![D-Link DGS-3630-28SC [555/742] Safeguard engine](/img/pdf.png)
D-Link DGS-3630-28SC [555/742] Safeguard engine
![D-Link DGS-3630-28PC [555/742] Safeguard engine](/views2/1459303/page555/bg22b.png)
DGS-3630 Series Layer 3 Stackable Managed Switch Web UI Reference Guide
543
Click the Clear All button to clear all the information in this table.
Click the Find button to locate a specific entry based on the information entered.
Click the Show All button to locate and display all the entries.
Safeguard Engine
Periodically, malicious hosts on the network will attack the Switch by utilizing packet flooding (ARP Storm) or other
methods. These attacks may increase the Switch’s CPU load beyond its capability. To alleviate this problem, the
Safeguard Engine function was added to the Switch’s software.
The Safeguard Engine can help the overall operability of the Switch by minimizing the workload of the Switch while the
attack is ongoing, thus making it capable to forward essential packets over its network in a limited bandwidth.
If the CPU load rises above the rising threshold value, the Safeguard Engine function will be activated and the Switch
will enter the exhausted mode. In the exhausted mode, the Switch will limit the bandwidth available for ARP and
broadcast IP packets. If the CPU load falls below the falling threshold value, the Safeguard Engine will be deactivated
and the Switch will exit the exhausted mode and enter the normal mode.
Packets that are destined to the CPU can be classified into three groups. These groups, otherwise known as sub-
interfaces, are logical interfaces that the CPU will use to identify certain types of traffic. The three groups are Protocol,
Manage, and Route. Generally, the Protocol group should receive the highest priority when the Switch’s CPU
processes received packets and the Route group should receive the lowest priority as the Switch’s CPU usually does
get involved in the processing of routing packets. In the Protocol group, packets are protocol control packets
identified by the router. In the Manage group, packets are destined to any router or system network management
interface by means of interactive access protocols, like Telnet and SSH. In the Route group, packets are identified as
traversing routing packets that is generally processed by the router CPU.
In the following table a list of supported protocols are displayed with their respective sub-interfaces (groups):
Protocol Name Sub-interface
(Group)
Description
802.1X
Protocol Port-based Network Access Control
ARP
Protocol Address resolution Protocol
BGP
Protocol Border Gateway Protocol
DHCP
Protocol Dynamic Host Configuration Protocol
DNS
Protocol Domain Name System
DVMRP
Protocol Distance Vector Multicast Routing Protocol
GVRP
Protocol GARP VLAN Registration Protocol
ICMPv4
Protocol Internet Control Message Protocol
ICMPv6-
Neighbor
Protocol IPv6 Internet Control Message Protocol Neighbor Discovery Protocol
(NS/NA/RS/RA)
ICMPv6-Other
Protocol IPv6 Internet Control Message Protocol except Neighbor Discovery
Protocol (NS/NA/RS/RA)
IGMP
Protocol Internet Group Management Protocol
LACP
Protocol Link Aggregation Control Protocol
NTP
Protocol Network Time Protocol
OSPF
Protocol Open Shortest Path First
PIM
Protocol Protocol Independent Multicast
PPPoE
Protocol Point-to-point protocol over Ethernet
RIP
Protocol Routing Information Protocol
SNMP
Manage Simple Network Management Protocol
Содержание
- Table of contents 3
- Audience 13
- Conventions 13
- Introduction 13
- Notes notices and cautions 13
- Other documentation 13
- Management options 15
- Web based switch configuration 15
- Logging into the web ui 16
- Areas of the user interface 17
- Web user interface web ui 17
- Device information 18
- System 18
- System information settings 18
- Peripheral settings 19
- Port configuration 20
- Port settings 20
- Port status 22
- Port gbic 23
- Error disable settings 24
- Port auto negotiation 24
- Jumbo frame 25
- Interface description 26
- Loopback test 27
- Poe system 28
- Poe status 29
- Poe configuration 30
- Pd alive 31
- Poe statistics 31
- Poe measurement 32
- Poe lldp classification 33
- System log 33
- System log settings 33
- System log discriminator settings 36
- System log server settings 36
- System attack log 38
- System log 38
- Clock settings 39
- Time and sntp 39
- Time zone settings 39
- Sntp settings 41
- Time range 42
- Ptp global settings 43
- Ptp precise time protocol 43
- Ptp boundary port settings 45
- Ptp port global settings 45
- Ptp clock information 47
- Ptp p2p transparent port settings 47
- Ptp port information 48
- Ptp foreign master records port information 49
- Usb console settings 49
- Srm prefer current settings 50
- Srm prefer mode 50
- Command logging 52
- Management 52
- User accounts settings 52
- Cli alias settings 54
- Password encryption 55
- Password recovery 55
- Login method 56
- Snmp global settings 58
- Snmp linkchange trap settings 60
- Snmp view table settings 60
- Snmp community table settings 61
- Snmp group table settings 62
- Snmp engine id local settings 64
- Snmp user table settings 64
- Snmp host table settings 66
- Rmon global settings 67
- Snmp context mapping table settings 67
- Rmon statistics settings 68
- Rmon history settings 69
- Rmon alarm settings 70
- Rmon event settings 71
- Telnet web 72
- Service dhcp 73
- Session timeout 73
- Dhcp class settings 74
- Dhcp server 75
- Dhcp server global settings 75
- Dhcp server pool settings 76
- Dhcp server exclude address 79
- Dhcp server manual binding 80
- Dhcp server dynamic binding 81
- Dhcp server ip conflict 81
- Dhcp server statistic 82
- Dhcpv6 server 83
- Dhcpv6 server pool settings 83
- Dhcpv6 server local pool settings 85
- Dhcpv6 server binding 86
- Dhcpv6 server exclude address 86
- Dhcpv6 server interface settings 87
- Dhcpv6 server operational information 87
- Dhcp relay 88
- Dhcp relay global settings 88
- Dhcp relay pool settings 88
- Dhcp relay information settings 91
- Dhcp relay information option format settings 92
- Dhcp relay information profile settings 93
- Dhcp relay port settings 95
- Dhcp local relay vlan 96
- Dhcpv6 relay 97
- Dhcpv6 relay global settings 97
- Dhcpv6 relay interface settings 99
- Dhcpv6 relay remote id profile settings 99
- Dhcpv6 relay interface id profile settings 101
- Dhcpv6 relay format type settings 103
- Dhcpv6 local relay vlan 104
- Dhcpv6 relay port settings 104
- Dhcp auto configuration 105
- Dhcp auto image settings 105
- Dns global settings 106
- Dns name server settings 107
- Dns host settings 108
- Ntp global settings 109
- Ntp server settings 110
- Ntp peer settings 111
- Ntp access group settings 112
- Ntp key settings 113
- Ntp associations 114
- Ntp interface settings 114
- Ntp status 115
- Ip source interface 116
- File system 117
- Stacking 119
- Physical stacking 123
- Stacking bandwidth 124
- Virtual stacking sim 125
- Single ip settings 127
- Topology 128
- Configuration file backup restore 135
- Firmware upgrade 135
- D link discovery protocol 136
- Upload log file 136
- Smtp settings 137
- Reboot schedule settings 139
- Nlb fdb settings 140
- Sd card backup settings 141
- Sd card management 141
- Sd card execute settings 142
- Layer 2 features 144
- Static fdb 144
- Unicast static fdb 144
- Mac address table settings 145
- Multicast static fdb 145
- Mac address table 147
- Mac notification 148
- Protocol vlan profile 150
- Q vlan 150
- V protocol vlan 150
- Protocol vlan profile interface 151
- Gvrp global 152
- Gvrp advertise vlan 153
- Gvrp port 153
- Gvrp forbidden vlan 154
- Asymmetric vlan 155
- Gvrp statistics table 155
- Mac vlan 156
- Vlan interface 156
- L2vlan interface description 163
- Subnet vlan 164
- Super vlan 165
- Auto surveillance properties 166
- Auto surveillance vlan 166
- Mac settings and surveillance device 168
- Voice vlan 169
- Voice vlan global 169
- Voice vlan port 170
- Voice vlan device 171
- Voice vlan oui 171
- Private vlan 172
- Voice vlan lldp med device 172
- Dot1q tunnel 174
- Vlan tunnel 174
- Vlan mapping 176
- Vlan mapping profile 177
- Stp global settings 184
- Stp port settings 185
- Mst configuration identification 187
- Mstp port information 189
- Stp instance 189
- Erps g 032 190
- Erps profile 195
- Loopback detection 196
- Link aggregation 198
- Flex links 200
- L2 protocol tunnel 201
- Igmp snooping 203
- Igmp snooping settings 203
- L2 multicast control 203
- Igmp snooping aaa settings 206
- Igmp snooping groups settings 207
- Igmp snooping filter settings 208
- Igmp snooping mrouter settings 210
- Igmp snooping statistics settings 211
- Mld snooping 212
- Mld snooping settings 213
- Mld snooping groups settings 216
- Mld snooping filter settings 217
- Mld snooping mrouter settings 219
- Mld snooping statistics settings 220
- Multicast vlan 221
- Multicast vlan settings 221
- Multicast vlan group settings 224
- Pim snooping 226
- Pim snooping global settings 226
- Pim snooping mroute table 227
- Pim snooping neighbor table 227
- Pim snooping statistics table 228
- Lldp global settings 229
- Multicast filtering mode 229
- Lldp port settings 231
- Lldp basic tlvs settings 232
- Lldp management address list 232
- Lldp dot1 tlvs settings 233
- Lldp dot3 tlvs settings 234
- Lldp med port settings 235
- Lldp dcbx port settings 236
- Lldp statistics information 236
- Lldp local port information 237
- Lldp neighbor port information 239
- Arp elevation 241
- Layer 3 features 241
- Arp aging time 242
- Static arp 242
- Arp table 243
- Proxy arp 243
- Gratuitous arp 244
- Ipv6 neighbor 245
- Interface 246
- Ipv4 interface 246
- Ipv6 interface 248
- Loopback interface 252
- Null interface 253
- Ip forward protocol 254
- Ip helper address 254
- Udp helper 254
- Ipv4 static default route 255
- Ipv4 static route bfd 256
- Ipv4 route table 257
- Ipv6 static default route 258
- Ipv6 route table 259
- Ipv6 static route bfd 259
- Route preference 260
- Ecmp settings 261
- Ip tunnel settings 262
- Ipv6 general prefix 262
- Urpf settings 264
- Vrf settings 266
- Vrf interface settings 268
- Rip settings 269
- Rip distribute list 272
- Rip interface settings 273
- Rip database 274
- Ripng settings 274
- Ripng interface settings 276
- Ospfv2 277
- Ospfv2 process settings 277
- Ripng database 277
- Ospfv2 distribute list 280
- Ospfv2 gr helper settings 281
- Ospfv2 area settings 282
- Ospfv2 passive interface settings 282
- Ospfv2 interface settings 284
- Ospfv2 bfd settings 287
- Ospfv2 redistribute settings 288
- Ospfv2 virtual link settings 289
- Ospfv2 lsdb table 291
- Ospfv2 neighbor table 292
- Ospfv2 host route settings 293
- Ospfv3 294
- Ospfv3 process settings 294
- Ospfv3 passive interface settings 296
- Ospfv3 area settings 297
- Ospfv3 interface settings 299
- Ospfv3 redistribute settings 301
- Ospfv3 virtual link settings 302
- Ospfv3 lsdb table 304
- Ospfv3 neighbor table 306
- Igmp interface settings 307
- Ip multicast routing protocol 307
- Ospfv3 border router table 307
- Igmp static group settings 309
- Igmp dynamic group table 310
- Igmp ssm mapping settings 310
- Mld interface settings 312
- Mld group table 314
- Mld static group settings 314
- Mld ssm mapping settings 315
- Igmp proxy 316
- Igmp proxy settings 316
- Igmp proxy forwarding table 318
- Igmp proxy group table 318
- Mld proxy 319
- Mld proxy settings 319
- Mld proxy forwarding table 320
- Mld proxy group table 320
- Dvmrp interface settings 321
- Dvmrp routing table 322
- Dvmrp neighbor table 323
- Pim for ipv4 325
- Pim interface 325
- Pim bsr candidate 327
- Pim rp address 328
- Pim rp candidate 330
- Pim rp table 331
- Pim register settings 332
- Pim spt threshold settings 334
- Pim ssm settings 334
- Pim neighbor table 335
- Pim for ipv6 336
- Pim for ipv6 interface 336
- Pim for ipv6 bsr candidate settings 338
- Pim for ipv6 bsr table 339
- Pim for ipv6 rp address 339
- Pim for ipv6 rp candidate 341
- Pim for ipv6 rp embedded settings 343
- Pim for ipv6 rp table 343
- Pim for ipv6 register settings 344
- Pim for ipv6 spt threshold settings 345
- Pim for ipv6 ssm settings 345
- Pim for ipv6 s g keepalive time 346
- Pim for ipv6 mroute table 347
- Pim for ipv6 neighbor table 348
- Msdp global settings 349
- Msdp peer settings 350
- Msdp sa cache 353
- Msdp mesh group settings 354
- Msdp static rpf settings 354
- Ip multicast global settings 355
- Ip multicast route settings 357
- Ip multicast rpf table 358
- Ip multicast forwarding cache 359
- Ip multicast protocol statistics 359
- Control packet cpu filtering 360
- Ipv6 multicast global settings 362
- Ipv6 static multicast route settings 362
- Ipv6mc 362
- Ipv6 multicast routing table 363
- Ipv6 multicast routing forwarding cache table 364
- Ipv6 rpf table 364
- Bgp global settings 365
- Bgp aggregate address settings 367
- Bgp network settings 369
- Bgp route redistribution settings 370
- Bgp route preference settings 371
- Bgp dampening settings 372
- Bgp dampening dampened paths table 374
- Bgp dampening flap statistics table 375
- Bgp reflector settings 377
- Bgp as path access list settings 378
- Bgp confederation settings 378
- Bgp community list settings 379
- Bgp extended community list settings 381
- Bgp clear settings 382
- Bgp summary table 383
- Bgp routing table 384
- Bgp labels table 386
- Bgp neighbor 387
- Neighbor 387
- Peer group 389
- Neighbor activate 392
- Neighbor shutdown 393
- Neighbor map settings 394
- Neighbor filter settings 395
- Neighbor maximum prefix settings 397
- Neighbor general settings 399
- Bfd settings 401
- Bfd neighbor table 402
- Isis global settings 403
- Isis router settings 408
- Isis interface settings 410
- Isis redistribute settings 413
- Isis redistribute isis settings 415
- Isis route table 415
- Isis database 416
- Isis topology 417
- Isis hostname 418
- Isis neighbors 418
- Ip prefix list 419
- Ip route filter 419
- Route map 420
- Policy route 424
- Vrrp settings 425
- Vrrpv3 settings 427
- Basic settings 430
- Port default cos 430
- Port scheduler method 430
- Quality of service qos 430
- Cos to queue mapping 432
- Queue settings 432
- Port rate limiting 433
- Queue rate limiting 434
- Queue statistics table 435
- Advanced settings 436
- Dscp mutation map 436
- Port trust state and mutation binding 437
- Dscp cos mapping 438
- Cos color mapping 439
- Dscp color mapping 439
- Class map 440
- Aggregate policer 442
- Policy map 445
- Policy binding 448
- Network qos class map 449
- Qos pfc 449
- Network qos policy map 450
- Network qos policy binding 452
- Pfc port settings 453
- Wred profile 454
- Wred drop counter 456
- Wred queue 456
- Iscsi settings 457
- Iscsi sessions 459
- Access control list acl 460
- Acl configuration wizard 460
- Step 1 create update 460
- Step 2 select packet type 461
- Step 3 add rule 462
- Step 4 apply port 469
- Acl access list 470
- Standard ip acl 472
- Extended ip acl 473
- Standard ipv6 acl 476
- Extended ipv6 acl 477
- Extended mac acl 480
- Extended expert acl 482
- Acl interface access group 485
- Acl vlan access map 486
- Acl vlan filter 488
- Cpu acl 489
- Port security 492
- Port security global settings 492
- Security 492
- Port security port settings 493
- Port security address entries 495
- X global settings 500
- X port settings 500
- Authentication sessions information 501
- Authenticator statistics 502
- Authenticator diagnostics 503
- Authenticator session statistics 503
- Aaa global settings 504
- Application accounting settings 505
- Application authentication settings 505
- Authentication settings 507
- Accounting settings 510
- Radius 512
- Radius global settings 512
- Radius group server settings 513
- Radius server settings 513
- Radius statistic 515
- Tacacs 515
- Tacacs global settings 515
- Tacacs server settings 516
- Tacacs group server settings 517
- Tacacs statistic 518
- Dhcp snooping global settings 519
- Dhcp snooping port settings 519
- Dhcpv4 snooping 519
- Dhcp snooping vlan settings 520
- Dhcp snooping database 521
- Dhcp snooping binding entry 522
- Arp access list 523
- Dynamic arp inspection 523
- Arp inspection settings 524
- Arp inspection port settings 525
- Arp inspection statistics 526
- Arp inspection vlan 526
- Arp inspection log 527
- Ip source guard 527
- Ip source guard port settings 527
- Ip source guard binding 528
- Ip source guard vlan settings 528
- Advanced settings 530
- Ip mac port binding settings 530
- Ip source guard hw entry 530
- Ip mac port binding blocked entry 531
- Ipv6 snooping 532
- Ipv6 nd inspection 533
- Ipv6 ra guard 534
- Ipv6 dhcp guard 535
- Ipv6 source guard 537
- Ipv6 source guard settings 537
- Ipv6 neighbor binding 538
- Dhcp server screening 539
- Dhcp server screening global settings 539
- Dhcp server screening port settings 540
- Arp spoofing prevention 541
- Bpdu attack protection 542
- Netbios filtering 543
- Mac authentication 544
- Web based access control 546
- Wac port settings 548
- Web authentication 548
- Wac customize page 549
- Guest vlan 550
- Network access authentication 550
- Network access authentication global settings 551
- Network access authentication port settings 553
- Network access authentication sessions information 554
- Safeguard engine 555
- Safeguard engine settings 556
- Cpu protect counters 557
- Cpu protect sub interface 557
- Cpu protect type 558
- Traffic segmentation settings 559
- Trusted host 559
- Storm control 560
- Dos attack prevention settings 562
- Zone defense settings 563
- Ssh global settings 564
- Host key 565
- Ssh server connection 566
- Ssh user settings 566
- Ssl global settings 568
- Crypto pki trustpoint 569
- Ssl service policy 569
- Sftp server settings 570
- Sftp client settings 571
- Cfm settings 572
- Cfm port settings 582
- Cfm loopback test 583
- Cfm linktrace settings 584
- Cfm packet counter 585
- Cfm counter ccm 586
- Cfm mep fault table 586
- Cfm mip ccm table 586
- Cable diagnostics 587
- Ethernet oam 588
- Ethernet oam settings 588
- Ethernet oam configuration settings 589
- Ethernet oam event log table 592
- Ethernet oam statistics table 592
- Ethernet oam duld settings 593
- Ddm settings 595
- Ddm temperature threshold settings 596
- Ddm voltage threshold settings 596
- Ddm bias current threshold settings 597
- Ddm rx power threshold settings 598
- Ddm tx power threshold settings 598
- Ddm status table 599
- Mpls ldp information settings 600
- Mpls forwarding settings 603
- Mpls lsp trigger information 603
- Mpls ldp neighbor password settings 605
- Mpls ldp neighbor targeted settings 605
- Mpls ldp neighbor information 606
- Mpls global settings 607
- Mpls ldp interface settings 608
- Mpls ldp session information 609
- Mpls ldp binding table 610
- Mpls ldp statistic 610
- Mpls ldp discovery information 611
- Mpls qos settings 612
- Ping mpls 615
- Traceroute mpls ipv4 616
- Mpls l2vpn 618
- Vpws settings 618
- L2vc interface description 621
- Vpls settings 622
- Vpls mac address table 626
- Monitoring 628
- Vlan counter 628
- Port utilization 629
- Utilization 629
- History utilization 630
- Statistics 631
- Cpu port 632
- Interface counters 633
- Interface history counters 636
- Counters 637
- Mirror settings 639
- Sflow agent information 641
- Sflow receiver settings 641
- Sflow sampler settings 642
- Sflow poller settings 643
- Device environment 644
- External alarm settings 645
- Power saving 647
- Firmware upgrade backup 650
- Firmware upgrade from http 650
- Save and tools 650
- Save configuration 650
- Firmware upgrade from ftp 651
- Firmware upgrade from tftp 651
- Firmware upgrade from rcp 652
- Firmware upgrade from sftp 653
- Firmware backup to http 654
- Firmware backup to tftp 654
- Firmware backup to ftp 655
- Firmware backup to rcp 656
- Configuration restore backup 657
- Configuration restore from http 657
- Firmware backup to sftp 657
- Configuration restore from tftp 658
- Configuration restore from ftp 659
- Configuration restore from rcp 660
- Configuration restore from sftp 660
- Configuration backup to http 661
- Configuration backup to ftp 662
- Configuration backup to tftp 662
- Configuration backup to rcp 663
- Configuration backup to sftp 664
- Certificate key upgrade backup 665
- Certificate key upgrade from http 665
- Certificate key upgrade from ftp 666
- Certificate key upgrade from tftp 666
- Certificate key upgrade from rcp 667
- Certificate key upgrade from sftp 668
- Certificate key backup to http 669
- Certificate key backup to tftp 669
- Certificate key backup to ftp 670
- Certificate key backup to rcp 671
- Certificate key backup to sftp 672
- Log backup 672
- Log backup to http 672
- Log backup to tftp 673
- Log backup to rcp 674
- Log backup to sftp 674
- Trace route 678
- Dlms settings 681
- Reboot system 681
- Appendix a password recovery procedure 683
- Appendix b system log entries 684
- Arp spoofing prevention 686
- Auto image 686
- Auto save 687
- Auto surveillance vlan 687
- Bpdu protection 689
- Cfm extension 691
- Configuration firmware 692
- Dhcpv6 client 695
- Dhcpv6 relay 697
- Dhcpv6 server 697
- Dns resolver 698
- Dos prevention 698
- Dynamic arp inspection 698
- Ethernet oam 699
- Interface 700
- Ip directed broadcast 701
- Ip source guard 701
- Ipv6 snooping 701
- Ipv6 source guard 701
- Lldp med 703
- Login logout 705
- Mstp debug 707
- Ospfv2 709
- Peripheral 710
- Port security 711
- Reboot schedule 712
- Safeguard 712
- Sd card management 712
- Stacking 713
- Storm control 715
- Telnet 715
- Traffic control 716
- Voice vlan 716
- Vrrp debug 718
- Zone defense 722
- Ah oam 723
- Appendix c trap entries 723
- Authentication fail 724
- Bpdu protection 724
- Cfm extension 725
- Dhcp server screen prevention 726
- Dos prevention 726
- Errdisable 726
- External alarm 727
- Gratuitous arp 727
- Ip mac port binding 727
- Lldp med 728
- Mac based access control 729
- Mac notification 729
- Peripheral 730
- Pim6 sm 731
- Port security 733
- Reboot schedule 733
- Safeguard 734
- Stacking 735
- Storm control 735
- System file 736
- Upload download 736
- Appendix d radius attributes assignment 738
- Appendix e ietf radius attributes support 741
Похожие устройства
- D-Link DGS-3630-28TC Краткое руководство по установке
- D-Link DGS-3630-28TC Руководство по установке
- D-Link DGS-3630-28TC Руководство пользователя _Web UI_
- D-Link DGS-3630-28TC Руководство пользователя _CLI_
- D-Link DGS-3630-52PC Краткое руководство по установке
- D-Link DGS-3630-52PC Руководство пользователя _CLI_
- D-Link DGS-3630-52PC Руководство пользователя _Web UI_
- D-Link DGS-3630-52TC Руководство по установке
- D-Link DGS-3630-52TC Краткое руководство по установке
- D-Link DGS-3630-52TC Руководство пользователя _Web UI_
- D-Link DGS-3630-52TC Руководство пользователя _CLI_
- D-Link DXS-3600-16S Руководство по установке
- D-Link DXS-3600-16S Руководство пользователя _CLI_
- D-Link DXS-3600-16S Руководство пользователя _Web UI_
- D-Link DXS-3600-32S Руководство по установке
- D-Link DXS-3600-32S Краткое руководство по установке
- D-Link DXS-3600-32S Руководство пользователя _CLI_
- D-Link DXS-3600-32S Руководство пользователя _Web UI_
- D-Link DGS-6604 Руководство пользователя _CLI_
- D-Link DGS-6604 Руководство по установке