User's Manual
Table Of Contents
- 1. INTRODUCTION
- 2. INSTALLATION
- 3. SWITCH MANAGEMENT
- 4. WEB CONFIGURATION
- 4.1 System Information
- 4.2 Switch Management
- 4.2.1 Jumbo Frame
- 4.2.2 Interface
- 4.2.3 Statistics
- 4.2.4 VLAN
- 4.2.5 MAC Address
- 4.2.6 Port Mirror
- 4.2.7 Static Link Aggregation
- 4.2.8 LACP
- 4.2.9 Trunk Group Load Balance
- 4.2.10 Spanning Tree Protocol
- 4.2.11 IGMP Snooping
- 4.2.12 IGMP Filtering and Throttling
- 4.2.13 MLD Snooping
- 4.2.14 MVR For IPv4
- 4.2.14.1 Configure Global
- 4.2.14.2 Configure Domain
- 4.2.14.3 Show Configure Profile
- 4.2.14.4 Add Configure Profile
- 4.2.14.5 Show Associate Profile
- 4.2.14.6 Add Associate Profile
- 4.2.14.7 Configure Interface
- 4.2.14.8 Show Static Group Member
- 4.2.14.9 Add Static Group Member
- 4.2.14.10 Show Member
- 4.2.14.11 Show Query Statistics
- 4.2.14.12 Show VLAN Statistics
- 4.2.14.13 Show Port Statistics
- 4.2.14.14 Show Group Statistics
- 4.2.15 MVR For IPv6
- 4.2.15.1 Configure Global
- 4.2.15.2 Configure Domain
- 4.2.15.3 Show Configure Profile
- 4.2.15.4 Add Configure Profile
- 4.2.15.5 Show Associate Profile
- 4.2.15.6 Add Associate Profile
- 4.2.15.7 Configure Interface
- 4.2.15.8 Show Static Group Member
- 4.2.15.9 Add Static Group Member
- 4.2.15.10 Show Member
- 4.2.15.11 Show Query Statistics
- 4.2.15.12 Show VLAN Statistics
- 4.2.15.13 Show Port Statistics
- 4.2.15.14 Show Group Statistics
- 4.2.16 LLDP
- 4.2.17 ERPS
- 4.2.18 Loopback Detection
- 4.2.19 UDLD
- 4.2.20 Rate Limit
- 4.2.21 Storm Control
- 4.2.22 Stacking
- 4.2.23 Pepo
- 4.3 Route Management
- 4.4 ACL
- 4.5 CoS
- 4.6 Qu’s
- 4.7 Security
- 4.7.1 AAA
- 4.7.2 Web Authentication
- 4.7.3 802.1X
- 4.7.4 MAC Authentication
- 4.7.5 HTTPS
- 4.7.6 SSH
- 4.7.7 Port Security
- 4.7.8 DAI – Dynamic ARP Inspection
- 4.7.9 Login IP Management
- 4.7.10 DoS Protection
- 4.7.11 IPv4 DHCP Snooping
- 4.7.12 IPv6 DHCP Snooping
- 4.7.13 IPv4 Source Guard
- 4.7.14 IPv6 Source Guard
- 4.7.15 Application Filter
- 4.7.16 CPU Guard
- 4.8 Device Management
- 4.8.1 SNMP
- 4.8.2 RMON
- 4.8.3 Cluster
- 4.8.4 DNS
- 4.8.5 DHCP
- 4.8.6 OAM
- 4.8.7 CFM
- 4.8.7.1 Global Configuration
- 4.8.7.2 Interface Configuration
- 4.8.7.3 MD Management
- 4.8.7.4 MD Details
- 4.8.7.5 MA Management
- 4.8.7.6 MA Details
- 4.8.7.7 MEP Management
- 4.8.7.8 Remote MEP Management
- 4.8.7.9 Transmit Link Trace
- 4.8.7.10 Transmit Loopback
- 4.8.7.11 Transmit Delay Measure
- 4.8.7.12 Show Local MEP
- 4.8.7.13 Show Local MEP Details
- 4.8.7.14 Show Local MIP
- 4.8.7.15 Show Remote MEP
- 4.8.7.16 Show Remote MEP Details
- 4.8.7.17 Show Link Trace Cache
- 4.8.7.18 Show Fault Notification Generator
- 4.8.7.19 Show Continuity Check Error
- 4.8.8 Time Setting
- 4.8.9 Event Log
- 4.8.10 File Management
- 4.8.11 Ping
- 4.8.12 Trace Route
- 4.8.13 System Reboot
- 5. SWITCH OPERATION
- 6. TROUBLESHOOTING
- APPENDIX A: Networking Connection
- APPENDIX B : GLOSSARY
User’s Manual of SGS-5240 Series Managed Switch
232
4.7.11 IPv4 DHCP Snooping
4.7.11.1 Global Configuration
Security > IPv4 DHCP Snooping > Global Configuration page is used to enable DHCP Snooping globally on the switch, or to
configure MAC Address Verification.
DHCP Snooping Status – Enables DHCP snooping globally. (Default: Disabled)
DHCP Snooping MAC-Address Verification – Enables or disables MAC address verification. If the source MAC
address in the Ethernet header of the packet is not same as the client's hardware address in the DHCP packet, the packet
is dropped. (Default: Enabled)
DHCP Snooping Rate Limit
– Sets the maximum number of DHCP packets that can be trapped by the switch for DHCP
snooping. (Range: 1-2048 packets/ second)
DHCP Snooping Information Option Status – Enables or disables DHCP Option 82 information relay. (Default:
Disabled)
DHCP Snooping Information Option Sub-option Format – Enables or disables use of sub-type and sub-length fields in
circuit-ID (CID) and remote-ID (RID) in Option 82 information.
DHCP Snooping Information Option Remote ID – Specifies the MAC address, IP address, or arbitrary identifier of the
requesting device (i.e., the switch in this context).
MAC Address – Inserts a MAC address in the remote ID sub-option for the DHCP snooping agent (i.e., the MAC
address of the switch’s CPU). This attribute can be encoded in Hexadecimal or ASCII.
IP Address – Inserts an IP address in the remote ID sub-option for the DHCP snooping agent (i.e., the IP address
of the management interface). This attribute can be encoded in Hexadecimal or ASCII.
string - An arbitrary string inserted into the remote identifier field. (Range: 1-32 characters)
DHCP Snooping Information Option Remote ID TR101 VLAN Field
–Adds“:VLAN” in TR101 field for untagged packets.
The format for TR101 option 82 is: “<IP> eth <SID>/<PORT>[:<VLAN>]”. Note that the SID (Switch ID) is always 0. By
default the PVID is added to the end of the TR101 field for untagged packets. For tagged packets, the VLAN ID is always
added.
DHCP Snooping Information Option Policy – Specifies how to handle DHCP client request packets which already contain
Option 82 information.
Drop – Drops the client’s request packet instead of relaying it.
Keep – Retains the Option 82 information in the client request, and forwards the packets to trusted ports.
Replace – Replaces the Option 82 information circuit-id and remote-id fields in the client’s request with information
about the relay agent itself, inserts the relay agent’s address (when DHCP snooping is enabled), and forwards the
packets to trusted ports. (This is the default policy.)