Home » D-Link Manuals » Hubs & Switches » D-Link DGS-3426P » Manual Viewer

D-Link DGS-3426P Product Manual - Page 405

Configuration, Table 6. Chunk and Packet Offset

UPC - 790069291982

Add to My Manuals
Save this manual to your list of manuals

Page 405 highlights

xStack® DGS-3400 Series Layer 2 Gigabit Ethernet Managed Switch Configuration The configuration logic is as follows: 1. Only if the ARP matches Source MAC address in Ethernet, Sender MAC address and Sender IP address in ARP protocol can pass through the switch. (In this example, it is the gateway's ARP.) 2. The switch will deny all other ARP packets which claim they are from the gateway's IP. The design of Packet Content ACL on the Switch enables users to inspect any offset chunk. An offset chunk is a 4-byte block in a HEX format, which is utilized to match the individual field in an Ethernet frame. Each profile is allowed to contain up to a maximum of four offset chunks. Furthermore, only one single profile of Packet Content ACL can be supported per switch. In other words, up to 16 bytes of total offset chunks can be applied to each profile and a switch. Therefore, a careful consideration is needed for planning and configuration of the valuable offset chunks. In Table 6, you will notice that the Offset_Chunk0 starts from the 127th byte and ends at the 128th byte. It also can be found that the offset chunk is scratched from 1 but not zero. Table 6. Chunk and Packet Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Chunk Chunk0 Chunk1 Chunk2 Chunk3 Chunk4 Chunk5 Chunk6 Chunk7 Chunk8 Chunk9 Chunk10 Chunk11 Chunk12 Chunk13 Chunk14 Chunk15 Byte 127 3 7 11 15 19 23 27 31 35 39 43 47 51 55 59 Byte 128 4 8 12 16 20 24 28 32 36 40 44 48 52 56 60 Byte 1 5 9 13 17 21 25 29 33 37 41 45 49 53 57 61 Byte 2 6 10 14 18 22 26 30 34 38 42 46 50 54 58 62 Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Offset Chunk Chunk16 Chunk17 Chunk18 Chunk19 Chunk20 Chunk21 Chunk22 Chunk23 Chunk24 Chunk25 Chunk26 Chunk27 Chunk28 Chunk29 Chunk30 Chunk31 Byte 63 67 71 75 79 83 87 91 95 99 103 107 111 115 119 123 Byte 64 68 72 76 80 84 88 92 96 100 104 108 112 116 120 124 Byte 65 69 73 77 81 85 89 93 97 101 105 109 113 117 121 125 Byte 66 70 74 78 82 86 90 94 98 102 106 110 114 118 122 126 The following table indicates a completed ARP packet contained in Ethernet frame which is the pattern for the calculation of packet offset. Table 7. A Completed ARP Packet Contained in an Ethernet Frame Ethernet Header ARP Destination Address Source Address Ethernet Type H/W Type Protocol H/W Protocol Operation Sender Sender Protocol Target Target Type Address Address H/W Address H/W Protocol Length Length Address Address Address (6-byte) (6-byte) (2-byte) (2-byte) (2-byte) (1-byte) (1-byte) (2-byte) (6-byte) (4-byte) (6-byte) (4-byte) 01 02 03 04 05 06 0806 0a5a5a5a (10.90.90.90) 396

Section	Page
Table of Contents	3
Intended Readers	9
Typographical Conventions	9
Notes, Notices, and Cautions	9
Web-based Switch Configuration	10
Introduction	10
Logging in to the Web Manager	10
Web-based User Interface	10
Web Pages	10
Introduction	10
Logging in to the Web Manager	10
Web-based User Interface	11
Areas of the User Interface	11
Area 2	11
Area 1	11
Area 3	11
Web Pages	12
Administration	13
DGS-3400 Web Management Tool	13
IP Address	13
Interface Settings	13
Stacking	13
Port Configuration	13
User Accounts	13
Password Encryption	13
Mirror	13
System Log	13
System Severity Settings	13
Command Logging Settings	13
SNTP Settings	13
MAC Notification Settings	13
TFTP Services	13
Multiple Image Services	13
RCP	13
Ping Test	13
IPv6 Neighbor	13
Route Redistribution Settings	13
Static/Default Route Settings	13
Route Preference Settings	13
Gratuitous ARP Settings	13
Static ARP Settings	13
DHCP Auto Configuration Settings	13
DHCP/BOOTP Relay	13
DHCP/BOOTP Local Relay Settings	13
DHCPv6 Relay	13
DHCP Server	13
DHCPv6 Server	13
Filter DHCP Server	13
Layer 2 Protocol Tunneling Settings	13
RSPAN	13
DNS Relay	13
DNS Resolver	13
SNMP Manager	13
Trap Source Interface Settings	13
PoE	13
sFlow	14
IP Multicast VLAN Replication	14
Single IP Management (SIM) Overview	14
RIP	14
IP Tunnel Settings	14
Device Information	14
IPv6	16
Overview	16
Packet Format	18
IPv6 Header	18
Extension Headers	19
Packet Fragmentation	19
Address Format	19
Types	20
ICMPv6	21
Neighbor Discovery	21
Neighbor Unreachability Detection	21
Duplicate Address Detection (DAD)	22
Assigning IP Addresses	22
IP Interface Setup	22
IP Address	23
Setting the Switch's IP Address using the Console Interface	24
Interface Settings	25
IPv4 Interface Settings	25
IPv6 Interface Settings	27
Stacking	30
Stack Switch Swapping	32
Stacking Mode Settings	32
Force Master Role Settings	33
Box Information	33
Port Configuration	34
Port Configuration	34
Port Error Disabled	35
Port Description	36
Port Auto Negotiation Information	37
Port Details	38
Port Media Type	39
Cable Diagnostics	40
User Accounts	41
Password Encryption	42
Mirror	43
Port Mirror Global Settings	43
Port Mirror Settings	43
Mirroring within the Switch Stack	45
System Log	45
System Log Host	45
System Log Save Mode Settings	47
System Log Source Interface Settings	48
System Severity Settings	48
Command Logging Settings	49
SNTP Settings	49
Time Settings	49
Time Zone and DST	50
MAC Notification Settings	53
TFTP Services	53
Global Settings	53
Port Settings	53
Multiple Image Services	55
Firmware Information	55
Config Firmware Image	56
RCP	57
RCP Server Settings	57
RCP Services	58
Ping Test	59
IPv4 Ping Test	59
IPv6 Ping Test	60
IPv6 Neighbor	61
IPv6 Neighbor Settings	61
Route Redistribution Settings	62
Static/Default Route Settings	63
IPv4 Static/Default Route Settings	63
IPv6 Static/Default Route Settings	65
Route Preference Settings	66
Gratuitous ARP Settings	67
Static ARP Settings	68
DHCP Auto Configuration Settings	69
DHCP/BOOTP Relay	69
DHCP / BOOTP Relay Global Settings	69
The Implementation of DHCP Information Option 82	72
DHCP/BOOTP Relay Interface Settings	73
DHCP Relay Option 60 Default Settings	73
DHCP Relay Option 60 Settings	74
DHCP Relay Option 61 Default Settings	75
DHCP Relay Option 61 Settings	75
DHCP/BOOTP Local Relay Settings	76
DHCPv6 Relay	77
DHCPv6 Relay Global Settings	77
DHCPv6 Relay Interface Settings	77
DHCP Server	79
DHCP Server Global Settings	79
DHCP Server Exclude Address Settings	80
DHCP Server Pool Settings	80
DHCP Server Dynamic Binding	83
DHCP Server Manual Binding	84
DHCPv6 Server	85
DHCPv6 Server Global Settings	85
DHCPv6 Server Pool Settings	86
DHCPv6 Server Manual Binding Settings	87
DHCPv6 Server Dynamic Binding Settings	88
DHCPv6 Server Interface Settings	89
DHCPv6 Server Excluded Address Settings	90
Filter DHCP Server	91
Filter DHCP Server Global Settings	91
Filter DHCP Server Port Settings	92
Layer 2 Protocol Tunneling Settings	93
RSPAN	94
RSPAN State Settings	94
RSPAN Settings	95
DNS Relay	97
Mapping Domain Names to Addresses	97
Domain Name Resolution	97
DNS Relay Global Settings	98
DNS Relay Static Settings	98
DNS Resolver	99
DNS Resolver Global Settings	99
DNS Resolver Static Name Server Settings	99
DNS Resolver Dynamic Name Server Table	100
DNS Resolver Static Host Name Settings	100
DNS Resolver Dynamic Host Name Table	101
SNMP Manager	102
SNMP Settings	102
Traps	102
MIBs	102
SNMP Trap Settings	103
SNMP User Table	104
SNMP View Table	106
SNMP Group Table	107
SNMP Community Table	108
SNMP Host Table	109
SNMP Engine ID	111
Trap Source Interface Settings	111
PoE	112
PoE System Settings	112
PoE Port Settings	114
sFlow	116
sFlow Global Settings	117
sFlow Analyzer Settings	117
sFlow Sampler Settings	119
sFlow Poller Settings	121
IP Multicast VLAN Replication	123
IP Multicast VLAN Replication Global Settings	123
IP Multicast VLAN Replication Settings	124
Single IP Management (SIM) Overview	127
The Upgrade to v1.61	128
Single IP vs. Switch Stacking	129
SIM Settings	129
Topology	130
Tool Tips	133
Right-click	135
Group Icon	135
Commander Switch Icon	136
Member Switch Icon	136
Candidate Switch Icon	136
Menu Bar	137
File	137
Group	137
Device	137
View	137
Help	138
Firmware Upgrade	138
Configuration Backup/Restore	138
Upload Log	139
RIP	139
RIP Version 1 Message Format	140
RIP Command Codes	140
RIP 1 Message	140
RIP 1 Route Interpretation	140
RIP Version 2 Extensions	140
RIP2 Message Format	140
RIP	140
RIP Global Settings	141
RIP Interface Settings	141
RIPng	142
RIPng Global Settings	142
RIPng Interface Settings	143
IP Tunnel Settings	144
L2 Features	146
VLANs	146
Trunking	146
IGMP Snooping	146
MLD Snooping	146
Loop-back Detection Global Settings	146
Spanning Tree	146
Forwarding & Filtering	146
LLDP	146
Q-in-Q	146
ERPS	146
DULD Settings	146
NLB Multicast FDB Settings	146
VLANs	146
VLAN Description	146
Notes about VLANs on the DGS-3400 Series	146
IEEE 802.1Q VLANs	146
802.1Q VLAN Tags	148
Port VLAN ID	149
Tagging and Untagging	150
Ingress Filtering	150
Default VLANs	150
Port-based VLANs	151
VLAN Segmentation	151
VLAN and Trunk Groups	151
Protocol VLANs	151
Static VLAN Entry	151
VLAN Trunk	153
GVRP Settings	155
Double VLANs	156
Regulations for Double VLANs	157
Double VLAN Settings	158
PVID Auto Assign	160
MAC-based VLAN Settings	161
Protocol VLAN	161
Protocol VLAN Group Settings	162
Protocol VLAN Port Settings	163
Subnet VLAN	164
Subnet VLAN Settings	165
VLAN Precedence Settings	165
Trunking	167
Understanding Port Trunk Groups	167
Link Aggregation	168
LACP Port Settings	171
IGMP Snooping	173
IGMP Snooping Settings	173
Router Port Settings	175
IGMP Snooping Static Group Settings	177
ISM VLAN Settings	178
Restrictions and Provisos	179
Limited IP Multicast Address Range Settings	181
MLD Snooping	183
MLD Control Messages	183
MLD Snooping Settings	183
MLD Router Port Settings	186
Loop-back Detection Global Settings	188
Spanning Tree	190
802.1Q-2005 MSTP	190
802.1D-2004 Rapid Spanning Tree	190
Port Transition States	191
Edge Port	191
P2P Port	191
802.1D-1998/802.1D-2004/802.1Q-2005 Compatibility	191
STP Bridge Global Settings	192
MST Configuration Identification	194
MSTP Port Information	197
STP Instance Settings	199
STP Port Settings	200
Forwarding & Filtering	202
Unicast Forwarding	202
Multicast Forwarding	202
Multicast Filtering Mode	203
LLDP	204
LLDP Global Settings	205
Basic LLDP Port Settings	206
802.1 Extension LLDP Port Settings	207
802.3 Extension LLDP Port Settings	209
LLDP Management Address Settings	211
LLDP Statistics	213
LLDP Management Address Table	214
LLDP Local Port Table	214
LLDP Remote Port Table	217
Q-in-Q	219
Q-in-Q Settings	219
VLAN Translation Settings	220
ERPS	221
ERPS Global Settings	221
ERPS RAPS VLAN Settings	222
DULD Settings	225
NLB Multicast FDB Settings	227
QoS	229
802.1p Settings	229
Bandwidth Control	229
HOL Prevention Settings	229
Schedule Settings	229
QoS	229
The Advantages of QoS	229
Understanding QoS	230
Understanding IEEE 802.1p Priority	232
802.1p Settings	232
802.1p Default Priority Settings	233
802.1p User Priority Settings	234
Bandwidth Control	235
Bandwidth Control Settings	235
Per Queue Bandwidth Control Settings	237
HOL Prevention Settings	239
Schedule Settings	239
QoS Output Scheduling Settings	239
Configuring the Combination Queue	241
QoS Scheduling Mechanism Settings	241
ACL (Access Control List)	244
Time Range	244
Access Profile Table	244
ACL Flow Meter	244
CPU Interface Filtering	244
Time Range	244
Access Profile Table	245
ACL Flow Meter	263
CPU Interface Filtering	267
CPU Interface Filtering State	267
CPU Interface Filtering Table	268
Security	284
Authorization Attributes State Settings	284
Traffic Control	284
Port Security	284
IP-MAC-Port Binding	284
802.1X	284
Web-based Access Control (WAC)	284
Trust Host	284
BPDU Attack Protection Settings	284
ARP Spoofing Prevention Settings	284
Access Authentication Control	284
MAC-based Access Control (MAC)	284
Safeguard Engine	284
Traffic Segmentation	284
Secure Socket Layer (SSL)	284
Secure Shell (SSH)	284
Compound Authentication	284
Japanese Web-based Access Control (JWAC)	284
Authorization Attributes State Settings	284
Traffic Control	285
Port Security	287
Port Security Settings	287
Port Security Entries	288
IP-MAC-Port Binding	289
IMPB Global Settings	291
IMPB Port Settings	292
IMPB Entry Settings	294
DHCP Snoop Entries	295
MAC Block List	296
ND Snoop Entries	296
802.1X	297
802.1X Port-based and Host-based Access Control	297
Authentication Server	297
Authenticator	298
Client	298
Authentication Process	299
Understanding 802.1X Port-based and MAC-based Network Access Control	299
Port-based Network Access Control	300
MAC-Based Network Access Control	301
Guest VLANs	302
Limitations Using the Guest VLAN	302
802.1X Port Settings	302
Guest VLAN Settings	305
Authentication RADIUS Server Settings	306
802.1X User Settings	307
Initialize Port(s)	308
Reauthenticate Port(s)	309
Web-based Access Control (WAC)	311
Conditions and Limitations	311
WAC Global Settings	312
WAC Port Settings	313
WAC User Account	315
WAC Authentication State	316
Trust Host	317
BPDU Attack Protection Settings	319
ARP Spoofing Prevention Settings	320
Access Authentication Control	321
Authentication Policy and Parameter Settings	323
Application's Authentication Settings	323
Authentication Server Group	324
Authentication Server Host	325
Login Method Lists	327
Enable Method Lists	328
Configure Local Enable Password	330
Enable Admin	331
RADIUS Accounting Settings	332
MAC-based Access Control (MAC)	334
Notes about MAC-based Access Control	334
MAC-based Access Control Global Settings	334
MAC-based Access Control Local MAC Settings	337
Safeguard Engine	338
Safeguard Engine Settings	339
Traffic Segmentation	340
Secure Socket Layer (SSL)	341
SSL	342
Secure Shell (SSH)	343
SSH Server Configuration	344
SSH Authentication Mode and Algorithm Settings	345
SSH User Authentication Mode	347
Compound Authentication	348
Any (MAC, 802.1X, WAC or JWAC) Mode	348
802.1X + IMPB Mode	349
IMPB + JWAC Mode	349
Compound Authentication Global Settings	349
Compound Authentication Settings	350
Authentication Guest VLAN Settings	352
Japanese Web-based Access Control (JWAC)	353
JWAC Global Settings	353
JWAC Port Settings	356
JWAC User Account	359
JWAC Authentication State	360
JWAC Customize Page Language Settings	361
JWAC Customize Page	362
Monitoring	363
Device Status	363
Stacking Information	363
Stacking Device	363
Module Information	363
DRAM & Flash Utilization	363
CPU Utilization	363
Port Utilization	363
Packets	363
Errors	363
Packet Size	363
Browse Router Port	363
Browse MLD Router Port	363
VLAN Status	363
VLAN Status Port	363
Port Access Control	363
MAC Address Table	363
IGMP Snooping Group	363
IGMP Snooping Data Driven Group	363
MLD Snooping Group	363
MLD Snooping Data Driven Group	363
Trace Route	363
Switch Logs	363
Browse ARP Table	363
Session Table	363
IP Forwarding Table	363
Routing Table	363
MAC-based Access Control Authentication Status	363
Device Status	363
Stacking Information	364
Stacking Device	365
Module Information	365
DRAM & Flash Utilization	366
CPU Utilization	367
Port Utilization	368
Packets	369
Received (RX)	369
UMB Cast (RX)	371
Transmitted (TX)	373
Errors	375
Received (RX)	375
Transmitted (TX)	377
Packet Size	379
Browse Router Port	381
Browse MLD Router Port	382
VLAN Status	382
VLAN Status Port	383
Port Access Control	383
Authenticator State	383
Authenticator Statistics	384
Authenticator Session Statistics	384
Authenticator Diagnostics	385
RADIUS Authentication	385
RADIUS Account Client	385
MAC Address Table	387

Match case Limit results 1 per page

xStack

DGS-3400 Series Layer 2 Gigabit Ethernet Managed Switch

396

Configuration

The configuration logic is as follows:

Only if the ARP matches Source MAC address in Ethernet, Sender MAC address and Sender IP address in ARP protocol can

pass through the switch. (In this example, it is the gateway’s ARP.)

The switch will deny all other ARP packets which claim they are from the gateway’s IP.

The design of Packet Content ACL on the Switch enables users to inspect any offset chunk. An offset chunk is a 4-byte block in a

HEX format, which is utilized to match the individual field in an Ethernet frame. Each profile is allowed to contain up to a

maximum of four offset chunks. Furthermore, only one single profile of Packet Content ACL can be supported per switch. In

other words, up to 16 bytes of total offset chunks can be applied to each profile and a switch. Therefore, a careful consideration is

needed for planning and configuration of the valuable offset chunks.

In Table 6, you will notice that the Offset_Chunk0 starts from the 127

byte and ends at the 128

byte. It also can be found that

the offset chunk is scratched from

1 but not zero.

Table 6. Chunk and Packet Offset

Offset

Chunk

Offset

Chunk0

Offset

Chunk1

Offset

Chunk2

Offset

Chunk3

Offset

Chunk4

Offset

Chunk5

Offset

Chunk6

Offset

Chunk7

Offset

Chunk8

Offset

Chunk9

Offset

Chunk10

Offset

Chunk11

Offset

Chunk12

Offset

Chunk13

Offset

Chunk14

Offset

Chunk15

Byte

127

Byte

128

Byte

Offset

Chunk

Offset

Chunk16

Offset

Chunk17

Offset

Chunk18

Offset

Chunk19

Offset

Chunk20

Offset

Chunk21

Offset

Chunk22

Offset

Chunk23

Offset

Chunk24

Offset

Chunk25

Offset

Chunk26

Offset

Chunk27

Offset

Chunk28

Offset

Chunk29

Offset

Chunk30

Offset

Chunk31

Byte

103

107

111

115

119

123

Byte

100

104

108

112

116

120

124

Byte

101

105

109

113

117

121

125

Byte

102

106

110

114

118

122

126

The following table indicates a completed ARP packet contained in Ethernet frame which is the pattern for the calculation of

packet offset.

Table 7. A Completed ARP Packet Contained in an Ethernet Frame

Destination

Address

Source Address

Ethernet

Type

H/W

Type

Protocol

Type

H/W

Address

Length

Protocol

Address

Length

Operation

Sender

H/W

Address

Sender Protocol

Address

Target

H/W

Address

Target

Protocol

Address

(6-byte)

(2-byte)

(1-byte)

(2-byte)

(6-byte)

(4-byte)

(6-byte)

(4-byte)

01 02 03 04 05 06

0806

0a5a5a5a

(10.90.90.90)

Ethernet Header

ARP