Product Manual

More documents

Recommendations

Info

DES-3526 / DES-3526DC Fast Ethernet Layer 2 Switch packet's destination address (found in the Switch's forwarding table). If the PVID of the port that received the packet is different from the PVID of the port that is to transmit the packet, the Switch will drop the packet. Within the Switch, different PVIDs mean different VLANs (remember that two VLANs cannot communicate without an external router). So, VLAN identification based upon the PVIDs cannot create VLANs that extend outside a given switch (or switch stack). Every physical port on a switch has a PVID. 802.1Q ports are also assigned a PVID, for use within the Switch. If no VLANs are defined on the Switch, all ports are then assigned to a default VLAN with a PVID equal to 1. Untagged packets are assigned the PVID of the port on which they were received. Forwarding decisions are based upon this PVID, in so far as VLANs are concerned. Tagged packets are forwarded according to the VID contained within the tag. Tagged packets are also assigned a PVID, but the PVID is not used to make packet-forwarding decisions, the VID is. Tag-aware switches must keep a table to relate PVIDs within the Switch to VIDs on the network. The Switch will compare the VID of a packet to be transmitted to the VID of the port that is to transmit the packet. If the two VIDs are different, the Switch will drop the packet. Because of the existence of the PVID for untagged packets and the VID for tagged packets, tag-aware and tag-unaware network devices can coexist on the same network. A switch port can have only one PVID, but can have as many VIDs as the Switch has memory in its VLAN table to store them. Because some devices on a network may be tag-unaware, a decision must be made at each port on a tag-aware device before packets are transmitted - should the packet to be transmitted have a tag or not? If the transmitting port is connected to a tag-unaware device, the packet should be untagged. If the transmitting port is connected to a tag-aware device, the packet should be tagged. Tagging and Untagging Every port on an 802.1Q compliant switch can be configured as tagging or untagging. Ports with tagging enabled will put the VID number, priority and other VLAN information into the header of all packets that flow into and out of it. If a packet has previously been tagged, the port will not alter the packet, thus keeping the VLAN information intact. Other 802.1Q compliant devices on the network to make packet-forwarding decisions can then use the VLAN information in the tag. Ports with untagging enabled will strip the 802.1Q tag from all packets that flow into and out of those ports. If the packet doesn't have an 802.1Q VLAN tag, the port will not alter the packet. Thus, all packets received by and forwarded by an untagging port will have no 802.1Q VLAN information. (Remember that the PVID is only used internally within the Switch). Untagging is used to send packets from an 802.1Q-compliant network device to a non-compliant network device. Ingress Filtering A port on a switch where packets are flowing into the Switch and VLAN decisions must be made is referred to as an ingress port. If ingress filtering is enabled for a port, the Switch will examine the VLAN information in the packet header (if present) and decide whether or not to forward the packet. If the packet is tagged with VLAN information, the ingress port will first determine if the ingress port itself is a member of the tagged VLAN. If it is not, the packet will be dropped. If the ingress port is a member of the 802.1Q VLAN, the Switch then determines if the destination port is a member of the 802.1Q VLAN. If it is not, the packet is dropped. If the destination port is a member of the 802.1Q VLAN, the packet is forwarded and the destination port transmits it to its attached network segment. If the packet is not tagged with VLAN information, the ingress port will tag the packet with its own PVID as a VID (if the port is a tagging port). The switch then determines if the destination port is a member of the same VLAN (has the same VID) as the ingress port. If it does not, the packet is 63
DES-3526 / DES-3526DC Fast Ethernet Layer 2 Switch dropped. If it has the same VID, the packet is forwarded and the destination port transmits it on its attached network segment. This process is referred to as ingress filtering and is used to conserve bandwidth within the Switch by dropping packets that are not on the same VLAN as the ingress port at the point of reception. This eliminates the subsequent processing of packets that will just be dropped by the destination port. Default VLANs The Switch initially configures one VLAN, VID = 1, called "default." The factory default setting assigns all ports on the Switch to the "default." As new VLANs are configured in Port-based mode, their respective member ports are removed from the "default." Packets cannot cross VLANs. If a member of one VLAN wants to connect to another VLAN, the link must be through an external router. NOTE: If no VLANs are configured on the Switch, then all packets will be forwarded to any destination port. Packets with unknown source addresses will be flooded to all ports. Broadcast and multicast packets will also be flooded to all ports. An example is presented below: Port-based VLANs VLAN Name VID Switch Ports System (default) 1 5, 6, 7, 8, 21, 22, 23, 24 Engineering 2 9, 10, 11, 12 Marketing 3 13, 14, 15, 16 Finance 4 17, 18, 19, 20 Sales 5 1, 2, 3, 4 Table 6- 2. VLAN Example - Assigned Ports Port-based VLANs limit traffic that flows into and out of switch ports. Thus, all devices connected to a port are members of the VLAN(s) the port belongs to, whether there is a single computer directly connected to a switch, or an entire department. On port-based VLANs, NICs do not need to be able to identify 802.1Q tags in packet headers. NICs send and receive normal Ethernet packets. If the packet's destination lies on the same segment, communications take place using normal Ethernet protocols. Even though this is always the case, when the destination for a packet lies on another switch port, VLAN considerations come into play to decide if the packet gets dropped by the Switch or delivered. VLAN Segmentation Take for example a packet that is transmitted by a machine on Port 1 that is a member of VLAN 2. If the destination lies on another port (found through a normal forwarding table lookup), the Switch then looks to see if the other port (Port 10) is a member of VLAN 2 (and can therefore receive VLAN 2 packets). If Port 10 is not a member of VLAN 2, then the packet will be dropped by the Switch and will not reach its destination. If Port 10 is a member of VLAN 2, the packet will go through. This selective forwarding feature based on VLAN criteria is how VLANs segment networks. The key point being that Port 1 will only transmit on VLAN 2. 64
Page 1 and 2:
D-Link DES-3526/DES-3526DC Managed
Page 3 and 4:
Table of Contents Preface..........
Page 5 and 6:
QoS................................
Page 7 and 8:
Download Configuration File .......
Page 9 and 10:
DES-3526 / DES-3526DC Fast Ethernet
Page 11 and 12:
Page 13 and 14:
Introduction Gigabit Ethernet Techn
Page 15 and 16:
Page 17 and 18:
LED Indicators DES-3526 / DES-3526D
Page 19 and 20:
Page 21 and 22:
Installation Package Contents Befor
Page 23 and 24:
Page 25 and 26: Connecting The Switch DES-3526 / DE
Page 27 and 28: DES-3526 / DES-3526DC Fast Ethernet
Page 31 and 32: Password Protection DES-3526 / DES-
Page 33 and 34: MIBs DES-3526 / DES-3526DC Fast Eth
Page 41 and 42: DHCP Manual Subnet Mask Default Gat
Page 43 and 44: MAC Address Aging Time DES-3526 / D
Page 47 and 48: To configure a mirror port: DES-352
Page 53 and 54: MAC Notification Port Settings DES-
Page 57 and 58: The following parameters can be set
Page 63 and 64: Parameter Description DES-3526 / DE
Page 71 and 72: Multicast Port Filtering Mode DES-3
Page 75: DES-3526 / DES-3526DC Fast Ethernet
Page 81 and 82: GVRP Setting DES-3526 / DES-3526DC
Page 93 and 94: The following parameters can be set
Page 97 and 98: from GMT in +/- HH:MM DES-3526 / DE
Page 113 and 114: Authenticator DES-3526 / DES-3526DC
Page 115 and 116: 802.1X Client 802.1X Client DES-352
Page 123 and 124: This window displays the following
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
DHCP Agent Information Option 82 Ch
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Parameter Description DES-3526 / DE
Page 145 and 146:
Local Enable Password DES-3526 / DE
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
SSH Algorithm DES-3526 / DES-3526DC
Page 153 and 154:
Page 155 and 156:
Traps DES-3526 / DES-3526DC Fast Et
Page 157 and 158:
The following parameters can set: P
Page 159 and 160:
Page 161 and 162:
Page 163 and 164:
The following parameters can set: P
Page 165 and 166:
The following field can be set: Par
Page 167 and 168:
Page 169 and 170:
UMB Cast (RX) DES-3526 / DES-3526DC
Page 171 and 172:
Page 173 and 174:
Page 175 and 176:
The following fields may be set or
Page 177 and 178:
Parameter Description DES-3526 / DE
Page 179 and 180:
Page 181 and 182:
Page 183 and 184:
Page 185 and 186:
Page 187 and 188:
Maintenance TFTP Services Switch Hi
Page 189 and 190:
Page 191 and 192:
Page 193 and 194:
Page 195 and 196:
Page 197 and 198:
Page 199 and 200:
Page 201 and 202:
Page 203 and 204:
Commander Switch Icon DES-3526 / DE
Page 205 and 206:
Candidate Switch Icon DES-3526 / DE
Page 207 and 208:
Group DES-3526 / DES-3526DC Fast Et
Page 209 and 210:
Page 211 and 212:
Cables and Connectors DES-3526 / DE
Page 213 and 214:
Glossary DES-3526 / DES-3526DC Fast
Page 215 and 216:
Page 217 and 218:
This limited warranty provided by D
Page 219 and 220:
Trademarks: D-Link is a registered
Page 221 and 222:
D-Link Europe Limited Product Warra
Page 223 and 224:
D-Link Europe Limited Produktgarant
Page 225 and 226:
D-Link Europe a limité la garantie
Page 227 and 228:
Garantía limitada del producto D-L
Page 229 and 230:
D-Link Europe Termini di Garanzia d
Page 231 and 232:
Technical Support You can find soft
Page 233 and 234:
Page 235 and 236:
Page 237 and 238:
Technical Support You can find upda
Page 239 and 240:
Asistencia Técnica D-Link Latin Am
Page 241 and 242:
友冠技術支援台灣地區用
Page 243 and 244:
Page 245 and 246:
Assistance technique Vous trouverez
Page 247 and 248:
Supporto tecnico Gli ultimi aggiorn
Page 249 and 250:
Pomoc techniczna Najnowsze wersje o
Page 251 and 252:
Technikai Támogatás Meghajtó pro
Page 253 and 254:
Teknisk Support Du finder software
Page 255 and 256:
技术支持办公地址:北京市
Page 257:
Registration Card (All Countries an
show all

Product Manual

Create successful ePaper yourself

Delete template?

Save as template?