Home » D-Link Manuals » Wireless » D-Link DGS-1510 » Manual Viewer

D-Link DGS-1510 User Manual - Page 351

Safeguard Engine, Protocol, DOT1X, Apply, Clear by Port, Clear by MAC, Clear by Protocol, Clear All

Add to My Manuals
Save this manual to your list of manuals

Page 351 highlights

DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide Parameter Protocol Description Select the protocol option used here. Options to choose from are MAC, WAC, JWAC, and DOT1X. Click the Apply button to accept the changes made. Click the Clear by Port button to the clear the information based on the port selected. Click the Clear by MAC button to the clear the information based on the MAC address entered. Click the Clear by Protocol button to the clear the information based on the protocol selected. Click the Clear All button to clear all the information in this table. Click the Find button to locate a specific entry based on the information entered. Click the View All button to locate and display all the entries. Safeguard Engine Periodically, malicious hosts on the network will attack the Switch by utilizing packet flooding (ARP Storm) or other methods. These attacks may increase the switch's CPU load beyond its capability. To alleviate this problem, the Safeguard Engine function was added to the Switch's software. The Safeguard Engine can help the overall operability of the Switch by minimizing the workload of the Switch while the attack is ongoing, thus making it capable to forward essential packets over its network in a limited bandwidth. If the CPU load rises above the rising threshold value, the Safeguard Engine function will be activated and the Switch will enter the exhausted mode. In the exhausted mode, the Switch will limit the bandwidth available for ARP and broadcast IP packets. If the CPU load falls below the falling threshold value, the Safeguard Engine will be deactivated and the Switch will exit the exhausted mode and enter the normal mode. Packets that are destined to the CPU can be classified into three groups. These groups, otherwise known as sub-interfaces, are logical interfaces that the CPU will use to identify certain types of traffic. The three groups are Protocol, Manage, and Route. Generally, the Protocol group should receive the highest priority when the Switch's CPU processes received packets and the Route group should receive the lowest priority as the Switch's CPU usually does get involved in the processing of routing packets. In the Protocol group, packets are protocol control packets identified by the router. In the Manage group, packets are destined to any router or system network management interface by means of interactive access protocols, like Telnet and SSH. In the Route group, packets are identified as traversing routing packets that is generally processed by the router CPU. In the following table a list of supported protocols are displayed with their respective sub-interfaces (groups): Protocol Name 802.1X ARP DHCP DNS GVRP ICMPv4 ICMPv6-Neighbor ICMPv6-Other IGMP LACP Sub-interface (Group) Protocol Protocol Protocol Protocol Protocol Protocol Protocol Protocol Protocol Protocol Description Port-based Network Access Control Address resolution Protocol (ARP) Dynamic Host Configuration Protocol Domain Name System GARP VLAN Registration Protocol Internet Control Message Protocol IPv6 Internet Control Message Protocol Neighbor Discovery Protocol (NS/NA/RS/RA) IPv6 Internet Control Message Protocol except Neighbor Discovery Protocol (NS/NA/RS/RA) Internet Group Management Protocol Link Aggregation Control Protocol 340

Section	Page
Table of Contents	3
1. Introduction	12
Audience	12
Other Documentation	12
Conventions	12
Notes, Notices, and Cautions	12
2. Web-based Switch Configuration	13
Management Options	13
Connecting using the Web UI	13
Logging onto the Web UI	14
Smart Wizard	15
Step 1 - Web Mode	15
Step 2 - System IP Information	16
Step 3 - User Accounts Settings	17
Step 4 - SNMP Settings	18
Web User Interface (Web UI)	20
Areas of the User Interface	20
Standard Mode	20
Surveillance Mode	21
3. System	23
Device Information	23
System Information Settings	23
Peripheral Settings	24
Port Configuration	25
Port Settings	25
Port Status	27
Port GBIC	27
Port Auto Negotiation	28
Error Disable Settings	28
Jumbo Frame	29
Interface Description	30
PoE (PoE Switches Only)	30
PoE System	31
PoE Status	32
PoE Configuration	33
PD Alive	34
PoE Statistics	35
PoE Measurement	36
PoE LLDP Classification	37
System Log	38
System Log Settings	38
System Log Discriminator Settings	40
System Log Server Settings	41
System Log	41
System Attack Log	42
Time and SNTP	42
Clock Settings	42
Time Zone Settings	43
SNTP Settings	44
Time Range	45
4. Management	47
User Account Settings	47
Password Encryption	49
Login Method	49
SNMP	50
SNMP Global Settings	52
SNMP Linkchange Trap Settings	53
SNMP View Table Settings	54
SNMP Community Table Settings	54
SNMP Group Table Settings	56
SNMP Engine ID Local Settings	57
SNMP User Table Settings	57
SNMP Host Table Settings	58
RMON	59
RMON Global Settings	59
RMON Statistics Settings	60
RMON History Settings	61
RMON Alarm Settings	62
RMON Event Settings	63
Telnet/Web	64
Session Timeout	65
DHCP	66
Service DHCP	66
DHCP Class Settings	66
DHCP Server	67
DHCP Server Global Settings	68
DHCP Server Pool Settings	69
DHCP Server Exclude Address	71
DHCP Server Manual Binding	72
DHCP Server Dynamic Binding	73
DHCP Server IP Conflict	73
DHCP Server Statistic	74
DHCPv6 Server	75
DHCPv6 Server Pool Settings	75
DHCPv6 Server Local Pool Settings	77
DHCPv6 Server Exclude Address	77
DHCPv6 Server Binding	78
DHCPv6 Server Interface Settings	79
DHCPv6 Server Operational Information	80
DHCP Relay	80
DHCP Relay Global Settings	80
DHCP Relay Pool Settings	80
DHCP Relay Information Settings	83
DHCP Relay Information Option Format Settings	84
DHCP Relay Information Profile Settings	85
DHCP Local Relay VLAN	88
DHCPv6 Relay	88
DHCPv6 Relay Global Settings	88
DHCPv6 Relay Interface Settings	89
DHCP Auto Configuration	90
DNS	90
DNS Global Settings	91
DNS Name Server Settings	91
DNS Host Settings	92
NTP	93
NTP Global Settings	93
NTP Server Settings	94
NTP Peer Settings	95
NTP Access Group Settings	96
NTP Key Settings	97
NTP Interface Settings	98
NTP Associations	98
NTP Status	99
IP Source Interface	99
File System	100
Physical Stacking	101
Virtual Stacking (SIM)	105
Single IP Settings	108
Topology	109
File	109
Print Topology	109
Preference	110
Group	110
Add to Group	110
Remove from Group	111
Device	111
Configure	111
View	111
Refresh	111
Topology	111
Help	114
About	114
Firmware Upgrade	114
Configuration File Backup/Restore	115
Upload Log File	115
D-Link Discovery Protocol	116
5. Layer 2 Features	117
FDB	117
Static FDB	117
Unicast Static FDB	117
Multicast Static FDB	118
MAC Address Table Settings	118
MAC Address Table	120
MAC Notification	121
VLAN	122
VLAN Configuration Wizard	122
Create/Configure VLAN	122
Create VLAN	123
Configure VLAN	124
802.1Q VLAN	125
VLAN Interface	126
VLAN Interface Settings	126
Port Summary	129
802.1v Protocol VLAN	129
Protocol VLAN Profile	129
Protocol VLAN Profile Interface	130
GVRP	130
GVRP Global	130
GVRP Port	131
GVRP Advertise VLAN	132
GVRP Forbidden VLAN	133
GVRP Statistics Table	134
Asymmetric VLAN	134
MAC VLAN	135
L2VLAN Interface Description	136
Auto Surveillance VLAN	136
Auto Surveillance Properties	136
MAC Settings and Surveillance Device	138
ONVIF IP-Camera Information	139
ONVIF NVR Information	140
Voice VLAN	141
Voice VLAN Global	141
Voice VLAN Port	143
Voice VLAN OUI	144
Voice VLAN Device	144
Voice VLAN LLDP-MED Device	145
STP	145
STP Global Settings	147
STP Port Settings	149
MST Configuration Identification	150
STP Instance	152
MSTP Port Information	152
ERPS (G.8032)	153
ERPS	153
ERPS Profile	156
Loopback Detection	157
Link Aggregation	159
L2 Multicast Control	162
IGMP Snooping	162
IGMP Snooping Settings	162
IGMP Snooping Groups Settings	165
IGMP Snooping Mrouter Settings	166
IGMP Snooping Statistics Settings	167
MLD Snooping	168
MLD Snooping Settings	169
MLD Snooping Groups Settings	171
MLD Snooping Mrouter Settings	172
MLD Snooping Statistics Settings	173
Multicast Filtering	174
LLDP	175
LLDP Global Settings	175
LLDP Port Settings	177
LLDP Management Address List	178
LLDP Basic TLVs Settings	178
LLDP Dot1 TLVs Settings	180
LLDP Dot3 TLVs Settings	181
LLDP-MED Port Settings	182
LLDP Statistics Information	183
LLDP Local Port Information	184
LLDP Neighbor Port Information	185
6. Layer 3 Features	187
ARP	187
ARP Aging Time	187
Static ARP	188
Proxy ARP	188
ARP Table	189
Gratuitous ARP	190
UDP Helper	191
IP Forward Protocol	191
IP Helper Address	191
IPv4 Interface	192
IPv4 Static/Default Route	194
IPv4 Route Table	195
IPv6 Interface	196
IPv6 Neighbor	200
IPv6 Static/Default Route	200
IPv6 Route Table	201
IPMC	202
IP Multicast Global Settings	202
IP Multicast Forwarding Cache	202
7. Quality of Service (QoS)	203
Basic Settings	203
Port Default CoS	203
Port Scheduler Method	204
Queue Settings	205
CoS to Queue Mapping	206
Port Rate Limiting	207
Queue Rate Limiting	208
Advanced Settings	209
DSCP Mutation Map	209
Port Trust State and Mutation Binding	210
DSCP CoS Mapping	211
CoS Color Mapping	212
DSCP Color Mapping	213
Class Map	214
Aggregate Policer	215
Policy Map	218
Policy Binding	221
8. Access Control List (ACL)	222
ACL Configuration Wizard	222
ACL Access List	241
Standard IP ACL	242
Extended IP ACL	245
Standard IPv6 ACL	254
Extended IPv6 ACL	258
Extended MAC ACL	266
Extended Expert ACL	270
ACL Interface Access Group	282
ACL VLAN Access Map	283
ACL VLAN Filter	284
9. Security	286
Port Security	286
Port Security Global Settings	286
Port Security Port Settings	287
Port Security Address Entries	288
802.1X	289
802.1X Global Settings	293
802.1X Port Settings	294
Authentication Session Information	295
Authenticator Statistics	296
Authenticator Session Statistics	296
Authenticator Diagnostics	297
AAA	297
AAA Global Settings	297
Application Authentication Settings	298
Application Accounting Settings	298
Authentication Settings	299
Accounting Settings	301
Server RADIUS Dynamic Author Settings	303
RADIUS	304
RADIUS Global Settings	304
RADIUS Server Settings	305
RADIUS Group Server Settings	306
RADIUS Statistic	307
TACACS+	308
TACACS+ Global Settings	308
TACACS+ Server Settings	309
TACACS+ Group Server Settings	310
TACACS+ Statistic	311
IMPB	311
IPv4	312
DHCPv4 Snooping	312
DHCP Snooping Global Settings	312
DHCP Snooping Port Settings	313
DHCP Snooping VLAN Settings	314
DHCP Snooping Database	314
DHCP Snooping Binding Entry	315
Dynamic ARP Inspection	316
ARP Access List	316
ARP Inspection Settings	317
ARP Inspection Port Settings	319
ARP Inspection VLAN	320
ARP Inspection Statistics	320
ARP Inspection Log	321
IP Source Guard	321
IP Source Guard Port Settings	321
IP Source Guard Binding	322
IP Source Guard HW Entry	323
Advanced Settings	324
IP-MAC-Port Binding Settings	324
IP-MAC-Port Binding Blocked Entry	325
IPv6	326
IPv6 Snooping	326
IPv6 ND Inspection	327
IPv6 RA Guard	328
IPv6 DHCP Guard	328
IPv6 Source Guard	329
IPv6 Source Guard Settings	329
IPv6 Neighbor Binding	330
DHCP Server Screening	331
DHCP Server Screening Global Settings	331
DHCP Server Screening Port Settings	332
ARP Spoofing Prevention	333
BPDU Attack Protection	334
MAC Authentication	335
Web-based Access Control	336
Web Authentication	338
WAC Port Settings	339
WAC Customize Page	340
Japanese Web-based Access Control	341
JWAC Global Settings	341
JWAC Port Settings	343
JWAC Customize Page Language	344
JWAC Customize Page	345
Network Access Authentication	346
Guest VLAN	346
Network Access Authentication Global Settings	347
Network Access Authentication Port Settings	349
Network Access Authentication Sessions Information	350
Safeguard Engine	351
Safeguard Engine Settings	352
CPU Protect Counters	353
CPU Protect Sub-Interface	353
CPU Protect Type	354
Trusted Host	355
Traffic Segmentation Settings	355
Storm Control Settings	357
DoS Attack Prevention Settings	359
SSH	360
SSH Global Settings	361
Host Key	362
SSH Server Connection	362
SSH User Settings	363
SSL	363
SSL Global Settings	364
Crypto PKI Trustpoint	365
SSL Service Policy	366
Network Protocol Port Protection Settings	367
10. OAM	368
Cable Diagnostics	368
DDM	368
DDM Settings	369
DDM Temperature Threshold Settings	370
DDM Voltage Threshold Settings	370
DDM Bias Current Threshold Settings	371
DDM TX Power Threshold Settings	372
DDM RX Power Threshold Settings	372
DDM Status Table	373
11. Monitoring	374
Utilization	374
Port Utilization	374
Statistics	375
Port	375
Port Counters	377
Counters	378
Mirror Settings	379
sFlow	381
sFlow Agent Information	381
sFlow Receiver Settings	382
sFlow Sampler Settings	383
sFlow Poller Settings	384
Device Environment	384
12. Green	385
Power Saving	385
EEE	387
13. Toolbar	388
Save	388
Save Configuration	388
Tools	388
Firmware Upgrade & Backup	388
Firmware Upgrade from HTTP	388
Firmware Upgrade from TFTP	389
Firmware Backup to HTTP	389
Firmware Backup to TFTP	390
Configuration Restore & Backup	391
Configuration Restore from HTTP	391
Configuration Restore from TFTP	391
Configuration Backup to HTTP	392
Configuration Backup to TFTP	393
Log Backup	393
Log Backup to HTTP	393
Log Backup to TFTP	394
Ping	395
Trace Route	397
Language Management	399
Reset	399
Reboot System	400
Wizard	400
Online Help	400
D-Link Support Site	400
User Guide	400
Surveillance Mode	401
Logout	401
14. Surveillance Mode	402
Surveillance Overview	402
Surveillance Topology	402
Device Information	406
Port Information	407
Group Details	408
IP-Camera Information	409
NVR Information	410
PoE Information	412
PoE Scheduling	413
Management	414
File System	414
Time	416
Clock Settings	416
SNTP Settings	417
Surveillance Settings	418
Surveillance Log	419
Health Diagnostic	420
Toolbar	421
Wizard	421
Tools	421
Firmware Upgrade & Backup	421
Firmware Upgrade from HTTP	421
Firmware Backup to HTTP	422
Configuration Restore & Backup	422
Configuration Restore from HTTP	422
Configuration Backup to HTTP	423
Language Management	423
Reset	424
Reboot System	424
Save	425
Save Configuration	425
Help	425
Online Help	426
D-Link Support Site	426
User Guide	426
Standard Mode	426
Logout	426
Appendix A - System Log Entries	427
802.1X	427
AAA	427
ARP Spoofing Prevention	430
Auto Save Configuration	430
Auto Surveillance VLAN	430
BPDU Attack Protection	431
Configuration/Firmware	431
DAI	434
DDM	435
DHCPv6 Client	435
DHCPv6 Relay	436
DNS Resolver	437
DoS Prevention	437
ErrDisable	437
Interface	438
JWAC	438
LACP	439
LBD	439
LLDP-MED	440
Login/Logout CLI	441
MAC-based Access Control	443
MSTP Debug Enhancement	444
Peripheral	446
PoE	447
Port Security	448
Safeguard	448
SNMP	448
SSH	448
Stacking	448
Storm Control	450
System Log Summary	450
Telnet	451
Voice-VLAN	451
Web	452
Web-Authentication	453
Appendix B - Trap Entries	454
802.1X	454
Authentication Fail	454
BPDU Attack Protection	454
DDM	454
DHCP Server Screen Prevention	455
DoS Prevention	455
ErrDisable	455
General Management	456
Gratuitous ARP Function	456
IMPB	456
LACP	456
LBD	457

Match case Limit results 1 per page

DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide

340

Parameter

Description

Protocol

Select the protocol option used here. Options to choose from are

MAC

WAC

JWAC

, and

DOT1X

Click the

Apply

button to accept the changes made.

Click the

Clear by Port

button to the clear the information based on the port selected.

Click the

Clear by MAC

button to the clear the information based on the MAC address entered.

Click the

Clear by Protocol

button to the clear the information based on the protocol selected.

Click the

Clear All

button to clear all the information in this table.

Click the

Find

button to locate a specific entry based on the information entered.

Click the

View All

button to locate and display all the entries.

Safeguard Engine

Periodically, malicious hosts on the network will attack the Switch by utilizing packet flooding (ARP

Storm) or other methods. These attacks may increase the switch’s CPU load beyond its capability. To

alleviate this problem, the Safeguard Engine function was added to the Switch’s software.

The Safeguard Engine can help the overall operability of the Switch by minimizing the workload of the

Switch while the attack is ongoing, thus making it capable to forward essential packets over its

network in a limited bandwidth.

If the CPU load rises above the rising threshold value, the Safeguard Engine function will be activated

and the Switch will enter the exhausted mode. In the exhausted mode, the Switch will limit the

bandwidth available for ARP and broadcast IP packets. If the CPU load falls below the falling

threshold value, the Safeguard Engine will be deactivated and the Switch will exit the exhausted mode

and enter the normal mode.

Packets that are destined to the CPU can be classified into three groups. These groups, otherwise

known as sub-interfaces, are logical interfaces that the CPU will use to identify certain types of traffic.

The three groups are

Protocol

Manage

, and

Route

. Generally, the

Protocol

group should receive

the highest priority when the Switch’s CPU processes received packets and the

Route

group should

receive the lowest priority as the Switch’s CPU usually does get involved in the processing of routing

packets. In the

Protocol

group, packets are protocol control packets identified by the router. In the

Manage

group, packets are destined to any router or system network management interface by

means of interactive access protocols, like Telnet and SSH. In the

Route

group, packets are identified

as traversing routing packets that is generally processed by the router CPU.

In the following table a list of supported protocols are displayed with their respective sub-interfaces

(groups):

Protocol Name

Sub-interface (Group)

Description

802.1X

Protocol

Port-based Network Access Control

ARP

Protocol

Address resolution Protocol (ARP)

DHCP

Protocol

Dynamic Host Configuration Protocol

DNS

Protocol

Domain Name System

GVRP

Protocol

GARP VLAN Registration Protocol

ICMPv4

Protocol

Internet Control Message Protocol

ICMPv6-Neighbor

Protocol

IPv6 Internet Control Message Protocol Neighbor

Discovery Protocol (NS/NA/RS/RA)

ICMPv6-Other

Protocol

IPv6 Internet Control Message Protocol except

Neighbor Discovery Protocol (NS/NA/RS/RA)

IGMP

Protocol

Internet Group Management Protocol

LACP

Protocol

Link Aggregation Control Protocol