![Tp-Link T2600G-28MPS (TL-SG3424P) Руководство пользователя онлайн [304/379] 174195](/img/pdf.png)
Tp-Link T2600G-28MPS (TL-SG3424P) Руководство пользователя онлайн [304/379] 174195
![Tp-Link T2600G-28MPS (TL-SG3424P) Руководство пользователя онлайн [304/379] 174195](/views2/1210070/page304/bg130.png)
• Neighbor reachability detection
• Duplicate address detection (DAD)
• Router/prefix discovery and address autoconfiguration
• Redirection
Five types of the ICMPv6 messages are listed below:
ICMPv6 Message Function
Neighbor Solicitation (NS)
• Acquires the neighbor’s link-layer address.
• Verifies whether a neighbor is reachable.
• Detects duplicate address.
Neighbor Advertisement
(NA)
• Responses to an NS message.
• Notifies the neighbor nodes of link layer changes
Router Solicitation (RS)
•
Requests for an address prefix and other
configuration parameters for autoconfiguration.
Router Advertisement (RA)
• Responses to an RS message.
•
Advertises information such as the prefix
information options and flag bits.
Redirect (RR)
• Informs the source host of another next hop to a
particular destination when certain conditions
are met.
ND Attack
Because of the absence of security mechanism, ND protocol is easy to be exploited by
attackers. Attackers can exploit the ND protocols as follows:
• The attackers send forged NS/NA/RS packets with the IPv6 address of a victim host. The
gateway or the other hosts who have received these NS/NA/RS packets will update their ND
entry with the wrong address information. AS a result, all packets intended for the victim will
be sent to the attacking host rather than the victim host.
• The attackers send forged RA packets with the IPv6 address of a victim gateway. All the
hosts attached to the victim gateway may receive incorrect IPv6 configuration parameters
and maintain false ND entries.
A forged ND packet has the following two features:
• The source MAC address in the Ethernet frame header is inconsistent with that carried in
the source link layer address option of the ND packet.
• The mapping between the source IPv6 address and the source MAC address in the Ethernet
frame header is invalid.
ND Detection Process
292
Содержание
- Jetstream gigabit l2 managed switch 1
- User guide 1
- Ce mark warning 2
- Copyright trademarks 2
- Fcc statement 2
- Explanation of the symbols on the product label 3
- Industry canada statement 3
- Safety information 3
- 安全諮詢及注意事項 3
- Package contents 13
- Chapter 1 about this guide 14
- Conventions 14
- Intended readers 14
- Overview of this guide 15
- Appearance description 20
- Chapter 2 introduction 20
- Front panel 20
- Overview of the switch 20
- Rear panel 25
- Chapter 3 login to the switch 26
- Configuration 27
- Chapter 4 system 28
- System info 28
- System summary 28
- Device description 30
- System time 30
- Daylight saving time 31
- Serial port setting 33
- User management 33
- User table 33
- User config 34
- Boot config 35
- System tools 35
- Config restore 36
- Config backup 37
- Firmware upgrade 38
- Reboot schedule 39
- System reboot 39
- Access control 40
- Access security 40
- System reset 40
- Http config 42
- Https config 42
- Ssh config 46
- Application example 1 for ssh 48
- Application example 2 for ssh 49
- Sdm template 52
- Sdm template config 52
- Telnet config 52
- Chapter 5 switching 54
- Port config 54
- Port mirror 55
- Port security 57
- Port isolation 59
- Loopback detection 60
- Lag table 63
- Static lag 64
- Lacp config 65
- Traffic monitor 67
- Traffic summary 67
- Traffic statistics 68
- Address table 70
- Mac address 70
- Static address 72
- Dynamic address 73
- Filtering address 75
- Mac notification 76
- Mac vlan security 77
- L2pt config 79
- Chapter 6 vlan 81
- Q vlan 82
- Vlan config 83
- Port config 85
- Application example for 802 q vlan 87
- Mac vlan 88
- Port enable 89
- Application example for mac vlan 90
- Protocol vlan 92
- Protocol group table 93
- Protocol group 94
- Protocol template 94
- Application example for protocol vlan 96
- Vlan vpn 98
- Vpn config 99
- Port enable 100
- Vlan mapping 100
- Configuration procedure of vlan vpn function 102
- Configuration procedure of vlan mapping function 103
- Private vlan 106
- Pvlan config 108
- Port config 109
- Application example for private vlan 110
- Chapter 7 spanning tree 113
- Stp config 118
- Stp summary 120
- Port config 121
- Mstp instance 123
- Region config 123
- Instance config 124
- Instance port config 125
- Global configuration procedure for spanning tree function 126
- Port protect 127
- Stp security 127
- Tc protect 129
- Application example for stp function 130
- Chapter 8 ethernet oam 134
- Basic config 137
- Basic config 138
- Discovery info 139
- Link monitoring 141
- Remote loopback 144
- Statistics 144
- Statistics 145
- Event log 146
- Application example for dldp 152
- Chapter 9 multicast 154
- Igmp snooping 159
- Snooping config 160
- Port config 162
- Vlan config 163
- Multicast vlan 164
- Application example for multicast vlan 167
- Querier config 168
- Profile config 169
- Profile binding 171
- Packet statistics 173
- Igmp authentication 174
- Mld snooping 176
- Snooping config 178
- Configuration procedure of multicast vlan 179
- Port config 180
- Vlan config 181
- Multicast vlan 182
- Querier config 184
- The following entries are displayed on this screen 184
- Profile config 185
- Profile binding 187
- Packet statistics 189
- Ipv4 multicast table 190
- Multicast table 190
- Static ipv4 multicast table 191
- Ipv6 multicast table 192
- Static ipv6 multicast table 193
- Chapter 10 routing 195
- Interface 195
- Ipv4 routing table 208
- Ipv6 routing table 208
- Routing table 208
- Ipv4 static routing config 209
- Static routing 209
- Ipv6 static routing config 210
- Dhcp server 211
- Dhcp server 218
- Pool setting 219
- Manual binding 220
- Binding table 221
- Packet statistics 221
- Application example for dhcp server and relay 223
- Dhcp relay 225
- Global config 227
- Dhcp server 228
- Configuration procedure 229
- Arp table 230
- Static arp 230
- Chapter 11 qos 232
- Diffserv 235
- Port priority 235
- Configuration procedure 236
- Schedule mode 237
- 802 p priority 238
- Configuration procedure 239
- Dscp priority 239
- Configuration procedure 240
- Bandwidth control 241
- Rate limit 241
- Storm control 242
- Voice vlan 243
- Global config 246
- Port config 246
- Oui config 248
- Configuration procedure of voice vlan 249
- Chapter 12 poe 250
- Poe config 250
- Poe config 251
- Poe profile 252
- Time range 253
- Time range summary 254
- Time range create 255
- Holiday config 256
- Chapter 13 acl 258
- Time range 258
- Time range summary 258
- Time range create 259
- Acl config 260
- Holiday config 260
- Acl create 261
- Acl summary 261
- Mac acl 262
- Standard ip acl 263
- Extend ip acl 264
- Combined acl 265
- Ipv6 acl 266
- Policy config 268
- Policy summary 268
- Action create 269
- Policy create 269
- Acl binding 271
- Binding table 271
- Port binding 272
- Configuration procedure 273
- Policy binding 273
- Vlan binding 273
- Binding table 274
- Port binding 275
- Configuration procedure 276
- Vlan binding 276
- Application example for acl 277
- Configuration procedure 277
- Binding table 279
- Chapter 14 network security 279
- Ip mac binding 279
- Manual binding 281
- Arp scanning 282
- Binding table 284
- Ipv6 mac binding 284
- Manual binding 286
- Nd snooping 287
- Dhcp snooping 289
- Global config 292
- Port config 293
- Option 82 config 294
- Dhcpv6 snooping 295
- Arp inspection 296
- Arp detect 300
- Arp defend 301
- Configuration procedure 301
- Arp statistics 302
- Nd detection 303
- Ip source guard 306
- Dos defend 307
- Dos defend 308
- Global config 313
- Port config 315
- Configuration procedure 316
- Global config 320
- Privilege elevation 320
- Radius server config 321
- Tacacs server config 322
- Authentication server group config 323
- Authentication method list config 324
- 802 x authentication server config 326
- Application authentication list config 326
- Default settings 327
- Chapter 15 snmp 328
- Global config 330
- Snmp config 330
- Snmp view 331
- Snmp group 332
- Snmp user 333
- Snmp community 335
- Configuration procedure 336
- Notification 337
- Statistics 340
- History 341
- Alarm config 343
- Chapter 16 lldp 345
- Lldp working mechanism 345
- Lldpdu format 345
- Basic config 350
- Global config 350
- Port config 351
- Device info 352
- Local info 352
- Neighbor info 353
- Device statistics 354
- Elements 356
- Lldp med 356
- Global config 357
- Port config 357
- Local info 360
- Neighbor info 361
- Chapter 17 maintenance 362
- Cpu monitor 362
- System monitor 362
- Memory monitor 363
- Sflow collector 365
- Sflow sampler 366
- Default settings 367
- Log table 368
- Local log 369
- Backup log 370
- Remote log 370
- Cable test 371
- Device diagnostics 371
- Network diagnostics 372
- Tracert 373
- Appendix a password recovery 375
- Appendix b specifications 376
- Appendix c glossary 377
Похожие устройства
- Tp-Link T2500-28TC (TL-SL5428E) Брошюра
- Tp-Link T2500-28TC (TL-SL5428E) Руководство по командной строке
- Tp-Link T2500-28TC (TL-SL5428E) Руководство по установке
- Tp-Link T2500-28TC (TL-SL5428E) Руководство пользователя
- Tp-Link T3700G-28TQ Брошюра
- Tp-Link T3700G-28TQ Руководство по командной строке
- Tp-Link T3700G-28TQ Руководство по установке
- Tp-Link T3700G-28TQ Руководство пользователя
- Tp-Link T2700G-28TQ Брошюра
- Tp-Link T2700G-28TQ Руководство по командной строке
- Tp-Link T2700G-28TQ Руководство по установке
- Tp-Link T2700G-28TQ Руководство пользователя
- Tp-Link T1600G-52PS (TL-SG2452P) Руководство по командной строке
- Tp-Link T1600G-52PS (TL-SG2452P) Руководство по конфигурации
- Tp-Link T1600G-52PS (TL-SG2452P) Руководство по установке
- Tp-Link T1600G-52PS (TL-SG2452P) Руководство пользователя
- Tp-Link T1600G-52TS (TL-SG2452) Брошюра
- Tp-Link T1600G-52TS (TL-SG2452) Руководство по командной строке
- Tp-Link T1600G-52TS (TL-SG2452) Руководство по конфигурированию
- Tp-Link T1600G-52TS (TL-SG2452) Руководство по установке