D-Link DGS-6600 Series Configuration Guide
D-Link DGS-6600 Series Manual
![]() |
View all D-Link DGS-6600 Series manuals
Add to My Manuals
Save this manual to your list of manuals |
D-Link DGS-6600 Series manual content summary:
- D-Link DGS-6600 Series | Configuration Guide - Page 1
DGS-6600 Configuration Guide Ver. 1.00 DGS-6600 Configuration Guide i - D-Link DGS-6600 Series | Configuration Guide - Page 2
the marks and names or their products. DLink Corporation disclaims any proprietary interest in trademarks and trade names other than its own. DGS-6600 Configuration Guide ii - D-Link DGS-6600 Series | Configuration Guide - Page 3
be used when referring to the DGS-6600. This Configuration Guide is intended for network managers and individuals familiar with network the Switch console window. The commands must be typed exactly as printed in the manual. This is used in the CLI examples to indicate the parameters in a CLI - D-Link DGS-6600 Series | Configuration Guide - Page 4
Below are examples of the 3 types of indicators used in this manual. When configuring your switch using the information in this document, you should loss of data and tells you how to avoid the problem CAUTION: A CAUTION indicates a potential for property damage, personal injury, or death. - D-Link DGS-6600 Series | Configuration Guide - Page 5
18 An Introduction to the DGS-6600 Series Switch 18 Components and Hardware 19 Chassis 20 Module Plug-in Frame 20 Module List 21 Supported User Interfaces 24 Chapter 2-Quick Start 25 Chapter Overview 25 An Introduction to Quickly Setting Up the DGS-6600 Series Switch. . . . . .25 Preparation - D-Link DGS-6600 Series | Configuration Guide - Page 6
Using a Telnet Connection 54 Enabling the Telnet Service 55 Configuring the Telnet Service Port 55 Specifying Telnet Terminals 55 Displaying Trusted Host An Introduction to Time Configuration 68 Configuration Commands 68 Manual Configuration of Time 68 Automatic Configuration of Time 69 - D-Link DGS-6600 Series | Configuration Guide - Page 7
Part 2- Interface and Hardware Configurations Chapter 9-Interface Configuration 75 Chapter Overview 75 An Introduction to Interface Configuration 76 Identification of an Interface 76 Switch Port Interface 76 Port Channel Interface 76 VLAN Interface 76 Out-of-Band (OOB) Management Port - D-Link DGS-6600 Series | Configuration Guide - Page 8
VLAN Encapsulation 100 VLAN Remarking 101 CoS Remarking 101 Packet Forwarding Flow 101 UNI to NNI or UNI to UNI Forwarding 102 NNI to UNI or NNI to NNI Forwarding 104 VLAN Tunneling Configuration Commands 107 Configuration Examples 112 QinQ Configuration Example 112 List of Constants and - D-Link DGS-6600 Series | Configuration Guide - Page 9
Chapter Overview 166 An Introduction to Proxy ARP 166 Operation Concept 166 Parameters 166 Per Interface parameter 167 Sanity checks for ARP request 167 Acceptable route 167 Proxy ARP Configuration Commands 167 Chapter 17-Super VLAN 169 Chapter Overview 169 An Introduction to Super VLAN - D-Link DGS-6600 Series | Configuration Guide - Page 10
Chapter 22-Routing Information Protocol (RIP 204 Chapter Overview 204 An Introduction to RIP 204 RIP Configuration Commands 205 Configuration Examples 213 RIP Configuration Example 213 List of Constants and Default Settings 216 Chapter 23-Open Shortest Path First (OSPF 217 Chapter Overview - D-Link DGS-6600 Series | Configuration Guide - Page 11
285 An Introduction to IPv6 Tunneling 285 Operation concept 285 IPv6 Tunneling Configuration Commands 287 Configuration Examples 287 IPv6 tunneling manual Configuration Example 287 IPv6 tunneling 6to4 Configuration Example 289 IPv6 tunneling ISATAP Configuration Example 291 Chapter 30-Border - D-Link DGS-6600 Series | Configuration Guide - Page 12
375 Configuration Examples 377 MPLS - VPLS Configuration Example 377 Configuration Restrictions and Constants 381 Part 6- Quality of Service (QoS) Chapter 36-Quality of Service (QoS 383 Chapter Overview 383 An Introduction to QoS 383 Policing and Color Markers 384 QoS Configuration Commands - D-Link DGS-6600 Series | Configuration Guide - Page 13
Configuration Overview 415 ACL Configuration Commands 417 Configuring Access Control Lists 418 Applying Access Control Lists to Interfaces 423 Configuration Examples 425 ACL Configuration Example 425 List of Constants and Default Settings 427 Chapter 39-Authentication, Authorization and - D-Link DGS-6600 Series | Configuration Guide - Page 14
462 DHCP Server Screening Default Settings 463 DHCP Server Screening Limitation 463 Chapter 44-DHCP Snooping Configuration 464 Chapter Overview 464 An Introduction to DHCP Snooping 464 DHCP Operation concept 465 DHCP Snooping Configuration Commands 465 Chapter 45-Port Security 469 Chapter - D-Link DGS-6600 Series | Configuration Guide - Page 15
PING operation 487 Behavior under multi-netting 487 DHCP server and DHCP relay agent global mode 488 High availability in DHCP server 488 DHCP Server Configuration Commands 488 Configuring a DHCP Address Pool 489 Limitations 497 Chapter 50-DHCP Relay Configuration 498 Chapter Overview 498 - D-Link DGS-6600 Series | Configuration Guide - Page 16
Files 564 Managing Image Files 566 Loading Image Files 568 List of Constants and Default Settings 570 Part 12- Troubleshooting Chapter 58-Displaying System Information 572 Chapter Overview 572 An Introduction to Displaying Information 572 Information Categories 572 Displaying System - D-Link DGS-6600 Series | Configuration Guide - Page 17
An Introduction to Port Mirroring 586 Port Mirroring Configuration Commands 586 Configuration Examples 588 Mirror Configuration Example 588 Relations with Other Modules 589 List of Constants and Default Settings 589 Chapter 61-Remote Switching Port Analyzer (RSPAN 590 Chapter Overview 590 An - D-Link DGS-6600 Series | Configuration Guide - Page 18
-48TS I/O Card • DGS-6600-8XG I/O Card • Supported User Interfaces An Introduction to the DGS-6600 Series Switch six line card modules. All of the supported modules are capable of being hot-swapped, a built-in power shelf that is designed to support, depending upon which chassis type is used (DGS - D-Link DGS-6600 Series | Configuration Guide - Page 19
available in a 4slot chassis (DGS-6604) and an 8-slot chassis (DGS-6608). Figure 1-1 DGS-6604 Product Appearance Figure 1-2 DGS-6608 Product Appearance DGS-6600 Configuration Guide 19 - D-Link DGS-6600 Series | Configuration Guide - Page 20
control management module. The other three slots can be used to connect to various line cards. All the modules supported by the DGS-6604 are of the same height, width and depth. The dimensions of each module are a 5. Slots 1-3 to 6-8 are used for line card modules. DGS-6600 Configuration Guide 20 - D-Link DGS-6600 Series | Configuration Guide - Page 21
DGS-6608 DGS-6604/DGS-6608 DGS-6604/DGS-6608 DGS-6604/DGS-6608 DGS-6604 Table 1-1 List of supported modules DGS-6600-CM Figure 1-3 DGS-6600-CM Compact Flash Slot The DGS-6600-CM Control Module has two from the compact flash card is being accessed. Management Port DGS-6600 Configuration Guide 21 - D-Link DGS-6600 Series | Configuration Guide - Page 22
will use the USB connection and automatically disconnect the user who is connected to the Switch via the RS-232 console connection. DGS-6600 Configuration Guide 22 - D-Link DGS-6600 Series | Configuration Guide - Page 23
I/O Card DGS-6600-48P I/O Card Figure 1-5 DGS-6600-24SC2XS DGS-6600-48T I/O Card Figure 1-6 DGS-6600-48P Figure 1-7 DGS-6600-48T I/O Card DGS-6600 Configuration Guide 23 - D-Link DGS-6600 Series | Configuration Guide - Page 24
Figure 1-8 DGS-6600-48S I/O Card DGS-6600-48TS I/O Card Figure 1-9 DGS-6600-48TS I/O Card DGS-6600-8XG I/O Card Figure 1-10 DGS-6600-8XG I/O Card Supported User Interfaces The Switch can be configured using the following methods: • Command-Line Interface • MIB Browser DGS-6600 Configuration - D-Link DGS-6600 Series | Configuration Guide - Page 25
do not meet the specified requirements the equipment may sustain damage. Operating Temperature 0ºC-50ºC Operating Humidity 10%-90% RH non-condensed Table 2-1 DGS-6600 Configuration Guide 25 - D-Link DGS-6600 Series | Configuration Guide - Page 26
the card levers to remove each and all line cards, fan tray, and power modules from the chassis before moving the chassis. DGS-6600 Configuration Guide 26 - D-Link DGS-6600 Series | Configuration Guide - Page 27
that the grounding conditions meet the grounding requirements and all devices are grounded appropriately before using the DGS-6600 series switch. Figure 2-2 DGS-6600 Configuration Guide 27 - D-Link DGS-6600 Series | Configuration Guide - Page 28
connected, they should be arranged into bundles or placed on the cabling rack to prevent the obstruction of air intakes and vents. DGS-6600 Configuration Guide 28 - D-Link DGS-6600 Series | Configuration Guide - Page 29
-6600. Installing Modules in the DGS-6604 & DGS-6608 • Remove the component card or blank panel as instructed in the section Removing Modules from the DGS-6600 • Insert the new module into the guide rail of the vacant slot. • Use the levers on the left and right hand side to push the - D-Link DGS-6600 Series | Configuration Guide - Page 30
the commands to complete your desired tasks. Many commands require administrator-level access privileges. See the Command Line Interface (CLI) Reference Guide on the documentation CD for a list of all commands and additional information using the CLI. Telnet Management Users may also access the - D-Link DGS-6600 Series | Configuration Guide - Page 31
Part 1- Configuration Fundamentals The following chapters are included in this volume: • Command-Line Interface (CLI) • Accessing the Command Line Interface • User Account Configuration • Accessing the Web Interface (Web UI) • Time Configuration • DGS-6600 Default Metric - D-Link DGS-6600 Series | Configuration Guide - Page 32
. • Advanced User- Privilege Level 2. This user account level allowed to use the terminal control interface to enter, some, privileged EXEC mode configurations. DGS-6600 Configuration Guide 32 - D-Link DGS-6600 Series | Configuration Guide - Page 33
administrator user account level can monitor all system information and change any of the system configuration settings expressed in this configuration guide. The command-line interface has three basic command modes: • User EXEC mode • Privileged EXEC mode • Global Configuration mode All other sub - D-Link DGS-6600 Series | Configuration Guide - Page 34
this section. For more information on the additional sub-configuration modes, the user should refer to the chapters relating to these functions. DGS-6600 Configuration Guide 34 - D-Link DGS-6600 Series | Configuration Guide - Page 35
level, except that user EXEC mode at advanced user level is allowed to use the enable command to enter privileged EXEC mode. DGS-6600 Configuration Guide 35 - D-Link DGS-6600 Series | Configuration Guide - Page 36
of 15. Users logged in with this command mode can monitor all system information and change any system configuration settings mentioned in this Configuration Guide. There are two methods that a user can use to enter privileged EXEC mode at administrator level. The first method is to login to the - D-Link DGS-6600 Series | Configuration Guide - Page 37
privileged EXEC mode. The procedures to enter the different sub-configuration modes can be found in the related chapters in this Configuration Guide. The command modes are used to configure the individual functions. Interface Configuration Mode Interface configuration mode is used to configure the - D-Link DGS-6600 Series | Configuration Guide - Page 38
:15# Completes a partial command name. For example: DGS-6600:15#show spa DGS-6600:15#show spanning-tree Table 3-2 Help System DGS-6600 Configuration Guide 38 - D-Link DGS-6600 Series | Configuration Guide - Page 39
Spanning Tree Protocol rstp Rapid Spanning Tree Protocol stp Spanning Tree Protocol(Compatible Mode) DGS-6600:15(config)# Table 3-2 Help System (continued) DGS-6600 Configuration Guide 39 - D-Link DGS-6600 Series | Configuration Guide - Page 40
what arguments match the input (e.g. 'show ve?'.) DGS-6600:2> Editing Features The CLI user interface supports the following keystrokes for editing purposes: Keystroke completes a command. Table 3-3 Editing Features DGS-6600 Configuration Guide 40 - D-Link DGS-6600 Series | Configuration Guide - Page 41
The Switch supports abbreviated command. One function that supports the no command form supports the default option is the ip telnet service-port command. For example, entering the default ip telnet service service-port command is entered in global configuration mode to return the Telnet service - D-Link DGS-6600 Series | Configuration Guide - Page 42
console window, indicating the location of the error. DGS-6600:15(config)#shutdown ^ % Invalid input detected at '^' marker. DGS-6600:15(config)# DGS-6600 Configuration Guide 42 - D-Link DGS-6600 Series | Configuration Guide - Page 43
history buffer: DGS-6600:15#show history 1 enable 2 configure terminal 3 default ip telnet service-port 4 end 5 show history DGS-6600:15# Recalling Commands To recall commands from the history Power User, and 15 indicates an Administrator. Table 3-6 Command Prompts DGS-6600 Configuration Guide 43 - D-Link DGS-6600 Series | Configuration Guide - Page 44
the output of the show command to match a given expression as well as any of lines that are associated with the expression. DGS-6600 Configuration Guide 44 - D-Link DGS-6600 Series | Configuration Guide - Page 45
state change from BLK to LRN for MSTID 0 2 2010-08-26 07:38:06 Interface eth4.43 is up DGS-6600:15# DGS-6600 Configuration Guide 45 - D-Link DGS-6600 Series | Configuration Guide - Page 46
tonight! Make sure you are logged off the network before 18:00. For more information contact the System Administrator on extension: 6716." DGS-6600 Configuration Guide 46 - D-Link DGS-6600 Series | Configuration Guide - Page 47
Connection to a Remote Device The user can establish a connection to a remote device that supports the Telnet protocol: Command telnet {IP-ADDRESS | IPV6-ADDRESS}[TCPPORT] Explanation Establishes a 'Ctrl-_'. Telnet connecting ... User Access Verification Username: DGS-6600 Configuration Guide 47 - D-Link DGS-6600 Series | Configuration Guide - Page 48
, 000180403020, and 0001.8040.3020. The MAC address will always be displayed in the following format: 00-01-80-40-30-20 DGS-6600 Configuration Guide 48 - D-Link DGS-6600 Series | Configuration Guide - Page 49
Strings that Do Not Allow Spaces A-Z a-z 0-9 Encrypted Password An encrypted password should start with *@&. The allowed characters for an encrypted password are: A-Z a-z 0-9 +/ DGS-6600 Configuration Guide 49 - D-Link DGS-6600 Series | Configuration Guide - Page 50
a four-digit year, 0000 through to 9999. MM Used to indicate a two-digit month of the year, 01 through to 12. Table 3-9 DGS-6600 Configuration Guide 50 - D-Link DGS-6600 Series | Configuration Guide - Page 51
usually use seconds or milliseconds time units. The Switch usually abbreviates seconds to sec and milliseconds to msec for unified display formatting. DGS-6600 Configuration Guide 51 - D-Link DGS-6600 Series | Configuration Guide - Page 52
Connection • Accessing the Switch Using a Telnet Connection • Enabling the Telnet Service • Configuring the Telnet Service Port • Specifying Telnet Terminals • Displaying Trusted Host Telnet Terminals • Set the data format to 8 data bits, 1 stop bit, and no parity. DGS-6600 Configuration Guide 52 - D-Link DGS-6600 Series | Configuration Guide - Page 53
High-Speed Switch Command Line Interface Firmware: 3.00.080 Copyright (c) 2012 D-Link Corporation. All rights reserved. DGS-6600:2>enable DGS-6600:15# DGS-6600 Configuration Guide 53 - D-Link DGS-6600 Series | Configuration Guide - Page 54
High-Speed Switch Command Line Interface Firmware: 3.00.080 Copyright (c) 2012 D-Link Corporation. All rights reserved. DGS-6600:2>enable DGS-6600:15# DGS-6600 Configuration Guide 54 - D-Link DGS-6600 Series | Configuration Guide - Page 55
TCP port number for Telnet to be 3000: DGS-6600:15#configure terminal DGS-6600:15(config)#ip telnet service-port 3000 DGS-6600:15(config)#end Specifying Telnet Terminals The user can specify the hosts that are allowed to 10.73.87.3 telnet DGS-6600:15(config)#end DGS-6600 Configuration Guide 55 - D-Link DGS-6600 Series | Configuration Guide - Page 56
, press the to display an additional screen of output, or press the key to display one more line of output. DGS-6600 Configuration Guide 56 - D-Link DGS-6600 Series | Configuration Guide - Page 57
the default keyword saves the setting into the system configuration file for the next switch startup.: DGS-6600:2>terminal width 100 default DGS-6600 Configuration Guide 57 - D-Link DGS-6600 Series | Configuration Guide - Page 58
Name Value Maximum Telnet sessions 8 Local Console Baud Rate 115200 bps Table 4-1 Constants Values Variable Name Default Value Telnet Service Enabled Telnet Service Port TCP 23 Terminal Length 24 lines Terminal Timeout Never Table 4-2 Default Variable Values DGS-6600 Configuration - D-Link DGS-6600 Series | Configuration Guide - Page 59
access-levels. Creating User Accounts with Different Privilege Levels Creating User Accounts The Switch supports user accounts with different access levels. The following access levels can be assigned to user or 15, the user will directly enter privileged EXEC mode. DGS-6600 Configuration Guide 59 - D-Link DGS-6600 Series | Configuration Guide - Page 60
:15#show username Password Encryption : Disabled Username Access Level Password Encrypted dlink 15 *@&fEqNCco3Yq9h5ZUglD3CZJT4LBvRndtZ * admin 15 mypassword Total Entries: 2 DGS-6600:15# DGS-6600 Configuration Guide 60 - D-Link DGS-6600 Series | Configuration Guide - Page 61
will have after entering the password and whether the password will appear in plain-text or encrypted form in the running configuration. DGS-6600 Configuration Guide 61 - D-Link DGS-6600 Series | Configuration Guide - Page 62
command to log into the Switch with a different user name: Command login Explanation Allows the user to login with a different user name. DGS-6600 Configuration Guide 62 - D-Link DGS-6600 Series | Configuration Guide - Page 63
entered on the Switch, the password of a user account can still be encrypted by specifying the encrypted option with the username command. DGS-6600 Configuration Guide 63 - D-Link DGS-6600 Series | Configuration Guide - Page 64
Name Default Value Number of User Accounts Setup on None the Switch Enable Password None Password Encryption Disabled Table 5-3 Default Variable Values DGS-6600 Configuration Guide 64 - D-Link DGS-6600 Series | Configuration Guide - Page 65
using the Web Interface • Configuration Commands • Enabling the Web Interface • Configuring the Web Service Port • Specifying Web Management Terminals • Displaying Trusted Host Web Terminals • List of mode. Enables the Web interface. Exits global configuration mode. DGS-6600 Configuration Guide 65 - D-Link DGS-6600 Series | Configuration Guide - Page 66
port number for web to be 6600: DGS-6600:15#configure terminal DGS-6600:15(config)#ip http service-port 6600 DGS-6600:15(config)#end Specifying Web Management Terminals The user can specify the hosts that are allowed to manage the Switch using a web connection. DGS-6600 Configuration Guide 66 - D-Link DGS-6600 Series | Configuration Guide - Page 67
Total Entries : 1 DGS-6600:15# List of Constants and Default Settings Constant Name Value Maximum Web sessions 1 Table 6-1 Constants Values Variable Name Default Value HTTP Service Enabled HTTP Service Port TCP 80 Table 6-2 Default Variable Values DGS-6600 Configuration - D-Link DGS-6600 Series | Configuration Guide - Page 68
Manual provide the time and calendar services. The time set in manually or automatically. Configuration Commands Manual Configuration of Time The user can manually configure the time, the first time the device is setup. If manually manually set the clock: Command clock set HH:MM:SS DAY - D-Link DGS-6600 Series | Configuration Guide - Page 69
in Minutes : 60 From : N/A To : N/A DGS-6600:15# Automatic Configuration of Time The Switch supports the Simple Network Time Protocol (SNTP), which allows automatic time configuration on the Switch. SNTP is a client the current time and the time zone setting. DGS-6600 Configuration Guide 69 - D-Link DGS-6600 Series | Configuration Guide - Page 70
summer time, the clock on the Switch may need to be adjusted for daylight saving time. The Switch supports two methods for adjusting to daylight saving time. The first method adjusts the time on the Switch every date and time. Displays the summer time settings. DGS-6600 Configuration Guide 70 - D-Link DGS-6600 Series | Configuration Guide - Page 71
Variable Name Default Value Summer Time Disabled Summer Time Offset 60 Minutes Time Zone UTC (Coordinated Universal Time) Table 7-2 Default Variable Values DGS-6600 Configuration Guide 71 - D-Link DGS-6600 Series | Configuration Guide - Page 72
Volume 1-Configuration Fundamentals / Chapter 7-Time Configuration Variable Name Default Value Allow SNTP Broadcasts from SNTP Disabled Servers Default SNTP Server Setup None Table 7-2 Default Variable Values List of Constants and Default Settings DGS-6600 Configuration Guide 72 - D-Link DGS-6600 Series | Configuration Guide - Page 73
Volume 1-Default Metric / Chapter 8-DGS-6600 Default Metric Chapter Overview Chapter Overview Chapter 8 DGS-6600 Default Metric DGS-6600 Configuration Guide 73 - D-Link DGS-6600 Series | Configuration Guide - Page 74
Part 2- Interface and Hardware Configurations The following chapters are included in this volume: • Interface Configuration - D-Link DGS-6600 Series | Configuration Guide - Page 75
Volume 2-Interface and Hardware Components / Chapter 9-Interface Configuration DGS-6600 Configuration Guide Chapter Overview Chapter 9 Interface Configuration Chapter Overview The following topics are included in this chapter, please go to the topic for more detailed information: • Chapter - D-Link DGS-6600 Series | Configuration Guide - Page 76
Identification of an Interface An interface can be a physical port, VLAN, or channel-group. The Switch supports a number of different interfaces, which are listed below: • Switch Port Interface • Port Channel Interface always uses the following format: mgmt-if DGS-6600 Configuration Guide 76 - D-Link DGS-6600 Series | Configuration Guide - Page 77
interface or range of interfaces. Enter the following command in interface configuration mode to add a description to a specific interface: Command description DESCRIPTION DGS-6600 Configuration Guide Explanation Adds a description, of up to 64 characters, to the interface. 77 - D-Link DGS-6600 Series | Configuration Guide - Page 78
.255.255.255 inet6 10:73:87::100/64 inet6 99::20/64 inet6 fe80::460:cff:fe10:98/64 DGS-6600:2> DGS-6600 Configuration Guide 78 - D-Link DGS-6600 Series | Configuration Guide - Page 79
Speed • Shutting Down an Interface • Configuring the Maximum Allowed Frame Size • Configuring the MTU • Configuring the MTU on a VLAN Interface • Clearing Counters DGS-6600 Configuration Guide 79 - D-Link DGS-6600 Series | Configuration Guide - Page 80
] Explanation Configures the speed of the physical interface. The option [copper | fiber] is for the combo port set speeds on a specified medium. DGS-6600 Configuration Guide 80 - D-Link DGS-6600 Series | Configuration Guide - Page 81
-6600:15(config)#interface eth4.46 DGS-6600:15(config-if)#max-rcv-frame-size 6000 DGS-6600:15(config-if)#end DGS-6600 Configuration Guide 81 - D-Link DGS-6600 Series | Configuration Guide - Page 82
counters In the following example, the user clears the counters for Ethernet interface 4.5: DGS-6600:2>enable DGS-6600:15#clear counters eth4.5 DGS-6600 Configuration Guide 82 - D-Link DGS-6600 Series | Configuration Guide - Page 83
Management Interface • Configuring a Default Gateway on the OOB Management Interface • Shutting Down the Management Interface • Displaying the OOB Management Port Interface Status DGS-6600 Configuration Guide 83 - D-Link DGS-6600 Series | Configuration Guide - Page 84
terminal DGS-6600:15(config)#mgmt-if DGS-6600:15(mgmt-if)#default-gateway 10.1.1.254 DGS-6600:15(mgmt-if)#end DGS-6600 Configuration Guide 84 - D-Link DGS-6600 Series | Configuration Guide - Page 85
(config)#mgmt-if DGS-6600:15(mgmt-if)#ipv6 address 2043:1::43:11:33:192/48 DGS-6600:15(mgmt-if)#end DGS-6600 Configuration Guide 85 - D-Link DGS-6600 Series | Configuration Guide - Page 86
-6600:15#configure terminal DGS-6600:15(config)#mgmt-if DGS-6600:15(mgmt-if)#shutdown DGS-6600:15(mgmt-if)#end DGS-6600 Configuration Guide 86 - D-Link DGS-6600 Series | Configuration Guide - Page 87
off. Auto Auto Interface Description Empty string. Interface Shutdown State No shutdown. Management Interface Shutdown State No shutdown. Table 9-2 Default Variable Values DGS-6600 Configuration Guide 87 - D-Link DGS-6600 Series | Configuration Guide - Page 88
Part 3- Layer 2 Configurations The following chapters are included in this volume: • VLAN Configuration • VLAN Tunneling • GARP VLAN Registration Protocol (GVRP) Configuration • MAC Address Tables • Spanning Tree Protocol (STP) Configuration • Link Aggregation • Proxy ARP • Super VLAN • Voice VLAN • - D-Link DGS-6600 Series | Configuration Guide - Page 89
connected to end users) are untagged member ports, and trunk ports (ports which are connected to other switches) are tagged member ports. DGS-6600 Configuration Guide 89 - D-Link DGS-6600 Series | Configuration Guide - Page 90
the VLAN. When a VLAN is created, a default name is assigned to the VLAN. The user can modify the VLAN name if needed. DGS-6600 Configuration Guide 90 - D-Link DGS-6600 Series | Configuration Guide - Page 91
configuration: DGS-6600:15#configure terminal DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#vlan name IT-Support DGS-6600:15(config-vlan)#end DGS-6600:15#show vlan VLAN 1: Name: default GVRP advertisement: yes Static no trunk VLANs can be defined for the port. DGS-6600 Configuration Guide 91 - D-Link DGS-6600 Series | Configuration Guide - Page 92
mode and specifies the VLANs allowed to access the trunk connection. Displays the VLAN settings specified for the interfaces on the Switch. DGS-6600 Configuration Guide 92 - D-Link DGS-6600 Series | Configuration Guide - Page 93
ID on the port. Specifies whether the interface will act as untagged or tagged member of the specified VLAN. Displays the configuration. DGS-6600 Configuration Guide 93 - D-Link DGS-6600 Series | Configuration Guide - Page 94
Acceptable frame types : tagged only DGS-6600:15# Configuring Protocol VLAN Groups The Switch supports protocol-based VLANs. This standard, defined by the IEEE 802.1v standard maps packets binds the group to an interface. Verifies the protocol group configuration. DGS-6600 Configuration Guide 94 - D-Link DGS-6600 Series | Configuration Guide - Page 95
a subnet-based VLAN: Command subnet-base {NETWORK-PREFIX NETWORK-MASK | NETWORK-PREFIX/PREFIX-LENGTH} Explanation Configures the VLAN as a subnet-based VLAN. DGS-6600 Configuration Guide 95 - D-Link DGS-6600 Series | Configuration Guide - Page 96
-6600:15(config-if)#interface eth2.5 DGS-6600:15(config-if)# trunk allowed-vlan 2 DGS-6600:15(config-if)# trunk allowed-vlan 3 DGS-6600 Configuration Guide 96 - D-Link DGS-6600 Series | Configuration Guide - Page 97
each other. PC2 and PC4 can ping each. This indicates the PCs are in the same VLAN and can communicate each other. DGS-6600 Configuration Guide 97 - D-Link DGS-6600 Series | Configuration Guide - Page 98
Default Value VLAN VLAN 1 is the system default VLAN acceptable-frame Admit-all ingress-checking Enabled PVID 1 Table 10-2 Default Variable Values DGS-6600 Configuration Guide 98 - D-Link DGS-6600 Series | Configuration Guide - Page 99
insufficient for identifying a large mass of users. To solve this problem, the VLAN tunnel feature was developed, which maps VLAN tags within 16 million. By using this feature, service providers can use a single VLAN to support customers that have multiple VLANs, therefore Configuration Guide 99 - D-Link DGS-6600 Series | Configuration Guide - Page 100
VLAN encapsulation is also known as VLAN stacking or Q-in-Q. VLAN encapsulation inserts a second VLAN (service provider VID, S-VID) as an outer tag for packets that are being transmitted from the Networks Tagged Frames from UNI to NNI with VLAN Encapsulation Feature DGS-6600 Configuration Guide 100 - D-Link DGS-6600 Series | Configuration Guide - Page 101
not insert an additional VLAN tag. Instead, the system remarks the original VLAN information in order to traverse the service provider's networks. Non-stacking S-Tags are never stacked on top of a C-Tag. There is typically a CoS or remark the CoS for each C-VID. DGS-6600 Configuration Guide 101 - D-Link DGS-6600 Series | Configuration Guide - Page 102
ingress port. If there is an entry miss, then the packet will either be dropped or have an S-VLAN (service provider VLAN) tag added that is based on the VLAN lookup tables (MAC, Subnet, Protocol, Port VLAN ID). defined for the NNI port will be encoded in S-Tag. DGS-6600 Configuration Guide 102 - D-Link DGS-6600 Series | Configuration Guide - Page 103
If the forwarding port is a UNI port, the packet will be retained without encapsulating the S-VLAN or remarking with the S-VLAN information. DGS-6600 Configuration Guide 103 - D-Link DGS-6600 Series | Configuration Guide - Page 104
the packet is an S-Tagged packet, get the S-VLAN from the S-Tag. The VLAN tunnel TPID is used to identify the S-Tag. DGS-6600 Configuration Guide 104 - D-Link DGS-6600 Series | Configuration Guide - Page 105
. The following diagram shows the operation of an NNI to UNI VLAN encapsulation: Figure 11-7 NNI to UNI for VLAN Encapsulation Table DGS-6600 Configuration Guide 105 - D-Link DGS-6600 Series | Configuration Guide - Page 106
received packet is already S-Tagged, the packet content is retained. If the received packet has no S-Tag, the S-Tag will be added. DGS-6600 Configuration Guide 106 - D-Link DGS-6600 Series | Configuration Guide - Page 107
Configuration Commands The following topics are included in this section: • Enabling VLAN Tunneling • Specifying UNI/NNI Ports • Configuring NNI Port S-Tag TPID DGS-6600 Configuration Guide 107 - D-Link DGS-6600 Series | Configuration Guide - Page 108
cleared and GVRP will be disabled. 4) If the user needs to run GVRP on the Switch, GVRP should be manually enabled. In VLAN tunnel mode, the SP-VLAN GVRP address (01-80-C2-00-00-0D) will be used by |uni} Explanation Specifies if the port will be a UNI or NNI port. DGS-6600 Configuration Guide 108 - D-Link DGS-6600 Series | Configuration Guide - Page 109
-6600:15(config)#interface eth4.20 DGS-6600:15(config-if)#vlan-tunnel remove-inner-tag DGS-6600:15(config-if)#end DGS-6600 Configuration Guide 109 - D-Link DGS-6600 Series | Configuration Guide - Page 110
VLAN remarking entries on a UNI port. In the following example, the user configures the Switch to remark the service providers with a VLAN tag of 8 to the customer VLAN with a VLAN tag of 9, on Ethernet Creates CoS remark entries on the specified UNI port. DGS-6600 Configuration Guide 110 - D-Link DGS-6600 Series | Configuration Guide - Page 111
following command to display the VLAN tunnel related settings: Command show vlan-tunnel [INTERFACE-ID[,|-]] Explanation Displays the VLAN tunnel related settings. DGS-6600 Configuration Guide 111 - D-Link DGS-6600 Series | Configuration Guide - Page 112
tagging (S-tag and C-tag) and will be sent to R2. Customer#2 VLAN2 can communicate each other, but cannot communicate to Customer#3 VLAN2. DGS-6600 Configuration Guide 112 - D-Link DGS-6600 Series | Configuration Guide - Page 113
(config-if)# vlan encapsulation 1003 2 DGS-6600:15(config-if)#interface eth2.3 DGS-6600:15(config-if)# trunk allowed-vlan 1002-1003 DGS-6600 Configuration Guide 113 - D-Link DGS-6600 Series | Configuration Guide - Page 114
:15(config-if)# trunk allowed-vlan 1002-1003 Verifying the Configuration Check R1 QinQ config using the command show vlan interface eth2.1-2.3 DGS-6600 Configuration Guide 114 - D-Link DGS-6600 Series | Configuration Guide - Page 115
within itself, but unable to communicate with Customer#3's VLAN2. Customer#3's VLAN2 can communicate within itself, but unable to communicate with Customer#2's VLAN2. DGS-6600 Configuration Guide 115 - D-Link DGS-6600 Series | Configuration Guide - Page 116
VLAN Tunnel Mode Disabled UNI/NNI Port Role NNI Port Ingress Checking Disabled VLAN Tunnel TPID 0x88a8 Table 11-1 Default Variable Values DGS-6600 Configuration Guide 116 - D-Link DGS-6600 Series | Configuration Guide - Page 117
: • Enabling the GVRP Protocol • Specifying Forbidden Ports • Specifying the GVRP Timer • Enabling the Dynamic Creation of VLANs • Configuring the Interface Advertisement Attribute DGS-6600 Configuration Guide 117 - D-Link DGS-6600 Series | Configuration Guide - Page 118
forbidden option in interface configuration mode, the interface will not be able to become a member of any VLANs using the GVRP protocol. DGS-6600 Configuration Guide 118 - D-Link DGS-6600 Series | Configuration Guide - Page 119
config-if)#end Enabling the Dynamic Creation of VLANs Since an interface may request membership to a VLAN that does not currently exist, the Switch supports a feature that can dynamically create the requested VLAN. If this feature is disabled, the Switch ignores the request. DGS-6600 Configuration - D-Link DGS-6600 Series | Configuration Guide - Page 120
(config-if)#end Configuring the VLAN Advertisement Attribute The user can specify whether to allow the advertisement of specific VLANs system-wide. DGS-6600 Configuration Guide 120 - D-Link DGS-6600 Series | Configuration Guide - Page 121
, the user displays the global GVRP configuration: DGS-6600:2>show gvrp configuration Global GVRP State : Enabled Dynamic VLAN Creation : Enabled DGS-6600:2> DGS-6600 Configuration Guide 121 - D-Link DGS-6600 Series | Configuration Guide - Page 122
interface eth4.48 Port JoinEmpty JoinIn LeaveEmpty LeaveIn Empty eth4.48 RX 0 0 0 0 0 TX 4294967296 4294967296 4294967296 4294967296 4294967296 Total Entries: 1 DGS-6600:2> DGS-6600 Configuration Guide 122 - D-Link DGS-6600 Series | Configuration Guide - Page 123
Interface Forbidden Attribute No Forbidden VLANs Join Timer 0.2 Seconds Leave Timer Leave All Timer 0.6 Seconds 10 Seconds Table 12-2 Default Variable Values DGS-6600 Configuration Guide 123 - D-Link DGS-6600 Series | Configuration Guide - Page 124
dynamic entries from the source unicast MAC address recorded in the received packet. Static entries are manually configured by the user. Dynamic entries are automatically aged out. If the static entries are not on the entry type, the forwarding interface, or a VLAN. DGS-6600 Configuration Guide 124 - D-Link DGS-6600 Series | Configuration Guide - Page 125
forwarding interface or VLAN. If required, the user can also configure the aging time for dynamic entries or disable the aging function. DGS-6600 Configuration Guide 125 - D-Link DGS-6600 Series | Configuration Guide - Page 126
on the Switch: Command mac address-table static MAC-ADDR vlan VLAN-ID interface INTERFACE-ID [,|-] Explanation Configures a static MAC address entry. DGS-6600 Configuration Guide 126 - D-Link DGS-6600 Series | Configuration Guide - Page 127
of Multicast Static Entries 1024 Table 13-1 Constants Values Variable Name Aging Time Default Value 300 Seconds Table 13-2 Default Variable Values DGS-6600 Configuration Guide 127 - D-Link DGS-6600 Series | Configuration Guide - Page 128
link fails, the port that was originally blocked will recover to provide the packet forwarding service. The Switch supports all versions of Spanning Tree Protocol, which includes STP, RSTP, and MSTP. Spanning this section: • Basic Terminology • Timers • Port Role DGS-6600 Configuration Guide 128 - D-Link DGS-6600 Series | Configuration Guide - Page 129
each configuration message. Forward Delay The delay used by STP to transition from the listening to learning and learning to forwarding states. DGS-6600 Configuration Guide 129 - D-Link DGS-6600 Series | Configuration Guide - Page 130
. In this state, the port discards the received frame and does not forward frame. Listening After instructing a port to enter the forwarding state, the port will initially enter the listening state. Like the BPDU message is always conveyed: • Root Bridge ID DGS-6600 Configuration Guide 130 - D-Link DGS-6600 Series | Configuration Guide - Page 131
each port. The RPC (Root Path Cost) is initially zero. 3) (Bridge ID-X, 0, Bridge ID-X, Bridge ID-X TX port, Bridge ID-X TX port) DGS-6600 Configuration Guide 131 - D-Link DGS-6600 Series | Configuration Guide - Page 132
able to automatically detect the version and downgrade to the 802.1d version for ports that are attached to 802.1d nodes. DGS-6600 Configuration Guide 132 - D-Link DGS-6600 Series | Configuration Guide - Page 133
detect this but will remain in "Sending STP BPDU" mode. In this situation, the user should manually restart the Protocol Version Detection process to allow the port to change to "Sending RSTP BPDU" mode running a separate Multiple Spanning Tree Instance (MSTI). DGS-6600 Configuration Guide 133 - D-Link DGS-6600 Series | Configuration Guide - Page 134
must be enabled, in addition to STP being enabled for the port. Use the following commands to enable STP: Command spanning-tree DGS-6600 Configuration Guide Explanation This global configuration mode command enables STP system wide. 134 - D-Link DGS-6600 Series | Configuration Guide - Page 135
forwarding on an edge port: Command spanning-tree fast-forwarding Explanation Specifies that the interface will enter the forwarding state on initialization. DGS-6600 Configuration Guide 135 - D-Link DGS-6600 Series | Configuration Guide - Page 136
link where multiple neighbor bridges are possible,. The user can specify whether to auto-detect the link type or manually specify the link type. Based on auto-detection, a full-duplex port is considered to have a point-to by all ports within the hello time period. DGS-6600 Configuration Guide 136 - D-Link DGS-6600 Series | Configuration Guide - Page 137
Explanation Displays the settings when the bridge is in STP/RSTP mode. Displays the settings when the bridge is in MSTP mode. DGS-6600 Configuration Guide 137 - D-Link DGS-6600 Series | Configuration Guide - Page 138
Link .Port Type 128.3 P2P 128.5 P2P 128.6 Shr 128.9 P2P Edge -------- Eedge None-edge Eedge None-edge Total Entries: 4 DGS-6600:2> DGS-6600 Configuration Guide 138 - D-Link DGS-6600 Series | Configuration Guide - Page 139
: • Specifying the Bridge Priority • Specifying per Port Priority • Specifying per Port Path Cost • Specifying the Timers • Displaying and Verifying STP Protocol Operations DGS-6600 Configuration Guide 139 - D-Link DGS-6600 Series | Configuration Guide - Page 140
Port Path Cost The link path cost value represents the media speed. The path cost can be auto-determined based on the media type or manually specified by the user. The following table provides information about how the path cost is auto assigned. Data Rate Path Cost 1 Mb/s 20,000,000 - D-Link DGS-6600 Series | Configuration Guide - Page 141
-6600:15(config)#spanning-tree forward-time 16 DGS-6600:15(config)#spanning-tree max-age 21 DGS-6600:15(config)#end DGS-6600 Configuration Guide 141 - D-Link DGS-6600 Series | Configuration Guide - Page 142
per Port Hello Time • Specifying per Tree Bridge Priority • Specifying per Tree per Port Priority • Specifying per Tree per Port Path Cost DGS-6600 Configuration Guide 142 - D-Link DGS-6600 Series | Configuration Guide - Page 143
can specify the timers used for the forward delay, maximum age, and maximum number of hops for the MSTP state machine computation. DGS-6600 Configuration Guide 143 - D-Link DGS-6600 Series | Configuration Guide - Page 144
per Tree Bridge Priority The user should specify a bridge priority for each MSTI instance. The bridge priority must be divisible by 4096. DGS-6600 Configuration Guide 144 - D-Link DGS-6600 Series | Configuration Guide - Page 145
spanning-tree cost COST Explanation Specifies the internal link path cost for the MSTI. Specifies the external path cost for the CST. DGS-6600 Configuration Guide 145 - D-Link DGS-6600 Series | Configuration Guide - Page 146
point , S: shared Priority Link Interface Role State Cost .Port Type Edge A eth4.47 Designated Forwarding 200000 128.303 P2P Edge DGS-6600:2> DGS-6600 Configuration Guide 146 - D-Link DGS-6600 Series | Configuration Guide - Page 147
-6600:15# Configuring Optional Features The following topics are included in this section: • Root Guard • TCN Filter • Displaying the Optional Feature Settings DGS-6600 Configuration Guide 147 - D-Link DGS-6600 Series | Configuration Guide - Page 148
a root port for some applications. This feature is typically used in a service-provider environment, where the network administrator wants to prevent a low speed port being -ID [, | -] DGS-6600 Configuration Guide Explanation Displays the configuration for the MSTP optional feature settings. 148 - D-Link DGS-6600 Series | Configuration Guide - Page 149
. Topology Vlan2, eth2.1-2.2 Vlan3, eth2.3-2.4 R1 eth2.5 eth2.6 Vlan2, 3 tagged eth2.5 eth2.6 R2 Vlan2, eth2.1-2.2 Vlan3, eht2.3-2.4 Figure 14-3RSTP Configuration Topology DGS-6600 Configuration Guide 149 - D-Link DGS-6600 Series | Configuration Guide - Page 150
)#spanning-tree priority 4096 R2 (Router 2) Configuration Steps Step 1: Create VLAN 2, 3 DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#vlan 3 DGS-6600 Configuration Guide 150 - D-Link DGS-6600 Series | Configuration Guide - Page 151
20000 128.67 P2P Edge A eth2.5 Root Forwarding 20000 128.69 P2P None-Edge A eth2.6 Alternate Discarding 20000 0.70 P2P None-Edge DGS-6600 Configuration Guide 151 - D-Link DGS-6600 Series | Configuration Guide - Page 152
and VLAN3. If that link is recovered (e.g., eth2.5 is up again), VLAN2 and VLAN3 will use their active link again (Load sharing). DGS-6600 Configuration Guide 152 - D-Link DGS-6600 Series | Configuration Guide - Page 153
:15(config)#spanning-tree mst 0 priority 4096 DGS-6600:15(config)#spanning-tree mst 1 priority 4096 DGS-6600:15(config)#spanning-tree DGS-6600 Configuration Guide 153 - D-Link DGS-6600 Series | Configuration Guide - Page 154
3 DGS-6600:15(config-mst)#name dlink DGS-6600:15(config-mst)#spanning-tree mode mstp DGS-6600:15(config)#spanning-tree DGS-6600 Configuration Guide 154 - D-Link DGS-6600 Series | Configuration Guide - Page 155
20000 128.67 P2P Edge A eth2.5 Designated Forwarding 20000 128.69 P2P None-Edge A eth2.6 Designated Forwarding 20000 0.70 P2P None-Edge DGS-6600 Configuration Guide 155 - D-Link DGS-6600 Series | Configuration Guide - Page 156
(e.g., eth2.6), Re-plug the eth2.5 cable again. After few seconds, we can observe the PC ping traffic uses it's own link again. DGS-6600 Configuration Guide 156 - D-Link DGS-6600 Series | Configuration Guide - Page 157
MSTP Maximum Hops 20 Transmit Hold Count 6 Fast Forwarding Auto-determined Root Guard Disabled TCN Filter Disabled Table 14-3 Default Variable Values DGS-6600 Configuration Guide 157 - D-Link DGS-6600 Series | Configuration Guide - Page 158
group a number of physical ports into a logical channel interface. The user can use this feature to support the high bandwidth demand needed for a trunk link. The traffic over the high bandwidth virtual interface is , logical link segment. Link aggregation is an DGS-6600 Configuration Guide 158 - D-Link DGS-6600 Series | Configuration Guide - Page 159
HASHING In this mode, the device uses the source IP address and source port fields to hash. TRUNKING BASED ON DIP HASHING DGS-6600 Configuration Guide 159 - D-Link DGS-6600 Series | Configuration Guide - Page 160
is a member port of a port channel group, the membership must be removed before the interface can change membership to another channel group. DGS-6600 Configuration Guide 160 - D-Link DGS-6600 Series | Configuration Guide - Page 161
system-priority PRIORITY Explanation Specifies the interface as a candidate member port of the specified dynamic port channel group. Configures the system priority. DGS-6600 Configuration Guide 161 - D-Link DGS-6600 Series | Configuration Guide - Page 162
: • Source MAC Address • Destination MAC Address • Source and Destination MAC Address • Source IP Address • Destination IP Address • Source and Destination IP Address DGS-6600 Configuration Guide 162 - D-Link DGS-6600 Series | Configuration Guide - Page 163
link(s) are linked-down, the traffic will be re-load-sharing to those existing links. Topology Figure 15-1 Link Aggregation Configuration Topology DGS-6600 Configuration Guide 163 - D-Link DGS-6600 Series | Configuration Guide - Page 164
Priority Number eth2.5 FA Up 32768 69 eth2.6 FA Up 32768 70 eth2.7 FA Up 32768 71 eth2.8 FA Up 32768 72 DGS-6600 Configuration Guide 164 - D-Link DGS-6600 Series | Configuration Guide - Page 165
Default Value Load Balancing Algorithm Source-Destination MAC Address LACP Port Priority 32768 LACP System Priority 32768 Table 15-3 Default Variable Values DGS-6600 Configuration Guide 165 - D-Link DGS-6600 Series | Configuration Guide - Page 166
Show - indicate the value of the parameter can be displayed Config/show - indicate the parameter is both configurable and can be displayed DGS-6600 Configuration Guide 166 - D-Link DGS-6600 Series | Configuration Guide - Page 167
Proxy ARP Configuration Commands Enabling Authentication To enable proxy-arp please use the following commands. Command ip local-proxy-arp DGS-6600 Configuration Guide Explanation Use this command to enable local proxy ARP features on an interface. Use the no form of this command to disable local - D-Link DGS-6600 Series | Configuration Guide - Page 168
proxy ARP: Disable Interface: vlan2 Proxy ARP: Enable Local proxy ARP: Enable Interface: vlan4 Proxy ARP: Enable Local proxy ARP: Disable DGS6600# DGS-6600 Configuration Guide 168 - D-Link DGS-6600 Series | Configuration Guide - Page 169
packets so that the isolated sub VLANs can communicate with each other at Layer 3. For more information see the Proxy ARP chapter in this configuration guide or the Proxy ARP commands in the command line interface manual. Figure 17-1 A simple Super VLAN Environment DGS-6600 Configuration - D-Link DGS-6600 Series | Configuration Guide - Page 170
the sub-VLANs configured earlier. Configure a VLAN interface for the super VLAN. The VLAN interface enables communication among hosts and sub-VLANs. DGS-6600 Configuration Guide 170 - D-Link DGS-6600 Series | Configuration Guide - Page 171
communicate with PC3 which is on Sub VLAN200. But PC4 isn't in the IP range, and so, cannot communicate with other PCs. DGS-6600 Configuration Guide 171 - D-Link DGS-6600 Series | Configuration Guide - Page 172
:15(config-if)#access vlan 100 DGS6600:15(config-if)#interface range eth2.17-2.18 DGS6600:15(config-if)#access vlan 200 DGS-6600 Configuration Guide 172 - D-Link DGS-6600 Series | Configuration Guide - Page 173
and IPv6 protocol cannot run on a super VLAN interface. List of Constants Constant Super VLAN entries Sub-VLAN Entries Value 4093 4094 DGS-6600 Configuration Guide 173 - D-Link DGS-6600 Series | Configuration Guide - Page 174
of an IP phone call will be deteriorated if the voice traffic is unevenly sent. The quality of service (QoS) for voice traffic shall be configured to ensure the transmission priority of voice packet is higher than -based VLAN (if no other kind of VLAN is applied). DGS-6600 Configuration Guide 174 - D-Link DGS-6600 Series | Configuration Guide - Page 175
packet if the source MAC addresses of packets comply with the IP phone vendors OUI. Manual Mode - If a port works in manual mode, you should add the port to the voice VLAN or remove the port from the how to handle the received untagged and tagged voice packets. DGS-6600 Configuration Guide 175 - D-Link DGS-6600 Series | Configuration Guide - Page 176
If the ingress port is voice VLAN disabled, just forward the packets as normal data packets. Note: To support more than 1024 voice devices, we use VFP (VLAN Filter Processor) to classify voice traffic to voice VLAN. the learning process of LLDP-MED voice devices. DGS-6600 Configuration Guide 176 - D-Link DGS-6600 Series | Configuration Guide - Page 177
Policy TLV format • If the value of Tagged Flag (T) is 1, the voice device is using the IEEE 802.1Q tagged frame format. DGS-6600 Configuration Guide 177 - D-Link DGS-6600 Series | Configuration Guide - Page 178
Configuration commands Please note that a full listing of the CLI commands can be found in the CLI Manual, however, below are a brief table of the commands summarized in a table format for guidance. Command (config)#voice-vlan 1000 DGS6600(config)#end DGS6600# DGS-6600 Configuration Guide 178 - D-Link DGS-6600 Series | Configuration Guide - Page 179
-ff-ff-00-00-00 3COM 01-02-03-04-05-06 ff-ff-ff-ff-ff-ff UserDefined Total Entries: 9 DGS6600# DGS-6600 Configuration Guide 179 - D-Link DGS-6600 Series | Configuration Guide - Page 180
-6600:15(config)#voice-vlan 2 DGS-6600:15(config)#interface range eth2.1-2.5 DGS-6600:15(config-if)#switchport voice-vlan state enable DGS-6600 Configuration Guide 180 - D-Link DGS-6600 Series | Configuration Guide - Page 181
not in the list. The PC packet will be sent in VLAN3. We can use ping to test. PC2 can ping PC4. DGS-6600 Configuration Guide 181 - D-Link DGS-6600 Series | Configuration Guide - Page 182
is its MAC Address. For each ERP instance, there are two traffic channels, R-APS (Ring-Automatic Protection Switching) controlled channel and service protected channel. R-APS controlled channel is used to transmit and receive R-APS messages which belong to certain VLAN, called R-APS controlled DGS - D-Link DGS-6600 Series | Configuration Guide - Page 183
instance shall only block or unblock the set of VLANs which include R-APS controlled VLAN and service protected VLANs. But, blocking R-APS controlled channel only prevents R-APS messages received from one nodes that RPL has blocked. When other ring nodes receive DGS-6600 Configuration Guide 183 - D-Link DGS-6600 Series | Configuration Guide - Page 184
instance is responsible with one service protected channel and has its own R-APS controlled channel and service protected channel ERP Control Process to avoid loop of its own service protected channels (blue and red channels ERP instances have the same service protected channel (blue channel). It - D-Link DGS-6600 Series | Configuration Guide - Page 185
channel" connection between two interconnection nodes of a sub-ring and also be treated as "service traffic" of major-ring. It is used to provide connectivity between two interconnection nodes and -ring) R-APS (SF) R-APS (Event, Flush) only transmit three DGS-6600 Configuration Guide 185 - D-Link DGS-6600 Series | Configuration Guide - Page 186
19-3 ERPS Configuration Topology R1 (Router 1) Configuration Steps Step 1: Create VLAN 2, 3 DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#vlan 3 DGS-6600 Configuration Guide 186 - D-Link DGS-6600 Series | Configuration Guide - Page 187
-port east eth2.6 DGS-6600:15(config-erps-domain)# erpi 1 protected-vlan 3 DGS-6600:15(config-erps-domain)# erpi 1 enable Configuration Example DGS-6600 Configuration Guide 187 - D-Link DGS-6600 Series | Configuration Guide - Page 188
-port east eth2.6 DGS-6600:15(config-erps-domain)# erpi 1 protected-vlan 3 DGS-6600:15(config-erps-domain)# erpi 1 enable Configuration Example DGS-6600 Configuration Guide 188 - D-Link DGS-6600 Series | Configuration Guide - Page 189
ring port state : Blocked West ring port : eth2.6 West ring port state : Forwarding RPL owner port : East Service protected VLANs : 3 Guard timer : 500 milliseconds Hold-Off timer : 0 milliseconds WTR timer : 5 minutes Total ERPS domains : 1 Total ERP instances : 1 DGS-6600 Configuration Guide 189 - D-Link DGS-6600 Series | Configuration Guide - Page 190
Forwarding West ring port : eth2.5 West ring port state : Forwarding RPL owner port : (Not-configured) Service protected VLANs : 3 Guard timer : 500 milliseconds Hold-Off timer : 0 milliseconds WTR timer : 5 minutes Total ERPS domains : 1 Total ERP instances : 1 DGS-6600 Configuration Guide 190 - D-Link DGS-6600 Series | Configuration Guide - Page 191
: Forwarding West ring port : eth2.5 West ring port state : Forwarding RPL owner port : (Not-configured) Service protected VLANs : 3 Guard timer : 500 milliseconds Hold-Off timer : 0 milliseconds WTR timer : 5 minutes Total perform flush FDB action on ring ports. DGS-6600 Configuration Guide 191 - D-Link DGS-6600 Series | Configuration Guide - Page 192
these ring ports are blocked by "Port Security" module, it may affect service traffic of the ERP instance. 802.1x module When the ERP instance is ports are blocked by "802.1x" module, it may affect service traffic of the ERP instance. Traffic Segmentation module Traffic segmentation function - D-Link DGS-6600 Series | Configuration Guide - Page 193
Part 4- Layer 3 Configurations The following chapters are included in this volume: • IPv4 Basics • IPv4 Static Route Configuration • Routing Information Protocol (RIP) • Open Shortest Path First (OSPF) • IPv6 Basics • IPv6 Static Route Configuration • Routing Information Protocol Next Generation ( - D-Link DGS-6600 Series | Configuration Guide - Page 194
an IP addressing plan. A sound plan will help you prepare the network foundation to support additional services such as unified communications, wireless access, and enhanced network security. IPv4 Basics IP .1 is represented as: 00001010 01010011 00100001 00000001 DGS-6600 Configuration Guide 194 - D-Link DGS-6600 Series | Configuration Guide - Page 195
DHCP server. This configuration chapter will focus only on stateless addresses. In IPv4 a default router is normally manually configured. When configuring the DGS-6600, as a general rule, there is by default; no IP address an IP address on an interface from DHCP. DGS-6600 Configuration Guide 195 - D-Link DGS-6600 Series | Configuration Guide - Page 196
entries to time out more quickly than the default setting: DGS6600:15(config)#interface vlan1 DGS6600:15(config-if)#arp timeout 12000 DGS-6600 Configuration Guide 196 - D-Link DGS-6600 Series | Configuration Guide - Page 197
)#interface range eth2.3-2.4 DGS6600:15(config-if)# access vlan 3 DGS6600:15(config-if)#interface rnage eth2.5-2.6 DGS6600:15(config-if)# access vlan 4 DGS-6600 Configuration Guide 197 - D-Link DGS-6600 Series | Configuration Guide - Page 198
connected, vlan2 C 3.0.0.0/8 is directly connected, vlan3 C 4.0.0.0/8 is directly connected, vlan4 PCs in different subnets can ping each other by DGS-6600's routing. DGS-6600 Configuration Guide 198 - D-Link DGS-6600 Series | Configuration Guide - Page 199
how to enter the interface configuration mode for a range of ports from eth3.13.5. DGS6600(config)# interface range eth3.1-3.5 DGS6600(config-if)# DGS-6600 Configuration Guide 199 - D-Link DGS-6600 Series | Configuration Guide - Page 200
example shows how to add a static route entry for a 20.0.0.0/8 with next-hop 10.1.1.254. DGS6600(config)#ip route 20.0.0.0/8 10.1.1.254 DGS-6600 Configuration Guide 200 - D-Link DGS-6600 Series | Configuration Guide - Page 201
.PC2, PC3, PC4 and PC5 in different VLAN can communicate (PING) to each other. Topology Figure 21-1 Static Routing (IPv4) Configuration Topology DGS-6600 Configuration Guide 201 - D-Link DGS-6600 Series | Configuration Guide - Page 202
.3-2.4 DGS-6600:15(config-if)# access vlan 3 DGS-6600:15(config-if)#interface range eth2.5-2.6 DGS-6600:15(config-if)# access vlan 4 DGS-6600 Configuration Guide Configuration Example 202 - D-Link DGS-6600 Series | Configuration Guide - Page 203
can ping PCs in different VLANs, that are in the same router (local router), and can ping PC connected in "remote" routers. DGS-6600 Configuration Guide 203 - D-Link DGS-6600 Series | Configuration Guide - Page 204
away. Instead a timer called the garbage collection timer will start and the route will continue to be advertised with a metric value of DGS-6600 Configuration Guide 204 - D-Link DGS-6600 Series | Configuration Guide - Page 205
-6600:15#configure terminal DGS-6600:15(config)#router rip DGS-6600:15(config-router)#version 2 DGS-6600:15(config-router)#end DGS-6600 Configuration Guide 205 - D-Link DGS-6600 Series | Configuration Guide - Page 206
following commands to enable RIP and specify the networks that RIP will be advertised on: Command router rip network NETWORK-PREFIX/MASK DGS-6600 Configuration Guide Explanation Enables the RIP routing process. Defines the networks that will be advertised by the RIP protocol. 206 - D-Link DGS-6600 Series | Configuration Guide - Page 207
configure a unicast neighbor: Command neighbor IP-ADDRESS Explanation Defines the IP address of the neighbor that will be sent unicast RIP updates. DGS-6600 Configuration Guide 207 - D-Link DGS-6600 Series | Configuration Guide - Page 208
the network timers for RIP: Command timers {update SECONDS | invalid SECONDS | flush SECONDS} Explanation Configures the network timers for the RIP protocol. DGS-6600 Configuration Guide 208 - D-Link DGS-6600 Series | Configuration Guide - Page 209
a new key chain that will be used for authentication with RIP version 2 Identifies the authentication key that will be used with RIP. DGS-6600 Configuration Guide 209 - D-Link DGS-6600 Series | Configuration Guide - Page 210
to automatically generate a default route for RIP: Command default-information originate Explanation Specifies that a default route will be automatically generated by RIP. DGS-6600 Configuration Guide 210 - D-Link DGS-6600 Series | Configuration Guide - Page 211
:15#configure terminal DGS-6600:15(config)#router rip DGS-6600:15(config-router)#default-metric 5 DGS-6600:15(config-router)#end DGS-6600 Configuration Guide 211 - D-Link DGS-6600 Series | Configuration Guide - Page 212
Packets the maximum number of RIP routes allowed: 12288 Number of routes (excluding connected): 0 Distance: (default is 120) DGS-6600:2> Bad Routes DGS-6600 Configuration Guide 212 - D-Link DGS-6600 Series | Configuration Guide - Page 213
by RIP protocol. All PCs in the topology can communicate (e.g., PING) each other by routing. Topology Figure 22-1 RIP Configuration Example Topology DGS-6600 Configuration Guide 213 - D-Link DGS-6600 Series | Configuration Guide - Page 214
.3-2.4 DGS-6600:15(config-if)#access vlan 3 DGS-6600:15(config-if)#interface range eth2.5-2.6 DGS-6600:15(config-if)#access vlan 4 DGS-6600 Configuration Guide Configuration Examples 214 - D-Link DGS-6600 Series | Configuration Guide - Page 215
different VLANs can ping PCs in different VLANs, within the same router (local router), and can ping PCs connected to "remote" routers. DGS-6600 Configuration Guide 215 - D-Link DGS-6600 Series | Configuration Guide - Page 216
22-Routing Information Protocol (RIP) List of Constants and Default Settings Constant Name Value Number of Supported Key Chains 16 Number of Keys in a Key Chain 32 Table 22-1 Constants Values List of Flush Time 120 Seconds Table 22-2 Default Variable Values DGS-6600 Configuration Guide 216 - D-Link DGS-6600 Series | Configuration Guide - Page 217
routing information using Link State Advertisements (LSA). The exchanged information is divided into the following types: • Router LSA (Type 1) • Network LSA (Type 2) DGS-6600 Configuration Guide 217 - D-Link DGS-6600 Series | Configuration Guide - Page 218
operation. The area with an area ID of 0.0.0.0 or 0 will become area zero and the other areas will become non-zero areas. DGS-6600 Configuration Guide 218 - D-Link DGS-6600 Series | Configuration Guide - Page 219
to each router running OSPF. Each router in an AS must have a unique Router ID. The user can manually assign a Router ID or use the default Router ID that is assigned by the router, which is the highest highest priority will be elected as the designated router. DGS-6600 Configuration Guide 219 - D-Link DGS-6600 Series | Configuration Guide - Page 220
following command in VLAN interface configuration mode to manually set the OSPF router priority of a VLAN interface: Command ip ospf priority PRIORITY Explanation Manually sets the OSPF router priority on the VLAN router)#area 1 nssa dgs-6600:15(config-router)#end DGS-6600 Configuration Guide 220 - D-Link DGS-6600 Series | Configuration Guide - Page 221
. Thus, it is inversely proportional to the bandwidth of the link. The higher the bandwidth is, the less the cost is. The speed can be manually assigned or automatically calculated based on the bandwidth. The default referential bandwidth that has a cost value of 1 is 100Mbps. Based on this default - D-Link DGS-6600 Series | Configuration Guide - Page 222
Chapter 23-Open Shortest Path First (OSPF) OSPF Configuration Commands Use the following command to manually specify the OSPF cost of a VLAN interface: Command auto-cost reference-bandwidth MBPS ip ospf from communicating with other routers using the old key. DGS-6600 Configuration Guide 222 - D-Link DGS-6600 Series | Configuration Guide - Page 223
OSPF hello packet that is being sent. Specifies the time between Link-State Advertisement (LSA) retransmissions for adjacencies belonging to the interface. DGS-6600 Configuration Guide 223 - D-Link DGS-6600 Series | Configuration Guide - Page 224
-zero area. The router will send OSPF messages to the neighbor router in unicast form directly to the neighbor router IP address. DGS-6600 Configuration Guide 224 - D-Link DGS-6600 Series | Configuration Guide - Page 225
(config)#router ospf dgs-6600:15(config-router)#area 1 range 192.168.0.0/16 advertise cost 1000 dgs-6600:15(config-router)#end DGS-6600 Configuration Guide 225 - D-Link DGS-6600 Series | Configuration Guide - Page 226
default-cost COST Explanation Specifies the cost associated with the Type 3 default route injected to an stub area or totally stubby area. DGS-6600 Configuration Guide 226 - D-Link DGS-6600 Series | Configuration Guide - Page 227
of an NSSA area, Type 3 default routes will be automatically injected into an NSSA area. The user can manually specify that Type 7 default routes will be injected into the NSSA area. For an ASBR, when the default- areas as Type 7 external routes by an ASBR. DGS-6600 Configuration Guide 227 - D-Link DGS-6600 Series | Configuration Guide - Page 228
terminal dgs-6600:15(config)#router ospf dgs-6600:15(config-router)#area 1 nssa no-redistribution dgs-6600:15(config-router)#end DGS-6600 Configuration Guide 228 - D-Link DGS-6600 Series | Configuration Guide - Page 229
algorithm last executed 02:56:38.259 ago SPF algorithm executed 4 times Number of LSA 6 Network 47.65.51.0/24 dgs-6600:2> DGS-6600 Configuration Guide 229 - D-Link DGS-6600 Series | Configuration Guide - Page 230
this Topic are: • Displaying ABR and ASBR Information • Displaying OSPF Neighbor Information • Displaying OSPF Virtual Link Information • Displaying the OSPF LSA Database DGS-6600 Configuration Guide 230 - D-Link DGS-6600 Series | Configuration Guide - Page 231
ID Pri State Dead Time Address 10.47.65.81 1 Full/BDR 00:00:39 47.65.50.1 dgs-6600:2> Interface vlan50 DGS-6600 Configuration Guide 231 - D-Link DGS-6600 Series | Configuration Guide - Page 232
intervals configured, Hello 10, Dead 40, Retransmit 5 Hello due in 00:00:08 Adjacency state Full Current Authentication Type: none dgs-6600:2> DGS-6600 Configuration Guide 232 - D-Link DGS-6600 Series | Configuration Guide - Page 233
| adv-router IP-ADDRESS] show ip ospf database summary [LINK-STATEID | self-originate | adv-router IPADDRESS] Displays information about the summary LSAs. DGS-6600 Configuration Guide 233 - D-Link DGS-6600 Series | Configuration Guide - Page 234
Link ID 125.1.1.0 dgs-6600:2> ADV Router 10.47.65.81 Age Seq# CkSum Route Tag 55 0x66040006 0xe799 E2 125.1.1.0/24 0 DGS-6600 Configuration Guide 234 - D-Link DGS-6600 Series | Configuration Guide - Page 235
Length: 36 Network Mask: /24 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 Forward Address: 0.0.0.0 External Route Tag: 0 dgs-6600:2> DGS-6600 Configuration Guide 235 - D-Link DGS-6600 Series | Configuration Guide - Page 236
: /24 Metric Type: 2 (Larger than any link state path) TOS: 0 Metric: 1 NSSA: Forward Address: 47.65.51.1 External Route Tag: 0 dgs-6600:2> DGS-6600 Configuration Guide 236 - D-Link DGS-6600 Series | Configuration Guide - Page 237
) Designated Router address: 47.65.51.2 (Link Data) Router Interface address: 47.65.51.1 Number of TOS metrics: 0 TOS 0 Metric: 1 dgs-6600:2> DGS-6600 Configuration Guide 237 - D-Link DGS-6600 Series | Configuration Guide - Page 238
specified OSPF process(es). Initiates an OSPF graceful shutdown for the entire OSPF process or for a specific OSPF process on a VLAN interface. DGS-6600 Configuration Guide 238 - D-Link DGS-6600 Series | Configuration Guide - Page 239
) Configuration Steps Step 1: create vlan 2,3,4 DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#vlan 3 DGS-6600:15(config-vlan)#vlan 4 DGS-6600 Configuration Guide 239 - D-Link DGS-6600 Series | Configuration Guide - Page 240
vlan5 DGS-6600:15(config-if)# ip address 5.0.0.1/8 DGS-6600:15(config-if)#interface vlan6 DGS-6600:15(config-if)# ip address 6.0.0.1/8 DGS-6600 Configuration Guide Configuration Examples 240 - D-Link DGS-6600 Series | Configuration Guide - Page 241
connected, vlan5 C 6.0.0.0/8 is directly connected, vlan6 OSPFv2 Configuration Example 2 This OSPF configuration example contains three areas, virtual Link, NSSA, and external AS. DGS-6600 Configuration Guide 241 - D-Link DGS-6600 Series | Configuration Guide - Page 242
eth2.2 DGS-6600:15(config-if)# access vlan 3 DGS-6600:15(config-if)#interface eth2.3 DGS-6600:15(config-if)# access vlan 6 DGS-6600 Configuration Guide 242 - D-Link DGS-6600 Series | Configuration Guide - Page 243
:15(config-router)# network 3.0.0.0/8 area 0 DGS-6600:15(config-router)# network 4.0.0.0/8 area 1 DGS-6600:15(config-router)# area 1 virtual-link 5.0.0.1 Configuration Examples DGS-6600 Configuration Guide 243 - D-Link DGS-6600 Series | Configuration Guide - Page 244
eth2.1 DGS-6600:15(config-if)# access vlan 4 DGS-6600:15(config-if)#interface eth2.2 DGS-6600:15(config-if)# access vlan 5 DGS-6600 Configuration Guide 244 - D-Link DGS-6600 Series | Configuration Guide - Page 245
-6600:15(config-router)# network 7.0.0.0/8 area 3 Step 5: set RIP DGS-6600:15(config-router)#router rip DGS-6600:15(config-router)#network 8.0.0.1/8 DGS-6600 Configuration Guide Configuration Examples 245 - D-Link DGS-6600 Series | Configuration Guide - Page 246
:15(config-router)# network 8.0.0.2/8 Verifying The Configuration Use "show ip route" command to check if the routing table can be correctly learned. DGS-6600 Configuration Guide 246 - D-Link DGS-6600 Series | Configuration Guide - Page 247
Number of Supported MD5 Keys 255 per Interface Number of Supported OSPF Areas 16 Number of Supported OSPF Host 64 Routes Number of Supported OSPF Virtual 16 Links Number of Supported OSPF 32 Default Summary Route Cost 1 Table 23-2 Default Variable Values DGS-6600 Configuration Guide 247 - D-Link DGS-6600 Series | Configuration Guide - Page 248
it must use some method to choose which next hop should be used for a given data packet.The ECMP support that allows the packet to be forwarded along one of 32 paths based on a CRC32 hashing of the executed in EXEC mode with privilege admin user (15) rights. DGS-6600 Configuration Guide 248 - D-Link DGS-6600 Series | Configuration Guide - Page 249
on the source IP and destination IP addresses: DGS-6600#configure terminal DGS6600(config)#ip route ecmp load-balance crc32-upper dip DGS-6600 Configuration Guide 249 - D-Link DGS-6600 Series | Configuration Guide - Page 250
to address the main issue surrounding addressing problems. IPv6 moves away from 32-bit addressing routing performance and service. An IPv6 address can be assigned either manually or automatically. obtained from the DHCPv6 server. This configuration guide will focus only on stateless addresses. The - D-Link DGS-6600 Series | Configuration Guide - Page 251
parameters Figure 25-1 Router Discovery & Automatic Parameter Configuration In IPv4 a default router is normally manually configured. In IPv6 the default router on the host's side will be automatically learned. with prefer time and valid life time RS Figure 25-2 DGS-6600 Configuration Guide 251 - D-Link DGS-6600 Series | Configuration Guide - Page 252
address in addition to the address that might be derived from the stateless address auto-configure. Instructs the receiving hosts to use DHCP to obtain the nonaddress information such as: DNS server and larger than link MTU. FDDI Bridge DGS-6600 Configuration Guide FDDI Figure 25-3 Router 252 - D-Link DGS-6600 Series | Configuration Guide - Page 253
switch. no ipv6 nd retrans-timer The no form of this command sets the retrans timer to the default value. Table 25-2 DGS-6600 Configuration Guide 253 - D-Link DGS-6600 Series | Configuration Guide - Page 254
enable the IPv6 protocol: DGS-6600# enable DGS-6600# configure terminal DGS-6600(config) # interface vlan1 DGS-6600(config-if) # ipv6 enable DGS-6600 Configuration Guide 254 - D-Link DGS-6600 Series | Configuration Guide - Page 255
of slots are inactive IPv6 Address fe80::250:baff:fef9:b512 MAC Address Interface Type 0050.baf9.b512 vlan1 DYNM Status STALE DGS-6600 Configuration Guide 255 - D-Link DGS-6600 Series | Configuration Guide - Page 256
" and "maximum-paths" are both for IPv4 and IPv6 enabling multipath and to allow management of the maximum number of multi-path. DGS-6600 Configuration Guide 256 - D-Link DGS-6600 Series | Configuration Guide - Page 257
prefix, the route entry cannot be set to H/ W routing table. Use "ipv6 unicast-routing long-prefix" to support the IPv6 route with prefix longer than 64 bits can configure to FP table. After CMD enable, user can not prefix in HSL before route entry be added to DGS-6600 Configuration Guide 257 - D-Link DGS-6600 Series | Configuration Guide - Page 258
-6600:15(config-if)#interface vlan4 DGS-6600:15(config-if)# ipv6 address 3004::1/64 DGS-6600:15(config-if)# ipv6 enable DGS-6600 Configuration Guide 258 - D-Link DGS-6600 Series | Configuration Guide - Page 259
default route DGS-6600:15(config)#ipv6 route 3002::/64 3004::1 DGS-6600:15(config)#ipv6 route 3003::/64 3004::1 Configuration Example DGS-6600 Configuration Guide 259 - D-Link DGS-6600 Series | Configuration Guide - Page 260
is directly connected, vlan3 C 3004::/64 is directly connected, vlan4 S 3005::/64 [1/0] via 3004::2 S 3006::/64 [1/0] via 3004::2 Total Entries: 5 entries, 5 routes DGS-6600 Configuration Guide 260 - D-Link DGS-6600 Series | Configuration Guide - Page 261
known as the Bellman-Ford algorithm. Most of the concepts for RIPng have been taken from RIPv1 and RIPv2. Differences between RIPv2 and RIPng • RIPng Supports IPv6 networking • While RIPv2 supports RIPv1 update authentications, RIPng does not. IPv6 routers were designed to - D-Link DGS-6600 Series | Configuration Guide - Page 262
in synchronization with all changes to active routes • provides the RIP Route MIB for querying the routes in the RIPng routing table DGS-6600 Configuration Guide 262 - D-Link DGS-6600 Series | Configuration Guide - Page 263
to the metric of each route received. The router then processes the newly received route entry using the Bellman-Ford algorithm (below). DGS-6600 Configuration Guide 263 - D-Link DGS-6600 Series | Configuration Guide - Page 264
with a router in the network uses the routing table information to determine the next host to route a packet to for a specified destination. DGS-6600 Configuration Guide 264 - D-Link DGS-6600 Series | Configuration Guide - Page 265
timer expires, the route is replaced and the garbage collection timer is cleared. This timer is kept for each routing table entry. DGS-6600 Configuration Guide 265 - D-Link DGS-6600 Series | Configuration Guide - Page 266
Hop If fe80::219:5bff:fef5:2cc1 fe80::219:5bff:fef5:2cc1 :: :: Met Time vlan2 2 vlan2 2 vlan3 1 vlan2 1 Total Entries: 4 entries, 4 routes DGS-6600 Configuration Guide 266 - D-Link DGS-6600 Series | Configuration Guide - Page 267
::1/64 and 3003::1/64 can be learned dynamically by RIPng protocol. All PCs in the topology can communicate each other by routing. DGS-6600 Configuration Guide 267 - D-Link DGS-6600 Series | Configuration Guide - Page 268
3004::1/64 DGS-6600:15(config-if)# ipv6 router rip Step 4: enable global ripng DGS-6600:15(config-if)#router ipv6 rip DGS-6600 Configuration Guide 268 - D-Link DGS-6600 Series | Configuration Guide - Page 269
are being propagated in a looped environment, RIPng continues to increase the metric by one. The routes would be passed around indefinitely. The DGS-6600 Configuration Guide 269 - D-Link DGS-6600 Series | Configuration Guide - Page 270
crossed. A route cannot be chosen based on bandwidth or real-time parameters such as measured delay, load, or reliability. 4) The function of ECMP is not supported in RIPng. A single route has a single next hop in the current design. Therefore, the multipath is not - D-Link DGS-6600 Series | Configuration Guide - Page 271
OSPF for IPv6 (OSPFv3) modifies the existing OSPF for IPv4 (OSPFv2) to support IPv6. The fundamentals of OSPF for IPv4 remain unchanged. Some changes have , including demand circuit support and Not-So-Stubby Areas (NSSAs), are also supported in OSPF for IPv6. DGS-6600 Configuration Guide 271 - D-Link DGS-6600 Series | Configuration Guide - Page 272
two different networks two different neighbor structures will be created for the same router but the structures are added to different interfaces. DGS-6600 Configuration Guide 272 - D-Link DGS-6600 Series | Configuration Guide - Page 273
router will only form adjacencies to both the DR and the BDR. All other neighbors will stay in neighbor state 2-WAY. BACKUP DGS-6600 Configuration Guide 273 - D-Link DGS-6600 Series | Configuration Guide - Page 274
. INIT In this state, a Hello packet has recently been seen from the neighbor. However, bidirectional communication has not yet been established. 2-WAY DGS-6600 Configuration Guide 274 - D-Link DGS-6600 Series | Configuration Guide - Page 275
DR/BDR, an adjacency is formed. If the router decides not to form an adjacency, this neighbor stays in a two-way state. DGS-6600 Configuration Guide 275 - D-Link DGS-6600 Series | Configuration Guide - Page 276
2‐way Figure 28-3 The diagram on the next page shows the different phases of forming an adjacency and the corresponding neighbor states. DGS-6600 Configuration Guide 276 - D-Link DGS-6600 Series | Configuration Guide - Page 277
in the shortest path to the route. The following sections describe each of these components, starting with the contents of the LSDB. DGS-6600 Configuration Guide 277 - D-Link DGS-6600 Series | Configuration Guide - Page 278
changes. • An external route is added or withdrawn at the ASBR. • The renewal timer (MaxAge/2) of an LSA requires an updated LSA. DGS-6600 Configuration Guide 278 - D-Link DGS-6600 Series | Configuration Guide - Page 279
following example specifies a fixed router ID. DGS6600#enable DGS6600#configure terminal DGS6600(config)#router ipv6 ospf DGS6600(config-router)#router-id 10.1.1.1 DGS-6600 Configuration Guide 279 - D-Link DGS-6600 Series | Configuration Guide - Page 280
1) Configuration Steps Step 1: create vlan 2,3,4 DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#vlan 3 DGS-6600:15(config-vlan)#vlan 4 DGS-6600 Configuration Guide 280 - D-Link DGS-6600 Series | Configuration Guide - Page 281
-6600:15(config-if)# access vlan 6 DGS-6600:15(config-if)#interface eth2.5 DGS-6600:15(config-if)# access vlan 4 Configuration Examples DGS-6600 Configuration Guide 281 - D-Link DGS-6600 Series | Configuration Guide - Page 282
fe80::201:2ff:fe03:404, vlan4, 0DT0H5M43S O 3006::/64 [110/2] via fe80::201:2ff:fe03:404, vlan4, 0DT0H5M43S Total Entries: 5 entries, 5 routes DGS-6600 Configuration Guide 282 - D-Link DGS-6600 Series | Configuration Guide - Page 283
not exceed 64 because of the H/W limitation. Please use the command: ipv6 unicast-route long-prefix to support IPv6 routes with a prefix length that is longer than 64bits. • The unknown LSAs can't be counted in area" were configured, the process would be down. DGS-6600 Configuration Guide 283 - D-Link DGS-6600 Series | Configuration Guide - Page 284
time and maybe the highest address is not selected. The router ID is based on the configured IPv4 address at that time. DGS-6600 Configuration Guide 284 - D-Link DGS-6600 Series | Configuration Guide - Page 285
IPv6 Tunneling • Support RFC • IPv6 Manually Configured Tunnel • tunneling manual Configuration support dual stack. In this device IPv6 supports the following types of tunneling mechanisms: 1) Manual 2) 6to4 (base on RFC 3056, but not support manually configured on a tunnel interface, and manually - D-Link DGS-6600 Series | Configuration Guide - Page 286
scheme: 2002::/16 The key difference between automatic 6to4 tunnels and manually configured tunnels is that the tunnel is not pointto-point; it mode. The border router at each end of a 6to4 tunnel must support both the IPv4 and IPv6 protocol stacks. The simplest deployment scenario for Guide 286 - D-Link DGS-6600 Series | Configuration Guide - Page 287
the tunnel mode ipv6ip configuration command to manually specify an IPv6 configured tunnel. The optional Configuration Examples IPv6 tunneling manual Configuration Example R1 and R2 . Topology Figure 29-1 Ipv6 Tunneling Manual Configuration Example Topology Configuration Prerequisites: 1. - D-Link DGS-6600 Series | Configuration Guide - Page 288
Configuration steps Step 1: Create and configure manual tunnel DGS-6600:15(config)#interface tunnel1 default route ::/0 to use manual tunnel "tunnel1" DGS-6600:15( Step 1: Create and configure manual tunnel DGS-6600:15(config manual tunnel "tunnel1" DGS-6600:15(config)#ipv6 route - D-Link DGS-6600 Series | Configuration Guide - Page 289
:100:1::1/64 to vlan6, eth2.1 access vlan4, and eth2.3 access vlan6. Ensure R1 is reachable to IPv6 6to4 site 2002:100:1::/48. DGS-6600 Configuration Guide 289 - D-Link DGS-6600 Series | Configuration Guide - Page 290
:100:3:ffff::1/64 Step 2: Create 2002::/16 to use 6to4 tunnel "tunnel1" DGS-6600:15(config-if)#ipv6 route 2002::/16 tunnel 1 DGS-6600 Configuration Guide 290 - D-Link DGS-6600 Series | Configuration Guide - Page 291
, assign an IPv4 address 10.0.0.2/8 to vlan4, assign an IPv6 address 4000:1/64 to vlan6, eth2.1 access vlan4, and eth2.3 access vlan6. DGS-6600 Configuration Guide 291 - D-Link DGS-6600 Series | Configuration Guide - Page 292
600 seconds ND next router advertisement due in 0 seconds. ND router advertisements live for 1800 seconds Hosts use stateless autoconfig for addresses. DGS-6600 Configuration Guide 292 - D-Link DGS-6600 Series | Configuration Guide - Page 293
port and a random port number for the source port. The Switch supports BGP version 4, which is the same version that Internet Service Providers used when building the Internet. Several new BGP features were introduced BGP algorithm that controls the path selection DGS-6600 Configuration Guide 293 - D-Link DGS-6600 Series | Configuration Guide - Page 294
Community Lists • Displaying Routes that Conform to a Specified Filter List • Displaying BGP Permitted Routes • Displaying Information about BGP Neighbors • Displaying IP Routes DGS-6600 Configuration Guide 294 - D-Link DGS-6600 Series | Configuration Guide - Page 295
bgp log-neighbor-changes command to enable logging of BGP neighbor resets. Use no bgp log-neighbor-changes to disable the logging. DGS-6600 Configuration Guide 295 - D-Link DGS-6600 Series | Configuration Guide - Page 296
:15(config-router)#neighbor 10.108.1.1 remote-as 65001 dgs-6600:15(config-router)#neighbor 10.108.1.1 description peer with private-as DGS-6600 Configuration Guide 296 - D-Link DGS-6600 Series | Configuration Guide - Page 297
available in the specified range. Using the summary-only parameter advertises the prefix only, suppressing the more-specific routes to all neighbors. DGS-6600 Configuration Guide 297 - D-Link DGS-6600 Series | Configuration Guide - Page 298
command controls which networks are advertised. Interior protocols use the network command to determine where to send updates. The maximum number of supported network entries is project dependent. The BGP will advertise a network entry if the router has the route information for this entry if - D-Link DGS-6600 Series | Configuration Guide - Page 299
AS number which following RFC 5396 and RFC 4893. About the 4-byte AS number represent, the BGP support "asplain" and "asdot" notation. The "65546" is similar to "1.10" Private autonomous system numbers you how to configure a BGP process for autonomous system 65534: DGS-6600 Configuration Guide 299 - D-Link DGS-6600 Series | Configuration Guide - Page 300
because the loopback interface is more effective than a fixed interface as an identifier because there is no physical link to go down. DGS-6600 Configuration Guide 300 - D-Link DGS-6600 Series | Configuration Guide - Page 301
command can be configured to enforce deterministic comparison of the MED value between all paths received from within the same autonomous system. DGS-6600 Configuration Guide 301 - D-Link DGS-6600 Series | Configuration Guide - Page 302
ignore, bgp bestpath compare-router-id or bgp default local-preference commands to customize the path selection process. Command enable [privilege LEVEL] DGS-6600 Configuration Guide Explanation Enter privileged EXEC mode. 302 - D-Link DGS-6600 Series | Configuration Guide - Page 303
highest IP address on the router, with preference given to loopback addresses. The Router ID can be manually set by using the bgp router-id command. Command enable [privilege LEVEL] configure terminal router bgp automatic exchange of IPv4 address family prefixes. DGS-6600 Configuration Guide 303 - D-Link DGS-6600 Series | Configuration Guide - Page 304
dgs-6600:15(config)#router bgp 65534 dgs-6600:15(config-router)#bgp default local-preference 200 dgs-6600:15(config-router)# DGS-6600 Configuration Guide 304 - D-Link DGS-6600 Series | Configuration Guide - Page 305
from unauthorized systems. Command enable [privilege LEVEL] configure terminal router bgp AS-NUMBER bgp enforce-first-as DGS-6600 Configuration Guide Explanation Enter privileged EXEC mode. Enter Global configuration mode. Enter the following information to configure BGP routing process and enter - D-Link DGS-6600 Series | Configuration Guide - Page 306
logging of BGP neighbor status changes (up or down) and resets for troubleshooting network connectivity problems and measuring network stability. Unexpected neighbor resets might indicate high error rates or configuration command to apply a specific access list. DGS-6600 Configuration Guide 306 - D-Link DGS-6600 Series | Configuration Guide - Page 307
Updates Use the neighbor advertisement interval command to set the minimum interval between the sending of Border Gateway Protocol (BGP) routing updates. DGS-6600 Configuration Guide 307 - D-Link DGS-6600 Series | Configuration Guide - Page 308
any BGP Router configuration commands, such as "neighbor remote-as". Use the no form of the command to remove a BGP routing process. DGS-6600 Configuration Guide 308 - D-Link DGS-6600 Series | Configuration Guide - Page 309
process mode (Please see router bgp AS-NUMBER). Use the no form of this command to remove an entry from the table. DGS-6600 Configuration Guide 309 - D-Link DGS-6600 Series | Configuration Guide - Page 310
-6600:15(config-router)# Adding a Neighbor to a BGP Peer Group Use the neighbor peer-group command to add a neighbor to a peer group. DGS-6600 Configuration Guide 310 - D-Link DGS-6600 Series | Configuration Guide - Page 311
configuration mode exchange only unicast address prefixes. Command enable [privilege LEVEL] configure terminal Explanation Enter privileged EXEC mode. Enter global configuration mode. DGS-6600 Configuration Guide 311 - D-Link DGS-6600 Series | Configuration Guide - Page 312
any BGP Router configuration commands, such as "neighbor remote-as". Use the no form of the command to remove a BGP routing process. DGS-6600 Configuration Guide 312 - D-Link DGS-6600 Series | Configuration Guide - Page 313
process mode (Please see router bgp AS-NUMBER). Use the no form of this command to remove an entry from the table. DGS-6600 Configuration Guide 313 - D-Link DGS-6600 Series | Configuration Guide - Page 314
process mode (Please see router bgp AS-NUMBER). Use the no form of this command to remove an entry from the table. DGS-6600 Configuration Guide 314 - D-Link DGS-6600 Series | Configuration Guide - Page 315
servers within an autonomous system to have the route before BGP makes it available to other autonomous systems. Command enable [privilege LEVEL] DGS-6600 Configuration Guide Explanation Enter privileged EXEC mode. 315 - D-Link DGS-6600 Series | Configuration Guide - Page 316
, e -EGP, ? - incomplete Network 10.1.1.0/24 *> 172.17.1.0/24 Next Hop -------0.0.0.0 0.0.0.0 Metric ------ 0 0 LocPrf Weight 32768 0 Path ------i 45000 i Total Entries: 2 entries, 2 routes dgs-6600:2> DGS-6600 Configuration Guide 316 - D-Link DGS-6600 Series | Configuration Guide - Page 317
-6600:2> Displaying Routes that Conform to a Specified Filter List Configuration Example To display the contents of an access-list named as-ACL_HQ: DGS-6600 Configuration Guide 317 - D-Link DGS-6600 Series | Configuration Guide - Page 318
Protocol (BGP) community list. Configuration Example The following example shows you the sample output from the show ip bgp community-list command: DGS-6600 Configuration Guide 318 - D-Link DGS-6600 Series | Configuration Guide - Page 319
. i - The table entry was learned via an internal BGP (iBGP) session. Table 30-1 Fields Displayed in show ip bgp community-list Output DGS-6600 Configuration Guide 319 - D-Link DGS-6600 Series | Configuration Guide - Page 320
if the keyword ipv4 is not specified. You can specify the IP address of a neighbor to display information about the specific neighbor. DGS-6600 Configuration Guide 320 - D-Link DGS-6600 Series | Configuration Guide - Page 321
108.50.2 neighbor information. The neighbor is an internal BGP (iBGP) peer. This neighbor supports the router refresh and graceful restart capabilities: dgs-6600:2>show ip bgp neighbors BGP neighbor: : R1 Accepted prefixes: 0 Announced prefixes: 0 dgs-6600:2> DGS-6600 Configuration Guide 321 - D-Link DGS-6600 Series | Configuration Guide - Page 322
Information Protocol (RIP) derived O-Open Shortest Path First (OSPF) derived C-connected i - IS-IS derived S - static B - Border Gateway Protocol (BGP) derived Table 30-2 DGS-6600 Configuration Guide 322 - D-Link DGS-6600 Series | Configuration Guide - Page 323
, vlan2 10.31.223.0 [200/128] via 10.119.254.244, 0:02:22, vlan2 Total Entries: 12 entries, 12 routes dgs-6600:2> DGS-6600 Configuration Guide 323 - D-Link DGS-6600 Series | Configuration Guide - Page 324
R1, R2, R3 runs RIP. Between AS65101 and 65101, R3 and R4 run BGP (EBGP). Topology Figure 30-1 BGP Configuration Example Topology DGS-6600 Configuration Guide 324 - D-Link DGS-6600 Series | Configuration Guide - Page 325
. DGS-6600:15(config)#vlan 10 DGS-6600:15(config-vlan)#vlan 20 DGS-6600:15(config-vlan)#vlan 50 Configuration Examples DGS-6600 Configuration Guide 325 - D-Link DGS-6600 Series | Configuration Guide - Page 326
-if)# ip address 10.4.4.1/16 DGS-6600:15(config-if)# interface vlan1681 DGS-6600:15(config-if)# ip address 192.168.1.2/24 DGS-6600 Configuration Guide Configuration Examples 326 - D-Link DGS-6600 Series | Configuration Guide - Page 327
DGS-6600:15(config-router)# neighbor 192.168.1.2 remote-as 65101 DGS-6600:15(config-router)# network 192.168.2.0/24 Configuration Examples DGS-6600 Configuration Guide 327 - D-Link DGS-6600 Series | Configuration Guide - Page 328
6 announced prefixes Connections established 1; dropped 0 Local host: 192.168.1.2, Local port: 179 Foreign host: 192.168.1.1, Foreign port: 1024 Nexthop: 192.168.1.2 DGS-6600 Configuration Guide 328 - D-Link DGS-6600 Series | Configuration Guide - Page 329
10.2.2.1 0.0.0.0 10.1.1.1 0.0.0.0 10.2.2.1 10.1.1.1 0.0.0.0 192.168.1.1 Metric 2 0 2 0 2 2 0 0 LocPrf 100 100 Weight 0 32768 32768 32768 0 32768 32768 0 Path 65102 Total Entries: 6 entries, 8 route DGS-6600 Configuration Guide 329 - D-Link DGS-6600 Series | Configuration Guide - Page 330
.1.1.1, vlan10, 0DT0H24M55S C 192.168.1.0/24 is directly connected, vlan1681 B 192.168.2.0/24 [20/0] via 192.168.1.1, vlan1681, 0DT0H23M21S Total Entries: 6 entries, 7 routes DGS-6600 Configuration Guide 330 - D-Link DGS-6600 Series | Configuration Guide - Page 331
route is base on "source". The Benefits of Policy-Based Routing PBR have following benefits: Source-Based Transit Provider Selection. Internet service provider (ISP) can use policy-based routing to route traffic originating from different sets of users through different Internet connections across - D-Link DGS-6600 Series | Configuration Guide - Page 332
Map Figure 31-1 Organizations can provide QOS to differentiated traffic by setting the precedence or type of service (TOS) values in the IP packet headers at the periphery of the network and leveraging queuing high-bandwidth, high-cost, switched paths. Figure 31-3 DGS-6600 Configuration Guide 332 - D-Link DGS-6600 Series | Configuration Guide - Page 333
the conditions for policy routing packets. The match commands specify the conditions under which policy routing occurs. The set commands specify the DGS-6600 Configuration Guide 333 - D-Link DGS-6600 Series | Configuration Guide - Page 334
-hop set ip precedence All rules will be: 1. match ip address IPV4 + set interface 2. match ip address IPV4 + set default next-hop DGS-6600 Configuration Guide 334 - D-Link DGS-6600 Series | Configuration Guide - Page 335
(config-route-map)#vlan 2 DGS-6600:15(config-vlan)#vlan 3 DGS-6600:15(config-vlan)#vlan 4 DGS-6600:15(config-vlan)#vlan 7 DGS-6600 Configuration Guide 335 - D-Link DGS-6600 Series | Configuration Guide - Page 336
(config-route-map)#vlan 2 DGS-6600:15(config-vlan)#vlan 3 DGS-6600:15(config-vlan)#vlan 4 DGS-6600:15(config-vlan)#vlan 7 DGS-6600 Configuration Guide 336 - D-Link DGS-6600 Series | Configuration Guide - Page 337
-if)#interface vlan7 DGS-6600:15(config-if)# ip address 7.0.0.2/8 Step 4: set default route DGS-6600:15(config)#ip route 0.0.0.0/0 4.0.0.1 Configuration example DGS-6600 Configuration Guide 337 - D-Link DGS-6600 Series | Configuration Guide - Page 338
default Gateway of last resort is 4.0.0.2 to network 0.0.0.0 S* 0.0.0.0/0 [1/0] via 4.0.0.2, vlan4 C 3.0.0.0/8 is directly connected, vlan3 C 4.0.0.0/8 is directly connected, vlan4 C 7.0.0.0/8 is directly connected, vlan7 DGS-6600 Configuration Guide 338 - D-Link DGS-6600 Series | Configuration Guide - Page 339
Protocol (VRRP) is a redundancy protocol designed to increase the availability of the default gateway servicing hosts on the same subnet. This increased reliability is achieved by advertising a "virtual network with two VRRP routers implementing one virtual router DGS-6600 Configuration Guide 339 - D-Link DGS-6600 Series | Configuration Guide - Page 340
the Master and responsible for forwarding the packets from the end hosts. The Router-2 would therefore the Backup for the virtual router. DGS-6600 Configuration Guide 340 - D-Link DGS-6600 Series | Configuration Guide - Page 341
has a higher priority than the master router. One exception is when the router that is the virtual IP address owner always preempts. DGS-6600 Configuration Guide 341 - D-Link DGS-6600 Series | Configuration Guide - Page 342
IP Address The connection between end host and the first hop router may be good, but there might be problems between the first hop and second hop connection. If that connection goes down, the master router may not be that state until the interface link is up again. DGS-6600 Configuration Guide 342 - D-Link DGS-6600 Series | Configuration Guide - Page 343
identifier is 7, and 10.1.1.1 is the IP address of the virtual router. DGS6600(config)#interface vlan1 DGS6600(config-if)#vrrp 7 ip 10.1.1.1 DGS-6600 Configuration Guide 343 - D-Link DGS-6600 Series | Configuration Guide - Page 344
and R2 is VRRP backup. The PC's packet will go through R1. If R1 is broken, R2 will become the VRRP master. DGS-6600 Configuration Guide 344 - D-Link DGS-6600 Series | Configuration Guide - Page 345
eth2.2 DGS-6600:15(config-if)# access vlan 4 DGS-6600:15(config-if)#interface eth2.3 DGS-6600:15(config-if)# access vlan 3 DGS-6600 Configuration Guide 345 - D-Link DGS-6600 Series | Configuration Guide - Page 346
vlan4 DGS-6600:15(config-if)# ip address 4.0.0.2/8 DGS-6600:15(config-if)#interface vlan5 DGS-6600:15(config-if)# ip address 5.0.0.1/8 DGS-6600 Configuration Guide 346 - D-Link DGS-6600 Series | Configuration Guide - Page 347
), R2 will become the master. VLAN2 PC should be able to still ping VLAN6 PC as R2 acts as the new master. DGS-6600 Configuration Guide 347 - D-Link DGS-6600 Series | Configuration Guide - Page 348
Critical IP address is 0.0.0.0 Master router is 2.0.0.254 Master Down interval is 3.609 sec (expires in 3.006 sec) Total Entries: 1 Configuration Example DGS-6600 Configuration Guide 348 - D-Link DGS-6600 Series | Configuration Guide - Page 349
Part 5- Multiprotocol Label Switching (MPLS) The following chapters are included in this volume: • Multiprotocol Label Switching (MPLS) • Virtual Private Wire Service (VPWS) • Virtual Private Lan Services (VPLS) - D-Link DGS-6600 Series | Configuration Guide - Page 350
., and the FEC assignment is flexible. Since the FEC determines the packet's forwarding behavior in the MPLS network, so the flexible FEC assignment provides powerful support for QoS and traffic engineering. DGS-6600 Configuration - D-Link DGS-6600 Series | Configuration Guide - Page 351
. It make the MPLS-VPN can be implemented easily. The MPLS is independent of the L2 and L3 protocols. It supports all L3 protocols, such as IPv4, IPv6, IPX, etc. It is also can run on any L2 network, such mode to disable MPLS forwarding globally Table 33-1 DGS-6600 Configuration Guide 351 - D-Link DGS-6600 Series | Configuration Guide - Page 352
Creating static LSP Usually, the LSP is established by LDP, but you can also create a static LSP by manual configuration. The maximum LSP number is 128. For establishing a static LSP, you shall configure it at each node is chosen by the sender; the destination UDP DGS-6600 Configuration Guide 352 - D-Link DGS-6600 Series | Configuration Guide - Page 353
R1 R2 R3 R4 Ingress Step 1 Step 2 Step 3 Step 6 Step 5 Step 4 Step 7 Step 9 Echo reply Egress Step 8 FEC B Figure 33-3 LSP traceroute DGS-6600 Configuration Guide 353 - D-Link DGS-6600 Series | Configuration Guide - Page 354
and R3. The MPLS label is learned by LDP protocol. The DGS-6600 router can forward packets by the learned label information. DGS-6600 Configuration Guide 354 - D-Link DGS-6600 Series | Configuration Guide - Page 355
protocol ldp DGS6600:15(config-if)#interface vlan152 DGS6600:15(config-if)#mpls ip DGS6600:15(config-if)#mpls label protocol ldp DGS-6600 Configuration Guide 355 - D-Link DGS-6600 Series | Configuration Guide - Page 356
protocol ldp DGS6600:15(config-if)#interface vlan154 DGS6600:15(config-if)#mpls ip DGS6600:15(config-if)#mpls label protocol ldp DGS-6600 Configuration Guide 356 - D-Link DGS-6600 Series | Configuration Guide - Page 357
protocol ldp DGS6600:15(config-if)#interface vlan154 DGS6600:15(config-if)#mpls ip DGS6600:15(config-if)#mpls label protocol ldp DGS-6600 Configuration Guide 357 - D-Link DGS-6600 Series | Configuration Guide - Page 358
(IP: 153.170.189.150/24). MPLS (Static Label) Configuration Example Configuring MPLS protocol in R1, R2 and R3. The label of MPLS is set manually. DGS-6600 can forward the packets by these label information. PC1 and PC2 are at different network. PC1 can communicate with PC2 by MPLS Topology - D-Link DGS-6600 Series | Configuration Guide - Page 359
20.0.0.0/8 out-label 400 nexthop 40.0.0.2 DGS6600:15(config)#mpls static ilm in-label 401 forward-action pop nexthop 10.0.0.4 fec 10.0.0.0/8 DGS-6600 Configuration Guide 359 - D-Link DGS-6600 Series | Configuration Guide - Page 360
nexthop 50.0.0.3 fec 20.0.0.0/8 DGS6600:15(config)#mpls static ilm in-label 501 forward-action swap-label 401 nexthop 40.0.0.1 fec 10.0.0.0/8 DGS-6600 Configuration Guide 360 - D-Link DGS-6600 Series | Configuration Guide - Page 361
500 forward-action pop nexthop 20.0.0.4 fec 20.0.0.0/8 Verifying the Configuration Use following commands to check the MPLS label forwarding path information. DGS-6600 Configuration Guide 361 - D-Link DGS-6600 Series | Configuration Guide - Page 362
. In the following example, the DGS-6600 R1 will implement MPLS QoS according to mapping rule if the packet's destination matches 20.0.0.0/8 DGS-6600 Configuration Guide 362 - D-Link DGS-6600 Series | Configuration Guide - Page 363
address 10.0.0.1/8 DGS-6600:15(config-if)#! DGS-6600:15(config-if)#interface vlan40 DGS-6600:15(config-if)# ip address 40.0.0.1/8 DGS-6600 Configuration Guide 363 - D-Link DGS-6600 Series | Configuration Guide - Page 364
6-7 priority 6 DGS-6600:15(config-mpls-router)#class-map outbound priority 1 exp 6 DGS-6600:15(config-mpls-router)#class-map outbound exp 3 DGS-6600 Configuration Guide 364 - D-Link DGS-6600 Series | Configuration Guide - Page 365
50 DGS-6600:15(config-if)#! DGS-6600:15(config-if)#interface eth2.16 DGS-6600:15(config-if)# access vlan 20 DGS-6600 Configuration Guide 365 - D-Link DGS-6600 Series | Configuration Guide - Page 366
.0.0.0/8 out-label 501 nexthop 50.0.0.2 DGS-6600:15(config)#mpls static ilm in-label 500 forward-action pop nexthop 20.0.0.4 fec 20.0.0.0/8 DGS-6600 Configuration Guide 366 - D-Link DGS-6600 Series | Configuration Guide - Page 367
20.0.0.0/8 Total Entries: 1 Configuration Restrictions Configuration Restrictions For support MPLS, the hardware must support label operation. In addition, L3 route and LDP shall be supported. The MPLS interface is L3 interface. LSR ID is 2128 64 128 128 300 128 DGS-6600 Configuration Guide 367 - D-Link DGS-6600 Series | Configuration Guide - Page 368
the cost of providing those services. The tunneling mechanism of the VPWS can use any tunneling protocols. In this specification, it uses MPLS for the transport layer. CE2 MPLS tunnel PE 2 Attachment Circuits pseudowire CE1 PE1 MPLS network PE 3 CE3 DGS-6600 Configuration Guide 368 - D-Link DGS-6600 Series | Configuration Guide - Page 369
provide the following functions in order to emulate the behavior and characteristics of the native service. 1.Encapsulation of service-specific PDUs or circuit data arriving at the PE-bound port (logical or physical). enable MPLS globally. DGS6600(config)#mpls ip DGS-6600 Configuration Guide 369 - D-Link DGS-6600 Series | Configuration Guide - Page 370
[detail] Explanation Use the xconnect command to enable the VPWS service on the interface. Use the no form of this command to cancel VPWS service. Use this command to show the MPLS label forwarding path information example shows how to configure a VPWS (Raw Mode). DGS-6600 Configuration Guide 370 - D-Link DGS-6600 Series | Configuration Guide - Page 371
Volume 5-Multiprotocol Label Switching / Chapter 34-Virtual Private Wire Service (VPWS) Configuration examples PE 1 Loopback: 130.1.1.1/32 CE1 AC: Eth1.1, VLAN10 MPLS Network PW MPLS tunnel PE the MPLS network, user shall configure PE1 and PE2 as follows: DGS-6600 Configuration Guide 371 - D-Link DGS-6600 Series | Configuration Guide - Page 372
Service supported. The VPWS uses MPLS tunnel label to transmit packet and use VC label as PW demultiplexer. At same time, VPWS uses LDP to distribute label and maintain PW status. Constant Max VPWS entries (Static and Dynamic) Max Peers Max AC Value 1024 2000 2000 DGS-6600 Configuration Guide - D-Link DGS-6600 Series | Configuration Guide - Page 373
Restrictions and Constants An Introduction to VPLS A Virtual Private LAN Service (VPLS) is an L2VPN service that emulates LAN service across a Wide Area Network (WAN). The primary motivation of VPLS bridges, which is based on MAC source address learning. DGS-6600 Configuration Guide 373 - D-Link DGS-6600 Series | Configuration Guide - Page 374
Volume 5-Multiprotocol Label Switching / Chapter 35-Virtual Private Lan Services (VPLS) CE3 PE2 Emulated LAN CE1 PE1 MPLS Network CE2 Chapter Overview PE3 CE4 Figure 35-1 VPLS and Ethernet tagged mode. All PWs in a VPLS should have same encapsulation mode. DGS-6600 Configuration Guide 374 - D-Link DGS-6600 Series | Configuration Guide - Page 375
belonging to different VPLS instances can be carried in a single MPLS tunnel from one PE to another PE. VPLS Service In the PE, a Virtual Switching Instance (VSI) for a VPLS will map multiple ACs to multiple PWs. of a VPLS Table 35-1 VPLS (Abbreviated) command list DGS-6600 Configuration Guide 375 - D-Link DGS-6600 Series | Configuration Guide - Page 376
Volume 5-Multiprotocol Label Switching / Chapter 35-Virtual Private Lan Services (VPLS) VPLS Configuration Commands Command Explanation mtu 0-65535 Use mtu command in VPLS configuration mode :15(config)#vpls vpls100 DGS-6000:15(config-vpls)#encapsulation raw DGS-6600 Configuration Guide 376 - D-Link DGS-6600 Series | Configuration Guide - Page 377
Volume 5-Multiprotocol Label Switching / Chapter 35-Virtual Private Lan Services (VPLS) Configuration Examples Setting a local AC link MTU of a VPLS The follow example shows how to set on different sites. PC1 can communicate with PC2 through VPLS over MPLS. DGS-6600 Configuration Guide 377 - D-Link DGS-6600 Series | Configuration Guide - Page 378
Volume 5-Multiprotocol Label Switching / Chapter 35-Virtual Private Lan Services (VPLS) Topology Configuration Examples R1 (Router 1) Configuration Steps Step 1. Create VLAN and add ports into VLAN. (config-if)#mpls ip DGS6600:15(config-if)#mpls label protocol ldp DGS-6600 Configuration Guide 378 - D-Link DGS-6600 Series | Configuration Guide - Page 379
Volume 5-Multiprotocol Label Switching / Chapter 35-Virtual Private Lan Services (VPLS) Step 5. Set a loopback address and configure VPLS. DGS6600:15(config-if)#interface loopback1 DGS6600:15( :15(config-if)#mpls ip DGS6600:15(config-if)#mpls label protocol ldp DGS-6600 Configuration Guide 379 - D-Link DGS-6600 Series | Configuration Guide - Page 380
Volume 5-Multiprotocol Label Switching / Chapter 35-Virtual Private Lan Services (VPLS) R3 (Router 3) Configuration Steps. Step 1. Create a VLAN and add ports into the VLAN. DGS6600:15(config)#vlan (config-vpls)#vpls-id 3006 DGS6600:15(config-vpls)#peer 11.34.55.31 DGS-6600 Configuration Guide 380 - D-Link DGS-6600 Series | Configuration Guide - Page 381
Services .189.152/24). Configuration Restrictions and Constants To support VPLS module, the software shall be able to handle /receive the frames on the Pseudowires and support the MAC bridge function on the VPLS. needs to add MAC address withdraw message support. Constant Max VPLS entries Max Peers - D-Link DGS-6600 Series | Configuration Guide - Page 382
Part 6- Quality of Service (QoS) The following chapters are included in this volume: • Quality of Service (QoS) - D-Link DGS-6600 Series | Configuration Guide - Page 383
Example An Introduction to QoS In a network without Quality of Service (QoS) support, all packets have the same priority. Generally in a network where needs guaranteed service and some does not as guarantee service is more expensive than non-guarantee service. DGS-6600 Configuration Guide 383 - D-Link DGS-6600 Series | Configuration Guide - Page 384
based on the fields of the packet and polices based on the service agreement in terms of Committed Information Rate (CIR), or size of of packets occurs immediately. When traffic exceeds the data rate, you instruct the system to either drop the packets or mark QoS fields in them Guide 384 - D-Link DGS-6600 Series | Configuration Guide - Page 385
LIST to COSVALUE Explanation Configures the trust state of the interface. Defines a differentiated services code point (DSCP) to a class of service (CoS) map. In the following example the user configures a qos map dscp bandwidth limit value on an interface. DGS-6600 Configuration Guide 385 - D-Link DGS-6600 Series | Configuration Guide - Page 386
dscp-mutation MAP-NAME INPUT-DSCPLIST to OUTPUT-DSCP Explanation Use this command to define a named differentiated service code point (DSCP) mutation map. This example shows how to map DSCP 30 to mutated DSCP value dscp-mutation mutemap1 DGS-6600:15(config)#end DGS-6600 Configuration Guide 386 - D-Link DGS-6600 Series | Configuration Guide - Page 387
priority index to the lowest. The purpose of the strict priority scheduler is to provide lower latency service to the higher CoS classes of traffic. DRR operates by serving a mount of backlogged credits scheduling mechanism, use the default form of this command. DGS-6600 Configuration Guide 387 - D-Link DGS-6600 Series | Configuration Guide - Page 388
drop traffic that does not conform to the profile or change the the value of the traffic's Differential Services Code Point (DSCP). Since traffic not conforming to defined profiles has the DSCP value lowered or is dropped color-aware DGS-6600:15(config-pmap-c)#end DGS-6600 Configuration Guide 388 - D-Link DGS-6600 Series | Configuration Guide - Page 389
/ Chapter 36-Quality of Service (QoS) QoS Configuration Commands Enter config-cmap)#match vlan 2 DGS-6600:15(config-cmap)# Configuring Policing The Switch supports two types of policing, single policing and aggregate policing. The user should implement policing. DGS-6600 Configuration Guide 389 - D-Link DGS-6600 Series | Configuration Guide - Page 390
Volume 6-QOS / Chapter 36-Quality of Service (QoS) QoS Configuration Commands Use the following command to create a policy-map or enter policy-map configuration mode to modify 6600:15(config-pmap-c)#police 8000 1000 exceed-action drop DGS-6600:15(config-pmap)#end DGS-6600 Configuration Guide 390 - D-Link DGS-6600 Series | Configuration Guide - Page 391
Volume 6-QOS / Chapter 36-Quality of Service (QoS) QoS Configuration Commands Changing Single-rate Policing to Two-rate Policing Use the following commands to change a aggregate policer as the policy that will be used for the traffic classes in a policy map. DGS-6600 Configuration Guide 391 - D-Link DGS-6600 Series | Configuration Guide - Page 392
Chapter 36-Quality of Service (QoS) QoS Configuration Commands attach a policy map to an input interface: Command service-policy NAME Explanation Attaches a service policy to an interface. In the following example, service-policy cust1-classes DGS-6600:15(config-if)#end DGS-6600 Configuration - D-Link DGS-6600 Series | Configuration Guide - Page 393
Volume 6-QOS / Chapter 36-Quality of Service (QoS) Configuration Examples Configuration Examples Configuring QoS Examples The following example demonstrates how to (config-if-gi)#qos trust dscp DGS-6600:15(config-if-gi)#service-policy policy1 DGS-6600:15(config-if-gi)#exit DGS-6600 Configuration - D-Link DGS-6600 Series | Configuration Guide - Page 394
Volume 6-QOS / Chapter 36-Quality of Service (QoS) Verifying the Configuration Confirming the Class-Map DGS-6600:15#show class-map Class Map match-any class- the switch so that when traffic congestion occurs, the high priority packet will be forwarded first. DGS-6600 Configuration Guide 394 - D-Link DGS-6600 Series | Configuration Guide - Page 395
Volume 6-QOS / Chapter 36-Quality of Service (QoS) Topology Configuration Examples Step 1. R1. Set eth3.1-3.3 to tag port with vlan 1 and enable COS DGS6600: information. DGS6600:15#show qos interface eth3.3 trust Interface Trust State eth3.3 trust CoS DGS-6600 Configuration Guide 395 - D-Link DGS-6600 Series | Configuration Guide - Page 396
When the credit counter reaches zero, the queue is no longer serviced until its weight is replenished. The lower priority CoS queue is serviced in turn. In the following example, when traffic congestion occurs, the allowed-vlan 1 DGS6600:15(config-if)#qos trust cos DGS-6600 Configuration Guide 396 - D-Link DGS-6600 Series | Configuration Guide - Page 397
Volume 6-QOS / Chapter 36-Quality of Service (QoS) Step 2. R1. Set WRR priority 7 with weight 5, others are set as weight 1 qos interface eth3.3 weight-round-robin eth3.3 CoS weight 0 1 1 1 2 1 3 1 4 1 5 1 6 1 7 5 Configuration Examples DGS-6600 Configuration Guide 397 - D-Link DGS-6600 Series | Configuration Guide - Page 398
Part 7- Multicast Configurations The following chapter is included in this volume: • Multicast Configuration - D-Link DGS-6600 Series | Configuration Guide - Page 399
information supplied by oy other routing protocols such as BGP. This switch supports PIM sparse mode (PIM-SM) to build unidirectional shared trees rooted User Datagram Protocol (UDP) packets with a best effort service. It does not provide as reliable a transmission and error Configuration Guide 399 - D-Link DGS-6600 Series | Configuration Guide - Page 400
on the forwarding table and flood drop all unregistered multicast packets. Finally, the user displays the multicast filtering mode for all VLANs: DGS-6600 Configuration Guide 400 - D-Link DGS-6600 Series | Configuration Guide - Page 401
Entries: 9 DGS-6600:15# PIM The device supports PIM sparse-mode and PIM dense-mode. The for Protocol Independent Multicast (PIM) Enabling the ip multicast routing service Use the following command in global configuration mode to globally enable ip routing DGS-6600 Configuration Guide 401 - D-Link DGS-6600 Series | Configuration Guide - Page 402
route has the same distance as the other RPF sources, the multicast static route takes preference. Default is 0. Range is 0-255. Examples DGS-6600 Configuration Guide 402 - D-Link DGS-6600 Series | Configuration Guide - Page 403
routing DGS-6600:15(config)#ip multicast-routing Step 2: create vlan 2,4 DGS-6600:15(config)#vlan 2 DGS-6600:15(config-vlan)#vlan 4 DGS-6600 Configuration Guide 403 - D-Link DGS-6600 Series | Configuration Guide - Page 404
-6600:15(config-if)# access vlan 3 DGS-6600:15(config-if)#interface eth2.5 DGS-6600:15(config-if)# access vlan 4 Configuration Examples DGS-6600 Configuration Guide 404 - D-Link DGS-6600 Series | Configuration Guide - Page 405
PIM-SM multicast routing protocol. IPTV multicast stream can be routed from R1 to R2, and forwarded to VLAN when PC joins. DGS-6600 Configuration Guide 405 - D-Link DGS-6600 Series | Configuration Guide - Page 406
Volume 7-Multicast / Chapter 37-Multicast Configuration Topology Configuration Examples Figure 37-2 PIM-SM Configuration Example R1 (Router 1) Configuration Guide Step 1: enable multicast routing DGS-6600:15(config)#ip multicast-routing Step 2: create vlan 2,4 DGS-6600:15(config)#vlan 2 DGS-6600: - D-Link DGS-6600 Series | Configuration Guide - Page 407
:15(config)#router rip DGS-6600:15(config-router)#network 5.0.0.1/8 DGS-6600:15(config-router)#network 6.0.0.1/8 DGS-6600:15(config-router)#network 4.0.0.2/8 DGS-6600 Configuration Guide Configuration Examples 407 - D-Link DGS-6600 Series | Configuration Guide - Page 408
run DVMRP multicast routing protocol. IPTV multicast stream can be routed from R1 to R2, and forwarded to VLAN when PC joins. DGS-6600 Configuration Guide 408 - D-Link DGS-6600 Series | Configuration Guide - Page 409
5: enable and set rip DGS-6600:15(config)#router rip DGS-6600:15(config-router)#network 2.0.0.1/8 DGS-6600:15(config-router)#network 4.0.0.1/8 DGS-6600 Configuration Guide 409 - D-Link DGS-6600 Series | Configuration Guide - Page 410
)#router rip DGS-6600:15(config-router)#network 5.0.0.1/8 DGS-6600:15(config-router)#network 6.0.0.1/8 DGS-6600:15(config-router)#network 4.0.0.2/8 Configuration Examples DGS-6600 Configuration Guide 410 - D-Link DGS-6600 Series | Configuration Guide - Page 411
Configuration Example Topology R1 (Router 1) Configuration Steps Step 1: DGS-6600:15(config)#interface vlan1 DGS-6600:15(config-if)# ip igmp snooping DGS-6600 Configuration Guide 411 - D-Link DGS-6600 Series | Configuration Guide - Page 412
.0.1 Port : eth2.2 Uptime : 0DT0H1M40S Expires : 0DT0H2M41S , dynamic Group mode : Exclude Last reporter: : 192.168.1.2 Source list is empty Total Entries : 1 entries, 1 records DGS-6600 Configuration Guide 412 - D-Link DGS-6600 Series | Configuration Guide - Page 413
Part 8- Security & Authentication The following chapters are included in this volume: • Access Control Lists (ACL) • Authentication, Authorization and Accounting (AAA) Configuration • 802.1X Authentication • DoS Protection • Dynamic ARP Inspection • Port Security • IP Source Guard • DHCP Server - D-Link DGS-6600 Series | Configuration Guide - Page 414
layer header field, including the upper layer protocol type. IPv6 access control lists define the criteria based on the IPv6 packet fields. DGS-6600 Configuration Guide 414 - D-Link DGS-6600 Series | Configuration Guide - Page 415
"deny all traffic" criteria statement. Therefore, if a packet does not match any of the defined criteria statements, the packet will be dropped. DGS-6600 Configuration Guide 415 - D-Link DGS-6600 Series | Configuration Guide - Page 416
being checked. The ordering of a statement can be explicitly defined or automatically assigned. To manually control the ordering, the user can define the statement with a priority number. A smaller priority , the packet is dropped without any further ACL checking. DGS-6600 Configuration Guide 416 - D-Link DGS-6600 Series | Configuration Guide - Page 417
configuration mode. Specifies the periods covered by the time-range profile. Exits time-range configuration mode. Displays the configured time-range profiles. DGS-6600 Configuration Guide 417 - D-Link DGS-6600 Series | Configuration Guide - Page 418
of statements can be explicitly defined or automatically assigned. If the user defines the statement with a priority number, the ordering is manually determined. A smaller priority number means a higher precedence. If the user does not specify a priority number when entering a criteria statement - D-Link DGS-6600 Series | Configuration Guide - Page 419
can define the permit/deny statement based on IP address, layer 4 port ID, and classification of service information. The user can also enter the statement with a time-range profile. Use the following commands to , port, or IP header traffic class information. DGS-6600 Configuration Guide 419 - D-Link DGS-6600 Series | Configuration Guide - Page 420
defines the statement with a priority number, the ordering is manually determined. A smaller priority number means a higher precedence. If statement based on IPv6 address, layer 4 port ID, and classification of service information. The user can also enter the statement with a time-range Guide 420 - D-Link DGS-6600 Series | Configuration Guide - Page 421
permit/deny statements based on the MAC address, Ethernet packet type, LLC service access point, 802.1p priority bits, or VLAN information. The user can defines the statement with a priority number, the ordering is manually determined. A smaller priority number means a higher precedence. If Guide 421 - D-Link DGS-6600 Series | Configuration Guide - Page 422
the Switch: Command show access-list [ip NAME | mac NAME | ipv6 NAME] Explanation Displays the access control lists setup on the Switch. DGS-6600 Configuration Guide 422 - D-Link DGS-6600 Series | Configuration Guide - Page 423
an interface for ingress traffic. Applies a MAC access control list to an interface for ingress traffic. Displays the access control list configuration. DGS-6600 Configuration Guide 423 - D-Link DGS-6600 Series | Configuration Guide - Page 424
)#end DGS-6600:15#show access-group interface eth4.12 mac eth4.12 Inbound mac access-list : Block-Server DGS-6600:15# DGS-6600 Configuration Guide 424 - D-Link DGS-6600 Series | Configuration Guide - Page 425
:59. DGS-6600:15(config)#time-range ACL-1t DGS-6600:15(config-time-range)# periodic daily 18:00 to 23:59 DGS-6600 Configuration Guide 425 - D-Link DGS-6600 Series | Configuration Guide - Page 426
deny list) can ping PC1 in specific time range 18:00 to 23:59. PC2 can ping PC1 in other time range. DGS-6600 Configuration Guide 426 - D-Link DGS-6600 Series | Configuration Guide - Page 427
Ending Implicit Deny ACL Priority Interval Value 10 ACL Resequencing Disabled Table 38-2 Default Variable Values List of Constants and Default Settings DGS-6600 Configuration Guide 427 - D-Link DGS-6600 Series | Configuration Guide - Page 428
attempt local authentication and even the specified authentication methods will fail. If the method list is empty local authentication will be used. DGS-6600 Configuration Guide 428 - D-Link DGS-6600 Series | Configuration Guide - Page 429
2 DGS-6600:15# Defining AAA Server Hosts The user can define a server host with the TACACS, XTACACS, TACACS+, or RADIUS protocol methods. DGS-6600 Configuration Guide 429 - D-Link DGS-6600 Series | Configuration Guide - Page 430
| telnet | http | ssh] [brief] Explanation Used to configure a new authentication method list. Displays the login or enable method lists for all applications. DGS-6600 Configuration Guide 430 - D-Link DGS-6600 Series | Configuration Guide - Page 431
following example, the user configures a login method list for authenticating login attempts from all supported applications (including console, Telnet, and HTTP). The methods start from group2. If Enable authentication: Local Authentication: yes DGS-6600:15# DGS-6600 Configuration Guide 431 - D-Link DGS-6600 Series | Configuration Guide - Page 432
will be resent by the Switch when no response is received. Number of AAA Group Servers None Table 39-2 Default Variable Values DGS-6600 Configuration Guide 432 - D-Link DGS-6600 Series | Configuration Guide - Page 433
Diagnostics • Displaying Session Statistics • Configuration Examples • 802.1x Guest VLAN Configuration Example • Relations with Other Modules • List of Constants and Default Settings DGS-6600 Configuration Guide 433 - D-Link DGS-6600 Series | Configuration Guide - Page 434
1X Client The Client is simply an end station that wishes to gain access to the LAN or Switch services. All end stations must be running software that is compliant with the 802.1X protocol. For users running pass through the port. The following figure displays a DGS-6600 Configuration Guide 434 - D-Link DGS-6600 Series | Configuration Guide - Page 435
Configuration Commands Configuring 802.1X Authentication The following topics are included in this section: • Enabling Authentication • Initializing the 802.1x Protocol Operation DGS-6600 Configuration Guide 435 - D-Link DGS-6600 Series | Configuration Guide - Page 436
that the Switch will wait for a response from the supplicant before timing out the supplicant (client). Table 40-1 802.1X Timer Values DGS-6600 Configuration Guide 436 - D-Link DGS-6600 Series | Configuration Guide - Page 437
terminal DGS-6600:15(config)#interface eth4.17 DGS-6600:15(config-if)#dot1x max-req 3 DGS-6600:15(config-if)#end DGS-6600 Configuration Guide 437 - D-Link DGS-6600 Series | Configuration Guide - Page 438
port 4.10: DGS-6600:2>enable DGS-6600:15#dot1x re-authenticate interface eth4.10 mac-address 00-40-10-28-19-78 DGS-6600 Configuration Guide 438 - D-Link DGS-6600 Series | Configuration Guide - Page 439
DGS-6600:15(config)#interface eth4.43 DGS-6600:15(config-if)#dot1x control-direction in DGS-6600:15(config-if)#end DGS-6600 Configuration Guide 439 - D-Link DGS-6600 Series | Configuration Guide - Page 440
-802.1X Authentication 802.1X Configuration Commands Specifying the Port Authorization State The user can manually configure a port to be in an 802.1X authorized or unauthorized state by entering the that was assigned by the RADIUS server during authentication. DGS-6600 Configuration Guide 440 - D-Link DGS-6600 Series | Configuration Guide - Page 441
authentication: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#dot1x auth-protocol radius DGS-6600:15(config)#end DGS-6600 Configuration Guide 441 - D-Link DGS-6600 Series | Configuration Guide - Page 442
terminal DGS-6600:15(config)#interface eth4.32 DGS-6600:15(config-if)#dot1x forward-pdu DGS-6600:15(config-if)#end DGS-6600 Configuration Guide 442 - D-Link DGS-6600 Series | Configuration Guide - Page 443
show dot1x [interface INTERFACE-ID] {auth-state | auth-configuration | statistics | diagnostics | sessionstatistics} Explanation Displays information about the 802.1X configuration and status. DGS-6600 Configuration Guide 443 - D-Link DGS-6600 Series | Configuration Guide - Page 444
-req: 2 Reauth Period: 3600 Re-authentication: Disabled Authentication Mode: Port-based Guest VLAN: Disabled Forward 1x PDU: Disabled Total Entries: 1 DGS-6600:2> DGS-6600 Configuration Guide 444 - D-Link DGS-6600 Series | Configuration Guide - Page 445
: 0 ReauthsWhileAuthenticated: 0 EAP-StartsWhileAuthenticated: 0 EAP-LogoffsWhileAuthenticated: 0 BackendResponses: 0 BackendAccessChallenges: 0 BackendNonNakResponsesFromSupplicant: 0 BackendAuthSuccesses: 0 BackendAuthFails: 0 Total Entries: 1 DGS-6600:2> DGS-6600 Configuration Guide 445 - D-Link DGS-6600 Series | Configuration Guide - Page 446
1: Create VLAN2, VLAN3 and VLAN4 DGS-6600:15(config)# vlan 2 DGS-6600:15(config-vlan)# vlan 3 DGS-6600:15(config-vlan)# vlan 4 DGS-6600 Configuration Guide 446 - D-Link DGS-6600 Series | Configuration Guide - Page 447
(e.g., test/123). Step 2: Configure the VID to be assigned in RADIUS VLAN attribute "Tunnel-Private-Group-ID". In this example, assign to 4. DGS-6600 Configuration Guide 447 - D-Link DGS-6600 Series | Configuration Guide - Page 448
a channel-group member port. 3) 802.1x cannot be configured on a port-channel. 4) 802.1x cannot be enabled on a packet monitoring destination port. DGS-6600 Configuration Guide 448 - D-Link DGS-6600 Series | Configuration Guide - Page 449
Accounts Disabled None Re-authentication Disabled Forward 802.1x PDU Disabled Table 40-3 Default Variable Values List of Constants and Default Settings DGS-6600 Configuration Guide 449 - D-Link DGS-6600 Series | Configuration Guide - Page 450
Actions • Attack Types • Configuration Examples • Parameters An Introduction to DoS Protection A denial-of-service (DoS) attack is an attempt to make device resource unavailable to its intended users. The DoS will add log when counter increased in five minutes. DGS-6600 Configuration Guide 450 - D-Link DGS-6600 Series | Configuration Guide - Page 451
packets received in previous 5 minutes, the module will log and send trap. Attack Types The following table lists different DoS attack types. DGS-6600 Configuration Guide 451 - D-Link DGS-6600 Series | Configuration Guide - Page 452
Commands Commands clear dos_prevention counter dos_prevention action {trap_log} dos_prevention type {ATTACK-TYPES} show dos_prevention DGS-6600 Configuration Guide Configuration Commands Description A Land attack is an attack where IP packets source and destination addresses are set to - D-Link DGS-6600 Series | Configuration Guide - Page 453
type land_attack The following example shows how to enable the DoS prevention mechanism for all supported types. DGS-6600# configure terminal DGS-6600(config)# dos_prevention type all The following Attack", "Blat Attack" will be dropped. Each packet dropped by DGS-6600 Configuration Guide 453 - D-Link DGS-6600 Series | Configuration Guide - Page 454
/ tcp_null_scan / tcp_xmasscan / tcp_synfin / tcp_syn_srcport_less_1024 / all Enable DoS prevention mechanism for specific or all attacking type. drop Drop / trap_log Enable DoS prevention actions. DGS-6600 Configuration Guide 454 - D-Link DGS-6600 Series | Configuration Guide - Page 455
intercepted ARP packets according to the setting of DHCP database before further processing. It Releases the packets that do not pass inspection. DGS-6600 Configuration Guide 455 - D-Link DGS-6600 Series | Configuration Guide - Page 456
response packets, the consistency of the destination MAC address in the Ethernet header against the target MAC address in the ARP payload. DGS-6600 Configuration Guide 456 - D-Link DGS-6600 Series | Configuration Guide - Page 457
shows how to enable ARP inspection on VLAN2: DGS-6600# configure terminal DGS-6600(config)# ip arp inspection vlan 2 DGS-6600(config)# DGS-6600 Configuration Guide 457 - D-Link DGS-6600 Series | Configuration Guide - Page 458
prevent users from obtaining IP addresses, or even cheat and steal user information. To solve this problem, DHCP Snooping classifies the ports into two types: TRUST port and UNTRUST port. The device forwards time into a entry to form a DHCP Snooping user database. DGS-6600 Configuration Guide 458 - D-Link DGS-6600 Series | Configuration Guide - Page 459
, if the user makes sure none DHCP server packets is allowed from a port, he can just turn on this port's "DHCP Server DGS-6600 Configuration Guide 459 - D-Link DGS-6600 Series | Configuration Guide - Page 460
DHCP server screening function on port eth4.1 and eth5.3: DGS-6600# configure terminal DGS-6600(config)#ip dhcp screening ports eth4.1,eth5.3 DGS-6600 Configuration Guide 460 - D-Link DGS-6600 Series | Configuration Guide - Page 461
# configure terminal DGS-6600(config)# ip dhcp screening server-ip 10.1.1.1 client-mac 00-08-01-02-03-04 ports eth4.1-4.34 DGS-6600 Configuration Guide 461 - D-Link DGS-6600 Series | Configuration Guide - Page 462
example shows to enable trap/log function of DHCP screening: DGS-6600# configure terminal DGS-6600(config)# ip dhcp screening trap-log DGS-6600 Configuration Guide 462 - D-Link DGS-6600 Series | Configuration Guide - Page 463
10 1-30 Table 43-1 DHCP Server Screening Limitation Description Enable/Disable the DHCP server screening to provide the service for the ports. It's a per port control. The form of 3-tuple (DHCP server IP, client not accepted by permit rules will be kept. DGS-6600 Configuration Guide 463 - D-Link DGS-6600 Series | Configuration Guide - Page 464
. When a switch receives a packet on an untrusted interface and the interface belongs to a VLAN that is enabled DHCP snooping, the switch compares DGS-6600 Configuration Guide 464 - D-Link DGS-6600 Series | Configuration Guide - Page 465
, or even cheat and steal user information. To solve this problem, DHCP Snooping classifies the ports into two types: TRUST port and agent relays the packet. To enable the DHCP relay service, relay agent service must be enabled by service dhcp command, and the server address to relay Guide 465 - D-Link DGS-6600 Series | Configuration Guide - Page 466
enable DHCP snooping trust for port 3.3: DGS-6600(config)# interface eth3.3 DGS-6600(config-if)# ip dhcp snooping trust DGS-6600(config)# DGS-6600 Configuration Guide 466 - D-Link DGS-6600 Series | Configuration Guide - Page 467
how to enable DHCP snooping on vlan10: DGS-6600# configure terminal DGS-6600(config)# ip dhcp snooping vlan 10 DGS-6600(config)# DGS-6600 Configuration Guide 467 - D-Link DGS-6600 Series | Configuration Guide - Page 468
. Use the command to display DHCP snooping binding entries. This command is used to display the statistics of the DHCP snooping database. DGS-6600 Configuration Guide 468 - D-Link DGS-6600 Series | Configuration Guide - Page 469
be learned as static entry and stored in NVRAM so that the entry is retained if the Switch is rebooted. 3) Violation Action DGS-6600 Configuration Guide 469 - D-Link DGS-6600 Series | Configuration Guide - Page 470
with Other Modules 1) Cannot enable port security on 802.1x enabled ports. 2) Cannot configure port security settings on a channel group member port. DGS-6600 Configuration Guide 470 - D-Link DGS-6600 Series | Configuration Guide - Page 471
Values Variable Name Default Value Port Security Disabled Port Security Mode Delete-on-Timeout Violation Action Shutdown Table 45-2 Default Variable Values DGS-6600 Configuration Guide 471 - D-Link DGS-6600 Series | Configuration Guide - Page 472
will be forwarded. While user configures a static entry to IP Source Guard, if the HW ACL table has no enough entry or DGS-6600 Configuration Guide 472 - D-Link DGS-6600 Series | Configuration Guide - Page 473
has any blocked entry. Because IP source guard is not support IPv6 in Release2, while user runs IP source guard then the FDB ACL is a hardware mechanism and its entry can come from either the manual configured entry or the DHCP snooping binding database. The packet fails to pass Guide 473 - D-Link DGS-6600 Series | Configuration Guide - Page 474
-6600# configure terminal DGS-6600(config)# ip source binding 00-01-02-03-04-05 vlan 2 10.1.1.1 interface eth3.10 DGS-6600# DGS-6600 Configuration Guide 474 - D-Link DGS-6600 Series | Configuration Guide - Page 475
attack methods and these attacks may increase the switch load beyond its capability. To alleviate this problem, the Safeguard Engine function was added to the DGS-6600. The Safeguard Engine can help the seconds. For a better understanding, see the figure below. DGS-6600 Configuration Guide 475 - D-Link DGS-6600 Series | Configuration Guide - Page 476
25%. The switch will then return to its interval checking and dynamically adjust the packet flow to avoid overload of the Switch. DGS-6600 Configuration Guide 476 - D-Link DGS-6600 Series | Configuration Guide - Page 477
of manage packet group, and set threshold to 1000 packets per seconds. DGS-6600(config)# cpu-protect sub-interface manage pps 1000 DGS-6600 Configuration Guide 477 - D-Link DGS-6600 Series | Configuration Guide - Page 478
Volume 8-Safeguard Engine / Chapter 47-Safeguard Engine Settings Configuration Commands DGS-6600 Configuration Guide 478 - D-Link DGS-6600 Series | Configuration Guide - Page 479
domain of a port to a set of specified ports. Used to remove a port or group of ports from the forwarding domain of a port. DGS-6600 Configuration Guide 479 - D-Link DGS-6600 Series | Configuration Guide - Page 480
: 1.All PCs can communicate to Server, e.g. 2.PCs at same "group" can communicate each other. 3.PCs at different segments CANNOT communicate each other. DGS-6600 Configuration Guide 480 - D-Link DGS-6600 Series | Configuration Guide - Page 481
is possible to ping the various devices to determine configuration status: PC2 (10.0.0.2/8) can ping Server (10.0.0.1/8), but cannot ping PC3 (10.0.0.3/8). DGS-6600 Configuration Guide 481 - D-Link DGS-6600 Series | Configuration Guide - Page 482
Default Value Traffic Segmentation No segmentation. Packets received on a port can be flooded to all other ports. Table 48-1 Default Variable Values DGS-6600 Configuration Guide 482 - D-Link DGS-6600 Series | Configuration Guide - Page 483
Part 9- Network Application The following chapters are included in this volume: • DHCP Server Configuration • DHCP Relay Configuration • DHCPv6 Client Configuration • sFlow - D-Link DGS-6600 Series | Configuration Guide - Page 484
Configuring the IP Domain Name System Servers for the Client • Configuring the NetBIOS Windows Internet Naming Service Servers for the Client • Configuring the NetBIOS Node Type for the client • Configuring the Default parameters. The DHCP assigns IP address in DGS-6600 Configuration Guide 484 - D-Link DGS-6600 Series | Configuration Guide - Page 485
addresses that will expire after a period of time to the clients; 3. Configure IP addresses manually. Network administrators can specify IP addresses and send specified IP addresses to the clients through the which are listed below: • based on hardware mac address DGS-6600 Configuration Guide 485 - D-Link DGS-6600 Series | Configuration Guide - Page 486
49-DHCP Server Configuration • based on client identifier • based on customer vlan tag number • based on service provider vlan tag number • based on IP address of ingress interface • based on IP address of relay IP address in address pool chosen by section 40-3-2. DGS-6600 Configuration Guide 486 - D-Link DGS-6600 Series | Configuration Guide - Page 487
based on secondary IP address, the device will not select this address pool. Therefore, you might not be able to get DHCPOFFER. DGS-6600 Configuration Guide 487 - D-Link DGS-6600 Series | Configuration Guide - Page 488
be enabled at the same time(DHCP server can be enabled by command "service dhcp" and relay can be enabled by command "ip dhcp relay") but configured. For a full list of commands and options please refer to the CLI guide. • Enabling the DHCP Server • Configuring the DHCP Address Pool Name and - D-Link DGS-6600 Series | Configuration Guide - Page 489
DGS-6600. To enable these features use the following command in the global configuration mode. Command service dhcp Explanation Use this command to enable DHCP server function. The DHCP server function is disabled the start IP address and end IP address. Both the DGS-6600 Configuration Guide 489 - D-Link DGS-6600 Series | Configuration Guide - Page 490
listed in order of preference, if the number of servers is more than 1, then execute the following command multiple times with different DGS-6600 Configuration Guide 490 - D-Link DGS-6600 Series | Configuration Guide - Page 491
10.1.1.1 Configuring the NetBIOS Windows Internet Naming Service Servers for the Client Windows Internet Naming Service (WINS) is a name resolution service that Microsoft DHCP clients use to match host system queries the name server first, and then broadcasts. DGS-6600 Configuration Guide 491 - D-Link DGS-6600 Series | Configuration Guide - Page 492
Chapter 49-DHCP Server Configuration DHCP Server Configuration Commands Resolution through LMHOSTS and/or Domain Name Service (DNS), if enabled, will follow these methods.To configure the NetBIOS node type for no form of this command to restore the default value. DGS-6600 Configuration Guide 492 - D-Link DGS-6600 Series | Configuration Guide - Page 493
. Use the no form of this command to restore the wait time for the ping reply back to the default value (500ms). DGS-6600 Configuration Guide 493 - D-Link DGS-6600 Series | Configuration Guide - Page 494
-12-28 Lease expiration 18:38:56, 2012-12-29 18:38:56, 2012-12-29 18:38:56, 2012-12-29 DGS-6600 Configuration Guide 494 - D-Link DGS-6600 Series | Configuration Guide - Page 495
: MSFT IP addresses: total 511 10.0.0.1 10.0.1.1-10.0.1.255 10.0.3.1-10.0.3.255 Number of leased address: 100 Number of conflict addresses: 2 DGS6600# DGS-6600 Configuration Guide 495 - D-Link DGS-6600 Series | Configuration Guide - Page 496
messages 0 Message BOOTREQUEST DHCPDISCOVER DHCPREQUEST DHCPDECLINE DHCPRELEASE DHCPINFORM Received 12 200 178 0 0 0 Message BOOTREPLY DHCPOFFER DHCPACK DHCPNAK DGS6600# Sent 12 190 172 6 DGS-6600 Configuration Guide 496 - D-Link DGS-6600 Series | Configuration Guide - Page 497
Router Table 49-1 Maximum Number 8 DNS Server 8 WINS Server 8 Address Pool Supported Client Number 12288 12288 Limitations Description DHCP server fills the option "default router" with configurable address pools. Affordable maximum number of clients. DGS-6600 Configuration Guide 497 - D-Link DGS-6600 Series | Configuration Guide - Page 498
Introduction to DHCP Relay Agent Operation • DHCP Relay Configuration Commands • Enabling the DHCP Relay Agent Service • Specifying the Maximum Number of DHCP Relay Hops • Specifying a DHCP Relay Address • reply packet as the packet is sent to the client. DGS-6600 Configuration Guide 498 - D-Link DGS-6600 Series | Configuration Guide - Page 499
Sub-Option Format The remote ID sub-option is encoded based on the following format:I Figure 50-3 Remote ID Sub-Option Format DGS-6600 Configuration Guide 499 - D-Link DGS-6600 Series | Configuration Guide - Page 500
Command ip dhcp relay Explanation Globally enables the DHCP relay agent service. In the following example, the user globally enables the DHCP relay agent service: DGS-6600:2>enable DGS-6600:15#configure terminal DGS-6600 agents that a DHCP message can traverse. DGS-6600 Configuration Guide 500 - D-Link DGS-6600 Series | Configuration Guide - Page 501
the Relay Agent Information Option The user can enable the insertion of the option-82 field in a message when relaying a DHCP message. DGS-6600 Configuration Guide 501 - D-Link DGS-6600 Series | Configuration Guide - Page 502
reply DHCP message and drop the invalid messages. The user can disable this checking function and forward all of the relay messages. DGS-6600 Configuration Guide 502 - D-Link DGS-6600 Series | Configuration Guide - Page 503
-6600:2>enable DGS-6600:15#configure terminal DGS-6600:15(config)#ip dhcp relay information trust-all DGS-6600:15(config)#end DGS-6600 Configuration Guide 503 - D-Link DGS-6600 Series | Configuration Guide - Page 504
Agent Configuration The user can use the following command to display the IP DHCP relay agent configuration: Command show ip dhcp relay DGS-6600 Configuration Guide Explanation Displays the IP DHCP relay agent configuration. 504 - D-Link DGS-6600 Series | Configuration Guide - Page 505
vlan800 DGS-6600:2> List of Constants and Default Settings Constant Name Value Number of Supported DHCP Server 4 Addresses per Interface Table 50-1 Constants Values Variable Name Default Value IP Interface Un-trusted Table 50-2 Default Variable Values DGS-6600 Configuration Guide 505 - D-Link DGS-6600 Series | Configuration Guide - Page 506
with an advertise message. The client then chooses one of the servers and sends a request message to the server asking for a confirmed DGS-6600 Configuration Guide 506 - D-Link DGS-6600 Series | Configuration Guide - Page 507
port of sending packet DHCPv6 V Client FF02::1:2 Client link-local address 547 DHCPv6 Server Client link-local address Server IP address 546 DGS-6600 Configuration Guide 507 - D-Link DGS-6600 Series | Configuration Guide - Page 508
format header and a variable format area for options. The following diagram illustrates the format of a DHCPv6 message sent between clients and servers: DGS-6600 Configuration Guide 508 - D-Link DGS-6600 Series | Configuration Guide - Page 509
to locate servers. A Server sends an advertise message to indicate that it is available for DHCPv6 Services, in response to a solicit message received from a client. A client sends a request message to client will no longer use one or more of the assigned addresses. DGS-6600 Configuration Guide 509 - D-Link DGS-6600 Series | Configuration Guide - Page 510
) DECLINE (9) CONFIRM (4) RECONFIGURE (10) RELAY-FORWARD (12), RELAY-REPLY (13) DHCPv4 Message Type DHCPDISCOVER DHCPOFFER DHCPREQUEST DHCPACK/DHCPNAK DHCPRELEASE DHCPINFORM DHCPDECLINE DHCPFORCERENEW - DGS-6600 Configuration Guide 510 - D-Link DGS-6600 Series | Configuration Guide - Page 511
the valid lifetime specified in the IA_PD Prefix option. A requesting router may use the preferred lifetime specified in the IA_PD Prefix option. DGS-6600 Configuration Guide 511 - D-Link DGS-6600 Series | Configuration Guide - Page 512
preference for those values. In a message sent by a server to a client, the client uses the values in the T1 and T2 fields DGS-6600 Configuration Guide 512 - D-Link DGS-6600 Series | Configuration Guide - Page 513
command to enable Dynamic Host Configuration Protocol (DHCP) for IPv6 client. Use the no form of this command to disable DHCPv6 features. DGS-6600 Configuration Guide 513 - D-Link DGS-6600 Series | Configuration Guide - Page 514
Host Configuration Protocol (DHCP) for IPv6 client information refresh time on a specified interface. Only VLAN interfaces are valid interfaces for this command. DGS-6600 Configuration Guide 514 - D-Link DGS-6600 Series | Configuration Guide - Page 515
(config)# interface vlan2 DGS-6600(config-if)# no ipv6 address my-prefix 0:0:0:1::1/64 The following example shows how to set a global address by manual configuration: DGS-6600 > enable DGS-6600# configure terminal DGS-6600(config)# interface vlan2 DGS-6600(config-if)# ipv6 address 3ffe:22:22:22 - D-Link DGS-6600 Series | Configuration Guide - Page 516
shows how to remove a global address by manual configuration: DGS-6600 > enable DGS-6600# ::2:2:2:2:2:/64 IPv6 prefix my-prefix Acquired via Manual configuration: 3ffe:1:1::/48 Apply to interface: my-prefix Acquired via Manual configuration: 3ffe:1:1::/48 Apply to interface: vlan2 ::1:1:1:1:1/64 - D-Link DGS-6600 Series | Configuration Guide - Page 517
vlan1 Interface vlan1 is in DHCPv6 client mode. State: REQUEST Server IP: N/A Server DUID: N/A Preference: 0 Event expire: 10 IA is not acquired. DGS-6600 Configuration Guide 517 - D-Link DGS-6600 Series | Configuration Guide - Page 518
IA ID: 0003 T1: 300 T2: 800 Prefer Lifetime: 3600 Valid Lifetime: 7200 Prefix: 3000:1:2::/48 IA expire: 219 Addr expire: 5119 DGS-6600 Configuration Guide 518 - D-Link DGS-6600 Series | Configuration Guide - Page 519
-6 Item Range Configure minimum refresh time General prefix name length Maximum prefix length of general prefix 600-65535 (seconds) 1-16 (characters) 64 DGS-6600 Configuration Guide 519 - D-Link DGS-6600 Series | Configuration Guide - Page 520
Volume 9-Network Application / Chapter 51-DHCPv6 Client Configuration Item General prefix name length Table 51-6 Range 1 -16 (characters) Restriction/Limitation DGS-6600 Configuration Guide 520 - D-Link DGS-6600 Series | Configuration Guide - Page 521
sFlow Packet flow samples Counter samples The sFlow agent can be configured to sample the packets and counters of each interface independently. DGS-6600 Configuration Guide 521 - D-Link DGS-6600 Series | Configuration Guide - Page 522
parameters of the same Receiver and all the Samplers and Pollers associated with the Receiver will be restored to their default values. DGS-6600 Configuration Guide 522 - D-Link DGS-6600 Series | Configuration Guide - Page 523
Samplers with different sampling rates and multiple Pollers with different polling intervals. There is no problem for multiple polling intervals with one interface because the counter sampling is software-based. But rates to be obtained in software by sub-sampling. DGS-6600 Configuration Guide 523 - D-Link DGS-6600 Series | Configuration Guide - Page 524
as 1, RATE as 1024 and SIZE as 128 bytes. DGS-6600(config-if)# sflow sampler 1 receiver 1 sampling-rate 1024 max-headersize 128 DGS-6600 Configuration Guide 524 - D-Link DGS-6600 Series | Configuration Guide - Page 525
)#sflow DGS-6600:15(config)#mgmt DGS-6600:15(mgmt-if)#sflow receiver 1 owner collector1 expiry infinite host 10.90.90.91 DGS-6600 Configuration Guide 525 - D-Link DGS-6600 Series | Configuration Guide - Page 526
Version : 5 Samplers Information Interface Instance Receiver Sampling-rate Max-header-size eth2.1 1 1 1024 256 Pollers Information Interface Instance Receiver Interval eth2.1 1 1 20 DGS-6600 Configuration Guide 526 - D-Link DGS-6600 Series | Configuration Guide - Page 527
Part 10- Network Management The following chapters are included in this volume: • Simple Network Management Protocol (SNMP) • RMON • Error Disable Port Recovery • Traffic Storm Control - D-Link DGS-6600 Series | Configuration Guide - Page 528
and the SNMP agent can send unsolicited traps to inform the SNMP manager of any new events. The Switch supports all three versions of SNMP; SNMP v1, SNMP v2c, and SNMP v3. Both SNMP v1 and SNMP Packets are encrypted to prevent eavesdroppers from learning the packet. DGS-6600 Configuration Guide 528 - D-Link DGS-6600 Series | Configuration Guide - Page 529
of the trap receiver. SNMP Configuring Commands The following topics are included in this sub-section: • Setting up Basic SNMP Server Information DGS-6600 Configuration Guide 529 - D-Link DGS-6600 Series | Configuration Guide - Page 530
the SNMP server on the Switch: Command snmp-server Explanation Enables the sending of SNMP traps that are defined in RFC 1157. DGS-6600 Configuration Guide 530 - D-Link DGS-6600 Series | Configuration Guide - Page 531
the community name, with either readonly access rights or read/write access rights to all MIB objects supported by the system. Under the SNMP v3 framework, view records are used to define the set of Displays the current community string, view record, or group. DGS-6600 Configuration Guide 531 - D-Link DGS-6600 Series | Configuration Guide - Page 532
-6600:15(config)#end DGS-6600:15#show snmp community codes: ro - read only, rw - ReadWrite (rw)private (ro)public Total Entries: 2 DGS-6600 Configuration Guide 532 - D-Link DGS-6600 Series | Configuration Guide - Page 533
-server user USER-NAME GROUP-NAME v3 [encrypted] [auth {md5 | sha} AUTHPASSWORD] [priv PRIV-PASSWORD]] Adds users to the SNMP user group. DGS-6600 Configuration Guide 533 - D-Link DGS-6600 Series | Configuration Guide - Page 534
also be specified. If the highest security level is specified, the trap packet can be protected by the authentication and encryption mechanism. DGS-6600 Configuration Guide 534 - D-Link DGS-6600 Series | Configuration Guide - Page 535
snmp-server enable traps no snmp-server enable traps Explanation Enables sending for all trap types. Disables sending for all trap types. DGS-6600 Configuration Guide 535 - D-Link DGS-6600 Series | Configuration Guide - Page 536
engine ID: Command snmp-server engineID local ENGINEIDSTRING show snmp engineID Explanation Configures the SNMPv3 engine ID. Displays the SNMPv3 engine configuration. DGS-6600 Configuration Guide 536 - D-Link DGS-6600 Series | Configuration Guide - Page 537
DGS-6600:15(config)#snmp-server community dlinkr view dlink ro DGS-6600:15(config)#snmp-server community dlinkwr view dlink rw DGS-6600 Configuration Guide 537 - D-Link DGS-6600 Series | Configuration Guide - Page 538
can receive link-up v2 trap message. SNMP v3 with trap Configuration Example Create SNMP V3 trap receiver. Create Snmpv3 community Strings. DGS-6600 Configuration Guide 538 - D-Link DGS-6600 Series | Configuration Guide - Page 539
auth md5 12345678 Step 3: configure IP address of VLAN DGS-6600:15(config)#interface vlan1 DGS-6600:15(config-if)#ip address 2.0.0.1/8 DGS-6600 Configuration Guide 539 - D-Link DGS-6600 Series | Configuration Guide - Page 540
Name: initial Total Entries: 2 By plugging a cable into one of the DGS-6600 ports, PC1 can receive link-up v3 trap messages. DGS-6600 Configuration Guide 540 - D-Link DGS-6600 Series | Configuration Guide - Page 541
Encryption Enabled SNMP Server Contact None SNMP Location None SNMP System Name SNMP Server Service SNMP Server Hosts None Disabled None SNMP Server Users Initial Table 53-2 Default Variable -3 Snmp Server Groups Default Values CommunityView CommunityView DGS-6600 Configuration Guide 541 - D-Link DGS-6600 Series | Configuration Guide - Page 542
to exchange network-monitoring data. The RMON was developed by the IETF to support monitoring and protocol analysis of LANs. The original version (sometimes referred to is optional to be implemented. This device supports four RMON groups described as followed. Ethernet statistics group DGS- - D-Link DGS-6600 Series | Configuration Guide - Page 543
behalf whenever the event occurs. And the event entry may also specify that operation should occur by way of SNMP trap messages. DGS-6600 Configuration Guide 543 - D-Link DGS-6600 Series | Configuration Guide - Page 544
about the traffic for the interface. The administrator can also perform operations on the supported MIB RMON groups. Command rmon statistics ENTRY-NUMBER [owner NAME] no rmon statistics ethernet group statistics. Topology Figure 54-1 RMON Configuration Topology DGS-6600 Configuration Guide 544 - D-Link DGS-6600 Series | Configuration Guide - Page 545
to all ports eth2.16 Forwarding to all ports Step 2: It is possible to ping the various devices to determine configuration status: DGS-6600 Configuration Guide 545 - D-Link DGS-6600 Series | Configuration Guide - Page 546
Default Value Traffic Segmentation No segmentation. Packets received on a port can be flooded to all other ports. Table 54-1 Default Variable Values DGS-6600 Configuration Guide 546 - D-Link DGS-6600 Series | Configuration Guide - Page 547
receive any traffic. When a physical port is in the error disabled state, the port can be recovered manually by applying the shutdown and the no shutdown command. The mechanism described in this chapter is used to settings that will be used on error disabled ports. DGS-8000 Configuration Guide 547 - D-Link DGS-6600 Series | Configuration Guide - Page 548
and Default Settings Variable Name Default Value Error Disable Interval 300 Seconds Error Disable Port Recovery Disabled Table 55-1 Default Variable Values DGS-8000 Configuration Guide 548 - D-Link DGS-6600 Series | Configuration Guide - Page 549
configuration, the default time interval is 5 seconds. The traffic storm control supports two kinds of detection mod (level or a PPS). Level: Specifies to identify unknown unicast (DLF) storm events due to hardware chip support. Exceeded, unknown unicasts will always be dropped. If the action option - D-Link DGS-6600 Series | Configuration Guide - Page 550
global traffic storm control settings, the user needs to select the interfaces that the traffic storm control feature will be enabled on DGS-6600 Configuration Guide 550 - D-Link DGS-6600 Series | Configuration Guide - Page 551
broadcasts: DGS-6600:2>show storm-control interface broadcast Interface Storm Action Type Threshold eth4.1 Broadcast Shutdown pps 500 Total Entries: 1 DGS-6600:2> DGS-6600 Configuration Guide 551 - D-Link DGS-6600 Series | Configuration Guide - Page 552
ports in a port-channel. 3) If the traffic storm control function is using shutdown forever mode to shutdown a port, the user will need to manually enable the port using the no shutdown command in interface configuration mode. List of Constants and Default Settings Variable Name Default Value - D-Link DGS-6600 Series | Configuration Guide - Page 553
Time Interval 5 seconds Default Countdown Timer 0 seconds Default Recover Time 0 seconds Table 56-1 Default Variable Values List of Constants and Default Settings DGS-6600 Configuration Guide 553 - D-Link DGS-6600 Series | Configuration Guide - Page 554
Part 11- System Management The following chapters are included in this volume: • File System - D-Link DGS-6600 Series | Configuration Guide - Page 555
System The DGS-6600 Series Switch uses a FAT32 file system for storing system files. The storage media supported by the Switch include the on-board flash and the optional flash cards. The user can use the cf1 Table 57-1 Representative Drive for Each Storage Type DGS-6600 Configuration Guide 555 - D-Link DGS-6600 Series | Configuration Guide - Page 556
changes the configuration, the updated configuration will automatically be stored in DRAM. This copy of the configuration is called the running configuration. DGS-6600 Configuration Guide 556 - D-Link DGS-6600 Series | Configuration Guide - Page 557
the contents of the current running configuration file. Command show running-config Explanation Displays the contents of the current running configuration file. DGS-6600 Configuration Guide 557 - D-Link DGS-6600 Series | Configuration Guide - Page 558
auth md5 pw123 snmp-server host 172.16.1.27 version 2c public snmp-server host 172.16.1.33 public ! vlan-tunnel ! vlan 2 vlan name IT-Support ! vlan 3 ! vlan 5 mac-base 00-11-22-33-ab-cd ! vlan 6 subnet-base 20.0.1.0/8 subnet-base 192.168.1.0/24 ! vlan 99 subnet-base 10.0.0.0/8 ! DGS - D-Link DGS-6600 Series | Configuration Guide - Page 559
15 dot1x timeout reauth-period 1000 dot1x pae authenticator ! interface eth4.12 vlan-tunnel tpid 0x88a0 mac access-group Block-Server in ! DGS-6600 Configuration Guide 559 - D-Link DGS-6600 Series | Configuration Guide - Page 560
99 spanning-tree guard root ! interface eth4.48 trunk allowed-vlan 2 traffic-segmentation forward interface eth4.1,eth4.2,eth4.3,eth4.4,eth4.5,eth4. 6,eth4.7 ! DGS-6600 Configuration Guide 560 - D-Link DGS-6600 Series | Configuration Guide - Page 561
\config\switch-config.txt Upload configuration to tftp:\\10.1.1.254\config\switch-config.txt, (y/n) [n]? y Configuration has been copied successfully. DGS-6600:15# DGS-6600 Configuration Guide 561 - D-Link DGS-6600 Series | Configuration Guide - Page 562
in global configuration mode to clear the system running configuration: Command clear running-config factory-defaults Explanation Clears the system running configuration. DGS-6600 Configuration Guide 562 - D-Link DGS-6600 Series | Configuration Guide - Page 563
the boot configuration file and overwrites the previous setting: Command boot config MEDIA: URL show boot show startup-config DGS-6600 Configuration Guide Explanation Specifies the boot-up configuration file. Displays the software image and configuration file that the Switch will use next time the - D-Link DGS-6600 Series | Configuration Guide - Page 564
to download a configuration file using TFTP: Command copy tftp:\\IP-ADDRESS\[DIRECTORY\] FILENAME DESTINATION-URL Explanation Downloads configuration file from a TFTP server. DGS-6600 Configuration Guide 564 - D-Link DGS-6600 Series | Configuration Guide - Page 565
segmentation ... bandwidth control ... storm .... mirror ... plock ... acl ... mstp ... lacp ... asd ... common ... Reset configuration completed! Execute configurations....Please wait! Completed. DGS-6600:15# DGS-6600 Configuration Guide 565 - D-Link DGS-6600 Series | Configuration Guide - Page 566
image file. If the secondary file fails then the boot loader selects the tertiary image to load. Showing the Boot Image List DGS-6600 Configuration Guide 566 - D-Link DGS-6600 Series | Configuration Guide - Page 567
.had Checking image at local flash:\images\runtime.2.10.011_DGS-6600.had ... Done. Update bootlist ...... Done. Success DGS-6600:15(config)#end DGS-6600 Configuration Guide 567 - D-Link DGS-6600 Series | Configuration Guide - Page 568
an image file from a TFTP server: Command copy tftp:\\IP-ADDRESS\[DIRECTORY\] FILENAME DESTINATION-URL Explanation Downloads configuration file from a TFTP server. DGS-6600 Configuration Guide 568 - D-Link DGS-6600 Series | Configuration Guide - Page 569
Copy from flash:\images\runtime.2.10.011_DGS-6600.had to 10.73.87.1\runtime .2.10.011_DGS-6600.had ...done DGS-6600:15# DGS-6600 Configuration Guide 569 - D-Link DGS-6600 Series | Configuration Guide - Page 570
\runtime.3.00.080_DG S-6600.had (please note that the file name is dependant on the runtime version.) Table 57-3 Default Variable Values DGS-6600 Configuration Guide 570 - D-Link DGS-6600 Series | Configuration Guide - Page 571
Part 12- Troubleshooting The following chapters are included in this volume: • Displaying System Information • Logging System Messages • Port Mirroring • Remote Switching Port Analyzer (RSPAN) • Testing Network Connectivity • Debug Information to Compact Flash - D-Link DGS-6600 Series | Configuration Guide - Page 572
used to display system or on-site information that may be useful for troubleshooting problems. Information Categories The Switch can display information about the following categories: • sessions active in managing device. • Running Configuration information. DGS-6600 Configuration Guide 572 - D-Link DGS-6600 Series | Configuration Guide - Page 573
Volume 12-Troubleshooting / Chapter 58-Displaying System Information Displaying System Information Configuration Commands Displaying System Information Configuration Commands managing the device. Displays the contents of the current running configuration file. DGS-6600 Configuration Guide 573 - D-Link DGS-6600 Series | Configuration Guide - Page 574
Volume 12-Troubleshooting / Chapter 58-Displaying System Information Displaying System Information Configuration Commands Using the show system command The following example displays 00.008 :2.10.011 :QT101C3000010 :DGS-6600-48T :14:d6:4d:61:c9:10 :48 DGS-6600:2> DGS-6600 Configuration Guide 574 - D-Link DGS-6600 Series | Configuration Guide - Page 575
Volume 12-Troubleshooting / Chapter 58-Displaying System Information Displaying System Information Configuration Commands 2074152k 1214512k 859640k 996112k 56160k 939952k 2 - - - - - - 3 516004k 453828k 62176k - - - 4 - - - - - - DGS-6600:2> DGS-6600 Configuration Guide 575 - D-Link DGS-6600 Series | Configuration Guide - Page 576
Volume 12-Troubleshooting / Chapter 58-Displaying System Information Displaying System Information Configuration Commands Using the show -6600-48T Serial#: QT101C3000010 H/W: PCBA: Bootloader: Runtime: CPLD: A1 6 1.00.008 2.10.011 ver-4 4 - - DGS-6600:2> DGS-6600 Configuration Guide 576 - D-Link DGS-6600 Series | Configuration Guide - Page 577
Volume 12-Troubleshooting / Chapter 58-Displaying System Information Displaying System Information Configuration Commands Using the show environment The following example anonymous * 5 09:09:04 01/11/10 10.73.87.1 te 2 anonymous Total Entries: 2 DGS-6600:2> DGS-6600 Configuration Guide 577 - D-Link DGS-6600 Series | Configuration Guide - Page 578
Volume 12-Troubleshooting / Chapter 58-Displaying System Information Displaying System Information Configuration Commands Example display output from the show running ! vlan 5 subnet-base 172.16.0.0/16 ! vlan 20 subnet-base 10.0.0.0/8 ! vlan 21 ! (OUPUT OMITTED) DGS-6600 Configuration Guide 578 - D-Link DGS-6600 Series | Configuration Guide - Page 579
Volume 12-Troubleshooting / Chapter 58-Displaying System Information ! interface eth5.47 access vlan 2 ! interface eth5.48 description OSPF-Link-To-DGS-3828 24 ! interface vlan505 ip address 192.168.50.1/24 ! end Displaying System Information Configuration Commands DGS-6600 Configuration Guide 579 - D-Link DGS-6600 Series | Configuration Guide - Page 580
for understanding what is happening on the network, therefore helping the administrator to troubleshoot any potential problems. Due to the broad coverage of reported events, the system messages enable 59-1 Descriptions of Severity Levels for Syslog Error Messages DGS-6600 Configuration Guide 580 - D-Link DGS-6600 Series | Configuration Guide - Page 581
Volume 12-Troubleshooting / Chapter 59-Logging System Messages Chapter Overview Level Number Severity Level Description 6 Informational Informational messages. 7 Debugging Debugging The user can manage the messages in the local buffer in the following ways: DGS-6600 Configuration Guide 581 - D-Link DGS-6600 Series | Configuration Guide - Page 582
Volume 12-Troubleshooting / Chapter 59-Logging System Messages Chapter Overview 1)Define the severity level for selectively logging system messages in the local buffer Host Severity Facility Port Mode 10.73.87.22 warning local7 514 DGS-6600:15(config)# DGS-6600 Configuration Guide 582 - D-Link DGS-6600 Series | Configuration Guide - Page 583
Volume 12-Troubleshooting / Chapter 59-Logging System Messages Chapter Overview In the following example, the user displays the contents of the logging buffer, saves severity level to the Syslog server. Up to four Syslog servers can be configured on the Switch. DGS-6600 Configuration Guide 583 - D-Link DGS-6600 Series | Configuration Guide - Page 584
Volume 12-Troubleshooting / Chapter 59-Logging System Messages Chapter Overview To enable the Switch to log system messages to a remote Syslog server, enter the logging host Host Severity Facility Port Mode 10.73.87.22 warning local7 514 DGS-6600:15# DGS-6600 Configuration Guide 584 - D-Link DGS-6600 Series | Configuration Guide - Page 585
Volume 12-Troubleshooting / Chapter 59-Logging System Messages List of Constants and Default Settings Constant Name Value Maximum Number of Syslog 4 5(Notice) Syslog Server None Table 59-3 Default Variable Values List of Constants and Default Settings DGS-6600 Configuration Guide 585 - D-Link DGS-6600 Series | Configuration Guide - Page 586
Introduction to Port Mirroring Packet Mirroring is a useful tool that can help a user troubleshoot network problems. With the packet mirroring function, traffic activity, regardless of RX or TX traffic, . Specifies the source interface of the mirroring session. DGS-6600 Configuration Guide 586 - D-Link DGS-6600 Series | Configuration Guide - Page 587
Volume 12-Troubleshooting / Chapter 60-Port Mirroring Port Mirroring Configuration Commands In the following example, the user creates a packet mirroring Destination Port : eth4.2 Ingress : Disable Source Ports : Both : eth4.3 RX : - TX : - DGS-6600:2> DGS-6600 Configuration Guide 587 - D-Link DGS-6600 Series | Configuration Guide - Page 588
Volume 12-Troubleshooting / Chapter 60-Port Mirroring In the following example, the user displays all port mirroring sessions: DGS-6600:2>show monitor monitor session 1 destination interface eth2.1 DGS-6600:15(config)#monitor session 1 source interface eth2.2 both DGS-6600 Configuration Guide 588 - D-Link DGS-6600 Series | Configuration Guide - Page 589
Volume 12-Troubleshooting / Chapter 60-Port Mirroring Verifying The Configuration Relations with Other Modules For verification Use the following command Values Variable Name Default Value Default Mirroring Sessions None Table 60-2 Default Variable Values DGS-6600 Configuration Guide 589 - D-Link DGS-6600 Series | Configuration Guide - Page 590
Volume 12-Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) Chapter Overview Chapter 61 Remote Switching Port Analyzer (RSPAN) Chapter the associated destination port. The following figure illustrates the remote mirroring via RSPAN VLAN. DGS-6600 Configuration Guide 590 - D-Link DGS-6600 Series | Configuration Guide - Page 591
the switch. iii. Both - In a Monitor session, you can also monitor a port for both received and sent packets. This is the default. DGS-6600 Configuration Guide 591 - D-Link DGS-6600 Series | Configuration Guide - Page 592
Volume 12-Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) RSPAN Configuration Commands More remote source session detail design, please reference (config)# vlan 100 DGS6600(config-vlan)# remote-span DGS6600(config-vlan)#exit DGS6600(config)# DGS-6600 Configuration Guide 592 - D-Link DGS-6600 Series | Configuration Guide - Page 593
Volume 12-Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) monitor session RSPAN Configuration Commands Command monitor session SESSION-NUMBER member of VLAN 1000. DGS6600(config)# interface eth1.1 DGS6600(config-if)# trunk allowed-vlan 1000 DGS-6600 Configuration Guide 593 - D-Link DGS-6600 Series | Configuration Guide - Page 594
Volume 12-Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) show monitor session Configuration Examples Command show monitor session [SESSION-NUMBER | . RSPAN VLAN is VLAN100. PC1 is at VLAN100. Topology Figure 61-1 RSPAN Configuration Topology DGS-6600 Configuration Guide 594 - D-Link DGS-6600 Series | Configuration Guide - Page 595
Volume 12-Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) R1 (Router 1 - source) Configuration Steps Step 1: Create VLAN 2 and 100 (RSPAN VLAN session 1 source remote vlan 100 DGS-6600:15(config)#monitor session 1 destination interface eth2.1 DGS-6600 Configuration Guide 595 - D-Link DGS-6600 Series | Configuration Guide - Page 596
Volume 12-Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) Relationship with tagged port, the packets send to Port Analyzer is tagged. Otherwise, it is untagged packets. We will not support the function : when a VLAN is specified as a RSPAN VLAN, the access member port of the VLAN - D-Link DGS-6600 Series | Configuration Guide - Page 597
Volume 12-Troubleshooting / Chapter 61-Remote Switching Port Analyzer (RSPAN) Relationship with other modules in the DGS-6600-Series Trunk Link aggregation Default Value Config/Show none Value Range Description 1-4094 Specify the RSPAN VLAN by VLAN ID. DGS-6600 Configuration Guide 597 - D-Link DGS-6600 Series | Configuration Guide - Page 598
Troubleshooting the failure of a node. Whenever a network problem is encountered, the problem can usually be isolated by using the ping command fields, and whether packets of different lengths can be serviced. The following command is used to test the connectivity # DGS-6600 Configuration Guide 598 - D-Link DGS-6600 Series | Configuration Guide - Page 599
Volume 12-Troubleshooting / Chapter 62-Testing Network Connectivity Tracing ms DGS-6600:15# Tracing the Route to a Specific Destination When the user has a problem accessing a specific destination, the user may need to check all the hops located on the reached). DGS-6600 Configuration Guide 599 - D-Link DGS-6600 Series | Configuration Guide - Page 600
Volume 12-Troubleshooting / Chapter 62-Testing Network Connectivity Tracing the Route to a Specific Destination To determine when a datagram has reached its destination, the traceroute 47:65:52:101 (2052:1::47:65:52:101) 40.749 ms 1.716 ms 1.530 ms DGS-6600:15# DGS-6600 Configuration Guide 600 - D-Link DGS-6600 Series | Configuration Guide - Page 601
to know DGS6600 device information on-site, especially if there is a problem that's non-replicable in the LAB. Terminology 1) Compact Flash slot 1 debug info collection needs to be done from Console, and is not supported from either telnet or web. The debug dump will be stored to Guide 601 - D-Link DGS-6600 Series | Configuration Guide - Page 602
debug cf2 tftp:\\10.19.72.86\dgs66debug2.txt Copy debug information from cf2 to 10.19.72.86\dgs66debug2.txt .........done DGS-6600 Configuration Guide 602 - D-Link DGS-6600 Series | Configuration Guide - Page 603
file (in this case, dgs66debug2.txt, or dgs66debug_0505.txt) in your PC's TFTP directory, zip it, and transfer the file to us. DGS-6600 Configuration Guide 603
![](/manual_guide/products/dlink-dgs660048ts-configuration-guide-e0c19e0/1.png)
DGS-6600 Configuration Guide
i
DGS-6600
Configuration Guide
Ver. 1.00