IP-MAC-Port Binding Impb | D-Link DES-3018 specs

DES-3010F/DES-3010FL/DES-3010G/DES-3016/DES-3018/DES-3026 Fast Ethernet Switch Manual

IP-MAC-Port Binding (IMPB)

The IP network layer uses a four-byte address. The Ethernet link layer uses a six-byte MAC address. Binding these two address types together allows the transmission of data between the layers. The primary purpose of IP-MAC binding is to restrict the access to a switch to a number of authorized users. Only the authorized client can access the Switch’s port by checking the pair of IP-MAC addresses with the pre- configured database. If an unauthorized user tries to access an IP-MAC binding enabled port, the system will block the access by dropping its packet. The maximum number of IP-MAC binding entries is dependant on chip capability (e.g. the ARP table size) and storage size of the device. The maximum number of IP-MAC Binding entries is 500. The creation of authorized users can be manually configured by CLI or Web. The function is port-based, this means a user can enable or disable the function on the individual port.

IP-MAC-Port Binding (IMPB)

The IP-MAC Ports Settings menu is used to enable IP-MAC binding on a per port basis. Ports that are enabled will apply the IP-MAC check to ingress packets for the port. The IP-MAC database used for the check must be set up with the IP-MAC-Port Binding Table (see below).

This table is used to enable or disable IP-MAC binding on specific ports. Select a port or a range of ports with the From and To fields. Enable or disable the port with the State field.

The Zero IP field is used to allow ARP packets entrance to the Switch when these packets have an IP address of 0.0.0.0, regardless of whether or not the 0.0.0.0 IP address is set in the IP-MAC Binding table. When the Zero IP field is set to Disabled, ARP packets containing the 0.0.0.0 IP address are dropped. Click Apply to save changes.

To view this table, click Administration > IP-MAC Binding > IP-MAC Binding Port

55

Image 68

D-Link DES-3018 manual IP-MAC-Port Binding Impb

Contents

Manual Copyright 2008. All rights reserved Table of Contents Snmp Manager Introduction to Web-based Switch ConfigurationAdministration L2 Features Tool Tips Security 133 CoS 109CPU Interface Filtering 122 Monitoring 165 Appendix a 200 Appendix B 203 Appendix C 204Appendix D 209 Glossary 210 Preface Intended Readers Typographical ConventionsBold font ConventionDescription Safety Instructions Safety Cautions General Precautions for Rack-Mountable Products Protecting Against Electrostatic Discharge Introduction Switch DescriptionFeatures If MIB Switching Technology Ethernet TechnologyFast Ethernet Gigabit Ethernet TechnologyPage Front-Panel Components and LED Indicators DES-3010F Front Panel DES-3026 LED indicators LED or Button Power Console Link/Act Speed Description Side Panel Description Rear panels of these switches contain an AC power connectorRear Panel Description Before You Connect to the Network InstallationPackage Contents Installing the Switch without the Rack Installing the Switch in a RackMounting the Switch in a Standard 19 Rack Power On Optional Modules DEM-301T Optional Module Upgraded DES-3018 / DES-3026 are now ready for use Optional Module Slots Connecting the Switch Switch to End Node Switch to Hub or Switch Switch connected to switch using fiber-optic cabling Uplink Connection to a server, PC or switch stack Introduction to Switch Management Command Line Console Interface through the Serial PortManagement Options Web-based Management Interface To connect a terminal to the console port First Time Connecting to the Switch Initial screen, first time connecting to the Switch Password Protection Snmp Settings Traps MIBs Show switch command IP Address Assignment Connecting Devices to the Switch Assigning the Switch an IP Address Logging on to the Web Manager Introduction to Web-based Switch ConfigurationIntroduction Web-based User Interface Areas of the User Interface Area AreaArea Function Web Pages Administration Device Information Device Information screen IP Address Parameter Description Click Apply to implement changes made Setting the Switchs IP Address using the Console Interface Port Configuration Port Settings Following parameters can be configured Click Apply to implement the new settings on the SwitchParameter Description State Speed/Duplex Port Description Setting and Port Description Table Port Description Port Error Disabled Following information can be viewed in the preceding windowPort Connection User Accounts User Accounts window User Account Management Admin and User PrivilegesManagement Admin User Password Encryption Cable Diagnostics Port Mirroring 12. Port Mirroring window System Log Settings Following parameters can be setParameter Description Index1-4 Host IP Severity Facility Numerical Facility Code UDP Port 514 or Status Sntp Settings Time SettingsParameterDescription Time Settings Current Time Time Source Time Settings Set Current Time Year Month Day Time in HH MM SS Time Zone and DSTClick Apply to implement your changes DST Repeating Settings DST Annual Settings Following parameters may be viewed and modified MAC Notification SettingsGlobal Settings Test Tftp ServicesPing Test MIBs Snmp SettingsSnmp Manager Snmp Trap Settings Snmp User TableFollowing parameters are displayed ParameterDescription User Name Following parameters can set Group Name Snmp Version Auth-Protocol Priv-Protocol Snmp View Table Snmp View TableParameterDescription View Name Subtree OID View Type Snmp Group TableManager Snmp Group Table 28. Snmp Group Table Configuration Add window ParameterDescription Community Name View Name Access Right Snmp Community Table Use the Snmp Host Table to set up Snmp trap recipients Snmp Host Table 31. Snmp Engine ID Configuration window Snmp Engine ID IP-MAC-Port Binding Impb IP-MAC-Port Binding Impb IP-MAC Binding Table 32. IP-MAC Binding Ports window 33. IP-MAC Binding Table menu IP-MAC Binding Blocked IP-MAC Binding Blocked Link Single IP Management Single IP Management SIM Overview SIM Using the Web Interface Single IP Settings SIM Settings ParameterDescription Device Name Local Port TopologyHoldtime Speed Remote Port MAC Address Model Name Icon Description Tool Tips 39. Device Information Utilizing the Tool Tip 40. Port Speed Utilizing the Tool Tip Commander Switch Icon Following options may appear for the user to configureRight Click Group Icon Member Switch Icon 44. Property window Candidate Switch Icon 46. Property window Menu Bar This window holds the following informationClick Close to close the Property window Five menus on the menu bar are as follows Device Firmware Upgrade Configuration File Backup/RestoreIP Setting Upload Log File Upload Log File 55. Upload Log File window Forwarding & Filtering Unicast ForwardingUnicast Forwarding ParameterDescription Multicast MAC Address Port Settings Multicast Forwarding Multicast Filtering Mode 59. Configure Multicast Filtering Mode Smtp Service Smtp Server Settings Smtp Service ParameterDescription Subject Content Following fields can be set DHCP/BOOTP RelayDHCP/BOOTP Relay Global Settings Click Apply to implement any changes that have been made Dhcp Relay Agent Information Option State Check Policy DHCP/BOOTP Relay Interface Settings Implementation of Dhcp Information Option 82 on the SwitchRelay Interface Settings Circuit ID sub-option format Dhcp Relay Option 60 Default Settings Following parameters may be configured or viewedRelay Option 60 Default Settings ParameterDescription Relay IP Address Mode ParameterDescription String Server IP Match Type Dhcp Relay Option 60 SettingsFollowing parameters may be configured Dhcp Relay Option 61 Default Settings Dhcp Relay Option 61 SettingsFollowing parameters may be set ParameterDescription Client ID Relay Rule L2 Features VLANsVlan Description Ieee 802.1Q VLANs 802.1Q Vlan Tags Ieee 802.1Q Packet Forwarding Tagging and Untagging Ingress Filtering Default VLANs Switch PortsVlan Segmentation Vlan and Trunk Groups Static Vlan Entry 1Q Static VLANs window Vlan Name Port Settings Tag None Egress 1Q Static VLANs Modify Link Aggregation Understanding Port Trunk GroupsPage Vlan Trunk Settings Parameter Description Vlan Trunk Status From…To Link Aggregation Trunking Link Aggregation Lacp Port Settings Lacp Port Settings Click Apply to implement changes made Igmp Snooping 12. Current Igmp Snooping Group Entries Following parameters may be viewed or modified Vlan ID Static Router Ports Settings Vlan Name Member Ports Igmp Access Control Settings Igmp Snooping Igmp Access Control SettingsClick Apply to implement the new settings ParameterDescription From…To Status Spanning Tree 802.1w Rapid Spanning TreePort Transition States 802.1w Rstp 802.1D STP Forwarding Learning STP Bridge Global Settings Edge PortP2P Port 802.1D and 802.1w Compatibility 17. STP Bridge Global Settings Spanning Tree Protocol 104 STP Port Settings STP can be set up on a port per port basis From/To PriorityMigration Edge Following fields may be configured Loopback DetectionLoopback Detection ParameterDescription Loopdetect Status Interval Recover Time From… To State Ieee 802.1p Priority CoSCoS An Example of the Default CoS Mapping on the Switch Advantages of CoS Understanding CoS Bandwidth Settings and Port Bandwidth Table window Port Bandwidth ParameterDescription From/To Type No Limit Rate 802.1p Default Priority 1p Default Priority and the 802.1p Default Priority window 802.1p User Priority CoS Scheduling MechanismScheduling Mechanism has the following parameters ParameterDescription Strict Weight fair ParameterDescription WeightsCoS Output Scheduling Click Apply to let your changes take effect Priority Settings Priority Setting ParameterDescription From/To MainSelect TOS Priority SettingsConfigure the following Priority Setting parameters Dscp Priority Settings Dscp Priority Setting Port Mapping Priority Settings 10. Port Mapping Priority CoS MAC Priority Settings 11. MAC Priority Setting CPU Interface Filtering State Settings CPU Interface FilteringCPU Interface Filtering Table Interface Filtering CPU Interface Filtering State Profile ID Source MACDestination MAC 802.1p Ethernet type Source IP Mask Destination IP Mask Click Apply to set this entry in the Switch’s memory Protocol Shown below is the Packet Content Mask configuration window Parameter Description Profile ID Type Offset CPU Interface Filtering Table Ethernet Access ID Parameters Description Parameter Description Profile ID Mode Access ID Type 10. CPU Interface Filtering Rule Table IP Vlan Name Source IP Destination IP DSCP0-63 Port 12. CPU Interface Filtering Rule Display IP ParametersDescription Profile ID Mode Access ID Type Offset 15. CPU Interface Filtering Rule Display Packet Content Security Traffic Control Traffic Control Settings window Click Apply to implement the settings of each field 136 Port Security Settings and Table window Port Security Admin State Max. Addr0-10 Lock Address Mode Delete Port Lock EntriesLock Entries 802.1X Port-Based and MAC-Based Access Control 802.1X Authentication Server Authenticator Client Client Authentication Process 802.1X Authentication Process Port-Based Network Access Control 10. Example of Typical Port-Based Configuration MAC-Based Network Access Control 11. Example of Typical MAC-Based Configuration 802.1X Authenticator Settings 12 .1X Authenticator Settings window This screen allows you to set the following parameters SuppTimeout ServerTimeoutMaxReq ReAuthPeriod Local Users 802.1X Capability Settings Settings to view the following windowClick Security 802.1X 802.1X Capability ParameterDescription From and To Capability Limitations Using the Guest Vlan Guest VLANs Port List Configure 802.1X Guest VlanOperation Initializing Ports for Port Based 18. Initialize Port window Reauthenticate Ports for Port Based Initializing Ports for MAC Based Reauthenticate Ports for MAC-based PortsParameter Description Port Auth State Radius Server Trusted Host To view the Trusted Host table, click Security Trusted Host Traffic Segmentation 24. Current Traffic Segmentation Table 25. Setup Forwarding Ports window Secure Shell SSH SSH Server Configuration Following algorithms may be set SSH Authentication Mode and Algorithm SettingsAlgorithm Settings Blow-fish CBC Cast128-CBC Twofish128 Twofish192 Twofish256Encryption Algorithm Data Integrity Algorithm SSH User Authentication Mode 28. SSH User Authentication Mode window Parameter Description User Name Auth. ModeUser may set the following parameters Monitoring CPU Utilization Port Utilization Port Utilization window ParameterDescription Time Interval Record Number Received RX PacketsReceived RX Following fields may be set or viewed Rx Packets Analysis Table UMB Cast RX Packets UMB CastRX 171 Transmitted TX TransmittedTX Tx Packets Analysis window table for Bytes and Packets Packet Errors Rx Error Analysis window line graph 10. Rx Error Analysis window table 11. Tx Error Analysis window line graph 12. Tx Error Analysis window table Packet Size Packet Size Following fields can be set or viewed Vlan Status 15. Vlan Status window MAC Address MAC AddressFollowing fields can be viewed or set ParameterDescription Vlan Name MAC Address Port Find Switch Log ParameterDescription Sequence Time Log Text Log Settings ParameterDescription Log Mode Time Interval Igmp Snooping Group Multicast Group MAC Address Reports Port Map Session Table Browse Router PortBrowse ARP Table Port Access Control Radius AuthenticationRadius Authentication ParameterDescription Server 187 Radius Accounting Accounting Auth Diagnostics BadAuthenticators UnknownTypes PacketsDropped EntersConnecting EapLogOffsConnectingEntersAuthenticating SuccessAuthenticating Auth Session Statistics ResponsesFromSupplicant AuthSuccesses AuthFails Auth Statistics 27. Authenticator Statistics window Rx Invalid Rx Error Last Version Last Source Monitoring Port Access Control Auth State Auth State 29. Authenticator State window MAC-Based Reset 30. Factory Reset to Default Value window Save Changes Reboot SystemFollowing menu is used to restart the Switch 33. Reboot System window Logout Appendix a Physical and Environmental General CSMA/CD Performance Appendix B Appendix 1- 2. The standard RJ-45 pin assignments Appendix C System Log Entries 205 206 207 208 Standard Media Type Maximum Distance Appendix DCable Lengths Glossary Page Limited Warranty Warranties and Registration What Is Not Covered Copyright Statement FCC WarningTrademarks Page Page Product Registration Tech Support Technical Support Technical Support Technische Unterstützung Assistance technique Asistencia Técnica Supporto tecnico Technical Support Pomoc techniczna Technická podpora Technikai Támogatás Teknisk Support Teknisk Support Teknistä tukea asiakkaille Suomessa Teknisk Support Suporte Técnico Τεχνική Υποστήριξη Tehnička podrška Tehnična podpora Suport tehnica Technical Support Technical Support Техническая поддержка Asistencia Técnica Suporte Técnico Link友訊科技台灣分公司技術支援資訊 Dukungan Teknis 技术支持 International Offices Germany Spain Egypt Registration Card All Countries and Regions excluding USA 247