User's Manual
Table Of Contents
- 1. INTRODUCTION
- 2. INSTALLATION
- 3. SWITCH MANAGEMENT
- 4. WEB CONFIGURATION
- 4.1 System Information
- 4.2 Switch Management
- 4.2.1 Jumbo Frame
- 4.2.2 Interface
- 4.2.3 Statistics
- 4.2.4 VLAN
- 4.2.5 MAC Address
- 4.2.6 Port Mirror
- 4.2.7 Static Link Aggregation
- 4.2.8 LACP
- 4.2.9 Trunk Group Load Balance
- 4.2.10 Spanning Tree Protocol
- 4.2.11 IGMP Snooping
- 4.2.12 IGMP Filtering and Throttling
- 4.2.13 MLD Snooping
- 4.2.14 MVR For IPv4
- 4.2.14.1 Configure Global
- 4.2.14.2 Configure Domain
- 4.2.14.3 Show Configure Profile
- 4.2.14.4 Add Configure Profile
- 4.2.14.5 Show Associate Profile
- 4.2.14.6 Add Associate Profile
- 4.2.14.7 Configure Interface
- 4.2.14.8 Show Static Group Member
- 4.2.14.9 Add Static Group Member
- 4.2.14.10 Show Member
- 4.2.14.11 Show Query Statistics
- 4.2.14.12 Show VLAN Statistics
- 4.2.14.13 Show Port Statistics
- 4.2.14.14 Show Group Statistics
- 4.2.15 MVR For IPv6
- 4.2.15.1 Configure Global
- 4.2.15.2 Configure Domain
- 4.2.15.3 Show Configure Profile
- 4.2.15.4 Add Configure Profile
- 4.2.15.5 Show Associate Profile
- 4.2.15.6 Add Associate Profile
- 4.2.15.7 Configure Interface
- 4.2.15.8 Show Static Group Member
- 4.2.15.9 Add Static Group Member
- 4.2.15.10 Show Member
- 4.2.15.11 Show Query Statistics
- 4.2.15.12 Show VLAN Statistics
- 4.2.15.13 Show Port Statistics
- 4.2.15.14 Show Group Statistics
- 4.2.16 LLDP
- 4.2.17 ERPS
- 4.2.18 Loopback Detection
- 4.2.19 UDLD
- 4.2.20 Rate Limit
- 4.2.21 Storm Control
- 4.2.22 Stacking
- 4.2.23 Pepo
- 4.3 Route Management
- 4.4 ACL
- 4.5 CoS
- 4.6 Qu’s
- 4.7 Security
- 4.7.1 AAA
- 4.7.2 Web Authentication
- 4.7.3 802.1X
- 4.7.4 MAC Authentication
- 4.7.5 HTTPS
- 4.7.6 SSH
- 4.7.7 Port Security
- 4.7.8 DAI – Dynamic ARP Inspection
- 4.7.9 Login IP Management
- 4.7.10 DoS Protection
- 4.7.11 IPv4 DHCP Snooping
- 4.7.12 IPv6 DHCP Snooping
- 4.7.13 IPv4 Source Guard
- 4.7.14 IPv6 Source Guard
- 4.7.15 Application Filter
- 4.7.16 CPU Guard
- 4.8 Device Management
- 4.8.1 SNMP
- 4.8.2 RMON
- 4.8.3 Cluster
- 4.8.4 DNS
- 4.8.5 DHCP
- 4.8.6 OAM
- 4.8.7 CFM
- 4.8.7.1 Global Configuration
- 4.8.7.2 Interface Configuration
- 4.8.7.3 MD Management
- 4.8.7.4 MD Details
- 4.8.7.5 MA Management
- 4.8.7.6 MA Details
- 4.8.7.7 MEP Management
- 4.8.7.8 Remote MEP Management
- 4.8.7.9 Transmit Link Trace
- 4.8.7.10 Transmit Loopback
- 4.8.7.11 Transmit Delay Measure
- 4.8.7.12 Show Local MEP
- 4.8.7.13 Show Local MEP Details
- 4.8.7.14 Show Local MIP
- 4.8.7.15 Show Remote MEP
- 4.8.7.16 Show Remote MEP Details
- 4.8.7.17 Show Link Trace Cache
- 4.8.7.18 Show Fault Notification Generator
- 4.8.7.19 Show Continuity Check Error
- 4.8.8 Time Setting
- 4.8.9 Event Log
- 4.8.10 File Management
- 4.8.11 Ping
- 4.8.12 Trace Route
- 4.8.13 System Reboot
- 5. SWITCH OPERATION
- 6. TROUBLESHOOTING
- APPENDIX A: Networking Connection
- APPENDIX B : GLOSSARY
User’s Manual of SGS-5240 Series Managed Switch
235
4.7.12 IPv6 DHCP Snooping
4.7.12.1 Global Configuration
Security > IPv6 DHCP Snooping > Global Configuration page is used to enable DHCPv6 Snooping globally on the switch, or to
configure MAC Address Verification.
◆DHCPv6 Snooping Status–Enables DHCPv6 snooping globally.(Default: Disabled)
◆DHCPv6 Snooping Option Remote ID–Enables the insertion of remote-id option 37 information into DHCPv6 client
messages. Remote-id option information such as the port attached to the client, DUID, and VLAN ID is used by the DHCPv6
server to assign pre-assigned configuration data specific to the DHCPv6 client. (Default: Disabled)
DHCPv6 provides a relay mechanism for sending information about the switch and its DHCPv6 clients to the
DHCPv6 server. Known as DHCPv6 Option 37, it allows compatible DHCPv6 servers to use the information when
assigning IP addresses, or to set other services or policies for clients.
When DHCPv6 Snooping Information Option 37 is enabled, the requesting client (or an intermediate relay agent
that has used the information fields to describe itself ) can be identified in the DHCPv6 request packets forwarded
by the switch and in reply packets sent back from the DHCPv6 server.
When the DHCPv6 Snooping Option 37 is enabled, clients can be identified by the switch port to which they are
connected rather than just their MAC address. DHCPv6 client-server exchange messages are then forwarded
directly between the server and client without having to flood them to the entire VLAN.
DHCPv6 snooping must be enabled for the DHCPv6 Option 37 information to be inserted into packets. When
enabled, the switch will either drop, keep or remove option 37 information in incoming DHCPv6 packets. Packets
are processed as follows:
If an incoming packet is a DHCPv6 request packet with option 37 information, it will modify the option 37 information
according to the settings specified.
If an incoming packet is a DHCPv6 request packet without option 37 information, enabling the DHCPv6 snooping
information option will add option 37 information to the packet.
If an incoming packet is a DHCPv6 reply packet with option 37 information, enabling the DHCPv6 snooping
information option will remove option 37 information from the packet.
When this switch inserts Option 37 information in DHCPv6 client request packets, the switch’s MAC address
(hexadecimal) is used for the remote ID.
◆DHCPv6 Snooping Option Policy –Sets the remote-id option policy for DHCPv6 client packets that include Option 37
information. When the switch receives DHCPv6 packets from clients that already include DHCP Option 37 information, the
switch can be configured to set the action policy for these packets. The switch can either drop the DHCPv6 packets, keep the
existing information, or replace it with the switch’s relay agent information.
Drop –Drops the client’s request packet instead of relaying it (This is the default policy).
Keep –Retains the Option 82 information in the client request, and forwards the packets to trusted ports.
Replace
–Replaces the Option 37 remote-ID in the client’s request with the relay agent’s remote-ID (when
DHCPv6 snooping is enabled), and forwards the packets to trusted ports.