Home » D-Link Manuals » Hubs & Switches » D-Link DIS-300G-14PSW » Manual Viewer

D-Link DIS-300G-14PSW Product Manual - Page 76

Aging Period, Hold Time, RADIUS-Assigned QoS, Enabled

View all D-Link DIS-300G-14PSW manuals

Add to My Manuals
Save this manual to your list of manuals

Page 76 highlights

Aging Period Hold Time RADIUS-Assigned QoS Enabled Valid values are in the range 1 to 65535 seconds. This has no effect for MAC-based ports. This setting applies to the following modes, i.e. modes using the Port Security functionality to secure MAC addresses: • Single 802.1X • Multi 802.1X • MAC-Based Auth. When the NAS module uses the Port Security module to secure MAC addresses, the Port Security module needs to check for activity on the MAC address in question at regular intervals and free resources if no activity is seen within a given period of time. This parameter controls exactly this period and can be set to a number between 10 and 1000000 seconds. If reauthentication is enabled and the port is in an 802.1X-based mode, this is not so critical, since supplicants that are no longer attached to the port will get removed upon the next reauthentication, which will fail. But if reauthentication is not enabled, the only way to free resources is by aging the entries. For ports in MAC-based Auth. mode, reauthentication doesn't cause direct communication between the switch and the client, so this will not detect whether the client is still attached or not, and the only way to free any resources is to age the entry. This setting applies to the following modes, i.e. modes using the Port Security functionality to secure MAC addresses: • Single 802.1X • Multi 802.1X • MAC-Based Auth. If a client is denied access - either because the RADIUS server denies the client access or because the RADIUS server request times out (according to the timeout specified on the "Configuration→Security→AAA" page) - the client is put on hold in the Unauthorized state. The hold timer does not count during an on-going authentication. In MAC-based Auth. mode, the switch will ignore new frames coming from the client during the hold time. The Hold Time can be set to a number between 10 and 1000000 seconds. RADIUS-assigned QoS provides a means to centrally control the traffic class to which traffic coming from a successfully authenticated supplicant is assigned on the switch. The RADIUS server must be configured to transmit special RADIUS attributes to take advantage of this feature (see RADIUS-Assigned QoS Enabled below for a detailed description). 76

Section	Page
1. Introductions	13
1.1 System Description	13
1.2 Using the Web Interface	13
1.2.1 Web Browser Support	13
1.2.2 Navigation	14
1.2.3 Title Bar Icons	14
1.2.4 Ending a Session	15
1.3 Using the Online Help	15
2. Using the Web	16
2.1 Login	16
2.2 Tree View	17
2.2.1 Configuration Menu	17
2.2.2 Monitor Menu	18
2.2.3 Diagnostics Menu	19
2.2.4 Maintenance Menu	19
2.3 Configuration	20
2.3.1 System	20
2.3.2 System Information	20
2.3.3 System IP	21
2.3.4 System NTP	24
2.3.5 System Time	25
2.3.6 System Log	27
2.3.7 System Alarm Profile	28
2.3.8 Green Ethernet	31
2.3.9 Port Power Savings	31
2.3.10 Port	33
2.3.11 DHCP	35
2.3.12 DHCP Server	35
2.3.13 DHCP Server Mode	35
2.3.14 DHCP Server Excluded IP	37
2.3.15 DHCP Server Pool	38
2.3.16 DHCP Snooping	39
2.3.17 DHCP Relay	40
2.3.18 Security	42
2.3.19 Switch	42
2.3.20 Users	42
2.3.21 Privilege Level	44
2.3.22 Auth Method	46
2.3.23 SSH	48
2.3.24 HTTPS	49
2.3.25 Access Management	49
2.3.26 SNMP	51
2.3.27 SNMP System Configuration	51
2.3.28 SNMP Trap Configuration	53
2.3.29 SNMP Communities	57
2.3.30 SNMP Users	58
2.3.31 SNMP Groups	60
2.3.32 SNMP Views	62
2.3.33 SNMP Access	63
2.3.34 RMON	65
2.3.35 RMON Statistics	65
2.3.36 RMON History	66
2.3.37 RMON Alarm	67
2.3.38 RMON Event	69
2.3.39 Network	71
2.3.40 Limit Control	71
2.3.41 NAS	74
2.3.42 ACL	84
2.3.43 ACL Port	84
2.3.44 ACL Rate Limiters	86
2.3.45 Access Control List	88
2.3.46 IP Source Guard	99
2.3.47 IP Source Guard Configuration	99
2.3.48 IP Source Guard Static Table	101
2.3.49 ARP Inspection	102
2.3.50 Port Configuration	102
2.3.51 VLAN Configuration	104
2.3.52 Static Table	106
2.3.53 Dynamic Table	107
2.3.54 AAA	109
2.3.55 RADIUS	109
2.3.56 TACACS+	111
2.3.57 Aggregation	113
2.3.58 Static Aggregation	113
2.3.59 LACP Aggregation	115
2.3.60 Loop Protection	117
2.3.61 Spanning Tree	119
2.3.62 Bridge Settings	119
2.3.63 MSTI Mapping	121
2.3.64 MSTI Priorities	123
2.3.65 CIST Ports	124
2.3.66 MSTI Ports	127
2.3.67 IPMC Profile	130
2.3.68 Profile Table	130
2.3.69 Address Entry	132
2.3.70 MVR	134
2.3.71 IPMC	137
2.3.72 IGMP Snooping	137
2.3.73 Basic Configuration	137
2.3.74 VLAN Configuration	139
2.3.75 Port Filtering Profile	142
2.3.76 MLD Snooping	143
2.3.77 Basic Configuration	143
2.3.78 VLAN Configuration	145
2.3.79 Port Filtering Profile	148
2.3.80 LLDP	149
2.3.81 LLDP	149
2.3.82 LLDP-MED	151
2.3.83 PoE	158
2.3.84 PoE Scheduler	160
2.3.85 Power Reset	162
2.3.86 MAC Table	163
2.3.87 VLANs	164
2.3.88 Private VLANs	169
2.3.89 Membership	169
2.3.90 Port Isolation	171
2.3.91 VCL	172
2.3.92 MAC-based VLAN	172
2.3.93 Protocol-based VLAN	174
2.3.94 Protocol to Group	174
2.3.95 Group to VLAN	176
2.3.96 IP Subnet-based VLAN	178
2.3.97 Voice VLAN	179
2.3.98 Voice VLAN Configuration	179
2.3.99 Voice VLAN OUI	182
2.3.100 QoS	183
2.3.101 Port Classification	183
2.3.102 Port Policing	186
2.3.103 Port Scheduler	188
2.3.104 Port Shaping	189
2.3.105 Port Tag Remarking	190
2.3.106 Port DSCP	191
2.3.107 DSCP-Based QoS	192
2.3.108 DSCP Translation	195
2.3.109 DSCP Classification	198
2.3.110 QoS Control List	199
2.3.111 Storm Control	204
2.3.112 Mirror	206
2.3.113 GVRP	208
2.3.114 Global Config	208
2.3.115 Port Config	209
2.3.116 sFlow	209
2.3.117 RingV2	213
2.3.118 DDM	216
2.4 Monitor	217
2.4.1 System	217
2.4.2 System Information	217
2.4.3 CPU Load	219
2.4.4 IP Status	220
2.4.5 System Log	222
2.4.6 System Detailed Log	224
2.4.7 System Alarm	224
2.4.8 Green Ethernet	226
2.4.9 Port Power Saving	226
2.4.10 Ports	227
2.4.11 Ports State	227
2.4.12 Trafice Overview	229
2.4.13 QoS Statistics	230
2.4.14 QCL Status	231
2.4.15 Detailed Statistics	233
2.4.16 DHCP	235
2.4.17 DHCP Server	235
2.4.18 Statistics	235
2.4.19 Binding	237
2.4.20 Declined IP	238
2.4.21 DHCP Snooping Table	239
2.4.22 DHCP Relay Statistics	241
2.4.23 DHCP Detailed Statistics	243
2.4.24 Security	245
2.4.25 Accessment Management Statistics	245
2.4.26 Network	246
2.4.27 Port Security	246
2.4.28 Switch	246
2.4.29 Port	248
2.4.30 NAS	250
2.4.31 Switch	250
2.4.32 Port	252
2.4.33 ACL Status	255
2.4.34 ARP Inspection	257
2.4.35 IP Source Guard	259
2.4.36 AAA	261
2.4.37 RADIUS Overview	261
2.4.38 RADIUS Details	263
2.4.39 Switch	264
2.4.40 RMON	264
2.4.41 Statistics	264
2.4.42 History	266
2.4.43 Alarm	268
2.4.44 Event	269
2.4.45 LACP	270
2.4.46 System Status	270
2.4.47 Port Status	271
2.4.48 Port Statistics	272
2.4.49 Loop Protection	273
2.4.50 Spanning Tree	274
2.4.51 Bridge Status	274
2.4.52 Port Status	275
2.4.53 Port Statistics	276
2.4.54 MVR	277
2.4.55 MVR Statistics	277
2.4.56 MVR Channel Groups	278
2.4.57 MVR SFM Information	280
2.4.58 IPMC	282
2.4.59 IGMP Snooping	282
2.4.60 IGMP Snooping Status	282
2.4.61 Groups Information	284
2.4.62 IPv4 SFM Information	286
2.4.63 MLD Snooping	288
2.4.64 MLD Snooping Status	288
2.4.65 Groups Information	290
2.4.66 IPv6 SFM Information	292
2.4.67 LLDP	294
2.4.68 Neighbors	294
2.4.69 LLDP-MED Neighbors	296
2.4.70 EEE	301
2.4.71 Port Statistics	303
2.4.72 PoE	304
2.4.73 MAC Table	307
2.4.74 VLANs	309
2.4.75 VLANs Membership	309
2.4.76 VLANs Ports	311
2.4.77 VCL	313
2.4.78 MAC-Based VLAN	313
2.4.79 sFlow	314
2.4.80 RingV2	315
2.4.81 DDMI Overview	316
2.4.82 DDMI Detailed	317
2.5 Diagnostics	319
2.5.1 Ping	319
2.5.2 Ping6	321
2.5.3 VeriPHY	323
2.6 Maintenance	326
2.6.1 Restart Device	326
2.6.2 Factory Default	327
2.6.3 Software	328
2.6.3.1 Software Upload	328
2.6.3.2 Image select	329
2.6.4 Configuration	331
2.6.4.1 Save startup-config	331
2.6.4.2 Download	332
2.6.4.3 Upload	333
2.6.4.4 Activate	333

Match case Limit results 1 per page

Valid values are in the range 1 to 65535 seconds. This has no effect for MAC-based

ports.

Aging Period

This setting applies to the following modes, i.e. modes using the Port Security

functionality to secure MAC addresses:

• Single 802.1X

• Multi 802.1X

• MAC-Based Auth.

When the NAS module uses the Port Security module to secure MAC addresses, the

Port Security module needs to check for activity on the MAC address in question at

regular intervals and free resources if no activity is seen within a given period of time.

This parameter controls exactly this period and can be set to a number between 10

and 1000000 seconds.

reauthentication

is enabled and the port is in an 802.1X-based mode, this is not so

critical, since supplicants that are no longer attached to the port will get removed

upon the next reauthentication, which will fail. But if reauthentication is not enabled,

the only way to free resources is by aging the entries.

For ports in MAC-based Auth. mode,

reauthentication

doesn't cause direct

communication between the switch and the client, so this will not detect whether the

client is still attached or not, and the only way to free any resources is to age the

entry.

Hold Time

This setting applies to the following modes, i.e. modes using the Port Security

functionality to secure MAC addresses:

• Single 802.1X

• Multi 802.1X

• MAC-Based Auth.

If a client is denied access - either because the RADIUS server denies the client

access or because the RADIUS server request times out (according to the timeout

specified on the "Configuration→Security→AAA" page)

- the client is put on hold in

the Unauthorized state. The hold timer does not count during an on-going

authentication.

In MAC-based Auth. mode, the switch will ignore new frames coming from the client

during the hold time.

The Hold Time can be set to a number between 10 and 1000000 seconds.

RADIUS-Assigned QoS

Enabled

RADIUS-assigned QoS provides a means to centrally control the traffic class to

which traffic coming from a successfully authenticated supplicant is assigned on the

switch. The RADIUS server must be configured to transmit special RADIUS attributes

to take advantage of this feature (see

RADIUS-Assigned QoS Enabled

below for a

detailed description).