Home » TP-Link Manuals » Hubs & Switches » TP-Link T2700G-28TQ » Manual Viewer

TP-Link T2700G-28TQ T2700G-28TQ User Guide V1 - Page 326

DoS Defend, Security Type

View all TP-Link T2700G-28TQ manuals

Add to My Manuals
Save this manual to your list of manuals

Page 326 highlights

Security Type: LAG: Select Security Type for the port. • Disable: Select this option to disable the IP Source Guard feature for the port. • SIP: Only the packets with its source IP address and port number matched to the IP-MAC binding rules can be processed. • SIP+MAC: Only the packets with its source IP address, source MAC address and port number matched to the IP-MAC binding rules can be processed. Displays the LAG to which the port belongs to. 14.5 DoS Defend DoS (Denial of Service) Attack is to occupy the network bandwidth maliciously by the network attackers or the evil programs sending a lot of service requests to the Host, which incurs an abnormal service or even breakdown of the network. With DoS Defend function enabled, the switch can analyze the specific fields of the IP packets and distinguish the malicious DoS attack packets. Upon detecting the packets, the switch will discard the illegal packets directly and limit the transmission rate of the legal packets if the over legal packets may incur a breakdown of the network. The switch can defend several types of DoS attack listed in the following table. DoS Attack Type Land Attack Description The attacker sends a specific fake SYN packet to the destination Host. Since both the source IP address and the destination IP address of the SYN packet are set to be the IP address of the Host, the Host will be trapped in an endless circle for building the initial connection. The performance of the network will be reduced extremely. Scan SYNFIN The attacker sends the packet with its SYN field and the FIN field set to 1. The SYN field is used to request initial connection whereas the FIN field is used to request disconnection. Therefore, the packet of this type is illegal. The switch can defend this type of illegal packet. Xmascan The attacker sends the illegal packet with its TCP index, FIN, URG and PSH field set to 1. NULL Scan Attack The attacker sends the illegal packet with its TCP index and all the control fields set to 0. During the TCP connection and data transmission, the packets with all the control fields set to 0 are considered as the illegal packets. SYN packet with its The attacker sends the illegal packet with its TCP SYN field set to 1 source port less than and source port less than 1024. 1024 Blat Attack The attacker sends the illegal packet with its source port and destination port on Layer 4 the same and its URG field set to 1. Similar to the Land Attack, the system performance of the attacked Host is reduced since the Host circularly attempts to build a connection with the attacker. 314

Section	Page
Package Contents	13
Chapter 1 About This Guide	14
1.1 Intended Readers	14
1.2 Conventions	14
1.3 Overview of This Guide	14
Chapter 2 Introduction	19
2.1 Overview of the Switch	19
2.2 Main Features	19
2.3 Appearance Description	21
2.3.1 Front Panel	21
2.3.2 Rear Panel	23
Chapter 3 Login to the Switch	24
3.1 Login	24
3.2 Configuration	25
Chapter 4 System	26
4.1 System Info	26
4.1.1 System Summary	26
4.1.2 Device Description	28
4.1.3 System Time	28
4.1.4 License Info	30
4.1.5 Daylight Saving Time	31
4.2 User Management	32
4.2.1 User Table	32
4.2.2 User Config	32
4.3 System Tools	34
4.3.1 Boot Config	34
4.3.2 Config Restore	35
4.3.3 Config Backup	36
4.3.4 Firmware Upgrade	36
4.3.5 License Load	37
4.3.6 System Reboot	37
4.3.7 System Reset	38
4.4 Access Security	38
4.4.1 Access Control	38
4.4.2 SSL Config	40
4.4.3 SSH Config	41
Chapter 5 Stack	48
5.1 Stack Management	54
5.1.1 Stack Info	54
5.1.2 Stack Config	55
5.1.3 Switch Renumber	56
5.2 Application Example for Stack	57
Chapter 6 Switching	59
6.1 Port	59
6.1.1 Port Config	59
6.1.2 Port Mirror	60
6.1.3 Port Security	62
6.1.4 Port Isolation	64
6.1.5 Loopback Detection	65
6.2 LAG	67
6.2.1 LAG Table	68
6.2.2 Static LAG	69
6.2.3 LACP Config	70
6.3 Traffic Monitor	72
6.3.1 Traffic Summary	72
6.3.2 Traffic Statistics	73
6.4 MAC Address	75
6.4.1 Address Table	76
6.4.2 Static Address	78
6.4.3 Dynamic Address	79
6.4.4 Filtering Address	81
Chapter 7 VLAN	83
7.1 802.1Q VLAN	84
7.1.1 VLAN Config	85
7.1.2 Port Config	87
7.2 Application Example for 802.1Q VLAN	89
7.3 MAC VLAN	90
7.3.1 MAC VLAN	91
7.3.2 Port Enable	92
7.4 Application Example for MAC VLAN	92
7.5 Protocol VLAN	94
7.5.1 Protocol Group Table	95
7.5.2 Protocol Group	96
7.5.3 Protocol Template	96
7.6 Application Example for Protocol VLAN	98
7.7 VLAN VPN	100
7.7.1 VPN Config	101
7.7.2 Port Enable	101
7.7.3 VLAN Mapping	102
7.8 GVRP	104
7.9 Private VLAN	108
7.9.1 PVLAN Config	109
7.9.2 Port Config	110
7.10 Application Example for Private VLAN	111
Chapter 8 Spanning Tree	114
8.1 STP Config	119
8.1.1 STP Config	119
8.1.2 STP Summary	121
8.2 Port Config	122
8.3 MSTP Instance	123
8.3.1 Region Config	123
8.3.2 Instance Config	124
8.3.3 Instance Port Config	125
8.4 STP Security	127
8.4.1 Port Protect	127
8.4.2 TC Protect	130
8.5 Application Example for STP Function	130
Chapter 9 Multicast	135
9.1 IGMP Snooping	137
9.1.1 Snooping Config	138
9.1.2 Port Config	140
9.1.3 VLAN Config	141
9.1.4 Multicast VLAN	142
9.1.5 Querier Config	144
9.2 Application Example for Multicast VLAN	146
9.3 Multicast IP	147
9.3.1 Multicast IP Table	147
9.3.2 Static Multicast IP	148
9.4 Multicast Filter	150
9.4.1 Profile Config	150
9.4.2 Profile Binding	152
9.5 Packet Statistics	153
Chapter 10 Routing	155
10.1 Interface	155
10.2 Routing Table	158
10.3 Static Routing	158
10.3.1 Static Routing	158
10.3.2 Application Example for Static Routing	159
10.4 DHCP Server	160
10.4.1 DHCP Server	166
10.4.2 Pool Setting	168
10.4.3 Manual Binding	169
10.4.4 Binding Table	169
10.4.5 Packet Statistics	170
10.4.6 Application Example for DHCP Server and Relay	172
10.5 DHCP Relay	173
10.5.1 Global Config	175
10.5.2 DHCP Server	176
10.6 Proxy ARP (License Required)	177
10.6.1 Proxy ARP	178
10.6.2 Application Example for Proxy ARP	179
10.7 ARP	180
10.8 RIP	180
10.8.1 Basic Config	183
10.8.2 Interface Config	185
10.8.3 RIP Database	186
10.8.4 Application Example for RIP	187
10.9 OSPF (License Required)	188
10.9.1 Process	205
10.9.2 Basic	206
10.9.3 Network	208
10.9.4 Interface	209
10.9.5 Area	213
10.9.6 Area Aggregation	214
10.9.7 Virtual Link	216
10.9.8 Route Redistribution	217
10.9.9 ASBR Aggregation	218
10.9.10 Neighbor Table	219
10.9.11 Link State Database	221
10.9.12 Application Example for OSPF	221
10.10 VRRP (License Required)	223
10.10.1 Basic Config	227
10.10.2 Advanced Config	229
10.10.3 Virtual IP Config	230
10.10.4 Track Config	231
10.10.5 Virtual Router Statistics	232
10.10.6 Application Example for VRRP	234
Chapter 11 Multicast Routing (License Required)	236
11.1 Global Config	237
11.1.1 Global Config	237
11.1.2 Mroute Table	238
11.2 IGMP	239
11.2.1 Interface Config	243
11.2.2 Interface State	244
11.2.3 Static Multicast Config	245
11.2.4 Multicast Group Table	247
11.2.5 Profile Binding	248
11.2.6 Packet Statistics	250
11.2.7 Application Example for IGMP	251
11.3 PIM DM	252
11.3.1 PIM DM Interface	257
11.3.2 PIM DM Neighbor	257
11.3.3 Application Example for PIM DM	259
11.4 PIM SM	260
11.4.1 PIM SM Interface	266
11.4.2 PIM SM Neighbor	266
11.4.3 BSR	267
11.4.4 RP	269
11.4.5 RP Mapping	270
11.4.6 RP Info	271
11.4.7 Application Example for PIM SM	272
11.5 Static Mroute	273
11.5.1 Static Mroute Config	274
11.5.2 Static Mroute Table	275
11.5.3 Application Example for Static Mroute	275
Chapter 12 QoS	278
12.1 DiffServ	281
12.1.1 Port Priority	281
12.1.2 Schedule Mode	282
12.1.3 802.1P Priority	283
12.1.4 DSCP Priority	284
12.2 Bandwidth Control	286
12.2.1 Rate Limit	286
12.2.2 Storm Control	287
12.3 Voice VLAN	288
12.3.1 Global Config	290
12.3.2 Port Config	291
12.3.3 OUI Config	292
Chapter 13 ACL	294
13.1 Time-Range	294
13.1.1 Time-Range Summary	294
13.1.2 Time-Range Create	295
13.1.3 Holiday Config	296
13.2 ACL Config	296
13.2.1 ACL Summary	297
13.2.2 ACL Create	297
13.2.3 MAC ACL	298
13.2.4 Standard-IP ACL	298
13.2.5 Extend-IP ACL	299
13.3 Policy Config	301
13.3.1 Policy Summary	301
13.3.2 Policy Create	301
13.3.3 Action Create	302
13.4 Policy Binding	303
13.4.1 Binding Table	303
13.4.2 Port Binding	304
13.4.3 VLAN Binding	305
13.5 Application Example for ACL	306
Chapter 14 Network Security	308
14.1 IP-MAC Binding	308
14.1.1 Binding Table	308
14.1.2 Manual Binding	309
14.1.3 ARP Scanning	311
14.2 DHCP Snooping	313
14.2.1 Global Config	316
14.2.2 Port Config	317
14.3 ARP Inspection	318
14.3.1 ARP Detect	321
14.3.2 ARP Defend	323
14.3.3 ARP Statistics	324
14.4 IP Source Guard	325
14.5 DoS Defend	326
14.5.1 DoS Defend	327
14.6 802.1X	328
14.6.1 Global Config	331
14.6.2 Port Config	333
14.6.3 Radius Server	334
Chapter 15 SNMP	336
15.1 SNMP Config	338
15.1.1 Global Config	338
15.1.2 SNMP View	339
15.1.3 SNMP Group	340
15.1.4 SNMP User	341
15.1.5 SNMP Community	343
15.2 Notification	345
15.3 RMON	347
15.3.1 Statistics	347
15.3.2 History	348
15.3.3 Event	349
15.3.4 Alarm	350
Chapter 16 LLDP	353
16.1 Basic Config	356
16.1.1 Global Config	356
16.1.2 Port Config	357
16.2 Device Info	358
16.2.1 Local Info	359
16.2.2 Neighbor Info	360
16.3 Device Statistics	361
16.4 LLDP-MED	362
16.4.1 Global Config	363
16.4.2 Port Config	364
16.4.3 Local Info	366
16.4.4 Neighbor Info	367
Chapter 17 Cluster	369
17.1 NDP	370
17.1.1 Neighbor Info	370
17.1.2 NDP Summary	371
17.1.3 NDP Config	372
17.2 NTDP	373
17.2.1 Device Table	373
17.2.2 NTDP Summary	375
17.2.3 NTDP Config	376
17.3 Cluster	377
17.3.1 Cluster Summary	377
17.3.2 Cluster Config	380
17.3.3 Member Config	383
17.3.4 Cluster Topology	384
17.4 Application Example for Cluster Function	386
Chapter 18 Maintenance	388
18.1 System Monitor	388
18.1.1 CPU Monitor	389
18.1.2 Memory Monitor	390
18.2 Log	390
18.2.1 Log Table	391
18.2.2 Local Log	392
18.2.3 Remote Log	393
18.2.4 Backup Log	394
18.3 Device Diagnostics	394
18.3.1 Cable Test	394
18.3.2 Loopback	396
18.4 Network Diagnostics	396
18.4.1 Ping	396
18.4.2 Tracert	397
Chapter 19 System Maintenance via FTP	399
Appendix A: Specifications	405
Appendix B: Configuring the PCs	407
Appendix C: 802.1X Client Software	409

Match case Limit results 1 per page

314

Security Type:

Select Security Type for the port.

•

Disable:

Select this option to disable the IP Source Guard

feature for the port.

•

SIP:

Only the packets with its source IP address and port

number matched to the IP-MAC binding rules can be

processed.

•

SIP+MAC:

Only the packets with its source IP address,

source MAC address and port number matched to the

IP-MAC binding rules can be processed.

LAG:

Displays the LAG to which the port belongs to.

14.5 DoS Defend

DoS (Denial of Service) Attack is to occupy the network bandwidth maliciously by the network

attackers or the evil programs sending a lot of service requests to the Host, which incurs an

abnormal service or even breakdown of the network.

With DoS Defend function enabled, the switch can analyze the specific fields of the IP packets and

distinguish the malicious DoS attack packets. Upon detecting the packets, the switch will discard

the illegal packets directly and limit the transmission rate of the legal packets if the over legal

packets may incur a breakdown of the network. The switch can defend several types of DoS attack

listed in the following table.

DoS Attack Type

Description

Land Attack

The attacker sends a specific fake SYN packet to the destination Host.

Since both the source IP address and the destination IP address of the

SYN packet are set to be the IP address of the Host, the Host will be

trapped in an endless circle for building the initial connection. The

performance of the network will be reduced extremely.

Scan SYNFIN

The attacker sends the packet with its SYN field and the FIN field set to

1. The SYN field is used to request initial connection whereas the FIN

field is used to request disconnection. Therefore, the packet of this

type is illegal. The switch can defend this type of illegal packet.

Xmascan

The attacker sends the illegal packet with its TCP index, FIN, URG and

PSH field set to 1.

NULL Scan Attack

The attacker sends the illegal packet with its TCP index and all the

control fields set to 0. During the TCP connection and data

transmission, the packets with all the control fields set to 0 are

considered as the illegal packets.

SYN packet with its

source port less than

1024

The attacker sends the illegal packet with its TCP SYN field set to 1

and source port less than 1024.

Blat Attack

The attacker sends the illegal packet with its source port and

destination port on Layer 4 the same and its URG field set to 1. Similar

to the Land Attack, the system performance of the attacked Host is

reduced since the Host circularly attempts to build a connection with

the attacker.