D-Link DGS-6600-48T Configuration Guide

D-Link DGS-6600-48T Manual

Get D-Link DGS-6600-48T PDF manuals and user guides View all D-Link DGS-6600-48T manuals
Add to My Manuals
Save this manual to your list of manuals

D-Link DGS-6600-48T manual content summary:

  • D-Link DGS-6600-48T | Configuration Guide - Page 1
    DGS-6600 Configuration Guide Ver. 1.00 DGS-6600 Configuration Guide i
  • D-Link DGS-6600-48T | Configuration Guide - Page 2
    D-Link DGS-6600 Information in this document is subject to change without notice. © 2013 D-Link Corporation. All rights reserved. Reproduction in any manner whatsoever without the written permission of D-Link Corporation is strictly forbidden. Trademarks used in this text: D-Link and the D-LINK
  • D-Link DGS-6600-48T | Configuration Guide - Page 3
    • DGS-6600 Command Line Reference Guide Typographical Conventions The conventions used in this Configuration Guide are type in the Switch console window. The commands must be typed exactly as printed in the manual. This is used in the CLI examples to indicate the parameters in a CLI command. This
  • D-Link DGS-6600-48T | Configuration Guide - Page 4
    are examples of the 3 types of indicators used in this manual. When configuring your switch using the information in this document, you and tells you how to avoid the problem CAUTION: A CAUTION indicates a potential for property damage, personal injury, or death. DGS-6600 Configuration Guide iv
  • D-Link DGS-6600-48T | Configuration Guide - Page 5
    Series Switch Product Summary 18 Chapter Overview 18 An Introduction to the DGS-6600 Series Switch 18 Components and Hardware 19 Chassis 20 Module Plug-in Frame 20 Module List 21 Supported User Interfaces 24 Chapter 2-Quick Start 25 Chapter Overview 25 An Introduction to Quickly Setting
  • D-Link DGS-6600-48T | Configuration Guide - Page 6
    a Telnet Connection 54 Enabling the Telnet Service 55 Configuring the Telnet Service Port 55 Specifying Telnet Terminals 55 Displaying Manual Configuration of Time 68 Automatic Configuration of Time 69 Configuring Summer Time 70 List of Constants and Default Settings 71 Chapter 8-DGS-6600
  • D-Link DGS-6600-48T | Configuration Guide - Page 7
    Part 2- Interface and Hardware Configurations Chapter 9-Interface Configuration 75 Chapter Overview 75 An Introduction to Interface Configuration 76 Identification of an Interface 76 Switch Port Interface 76 Port Channel Interface 76 VLAN Interface 76 Out-of-Band (OOB) Management Port
  • D-Link DGS-6600-48T | Configuration Guide - Page 8
    147 Configuration Examples 149 RSTP Configuration example 149 MSTP Configuration Example 152 List of Constants and Default Settings 157 Chapter 15-Link Aggregation 158 Chapter Overview 158 An Introduction to Port Channel Groups and LACP 158 Load Balancing 159 Load Balance Hash Algorithm
  • D-Link DGS-6600-48T | Configuration Guide - Page 9
    -IPv4 Basics 194 Chapter Overview 194 An Introduction to IPv4 194 IPv4 Basics 194 Subnet Masks 195 IPv4 Address Assignment on the DGS-6600 Series Switch 195 IPv4 Basic Configuration Commands 196 Configuration Example 197 Basic Routing (IPV4) Configuration Example 197 Chapter 21-IPv4 Static
  • D-Link DGS-6600-48T | Configuration Guide - Page 10
    Chapter 22-Routing Information Protocol (RIP 204 Chapter Overview 204 An Introduction to RIP 204 RIP Configuration Commands 205 Configuration Examples 213 RIP Configuration Example 213 List of Constants and Default Settings 216 Chapter 23-Open Shortest Path First (OSPF 217 Chapter Overview
  • D-Link DGS-6600-48T | Configuration Guide - Page 11
    285 An Introduction to IPv6 Tunneling 285 Operation concept 285 IPv6 Tunneling Configuration Commands 287 Configuration Examples 287 IPv6 tunneling manual Configuration Example 287 IPv6 tunneling 6to4 Configuration Example 289 IPv6 tunneling ISATAP Configuration Example 291 Chapter 30-Border
  • D-Link DGS-6600-48T | Configuration Guide - Page 12
    375 Configuration Examples 377 MPLS - VPLS Configuration Example 377 Configuration Restrictions and Constants 381 Part 6- Quality of Service (QoS) Chapter 36-Quality of Service (QoS 383 Chapter Overview 383 An Introduction to QoS 383 Policing and Color Markers 384 QoS Configuration Commands
  • D-Link DGS-6600-48T | Configuration Guide - Page 13
    Configuration Overview 415 ACL Configuration Commands 417 Configuring Access Control Lists 418 Applying Access Control Lists to Interfaces 423 Configuration Examples 425 ACL Configuration Example 425 List of Constants and Default Settings 427 Chapter 39-Authentication, Authorization and
  • D-Link DGS-6600-48T | Configuration Guide - Page 14
    462 DHCP Server Screening Default Settings 463 DHCP Server Screening Limitation 463 Chapter 44-DHCP Snooping Configuration 464 Chapter Overview 464 An Introduction to DHCP Snooping 464 DHCP Operation concept 465 DHCP Snooping Configuration Commands 465 Chapter 45-Port Security 469 Chapter
  • D-Link DGS-6600-48T | Configuration Guide - Page 15
    PING operation 487 Behavior under multi-netting 487 DHCP server and DHCP relay agent global mode 488 High availability in DHCP server 488 DHCP Server Configuration Commands 488 Configuring a DHCP Address Pool 489 Limitations 497 Chapter 50-DHCP Relay Configuration 498 Chapter Overview 498
  • D-Link DGS-6600-48T | Configuration Guide - Page 16
    Files 564 Managing Image Files 566 Loading Image Files 568 List of Constants and Default Settings 570 Part 12- Troubleshooting Chapter 58-Displaying System Information 572 Chapter Overview 572 An Introduction to Displaying Information 572 Information Categories 572 Displaying System
  • D-Link DGS-6600-48T | Configuration Guide - Page 17
    RSPAN 590 RSPAN Configuration Commands 592 Configuration Examples 594 RSPAN Configuration Example 594 Relationship with other modules in the DGS-6600-Series Switch 596 Chapter 62-Testing Network Connectivity 598 Chapter Overview 598 Testing Connectivity to a Specific Destination 598 Tracing
  • D-Link DGS-6600-48T | Configuration Guide - Page 18
    List • DGS-6600-CM • DGS-6600-CM-II • DSG-6600-24SC2XS I/O Card • DGS-6600-48P I/O Card • DGS-6600-48T I/O Card • DGS-6600-48S I/O Card • DGS-6600-48TS I/O Card • DGS-6600-8XG I/O Card • Supported User Interfaces An Introduction to the DGS-6600 Series Switch The D-Link's DGS-6600 series switch
  • D-Link DGS-6600-48T | Configuration Guide - Page 19
    and Hardware The D-Link's DGS-6600 series switch is a modular, chassis-based Ethernet backbone switch designed for adaptability and scalability. Currently, the DGS-6600 series chassis is available in a 4slot chassis (DGS-6604) and an 8-slot chassis (DGS-6608). Figure 1-1 DGS-6604 Product Appearance
  • D-Link DGS-6600-48T | Configuration Guide - Page 20
    supported by the DGS- DGS-6608 will have the following layout: • Two control management module. • Six line card modules to meet the network requirements. The slot number used for the Control Management module is 4 and 5. Slots 1-3 to 6-8 are used for line card modules. DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 21
    List The DGS-6604/6608 supports the modules described below: Model Name DGS-6600-CM DGS-6600-CM-II DGS-660024SC2XS DGS-6600-16XS DGS-6600-48P DGS-6600-48S DGS-6600-48T DGS-6600-48TS DGS-6600-8XG data from the compact flash card is being accessed. Management Port DGS-6600 Configuration Guide 21
  • D-Link DGS-6600-48T | Configuration Guide - Page 22
    and plugged it back into the host the Switch is being accessed from. DGS-6600-CM-II Figure 1-4 DGS-6600-CM-II Compact Flash Slot The DGS-6600-CM-II Control Module has two compact flash slots (CF1 and CF2). Install to the Switch via the RS-232 console connection. DGS-6600 Configuration Guide 22
  • D-Link DGS-6600-48T | Configuration Guide - Page 23
    if the USB cable is disconnected and plugged it back into the host the Switch is being accessed from. DSG-6600-24SC2XS I/O Card DGS-6600-48P I/O Card Figure 1-5 DGS-6600-24SC2XS DGS-6600-48T I/O Card Figure 1-6 DGS-6600-48P Figure 1-7 DGS-6600-48T I/O Card DGS-6600 Configuration Guide 23
  • D-Link DGS-6600-48T | Configuration Guide - Page 24
    1-8 DGS-6600-48S I/O Card DGS-6600-48TS I/O Card Figure 1-9 DGS-6600-48TS I/O Card DGS-6600-8XG I/O Card Figure 1-10 DGS-6600-8XG I/O Card Supported User Interfaces The Switch can be configured using the following methods: • Command-Line Interface • MIB Browser DGS-6600 Configuration Guide 24
  • D-Link DGS-6600-48T | Configuration Guide - Page 25
    Terminal to the Console Port • SNMP-Based Management An Introduction to Quickly Setting Up the DGS-6600 Series Switch The following chapter discusses how to create user accounts on the Switch. User 0ºC-50ºC Operating Humidity 10%-90% RH non-condensed Table 2-1 DGS-6600 Configuration Guide 25
  • D-Link DGS-6600-48T | Configuration Guide - Page 26
    body, it will not reduce the static electricity build up on clothing. Moving the Device The DGS-6600 series Switch is quite heavy. When handling, please use the following guidelines: • Avoid moving tray, and power modules from the chassis before moving the chassis. DGS-6600 Configuration Guide 26
  • D-Link DGS-6600-48T | Configuration Guide - Page 27
    will help to ensure the stable and reliable operation of the DGS-6600 series switch. Be sure to verify that the grounding conditions meet the grounding requirements and all devices are grounded appropriately before using the DGS-6600 series switch. Figure 2-2 DGS-6600 Configuration Guide 27
  • D-Link DGS-6600-48T | Configuration Guide - Page 28
    . Installation Site Requirements The DGS-6600 series switch must be used you plan to mount the DGS-6600 in a frame, please use to bear the weight of the DGS-6600 and its installed components. • right panels of the DGS-6600 for the purpose of ventilation requirements of the DGS-6600. You must allow
  • D-Link DGS-6600-48T | Configuration Guide - Page 29
    sides of the board, to remove the module from the DGS-6600. Installing Modules in the DGS-6604 & DGS-6608 • Remove the component card or blank panel as instructed in the section Removing Modules from the DGS-6600 • Insert the new module into the guide rail of the vacant slot. • Use the levers on the
  • D-Link DGS-6600-48T | Configuration Guide - Page 30
    press the Enter key at the password prompts. There is no default password for the Switch. SNMP-Based Management The Switch can be managed with D-Link D-View or any SNMP-compatible console program. The SNMP function is disabled by default for D-Link managed switches. DGS-6600 Configuration Guide 30
  • D-Link DGS-6600-48T | Configuration Guide - Page 31
    Part 1- Configuration Fundamentals The following chapters are included in this volume: • Command-Line Interface (CLI) • Accessing the Command Line Interface • User Account Configuration • Accessing the Web Interface (Web UI) • Time Configuration • DGS-6600 Default Metric
  • D-Link DGS-6600-48T | Configuration Guide - Page 32
    access right level. • Advanced User- Privilege Level 2. This user account level allowed to use the terminal control interface to enter, some, privileged EXEC mode configurations. DGS-6600 Configuration Guide 32
  • D-Link DGS-6600-48T | Configuration Guide - Page 33
    monitor all system information and change any of the system configuration settings expressed in this configuration guide. The command-line interface has three basic command modes: • User EXEC mode • used to switch between user EXEC mode and privileged EXEC mode. DGS-6600 Configuration Guide 33
  • D-Link DGS-6600-48T | Configuration Guide - Page 34
    not provided in this section. For more information on the additional sub-configuration modes, the user should refer to the chapters relating to these functions. DGS-6600 Configuration Guide 34
  • D-Link DGS-6600-48T | Configuration Guide - Page 35
    at basic user level, except that user EXEC mode at advanced user level is allowed to use the enable command to enter privileged EXEC mode. DGS-6600 Configuration Guide 35
  • D-Link DGS-6600-48T | Configuration Guide - Page 36
    a privilege level of 12: User Access Verification Username: power-user Password: DGS-6600 Chassis-based High-Speed Switch Command Line Interface Firmware: 2.10.011 Copyright (c) 2012 D-Link Corporation. All rights reserved. DGS-6600:12# In the following example, the user enters the enable privilege
  • D-Link DGS-6600-48T | Configuration Guide - Page 37
    is used to configure the parameters of a VLAN interface. To access VLAN interface configuration mode, use the following command in global configuration mode: Command DGS-6600:15(config)#interface vlanVLAN-ID Explanation Enters VLAN interface configuration mode. DGS-6600 Configuration Guide 37
  • D-Link DGS-6600-48T | Configuration Guide - Page 38
    : DGS-6600:15#di? dir List directory contents disable Turn off privileged mode command ABBREVIATED-COMMAND-ENTRY DGS-6600:15# Completes a partial command name. For example: DGS-6600:15#show spa DGS-6600:15#show spanning-tree Table 3-2 Help System DGS-6600 Configuration Guide 38
  • D-Link DGS-6600-48T | Configuration Guide - Page 39
    the associated arguments for a keyword. For example: DGS-6600:15(config)#spanning-tree mode ? mstp Multiple Spanning Tree Protocol rstp Rapid Spanning Tree Protocol stp Spanning Tree Protocol(Compatible Mode) DGS-6600:15(config)# Table 3-2 Help System (continued) DGS-6600 Configuration Guide 39
  • D-Link DGS-6600-48T | Configuration Guide - Page 40
    to know what arguments match the input (e.g. 'show ve?'.) DGS-6600:2> Editing Features The CLI user interface supports the following keystrokes for editing purposes: Keystroke . Automatically completes a command. Table 3-3 Editing Features DGS-6600 Configuration Guide 40
  • D-Link DGS-6600-48T | Configuration Guide - Page 41
    before the command. One function that supports the no command form is the password service-port command is entered in global configuration mode to return the Telnet service port to default settings. DGS-6600:15(config)#default ip telnet service-port DGS-6600:15(config)# DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 42
    is not available in global configuration mode, the "Invalid input detected at marker" error appears in the console window, indicating the location of the error. DGS-6600:15(config)#shutdown ^ % Invalid input detected at '^' marker. DGS-6600:15(config)# DGS-6600 Configuration Guide 42
  • D-Link DGS-6600-48T | Configuration Guide - Page 43
    in the history buffer: DGS-6600:15#show history 1 enable 2 configure terminal 3 default ip telnet service-port 4 end 5 show history DGS-6600:15# Recalling Commands To recall indicates a Power User, and 15 indicates an Administrator. Table 3-6 Command Prompts DGS-6600 Configuration Guide 43
  • D-Link DGS-6600-48T | Configuration Guide - Page 44
    DGS-6600:15(config)#command prompt level string Comms-Rm Comms-Rm:15(config)#end Filtering the Output from the Show Command The user can filter the output of the show command to match a given expression as well as any of lines that are associated with the expression. DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 45
    of the show logging-buffer command so that only the entries for the first instances of eth4.43: DGS-6600:2>enable DGS-6600:15#show logging buffer | begin eth4.43 ...skipping 7 2010-08-26 07:38:28 eth4.43 2010-08-26 07:38:06 Interface eth4.43 is up DGS-6600:15# DGS-6600 Configuration Guide 45
  • D-Link DGS-6600-48T | Configuration Guide - Page 46
    show logging-buffer command so that lines containing the expression eth4.43 are filtered out: DGS-6600:2>enable DGS-6600:15#show logging buffer | exclude eth4.43 Total logs:9 Index Date Times Log Text contact the System Administrator on extension: 6716." DGS-6600 Configuration Guide 46
  • D-Link DGS-6600-48T | Configuration Guide - Page 47
    to return the login banner back to default settings: DGS-6600:15(config)#default banner login DGS-6600:15(config)# Establishing a Telnet Connection to a Remote Device The user can establish a connection to a remote device that supports the Telnet protocol: Command telnet {IP-ADDRESS | IPV6-ADDRESS
  • D-Link DGS-6600-48T | Configuration Guide - Page 48
    .1, eth1.2. For a VLAN interface, the format is vlanVLAN-ID. e.g. vlan1. For a channel group (link aggregated) interface, the format is port-channelGROUP-NUM, for example: port-channel3 MAC Address The acceptable formats in the following format: 00-01-80-40-30-20 DGS-6600 Configuration Guide 48
  • D-Link DGS-6600-48T | Configuration Guide - Page 49
    Characters for General Strings that Do Not Allow Spaces A-Z a-z 0-9 Encrypted Password An encrypted password should start with *@&. The allowed characters for an encrypted password are: A-Z a-z 0-9 +/ DGS-6600 Configuration Guide 49
  • D-Link DGS-6600-48T | Configuration Guide - Page 50
    Used to indicate a four-digit year, 0000 through to 9999. MM Used to indicate a two-digit month of the year, 01 through to 12. Table 3-9 DGS-6600 Configuration Guide 50
  • D-Link DGS-6600-48T | Configuration Guide - Page 51
    . The Switch timers usually use seconds or milliseconds time units. The Switch usually abbreviates seconds to sec and milliseconds to msec for unified display formatting. DGS-6600 Configuration Guide 51
  • D-Link DGS-6600-48T | Configuration Guide - Page 52
    • Accessing the Switch Using a Telnet Connection • Enabling the Telnet Service • Configuring the Telnet Service Port • Specifying Telnet Terminals • Displaying Trusted Host Telnet Terminals • bps. 5) Set the data format to 8 data bits, 1 stop bit, and no parity. DGS-6600 Configuration Guide 52
  • D-Link DGS-6600-48T | Configuration Guide - Page 53
    example, the user has started a console connection and enters privileged EXEC mode: DGS-6600 Chassis-based High-Speed Switch Command Line Interface Firmware: 3.00.080 Copyright (c) 2012 D-Link Corporation. All rights reserved. DGS-6600:2>enable DGS-6600:15# DGS-6600 Configuration Guide 53
  • D-Link DGS-6600-48T | Configuration Guide - Page 54
    to a Switch with an IP address of 10.73.87.99: C:\>telnet 10.73.87.99 Telnet connecting ... DDGS-6600 Chassis-based High-Speed Switch Command Line Interface Firmware: 3.00.080 Copyright (c) 2012 D-Link Corporation. All rights reserved. DGS-6600:2>enable DGS-6600:15# DGS-6600 Configuration Guide 54
  • D-Link DGS-6600-48T | Configuration Guide - Page 55
    for Telnet to be 3000: DGS-6600:15#configure terminal DGS-6600:15(config)#ip telnet service-port 3000 DGS-6600:15(config)#end Specifying Telnet : DGS-6600:15#configure terminal DGS-6600:15(config)#ip trusted-host 10.73.87.3 telnet DGS-6600:15(config)#end DGS-6600 Configuration Guide 55
  • D-Link DGS-6600-48T | Configuration Guide - Page 56
    user displays a list of the hosts that are allowed to managed the Switch using a Telnet connection: DGS-6600:15#show ip trusted-host telnet Index IP/Network Address Valid to Access 01 10.78.62.1/32 press the key to display one more line of output. DGS-6600 Configuration Guide 56
  • D-Link DGS-6600-48T | Configuration Guide - Page 57
    can be displayed in a terminal window and by using the default keyword saves the setting into the system configuration file for the next switch startup.: DGS-6600:2>terminal width 100 default DGS-6600 Configuration Guide 57
  • D-Link DGS-6600-48T | Configuration Guide - Page 58
    Maximum Telnet sessions 8 Local Console Baud Rate 115200 bps Table 4-1 Constants Values Variable Name Default Value Telnet Service Enabled Telnet Service Port TCP 23 Terminal Length 24 lines Terminal Timeout Never Table 4-2 Default Variable Values DGS-6600 Configuration Guide 58
  • D-Link DGS-6600-48T | Configuration Guide - Page 59
    access-levels. Creating User Accounts with Different Privilege Levels Creating User Accounts The Switch supports user accounts with different access levels. The following access levels can be assigned to of 12 or 15, the user will directly enter privileged EXEC mode. DGS-6600 Configuration Guide 59
  • D-Link DGS-6600-48T | Configuration Guide - Page 60
    the user accounts that have been setup on the Switch: DGS-6600:15#show username Password Encryption : Disabled Username Access Level Password Encrypted dlink 15 *@&fEqNCco3Yq9h5ZUglD3CZJT4LBvRndtZ * admin 15 mypassword Total Entries: 2 DGS-6600:15# DGS-6600 Configuration Guide 60
  • D-Link DGS-6600-48T | Configuration Guide - Page 61
    accounts setup on the Switch. The following example displays all the user accounts that have been setup on the Switch: DGS-6600:2>show user-session UI Codes: co - console, h - http, hs - https, s - ssh, te plain-text or encrypted form in the running configuration. DGS-6600 Configuration Guide 61
  • D-Link DGS-6600-48T | Configuration Guide - Page 62
    Enter the following command to log into the Switch with a different user name: Command login Explanation Allows the user to login with a different user name. DGS-6600 Configuration Guide 62
  • D-Link DGS-6600-48T | Configuration Guide - Page 63
    with the user name "user1": DGS-6600:2>login User Access Verification Username: user1 Password: DGS-6600 Chassis-based High-Speed Switch Command Line Interface Firmware: 3.00.080 Copyright (c) 2012 D-Link Corporation. All rights reserved. DGS-6600:2> Encrypting Passwords By default, passwords
  • D-Link DGS-6600-48T | Configuration Guide - Page 64
    command after the password encryption command has been entered on the Switch: DGS-6600:15#show username Password Encryption : Enabled Username Access Level Password Encrypted Password None Password Encryption Disabled Table 5-3 Default Variable Values DGS-6600 Configuration Guide 64
  • D-Link DGS-6600-48T | Configuration Guide - Page 65
    Web Interface • Configuration Commands • Enabling the Web Interface • Configuring the Web Service Port • Specifying Web Management Terminals • Displaying Trusted Host Web Terminals • List mode. Enables the Web interface. Exits global configuration mode. DGS-6600 Configuration Guide 65
  • D-Link DGS-6600-48T | Configuration Guide - Page 66
    user configures the TCP port number for web to be 6600: DGS-6600:15#configure terminal DGS-6600:15(config)#ip http service-port 6600 DGS-6600:15(config)#end Specifying Web Management Terminals The user that are allowed to manage the Switch using a web connection. DGS-6600 Configuration Guide 66
  • D-Link DGS-6600-48T | Configuration Guide - Page 67
    Total Entries : 1 DGS-6600:15# List of Constants and Default Settings Constant Name Value Maximum Web sessions 1 Table 6-1 Constants Values Variable Name Default Value HTTP Service Enabled HTTP Service Port TCP 80 Table 6-2 Default Variable Values DGS-6600 Configuration Guide 67
  • D-Link DGS-6600-48T | Configuration Guide - Page 68
    time clock (RTC) chip to provide the time and calendar services. The time set in the RTC chip should reflect the local manually set the clock: Command clock set HH:MM:SS DAY MONTH YEAR show clock Explanation Manually sets the date and time. Displays the current time. DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 69
    Time : Disable Offset in Minutes : 60 From : N/A To : N/A DGS-6600:15# Automatic Configuration of Time The Switch supports the Simple Network Time Protocol (SNTP), which allows automatic time configuration on the the current time and the time zone setting. DGS-6600 Configuration Guide 69
  • D-Link DGS-6600-48T | Configuration Guide - Page 70
    : N/A To : N/A DGS-6600:15# Configuring Summer Time During summer time, the clock on the Switch may need to be adjusted for daylight saving time. The Switch supports two methods for adjusting to on a specific date and time. Displays the summer time settings. DGS-6600 Configuration Guide 70
  • D-Link DGS-6600-48T | Configuration Guide - Page 71
    Table 7-1 Constants Values Variable Name Default Value Summer Time Disabled Summer Time Offset 60 Minutes Time Zone UTC (Coordinated Universal Time) Table 7-2 Default Variable Values DGS-6600 Configuration Guide 71
  • D-Link DGS-6600-48T | Configuration Guide - Page 72
    Volume 1-Configuration Fundamentals / Chapter 7-Time Configuration Variable Name Default Value Allow SNTP Broadcasts from SNTP Disabled Servers Default SNTP Server Setup None Table 7-2 Default Variable Values List of Constants and Default Settings DGS-6600 Configuration Guide 72
  • D-Link DGS-6600-48T | Configuration Guide - Page 73
    Volume 1-Default Metric / Chapter 8-DGS-6600 Default Metric Chapter Overview Chapter Overview Chapter 8 DGS-6600 Default Metric DGS-6600 Configuration Guide 73
  • D-Link DGS-6600-48T | Configuration Guide - Page 74
    Part 2- Interface and Hardware Configurations The following chapters are included in this volume: • Interface Configuration
  • D-Link DGS-6600-48T | Configuration Guide - Page 75
    Volume 2-Interface and Hardware Components / Chapter 9-Interface Configuration DGS-6600 Configuration Guide Chapter Overview Chapter 9 Interface Configuration Chapter Overview The following topics are included in this chapter, please go to the topic for more detailed information: • Chapter
  • D-Link DGS-6600-48T | Configuration Guide - Page 76
    a physical port, VLAN, or channel-group. The Switch supports a number of different interfaces, which are listed below: • example, eth1.1, eth1.2. Port Channel Interface A channel group (link aggregated) interface, uses the following format: port-channelGROUP-NUM For DGS-6600 Configuration Guide 76
  • D-Link DGS-6600-48T | Configuration Guide - Page 77
    function of the interface or range of interfaces. Enter the following command in interface configuration mode to add a description to a specific interface: Command description DESCRIPTION DGS-6600 Configuration Guide Explanation Adds a description, of up to 64 characters, to the interface. 77
  • D-Link DGS-6600-48T | Configuration Guide - Page 78
    , address is 06-60-0c-10-00-98 (bia 06-60-0c-10-00-98) Description: link to Backbone IP MTU:1500bytes inet 10.73.87.100/8 broadcast 10.255.255.255 inet6 10:73:87::100/64 inet6 99::20/64 inet6 fe80::460:cff:fe10:98/64 DGS-6600:2> DGS-6600 Configuration Guide 78
  • D-Link DGS-6600-48T | Configuration Guide - Page 79
    Interfaces In the following example, the user displays information about Ethernet interface 4.1: DGS-6600:2#show interface eth4.1 eth4.1 is up, line protocol is up (connected) • Configuring the MTU • Configuring the MTU on a VLAN Interface • Clearing Counters DGS-6600 Configuration Guide 79
  • D-Link DGS-6600-48T | Configuration Guide - Page 80
    -LIST]} [copper|fiber] Explanation Configures the speed of the physical interface. The option [copper | fiber] is for the combo port set speeds on a specified medium. DGS-6600 Configuration Guide 80
  • D-Link DGS-6600-48T | Configuration Guide - Page 81
    sets the maximum received frame size that can be received on Ethernet Interface 4.46 to be 6000 bytes: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#interface eth4.46 DGS-6600:15(config-if)#max-rcv-frame-size 6000 DGS-6600:15(config-if)#end DGS-6600 Configuration Guide 81
  • D-Link DGS-6600-48T | Configuration Guide - Page 82
    . In the following example, the user clears the counters for all physical ports: DGS-6600:2>enable DGS-6600:15#clear counters In the following example, the user clears the counters for Ethernet interface 4.5: DGS-6600:2>enable DGS-6600:15#clear counters eth4.5 DGS-6600 Configuration Guide 82
  • D-Link DGS-6600-48T | Configuration Guide - Page 83
    Address on the Management Interface • Configuring a Default Gateway on the OOB Management Interface • Shutting Down the Management Interface • Displaying the OOB Management Port Interface Status DGS-6600 Configuration Guide 83
  • D-Link DGS-6600-48T | Configuration Guide - Page 84
    In the following example, the user configures the default gateway of the OOB management interface to be 10.1.1.254: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#mgmt-if DGS-6600:15(mgmt-if)#default-gateway 10.1.1.254 DGS-6600:15(mgmt-if)#end DGS-6600 Configuration Guide 84
  • D-Link DGS-6600-48T | Configuration Guide - Page 85
    , the user configures the IPv6 address of the OOB management interface to be 2043:1::43.11:33:192/48: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#mgmt-if DGS-6600:15(mgmt-if)#ipv6 address 2043:1::43:11:33:192/48 DGS-6600:15(mgmt-if)#end DGS-6600 Configuration Guide 85
  • D-Link DGS-6600-48T | Configuration Guide - Page 86
    interface mode. Disables the out-of-band management port. In the following example, the user disables the OOB management port: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#mgmt-if DGS-6600:15(mgmt-if)#shutdown DGS-6600:15(mgmt-if)#end DGS-6600 Configuration Guide 86
  • D-Link DGS-6600-48T | Configuration Guide - Page 87
    IPv6 Global Address : 6600::66/64 IPv6 Link-local Address : fe80::48b:ff:fe10:0/64 IPv6 Default Gateway : 6600::251 IP MTU : 1500 Link Status : Down DGS-6600:2> List of Constants and Interface Shutdown State No shutdown. Table 9-2 Default Variable Values DGS-6600 Configuration Guide 87
  • D-Link DGS-6600-48T | Configuration Guide - Page 88
    chapters are included in this volume: • VLAN Configuration • VLAN Tunneling • GARP VLAN Registration Protocol (GVRP) Configuration • MAC Address Tables • Spanning Tree Protocol (STP) Configuration • Link Aggregation • Proxy ARP • Super VLAN • Voice VLAN • Ethernet Ring Protection Switching (ERPS)
  • D-Link DGS-6600-48T | Configuration Guide - Page 89
    domain using a different VLAN ID and functioning in a similar way to a physical LAN. The DGS-6600 Switch automatically creates a VLAN called VLAN 1. VLAN1 is used as the default VLAN. The default (ports which are connected to other switches) are tagged member ports. DGS-6600 Configuration Guide 89
  • D-Link DGS-6600-48T | Configuration Guide - Page 90
    an untagged member port, the packet will be transmitted in an untagged format. Packet Classification The DGS-6600 Switch classifies and assigns the packet to a specific VLAN using the following rules: 1) If to the VLAN. The user can modify the VLAN name if needed. DGS-6600 Configuration Guide 90
  • D-Link DGS-6600-48T | Configuration Guide - Page 91
    vlan command to verify the configuration: DGS-6600:15#configure terminal DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#vlan name IT-Support DGS-6600:15(config-vlan)#end DGS-6600:15#show vlan VLAN 1: Name access mode, no trunk VLANs can be defined for the port. DGS-6600 Configuration Guide 91
  • D-Link DGS-6600-48T | Configuration Guide - Page 92
    operate in trunk mode and specifies the VLANs allowed to access the trunk connection. Displays the VLAN settings specified for the interfaces on the Switch. DGS-6600 Configuration Guide 92
  • D-Link DGS-6600-48T | Configuration Guide - Page 93
    the default VLAN ID on the port. Specifies whether the interface will act as untagged or tagged member of the specified VLAN. Displays the configuration. DGS-6600 Configuration Guide 93
  • D-Link DGS-6600-48T | Configuration Guide - Page 94
    VLAN : Acceptable frame types : tagged only DGS-6600:15# Configuring Protocol VLAN Groups The Switch supports protocol-based VLANs. This standard, defined by the protocol group and binds the group to an interface. Verifies the protocol group configuration. DGS-6600 Configuration Guide 94
  • D-Link DGS-6600-48T | Configuration Guide - Page 95
    an existing VLAN a subnet-based VLAN: Command subnet-base {NETWORK-PREFIX NETWORK-MASK | NETWORK-PREFIX/PREFIX-LENGTH} Explanation Configures the VLAN as a subnet-based VLAN. DGS-6600 Configuration Guide 95
  • D-Link DGS-6600-48T | Configuration Guide - Page 96
    eth2.1-2.2 DGS-6600:15(config-if)# access vlan 2 DGS-6600:15(config-if)#interface range eth2.3-2.4 DGS-6600:15(config-if)# access vlan 3 DGS-6600:15(config-if)#interface eth2.5 DGS-6600:15(config-if)# trunk allowed-vlan 2 DGS-6600:15(config-if)# trunk allowed-vlan 3 DGS-6600 Configuration Guide 96
  • D-Link DGS-6600-48T | Configuration Guide - Page 97
    PC3 can ping each other. PC2 and PC4 can ping each. This indicates the PCs are in the same VLAN and can communicate each other. DGS-6600 Configuration Guide 97
  • D-Link DGS-6600-48T | Configuration Guide - Page 98
    Values Variable Name Default Value VLAN VLAN 1 is the system default VLAN acceptable-frame Admit-all ingress-checking Enabled PVID 1 Table 10-2 Default Variable Values DGS-6600 Configuration Guide 98
  • D-Link DGS-6600-48T | Configuration Guide - Page 99
    of users. To solve this problem, the VLAN tunnel feature was developed service providers can use a single VLAN to support customers that have multiple VLANs, therefore allowing traffic from different customer VLANs to be segregated. Below are a list of introductory topics, regarding VLAN on the DGS-6600
  • D-Link DGS-6600-48T | Configuration Guide - Page 100
    encapsulation is also known as VLAN stacking or Q-in-Q. VLAN encapsulation inserts a second VLAN (service provider VID, S-VID) as an outer tag for packets that are being transmitted from the Figure 11-1 Tagged Frames from UNI to NNI with VLAN Encapsulation Feature DGS-6600 Configuration Guide 100
  • D-Link DGS-6600-48T | Configuration Guide - Page 101
    insert an additional VLAN tag. Instead, the system remarks the original VLAN information in order to traverse the service provider's networks. Non-stacking S-Tags are never stacked on top of a C-Tag. There is typically C-Tag CoS or remark the CoS for each C-VID. DGS-6600 Configuration Guide 101
  • D-Link DGS-6600-48T | Configuration Guide - Page 102
    port. If there is an entry miss, then the packet will either be dropped or have an S-VLAN (service provider VLAN) tag added that is based on the VLAN lookup tables (MAC, Subnet, Protocol, Port VLAN ID tunnel TPID defined for the NNI port will be encoded in S-Tag. DGS-6600 Configuration Guide 102
  • D-Link DGS-6600-48T | Configuration Guide - Page 103
    UNI to UNI If the forwarding port is a UNI port, the packet will be retained without encapsulating the S-VLAN or remarking with the S-VLAN information. DGS-6600 Configuration Guide 103
  • D-Link DGS-6600-48T | Configuration Guide - Page 104
    the S-VLAN • If the packet is an S-Tagged packet, get the S-VLAN from the S-Tag. The VLAN tunnel TPID is used to identify the S-Tag. DGS-6600 Configuration Guide 104
  • D-Link DGS-6600-48T | Configuration Guide - Page 105
    will be transmitted. The following diagram shows the operation of an NNI to UNI VLAN encapsulation: Figure 11-7 NNI to UNI for VLAN Encapsulation Table DGS-6600 Configuration Guide 105
  • D-Link DGS-6600-48T | Configuration Guide - Page 106
    NNI If the received packet is already S-Tagged, the packet content is retained. If the received packet has no S-Tag, the S-Tag will be added. DGS-6600 Configuration Guide 106
  • D-Link DGS-6600-48T | Configuration Guide - Page 107
    Packet VLAN Tunneling Configuration Commands The following topics are included in this section: • Enabling VLAN Tunneling • Specifying UNI/NNI Ports • Configuring NNI Port S-Tag TPID DGS-6600 Configuration Guide 107
  • D-Link DGS-6600-48T | Configuration Guide - Page 108
    and GVRP will be disabled. 4) If the user needs to run GVRP on the Switch, GVRP should be manually enabled. In VLAN tunnel mode, the SP-VLAN GVRP address (01-80-C2-00-00-0D) will be used type {nni|uni} Explanation Specifies if the port will be a UNI or NNI port. DGS-6600 Configuration Guide 108
  • D-Link DGS-6600-48T | Configuration Guide - Page 109
    that the inner tag will be removed from any packets that are received by interface eth4.20: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#interface eth4.20 DGS-6600:15(config-if)#vlan-tunnel remove-inner-tag DGS-6600:15(config-if)#end DGS-6600 Configuration Guide 109
  • D-Link DGS-6600-48T | Configuration Guide - Page 110
    Switch to remark the service providers with a VLAN tag of 8 to the customer VLAN with a VLAN tag of 9, on Ethernet interface 4.23: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#interface eth4.23 DGS-6600:15(config-if)#vlan-tunnel interface-type uni DGS-6600:15(config-if)#vlan
  • D-Link DGS-6600-48T | Configuration Guide - Page 111
    -checking DGS-6600:15(config-if)#end Verifying the VLAN Tunneling Configuration The user can use the following command to display the VLAN tunnel related settings: Command show vlan-tunnel [INTERFACE-ID[,|-]] Explanation Displays the VLAN tunnel related settings. DGS-6600 Configuration Guide 111
  • D-Link DGS-6600-48T | Configuration Guide - Page 112
    NNI port, TPID: 0x88a8 eth4.29: NNI port, TPID: 0x88a8 eth4.30: NNI port, TPID: 0x88a8 DGS-6600:2> Configuration Examples QinQ Configuration Example R1 eth2.1 and eth2.2 are QinQ uni ports. Eth2.3 is a nni each other, but cannot communicate to Customer#3 VLAN2. DGS-6600 Configuration Guide 112
  • D-Link DGS-6600-48T | Configuration Guide - Page 113
    vlan 1003 DGS-6600:15(config-if)# vlan-tunnel interface-type uni DGS-6600:15(config-if)# vlan-tunnel ingress-checking DGS-6600:15(config-if)# vlan encapsulation 1003 2 DGS-6600:15(config-if)#interface eth2.3 DGS-6600:15(config-if)# trunk allowed-vlan 1002-1003 DGS-6600 Configuration Guide 113
  • D-Link DGS-6600-48T | Configuration Guide - Page 114
    tunnel ingress-checking DGS-6600:15(config-if)# vlan encapsulation 1003 2 DGS-6600:15(config-if)#interface eth2.3 DGS-6600:15(config-if)# trunk allowed-vlan 1002-1003 Verifying the Configuration Check R1 QinQ config using the command show vlan interface eth2.1-2.3 DGS-6600 Configuration Guide 114
  • D-Link DGS-6600-48T | Configuration Guide - Page 115
    -1003 Advertise VLAN : 1-4094 Forbidden VLAN : Acceptable frame types : admit-all DGS-6600:15#show vlan-tunnel eth2.1-2.3 VLAN tunneling: enabled eth2.1: UNI port, CoS remarking communicate within itself, but unable to communicate with Customer#2's VLAN2. DGS-6600 Configuration Guide 115
  • D-Link DGS-6600-48T | Configuration Guide - Page 116
    Entry Number Disabled VLAN Tunnel Mode Disabled UNI/NNI Port Role NNI Port Ingress Checking Disabled VLAN Tunnel TPID 0x88a8 Table 11-1 Default Variable Values DGS-6600 Configuration Guide 116
  • D-Link DGS-6600-48T | Configuration Guide - Page 117
    DGS6600 Series Switch: • Enabling the GVRP Protocol • Specifying Forbidden Ports • Specifying the GVRP Timer • Enabling the Dynamic Creation of VLANs • Configuring the Interface Advertisement Attribute DGS-6600 Configuration Guide 117
  • D-Link DGS-6600-48T | Configuration Guide - Page 118
    -vlan 3,6 DGS-6600:15(config-if)#gvrp DGS-6600:15(config-if)#end Specifying Forbidden Ports If the user specifies the gvrp forbidden option in interface configuration mode, the interface will not be able to become a member of any VLANs using the GVRP protocol. DGS-6600 Configuration Guide 118
  • D-Link DGS-6600-48T | Configuration Guide - Page 119
    end Enabling the Dynamic Creation of VLANs Since an interface may request membership to a VLAN that does not currently exist, the Switch supports a feature that can dynamically create the requested VLAN. If this feature is disabled, the Switch ignores the request. DGS-6600 Configuration Guide 119
  • D-Link DGS-6600-48T | Configuration Guide - Page 120
    interface eth4.5 DGS-6600:15(config-if)#trunk allowed-vlan 100 DGS-6600:15(config-if)#gvrp advertise 100 DGS-6600:15(config-if)#end Configuring the VLAN Advertisement Attribute The user can specify whether to allow the advertisement of specific VLANs system-wide. DGS-6600 Configuration Guide 120
  • D-Link DGS-6600-48T | Configuration Guide - Page 121
    [interface INTERFACE-ID [,|-]] Explanation Displays the GVRP configuration. In the following example, the user displays the global GVRP configuration: DGS-6600:2>show gvrp configuration Global GVRP State : Enabled Dynamic VLAN Creation : Enabled DGS-6600:2> DGS-6600 Configuration Guide 121
  • D-Link DGS-6600-48T | Configuration Guide - Page 122
    statistics for Ethernet interface 4.48: DGS-6600:2>show gvrp statistics interface eth4.48 Port JoinEmpty JoinIn LeaveEmpty LeaveIn Empty eth4.48 RX 0 0 0 0 0 TX 4294967296 4294967296 4294967296 4294967296 4294967296 Total Entries: 1 DGS-6600:2> DGS-6600 Configuration Guide 122
  • D-Link DGS-6600-48T | Configuration Guide - Page 123
    4.48 and verifies that the statistics have been cleared: DGS-6600:15#clear gvrp statistics interface eth4.48 DGS-6600:15#show gvrp statistics interface eth4.48 Port JoinEmpty JoinIn Leave All Timer 0.6 Seconds 10 Seconds Table 12-2 Default Variable Values DGS-6600 Configuration Guide 123
  • D-Link DGS-6600-48T | Configuration Guide - Page 124
    entries from the source unicast MAC address recorded in the received packet. Static entries are manually configured by the user. Dynamic entries are automatically aged out. If the static entries are based on the entry type, the forwarding interface, or a VLAN. DGS-6600 Configuration Guide 124
  • D-Link DGS-6600-48T | Configuration Guide - Page 125
    Switch should display all MAC address table entries for the MAC address "00-e0-18-72-0d-1f": DGS-6600:15(config-if)>show mac address-table address 00-e0-18-72-0d-1f Vlan Mac Address Type Ports the aging time for dynamic entries or disable the aging function. DGS-6600 Configuration Guide 125
  • D-Link DGS-6600-48T | Configuration Guide - Page 126
    address table entry on the Switch: Command mac address-table static MAC-ADDR vlan VLAN-ID interface INTERFACE-ID [,|-] Explanation Configures a static MAC address entry. DGS-6600 Configuration Guide 126
  • D-Link DGS-6600-48T | Configuration Guide - Page 127
    Entries Maximum Number of Multicast Static Entries 1024 Table 13-1 Constants Values Variable Name Aging Time Default Value 300 Seconds Table 13-2 Default Variable Values DGS-6600 Configuration Guide 127
  • D-Link DGS-6600-48T | Configuration Guide - Page 128
    will constantly monitor all links. When any participating link fails, the port that was originally blocked will recover to provide the packet forwarding service. The Switch supports all versions of included in this section: • Basic Terminology • Timers • Port Role DGS-6600 Configuration Guide 128
  • D-Link DGS-6600-48T | Configuration Guide - Page 129
    has a port ID, which is formed by an 8-bit port priority and an 8-bit port number. Link Path Cost Each port has a path cost value representing the media speed. Root Bridge The bridge with the from the listening to learning and learning to forwarding states. DGS-6600 Configuration Guide 129
  • D-Link DGS-6600-48T | Configuration Guide - Page 130
    this state, the port discards the received frame and does not forward frame. Listening After instructing a port to enter the forwarding state, the port will initially enter the listening state. Like a configuration BPDU message is always conveyed: • Root Bridge ID DGS-6600 Configuration Guide 130
  • D-Link DGS-6600-48T | Configuration Guide - Page 131
    The purpose of STP is to determine a loop free network topology for the participating nodes and links. STP uses a priority vector mechanism to determine the active topology. There are a number of ID-X, 0, Bridge ID-X, Bridge ID-X TX port, Bridge ID-X TX port) DGS-6600 Configuration Guide 131
  • D-Link DGS-6600-48T | Configuration Guide - Page 132
    port or alternate port. The root path priority vector of the root port or alternate port is calculated by adding the link path cost to the RPC. 7) (Bridge ID-X, RPC+ RX port Path Cost, Bridge ID-X, Bridge ID-X TX version for ports that are attached to 802.1d nodes. DGS-6600 Configuration Guide 132
  • D-Link DGS-6600-48T | Configuration Guide - Page 133
    the user should manually restart the Protocol links. Figure 14-2 Single Spanning Tree Instance Vs. Multiple Spanning Tree Instances With 802.1s, the user can separate VLANs into different groups, with each group running a separate Multiple Spanning Tree Instance (MSTI). DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 134
    Version • Specifying the Edge Port for Fast Forwarding • Specifying the Link Type • Limiting the BPDU Transmission Rate • Restarting Protocol Migration • enable STP: Command spanning-tree DGS-6600 Configuration Guide Explanation This global configuration mode command enables STP system wide. 134
  • D-Link DGS-6600-48T | Configuration Guide - Page 135
    to implement fast forwarding on an edge port: Command spanning-tree fast-forwarding Explanation Specifies that the interface will enter the forwarding state on initialization. DGS-6600 Configuration Guide 135
  • D-Link DGS-6600-48T | Configuration Guide - Page 136
    the link type or manually specify the link type. link type as "Point-to-Point" on Ethernet interface 4.33: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#interface eth4.33 DGS-6600:15(config-if)#spanning-tree link-type point-to-point DGS-6600 DGS-6600 Configuration Guide 136
  • D-Link DGS-6600-48T | Configuration Guide - Page 137
    , per port fast forwarding state, and link type by using the following commands: Command show spanning-tree show spanning-tree mst Explanation Displays the settings when the bridge is in STP/RSTP mode. Displays the settings when the bridge is in MSTP mode. DGS-6600 Configuration Guide 137
  • D-Link DGS-6600-48T | Configuration Guide - Page 138
    STP settings when the Switch is operating in STP mode: DGS-6600:2>show spanning-tree Spanning tree Forwarding BPDU : Enabled, Mode: Link .Port Type 128.3 P2P 128.5 P2P 128.6 Shr 128.9 P2P Edge -------- Eedge None-edge Eedge None-edge Total Entries: 4 DGS-6600:2> DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 139
    DGS-6600:2# Role ---------designated backup backup root State ---------forwarding blocking blocking forwarding Cost ------ 20000 200000 200000 2000 Priority .Port# --------128.9 128.10 128.11 128.12 Link Timers • Displaying and Verifying STP Protocol Operations DGS-6600 Configuration Guide 139
  • D-Link DGS-6600-48T | Configuration Guide - Page 140
    terminal DGS-6600:15(config)#interface eth4.20 DGS-6600:15(config-if)#spanning-tree port-priority 0 DGS-6600:15(config-if)#end Specifying per Port Path Cost The link path cost value represents the media speed. The path cost can be auto-determined based on the media type or manually specified
  • D-Link DGS-6600-48T | Configuration Guide - Page 141
    , and the maximum aging time to be 21 seconds: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#spanning-tree hello-time 1 DGS-6600:15(config)#spanning-tree forward-time 16 DGS-6600:15(config)#spanning-tree max-age 21 DGS-6600:15(config)#end DGS-6600 Configuration Guide 141
  • D-Link DGS-6600-48T | Configuration Guide - Page 142
    200000 2000 Priority Link .Port Type 128.3 P2P 128.5 P2P 128.6 Shr 128.9 P2P Edge -------- Eedge None-edge Eedge None-edge Total Entries: 4 DGS-6600:2> Configuring Multiple Specifying per Tree per Port Priority • Specifying per Tree per Port Path Cost DGS-6600 Configuration Guide 142
  • D-Link DGS-6600-48T | Configuration Guide - Page 143
    the settings: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#spanning-tree mode mstp DGS-6600:15(config)#spanning-tree mst configuration DGS-6600:15(config-mst)#instance 1 vlan 300-304 DGS-6600:15(config-mst)#name Corp-STP DGS-6600:15(config-mst)#revision 1 DGS-6600:15
  • D-Link DGS-6600-48T | Configuration Guide - Page 144
    DGS-6600:15(config)#interface eth4.20 DGS-6600:15(config-if)#spanning-tree mst hello-time 1 DGS-6600:15(config-if)#end Specifying per Tree Bridge Priority The user should specify a bridge priority for each MSTI instance. The bridge priority must be divisible by 4096. DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 145
    the cost of each port path for each tree: Command spanning-tree mst INSTANCE-ID cost COST spanning-tree cost COST Explanation Specifies the internal link path cost for the MSTI. Specifies the external path cost for the CST. DGS-6600 Configuration Guide 145
  • D-Link DGS-6600-48T | Configuration Guide - Page 146
    Count : 1 codes - F : Fast forwarding on the port is enabled Configured link type : A: Auto , P: point to point , S: shared Priority Link Interface Role State Cost .Port Type Edge A eth4.47 Designated Forwarding 200000 128.303 P2P Edge DGS-6600:2> DGS-6600 Configuration Guide 146
  • D-Link DGS-6600-48T | Configuration Guide - Page 147
    DGS-6600:2>show spanning-tree mst interface eth4.11 eth4.11 STP state Configured Fast-Forwarding Configured Link 128 DGS-6600:2> MST configuration identifier. DGS-6600:15#show spanning MSTI mapping table. DGS-6600:15(config)#show spanning-tree mst Total Entries:2 DGS-6600:15# Configuring
  • D-Link DGS-6600-48T | Configuration Guide - Page 148
    root port for some applications. This feature is typically used in a service-provider environment, where the network administrator wants to prevent a low speed port -tree mst interface INTERFACE-ID [, | -] DGS-6600 Configuration Guide Explanation Displays the configuration for the MSTP optional feature
  • D-Link DGS-6600-48T | Configuration Guide - Page 149
    will become the forwarding port and become the active link, providing redundant link. Topology Vlan2, eth2.1-2.2 Vlan3, eth2.3-2.4 R1 eth2.5 eth2.6 Vlan2, 3 tagged eth2.5 eth2.6 R2 Vlan2, eth2.1-2.2 Vlan3, eht2.3-2.4 Figure 14-3RSTP Configuration Topology DGS-6600 Configuration Guide 149
  • D-Link DGS-6600-48T | Configuration Guide - Page 150
    the root bridge. DGS-6600:15(config)#spanning-tree DGS-6600:15(config-if)#spanning-tree mode rstp DGS-6600:15(config)#spanning-tree priority 4096 R2 (Router 2) Configuration Steps Step 1: Create VLAN 2, 3 DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#vlan 3 DGS-6600 Configuration Guide 150
  • D-Link DGS-6600-48T | Configuration Guide - Page 151
    codes - F : Fast forwarding is configured as enabled Configured link type : A - Auto, P - point to point, S - shared Priority Link Interface Role State Cost .Port Type Edge FA eth2.1 Designated A eth2.6 Alternate Discarding 20000 0.70 P2P None-Edge DGS-6600 Configuration Guide 151
  • D-Link DGS-6600-48T | Configuration Guide - Page 152
    provide load sharing function. If one of path is broken (e.g., eth2.5 is down), then the other link will be the active path for VLAN2 and VLAN3. If that link is recovered (e.g., eth2.5 is up again), VLAN2 and VLAN3 will use their active link again (Load sharing). DGS-6600 Configuration Guide 152
  • D-Link DGS-6600-48T | Configuration Guide - Page 153
    DGS-6600:15(config-mst)# instance 1 vlan 3 DGS-6600:15(config-mst)#name dlink DGS-6600:15(config-mst)#spanning-tree mode mstp DGS-6600:15(config)#spanning-tree mst 0 priority 4096 DGS-6600:15(config)#spanning-tree mst 1 priority 4096 DGS-6600:15(config)#spanning-tree DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 154
    can be the root bridge for both instances 0 and 1. DGS-6600:15(config-if)#spanning-tree mst configuration DGS-6600:15(config-mst)# instance 1 vlan 3 DGS-6600:15(config-mst)#name dlink DGS-6600:15(config-mst)#spanning-tree mode mstp DGS-6600:15(config)#spanning-tree DGS-6600 Configuration Guide 154
  • D-Link DGS-6600-48T | Configuration Guide - Page 155
    point , S: shared Priority Link Interface Role State Cost .Port Type Edge FA eth2.3 Designated Forwarding 20000 128.67 P2P Edge A eth2.5 Designated Forwarding 20000 128.69 P2P None-Edge A eth2.6 Designated Forwarding 20000 0.70 P2P None-Edge DGS-6600 Configuration Guide 155
  • D-Link DGS-6600-48T | Configuration Guide - Page 156
    .5 cable. After few seconds (3-7 seconds), we can observe the Ping traffic between PCs for VLAN2 and VLAN3 all forwarded in active link (e.g., eth2.6), Re-plug the eth2.5 cable again. After few seconds, we can observe the PC ping traffic uses it's own link again. DGS-6600 Configuration Guide 156
  • D-Link DGS-6600-48T | Configuration Guide - Page 157
    Disable Per Port STP State Enabled Hello Time 2 Forward Time 15 Maximum Age 20 Link Type Auto-determined STP Version MSTP Bridge Priority 32768 Port Priority 128 VLAN to MSTI Guard Disabled TCN Filter Disabled Table 14-3 Default Variable Values DGS-6600 Configuration Guide 157
  • D-Link DGS-6600-48T | Configuration Guide - Page 158
    feature to support the high bandwidth demand needed for a trunk link. The Link aggregation" is a method of grouping physical link segments of the same media type and speed, and treating them as if they were part of a single, logical link segment. Link aggregation is an DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 159
    Type Mode On Table 15-1 Description On mode that places a port into an non-negotiation state. Link aggregation is forced to be formed without any LACP negotiation. Load Balancing For unicast packet, there source port fields to hash. TRUNKING BASED ON DIP HASHING DGS-6600 Configuration Guide 159
  • D-Link DGS-6600-48T | Configuration Guide - Page 160
    controls the port priority. Port priorities on the other switch are ignored. Link Aggregation Configuration Commands Common commands, restrictions and commands to configure channel groups are before the interface can change membership to another channel group. DGS-6600 Configuration Guide 160
  • D-Link DGS-6600-48T | Configuration Guide - Page 161
    15-Link Aggregation Link Aggregation Configuration Commands In the following example, the user creates channel group 3 and assigns Ethernet port 4.1 to 4.6 to the channel group: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#interface range eth4.1-4.6 DGS-6600:15(config
  • D-Link DGS-6600-48T | Configuration Guide - Page 162
    Volume 3-Layer 2 Configurations / Chapter 15-Link Aggregation Link Aggregation Configuration Commands Command Explanation lacp port-priority PRIORITY show channel-group [[channel [ • Source IP Address • Destination IP Address • Source and Destination IP Address DGS-6600 Configuration Guide 162
  • D-Link DGS-6600-48T | Configuration Guide - Page 163
    source MAC addresses (e.g., 400). The traffic should be equally or near-equally load shared in each link. If some of link(s) are linked-down, the traffic will be re-load-sharing to those existing links. Topology Figure 15-1 Link Aggregation Configuration Topology DGS-6600 Configuration Guide 163
  • D-Link DGS-6600-48T | Configuration Guide - Page 164
    / Chapter 15-Link Aggregation R1 (Router 1) Configuration Steps Step 1: Choose LACP mechanism DGS-6600:15(config)#port-channel load-balance src-mac Configuration Examples Step 2: Assign port2.5-2.8 to channel-group 1 DGS-6600:15(config)#interface range eth2.5-2.8 DGS-6600:15(config-if
  • D-Link DGS-6600-48T | Configuration Guide - Page 165
    address. Unplug one port (e.g, eth2.5), the traffic will be load shared based on rest of existing links (3). Re-plug that port, the traffic will be load shard based on all (4) ports. Relations with LACP System Priority 32768 Table 15-3 Default Variable Values DGS-6600 Configuration Guide 165
  • D-Link DGS-6600-48T | Configuration Guide - Page 166
    parameter is configurable Show - indicate the value of the parameter can be displayed Config/show - indicate the parameter is both configurable and can be displayed DGS-6600 Configuration Guide 166
  • D-Link DGS-6600-48T | Configuration Guide - Page 167
    for itself. Proxy ARP Configuration Commands Enabling Authentication To enable proxy-arp please use the following commands. Command ip local-proxy-arp DGS-6600 Configuration Guide Explanation Use this command to enable local proxy ARP features on an interface. Use the no form of this command to
  • D-Link DGS-6600-48T | Configuration Guide - Page 168
    ARP: Disable Local proxy ARP: Disable Interface: vlan2 Proxy ARP: Enable Local proxy ARP: Enable Interface: vlan4 Proxy ARP: Enable Local proxy ARP: Disable DGS6600# DGS-6600 Configuration Guide 168
  • D-Link DGS-6600-48T | Configuration Guide - Page 169
    so that the isolated sub VLANs can communicate with each other at Layer 3. For more information see the Proxy ARP chapter in this configuration guide or the Proxy ARP commands in the command line interface manual. Figure 17-1 A simple Super VLAN Environment DGS-6600 Configuration Guide 169
  • D-Link DGS-6600-48T | Configuration Guide - Page 170
    super VLAN with the sub-VLANs configured earlier. Configure a VLAN interface for the super VLAN. The VLAN interface enables communication among hosts and sub-VLANs. DGS-6600 Configuration Guide 170
  • D-Link DGS-6600-48T | Configuration Guide - Page 171
    Sub VLAN100 can communicate with PC3 which is on Sub VLAN200. But PC4 isn't in the IP range, and so, cannot communicate with other PCs. DGS-6600 Configuration Guide 171
  • D-Link DGS-6600-48T | Configuration Guide - Page 172
    range eth2.1-2.2 DGS6600:15(config-if)#access vlan 100 DGS6600:15(config-if)#interface range eth2.17-2.18 DGS6600:15(config-if)#access vlan 200 DGS-6600 Configuration Guide 172
  • D-Link DGS-6600-48T | Configuration Guide - Page 173
    , VRRP, multicast protocols and IPv6 protocol cannot run on a super VLAN interface. List of Constants Constant Super VLAN entries Sub-VLAN Entries Value 4093 4094 DGS-6600 Configuration Guide 173
  • D-Link DGS-6600-48T | Configuration Guide - Page 174
    an IP phone call will be deteriorated if the voice traffic is unevenly sent. The quality of service (QoS) for voice traffic shall be configured to ensure the transmission priority of voice packet is higher in port-based VLAN (if no other kind of VLAN is applied). DGS-6600 Configuration Guide 174
  • D-Link DGS-6600-48T | Configuration Guide - Page 175
    if the source MAC addresses of packets comply with the IP phone vendors OUI. Manual Mode - If a port works in manual mode, you should add the port to the voice VLAN or remove the port from illustrates how to handle the received untagged and tagged voice packets. DGS-6600 Configuration Guide 175
  • D-Link DGS-6600-48T | Configuration Guide - Page 176
    , just forward the packets as normal data packets. Note: To support more than 1024 voice devices, we use VFP (VLAN Filter Processor voice device can also be detected through the LLDP-MED (Link Layer Discovery Protocol-Media Endpoint Discovery). If an LLDP-MED enabled DGS-6600 Configuration Guide 176
  • D-Link DGS-6600-48T | Configuration Guide - Page 177
    -3 LLDP-MED Network Policy TLV format • If the value of Tagged Flag (T) is 1, the voice device is using the IEEE 802.1Q tagged frame format. DGS-6600 Configuration Guide 177
  • D-Link DGS-6600-48T | Configuration Guide - Page 178
    commands Please note that a full listing of the CLI commands can be found in the CLI Manual, however, below are a brief table of the commands summarized in a table format for guidance. VLAN. DGS6600(config)#voice-vlan 1000 DGS6600(config)#end DGS6600# DGS-6600 Configuration Guide 178
  • D-Link DGS-6600-48T | Configuration Guide - Page 179
    -00-00 ff-ff-ff-00-00-00 3COM 01-02-03-04-05-06 ff-ff-ff-ff-ff-ff UserDefined Total Entries: 9 DGS6600# DGS-6600 Configuration Guide 179
  • D-Link DGS-6600-48T | Configuration Guide - Page 180
    VLAN OUI, voice VLAN ID, and voice VLAN enabled ports. DGS-6600:15(config)#voice-vlan oui 00-11-22-00-00-00 ff-ff-ff-00-00-00 DGS-6600:15(config)#voice-vlan 2 DGS-6600:15(config)#interface range eth2.1-2.5 DGS-6600:15(config-if)#switchport voice-vlan state enable DGS-6600 Configuration Guide 180
  • D-Link DGS-6600-48T | Configuration Guide - Page 181
    , whose OUI is not in the list. The PC packet will be sent in VLAN3. We can use ping to test. PC2 can ping PC4. DGS-6600 Configuration Guide 181
  • D-Link DGS-6600-48T | Configuration Guide - Page 182
    node is connected to two adjacent ring nodes via ring links which are bounded by ring ports. For each ERP instance service protected channel. R-APS controlled channel is used to transmit and receive R-APS messages which belong to certain VLAN, called R-APS controlled DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 183
    include R-APS controlled VLAN and service protected VLANs. But, blocking R-APS link. When previous timer expires, RPL owner blocks RPL and sends "R-APS (NR, RB)" (RB, RPL Blocked) messages to inform other ring nodes that RPL has blocked. When other ring nodes receive DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 184
    Nodes RPL2 RPL1 For the following diagrams, two or more ERP instances have the same service protected channel (blue channel). It may cause a super loop when the shared link failure and two EPR instances block this link and unblock RPL simultaneously. DGS-6600 Configuration Guide 184
  • D-Link DGS-6600-48T | Configuration Guide - Page 185
    ring and also be treated as "service traffic" of major-ring. It Link Failure Sub Ring 3 RPL Major Ring 2 RPL RPL Major Ring 1 Sub Ring 2 RPL Link Failure Sub Ring 3 RPL Topology Change (sub-ring  major-ring) R-APS (SF) R-APS (Event, Flush)  only transmit three DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 186
    the ring is down, the blocked port will become active within 50ms. Topology Figure 19-3 ERPS Configuration Topology R1 (Router 1) Configuration Steps Step 1: Create VLAN 2, 3 DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#vlan 3 DGS-6600 Configuration Guide 186
  • D-Link DGS-6600-48T | Configuration Guide - Page 187
    1 raps-vlan 2 DGS-6600:15(config-erps-domain)# erpi 1 ring-port west eth2.5 DGS-6600:15(config-erps-domain)# erpi 1 ring-port east eth2.6 DGS-6600:15(config-erps-domain)# erpi 1 protected-vlan 3 DGS-6600:15(config-erps-domain)# erpi 1 enable Configuration Example DGS-6600 Configuration Guide 187
  • D-Link DGS-6600-48T | Configuration Guide - Page 188
    1 raps-vlan 2 DGS-6600:15(config-erps-domain)# erpi 1 ring-port west eth2.5 DGS-6600:15(config-erps-domain)# erpi 1 ring-port east eth2.6 DGS-6600:15(config-erps-domain)# erpi 1 protected-vlan 3 DGS-6600:15(config-erps-domain)# erpi 1 enable Configuration Example DGS-6600 Configuration Guide 188
  • D-Link DGS-6600-48T | Configuration Guide - Page 189
    West ring port : eth2.6 West ring port state : Forwarding RPL owner port : East Service protected VLANs : 3 Guard timer : 500 milliseconds Hold-Off timer : 0 milliseconds WTR timer : 5 minutes Total ERP instances : 1 DGS-6600:15#show erps domain Domain ERPI Type Status Port-State ID erps
  • D-Link DGS-6600-48T | Configuration Guide - Page 190
    : eth2.5 West ring port state : Forwarding RPL owner port : (Not-configured) Service protected VLANs : 3 Guard timer : 500 milliseconds Hold-Off timer : 0 milliseconds WTR timer : 5 minutes Total ERP instances : 1 DGS-6600:15#show erps domain Domain ERPI Type Status Port-State ID erps
  • D-Link DGS-6600-48T | Configuration Guide - Page 191
    or recovery event on ring ports is detected. Under this design specification for ERPS, the event may be notified from "Link Change (link-up or link-down)". FDB module When the ERP instance changes its topology, it will perform flush FDB action on ring ports. DGS-6600 Configuration Guide 191
  • D-Link DGS-6600-48T | Configuration Guide - Page 192
    module, it may affect service traffic of the ERP instance. Traffic Segmentation module Traffic segmentation function may affect forwarding of R-APS messages over R-APS controlled channel if the forwarded ring port is not forwarding interface of received ring port. DGS-6600 Configuration Guide 192
  • D-Link DGS-6600-48T | Configuration Guide - Page 193
    Part 4- Layer 3 Configurations The following chapters are included in this volume: • IPv4 Basics • IPv4 Static Route Configuration • Routing Information Protocol (RIP) • Open Shortest Path First (OSPF) • IPv6 Basics • IPv6 Static Route Configuration • Routing Information Protocol Next Generation (
  • D-Link DGS-6600-48T | Configuration Guide - Page 194
    support additional services such as unified communications, wireless access, and enhanced network security. IPv4 Basics IP addressing is core to the design of a network and the functionality of the DGS-6600 33.1 is represented as: 00001010 01010011 00100001 00000001 DGS-6600 Configuration Guide 194
  • D-Link DGS-6600-48T | Configuration Guide - Page 195
    subnet-works, you can create a network of interconnected subnet-works. Each link on this network would then have a unique network/subnet-work ID. Assignment on the DGS-6600 Series Switch On the DGS-6600 Switch, IPv4 can be assigned either manually or automatically. DGS-6600 Configuration Guide 195
  • D-Link DGS-6600-48T | Configuration Guide - Page 196
    seconds to allow entries to time out more quickly than the default setting: DGS6600:15(config)#interface vlan1 DGS6600:15(config-if)#arp timeout 12000 DGS-6600 Configuration Guide 196
  • D-Link DGS-6600-48T | Configuration Guide - Page 197
    :15(config-if)#interface range eth2.3-2.4 DGS6600:15(config-if)# access vlan 3 DGS6600:15(config-if)#interface rnage eth2.5-2.6 DGS6600:15(config-if)# access vlan 4 DGS-6600 Configuration Guide 197
  • D-Link DGS-6600-48T | Configuration Guide - Page 198
    are inactive * - candidate default C 2.0.0.0/8 is directly connected, vlan2 C 3.0.0.0/8 is directly connected, vlan3 C 4.0.0.0/8 is directly connected, vlan4 PCs in different subnets can ping each other by DGS-6600's routing. DGS-6600 Configuration Guide 198
  • D-Link DGS-6600-48T | Configuration Guide - Page 199
    . This example shows how to enter the interface configuration mode for a range of ports from eth3.13.5. DGS6600(config)# interface range eth3.1-3.5 DGS6600(config-if)# DGS-6600 Configuration Guide 199
  • D-Link DGS-6600-48T | Configuration Guide - Page 200
    0.0.0.0/0 10.1.1.254 This example shows how to add a static route entry for a 20.0.0.0/8 with next-hop 10.1.1.254. DGS6600(config)#ip route 20.0.0.0/8 10.1.1.254 DGS-6600 Configuration Guide 200
  • D-Link DGS-6600-48T | Configuration Guide - Page 201
    remove a static route entry. The following is sample output from the show ip route command when entered without an address. DGS-6600:15#show ip route Codes: K - kernel, C - connected, S - static, R - RIP, B - 21-1 Static Routing (IPv4) Configuration Topology DGS-6600 Configuration Guide 201
  • D-Link DGS-6600-48T | Configuration Guide - Page 202
    into vlan DGS-6600:15(config)#interface range eth2.1-2.2 DGS-6600:15(config-if)# access vlan 2 DGS-6600:15(config-if)#interface range eth2.3-2.4 DGS-6600:15(config-if)# access vlan 3 DGS-6600:15(config-if)#interface range eth2.5-2.6 DGS-6600:15(config-if)# access vlan 4 DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 203
    in different VLANs can ping PCs in different VLANs, that are in the same router (local router), and can ping PC connected in "remote" routers. DGS-6600 Configuration Guide 203
  • D-Link DGS-6600-48T | Configuration Guide - Page 204
    routing table right away. Instead a timer called the garbage collection timer will start and the route will continue to be advertised with a metric value of DGS-6600 Configuration Guide 204
  • D-Link DGS-6600-48T | Configuration Guide - Page 205
    of RIP packets. In the following example, the user configures the RIP version of the entire Switch to be version 2: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#router rip DGS-6600:15(config-router)#version 2 DGS-6600:15(config-router)#end DGS-6600 Configuration Guide 205
  • D-Link DGS-6600-48T | Configuration Guide - Page 206
    RIP. Use the following commands to enable RIP and specify the networks that RIP will be advertised on: Command router rip network NETWORK-PREFIX/MASK DGS-6600 Configuration Guide Explanation Enables the RIP routing process. Defines the networks that will be advertised by the RIP protocol. 206
  • D-Link DGS-6600-48T | Configuration Guide - Page 207
    following command to configure a unicast neighbor: Command neighbor IP-ADDRESS Explanation Defines the IP address of the neighbor that will be sent unicast RIP updates. DGS-6600 Configuration Guide 207
  • D-Link DGS-6600-48T | Configuration Guide - Page 208
    v2-broadcast DGS-6600:15(config-if)#end Configuring RIP Timers Enter the following command to configure the network timers for RIP: Command timers {update SECONDS | invalid SECONDS | flush SECONDS} Explanation Configures the network timers for the RIP protocol. DGS-6600 Configuration Guide 208
  • D-Link DGS-6600-48T | Configuration Guide - Page 209
    -ID Explanation Creates a new key chain that will be used for authentication with RIP version 2 Identifies the authentication key that will be used with RIP. DGS-6600 Configuration Guide 209
  • D-Link DGS-6600-48T | Configuration Guide - Page 210
    the following command to automatically generate a default route for RIP: Command default-information originate Explanation Specifies that a default route will be automatically generated by RIP. DGS-6600 Configuration Guide 210
  • D-Link DGS-6600-48T | Configuration Guide - Page 211
    , the user defines a default metric value of 5 for routes that were redistributed by the RIP routing protocol: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#router rip DGS-6600:15(config-router)#default-metric 5 DGS-6600:15(config-router)#end DGS-6600 Configuration Guide 211
  • D-Link DGS-6600-48T | Configuration Guide - Page 212
    the following example, the user displays interface specific RIP information for VLAN interface 5: DGS-6600:2>show ip rip interface vlan5 vlan5 is up, line protocol is up Routing Protocol (excluding connected): 0 Distance: (default is 120) DGS-6600:2> Bad Routes DGS-6600 Configuration Guide 212
  • D-Link DGS-6600-48T | Configuration Guide - Page 213
    Metric From 1 1 2 172.16.0.1 If -- vlan5 vlan5 Time 0DT0H2M52S Total Entries: 3 DGS-6600:2> Configuration Examples RIP Configuration Example Configuring RIP protocol in R1 and R2. The routing entries can . Topology Figure 22-1 RIP Configuration Example Topology DGS-6600 Configuration Guide 213
  • D-Link DGS-6600-48T | Configuration Guide - Page 214
    vlan DGS-6600:15(config-vlan)#interface range eth2.1-2.2 DGS-6600:15(config-if)#access vlan 2 DGS-6600:15(config-if)#interface range eth2.3-2.4 DGS-6600:15(config-if)#access vlan 3 DGS-6600:15(config-if)#interface range eth2.5-2.6 DGS-6600:15(config-if)#access vlan 4 DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 215
    , 5 routes PCs in different VLANs can ping PCs in different VLANs, within the same router (local router), and can ping PCs connected to "remote" routers. DGS-6600 Configuration Guide 215
  • D-Link DGS-6600-48T | Configuration Guide - Page 216
    Routing Information Protocol (RIP) List of Constants and Default Settings Constant Name Value Number of Supported Key Chains 16 Number of Keys in a Key Chain 32 Table 22-1 Constants Values Seconds Flush Time 120 Seconds Table 22-2 Default Variable Values DGS-6600 Configuration Guide 216
  • D-Link DGS-6600-48T | Configuration Guide - Page 217
    . The router within the same area carries out the intra-area routing. OSPF routers exchange routing information using Link State Advertisements (LSA). The exchanged information is divided into the following types: • Router LSA (Type 1) • Network LSA (Type 2) DGS-6600 Configuration Guide 217
  • D-Link DGS-6600-48T | Configuration Guide - Page 218
    Configuring OSPF Authentication • Configuring OSPF Timers • Configuring Area Host Route • Creating OSPF Virtual Links Specifying OSPF Network Areas To run OSPF, the user needs to enter the OSPF router area zero and the other areas will become non-zero areas. DGS-6600 Configuration Guide 218
  • D-Link DGS-6600-48T | Configuration Guide - Page 219
    dgs-6600:15(config-router)#network 172.16.0.0/16 area 3 dgs-6600:15(config-router)#end Specifying an OSPF Router-ID The Router ID is a number assigned to each router running OSPF. Each router in an AS must have a unique Router ID. The user can manually router. DGS-6600 Configuration Guide 219
  • D-Link DGS-6600-48T | Configuration Guide - Page 220
    -router)#area 2 stub dgs-6600:15(config-router)#end In the following example, the user sets area 1 to be an NSSA: dgs-6600:2>enable dgs-6600:15#configure terminal dgs-6600:15(config)#router ospf dgs-6600:15(config-router)#area 1 nssa dgs-6600:15(config-router)#end DGS-6600 Configuration Guide 220
  • D-Link DGS-6600-48T | Configuration Guide - Page 221
    the cost is. The speed can be manually assigned or automatically calculated based on the bandwidth. The default referential bandwidth that has a cost value of 1 is 100Mbps. Based on this default referential bandwidth, the cost of an Ethernet interface will be 1. DGS-6600 Configuration Guide 221
  • D-Link DGS-6600-48T | Configuration Guide - Page 222
    23-Open Shortest Path First (OSPF) OSPF Configuration Commands Use the following command to manually specify the OSPF cost of a VLAN interface: Command auto-cost reference-bandwidth MBPS ip the router from communicating with other routers using the old key. DGS-6600 Configuration Guide 222
  • D-Link DGS-6600-48T | Configuration Guide - Page 223
    hello packets have been received from the neighbor router. Specifies the interval between each OSPF hello packet that is being sent. Specifies the time between Link-State Advertisement (LSA) retransmissions for adjacencies belonging to the interface. DGS-6600 Configuration Guide 223
  • D-Link DGS-6600-48T | Configuration Guide - Page 224
    to area zero, it must be connected to area zero via a virtual link. The virtual link is a point to point link through another non-zero area. The router will send OSPF messages to the neighbor router in unicast form directly to the neighbor router IP address. DGS-6600 Configuration Guide 224
  • D-Link DGS-6600-48T | Configuration Guide - Page 225
    be "V1rPa55": dgs-6600:2>enable dgs-6600:15#configure terminal dgs-6600:15(config)#router ospf dgs-6600:15(config-router)#area 2 virtual-link 10.10.11.50 hello-interval 5 dgs-6600:15(config-router)#area 2 virtual-link 10.10.11.50 dead-interval 10 dgs-6600:15(config-router)#area 2 virtual-link 10.10
  • D-Link DGS-6600-48T | Configuration Guide - Page 226
    area AREA-ID default-cost COST Explanation Specifies the cost associated with the Type 3 default route injected to an stub area or totally stubby area. DGS-6600 Configuration Guide 226
  • D-Link DGS-6600-48T | Configuration Guide - Page 227
    20 dgs-6600:15(config-router)#end Generating a Default Route to an NSSA Area For an ABR of an NSSA area, Type 3 default routes will be automatically injected into an NSSA area. The user can manually specify to NSSA areas as Type 7 external routes by an ASBR. DGS-6600 Configuration Guide 227
  • D-Link DGS-6600-48T | Configuration Guide - Page 228
    example, the user prevents the routes from area 1 being redistributed to the NSSA area: dgs-6600:2>enable dgs-6600:15#configure terminal dgs-6600:15(config)#router ospf dgs-6600:15(config-router)#area 1 nssa no-redistribution dgs-6600:15(config-router)#end DGS-6600 Configuration Guide 228
  • D-Link DGS-6600-48T | Configuration Guide - Page 229
    and operational status. In the following example, the users displays the OSPF operating status: dgs-6600:2>show ip ospf Operational Router ID 10.47.65.82 Process uptime is 2 hours 58 SPF algorithm executed 4 times Number of LSA 6 Network 47.65.51.0/24 dgs-6600:2> DGS-6600 Configuration Guide 229
  • D-Link DGS-6600-48T | Configuration Guide - Page 230
    global settings: dgs-6600:2>show ip protocols dgs-6600:2> Displaying Border Routers Included in this Topic are: • Displaying ABR and ASBR Information • Displaying OSPF Neighbor Information • Displaying OSPF Virtual Link Information • Displaying the OSPF LSA Database DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 231
    entries for the OSPF instance: dgs-6600:2>show ip ospf border-routers ASBR, Area 0.0.0.0 dgs-6600:2> Displaying OSPF Neighbor about all the OSPF neighbors: dgs-6600:2>show ip ospf neighbor Neighbor 65.83 1 Full/ - dgs-6600:2> Dead Time 00:00: for VLAN 50: dgs-6600:2>show ip ospf neighbor
  • D-Link DGS-6600-48T | Configuration Guide - Page 232
    following example, the user displays the information for the OSPF virtual links: dgs-6600:2>show ip ospf virtual-links Virtual Link to router 10.47.65.83 is up Transit area 0.0.0.1 via in 00:00:08 Adjacency state Full Current Authentication Type: none dgs-6600:2> DGS-6600 Configuration Guide 232
  • D-Link DGS-6600-48T | Configuration Guide - Page 233
    . show ip ospf database router [LINK-STATE-ID Displays information about the router LSAs. | self-originate | adv-router IP-ADDRESS] show ip ospf database summary [LINK-STATEID | self-originate | adv-router IPADDRESS] Displays information about the summary LSAs. DGS-6600 Configuration Guide 233
  • D-Link DGS-6600-48T | Configuration Guide - Page 234
    -Summary Link States (Area 0.0.0.1) Link ID 10.47.65.81 ADV Router 10.47.65.82 Age Seq# CkSum 1760 0x66040006 0x1f9e AS External Link States Link ID 125.1.1.0 dgs-6600:2> ADV Router 10.47.65.81 Age Seq# CkSum Route Tag 55 0x66040006 0xe799 E2 125.1.1.0/24 0 DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 235
    .1.1.0 (External Network Number) Advertising Router: 10.47.65.81 LS Seq Number: 66040006 Checksum: 0xe799 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 Forward Address: 0.0.0.0 External Route Tag: 0 dgs-6600:2> DGS-6600 Configuration Guide 235
  • D-Link DGS-6600-48T | Configuration Guide - Page 236
    Number For NSSA) Advertising Router: 10.47.65.81 LS Seq Number: 66040008 Checksum: 0xa337 Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 NSSA: Forward Address: 47.65.51.1 External Route Tag: 0 dgs-6600:2> DGS-6600 Configuration Guide 236
  • D-Link DGS-6600-48T | Configuration Guide - Page 237
    .65.82 LS Seq Number: 6604000a Checksum: 0x75eb Length: 36 Number of Links: 1 Link connected to: a Transit Network (Link ID) Designated Router address: 47.65.51.2 (Link Data) Router Interface address: 47.65.51.1 Number of TOS metrics: 0 TOS 0 Metric: 1 dgs-6600:2> DGS-6600 Configuration Guide 237
  • D-Link DGS-6600-48T | Configuration Guide - Page 238
    all the summary LSAs on the Switch: dgs-6600:2>show ip ospf database summary Summary Link States (Area 0.0.0.0) LS age: 319 Options: 0x2 E|-) LS Type: summary-LSA Link State ID: 47.65.51.0 (summary OSPF process or for a specific OSPF process on a VLAN interface. DGS-6600 Configuration Guide 238
  • D-Link DGS-6600-48T | Configuration Guide - Page 239
    can communicate (e.g., PING) each other by routing. Topology Figure 23-1 OSPFv2 Configuration Example Topology R1 (Router1) Configuration Steps Step 1: create vlan 2,3,4 DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#vlan 3 DGS-6600:15(config-vlan)#vlan 4 DGS-6600 Configuration Guide 239
  • D-Link DGS-6600-48T | Configuration Guide - Page 240
    vlan DGS-6600:15(config-if)#interface vlan4 DGS-6600:15(config-if)# ip address 4.0.0.2/8 DGS-6600:15(config-if)#interface vlan5 DGS-6600:15(config-if)# ip address 5.0.0.1/8 DGS-6600:15(config-if)#interface vlan6 DGS-6600:15(config-if)# ip address 6.0.0.1/8 DGS-6600 Configuration Guide Configuration
  • D-Link DGS-6600-48T | Configuration Guide - Page 241
    , 0DT0H2M21S C 4.0.0.0/8 is directly connected, vlan4 C 5.0.0.0/8 is directly connected, vlan5 C 6.0.0.0/8 is directly connected, vlan6 OSPFv2 Configuration Example 2 This OSPF configuration example contains three areas, virtual Link, NSSA, and external AS. DGS-6600 Configuration Guide 241
  • D-Link DGS-6600-48T | Configuration Guide - Page 242
    6 Step 2: add port into vlan GS-6600:15(config-vlan)#interface eth2.1 DGS-6600:15(config-if)# access vlan 2 DGS-6600:15(config-if)#interface eth2.2 DGS-6600:15(config-if)# access vlan 3 DGS-6600:15(config-if)#interface eth2.3 DGS-6600:15(config-if)# access vlan 6 DGS-6600 Configuration Guide 242
  • D-Link DGS-6600-48T | Configuration Guide - Page 243
    -if)# ip address 4.0.0.1/8 Step 4: set OSPF DGS-6600:15(config-if)#router ospf DGS-6600:15(config-router)# network 3.0.0.0/8 area 0 DGS-6600:15(config-router)# network 4.0.0.0/8 area 1 DGS-6600:15(config-router)# area 1 virtual-link 5.0.0.1 Configuration Examples DGS-6600 Configuration Guide 243
  • D-Link DGS-6600-48T | Configuration Guide - Page 244
    1: create vlan 4, 5 DGS-6600:15(config)#vlan 4 DGS-6600:15(config-vlan)#vlan 5 Step 2: add port into vlan DGS-6600:15(config-vlan)#interface eth2.1 DGS-6600:15(config-if)# access vlan 4 DGS-6600:15(config-if)#interface eth2.2 DGS-6600:15(config-if)# access vlan 5 DGS-6600 Configuration Guide 244
  • D-Link DGS-6600-48T | Configuration Guide - Page 245
    15(config-if)# ip address 5.0.0.1/8 Step 4: set OSPF DGS-6600:15(config-if)#router ospf DGS-6600:15(config-router)# network 4.0.0.0/8 area 1 DGS-6600:15(config-router)# network 5.0.0.0/8 area 2 DGS-6600:15(config-router)# area 1 virtual-link 4.0.0.1 DGS-6600:15(config-router)# area 2 stub R5 (Router
  • D-Link DGS-6600-48T | Configuration Guide - Page 246
    vlan8 DGS-6600:15(config-if)# ip address 8.0.0.2/8 Step 4: set RIP DGS-6600:15(config-if)#router rip DGS-6600:15(config-router)# network 8.0.0.2/8 Verifying The Configuration Use "show ip route" command to check if the routing table can be correctly learned. DGS-6600 Configuration Guide 246
  • D-Link DGS-6600-48T | Configuration Guide - Page 247
    Supported MD5 Keys 255 per Interface Number of Supported OSPF Areas 16 Number of Supported OSPF Host 64 Routes Number of Supported OSPF Virtual 16 Links Number of Supported OSPF 32 Neighbors Maximum OSPF Link Route Cost 1 Table 23-2 Default Variable Values DGS-6600 Configuration Guide 247
  • D-Link DGS-6600-48T | Configuration Guide - Page 248
    which next hop should be used for a given data packet.The ECMP support that allows the packet to be forwarded along one of 32 paths based Overview The ECMP algorithm tool is built into the runtime firmware in the DGS-6600 switch. Use the command to calculation the result of ecmp algorithm path.
  • D-Link DGS-6600-48T | Configuration Guide - Page 249
    algorithm to use the lower few bits if source IP address only: DGS-6600#configure terminal DGS-6600(config)#ip route ecmp load-balance This example shows how to set addresses: DGS-6600#configure terminal DGS6600(config)#ip route ecmp load-balance crc32-upper dip DGS-6600 Configuration Guide 249
  • D-Link DGS-6600-48T | Configuration Guide - Page 250
    address the main issue surrounding addressing problems. IPv6 moves away from 32- and service. An IPv6 address can be assigned either manually or guide will focus only on stateless addresses. The core function of IPv6 that are commonly used include: resolving the link DGS-6600 Configuration Guide 250
  • D-Link DGS-6600-48T | Configuration Guide - Page 251
    Automatic Parameter Configuration In IPv4 a default router is normally manually configured. In IPv6 the default router on the host's However, when received information for a specific parameter (e.g., Link MTU) or an option (e.g., Lifetime on a specific Figure 25-2 DGS-6600 Configuration Guide 251
  • D-Link DGS-6600-48T | Configuration Guide - Page 252
    addition to the address that might be derived from the stateless address auto-configure. Instructs the receiving hosts to use DHCP to obtain the nonaddress information such as: DNS ignored if it is larger than link MTU. FDDI Bridge DGS-6600 Configuration Guide FDDI Figure 25-3 Router 252
  • D-Link DGS-6600-48T | Configuration Guide - Page 253
    nd other-config-flag no ipv6 nd other-config-flag ipv6 nd prefix X:X::X:X/M [off-link | no-autoconfig] no ipv6 nd prefix ipv6 nd ra-interval [] no ipv6 nd ra-interval the retrans timer to the default value. Table 25-2 DGS-6600 Configuration Guide 253
  • D-Link DGS-6600-48T | Configuration Guide - Page 254
    will take no effect (link-local address should not be removed). DGS-6600# enable DGS-6600# configure terminal DGS-6600(config)# interface vlan1 IPv6 DGS-6600# enable DGS-6600# configure terminal DGS-6600(config) # interface vlan1 DGS-6600(config-if) # ipv6 enable DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 255
    how to display IPv6 interface incidence: DGS-6600# enable DGS-6600# show ipv6 interface vlan1 vlan1 is down, IPv6 is disable link-local address is : fe80::a01: live for 54212 seconds Hosts use stateless autoconfig for addresses. DGS-6600# The example shows how to display IPv6 neighbor information.
  • D-Link DGS-6600-48T | Configuration Guide - Page 256
    brief summary of possible configuration combinations to provide different types of IPv6 static route on the DGS-6600: • Static Route with Specific Next Hop • Floating Static Route Each route (either static and to allow management of the maximum number of multi-path. DGS-6600 Configuration Guide 256
  • D-Link DGS-6600-48T | Configuration Guide - Page 257
    the packets (destined for the configured network) to the next hop address on a specific interface. (The DGS-6600 supports vlan interface with next hop) In this case, the next hop address must be found on the check long prefix in HSL before route entry be added to DGS-6600 Configuration Guide 257
  • D-Link DGS-6600-48T | Configuration Guide - Page 258
    -if)# ipv6 enable DGS-6600:15(config-if)#interface vlan3 DGS-6600:15(config-if)# ipv6 address 3003::1/64 DGS-6600:15(config-if)# ipv6 enable DGS-6600:15(config-if)#interface vlan4 DGS-6600:15(config-if)# ipv6 address 3004::1/64 DGS-6600:15(config-if)# ipv6 enable DGS-6600 Configuration Guide 258
  • D-Link DGS-6600-48T | Configuration Guide - Page 259
    config-if)#interface vlan6 DGS-6600:15(config-if)# ipv6 address 3006::1/64 DGS-6600:15(config-if)# ipv6 enable Step 4: create ipv6 default route DGS-6600:15(config)#ipv6 route 3002::/64 3004::1 DGS-6600:15(config)#ipv6 route 3003::/64 3004::1 Configuration Example DGS-6600 Configuration Guide 259
  • D-Link DGS-6600-48T | Configuration Guide - Page 260
    Check ipv6 Routing table, using the show ipv6 route command. This can be done for both R1 and R2. DGS-6600:15#show ipv6 route IPv6 Routing Table Codes: K - kernel route, C - connected, S - static, R 3006::/64 [1/0] via 3004::2 Total Entries: 5 entries, 5 routes DGS-6600 Configuration Guide 260
  • D-Link DGS-6600-48T | Configuration Guide - Page 261
    for RIPng have been taken from RIPv1 and RIPv2. Differences between RIPv2 and RIPng • RIPng Supports IPv6 networking • While RIPv2 supports RIPv1 update authentications, RIPng does not. IPv6 routers were designed to support the use IPSec for authentication. DGS-6600 Configuration Guide 261
  • D-Link DGS-6600-48T | Configuration Guide - Page 262
    in order to reach those destinations. This contrasts with link-state IGPs; vectoring protocols exchange routes with one another, whereas link state routers exchange topology information, and calculate their MIB for querying the routes in the RIPng routing table DGS-6600 Configuration Guide 262
  • D-Link DGS-6600-48T | Configuration Guide - Page 263
    neighbor and itself to the metric of each route received. The router then processes the newly received route entry using the Bellman-Ford algorithm (below). DGS-6600 Configuration Guide 263
  • D-Link DGS-6600-48T | Configuration Guide - Page 264
    well. Each host with a router in the network uses the routing table information to determine the next host to route a packet to for a specified destination. DGS-6600 Configuration Guide 264
  • D-Link DGS-6600-48T | Configuration Guide - Page 265
    the garbage collection timer expires, the route is replaced and the garbage collection timer is cleared. This timer is kept for each routing table entry. DGS-6600 Configuration Guide 265
  • D-Link DGS-6600-48T | Configuration Guide - Page 266
    3ffe:4::/64 Next Hop If fe80::219:5bff:fef5:2cc1 fe80::219:5bff:fef5:2cc1 :: :: Met Time vlan2 2 vlan2 2 vlan3 1 vlan2 1 Total Entries: 4 entries, 4 routes DGS-6600 Configuration Guide 266
  • D-Link DGS-6600-48T | Configuration Guide - Page 267
    2 static auto 2 rip auto 2 Configuration Examples RIPng Configuration Example Configure two DGS-6600 series routers to learn remote IPv6 routes by using RIPng protocol. In R1, routes protocol. All PCs in the topology can communicate each other by routing. DGS-6600 Configuration Guide 267
  • D-Link DGS-6600-48T | Configuration Guide - Page 268
    DGS-6600:15(config-if)# ipv6 enable DGS-6600:15(config-if)# ipv6 router rip DGS-6600:15(config-if)#interface vlan4 DGS-6600:15(config-if)# ipv6 address 3004::1/64 DGS-6600:15(config-if)# ipv6 router rip Step 4: enable global ripng DGS-6600:15(config-if)#router ipv6 rip DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 269
    path over a maximum of 15 hops. The protocol allows for larger costs to be assigned to any link, limiting the number of hops even further. Routes with a metric of 16 or greater are unreachable. 2) metric by one. The routes would be passed around indefinitely. The DGS-6600 Configuration Guide 269
  • D-Link DGS-6600-48T | Configuration Guide - Page 270
    route cannot be chosen based on bandwidth or real-time parameters such as measured delay, load, or reliability. 4) The function of ECMP is not supported in RIPng. A single route has a single next hop in the current design. Therefore, the multipath is not supported. DGS-6600 Configuration Guide 270
  • D-Link DGS-6600-48T | Configuration Guide - Page 271
    semantics have been removed from OSPF packets and the basic Link State Advertisements (LSAs). New LSAs have been created to carry IPv6 addresses and optional capabilities, including demand circuit support and Not-So-Stubby Areas (NSSAs), are also supported in OSPF for IPv6. DGS-6600 Configuration Guide 271
  • D-Link DGS-6600-48T | Configuration Guide - Page 272
    The major OSPF data structures are the same for both IPv4 and IPv6: areas, interfaces, neighbors, the link-state database, and the routing table. All LSAs with known LS type and AS flooding scope appear in router but the structures are added to different interfaces. DGS-6600 Configuration Guide 272
  • D-Link DGS-6600-48T | Configuration Guide - Page 273
    whose destination is the interface IP address. POINT-TO-POINT Point-to-point networks or virtual links enter this state as soon as the interface is operational. WAITING Broadcast or NBMA interfaces enter All other neighbors will stay in neighbor state 2-WAY. BACKUP DGS-6600 Configuration Guide 273
  • D-Link DGS-6600-48T | Configuration Guide - Page 274
    is currently unused. INIT In this state, a Hello packet has recently been seen from the neighbor. However, bidirectional communication has not yet been established. 2-WAY DGS-6600 Configuration Guide 274
  • D-Link DGS-6600-48T | Configuration Guide - Page 275
    interface is a point-to-point state, an adjacency is formed with this neighbor. On a transit link, if the router itself or this neighbor is the DR/BDR, an adjacency is formed. If the router decides not to form an adjacency, this neighbor stays in a two-way state. DGS-6600 Configuration Guide 275
  • D-Link DGS-6600-48T | Configuration Guide - Page 276
    Router X Neighbor X stays 2‐way Figure 28-3 The diagram on the next page shows the different phases of forming an adjacency and the corresponding neighbor states. DGS-6600 Configuration Guide 276
  • D-Link DGS-6600-48T | Configuration Guide - Page 277
    inter-area routes, external-1 routes, and finally, external-2 routes. The next hop is always the link-local address of first router in the shortest path to the route. The following sections describe each of these components, starting with the contents of the LSDB. DGS-6600 Configuration Guide 277
  • D-Link DGS-6600-48T | Configuration Guide - Page 278
    • A neighbor transitions to full state. • A neighbor loses full adjacency. • The DR on a transit link changes. • A new IPv6 prefix is added or deleted on any given interface configured for OSPF. • An • The renewal timer (MaxAge/2) of an LSA requires an updated LSA. DGS-6600 Configuration Guide 278
  • D-Link DGS-6600-48T | Configuration Guide - Page 279
    this command. The following example specifies a fixed router ID. DGS6600#enable DGS6600#configure terminal DGS6600(config)#router ipv6 ospf DGS6600(config-router)#router-id 10.1.1.1 DGS-6600 Configuration Guide 279
  • D-Link DGS-6600-48T | Configuration Guide - Page 280
    in the topology can communicate each other by routing. Topology Figure 28-6 OSPFv3 Configuration Example Topology R1 (Router 1) Configuration Steps Step 1: create vlan 2,3,4 DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#vlan 3 DGS-6600:15(config-vlan)#vlan 4 DGS-6600 Configuration Guide 280
  • D-Link DGS-6600-48T | Configuration Guide - Page 281
    vlan DGS-6600:15(config-vlan)#interface eth2.1 DGS-6600:15(config-if)# access vlan 5 DGS-6600:15(config-if)#interface eth2.3 DGS-6600:15(config-if)# access vlan 6 DGS-6600:15(config-if)#interface eth2.5 DGS-6600:15(config-if)# access vlan 4 Configuration Examples DGS-6600 Configuration Guide 281
  • D-Link DGS-6600-48T | Configuration Guide - Page 282
    ::/64 [110/2] via fe80::201:2ff:fe03:404, vlan4, 0DT0H5M43S O 3006::/64 [110/2] via fe80::201:2ff:fe03:404, vlan4, 0DT0H5M43S Total Entries: 5 entries, 5 routes DGS-6600 Configuration Guide 282
  • D-Link DGS-6600-48T | Configuration Guide - Page 283
    exceed 64 because of the H/W limitation. Please use the command: ipv6 unicast-route long-prefix to support IPv6 routes with a prefix length that is longer than 64bits. • The unknown LSAs can't be counted no "network area" were configured, the process would be down. DGS-6600 Configuration Guide 283
  • D-Link DGS-6600-48T | Configuration Guide - Page 284
    at the different time and maybe the highest address is not selected. The router ID is based on the configured IPv4 address at that time. DGS-6600 Configuration Guide 284
  • D-Link DGS-6600-48T | Configuration Guide - Page 285
    Tunneling • Support RFC • IPv6 Manually Configured Manually Configured Tunnel A manually configured tunnel is a permanent link manually configured on a tunnel interface, and manually configured IPv4 addresses are assigned to the tunnel source and the tunnel destination. DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 286
    between automatic 6to4 tunnels and manually configured tunnels is that the end of a 6to4 tunnel must support both the IPv4 and IPv6 protocol stacks link local or global IPv6 unicast prefix 0200:5EFE (global IPv4) 0000:5EFE (private IPv4) IPv4 address of the ISATAP link DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 287
    Figure 29-1 Ipv6 Tunneling Manual Configuration Example Topology Configuration Prerequisites: 1. Create vlan4 and vlan6 on R1,assign an IPv4 address 1.0.0.1/8 to vlan4, assign an IPv6 address 3000::1/64 to vlan6, eth2.1 access vlan4, and eth2.3 access vlan6. DGS-6600 Configuration Guide 287
  • D-Link DGS-6600-48T | Configuration Guide - Page 288
    source 1.0.0.2 DGS-6600:15(config-if)#tunnel destination 1.0.0.1 DGS-6600:15(config-if)#tunnel mode ipv6ip DGS-6600:15(config-if)#ipv6 address 2000::1/64 Step 2: Create default route ::/0 to use manual tunnel "tunnel1" DGS-6600:15(config)#ipv6 route ::/0 tunnel 1 DGS-6600 Configuration Guide 288
  • D-Link DGS-6600-48T | Configuration Guide - Page 289
    show interface tunnel1" and "show ipv6 route" command, to check R1 (router 1) table. DGS-6600:15#show interface tunnel1 tunnel1 is up, line protocol is up (connected) Hardware is Tunnel .3 access vlan6. Ensure R1 is reachable to IPv6 6to4 site 2002:100:1::/48. DGS-6600 Configuration Guide 289
  • D-Link DGS-6600-48T | Configuration Guide - Page 290
    tunnel1 DGS-6600:15(config-if)# tunnel source 1.0.0.3 DGS-6600:15(config-if)# tunnel mode ipv6ip 6to4 DGS-6600:15(config-if)# ipv6 address 2002:100:3:ffff::1/64 Step 2: Create 2002::/16 to use 6to4 tunnel "tunnel1" DGS-6600:15(config-if)#ipv6 route 2002::/16 tunnel 1 DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 291
    6to4 config. Use the same command, show interface tunnel1, to check other routers tables. DGS-6600:15#show interface tunnel1 tunnel1 is up, line protocol is up (connected) Hardware is Tunnel address 4000:1/64 to vlan6, eth2.1 access vlan4, and eth2.3 access vlan6. DGS-6600 Configuration Guide 291
  • D-Link DGS-6600-48T | Configuration Guide - Page 292
    between 600 and 600 seconds ND next router advertisement due in 0 seconds. ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses. DGS-6600 Configuration Guide 292
  • D-Link DGS-6600-48T | Configuration Guide - Page 293
    and a random port number for the source port. The Switch supports BGP version 4, which is the same version that Internet Service Providers used when building the Internet. Several new BGP features were the standard BGP algorithm that controls the path selection DGS-6600 Configuration Guide 293
  • D-Link DGS-6600-48T | Configuration Guide - Page 294
    • Displaying the Configured Community Lists • Displaying Routes that Conform to a Specified Filter List • Displaying BGP Permitted Routes • Displaying Information about BGP Neighbors • Displaying IP Routes DGS-6600 Configuration Guide 294
  • D-Link DGS-6600-48T | Configuration Guide - Page 295
    HOLDTIME. Use the bgp log-neighbor-changes command to enable logging of BGP neighbor resets. Use no bgp log-neighbor-changes to disable the logging. DGS-6600 Configuration Guide 295
  • D-Link DGS-6600-48T | Configuration Guide - Page 296
    system 100 will just contain "100": dgs-6600:2>enable dgs-6600:15#configure terminal dgs-6600:15(config)#router bgp 100 dgs-6600:15(config-router)#neighbor 10.108.1.1 remote-as 65001 dgs-6600:15(config-router)#neighbor 10.108.1.1 description peer with private-as DGS-6600 Configuration Guide 296
  • D-Link DGS-6600-48T | Configuration Guide - Page 297
    BGP routes are available in the specified range. Using the summary-only parameter advertises the prefix only, suppressing the more-specific routes to all neighbors. DGS-6600 Configuration Guide 297
  • D-Link DGS-6600-48T | Configuration Guide - Page 298
    use the network command to determine where to send updates. The maximum number of supported network entries is project dependent. The BGP will advertise a network entry if the router has the route information for this entry if synchronize state is enabled. DGS-6600 Configuration Guide 298
  • D-Link DGS-6600-48T | Configuration Guide - Page 299
    number which following RFC 5396 and RFC 4893. About the 4-byte AS number represent, the BGP support "asplain" and "asdot" notation. The "65546" is similar to "1.10" Private autonomous system shows you how to configure a BGP process for autonomous system 65534: DGS-6600 Configuration Guide 299
  • D-Link DGS-6600-48T | Configuration Guide - Page 300
    to an IP address on a physical interface because the loopback interface is more effective than a fixed interface as an identifier because there is no physical link to go down. DGS-6600 Configuration Guide 300
  • D-Link DGS-6600-48T | Configuration Guide - Page 301
    BGP peering sessions. It is recommended to configure a loopback interface, since the physical interface link may be up/ down/removed for some reason. Command enable [privilege LEVEL] configure terminal all paths received from within the same autonomous system. DGS-6600 Configuration Guide 301
  • D-Link DGS-6600-48T | Configuration Guide - Page 302
    bestpath as-path ignore, bgp bestpath compare-router-id or bgp default local-preference commands to customize the path selection process. Command enable [privilege LEVEL] DGS-6600 Configuration Guide Explanation Enter privileged EXEC mode. 302
  • D-Link DGS-6600-48T | Configuration Guide - Page 303
    manually dgs-6600:15(config-router)#bgp bestpath compare-router-id dgs-6600:15(config-router)# Configuring BGP Defaults and Activating IPv4-Unicast for Peers The bgp default ipv4-unicast command is used to enable the automatic exchange of IPv4 address family prefixes. DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 304
    To configure the default value of the local preference to 200 for autonomous system 65534: dgs-6600:2>enable dgs-6600:15#configure terminal dgs-6600:15(config)#router bgp 65534 dgs-6600:15(config-router)#bgp default local-preference 200 dgs-6600:15(config-router)# DGS-6600 Configuration Guide 304
  • D-Link DGS-6600-48T | Configuration Guide - Page 305
    traffic from unauthorized systems. Command enable [privilege LEVEL] configure terminal router bgp AS-NUMBER bgp enforce-first-as DGS-6600 Configuration Guide Explanation Enter privileged EXEC mode. Enter Global configuration mode. Enter the following information to configure BGP routing process
  • D-Link DGS-6600-48T | Configuration Guide - Page 306
    bgp 65534 dgs-6600:15(config-router)#bgp enforce-first-as dgs-6600:15(config-router)# Enabling Logging of BGP Neighbor Resets The bgp log-neighbor-changes command enables logging of BGP neighbor status changes (up or down) and resets for troubleshooting network connectivity problems and measuring
  • D-Link DGS-6600-48T | Configuration Guide - Page 307
    ip community-list mycommlist permit 50000:10 dgs-6600:15(config)# Setting Minimum Interval Between BGP Routing Updates Use the neighbor advertisement interval command to set the minimum interval between the sending of Border Gateway Protocol (BGP) routing updates. DGS-6600 Configuration Guide 307
  • D-Link DGS-6600-48T | Configuration Guide - Page 308
    entered to execute any BGP Router configuration commands, such as "neighbor remote-as". Use the no form of the command to remove a BGP routing process. DGS-6600 Configuration Guide 308
  • D-Link DGS-6600-48T | Configuration Guide - Page 309
    configure BGP routing process mode (Please see router bgp AS-NUMBER). Use the no form of this command to remove an entry from the table. DGS-6600 Configuration Guide 309
  • D-Link DGS-6600-48T | Configuration Guide - Page 310
    dgs-6600:15#configure terminal dgs-6600:15(config)#router bgp 65100 dgs-6600:15(config-router)#neighbor ALPHA-GROUP peer-group dgs-6600:15(config-router)# Adding a Neighbor to a BGP Peer Group Use the neighbor peer-group command to add a neighbor to a peer group. DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 311
    command in router configuration mode exchange only unicast address prefixes. Command enable [privilege LEVEL] configure terminal Explanation Enter privileged EXEC mode. Enter global configuration mode. DGS-6600 Configuration Guide 311
  • D-Link DGS-6600-48T | Configuration Guide - Page 312
    entered to execute any BGP Router configuration commands, such as "neighbor remote-as". Use the no form of the command to remove a BGP routing process. DGS-6600 Configuration Guide 312
  • D-Link DGS-6600-48T | Configuration Guide - Page 313
    configure BGP routing process mode (Please see router bgp AS-NUMBER). Use the no form of this command to remove an entry from the table. DGS-6600 Configuration Guide 313
  • D-Link DGS-6600-48T | Configuration Guide - Page 314
    configure BGP routing process mode (Please see router bgp AS-NUMBER). Use the no form of this command to remove an entry from the table. DGS-6600 Configuration Guide 314
  • D-Link DGS-6600-48T | Configuration Guide - Page 315
    routers and access servers within an autonomous system to have the route before BGP makes it available to other autonomous systems. Command enable [privilege LEVEL] DGS-6600 Configuration Guide Explanation Enter privileged EXEC mode. 315
  • D-Link DGS-6600-48T | Configuration Guide - Page 316
    , i - internal, S Stale Origin codes: i - IGP, e -EGP, ? - incomplete Network 10.1.1.0/24 *> 172.17.1.0/24 Next Hop -------0.0.0.0 0.0.0.0 Metric ------ 0 0 LocPrf Weight 32768 0 Path ------i 45000 i Total Entries: 2 entries, 2 routes dgs-6600:2> DGS-6600 Configuration Guide 316
  • D-Link DGS-6600-48T | Configuration Guide - Page 317
    community-list Named Community standard list C1 permit internet Named Community standard list C2 permit internet dgs-6600:2> Displaying Routes that Conform to a Specified Filter List Configuration Example To display the contents of an access-list named as-ACL_HQ: DGS-6600 Configuration Guide 317
  • D-Link DGS-6600-48T | Configuration Guide - Page 318
    109 108 109 108 109 108 109 108 Path ------- Total Entries: 18 entries, 18 routes dgs-6600:2> Displaying BGP Permitted Routes Use the show ip bgp community-list command to display routes that sample output from the show ip bgp community-list command: DGS-6600 Configuration Guide 318
  • D-Link DGS-6600-48T | Configuration Guide - Page 319
    i 0 100 0 1800 701 i 0 1878 704 701 i Total Entries: 18 entries, 7 routes dgs-6600:2> The following fields are displayed in the output: Field Description BGP Table Version Local Router ID Status Codes Fields Displayed in show ip bgp community-list Output DGS-6600 Configuration Guide 319
  • D-Link DGS-6600-48T | Configuration Guide - Page 320
    address family information if the keyword ipv4 is not specified. You can specify the IP address of a neighbor to display information about the specific neighbor. DGS-6600 Configuration Guide 320
  • D-Link DGS-6600-48T | Configuration Guide - Page 321
    This neighbor supports the router refresh and graceful restart capabilities: dgs-6600:2>show ip bgp neighbors BGP neighbor: 10.108.50.2, remote AS 1, internal link Member of map for outgoing advertisements: R1 Accepted prefixes: 0 Announced prefixes: 0 dgs-6600:2> DGS-6600 Configuration Guide 321
  • D-Link DGS-6600-48T | Configuration Guide - Page 322
    shows you how to display the routes advertised for only the 172.16.232.178 neighbor: dgs-6600:2>show ip bgp neighbors 172.16.232.178 advertised-routes BGP table version: 27, local i - IS-IS derived S - static B - Border Gateway Protocol (BGP) derived Table 30-2 DGS-6600 Configuration Guide 322
  • D-Link DGS-6600-48T | Configuration Guide - Page 323
    -2 The following example shows you a sample output from the show ip route command when entered without an IP address: dgs-6600:2>show ip route Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP , vlan2 Total Entries: 12 entries, 12 routes dgs-6600:2> DGS-6600 Configuration Guide 323
  • D-Link DGS-6600-48T | Configuration Guide - Page 324
    vlan1, 00:01:57 C 127.0.0.0/8 is directly connected, lo Total Entries: 7 entries, 7 routes dgs-6600:2> Configuration Examples BGP Configuration Example This configuration has Two AS: 65101 and 65102. In AS65101, R1 Figure 30-1 BGP Configuration Example Topology DGS-6600 Configuration Guide 324
  • D-Link DGS-6600-48T | Configuration Guide - Page 325
    )# redistribute rip DGS-6600:15(config-router)# neighbor 10.4.4.1 remote-as 65101 R2 (Router 2) Configuration Steps Step 1: Create vlan 10, 20, 50. DGS-6600:15(config)#vlan 10 DGS-6600:15(config-vlan)#vlan 20 DGS-6600:15(config-vlan)#vlan 50 Configuration Examples DGS-6600 Configuration Guide 325
  • D-Link DGS-6600-48T | Configuration Guide - Page 326
    VLAN DGS-6600:15(config-if)#interface vlan10 DGS-6600:15(config-if)# ip address 10.1.1.2/16 DGS-6600:15(config-if)#interface vlan40 DGS-6600:15(config-if)# ip address 10.4.4.1/16 DGS-6600:15(config-if)# interface vlan1681 DGS-6600:15(config-if)# ip address 192.168.1.2/24 DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 327
    vlan1682 DGS-6600:15(config-if)# ip address 192.168.2.254/24 Step 4: bgp setting DGS-6600:15(config-if)#router bgp 65102 DGS-6600:15(config-router)# neighbor 192.168.1.2 remote-as 65101 DGS-6600:15(config-router)# network 192.168.2.0/24 Configuration Examples DGS-6600 Configuration Guide 327
  • D-Link DGS-6600-48T | Configuration Guide - Page 328
    commands to check the other routers tables DGS-6600:15#show ip bgp neighbors 10.4.4.2 BGP neighbor is 10.4.4.2, remote AS 65101, local AS 65101, internal link BGP version 4, remote router ID : 179 Foreign host: 192.168.1.1, Foreign port: 1024 Nexthop: 192.168.1.2 DGS-6600 Configuration Guide 328
  • D-Link DGS-6600-48T | Configuration Guide - Page 329
    ) Configuration Examples DGS-6600:15# show ip bgp neighbors 192.168.1.1 BGP neighbor is 192.168.1.1, remote AS 65102, local AS 65101, external link BGP version 100 100 Weight 0 32768 32768 32768 0 32768 32768 0 Path 65102 Total Entries: 6 entries, 8 route DGS-6600 Configuration Guide 329
  • D-Link DGS-6600-48T | Configuration Guide - Page 330
    Volume 4-Layer 3 Configurations / Chapter 30-Border Gateway Protocol (BGP) Configuration Examples DGS-6600:15#show ip route Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP O via 192.168.1.1, vlan1681, 0DT0H23M21S Total Entries: 6 entries, 7 routes DGS-6600 Configuration Guide 330
  • D-Link DGS-6600-48T | Configuration Guide - Page 331
    Routing PBR have following benefits: Source-Based Transit Provider Selection. Internet service provider (ISP) can use policy-based routing to route traffic originating from different sets of users through different Internet connections across the policy routers DGS-6600 Configuration Guide 331
  • D-Link DGS-6600-48T | Configuration Guide - Page 332
    Figure 31-1 Organizations can provide QOS to differentiated traffic by setting the precedence or type of service (TOS) values in the IP packet headers at the periphery of the network and leveraging paths and high-bandwidth, high-cost, switched paths. Figure 31-3 DGS-6600 Configuration Guide 332
  • D-Link DGS-6600-48T | Configuration Guide - Page 333
    commands to define the conditions for policy routing packets. The match commands specify the conditions under which policy routing occurs. The set commands specify the DGS-6600 Configuration Guide 333
  • D-Link DGS-6600-48T | Configuration Guide - Page 334
    ip default next-hop set ip precedence All rules will be: 1. match ip address IPV4 + set interface 2. match ip address IPV4 + set default next-hop DGS-6600 Configuration Guide 334
  • D-Link DGS-6600-48T | Configuration Guide - Page 335
    -route-map)# match ip address PBR-match_ip4 DGS-6600:15(config-route-map)# set ip next-hop 7.0.0.2 Step 2: create vlan 2, 3, 4, 7 DGS-6600:15(config-route-map)#vlan 2 DGS-6600:15(config-vlan)#vlan 3 DGS-6600:15(config-vlan)#vlan 4 DGS-6600:15(config-vlan)#vlan 7 DGS-6600 Configuration Guide 335
  • D-Link DGS-6600-48T | Configuration Guide - Page 336
    Step 6: set default route DGS-6600:15(config)#ip route 0.0.0.0/0 4.0.0.2 R2 Configuration Steps Step 1: create vlan 2, 3, 4, 7 DGS-6600:15(config-route-map)#vlan 2 DGS-6600:15(config-vlan)#vlan 3 DGS-6600:15(config-vlan)#vlan 4 DGS-6600:15(config-vlan)#vlan 7 DGS-6600 Configuration Guide 336
  • D-Link DGS-6600-48T | Configuration Guide - Page 337
    DGS-6600:15(config-if)#interface vlan4 DGS-6600:15(config-if)# ip address 4.0.0.2/8 DGS-6600:15(config-if)#interface vlan7 DGS-6600:15(config-if)# ip address 7.0.0.2/8 Step 4: set default route DGS-6600:15(config)#ip route 0.0.0.0/0 4.0.0.1 Configuration example DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 338
    are inactive * - candidate default Gateway of last resort is 4.0.0.2 to network 0.0.0.0 S* 0.0.0.0/0 [1/0] via 4.0.0.2, vlan4 C 3.0.0.0/8 is directly connected, vlan3 C 4.0.0.0/8 is directly connected, vlan4 C 7.0.0.0/8 is directly connected, vlan7 DGS-6600 Configuration Guide 338
  • D-Link DGS-6600-48T | Configuration Guide - Page 339
    VRRP) is a redundancy protocol designed to increase the availability of the default gateway servicing hosts on the same subnet. This increased reliability is achieved by advertising a "virtual a simple network with two VRRP routers implementing one virtual router DGS-6600 Configuration Guide 339
  • D-Link DGS-6600-48T | Configuration Guide - Page 340
    , so it becomes the Master and responsible for forwarding the packets from the end hosts. The Router-2 would therefore the Backup for the virtual router. DGS-6600 Configuration Guide 340
  • D-Link DGS-6600-48T | Configuration Guide - Page 341
    even if it has a higher priority than the master router. One exception is when the router that is the virtual IP address owner always preempts. DGS-6600 Configuration Guide 341
  • D-Link DGS-6600-48T | Configuration Guide - Page 342
    may be good, but there might be problems between the first hop and second hop link state of that interface. If the link state of the interface changes to down, the virtual router will change to initialize state and stay in that state until the interface link is up again. DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 343
    . The virtual router identifier is 7, and 10.1.1.1 is the IP address of the virtual router. DGS6600(config)#interface vlan1 DGS6600(config-if)#vrrp 7 ip 10.1.1.1 DGS-6600 Configuration Guide 343
  • D-Link DGS-6600-48T | Configuration Guide - Page 344
    is VRRP master and R2 is VRRP backup. The PC's packet will go through R1. If R1 is broken, R2 will become the VRRP master. DGS-6600 Configuration Guide 344
  • D-Link DGS-6600-48T | Configuration Guide - Page 345
    vlan 3 Step 2: add port into vlan DGS-6600:15(config)#interface eth2.1 DGS-6600:15(config-if)# access vlan 2 DGS-6600:15(config-if)#interface eth2.2 DGS-6600:15(config-if)# access vlan 4 DGS-6600:15(config-if)#interface eth2.3 DGS-6600:15(config-if)# access vlan 3 DGS-6600 Configuration Guide 345
  • D-Link DGS-6600-48T | Configuration Guide - Page 346
    vlan2 DGS-6600:15(config-if)# ip address 2.0.0.253/8 DGS-6600:15(config-if)# vrrp 2 ip 2.0.0.254 DGS-6600:15(config-if)#interface vlan4 DGS-6600:15(config-if)# ip address 4.0.0.2/8 DGS-6600:15(config-if)#interface vlan5 DGS-6600:15(config-if)# ip address 5.0.0.1/8 DGS-6600 Configuration Guide 346
  • D-Link DGS-6600-48T | Configuration Guide - Page 347
    R1 (VRRP master), R2 will become the master. VLAN2 PC should be able to still ping VLAN6 PC as R2 acts as the new master. DGS-6600 Configuration Guide 347
  • D-Link DGS-6600-48T | Configuration Guide - Page 348
    0.0.0.0 Master router is 2.0.0.254 (local) Master Down interval is 3.003 sec Total Entries: 1 R2 DGS-6600:15#show vrrp vlan2 - VRID 2 State is Backup Virtual IP address is 2.0.0.254 Virtual MAC address (expires in 3.006 sec) Total Entries: 1 Configuration Example DGS-6600 Configuration Guide 348
  • D-Link DGS-6600-48T | Configuration Guide - Page 349
    Part 5- Multiprotocol Label Switching (MPLS) The following chapters are included in this volume: • Multiprotocol Label Switching (MPLS) • Virtual Private Wire Service (VPWS) • Virtual Private Lan Services (VPLS)
  • D-Link DGS-6600-48T | Configuration Guide - Page 350
    ., and the FEC assignment is flexible. Since the FEC determines the packet's forwarding behavior in the MPLS network, so the flexible FEC assignment provides powerful support for QoS and traffic engineering. DGS-6600 Configuration Guide 350
  • D-Link DGS-6600-48T | Configuration Guide - Page 351
    It make the MPLS-VPN can be implemented easily. The MPLS is independent of the L2 and L3 protocols. It supports all L3 protocols, such as IPv4, IPv6, IPX, etc. It is also can run on any L2 network configuration mode to disable MPLS forwarding globally Table 33-1 DGS-6600 Configuration Guide 351
  • D-Link DGS-6600-48T | Configuration Guide - Page 352
    Creating static LSP Usually, the LSP is established by LDP, but you can also create a static LSP by manual configuration. The maximum LSP number is 128. For establishing a static LSP, you shall configure it at each port is chosen by the sender; the destination UDP DGS-6600 Configuration Guide 352
  • D-Link DGS-6600-48T | Configuration Guide - Page 353
    . FEC A Echo request R1 R2 R3 R4 Ingress Step 1 Step 2 Step 3 Step 6 Step 5 Step 4 Step 7 Step 9 Echo reply Egress Step 8 FEC B Figure 33-3 LSP traceroute DGS-6600 Configuration Guide 353
  • D-Link DGS-6600-48T | Configuration Guide - Page 354
    Examples MPLS, LDP (Dynamic Label) Configuration Example Configuring the MPLS protocol in R1, R2 and R3. The MPLS label is learned by LDP protocol. The DGS-6600 router can forward packets by the learned label information. DGS-6600 Configuration Guide 354
  • D-Link DGS-6600-48T | Configuration Guide - Page 355
    (config)#mpls label protocol ldp DGS6600:15(config-if)#interface vlan152 DGS6600:15(config-if)#mpls ip DGS6600:15(config-if)#mpls label protocol ldp DGS-6600 Configuration Guide 355
  • D-Link DGS-6600-48T | Configuration Guide - Page 356
    -if)#mpls label protocol ldp DGS6600:15(config-if)#interface vlan154 DGS6600:15(config-if)#mpls ip DGS6600:15(config-if)#mpls label protocol ldp DGS-6600 Configuration Guide 356
  • D-Link DGS-6600-48T | Configuration Guide - Page 357
    (config)#mpls label protocol ldp DGS6600:15(config-if)#interface vlan154 DGS6600:15(config-if)#mpls ip DGS6600:15(config-if)#mpls label protocol ldp DGS-6600 Configuration Guide 357
  • D-Link DGS-6600-48T | Configuration Guide - Page 358
    to check R1, R2 and R3. DGS-6600:15#show mpls ldp neighbor Peer : Length : 4096 Total Entries: 1 DGS-6600:15#show mpls ldp session Peer Status ) DU Total Entries: 1 DGS-6600:15#show mpls forwarding-table LSP The label of MPLS is set manually. DGS-6600 can forward the packets by these label
  • D-Link DGS-6600-48T | Configuration Guide - Page 359
    )#mpls static ftn 20.0.0.0/8 out-label 400 nexthop 40.0.0.2 DGS6600:15(config)#mpls static ilm in-label 401 forward-action pop nexthop 10.0.0.4 fec 10.0.0.0/8 DGS-6600 Configuration Guide 359
  • D-Link DGS-6600-48T | Configuration Guide - Page 360
    swap-label 500 nexthop 50.0.0.3 fec 20.0.0.0/8 DGS6600:15(config)#mpls static ilm in-label 501 forward-action swap-label 401 nexthop 40.0.0.1 fec 10.0.0.0/8 DGS-6600 Configuration Guide 360
  • D-Link DGS-6600-48T | Configuration Guide - Page 361
    ilm in-label 500 forward-action pop nexthop 20.0.0.4 fec 20.0.0.0/8 Verifying the Configuration Use following commands to check the MPLS label forwarding path information. DGS-6600 Configuration Guide 361
  • D-Link DGS-6600-48T | Configuration Guide - Page 362
    packets priority according to EXP value Outbound mapping: DGS-6600 changes EXP value according to egress packets priority. In the following example, the DGS-6600 R1 will implement MPLS QoS according to mapping rule if the packet's destination matches 20.0.0.0/8 DGS-6600 Configuration Guide 362
  • D-Link DGS-6600-48T | Configuration Guide - Page 363
    )#class-map outbound exp 3 Step 3. Configure IP address of VLAN. DGS-6600:15(config-if)#interface vlan10 DGS-6600:15(config-if)# ip address 10.0.0.1/8 DGS-6600:15(config-if)#! DGS-6600:15(config-if)#interface vlan40 DGS-6600:15(config-if)# ip address 40.0.0.1/8 DGS-6600 Configuration Guide 363
  • D-Link DGS-6600-48T | Configuration Guide - Page 364
    4 DGS-6600:15(config-mpls-router)#class-map inbound exp 5 priority 5 DGS-6600:15(config-mpls-router)#class-map inbound exp 6-7 priority 6 DGS-6600:15(config-mpls-router)#class-map outbound priority 1 exp 6 DGS-6600:15(config-mpls-router)#class-map outbound exp 3 DGS-6600 Configuration Guide 364
  • D-Link DGS-6600-48T | Configuration Guide - Page 365
    -vlan)#! DGS-6600:15(config-vlan)#vlan 50 DGS-6600:15(config-vlan)#! DGS-6600:15(config-vlan)#interface eth2.1 DGS-6600:15(config-if)# trunk allowed-vlan 50 DGS-6600:15(config-if)#! DGS-6600:15(config-if)#interface eth2.16 DGS-6600:15(config-if)# access vlan 20 DGS-6600 Configuration Guide 365
  • D-Link DGS-6600-48T | Configuration Guide - Page 366
    config)#mpls ip DGS-6600:15(config-if)#interface vlan50 DGS-6600:15(config-if)# mpls ip DGS-6600:15(config)#mpls static ftn 10.0.0.0/8 out-label 501 nexthop 50.0.0.2 DGS-6600:15(config)#mpls static ilm in-label 500 forward-action pop nexthop 20.0.0.4 fec 20.0.0.0/8 DGS-6600 Configuration Guide 366
  • D-Link DGS-6600-48T | Configuration Guide - Page 367
    Total Entries: 1 Configuration Restrictions Configuration Restrictions For support MPLS, the hardware must support label operation. In addition, L3 route and LDP shall be supported. The MPLS interface is L3 interface. LSR ID 64 128 2128 64 128 128 300 128 DGS-6600 Configuration Guide 367
  • D-Link DGS-6600-48T | Configuration Guide - Page 368
    the cost of providing those services. The tunneling mechanism of the VPWS can use any tunneling protocols. In this specification, it uses MPLS for the transport layer. CE2 MPLS tunnel PE 2 Attachment Circuits pseudowire CE1 PE1 MPLS network PE 3 CE3 DGS-6600 Configuration Guide 368
  • D-Link DGS-6600-48T | Configuration Guide - Page 369
    the following functions in order to emulate the behavior and characteristics of the native service. 1.Encapsulation of service-specific PDUs or circuit data arriving at the PE-bound port (logical or physical how to enable MPLS globally. DGS6600(config)#mpls ip DGS-6600 Configuration Guide 369
  • D-Link DGS-6600-48T | Configuration Guide - Page 370
    [detail] Explanation Use the xconnect command to enable the VPWS service on the interface. Use the no form of this command to cancel VPWS service. Use this command to show the MPLS label forwarding path The follows example shows how to configure a VPWS (Raw Mode). DGS-6600 Configuration Guide 370
  • D-Link DGS-6600-48T | Configuration Guide - Page 371
    Volume 5-Multiprotocol Label Switching / Chapter 34-Virtual Private Wire Service (VPWS) Configuration examples PE 1 Loopback: 130.1.1.1/32 CE1 AC: Eth1.1, VLAN10 MPLS Network PW MPLS end through the MPLS network, user shall configure PE1 and PE2 as follows: DGS-6600 Configuration Guide 371
  • D-Link DGS-6600-48T | Configuration Guide - Page 372
    Service supported. The VPWS uses MPLS tunnel label to transmit packet and use VC label as PW demultiplexer. At same time, VPWS uses LDP to distribute label and maintain PW status. Constant Max VPWS entries (Static and Dynamic) Max Peers Max AC Value 1024 2000 2000 DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 373
    ) • MPLS Tunnel • VPLS Service • VPLS Configuration Commands • Creating a VPLS • Setting a VPLSID • Psuedowire configuration • Encapsulation Configuration • Setting a local AC link MTU of a VPLS • Clearing for bridges, which is based on MAC source address learning. DGS-6600 Configuration Guide 373
  • D-Link DGS-6600-48T | Configuration Guide - Page 374
    Volume 5-Multiprotocol Label Switching / Chapter 35-Virtual Private Lan Services (VPLS) CE3 PE2 Emulated LAN CE1 PE1 MPLS Network CE2 Chapter Overview PE3 CE4 Figure raw mode and Ethernet tagged mode. All PWs in a VPLS should have same encapsulation mode. DGS-6600 Configuration Guide 374
  • D-Link DGS-6600-48T | Configuration Guide - Page 375
    different VPLS instances can be carried in a single MPLS tunnel from one PE to another PE. VPLS Service In the PE, a Virtual Switching Instance (VSI) for a VPLS will map multiple ACs to multiple type of a VPLS Table 35-1 VPLS (Abbreviated) command list DGS-6600 Configuration Guide 375
  • D-Link DGS-6600-48T | Configuration Guide - Page 376
    -vpls)#peer 2.2.2.2 DGS-6000:15(config-vpls)#peer 3.3.3.3 spoke Encapsulation Configuration The follow example shows how to set pseudowire encapsulation type of a VPLS to Ethernet-raw mode. DGS-6000:15(config)#vpls vpls100 DGS-6000:15(config-vpls)#encapsulation raw DGS-6600 Configuration Guide 376
  • D-Link DGS-6600-48T | Configuration Guide - Page 377
    Lan Services (VPLS) Configuration Examples Setting a local AC link MTU of a VPLS The follow example shows how to set local AC link MTU of a VPLS to 1000. DGS-6000:15(config)#vpls vpls100 DGS-6000: sites. PC1 can communicate with PC2 through VPLS over MPLS. DGS-6600 Configuration Guide 377
  • D-Link DGS-6600-48T | Configuration Guide - Page 378
    Volume 5-Multiprotocol Label Switching / Chapter 35-Virtual Private Lan Services (VPLS) Topology Configuration Examples R1 (Router 1) Configuration Steps Step 1. Create VLAN and add ports DGS6600:15(config-if)#mpls ip DGS6600:15(config-if)#mpls label protocol ldp DGS-6600 Configuration Guide 378
  • D-Link DGS-6600-48T | Configuration Guide - Page 379
    Volume 5-Multiprotocol Label Switching / Chapter 35-Virtual Private Lan Services (VPLS) Step 5. Set a loopback address and configure VPLS. DGS6600:15(config-if)#interface loopback1 vlan154 DGS6600:15(config-if)#mpls ip DGS6600:15(config-if)#mpls label protocol ldp DGS-6600 Configuration Guide 379
  • D-Link DGS-6600-48T | Configuration Guide - Page 380
    Volume 5-Multiprotocol Label Switching / Chapter 35-Virtual Private Lan Services (VPLS) R3 (Router 3) Configuration Steps. Step 1. Create a VLAN and add ports into the VLAN. DGS6600:15( DGS6600:15(config-vpls)#vpls-id 3006 DGS6600:15(config-vpls)#peer 11.34.55.31 DGS-6600 Configuration Guide 380
  • D-Link DGS-6600-48T | Configuration Guide - Page 381
    Switching / Chapter 35-Virtual Private Lan Services (VPLS) Configuration Restrictions and Constants Verifying address withdraw message support. Constant Max VPLS entries Max Peers Max Peers per VPLS entry Max AC Max AC per VPLS entry Value 1024 2000 64 2000 64 DGS-6600 Configuration Guide 381
  • D-Link DGS-6600-48T | Configuration Guide - Page 382
    Part 6- Quality of Service (QoS) The following chapters are included in this volume: • Quality of Service (QoS)
  • D-Link DGS-6600-48T | Configuration Guide - Page 383
    Example An Introduction to QoS In a network without Quality of Service (QoS) support, all packets have the same priority. Generally in a network where needs guaranteed service and some does not as guarantee service is more expensive than non-guarantee service. DGS-6600 Configuration Guide 383
  • D-Link DGS-6600-48T | Configuration Guide - Page 384
    the packet and polices based on the service agreement in terms of Committed Information have different drop probability during the transmit link's congestion. Thus, the QoS label When traffic exceeds the data rate, you instruct the system to either drop the packets or DGS-6600 Configuration Guide 384
  • D-Link DGS-6600-48T | Configuration Guide - Page 385
    DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#interface eth4.5 DGS-6600:15(config-if)#qos trust cos DGS-6600:15(config-if)#qos map dscp-cos 1 to 4 DGS-6600:15(config-if)#end Setting the Default Class of Service limit value on an interface. DGS-6600 Configuration Guide 385
  • D-Link DGS-6600-48T | Configuration Guide - Page 386
    mutation map named mutemap1 to Ethernet port 4.1 DGS:6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#qos map dscp-mutation mutemap1 30 to 8 DGS-6600:15(config)#interface eth4.1 DGS-6600:15(config)#qos dscp-mutation mutemap1 DGS-6600:15(config)#end DGS-6600 Configuration Guide 386
  • D-Link DGS-6600-48T | Configuration Guide - Page 387
    index to the lowest. The purpose of the strict priority scheduler is to provide lower latency service to the higher CoS classes of traffic. DRR operates by serving a mount of backlogged credits the packet scheduling mechanism, use the default form of this command. DGS-6600 Configuration Guide 387
  • D-Link DGS-6600-48T | Configuration Guide - Page 388
    value of the traffic's Differential Services Code Point (DSCP). Since DGS:6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#policy-map pcolor-map1 DGS-6600:15(config-pmap)#class class1 DGS-6600:15(config-pmap-c)#color-aware DGS-6600:15(config-pmap-c)#end DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 389
    Chapter 36-Quality of Service (QoS) QoS Configuration DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#class-map match-any class1 DGS-6600:15(config-cmap)#match vlan 2 DGS-6600:15(config-cmap)# Configuring Policing The Switch supports policing. DGS-6600 Configuration Guide 389
  • D-Link DGS-6600-48T | Configuration Guide - Page 390
    Chapter 36-Quality of Service (QoS) QoS DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#policy-map police-map1 DGS-6600:15(config-pmap)#class class-movie DGS-6600:15(config-pmap-c)#police 8000 1000 exceed-action drop DGS-6600:15(config-pmap)#end DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 391
    Volume 6-QOS / Chapter 36-Quality of Service (QoS) QoS Configuration Commands Changing Single-rate Policing to Two-rate Policing Use the following commands to a named aggregate policer as the policy that will be used for the traffic classes in a policy map. DGS-6600 Configuration Guide 391
  • D-Link DGS-6600-48T | Configuration Guide - Page 392
    . In the following example, the user attaches a policy map called "cust1-classes" to eth4.10: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#interface eth4.10 DGS-6600:15(config-if)#service-policy cust1-classes DGS-6600:15(config-if)#end DGS-6600 Configuration Guide 392
  • D-Link DGS-6600-48T | Configuration Guide - Page 393
    initial color of the packet, set the mode trust to DSCP. DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#interface eth6.1 DGS-6600:15(config-if-gi)#qos trust dscp DGS-6600:15(config-if-gi)#service-policy policy1 DGS-6600:15(config-if-gi)#exit DGS-6600 Configuration Guide 393
  • D-Link DGS-6600-48T | Configuration Guide - Page 394
    Service (QoS) Verifying the Configuration Confirming the Class-Map DGS-6600:15#show class-map Class Map match-any class-dscp-red match ip dscp 10 Total Entries: 1 DGS-6600:15# Configuration Examples Confirming the Policy-Map DGS-6600 will be forwarded first. DGS-6600 Configuration Guide 394
  • D-Link DGS-6600-48T | Configuration Guide - Page 395
    Volume 6-QOS / Chapter 36-Quality of Service (QoS) Topology Configuration Examples Step 1. R1. Set eth3.1-3.3 to tag port with vlan 1 and enable check the QOS information. DGS6600:15#show qos interface eth3.3 trust Interface Trust State eth3.3 trust CoS DGS-6600 Configuration Guide 395
  • D-Link DGS-6600-48T | Configuration Guide - Page 396
    the credit counter reaches zero, the queue is no longer serviced until its weight is replenished. The lower priority CoS queue is serviced in turn. In the following example, when traffic congestion occurs if)#trunk allowed-vlan 1 DGS6600:15(config-if)#qos trust cos DGS-6600 Configuration Guide 396
  • D-Link DGS-6600-48T | Configuration Guide - Page 397
    Volume 6-QOS / Chapter 36-Quality of Service (QoS) Step 2. R1. Set WRR priority 7 with weight 5, others are set as :15#show qos interface eth3.3 weight-round-robin eth3.3 CoS weight 0 1 1 1 2 1 3 1 4 1 5 1 6 1 7 5 Configuration Examples DGS-6600 Configuration Guide 397
  • D-Link DGS-6600-48T | Configuration Guide - Page 398
    Part 7- Multicast Configurations The following chapter is included in this volume: • Multicast Configuration
  • D-Link DGS-6600-48T | Configuration Guide - Page 399
    oy other routing protocols such as BGP. This switch supports PIM sparse mode (PIM-SM) to build unidirectional a single packet is transmitting on any link of the network, no matter how many (UDP) packets with a best effort service. It does not provide as reliable DGS-6600 Configuration Guide 399
  • D-Link DGS-6600-48T | Configuration Guide - Page 400
    multicast packets based on the forwarding table and flood drop all unregistered multicast packets. Finally, the user displays the multicast filtering mode for all VLANs: DGS-6600 Configuration Guide 400
  • D-Link DGS-6600-48T | Configuration Guide - Page 401
    unregistered Total Entries: 9 DGS-6600:15# PIM The device supports PIM sparse-mode and Independent Multicast (PIM) Enabling the ip multicast routing service Use the following command in global configuration mode to globally DGS-6600(config)# ip multicast-routing DGS-6600 Configuration Guide 401
  • D-Link DGS-6600-48T | Configuration Guide - Page 402
    the multicast static route has the same distance as the other RPF sources, the multicast static route takes preference. Default is 0. Range is 0-255. Examples DGS-6600 Configuration Guide 402
  • D-Link DGS-6600-48T | Configuration Guide - Page 403
    PC joins. Topology Figure 37-1 PIM-DM Configuration Example Topology R1 (Router 1) Configuration Steps Step 1: enable multicast routing DGS-6600:15(config)#ip multicast-routing Step 2: create vlan 2,4 DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#vlan 4 DGS-6600 Configuration Guide 403
  • D-Link DGS-6600-48T | Configuration Guide - Page 404
    vlan DGS-6600:15(config-vlan)#interface eth2.1 DGS-6600:15(config-if)# access vlan 2 DGS-6600:15(config-if)#interface eth2.3 DGS-6600:15(config-if)# access vlan 3 DGS-6600:15(config-if)#interface eth2.5 DGS-6600:15(config-if)# access vlan 4 Configuration Examples DGS-6600 Configuration Guide 404
  • D-Link DGS-6600-48T | Configuration Guide - Page 405
    and R2 run PIM-SM multicast routing protocol. IPTV multicast stream can be routed from R1 to R2, and forwarded to VLAN when PC joins. DGS-6600 Configuration Guide 405
  • D-Link DGS-6600-48T | Configuration Guide - Page 406
    enable pim-sm DGS-6600:15(config-if)#interface vlan2 DGS-6600:15(config-if)#ip address 2.0.0.1/8 DGS-6600:15(config-if)#ip pim sparse-mode DGS-6600:15(config-if)#interface vlan4 DGS-6600:15(config-if)#ip address 4.0.0.1/8 DGS-6600:15(config-if)#ip pim sparse-mode DGS-6600 Configuration Guide 406
  • D-Link DGS-6600-48T | Configuration Guide - Page 407
    ip address 4.0.0.2/8 DGS-6600:15(config-if)#ip pim sparse-mode Step 5: enable and set rip DGS-6600:15(config)#router rip DGS-6600:15(config-router)#network 5.0.0.1/8 DGS-6600:15(config-router)#network 6.0.0.1/8 DGS-6600:15(config-router)#network 4.0.0.2/8 DGS-6600 Configuration Guide Configuration
  • D-Link DGS-6600-48T | Configuration Guide - Page 408
    group-list: (None), interval: 60, priority: 192 BSR Candidate vlan4, hash-mask-length:30, priority: 64 DGS-6600:15#show ip pim rp mapping PIM Group-to-RP Mappings This system is the Bootstrap Router (v2) Group(s): R1 to R2, and forwarded to VLAN when PC joins. DGS-6600 Configuration Guide 408
  • D-Link DGS-6600-48T | Configuration Guide - Page 409
    dvmrp DGS-6600:15(config-if)#interface vlan4 DGS-6600:15(config-if)#ip address 4.0.0.1/8 DGS-6600:15(config-if)#ip dvmrp Step 5: enable and set rip DGS-6600:15(config)#router rip DGS-6600:15(config-router)#network 2.0.0.1/8 DGS-6600:15(config-router)#network 4.0.0.1/8 DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 410
    4.0.0.2/8 DGS-6600:15(config-if)#ip dvmrp Step 5: enable and set rip DGS-6600:15(config)#router rip DGS-6600:15(config-router)#network 5.0.0.1/8 DGS-6600:15(config-router)#network 6.0.0.1/8 DGS-6600:15(config-router)#network 4.0.0.2/8 Configuration Examples DGS-6600 Configuration Guide 410
  • D-Link DGS-6600-48T | Configuration Guide - Page 411
    Generation ID ExpTime vlan4 4.0.0.2 1331887776 0DT0H0M32S Total Entries: 1 DGS-6600:15#show ip dvmrp route State: H = Hold-down Topology R1 (Router 1) Configuration Steps Step 1: DGS-6600:15(config)#interface vlan1 DGS-6600:15(config-if)# ip igmp snooping DGS-6600 Configuration Guide 411
  • D-Link DGS-6600-48T | Configuration Guide - Page 412
    The Configuration Step 1: Check IGMP snooping configuration and group: Configuration Examples DGS‐6600:15#show ip igmp snooping IGMP Snooping is enabled in the following Last reporter: : 192.168.1.2 Source list is empty Total Entries : 1 entries, 1 records DGS-6600 Configuration Guide 412
  • D-Link DGS-6600-48T | Configuration Guide - Page 413
    Part 8- Security & Authentication The following chapters are included in this volume: • Access Control Lists (ACL) • Authentication, Authorization and Accounting (AAA) Configuration • 802.1X Authentication • DoS Protection • Dynamic ARP Inspection • Port Security • IP Source Guard • DHCP Server
  • D-Link DGS-6600-48T | Configuration Guide - Page 414
    number, or IP layer header field, including the upper layer protocol type. IPv6 access control lists define the criteria based on the IPv6 packet fields. DGS-6600 Configuration Guide 414
  • D-Link DGS-6600-48T | Configuration Guide - Page 415
    is an implied "deny all traffic" criteria statement. Therefore, if a packet does not match any of the defined criteria statements, the packet will be dropped. DGS-6600 Configuration Guide 415
  • D-Link DGS-6600-48T | Configuration Guide - Page 416
    checked. The ordering of a statement can be explicitly defined or automatically assigned. To manually control the ordering, the user can define the statement with a priority number. A smaller is matched, the packet is dropped without any further ACL checking. DGS-6600 Configuration Guide 416
  • D-Link DGS-6600-48T | Configuration Guide - Page 417
    Enters time-range configuration mode. Specifies the periods covered by the time-range profile. Exits time-range configuration mode. Displays the configured time-range profiles. DGS-6600 Configuration Guide 417
  • D-Link DGS-6600-48T | Configuration Guide - Page 418
    the statement with a priority number, the ordering is manually determined. A smaller priority number means a higher precedence. If the user does not specify a priority number when entering a criteria statement, a priority number will be automatically assigned. DGS-6600 Configuration Guide 418
  • D-Link DGS-6600-48T | Configuration Guide - Page 419
    6600:15(config-if)#end Configuring IP Extended Access Control Lists For IP extended access control lists, the user can define the permit/deny statement based on IP address, layer 4 port ID, and classification of service port, or IP header traffic class information. DGS-6600 Configuration Guide 419
  • D-Link DGS-6600-48T | Configuration Guide - Page 420
    ordering is manually determined. 6600:15(config-ip-ext-acl)#end Configuring IPv6 Extended Access Control Lists For IPv6 extended access control lists, the user can define the permit/deny statement based on IPv6 address, layer 4 port ID, and classification of service DGS-6600 Configuration Guide 420
  • D-Link DGS-6600-48T | Configuration Guide - Page 421
    DGS-6600:15(config-ip6-ext-acl)#end Configuring MAC Extended Access Control Lists For MAC extended access control lists, the user can define permit/deny statements based on the MAC address, Ethernet packet type, LLC service priority number, the ordering is manually determined. A smaller priority
  • D-Link DGS-6600-48T | Configuration Guide - Page 422
    been setup on the Switch: Command show access-list [ip NAME | mac NAME | ipv6 NAME] Explanation Displays the access control lists setup on the Switch. DGS-6600 Configuration Guide 422
  • D-Link DGS-6600-48T | Configuration Guide - Page 423
    ip ext-acl server-security ip ext-acl ipv6-control ipv6 ext-acl Total Entries : 11 DGS-6600:2> Applying Access Control Lists to Interfaces The user can apply up to one MAC access control list ingress traffic. Displays the access control list configuration. DGS-6600 Configuration Guide 423
  • D-Link DGS-6600-48T | Configuration Guide - Page 424
    -if)#mac access-group Block-Server in The maximum available entry of MAC ACL bind to interface in ingress direction is: 447 DGS-6600:15(config-if)#end DGS-6600:15#show access-group interface eth4.12 mac eth4.12 Inbound mac access-list : Block-Server DGS-6600:15# DGS-6600 Configuration Guide 424
  • D-Link DGS-6600-48T | Configuration Guide - Page 425
    2.0.0.1/8 DGS-6600:15(config-if)#interface vlan2 DGS-6600:15(config-if)# ip address 3.0.0.1/8 Step 4: Set time-range ACL-1t and valid time is daily 18:00~23:59. DGS-6600:15(config)#time-range ACL-1t DGS-6600:15(config-time-range)# periodic daily 18:00 to 23:59 DGS-6600 Configuration Guide 425
  • D-Link DGS-6600-48T | Configuration Guide - Page 426
    and permit rule, and apply time-range. DGS-6600:15(config)# ip access-list ACL-1 DGS-6600:15(config-ip-acl)# deny 2.0.0.2 255.0.0.0 1.0.0.2 255.0.0.0 time-range ACL-1t DGS-6600:15(config-ip-acl)# permit any any priority 23:59. PC2 can ping PC1 in other time range. DGS-6600 Configuration Guide 426
  • D-Link DGS-6600-48T | Configuration Guide - Page 427
    Value Default ACL Ending Implicit Deny ACL Priority Interval Value 10 ACL Resequencing Disabled Table 38-2 Default Variable Values List of Constants and Default Settings DGS-6600 Configuration Guide 427
  • D-Link DGS-6600-48T | Configuration Guide - Page 428
    Switch will not attempt local authentication and even the specified authentication methods will fail. If the method list is empty local authentication will be used. DGS-6600 Configuration Guide 428
  • D-Link DGS-6600-48T | Configuration Guide - Page 429
    group server group1 Group Name IP Address Protocol Port Timeout Retransmit Key group1 172.19.10.31 TACACS 1200 30 2 DGS-6600:15# Defining AAA Server Hosts The user can define a server host with the TACACS, XTACACS, TACACS+, or RADIUS protocol methods. DGS-6600 Configuration Guide 429
  • D-Link DGS-6600-48T | Configuration Guide - Page 430
    [login | enable] [console | telnet | http | ssh] [brief] Explanation Used to configure a new authentication method list. Displays the login or enable method lists for all applications. DGS-6600 Configuration Guide 430
  • D-Link DGS-6600-48T | Configuration Guide - Page 431
    , the user configures a login method list for authenticating login attempts from all supported applications (including console, Telnet, and HTTP). The methods start from group2. 5 2 no-encrypt Enable authentication: Local Authentication: yes DGS-6600:15# DGS-6600 Configuration Guide 431
  • D-Link DGS-6600-48T | Configuration Guide - Page 432
    that have been authorized by the RADIUS server: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#aaa authorization DGS-6600:15(config)#end List of Constants and Default Settings of AAA Group Servers None Table 39-2 Default Variable Values DGS-6600 Configuration Guide 432
  • D-Link DGS-6600-48T | Configuration Guide - Page 433
    Machine Information for Diagnostics • Displaying Session Statistics • Configuration Examples • 802.1x Guest VLAN Configuration Example • Relations with Other Modules • List of Constants and Default Settings DGS-6600 Configuration Guide 433
  • D-Link DGS-6600-48T | Configuration Guide - Page 434
    Client The Client is simply an end station that wishes to gain access to the LAN or Switch services. All end stations must be running software that is compliant with the 802.1X protocol. For users is allowed to pass through the port. The following figure displays a DGS-6600 Configuration Guide 434
  • D-Link DGS-6600-48T | Configuration Guide - Page 435
    Switch. 802.1X Configuration Commands Configuring 802.1X Authentication The following topics are included in this section: • Enabling Authentication • Initializing the 802.1x Protocol Operation DGS-6600 Configuration Guide 435
  • D-Link DGS-6600-48T | Configuration Guide - Page 436
    number of seconds that the Switch will wait for a response from the supplicant before timing out the supplicant (client). Table 40-1 802.1X Timer Values DGS-6600 Configuration Guide 436
  • D-Link DGS-6600-48T | Configuration Guide - Page 437
    , the user specifies that an EAP message can be transmitted a maximum of 3 times on Ethernet interface 4.17: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#interface eth4.17 DGS-6600:15(config-if)#dot1x max-req 3 DGS-6600:15(config-if)#end DGS-6600 Configuration Guide 437
  • D-Link DGS-6600-48T | Configuration Guide - Page 438
    enable DGS-6600:15#dot1x re-authenticate interface eth4.43 In the following example, the user re-authenticates the MAC address 00-40-10-28-19-78 on Ethernet port 4.10: DGS-6600:2>enable DGS-6600:15#dot1x re-authenticate interface eth4.10 mac-address 00-40-10-28-19-78 DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 439
    for the controlled port Ethernet interface 4.43 should only be prevented in the inbound direction: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#interface eth4.43 DGS-6600:15(config-if)#dot1x control-direction in DGS-6600:15(config-if)#end DGS-6600 Configuration Guide 439
  • D-Link DGS-6600-48T | Configuration Guide - Page 440
    Manually configures the authorization state on the specified port. In the following example, the user forces Ethernet interface 4.40 to change to the unauthorized state, which denies all access to the port by ignoring all authentication attempts: DGS-6600:2>enable DGS-6600:15#configure terminal DGS
  • D-Link DGS-6600-48T | Configuration Guide - Page 441
    example, the user configures the Switch to use the RADIUS authentication method for the ports that are using IEEE 802.1X authentication: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#dot1x auth-protocol radius DGS-6600:15(config)#end DGS-6600 Configuration Guide 441
  • D-Link DGS-6600-48T | Configuration Guide - Page 442
    Ethernet interface 4.32 to forward 802.1X BPDUs if the 802.1X function is disabled on Ethernet inteface 4.32: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#interface eth4.32 DGS-6600:15(config-if)#dot1x forward-pdu DGS-6600:15(config-if)#end DGS-6600 Configuration Guide 442
  • D-Link DGS-6600-48T | Configuration Guide - Page 443
    and status: Command show dot1x [interface INTERFACE-ID] {auth-state | auth-configuration | statistics | diagnostics | sessionstatistics} Explanation Displays information about the 802.1X configuration and status. DGS-6600 Configuration Guide 443
  • D-Link DGS-6600-48T | Configuration Guide - Page 444
    displays the IEEE 802.1X authentication state for Ethernet interface 4.22: DGS-6600:2>show dot1x interface eth4.22 auth-state Port User Authenticator State Backend State Mode: Port-based Guest VLAN: Disabled Forward 1x PDU: Disabled Total Entries: 1 DGS-6600:2> DGS-6600 Configuration Guide 444
  • D-Link DGS-6600-48T | Configuration Guide - Page 445
    the following example, the user displays the IEEE 802.1X statistics for Ethernet port 4.24: DGS-6600:2>show dot1x interface eth4.24 statistics eth4.24 EAPOL Frames RX: 0 EAPOL Frames TX: 0 : 0 BackendAuthSuccesses: 0 BackendAuthFails: 0 Total Entries: 1 DGS-6600:2> DGS-6600 Configuration Guide 445
  • D-Link DGS-6600-48T | Configuration Guide - Page 446
    authenticated (target) VLAN (VLAN4). Topology Figure 40-3 802.1x Guest VLAN Configuration Topology R1 (Router 1) Configuration Steps Step 1: Create VLAN2, VLAN3 and VLAN4 DGS-6600:15(config)# vlan 2 DGS-6600:15(config-vlan)# vlan 3 DGS-6600:15(config-vlan)# vlan 4 DGS-6600 Configuration Guide 446
  • D-Link DGS-6600-48T | Configuration Guide - Page 447
    -auth-control DGS-6600:15(config)#aaa authorization Radius Server Configuration Steps Step 1: create username/password list (e.g., test/123). Step 2: Configure the VID to be assigned in RADIUS VLAN attribute "Tunnel-Private-Group-ID". In this example, assign to 4. DGS-6600 Configuration Guide 447
  • D-Link DGS-6600-48T | Configuration Guide - Page 448
    The Configuration Step 1: Use the following commands to check the 802.1x configuration. DGS-6600:15#show aaa group server Group Name IP Address Protocol Port Timeout Retransm it port-channel. 4) 802.1x cannot be enabled on a packet monitoring destination port. DGS-6600 Configuration Guide 448
  • D-Link DGS-6600-48T | Configuration Guide - Page 449
    .1X Local User Accounts Disabled None Re-authentication Disabled Forward 802.1x PDU Disabled Table 40-3 Default Variable Values List of Constants and Default Settings DGS-6600 Configuration Guide 449
  • D-Link DGS-6600-48T | Configuration Guide - Page 450
    • Attack Types • Configuration Examples • Parameters An Introduction to DoS Protection A denial-of-service (DoS) attack is an attempt to make device resource unavailable to its intended users. The , DoS module will add log when counter increased in five minutes. DGS-6600 Configuration Guide 450
  • D-Link DGS-6600-48T | Configuration Guide - Page 451
    there are attacking packets received in previous 5 minutes, the module will log and send trap. Attack Types The following table lists different DoS attack types. DGS-6600 Configuration Guide 451
  • D-Link DGS-6600-48T | Configuration Guide - Page 452
  • D-Link DGS-6600-48T | Configuration Guide - Page 453
    DoS prevention mechanism for all supported types. The following example shows the information of a DoS configuration example. DGS-6600# configure terminal DGS-6600(config)# no dos_prevention type Land Attack", "Blat Attack" will be dropped. Each packet dropped by DGS-6600 Configuration Guide 453
  • D-Link DGS-6600-48T | Configuration Guide - Page 454
    log to system log if any attacking packet is received in this interval. DGS-6600# show dos_prevention DoS Prevention Information Action: Drop Log Frame Counts: 12345678 DoS Type specific or all attacking type. drop Drop / trap_log Enable DoS prevention actions. DGS-6600 Configuration Guide 454
  • D-Link DGS-6600-48T | Configuration Guide - Page 455
    validity of the intercepted ARP packets according to the setting of DHCP database before further processing. It Releases the packets that do not pass inspection. DGS-6600 Configuration Guide 455
  • D-Link DGS-6600-48T | Configuration Guide - Page 456
    check, for ARP response packets, the consistency of the destination MAC address in the Ethernet header against the target MAC address in the ARP payload. DGS-6600 Configuration Guide 456
  • D-Link DGS-6600-48T | Configuration Guide - Page 457
    the comma. (Optional) Specify a range of VLANs. Enter a space before and after the hyphen. Example This example shows how to enable ARP inspection on VLAN2: DGS-6600# configure terminal DGS-6600(config)# ip arp inspection vlan 2 DGS-6600(config)# DGS-6600 Configuration Guide 457
  • D-Link DGS-6600-48T | Configuration Guide - Page 458
    prevent users from obtaining IP addresses, or even cheat and steal user information. To solve this problem, DHCP Snooping classifies the ports into two types: TRUST port and UNTRUST port. The device and lease time into a entry to form a DHCP Snooping user database. DGS-6600 Configuration Guide 458
  • D-Link DGS-6600-48T | Configuration Guide - Page 459
    , for a simple scenario, if the user makes sure none DHCP server packets is allowed from a port, he can just turn on this port's "DHCP Server DGS-6600 Configuration Guide 459
  • D-Link DGS-6600-48T | Configuration Guide - Page 460
    ). You can add a permit binding rule by command "ip dhcp screening". The following example enable the DHCP server screening function on port eth4.1 and eth5.3: DGS-6600# configure terminal DGS-6600(config)#ip dhcp screening ports eth4.1,eth5.3 DGS-6600 Configuration Guide 460
  • D-Link DGS-6600-48T | Configuration Guide - Page 461
    shows to specify the suppress time to 20 minutes: DGS-6600# configure terminal DGS-6600(config)# ip dhcp screening suppress-duration 20 Configuring ip -08-01-02-03-04 on eth4.1-4.34. DGS-6600# configure terminal DGS-6600(config)# ip dhcp screening server-ip 10.1.1.1 client-mac 00-08-01-
  • D-Link DGS-6600-48T | Configuration Guide - Page 462
    server packet is not authorized and dropped if user turns on this function. The following example shows to enable trap/log function of DHCP screening: DGS-6600# configure terminal DGS-6600(config)# ip dhcp screening trap-log DGS-6600 Configuration Guide 462
  • D-Link DGS-6600-48T | Configuration Guide - Page 463
    1-30 Table 43-1 DHCP Server Screening Limitation Description Enable/Disable the DHCP server screening to provide the service for the ports. It's a per port control. The form of 3-tuple (DHCP server IP, of IP addresses not accepted by permit rules will be kept. DGS-6600 Configuration Guide 463
  • D-Link DGS-6600-48T | Configuration Guide - Page 464
    can process properly. When a switch receives a packet on an untrusted interface and the interface belongs to a VLAN that is enabled DHCP snooping, the switch compares DGS-6600 Configuration Guide 464
  • D-Link DGS-6600-48T | Configuration Guide - Page 465
    solve this problem, DHCP service, relay agent service must be enabled by service DGS-6600:15# configure terminal DGS-6600:15(config)# ip dhcp snooping DGS-6600:15(config DGS-6600:15# configure terminal DGS-6000:15(config)# no ip dhcp snooping DGS-6600:15(config)# DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 466
    snooping. Use the no form of this command to return to the default setting. This example shows how to enable DHCP snooping trust for port 3.3: DGS-6600(config)# interface eth3.3 DGS-6600(config-if)# ip dhcp snooping trust DGS-6600(config)# DGS-6600 Configuration Guide 466
  • D-Link DGS-6600-48T | Configuration Guide - Page 467
    no version of this command to disable DHCP snooping on a VLAN or a group of VLANs. This example shows how to enable DHCP snooping on vlan10: DGS-6600# configure terminal DGS-6600(config)# ip dhcp snooping vlan 10 DGS-6600(config)# DGS-6600 Configuration Guide 467
  • D-Link DGS-6600-48T | Configuration Guide - Page 468
    DHCP snooping configuration. Use the command to display DHCP snooping binding entries. This command is used to display the statistics of the DHCP snooping database. DGS-6600 Configuration Guide 468
  • D-Link DGS-6600-48T | Configuration Guide - Page 469
    MAC address will be learned as static entry and stored in NVRAM so that the entry is retained if the Switch is rebooted. 3) Violation Action DGS-6600 Configuration Guide 469
  • D-Link DGS-6600-48T | Configuration Guide - Page 470
    DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#interface eth4.5 DGS-6600:15(config-if)#switchport port-security maximum 10 DGS-6600:15(config-if)#switchport port-security violation shutdown DGS-6600:15(config-if)#end DGS-6600 Total Entries: 1 DGS-6600:15# Relations with Other
  • D-Link DGS-6600-48T | Configuration Guide - Page 471
    Table 45-1 Constants Values Variable Name Default Value Port Security Disabled Port Security Mode Delete-on-Timeout Violation Action Shutdown Table 45-2 Default Variable Values DGS-6600 Configuration Guide 471
  • D-Link DGS-6600-48T | Configuration Guide - Page 472
    switch. IP Source Guard binds together the network layer, which uses an IP address, and the Ethernet link layer, which uses a MAC address, to authenticate packets from host. The feature uses dynamic DHCP snooping Guard, if the HW ACL table has no enough entry or DGS-6600 Configuration Guide 472
  • D-Link DGS-6600-48T | Configuration Guide - Page 473
    guard is not support IPv6 in Release2, while can come from either the manual configured entry or the DHCP DGS-6600# configure terminal DGS-6600(config)# interface eth3.1 DGS-6600(config-if)# ip verify source vlan dhcp-snooping port security DGS-6600(config-if)# DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 474
    configure an IP Source Guard entry with IP address 10.1.1.1 and MAC address 00-01-02-03-04-05, at VLAN 2 on interface eth3.10: DGS-6600# configure terminal DGS-6600(config)# ip source binding 00-01-02-03-04-05 vlan 2 10.1.1.1 interface eth3.10 DGS-6600# DGS-6600 Configuration Guide 474
  • D-Link DGS-6600-48T | Configuration Guide - Page 475
    may increase the switch load beyond its capability. To alleviate this problem, the Safeguard Engine function was added to the DGS-6600. The Safeguard Engine can help the overall operability of the Switch 320 seconds. For a better understanding, see the figure below. DGS-6600 Configuration Guide 475
  • D-Link DGS-6600-48T | Configuration Guide - Page 476
    be increased by 25%. The switch will then return to its interval checking and dynamically adjust the packet flow to avoid overload of the Switch. DGS-6600 Configuration Guide 476
  • D-Link DGS-6600-48T | Configuration Guide - Page 477
    to clear all cpu-protect related statistics. DGS-6600#clear cpu-protect counters The following example protocol packet as 100 packets per second. DGS-6600(config)#cpu-protect type ospf pps 100 and falling threshold are 60 and 40 respectively. DGS-6600(config)#cpu-protect safeguard threshold 60 40 The
  • D-Link DGS-6600-48T | Configuration Guide - Page 478
    Volume 8-Safeguard Engine / Chapter 47-Safeguard Engine Settings Configuration Commands DGS-6600 Configuration Guide 478
  • D-Link DGS-6600-48T | Configuration Guide - Page 479
    restricts the forwarding domain of a port to a set of specified ports. Used to remove a port or group of ports from the forwarding domain of a port. DGS-6600 Configuration Guide 479
  • D-Link DGS-6600-48T | Configuration Guide - Page 480
    function so that: 1.All PCs can communicate to Server, e.g. 2.PCs at same "group" can communicate each other. 3.PCs at different segments CANNOT communicate each other. DGS-6600 Configuration Guide 480
  • D-Link DGS-6600-48T | Configuration Guide - Page 481
    ports Step 2: It is possible to ping the various devices to determine configuration status: PC2 (10.0.0.2/8) can ping Server (10.0.0.1/8), but cannot ping PC3 (10.0.0.3/8). DGS-6600 Configuration Guide 481
  • D-Link DGS-6600-48T | Configuration Guide - Page 482
    Settings Variable Name Default Value Traffic Segmentation No segmentation. Packets received on a port can be flooded to all other ports. Table 48-1 Default Variable Values DGS-6600 Configuration Guide 482
  • D-Link DGS-6600-48T | Configuration Guide - Page 483
    Part 9- Network Application The following chapters are included in this volume: • DHCP Server Configuration • DHCP Relay Configuration • DHCPv6 Client Configuration • sFlow
  • D-Link DGS-6600-48T | Configuration Guide - Page 484
    the IP Domain Name System Servers for the Client • Configuring the NetBIOS Windows Internet Naming Service Servers for the Client • Configuring the NetBIOS Node Type for the client • Configuring the provides configuration parameters. The DHCP assigns IP address in DGS-6600 Configuration Guide 484
  • D-Link DGS-6600-48T | Configuration Guide - Page 485
    a period of time to the clients; 3. Configure IP addresses manually. Network administrators can specify IP addresses and send specified IP addresses decide upon which criteria the IP addressed will be offered. The DGS-6600, provides 8 kinds of commands to configure these binding rules, which are
  • D-Link DGS-6600-48T | Configuration Guide - Page 486
    Server Configuration • based on client identifier • based on customer vlan tag number • based on service provider vlan tag number • based on IP address of ingress interface • based on IP address of assignable IP address in address pool chosen by section 40-3-2. DGS-6600 Configuration Guide 486
  • D-Link DGS-6600-48T | Configuration Guide - Page 487
    pool is configured based on secondary IP address, the device will not select this address pool. Therefore, you might not be able to get DHCPOFFER. DGS-6600 Configuration Guide 487
  • D-Link DGS-6600-48T | Configuration Guide - Page 488
    and DHCP relay can be enabled at the same time(DHCP server can be enabled by command "service dhcp" and relay can be enabled by command "ip dhcp relay") but function mutual exclusively. DHCP Ping Packets • Monitoring and Maintaining the DHCP Server Functions DGS-6600 Configuration Guide 488
  • D-Link DGS-6600-48T | Configuration Guide - Page 489
    the DHCP server is disabled on the DGS-6600. To enable these features use the following command in the global configuration mode. Command service dhcp Explanation Use this command to enable DHCP a hyphen between the start IP address and end IP address. Both the DGS-6600 Configuration Guide 489
  • D-Link DGS-6600-48T | Configuration Guide - Page 490
    that servers are listed in order of preference, if the number of servers is more than 1, then execute the following command multiple times with different DGS-6600 Configuration Guide 490
  • D-Link DGS-6600-48T | Configuration Guide - Page 491
    Service (WINS) is a name resolution service that Microsoft DHCP clients use to match host names to IP addresses in a grouping of networks. It possible to configure a primary and secondary WINS server on the DGS-6600 the name server first, and then broadcasts. DGS-6600 Configuration Guide 491
  • D-Link DGS-6600-48T | Configuration Guide - Page 492
    49-DHCP Server Configuration DHCP Server Configuration Commands Resolution through LMHOSTS and/or Domain Name Service (DNS), if enabled, will follow these methods.To configure the NetBIOS node type for Use the no form of this command to restore the default value. DGS-6600 Configuration Guide 492
  • D-Link DGS-6600-48T | Configuration Guide - Page 493
    #enable DGS6600#configure terminal DGS6600(config)#ip dhcp pool pool1 DGS6600(config-dhcp)#bootfile \dgs-6600\bootimage\mdubootfile.bin Configuring DHCP Ping Packets By default, the DHCP Server pings a time for the ping reply back to the default value (500ms). DGS-6600 Configuration Guide 493
  • D-Link DGS-6600-48T | Configuration Guide - Page 494
    :38:56, 2012-12-28 Lease expiration 18:38:56, 2012-12-29 18:38:56, 2012-12-29 18:38:56, 2012-12-29 DGS-6600 Configuration Guide 494
  • D-Link DGS-6600-48T | Configuration Guide - Page 495
    -on user-class: MSFT IP addresses: total 511 10.0.0.1 10.0.1.1-10.0.1.255 10.0.3.1-10.0.3.255 Number of leased address: 100 Number of conflict addresses: 2 DGS6600# DGS-6600 Configuration Guide 495
  • D-Link DGS-6600-48T | Configuration Guide - Page 496
    2 Malformed messages 0 Renew messages 0 Message BOOTREQUEST DHCPDISCOVER DHCPREQUEST DHCPDECLINE DHCPRELEASE DHCPINFORM Received 12 200 178 0 0 0 Message BOOTREPLY DHCPOFFER DHCPACK DHCPNAK DGS6600# Sent 12 190 172 6 DGS-6600 Configuration Guide 496
  • D-Link DGS-6600-48T | Configuration Guide - Page 497
    Table 49-1 Maximum Number 8 DNS Server 8 WINS Server 8 Address Pool Supported Client Number 12288 12288 Limitations Description DHCP server fills the option "default router" Maximum number of configurable address pools. Affordable maximum number of clients. DGS-6600 Configuration Guide 497
  • D-Link DGS-6600-48T | Configuration Guide - Page 498
    to DHCP Relay Agent Operation • DHCP Relay Configuration Commands • Enabling the DHCP Relay Agent Service • Specifying the Maximum Number of DHCP Relay Hops • Specifying a DHCP Relay Address • information from the reply packet as the packet is sent to the client. DGS-6600 Configuration Guide 498
  • D-Link DGS-6600-48T | Configuration Guide - Page 499
    50-2 Circuit ID Sub-Option Format The remote ID sub-option is encoded based on the following format:I Figure 50-3 Remote ID Sub-Option Format DGS-6600 Configuration Guide 499
  • D-Link DGS-6600-48T | Configuration Guide - Page 500
    , the user globally enables the DHCP relay agent service: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#ip dhcp relay DGS-6600:15(config)#end Specifying the Maximum Number of DHCP number of relay agents that a DHCP message can traverse. DGS-6600 Configuration Guide 500
  • D-Link DGS-6600-48T | Configuration Guide - Page 501
    the Insertion of the Relay Agent Information Option The user can enable the insertion of the option-82 field in a message when relaying a DHCP message. DGS-6600 Configuration Guide 501
  • D-Link DGS-6600-48T | Configuration Guide - Page 502
    already have the DHCP option-82 inserted: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#ip dhcp relay information policy drop DGS-6600:15(config)#end Checking the Validity of Reply checking function and forward all of the relay messages. DGS-6600 Configuration Guide 502
  • D-Link DGS-6600-48T | Configuration Guide - Page 503
    user enables the DHCP relay agent to trust all interfaces that already have the relay agent information option present in the packet: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#ip dhcp relay information trust-all DGS-6600:15(config)#end DGS-6600 Configuration Guide 503
  • D-Link DGS-6600-48T | Configuration Guide - Page 504
    vlan500 vlan600 vlan700 vlan800 Total Entries: 9 DGS-6600:2> Displaying the Relay Agent Configuration The user can use the following command to display the IP DHCP relay agent configuration: Command show ip dhcp relay DGS-6600 Configuration Guide Explanation Displays the IP DHCP relay agent
  • D-Link DGS-6600-48T | Configuration Guide - Page 505
    vlan300 vlan400 vlan500 vlan600 vlan700 vlan800 DGS-6600:2> List of Constants and Default Settings Constant Name Value Number of Supported DHCP Server 4 Addresses per Interface Interface Trusted Interface Un-trusted Table 50-2 Default Variable Values DGS-6600 Configuration Guide 505
  • D-Link DGS-6600-48T | Configuration Guide - Page 506
    assigned by a DHCPv6 server. The DHCPv6 client is a node that initiates requests on a link to obtain configuration parameters from one or more DHCPv6 servers. Operation concept What follows is an and sends a request message to the server asking for a confirmed DGS-6600 Configuration Guide 506
  • D-Link DGS-6600-48T | Configuration Guide - Page 507
    exchange DHCPv6 messages using UDP. The client uses a link-local address or addresses determined through other mechanisms for transmitting packet DHCPv6 V Client FF02::1:2 Client link-local address 547 DHCPv6 Server Client link-local address Server IP address 546 DGS-6600 Configuration Guide 507
  • D-Link DGS-6600-48T | Configuration Guide - Page 508
    an identical fixed format header and a variable format area for options. The following diagram illustrates the format of a DHCPv6 message sent between clients and servers: DGS-6600 Configuration Guide 508
  • D-Link DGS-6600-48T | Configuration Guide - Page 509
    advertise message to indicate that it is available for DHCPv6 Services, in response to a solicit message received from a client denying that the addresses assigned to the client are appropriate to the link to which the client is connected. A server sends a reply . DGS-6600 Configuration Guide 509
  • D-Link DGS-6600-48T | Configuration Guide - Page 510
    (8) INFORMATION-REQUEST (11) DECLINE (9) CONFIRM (4) RECONFIGURE (10) RELAY-FORWARD (12), RELAY-REPLY (13) DHCPv4 Message Type DHCPDISCOVER DHCPOFFER DHCPREQUEST DHCPACK/DHCPNAK DHCPRELEASE DHCPINFORM DHCPDECLINE DHCPFORCERENEW - DGS-6600 Configuration Guide 510
  • D-Link DGS-6600-48T | Configuration Guide - Page 511
    the prefix on the link, the requesting router must set the valid lifetime in those advertisements to be no later than the valid lifetime specified in the IA_PD Prefix option. A requesting router may use the preferred lifetime specified in the IA_PD Prefix option. DGS-6600 Configuration Guide 511
  • D-Link DGS-6600-48T | Configuration Guide - Page 512
    it has no preference for those values. In a message sent by a server to a client, the client uses the values in the T1 and T2 fields DGS-6600 Configuration Guide 512
  • D-Link DGS-6600-48T | Configuration Guide - Page 513
    ] Explanation Use this command to enable Dynamic Host Configuration Protocol (DHCP) for IPv6 client. Use the no form of this command to disable DHCPv6 features. DGS-6600 Configuration Guide 513
  • D-Link DGS-6600-48T | Configuration Guide - Page 514
    minimum acceptable Dynamic Host Configuration Protocol (DHCP) for IPv6 client information refresh time on a specified interface. Only VLAN interfaces are valid interfaces for this command. DGS-6600 Configuration Guide 514
  • D-Link DGS-6600-48T | Configuration Guide - Page 515
    set a global address by manual configuration: DGS-6600 > enable DGS-6600# configure terminal DGS-6600(config)# interface vlan2 DGS-6600(config-if)# ipv6 address 3ffe:22:22:22::2/64 After the command is entered, the global address 3ffe:22:22:22::2/64 will be set. DGS-6600 Configuration Guide 515
  • D-Link DGS-6600-48T | Configuration Guide - Page 516
    example shows how to display a specified general prefix named my-prefix: DGS-6600 > enable DGS-6600# show ipv6 general-prefix my-prefix IPv6 prefix my-prefix Acquired via Manual configuration: 3ffe:1:1::/48 Apply to interface: vlan2 ::1:1:1:1:1/64 DGS-6600# DGS-6600 Configuration Guide 516
  • D-Link DGS-6600-48T | Configuration Guide - Page 517
    client for interface vlan1, when vlan1 is in the REQUEST state: DGS-6600 > enable DGS-6600 # show ipv6 dhcp interface vlan1 Interface vlan1 is in DHCPv6 client mode. State: REQUEST Server IP: N/A Server DUID: N/A Preference: 0 Event expire: 10 IA is not acquired. DGS-6600 Configuration Guide 517
  • D-Link DGS-6600-48T | Configuration Guide - Page 518
    example shows the DHCPv6 client for interface vlan1, when vlan1 is in the RENEW state: DGS-6600 > enable DGS-6600 # show ipv6 dhcp interface vlan1 Interface vlan1 is in DHCPv6 client mode. State: RENEW : 7200 Prefix: 3000:1:2::/48 IA expire: 219 Addr expire: 5119 DGS-6600 Configuration Guide 518
  • D-Link DGS-6600-48T | Configuration Guide - Page 519
    shows the DHCPv6 client for interface vlan1, when vlan1 is in the REBIND state: DGS-6600 > enable DGS-6600 # show ipv6 dhcp interface vlan1 Interface vlan1 is in DHCPv6 client mode. State: prefix length of general prefix 600-65535 (seconds) 1-16 (characters) 64 DGS-6600 Configuration Guide 519
  • D-Link DGS-6600-48T | Configuration Guide - Page 520
    Volume 9-Network Application / Chapter 51-DHCPv6 Client Configuration Item General prefix name length Table 51-6 Range 1 -16 (characters) Restriction/Limitation DGS-6600 Configuration Guide 520
  • D-Link DGS-6600-48T | Configuration Guide - Page 521
    collector sFlow datagram sFlow Packet flow samples Counter samples The sFlow agent can be configured to sample the packets and counters of each interface independently. DGS-6600 Configuration Guide 521
  • D-Link DGS-6600-48T | Configuration Guide - Page 522
    (unclaimed), the other parameters of the same Receiver and all the Samplers and Pollers associated with the Receiver will be restored to their default values. DGS-6600 Configuration Guide 522
  • D-Link DGS-6600-48T | Configuration Guide - Page 523
    with different sampling rates and multiple Pollers with different polling intervals. There is no problem for multiple polling intervals with one interface because the counter sampling is software-based. sampling rates to be obtained in software by sub-sampling. DGS-6600 Configuration Guide 523
  • D-Link DGS-6600-48T | Configuration Guide - Page 524
    remote sFlow collector's IP-ADDRESS as 10.1.1.2 and PORT as 6343. DGS-6600(config)#sflow receiver 1 owner collector1 expiry 86400 max-datagramsize 1400 host 10 as 128 bytes. DGS-6600(config-if)# sflow sampler 1 receiver 1 sampling-rate 1024 max-headersize 128 DGS-6600 Configuration Guide 524
  • D-Link DGS-6600-48T | Configuration Guide - Page 525
    to both 10.1.1.2 and 10.1.1.3. DGS-6600(config)#show sflow sFlow Agent Version: 1.3;D-Link Corporation;3.00 sFlow State : DGS-6600:15(mgmt-if)#sflow DGS-6600:15(config)#mgmt DGS-6600:15(mgmt-if)#sflow receiver 1 owner collector1 expiry infinite host 10.90.90.91 DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 526
    "show sflow" command to check the sFlow configuration. DGS-6600:15#show sflow sFlow Agent Version: 1.3;D-Link Corporation;2.10 sFlow Agent Address: 0.0.0.0 sFlow State 1024 256 Pollers Information Interface Instance Receiver Interval eth2.1 1 1 20 DGS-6600 Configuration Guide 526
  • D-Link DGS-6600-48T | Configuration Guide - Page 527
    Part 10- Network Management The following chapters are included in this volume: • Simple Network Management Protocol (SNMP) • RMON • Error Disable Port Recovery • Traffic Storm Control
  • D-Link DGS-6600-48T | Configuration Guide - Page 528
    SNMP agent can send unsolicited traps to inform the SNMP manager of any new events. The Switch supports all three versions of SNMP; SNMP v1, SNMP v2c, and SNMP v3. Both SNMP v1 and Encryption- Packets are encrypted to prevent eavesdroppers from learning the packet. DGS-6600 Configuration Guide 528
  • D-Link DGS-6600-48T | Configuration Guide - Page 529
    notification MIB view of the trap receiver. SNMP Configuring Commands The following topics are included in this sub-section: • Setting up Basic SNMP Server Information DGS-6600 Configuration Guide 529
  • D-Link DGS-6600-48T | Configuration Guide - Page 530
    hq DGS-6600:15(config)#system-name core-switch Enabling the SNMP Server Use the following command in global configuration mode to enable the SNMP server on the Switch: Command snmp-server Explanation Enables the sending of SNMP traps that are defined in RFC 1157. DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 531
    community name, with either readonly access rights or read/write access rights to all MIB objects supported by the system. Under the SNMP v3 framework, view records are used to define the set Explanation Displays the current community string, view record, or group. DGS-6600 Configuration Guide 531
  • D-Link DGS-6600-48T | Configuration Guide - Page 532
    removed from the Switch: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#no snmp-server community commaccess DGS-6600:15(config)#end DGS-6600:15#show snmp community codes: ro - read only, rw - ReadWrite (rw)private (ro)public Total Entries: 2 DGS-6600 Configuration Guide 532
  • D-Link DGS-6600-48T | Configuration Guide - Page 533
    SNMP users. snmp-server user USER-NAME GROUP-NAME v3 [encrypted] [auth {md5 | sha} AUTHPASSWORD] [priv PRIV-PASSWORD]] Adds users to the SNMP user group. DGS-6600 Configuration Guide 533
  • D-Link DGS-6600-48T | Configuration Guide - Page 534
    the packet can also be specified. If the highest security level is specified, the trap packet can be protected by the authentication and encryption mechanism. DGS-6600 Configuration Guide 534
  • D-Link DGS-6600-48T | Configuration Guide - Page 535
    VLAN-INTERFACE] show snmp host Explanation Configures the trap recipient. When the input IPADDRESS is an IPv6 link-local address, the user needs to choose an existing VLAN-INTERFACE to specify the output interface for types. Disables sending for all trap types. DGS-6600 Configuration Guide 535
  • D-Link DGS-6600-48T | Configuration Guide - Page 536
    configure an SNMPv3 engine ID: Command snmp-server engineID local ENGINEIDSTRING show snmp engineID Explanation Configures the SNMPv3 engine ID. Displays the SNMPv3 engine configuration. DGS-6600 Configuration Guide 536
  • D-Link DGS-6600-48T | Configuration Guide - Page 537
    dlink", and create community strings for read "dlinkr" and read/write "dlinkwr". DGS-6600:15(config)#snmp-server view dlink 1.3.6 included DGS-6600:15(config)#snmp-server community dlinkr view dlink ro DGS-6600:15(config)#snmp-server community dlinkwr view dlink rw DGS-6600 Configuration Guide 537
  • D-Link DGS-6600-48T | Configuration Guide - Page 538
    VLAN DGS-6600:15(config)#interface vlan1 DGS-6600:15 DGS-6600:15(config-if)#show snmp-server SNMP Server System Name Location Contact : Enabled : N/A : N/A : N/A DGS-6600 : 1 DGS-6600:15(config plugging a cable into one of the DGS-6600 ports, PC1 can receive link-up v2 trap message. SNMP v3 with
  • D-Link DGS-6600-48T | Configuration Guide - Page 539
    DGS-6600:15(config)#snmp-server group gdlink v3 auth read dlink write dlink DGS-6600:15(config)#snmp-server user Roger gdlink v3 auth md5 12345678 Step 3: configure IP address of VLAN DGS-6600:15(config)#interface vlan1 DGS-6600:15(config-if)#ip address 2.0.0.1/8 DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 540
    > row status: active security model: v3 auth writeview: dlink DGS-6600:15#show snmp user User Name: Roger Engine ID: 800000ab03060b00270000 Authentication Entries: 2 By plugging a cable into one of the DGS-6600 ports, PC1 can receive link-up v3 trap messages. DGS-6600 Configuration Guide 540
  • D-Link DGS-6600-48T | Configuration Guide - Page 541
    Enabled SNMP Server Contact None SNMP Location None SNMP System Name SNMP Server Service SNMP Server Hosts None Disabled None SNMP Server Users Initial Table 53-2 Default Table 53-3 Snmp Server Groups Default Values CommunityView CommunityView DGS-6600 Configuration Guide 541
  • D-Link DGS-6600-48T | Configuration Guide - Page 542
    exchange network-monitoring data. The RMON was developed by the IETF to support monitoring and protocol analysis of LANs. The original version (sometimes referred be implemented. This device supports four RMON groups described as followed. Ethernet statistics group DGS-6600 Configuration Guide 542
  • D-Link DGS-6600-48T | Configuration Guide - Page 543
    created on its behalf whenever the event occurs. And the event entry may also specify that operation should occur by way of SNMP trap messages. DGS-6600 Configuration Guide 543
  • D-Link DGS-6600-48T | Configuration Guide - Page 544
    perform operations on the supported MIB RMON groups. DGS-6600>configure terminal DGS-6600(config)#interface eth3.2 DGS-6600(config-if)#rmon statistics 3 owner monitor DGS-6600 DGS-6600>configure terminal DGS-6600(config)#interface eth3.2 DGS-6600 data. By default the DGS-6600 RMON is enabled.
  • D-Link DGS-6600-48T | Configuration Guide - Page 545
    The Configuration Step 1: Check R1 Traffic segment configuration by command: DGS-6600:15(config-if)#show traffic-segmentation Interface Forwarding Interface(s) eth2.1 Forwarding possible to ping the various devices to determine configuration status: DGS-6600 Configuration Guide 545
  • D-Link DGS-6600-48T | Configuration Guide - Page 546
    Settings Variable Name Default Value Traffic Segmentation No segmentation. Packets received on a port can be flooded to all other ports. Table 54-1 Default Variable Values DGS-6600 Configuration Guide 546
  • D-Link DGS-6600-48T | Configuration Guide - Page 547
    traffic. When a physical port is in the error disabled state, the port can be recovered manually by applying the shutdown and the no shutdown command. The mechanism described in this chapter is used auto recovery settings that will be used on error disabled ports. DGS-8000 Configuration Guide 547
  • D-Link DGS-6600-48T | Configuration Guide - Page 548
    dgs-6600:2>enable dgs-6600:15#configure terminal dgs-6600:15(config)#errdisable recovery interval 300 dgs-6600:15(config)#errdisable recovery cause loopback-detection dgs-6600 error disable status: dgs-6600:2>show errdisable recovery -detection 179 Total Entries:1 dgs-6600:2> List of Constants and
  • D-Link DGS-6600-48T | Configuration Guide - Page 549
    chip support. Exceeded, unknown unicasts will always be dropped. If the action option is set to shutdown, the port will enter shutdown mode (port is blocked) when the threshold is exceeded. When a port is in "shutdown mode", before the port entered into shutdown DGS-6600 Configuration Guide 549
  • D-Link DGS-6600-48T | Configuration Guide - Page 550
    , the state is link down). The user DGS-6600:15(config)#end Enabling Traffic Storm Control on an Interface After configuring the global traffic storm control settings, the user needs to select the interfaces that the traffic storm control feature will be enabled on DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 551
    settings. In the following example, the user displays the storm control settings for broadcasts: DGS-6600:2>show storm-control interface broadcast Interface Storm Action Type Threshold eth4.1 Broadcast Shutdown pps 500 Total Entries: 1 DGS-6600:2> DGS-6600 Configuration Guide 551
  • D-Link DGS-6600-48T | Configuration Guide - Page 552
    a port, the user will need to manually enable the port using the no shutdown command in interface configuration mode. List of Constants and Default Settings Variable Name Default Value Interface Storm Control Disabled Table 56-1 Default Variable Values DGS-6600 Configuration Guide 552
  • D-Link DGS-6600-48T | Configuration Guide - Page 553
    Action Drop Default Time Interval 5 seconds Default Countdown Timer 0 seconds Default Recover Time 0 seconds Table 56-1 Default Variable Values List of Constants and Default Settings DGS-6600 Configuration Guide 553
  • D-Link DGS-6600-48T | Configuration Guide - Page 554
    Part 11- System Management The following chapters are included in this volume: • File System
  • D-Link DGS-6600-48T | Configuration Guide - Page 555
    Default Settings An Introduction to the File System The DGS-6600 Series Switch uses a FAT32 file system for storing system files. The storage media supported by the Switch include the on-board flash and the cf1 Table 57-1 Representative Drive for Each Storage Type DGS-6600 Configuration Guide 555
  • D-Link DGS-6600-48T | Configuration Guide - Page 556
    DGS-6600:15# Managing Configuration Files The device initializes with the default configuration. When the user changes the configuration, the updated configuration will automatically be stored in DRAM. This copy of the configuration is called the running configuration. DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 557
    -config command displays the contents of the current running configuration file. Command show running-config Explanation Displays the contents of the current running configuration file. DGS-6600 Configuration Guide 557
  • D-Link DGS-6600-48T | Configuration Guide - Page 558
    snmp-server host 172.16.1.27 version 2c public snmp-server host 172.16.1.33 public ! vlan-tunnel ! vlan 2 vlan name IT-Support ! vlan 3 ! vlan 5 mac-base 00-11-22-33-ab-cd ! vlan 6 subnet-base 20.0.1.0/8 subnet-base 192.168.1.0/24 ! vlan 99 subnet-base 10.0.0.0/8 ! DGS-6600 Configuration Guide 558
  • D-Link DGS-6600-48T | Configuration Guide - Page 559
    vlan 3 channel-group 5 mode on ip access-group IT-Management in ! interface eth4.4 description link to D-link PC access vlan 99 ! interface eth4.5 access vlan 3 spanning-tree tcnfilter ! interface eth4.6 access -tunnel tpid 0x88a0 mac access-group Block-Server in ! DGS-6600 Configuration Guide 559
  • D-Link DGS-6600-48T | Configuration Guide - Page 560
    .47 access vlan 99 spanning-tree guard root ! interface eth4.48 trunk allowed-vlan 2 traffic-segmentation forward interface eth4.1,eth4.2,eth4.3,eth4.4,eth4.5,eth4. 6,eth4.7 ! DGS-6600 Configuration Guide 560
  • D-Link DGS-6600-48T | Configuration Guide - Page 561
    vlan2 ip mtu 6000 ! interface vlan99 description link to LAN ip address 10.73.87.100 monitor session 2 destination interface eth4.9 ! ! end DGS-6600:15# Saving Running Configuration to a File The copy TFTP server with the IP address 10.1.1.254: DGS-6600:15#copy running-config tftp:\\10.1.1.254\config
  • D-Link DGS-6600-48T | Configuration Guide - Page 562
    the following command in global configuration mode to clear the system running configuration: Command clear running-config factory-defaults Explanation Clears the system running configuration. DGS-6600 Configuration Guide 562
  • D-Link DGS-6600-48T | Configuration Guide - Page 563
    specify the boot configuration file and overwrites the previous setting: Command boot config MEDIA: URL show boot show startup-config DGS-6600 Configuration Guide Explanation Specifies the boot-up configuration file. Displays the software image and configuration file that the Switch will use next
  • D-Link DGS-6600-48T | Configuration Guide - Page 564
    command is used to download a configuration file using TFTP: Command copy tftp:\\IP-ADDRESS\[DIRECTORY\] FILENAME DESTINATION-URL Explanation Downloads configuration file from a TFTP server. DGS-6600 Configuration Guide 564
  • D-Link DGS-6600-48T | Configuration Guide - Page 565
    ... dhcpr4 ... dhcpc4 ... sntp ... erps ... traffic segmentation ... bandwidth control ... storm .... mirror ... plock ... acl ... mstp ... lacp ... asd ... common ... Reset configuration completed! Execute configurations....Please wait! Completed. DGS-6600:15# DGS-6600 Configuration Guide 565
  • D-Link DGS-6600-48T | Configuration Guide - Page 566
    The following example uploads the running configuration to a TFTP server for storage: DGS-6600:2>enable DGS-6600:15#copy running-config tftp:\\10.1.1.254\config\switch-config.txt Upload configuration selects the tertiary image to load. Showing the Boot Image List DGS-6600 Configuration Guide 566
  • D-Link DGS-6600-48T | Configuration Guide - Page 567
    backup boot image: DGS-6600:15#configure terminal DGS-6600:15(config)#boot image flash:\images\runtime.2.10.011_DGS-6600.had Checking image at local flash:\images\runtime.2.10.011_DGS-6600.had ... Done. Update bootlist ...... Done. Success DGS-6600:15(config)#end DGS-6600 Configuration Guide 567
  • D-Link DGS-6600-48T | Configuration Guide - Page 568
    in the boot image list will be removed from the boot image list: DGS-6600:15(config)#show boot Boot loader version:1.00.005 Boot config:flash:\configurations\def_usr.conf Boot image DESTINATION-URL Explanation Downloads configuration file from a TFTP server. DGS-6600 Configuration Guide 568
  • D-Link DGS-6600-48T | Configuration Guide - Page 569
    server has an IP address 10.73.87.1: DGS-6600:15#copy flash:\images\runtime.2.10.011_DGS-6600.had tftp:\\10.73.87.1\runtime.2.10.011_DGS-6600.had Copy from flash:\images\runtime.2.10.011_DGS-6600.had to 10.73.87.1\runtime .2.10.011_DGS-6600.had ...done DGS-6600:15# DGS-6600 Configuration Guide 569
  • D-Link DGS-6600-48T | Configuration Guide - Page 570
    Name Default Value Default Boot Configuration flash:\configuration\def_usr.conf Default Boot Image Lists flash:\images\runtime.3.00.080_DG S-6600.had (please note that the file name is dependant on the runtime version.) Table 57-3 Default Variable Values DGS-6600 Configuration Guide 570
  • D-Link DGS-6600-48T | Configuration Guide - Page 571
    Part 12- Troubleshooting The following chapters are included in this volume: • Displaying System Information • Logging System Messages • Port Mirroring • Remote Switching Port Analyzer (RSPAN) • Testing Network Connectivity • Debug Information to Compact Flash
  • D-Link DGS-6600-48T | Configuration Guide - Page 572
    to display system or on-site information that may be useful for troubleshooting problems. Information Categories The Switch can display information about the following categories: local console sessions active in managing device. • Running Configuration information. DGS-6600 Configuration Guide 572
  • D-Link DGS-6600-48T | Configuration Guide - Page 573
    Volume 12-Troubleshooting / Chapter 58-Displaying System Information Displaying System Information Configuration Commands Displaying System Information are currently managing the device. Displays the contents of the current running configuration file. DGS-6600 Configuration Guide 573
  • D-Link DGS-6600-48T | Configuration Guide - Page 574
    .011 :QT0X1C3000001 :DGS-6600-CM :cc:b2:55:03:3f:84 :1 Slot: 3 Hardware Version Bootloader Version Firmware Version S/N Model Name First MAC Address Number of MAC Address(es) :A1 :1.00.008 :2.10.011 :QT101C3000010 :DGS-6600-48T :14:d6:4d:61:c9:10 :48 DGS-6600:2> DGS-6600 Configuration Guide 574
  • D-Link DGS-6600-48T | Configuration Guide - Page 575
    Module 2 - - 3 DGS-6600-48T 48-port GE Copper Module 4 - - DRAM FLASH Slot Total Used Free Total Used Free 1 2074152k 1214512k 859640k 996112k 56160k 939952k 2 - - - - - - 3 516004k 453828k 62176k - - - 4 - - - - - - DGS-6600:2> DGS-6600 Configuration Guide 575
  • D-Link DGS-6600-48T | Configuration Guide - Page 576
    Versions 1 DGS-6600-CM Serial#: QT0X1C3000001 H/W: PCBA: Bootloader: Runtime: CPLD: A1 1 1.00.007 2.10.011 ver-1 2 - - 3 DGS-6600-48T Serial#: QT101C3000010 H/W: PCBA: Bootloader: Runtime: CPLD: A1 6 1.00.008 2.10.011 ver-4 4 - - DGS-6600:2> DGS-6600 Configuration Guide 576
  • D-Link DGS-6600-48T | Configuration Guide - Page 577
    Volume 12-Troubleshooting / Chapter 58-Displaying System Information Displaying System Information Configuration Commands Using the show environment The following example displays the output from the show environment command: DGS-6600:2>show environment Environmental Status Slot Inlet
  • D-Link DGS-6600-48T | Configuration Guide - Page 578
    ... Current configuration: version 2.10.011 #Slot Model 1 DGS-6600-CM #2 #3 DGS-6600-48T #4 ! ! ! ! ! end DGS-6600:15#vlan-tunnel ! vlan 2 subnet-base 192.168.2.0/24 ! vlan 5 subnet-base 172.16.0.0/16 ! vlan 20 subnet-base 10.0.0.0/8 ! vlan 21 ! (OUPUT OMITTED) DGS-6600 Configuration Guide 578
  • D-Link DGS-6600-48T | Configuration Guide - Page 579
    Volume 12-Troubleshooting / Chapter 58-Displaying System Information ! interface eth5.47 access vlan 2 ! interface eth5.48 description OSPF-Link-To-DGS-3828 access vlan 5 ! interface vlan2 ip .168.50.1/24 ! end Displaying System Information Configuration Commands DGS-6600 Configuration Guide 579
  • D-Link DGS-6600-48T | Configuration Guide - Page 580
    understanding what is happening on the network, therefore helping the administrator to troubleshoot any potential problems. Due to the broad coverage of reported events, the system messages . Table 59-1 Descriptions of Severity Levels for Syslog Error Messages DGS-6600 Configuration Guide 580
  • D-Link DGS-6600-48T | Configuration Guide - Page 581
    Volume 12-Troubleshooting / Chapter 59-Logging System Messages Chapter Overview Level Number Severity Level Description 514 DGS-6600:15(config)# Managing Messages in the Local Buffer The user can manage the messages in the local buffer in the following ways: DGS-6600 Configuration Guide 581
  • D-Link DGS-6600-48T | Configuration Guide - Page 582
    -6600:15#configure terminal DGS-6600:15(config)#logging level all 3 DGS-6600:15(config)#end DGS-6600:15#show logging logging on :enabled logging buffer severity:error Host Severity Facility Port Mode 10.73.87.22 warning local7 514 DGS-6600:15(config)# DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 583
    12-Troubleshooting / Chapter 59-Logging System Messages Chapter Overview In the following example, the user displays the contents of the logging buffer, saves the entries to flash memory, clears the logging buffer, and confirms that the contents of the logging buffer have been cleared: DGS-6600
  • D-Link DGS-6600-48T | Configuration Guide - Page 584
    -Troubleshooting DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#logging host 10.73.87.22 severity warning DGS-6600:15(config)#end DGS-6600:15#show logging host Host Severity Facility Port Mode 10.73.87.22 warning local7 514 DGS-6600:15# DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 585
    Volume 12-Troubleshooting / Chapter 59-Logging System Messages List of Constants and Default Settings Constant Name Value Maximum Number of Severity Level 5(Notice) Syslog Server None Table 59-3 Default Variable Values List of Constants and Default Settings DGS-6600 Configuration Guide 585
  • D-Link DGS-6600-48T | Configuration Guide - Page 586
    to Port Mirroring Packet Mirroring is a useful tool that can help a user troubleshoot network problems. With the packet mirroring function, traffic activity, regardless of RX or TX traffic mirroring session. Specifies the source interface of the mirroring session. DGS-6600 Configuration Guide 586
  • D-Link DGS-6600-48T | Configuration Guide - Page 587
    12-Troubleshooting / Chapter 60-Port Mirroring Port Mirroring Configuration Commands In the following example, the user creates a packet mirroring session with a session number of 1, assigning Ethernet interface 4.2 as the destination port and Ethernet interface 4.3 as the source port: DGS-6600
  • D-Link DGS-6600-48T | Configuration Guide - Page 588
    12-Troubleshooting / Chapter 60-Port Mirroring In the following example, the user displays all port mirroring sessions: DGS-6600:2>show DGS-6600:15(config)#monitor session 1 destination interface eth2.1 DGS-6600:15(config)#monitor session 1 source interface eth2.2 both DGS-6600 Configuration Guide
  • D-Link DGS-6600-48T | Configuration Guide - Page 589
    -Troubleshooting / Chapter 60-Port Mirroring Verifying The Configuration Relations with Other Modules For verification Use the following command to check Mirror configuration on R1. DGS-6600 Default Mirroring Sessions None Table 60-2 Default Variable Values DGS-6600 Configuration Guide 589
  • D-Link DGS-6600-48T | Configuration Guide - Page 590
    Volume 12-Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) Chapter Overview Chapter 61 Remote Switching Port Analyzer (RSPAN mirrored toward the associated destination port. The following figure illustrates the remote mirroring via RSPAN VLAN. DGS-6600 Configuration Guide 590
  • D-Link DGS-6600-48T | Configuration Guide - Page 591
    is performed by the switch. iii. Both - In a Monitor session, you can also monitor a port for both received and sent packets. This is the default. DGS-6600 Configuration Guide 591
  • D-Link DGS-6600-48T | Configuration Guide - Page 592
    Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) RSPAN Configuration Commands More remote source session detail design, please reference to "MIRROR Command Reference 2.00.000(Chien-Ho) Sent to D-Link DGS6600(config-vlan)#exit DGS6600(config)# DGS-6600 Configuration Guide 592
  • D-Link DGS-6600-48T | Configuration Guide - Page 593
    Volume 12-Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) monitor session RSPAN Configuration Commands Command monitor session SESSION- a tagged member of VLAN 1000. DGS6600(config)# interface eth1.1 DGS6600(config-if)# trunk allowed-vlan 1000 DGS-6600 Configuration Guide 593
  • D-Link DGS-6600-48T | Configuration Guide - Page 594
    Volume 12-Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) show monitor session Configuration Examples Command show monitor session [SESSION- at VLAN2. RSPAN VLAN is VLAN100. PC1 is at VLAN100. Topology Figure 61-1 RSPAN Configuration Topology DGS-6600 Configuration Guide 594
  • D-Link DGS-6600-48T | Configuration Guide - Page 595
    Volume 12-Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) R1 (Router 1 - source) Configuration Steps Step 1: Create VLAN 2 and 100 (RSPAN VLAN) DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#interface range eth2.2-2.3 DGS-6600:15(config-if)#access vlan 2 DGS-6600:15(config-
  • D-Link DGS-6600-48T | Configuration Guide - Page 596
    tagged. Otherwise, it is untagged packets. We will not support the function : when a VLAN is specified as a RSPAN VLAN, the access member port of the VLAN except the destination interface will become inactive. The MAC address learning on the RSPAN VLAN is disabled. DGS-6600 Configuration Guide 596
  • D-Link DGS-6600-48T | Configuration Guide - Page 597
    Volume 12-Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) Relationship with other modules in the DGS-6600-Series Trunk Link aggregation port must also be able to be set as RSPAN Range Description 1-4094 Specify the RSPAN VLAN by VLAN ID. DGS-6600 Configuration Guide 597
  • D-Link DGS-6600-48T | Configuration Guide - Page 598
    Troubleshooting the failure of a node. Whenever a network problem is encountered, the problem can usually be isolated by using the ping , and whether packets of different lengths can be serviced. The following command is used to test the 21.366/7.605 ms DGS-6600:15# DGS-6600 Configuration Guide 598
  • D-Link DGS-6600-48T | Configuration Guide - Page 599
    Volume 12-Troubleshooting / Chapter 62-Testing Network Connectivity Tracing the Route to a Specific Destination In the following example, the user invokes the echo protocol to ping a host with the IPv6 address 2052:1::47:65:52:101: DGS-6600:2>enable DGS-6600:15#ping 2052:1::47:65:52:101 PING 2052
  • D-Link DGS-6600-48T | Configuration Guide - Page 600
    Troubleshooting with the IP address 172.19.3.40: DGS-6600:2>enable DGS-6600:15#traceroute 172.19.3.40 traceroute to 172 .3.40) 1.309 ms 1.163 ms 1.113 ms DGS-6600:15# In the following example, the user uses address 2052:1::47:65:52:101: DGS-6600:2>enable DGS-6600:15#traceroute 2052:1::47:65:52:101
  • D-Link DGS-6600-48T | Configuration Guide - Page 601
    from the DGS-6600. It's very helpful to know DGS6600 device information on-site, especially if there is a problem that's non debug info collection needs to be done from Console, and is not supported from either telnet or web. The debug dump will be stored to . DGS-6600 Configuration Guide 601
  • D-Link DGS-6600-48T | Configuration Guide - Page 602
    press enter. For example, DGS-6600:15# update debug cf2 and save to storage" DGS-6600:15# 1.3: In privilege For example, DGS-6600:15# copy debug finish, press enter. For example, DGS-6600:15# update debug cf2 Start and save to storage" DGS-6600:15# 2.3: Setup TFTP For example, DGS-6600:15(mgmt-
  • D-Link DGS-6600-48T | Configuration Guide - Page 603
    :\\10.19.72.86\dgs66debug_0505.txt Copy debug information from cf2 to 10.19.72.86\dgs66debug_0505.txt done DGS-6600:15# 2.4: Find the file (in this case, dgs66debug2.txt, or dgs66debug_0505.txt) in your PC's TFTP directory, zip it, and transfer the file to us. DGS-6600 Configuration Guide 603
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
  • 169
  • 170
  • 171
  • 172
  • 173
  • 174
  • 175
  • 176
  • 177
  • 178
  • 179
  • 180
  • 181
  • 182
  • 183
  • 184
  • 185
  • 186
  • 187
  • 188
  • 189
  • 190
  • 191
  • 192
  • 193
  • 194
  • 195
  • 196
  • 197
  • 198
  • 199
  • 200
  • 201
  • 202
  • 203
  • 204
  • 205
  • 206
  • 207
  • 208
  • 209
  • 210
  • 211
  • 212
  • 213
  • 214
  • 215
  • 216
  • 217
  • 218
  • 219
  • 220
  • 221
  • 222
  • 223
  • 224
  • 225
  • 226
  • 227
  • 228
  • 229
  • 230
  • 231
  • 232
  • 233
  • 234
  • 235
  • 236
  • 237
  • 238
  • 239
  • 240
  • 241
  • 242
  • 243
  • 244
  • 245
  • 246
  • 247
  • 248
  • 249
  • 250
  • 251
  • 252
  • 253
  • 254
  • 255
  • 256
  • 257
  • 258
  • 259
  • 260
  • 261
  • 262
  • 263
  • 264
  • 265
  • 266
  • 267
  • 268
  • 269
  • 270
  • 271
  • 272
  • 273
  • 274
  • 275
  • 276
  • 277
  • 278
  • 279
  • 280
  • 281
  • 282
  • 283
  • 284
  • 285
  • 286
  • 287
  • 288
  • 289
  • 290
  • 291
  • 292
  • 293
  • 294
  • 295
  • 296
  • 297
  • 298
  • 299
  • 300
  • 301
  • 302
  • 303
  • 304
  • 305
  • 306
  • 307
  • 308
  • 309
  • 310
  • 311
  • 312
  • 313
  • 314
  • 315
  • 316
  • 317
  • 318
  • 319
  • 320
  • 321
  • 322
  • 323
  • 324
  • 325
  • 326
  • 327
  • 328
  • 329
  • 330
  • 331
  • 332
  • 333
  • 334
  • 335
  • 336
  • 337
  • 338
  • 339
  • 340
  • 341
  • 342
  • 343
  • 344
  • 345
  • 346
  • 347
  • 348
  • 349
  • 350
  • 351
  • 352
  • 353
  • 354
  • 355
  • 356
  • 357
  • 358
  • 359
  • 360
  • 361
  • 362
  • 363
  • 364
  • 365
  • 366
  • 367
  • 368
  • 369
  • 370
  • 371
  • 372
  • 373
  • 374
  • 375
  • 376
  • 377
  • 378
  • 379
  • 380
  • 381
  • 382
  • 383
  • 384
  • 385
  • 386
  • 387
  • 388
  • 389
  • 390
  • 391
  • 392
  • 393
  • 394
  • 395
  • 396
  • 397
  • 398
  • 399
  • 400
  • 401
  • 402
  • 403
  • 404
  • 405
  • 406
  • 407
  • 408
  • 409
  • 410
  • 411
  • 412
  • 413
  • 414
  • 415
  • 416
  • 417
  • 418
  • 419
  • 420
  • 421
  • 422
  • 423
  • 424
  • 425
  • 426
  • 427
  • 428
  • 429
  • 430
  • 431
  • 432
  • 433
  • 434
  • 435
  • 436
  • 437
  • 438
  • 439
  • 440
  • 441
  • 442
  • 443
  • 444
  • 445
  • 446
  • 447
  • 448
  • 449
  • 450
  • 451
  • 452
  • 453
  • 454
  • 455
  • 456
  • 457
  • 458
  • 459
  • 460
  • 461
  • 462
  • 463
  • 464
  • 465
  • 466
  • 467
  • 468
  • 469
  • 470
  • 471
  • 472
  • 473
  • 474
  • 475
  • 476
  • 477
  • 478
  • 479
  • 480
  • 481
  • 482
  • 483
  • 484
  • 485
  • 486
  • 487
  • 488
  • 489
  • 490
  • 491
  • 492
  • 493
  • 494
  • 495
  • 496
  • 497
  • 498
  • 499
  • 500
  • 501
  • 502
  • 503
  • 504
  • 505
  • 506
  • 507
  • 508
  • 509
  • 510
  • 511
  • 512
  • 513
  • 514
  • 515
  • 516
  • 517
  • 518
  • 519
  • 520
  • 521
  • 522
  • 523
  • 524
  • 525
  • 526
  • 527
  • 528
  • 529
  • 530
  • 531
  • 532
  • 533
  • 534
  • 535
  • 536
  • 537
  • 538
  • 539
  • 540
  • 541
  • 542
  • 543
  • 544
  • 545
  • 546
  • 547
  • 548
  • 549
  • 550
  • 551
  • 552
  • 553
  • 554
  • 555
  • 556
  • 557
  • 558
  • 559
  • 560
  • 561
  • 562
  • 563
  • 564
  • 565
  • 566
  • 567
  • 568
  • 569
  • 570
  • 571
  • 572
  • 573
  • 574
  • 575
  • 576
  • 577
  • 578
  • 579
  • 580
  • 581
  • 582
  • 583
  • 584
  • 585
  • 586
  • 587
  • 588
  • 589
  • 590
  • 591
  • 592
  • 593
  • 594
  • 595
  • 596
  • 597
  • 598
  • 599
  • 600
  • 601
  • 602
  • 603
DGS-6600 Configuration Guide
i
DGS-6600
Configuration Guide
Ver. 1.00