DCS-Chapter7 v1.2

Chapter 7
 D-Link Switching Features
[Chapter 7: D-Link Switching Features]

Version 1.0
Chapter 7
Overview and Objective

 By the end of this chapter, you will have learned about:
• DHCP server and relay
• Access Control List (ACL)
• Link Layer Discovery Protocol (LLDP)
• System Maintenance
 This new knowledge will be consolidated through a lab exercise.
2
Chapter 7
DHCP Server and Relay
3
Chapter 7
Dynamic Host Configuration Protocol (DHCP)

 Dynamic Host Configuration Protocol (DHCP) is a network application
protocol used by DHCP clients to obtain IP configuration information.
 DHCP allows the DHCP server to dynamically assign an IP address to
a client from the IP pool of DHCP server.
 DHCP consists of two components:
• Management of network addresses
• Delivery of some specific configuration parameters (options) to DHCP
clients
Non-DHCP Client DHCP Client
Assign IP Address 1 DHCP Database IP Pool

IP Address 1
IP Address 2
Assign IP Address 2
IP Address 3
……
DHCP Client DHCP Server
4
Chapter 7
Dynamic Host Configuration Protocol (DHCP)

 DHCP has three address allocation mechanisms:
• Manual allocation, where an IP address is assigned by the network
administrator to a device
• Dynamic allocation, where an IP address is assigned to a device for a
limited period of time
• Automatic allocation, where an IP address is assigned to a device
permanently
5
Chapter 7
Benefits of DHCP
 Minimization of errors: The DHCP protocol reduces configuration
errors caused by manual IP address configuration, such as IP
conflicts.
 Ease of maintenance: Network administrators can easily control IP
address configuration. For example, they can carry out subnet-
specific TCP/IP configuration using DHCP options.
 Automatic supply: The DHCP protocol is an efficient and automatic
way to obtain new IP configuration if users change location
frequently.
 IP reuse: In the case where dynamic allocation is applied, when a
client releases an IP address or the lease time expires, the DHCP
server can assign this IP address to other DHCP clients.
6
Chapter 7
DHCP Packet Format

Byte 1 2 3 4
Op (1) Htype (1) Hlen (1) Hops (1)
Xid (4)
Secs (2) Flags (2)
CIaddr (4)
YIaddr (4)
SIaddr (4)
GIaddr (4)
CHaddr (16)
SName (64)
File (128)
Options (312)
Op: Operational Code YIaddr: “your” (client) IP address

Htype: Hardware Type SIaddr: Server IP address
Hlen: Hardware Address Length GIaddr: Gateway IP address
Hops: Hops CHaddr: Client Hardware address
Xid: Transaction Identifier SName: Server name
Secs: Seconds File: Boot Filename
Flags: Flags Options: DHCP options
CIaddr: Client IP address
7
Chapter 7
DHCP Server and Client Behavior

The DHCP server responds to the
2 client DHCP DISCOVER with
The client has no IP address and “Offered IP Address” and other
does not know which network it is parameters in DHCPOFFER to the
1 located, so it broadcasts to
1. DHCP DISCOVER correct subnet.
255.255.255.255 to locate DHCP
servers DHCP Offer
2. DHCP OFFER
DHCP Discover Source IP: 0.0.0.0
Destination IP: 255.255.255.255
Source IP: 0.0.0.0 DHCP Client 3. DHCP REQUEST
Offered IP: 192.168.169.30
Destination IP: DHCP Server
255.255.255.255 Client MAC address: 00:18:8b…
4. DHCP ACK
Client MAC address: 00:18:8b… Offered IP: 192.168.169.30
Subnet Mask: 255.255.255.0
DHCP NACK Length if lease: 1 hour
These situations will Back to Step 1 Server ID: 192.168.169.254
occur in special cases. DHCP DECLINE
The server sends DHCPACK in
DHCP INFORM 4 response to the client’s request.
After receiving DHCPOFFER, if the The client now completes
3 client accepts the IP, it will let the DHCP RELEASE initialization of TCP/IP with the
DHCP server know by broadcasting new address.
the request. If the DHCP client wants to release the DHCP ACK
5 IP address, it will directly send a
DHCP Request Unicast DHCP Release packet to the Source IP: 192.168.169.254
Source IP: 0.0.0.0 DHCP server. Destination IP: 255.255.255.255
Destination IP: 255.255.255.255 Offered IP: 192.168.169.30
Requested IP: 192.168.169.30 DHCP Release Client MAC address: 00:18:8b…
Client MAC address: 00:18:8b… Source IP: 192.168.169.30 Subnet Mask: 255.255.255.0
Server ID: 192.168.169.254 Destination IP: 192.168.169.254 Length if lease: 1 hour
Client MAC address: 00:18:8b… Server ID: 192.168.169.254
Page is animated 8
Chapter 7
DHCP Servers on D-Link Switches

 Some D-Link switches, such as those in the DGS-3600 series, have
the capability to act as DHCP servers.
 They can delegate IP addresses, subnet masks, default gateways
and other IP parameters to DHCP clients who are booted on or
attached to the local network.
9
Chapter 7
Switch Configuration for DHCP Server

 The Enable/Disable DHCP Server allows the user to enable/disable
the functionality of the DHCP Server.
enable dhcp_server
 Through IP Address Pool, the user can configure a DHCP address

pool with a name. The sub-configuration consists of the following:
– Address Pool Name
– Subnet and Mask
– Domain Name for the Client
– Domain Name IP Servers for the Client
– NetBIOS Windows Internet Naming IP Servers for the Client
– NetBIOS Node Type for the Client
– Default Router for the Client
– Address Lease Time
create dhcp pool dhcp-test

config dhcp pool network_addr dhcp-test 10.90.90.0/24
config dhcp pool default_router dhcp-test 10.90.90.90
10
Chapter 7
Switch Configuration for DHCP Server

Manual Binding for a DHCP Client:
 An address binding is a mapping between the IP address and MAC
address of a client who is found in the DHCP database.
 To configure a manual binding, the user needs to create an address
pool for host first, then specifies the client’s MAC and IP addresses.
create dhcp pool manual_binding dhcp-test 10.90.90.7 hardware_address 00-19-5B-
F5-1E-C0 type Ethernet
Exclude IP Addresses:
 The DHCP server assumes that all IP addresses in a DHCP address
pool subnet are available for assigning to DHCP clients. However,
the user can configure a list of “excluded addresses” to reserve the
IP addresses they do not want to assign to a client, e.g. the IP
address of the DNS server, default route, NetBIOS WINS server.
create dhcp excluded_address begin_address 10.90.90.90 end_address 10.90.90.100
11
Chapter 7
Example: DHCP Server 1

 The switch’s DHCP Server has an IP pool (10.90.90.0 to
10.90.90.255).
 The clients can get IP addresses from the DHCP server on the
switch. In the example below:
• Client-1 receives a specified IP address, 10.90.90.7, from the DHCP
server with manual binding.
• Client-2 obtains an IP address from the DHCP IP pool. However, it will not
receive IP address from the exclusion range 10.90.90.90 to
10.90.90.100.
IP: 10.90.90.90/24
DHCP Server
IP: 10.90.90.7
Client-1 Client-2
MAC: 00-19-5B-F5-1E-C0
12
Chapter 7
Switch Configuration for DHCP Server 1

 Enable DHCP Server on switch:
enable dhcp_server
 Create a DHCP Pool and the Pool Setting:

create dhcp pool dhcp-test
config dhcp pool network_addr dhcp-test 10.90.90.0/24
config dhcp pool default_router dhcp-test 10.90.90.90
 Manually bind an IP address to a specific user by MAC address:

create dhcp pool manual_binding dhcp-test 10.90.90.7
hardware_address 00-19-5B-F5-1E-C0 type Ethernet
 IP address assigned by the DHCP server, excluding a range of

addresses:
create dhcp excluded_address begin_address 10.90.90.90
end_address 10.90.90.100
13
Chapter 7
Verify Configuration for DHCP Server 1

DGS-3627:5#show dhcp_server DGS-3627:5#show dhcp pool manual_binding
Command: show dhcp_server Command: show dhcp pool manual_binding
DHCP Server Global State : Enabled Pool Name IP Address Identifier (Hardware Address) Type
Ping Packet Number : 2 --------- ---------- ----------------------------- ----
Ping Timeout : 500 ms dhcp-test 10.90.90.7 00-19-5B-F5-1E-C0 Ethernet
Total Entries: 1
DGS-3627:5#show dhcp pool

Command: show dhcp pool
Pool Name : dhcp-test DGS-3627:5#show dhcp excluded_address

Network Address : 10.90.90.0/24 Command: show dhcp excluded_address
Domain Name :
DNS Server Address : 0.0.0.0 Index Begin_Address End_Address
NetBIOS Name Server : 0.0.0.0 ----- ------------- -----------
NetBIOS Node Type : Broadcast 1 10.90.90.90 10.90.90.100
Default Router : 10.90.90.90
Pool Lease : 1 Days, 0 Hours, 0 Minutes Total Entry: 1
Boot File :
Next Server : 0.0.0.0
Total Pool Entry: 1
14
Chapter 7
Test Result for DHCP Server 1

 Client-1 (MAC address) receives the IP address 10.90.90.7.
MAC address of Client-1

IP address of Client-1
 Client-2 receives an IP address (10.90.90.1) from the DHCP server

on the switch.
IP address of Client-2
15
Chapter 7
DHCP Relay Agent The DHCP relay agent receives the ACK packet from
5 the DHCP server and unicasts it to the DHCP Client,
replacing the source IP with its own IP.
L3 Router
DHCP Server
The DHCP relay agent receives the discover packets

L2 Switch as 2 and unicasts them to the DHCP server, replacing the
DHCP Relay Agent source IP with its own IP.
The DHCP relay agent receives the offer packets from

3 the DHCP server and unicasts them to the DHCP Client,
replacing the source IP with its own IP.
The client sends a broadcast

1 to request an IP address.
DHCP Client-1 DHCP Client-2
The DHCP relay agent receives the request packet

4 from the DHCP client and unicasts it to the DHCP
Server, replacing the source IP with its own IP.
Page is animated 16
Chapter 7
Example: DHCP Relay

 Objective: The clients are able to obtain an IP address from a DHCP
server through the switch.
DHCP Server 192.168.0.10/24

GW: 192.168.0.1/24
DHCP Relay Agent
DHCP Client-1 DHCP Client-2
VLAN Name Member Ports IP Interface

V1 1-8 192.168.0.1
V2 9-16 192.168.1.1
V3 17-24 192.168.2.1
17
Chapter 7
Switch Configuration for DHCP Relay

 Create VLANs:
config vlan default delete 9-24
create vlan v2 tag 2
create vlan v3 tag 3
config vlan v2 add untagged 9-16
config vlan v3 add untagged 17-24
 Set up IP interfaces for each VLAN by command:

config ipif System ipaddress 192.168.0.1/24
create ipif V2 192.168.1.1/24 v2 state enable
create ipif V3 192.168.2.1/24 v3 state enable
 Bind VLAN v2 interface to DHCP Server (192.168.0.10):

config dhcp_relay add ipif V2 192.168.0.10
enable dhcp_relay
18
Chapter 7
Verify Configuration for DHCP Relay

DGS-3627:5#sh vlan DGS-3627:5#sh ipif
Command: show vlan Command: show ipif
VID : 1 VLAN Name : default
VLAN Type : Static Advertisement : Enabled IP Interface : V2
Member Ports : 1-8,25-27 VLAN Name : v2
Static Ports : 1-8,25-27 Interface Admin state : Enabled
Current Tagged Ports :
Current Untagged Ports : 1-8,25-27
IPv4 Address : 192.168.1.1/24 (Manual) Primary
Static Tagged Ports : Proxy ARP : Disabled (Local : Disabled)
Static Untagged Ports : 1-8,25-27 IP MTU : 1500
Forbidden Ports :
IP Interface : V3
VID : 4093 VLAN Name : v3
VLAN Type : Static Advertisement : Disabled VLAN Name : v3
Member Ports : 17-24 Interface Admin state : Enabled
Static Ports : 17-24 IPv4 Address : 192.168.2.1/24 (Manual) Primary
Current Tagged Ports : Proxy ARP : Disabled (Local : Disabled)
Current Untagged Ports : 17-24
Static Tagged Ports :
IP MTU : 1500
Static Untagged Ports : 17-24
Forbidden Ports : IP Interface : System
VLAN Name : default
VID : 4094 VLAN Name : v2 Interface Admin state : Enabled
VLAN Type : Static Advertisement : Disabled
Member Ports : 9-16 IPv4 Address : 192.168.0.1/24 (Manual) Primary
Static Ports : 9-16 Proxy ARP : Disabled (Local : Disabled)
Current Tagged Ports : IP MTU : 1500
Current Untagged Ports : 9-16
Static Tagged Ports :
Static Untagged Ports : 9-16
Total Entries : 3
Forbidden Ports :
Total Entries : 3
19
Chapter 7
Verify Configuration for DHCP Relay (cont’d)

DGS-3627:5#show dhcp_relay
Command: show dhcp_relay
DHCP/Bootp Relay Status : Enabled

DHCP/Bootp Hops Count Limit : 4
DHCP/Bootp Relay Time Threshold : 0 second(s)
DHCP Relay Agent Information Option 82 State : Disabled
DHCP Relay Agent Information Option 82 Check : Disabled
DHCP Relay Agent Information Option 82 Policy : Replace
Interface Server 1 Server 2 Server 3 Server 4

--------- ------------ ------------ ----------- ---------
V2 192.168.0.10
20
Chapter 7
Enable/Disable DHCP command
DGS-3627:admin#
enable dhcp_server
 To enable the DHCP function on the switch.
DGS-3627:admin#
disable dhcp_server
 To disable the DHCP function on the switch.
21
Chapter 7
Create dhcp pool command

 This command is used to create a DHCP pool.
DGS-3627:admin#
create dhcp pool <pool_name 12>
22
Chapter 7
Config dhcp pool network_addr command

 This command is used to configure the network address and
corresponding subnet mask for the DHCP pool.
DGS-3627:admin#
config dhcp pool network_addr <pool_name 12>
<network_address>
23
Chapter 7
Create dhcp excluded_address begin_address

command
 This command is used to configure IP addresses that will be
excluded from the DHCP server’s pool of addresses.
DGS-3627:admin#
create dhcp excluded_address begin_address <ipaddr>

end_address <ipaddr>
24
Chapter 7
Config dhcp pool default_router command

 This command is used to configure the default router for the DHCP
client.
DGS-3627:admin#
config dhcp pool default_router <pool_name 12> <ipaddr>
{<ipaddr>} {<ipaddr>}
25
Chapter 7
Config dhcp pool dns_server_address command

 This command is used to configure the IP addresses of DNS servers
for a specific DHCP pool.
DGS-3627:admin#
config dhcp pool dns_server_address <pool_name 12>
<ipaddr> {<ipaddr>} {<ipaddr>}
26
Chapter 7
Show dhcp_server command

 This command is used to display the DHCP server settings.
DGS-3627:admin#
show dhcp_server
27
Chapter 7
Show dhcp_binding command

 This command is used to show the DHCP binding information.
DGS-3627:admin#
show dhcp_binding {<pool_name 12>}
Note: Use the clear dhcp_binding command

to clear the binding if necessary.
28
Chapter 7
Access Control List (ACL)
29
Chapter 7
L2-L7 Access Control List

 D-Link Access Control List (ACL)
filters network packets based on D-Link ACLs can
scan packet
the following information: ICMP MSBLAST
content to
• Switch port identify new
SQL SQL Slammer
blended threats.
• MAC address/IP address • Infected clients
• Ethernet type/protocol type • Rogue servers/APs
• Malicious hosts
• VLAN • Oversubscribed users
• 802.1p/DSCP
Online Game Virus Inspection
• TCP/UDP port (application type)
• Packet payload (application type) Unauthorized Application
Network Traffic
D-Link Intelligent Switches can effectively stop

malicious traffic spreading throughout the network.
Page is animated 30
Chapter 7
Guideline to Configure Access Profile

 Analyze the filtering goal and determine whether to use the Ethernet
or the IP Access Profile.
 Decide on the filtering strategy:
• Deny some hosts and allow all: This strategy is suitable for an
environment with few hosts/protocol ports/ subnets which need to be
filtered.
• Allow some hosts and deny all: This strategy is suitable for an
environment with few hosts/protocol ports/subnets which need to be
allowed. The other traffic will be filtered.
 Based on the strategy, determine which “access profile mask” is
needed and create it using the create access_profile command.
 Add an “access profile rule” associated with the mask using the
config access_profile command.
 Access profile rules are checked based on access_id number. The
lower ID will be checked first. If there is no matching rule, the
packet will be permitted.
31
Chapter 7
Access Profile Types

 There are many types of access profiles to support different
conditions for filtering traffic into a switch.
Ethernet Profile IP Profile

 Used to configure the Ethernet access profile on the  Used to configure the IP access profile on the Switch
Switch and define specific values for the rules that will and define specific values for the rules that will be
be used by the Switch to determine if a given packet used by the Switch to determine if a given packet
should be forwarded or filtered. Masks will be should be forwarded or filtered. Masks will be
combined, using a logical AND operational method, combined, using a logical AND operational method,
with the values in the specified frame header fields. with the values in the specified frame header fields.
 It supports the following profile types:  It supports the following profile types:
• VLAN • VLAN
• Source MAC • Source IP Mask
• Destination MAC • Destination IP Mask
• 802.1p • DSCP
• Ethernet type • Protocol (ICMP, IGMP, TCP, UDP)
Packet Content Filtering Profile

 The packet content filter feature is used to identify packets by examining the Ethernet packet header, by byte,
and then deciding whether to filter or forward it, based on the user’s configuration. The user will specify which
bytes to examine by entering them into the command, in hexadecimal form, and then select whether to filter or
forward them.
32
Chapter 7
How to count the bits in a Subnet Mask
2 Associate Subnet and Mask to decide which subnet range to block.
The 3rd Byte The 4th Byte

Block IP subnets from 172 . 16 . 16 . 0 / 24 0 0 0 1 0 0 0 0 16 0 0 0 0 0 0 0 0 0
to 172 . 16 . 31 . 0 / 24 Mask 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0
Determine the blocked subnet range
1 and convert the decimal number to
match ignore ignore
binary digits. 0 0 0 1 0 0 0 1 17 0 0 0 0 0 0 0 1 1
The Mask result is 225.255.240.0. 0 0 0 1 0 0 1 0 18 0 0 0 0 0 0 1 0 2

3 Blocked
11110000 (binary)  240 (decimal) 0 0 0 1 0 0 1 1 19 0 0 0 0 0 0 1 1 3
IP range
00000000 (binary)  0 (decimal)
0 0 0 1 1 1 1 1 31 1 1 1 1 1 1 1 1 25
5
Switch ignores the subnet range from 16 to 31
Page is animated 33
Chapter 7
Example: Ethernet ACL

 Allow users to access the Internet by MAC address of PC-1 and PC-2 while
the others cannot.
Write down the rules:
Internet
Rule 1: If SourceMAC is equal to PC-1 and PC-2  Permit
Rule 2: If DestMAC is equal to Gateway’s MAC  Deny
Rule 3: If other SourceMAC  Permit
(The switch permits all traffic by default.)
Internet Gateway
IP Address: 10.0.0.1/8
MAC: 00-50-ba-99-99-99
11
PC-3
DES-3528 10
1 IP Address: 10.0.0.30/8
MAC: 00-50-ba-33-33-33
GW: 10.0.0.1
PC-2
IP Address: 10.0.0.20/8
MAC: 00-50-ba-22-22-22
GW: 10.0.0.1
PC-1
IP Address: 10.0.0.10/8
MAC: 00-50-ba-11-11-11
GW: 10.0.0.1 34
Chapter 7
Example: IP ACL
 Allow users to access the Internet by IP address of 192.168.0.1/24 to
192.168.0.62/24 while others cannot.
Write down the rules:
Rule 1: If SourceIP is equal to 192.168.0.1/24 to
192.168.0.62/24  Permit
Internet
DGS-3627 Rule 2: If SourceIP is in network 192.168.0.0/24 and not located
in the range (192.168.0.1/24 to 192.168.0.62/24), the Internet
service will be blocked  Deny
Rule 3: If other network SourceIP  Permit
24
IP: 192.168.0.254/24
25
11
10 PC-3
DES-3528 1 IP Address: 192.168.0.100/24
GW: 192.168.0.254
PC-2
PC-1
IP Address: 192.168.0.1/24 to 192.168.0.62/24
GW: 192.168.0.254 35
Chapter 7
Example: ACL Blocking the Welchia Virus

 Using ACL to block viruses
 W32.Welchia.Worm virus
• This worm checks for active machines that are vulnerable to be infected,
and the worm will send an ICMP echo request, or ping, which will result in
increased ICMP traffic.
36
Chapter 7
Create access_profile command

 This command is used to create access list rules.
DGS-3627:admin#
create access_profile [parameters]
37
Chapter 7
Config access_profile command

 This command is used to configure access list entry.
DGS-3627:admin#
config access_profile profile_id [parameters]
38
Chapter 7
Show access_profile command

 This command is used to display the current access list table.
DGS-3627:admin#
show access_profile
39
Chapter 7
Link Layer Discovery

Protocol (LLDP)
40
Chapter 7
Introduction to LLDP
 The Link Layer Discovery Protocol (LLDP) allows stations attached to
a LAN to advertise itself to other stations attached to the same LAN
segment.
 The information distributed via LLDP is stored by its recipients in a
management information base (MIB).
41
Chapter 7
Link Layer Discovery Protocol (LLDP)

 The LLDP standard specifies the necessary protocol and
management elements to:
• Facilitate multi-vendor inter-operability and the use of standard
management tools to discover and make available physical topology
information for network management.
• Make it possible for network management to discover certain
configuration inconsistencies or malfunctions that can result in impaired
communication at higher layers.
• Provide information to assist network management in making resource
changes and/or reconfigurations that correct configuration
inconsistencies or malfunctions identified above.
42
Chapter 7
Link Layer Discovery Protocol (LLDP) – cont’d

 LLDP is a one-way protocol (transmit and receive are separated).
 LLDP allows the transmitter and the receiver to be separately
enabled, making it possible to configure an implementation to
restrict the local LLDP agent either to transmit only or receive only,
or to allow the local LLDP agent to both transmit and receive LLDP
information.
43
Chapter 7
Enable/Disable LLDP command
DGS-3627:admin#
enable lldp
 To enable LLDP on the switch.
DGS-3627:admin#
disable lldp
 To disable LLDP on the switch.
44
Chapter 7
Config lldp message_tx_internal command

 This command is used to change the packet transmission interval.
DGS-3627:admin#
config lldp message_tx_interval <sec 5 – 32768>
45
Chapter 7
Config lldp ports notification command

 This command is used to configure each port for sending
notification to configured SNMP trap receiver(s).
DGS-3627:admin#
config lldp ports [<portlist>|all] notification [enable
| disable]
46
Chapter 7
Config lldp ports admin_status command

 This command is used to configure per-port transmit and receive
modes.
DGS-3627:admin#
config lldp ports [<portlist>|all] admin_status [tx_only
| rx_only | tx_and_rx | disable]
47
Chapter 7
Config lldp ports mgt_addr command

 This command is used to enable or disable port(s) specified for
advertising the indicated management address instances.
DGS-3627:admin#
config lldp ports [<portlist>|all] mgt_addr [ipv4
<ipaddr> | ipv6 <ipv6addr>] [enable | disable]
48
Chapter 7
Config lldp ports basic_tlvs command

 This command is used to configure an individual port or group of ports to
exclude one or more optional TLV data types from outbound LLDP
advertisements.
DGS-3627:admin#
config lldp ports [<portlist>|all] basic_tlvs [all |
{port_description | system_name | system_description |
system_capabilities}] [enable | disable]
49
Chapter 7
Config lldp dot3_tlvs command

 This command is used to configure an individual port or group of ports to
exclude one or more of IEEE 802.3 organization-specific TLV data types
from outbound LLDP advertisements.
DGS-3627:admin#
config lldp ports [<portlist>|all] dot3_tlvs [all |
{mac_phy_configuration_status | link_aggregation |
maximum_frame_size}] [enable | disable]
50
Chapter 7
Show lldp command

 This command is used to display the switch’s general LLDP
configuration status.
DGS-3627:admin#
show lldp
51
Chapter 7
System Maintenance
52
Chapter 7
Managing Firmware and Configuration files

 A D-Link switch requires firmware and a configuration file to
operate.
 To reduce device downtime, it is essential to have proper backup of
the firmware and configuration files. This can be accomplished by
using RCP or TFTP.
 The RCP/TFTP application uses client-server architecture and the
client can be any machine running the RCP/TFTP client application.
 TFTP is the preferred way to manage the firmware and configuration
files because of its simplicity.
53
Chapter 7
Download firmware_fromTFTP command

 This command is used to download the firmware image from TFTP
server.
DGS-3627:admin#
download firmware_fromTFTP {[<ipaddr> | <ipv6addr> |
<domain_name 255>] src_file <path_filename 64>
{dest_file {{unit [<unitid 1-12> | all]} <drive_id>}
<pathname 64> {boot_up}}}
54
Chapter 7
An example of the download

firmware_fromTFTP command
55
Chapter 7
Upload cfg_toTFTP command

 This command is used to upload a configuration file from a device to a
TFTP server. This command is required to be supported when the file
system is not supported on the device’s Flash EPROM.
DGS-3627:admin#
upload cfg_toTFTP {[<ipaddr> | <ipv6addr> | <domain_name
255>] dest_file <path_filename 64> {src_file
{<drive_id>} <pathname 64>} {[include | exclude | begin]
<filter_string 80> {<filter_string 80> {<filter_string
80>}} {[include | exclude | begin ] <filter_string 80>
{<filter_string 80> {<filter_string 80>}} {[include |
exclude | begin ] <filter_string 80> {<filter_string 80>
{<filter_string 80>}}}}}}
56
Chapter 7
An example of the upload cfg_toTFTP command
57
Chapter 7
Summary
 This chapter illustrates the use of the DHCP server to assign IP
addresses to DHCP clients.
 By applying ACL, traffic can be filtered by manipulating with the
parameters in the ACL commands.
 LLDP allows the discovery of the physical network topology by
enabling the LLDP transmit and receive information.
 Using the TFTP services to maintain the switch’s firmware and
configuration files will help to reduce the hardware’s downtime.
58
Chapter 7
Lab Topology
59

DCS-Chapter7 v1.2

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

DCS-Chapter7 v1.2

Uploaded by

Copyright:

Available Formats

Chapter 7

 D-Link Switching Features

[Chapter 7: D-Link Switching Features]

Overview and Objective

DHCP Server and Relay

Dynamic Host Configuration Protocol (DHCP)

Assign IP Address 1 DHCP Database IP Pool

Dynamic Host Configuration Protocol (DHCP)

DHCP Packet Format

Op: Operational Code YIaddr: “your” (client) IP address

DHCP Server and Client Behavior

DHCP Servers on D-Link Switches

Switch Configuration for DHCP Server

 Through IP Address Pool, the user can configure a DHCP address

create dhcp pool dhcp-test

Switch Configuration for DHCP Server

create dhcp excluded_address begin_address 10.90.90.90 end_address 10.90.90.100

Example: DHCP Server 1

Switch Configuration for DHCP Server 1

 Create a DHCP Pool and the Pool Setting:

 Manually bind an IP address to a specific user by MAC address:

 IP address assigned by the DHCP server, excluding a range of

Verify Configuration for DHCP Server 1

DGS-3627:5#show dhcp pool

Pool Name : dhcp-test DGS-3627:5#show dhcp excluded_address

Total Pool Entry: 1

Test Result for DHCP Server 1

MAC address of Client-1

 Client-2 receives an IP address (10.90.90.1) from the DHCP server

The DHCP relay agent receives the discover packets

The DHCP relay agent receives the offer packets from

The client sends a broadcast

DHCP Client-1 DHCP Client-2

The DHCP relay agent receives the request packet

Example: DHCP Relay

DHCP Server 192.168.0.10/24

DHCP Relay Agent

DHCP Client-1 DHCP Client-2

VLAN Name Member Ports IP Interface

Switch Configuration for DHCP Relay

 Set up IP interfaces for each VLAN by command:

 Bind VLAN v2 interface to DHCP Server (192.168.0.10):

Verify Configuration for DHCP Relay

Verify Configuration for DHCP Relay (cont’d)

DHCP/Bootp Relay Status : Enabled

Interface Server 1 Server 2 Server 3 Server 4

Enable/Disable DHCP command

Create dhcp pool command

Config dhcp pool network_addr command

Create dhcp excluded_address begin_address

create dhcp excluded_address begin_address <ipaddr>

Config dhcp pool default_router command

Config dhcp pool dns_server_address command

Show dhcp_server command

Show dhcp_binding command

Note: Use the clear dhcp_binding command

Access Control List (ACL)

L2-L7 Access Control List

D-Link Intelligent Switches can effectively stop

Guideline to Configure Access Profile

Access Profile Types

Ethernet Profile IP Profile

Packet Content Filtering Profile

How to count the bits in a Subnet Mask