured in a manner similar to creating an Access Profiles. First a mask is created to specify

which part or parts of a frame the Switch will examine, such as the MAC source address or the IP destination address. Then

rules are used to define criteria the Switch will use to determine what to do with the frame. The entire process is described

below.

CPU Interface Filtering State Settings

In the following window, the user may globally enable or disable the CPU Interface Filtering mechanism by using the pull-

down menu to change the running state. To access this window, click

CPU Interface Filtering State

in the Advanced Setup

directory folder. Choose

Enabled

to enable CPU packets to be scrutinized by the Switch and

Disabled

to disallow this

scrutiny.

Figure 14- 7. CPU Interface Filtering State Settings window