Operation Manual

ManualsBrandsTP-LINK ManualsComputersT2500-28TC-TL-SL5428E

241

242

243

244

245

246

247

248

249

250

Table Of Contents

Package Contents
Chapter 1 About This Guide
- 1.1 Intended Readers
- 1.2 Conventions
- 1.3 Overview of This Guide
Chapter 2 Introduction
- 2.1 Overview of the Switch
- 2.2 Appearance Description
  - 2.2.1 Front Panel
  - 2.2.2 Rear Panel
Chapter 3 Login to the Switch
- 3.1 Login
- 3.2 Configuration
Chapter 4 System
- 4.1 System Info
- 4.2 User Management
  - 4.2.1 User Table
  - 4.2.2 User Config
- 4.3 System Tools
- 4.4 Access Security
Chapter 5 Switching
- 5.1 Port
- 5.2 DDM
- 5.3 LAG
- 5.4 Traffic Monitor
  - 5.4.1 Traffic Summary
  - 5.4.2 Traffic Statistics
- 5.5 MAC Address
Chapter 6 VLAN
- 6.1 802.1Q VLAN
  - 6.1.1 VLAN Config
  - 6.1.2 Port Config
- 6.2 MAC VLAN
  - 6.2.1 MAC VLAN
  - 6.2.2 Port Enable
- 6.3 Protocol VLAN
- 6.4 Application Example for 802.1Q VLAN
- 6.5 Application Example for MAC VLAN
- 6.6 Application Example for Protocol VLAN
- 6.7 VLAN VPN
- 6.8 Private VLAN
  - 6.8.1 PVLAN Config
  - 6.8.2 Port Config
- 6.9 GVRP
- 6.10 Application Example for Private VLAN
Chapter 7 Spanning Tree
- 7.1 STP Config
  - 7.1.1 STP Config
  - 7.1.2 STP Summary
- 7.2 Port Config
- 7.3 MSTP Instance
- 7.4 STP Security
  - 7.4.1 Port Protect
  - 7.4.2 TC Protect
- 7.5 Application Example for STP Function
Chapter 8 Ethernet OAM
- 8.1 Basic Config
  - 8.1.1 Basic Config
  - 8.1.2 Discovery Info
- 8.2 Link Monitoring
- 8.3 RFI
- 8.4 Remote Loopback
- 8.5 Statistics
  - 8.5.1 Statistics
  - 8.5.2 Event Log
- 8.6 DLDP
- 8.7 Application Example for DLDP
Chapter 9 DHCP
- 9.1 DHCP Relay
Chapter 10 Multicast
- 10.1 IGMP Snooping
- 10.2 MLD Snooping
- 10.3 Multicast Table
  - 10.3.1 IPv4 Multicast Table
  - 10.3.2 IPv6 Multicast Table
Chapter 11 QoS
- 11.1 DiffServ
- 11.2 Bandwidth Control
  - 11.2.1 Rate Limit
  - 11.2.2 Storm Control
- 11.3 Voice VLAN
Chapter 12 ACL
- 12.1 Time-Range
- 12.2 ACL Config
- 12.3 Policy Config
- 12.4 Policy Binding
- 12.5 Application Example for ACL
Chapter 13 Network Security
- 13.1 IP-MAC Binding
- 13.2 DHCP Snooping
  - 13.2.1 DHCP Snooping
  - 13.2.2 Option 82
- 13.3 ARP Inspection
- 13.4 IP Source Guard
- 13.5 DoS Defend
  - 13.5.1 DoS Defend
  - 13.5.2 DoS Detect
- 13.6 802.1X
  - 13.6.1 Global Config
  - 13.6.2 Port Config
- 13.7 AAA
- 13.8 PPPoE Config
Chapter 14 SNMP
- 14.1 SNMP Config
- 14.2 Notification
  - 14.2.1 Notification Config
  - 14.2.2 Traps Config
- 14.3 RMON
Chapter 15 LLDP
- 15.1 Basic Config
  - 15.1.1 Global Config
  - 15.1.2 Port Config
- 15.2 Device Info
  - 15.2.1 Local Info
  - 15.2.2 Neighbor Info
- 15.3 Device Statistics
- 15.4 LLDP-MED
Chapter 16 Cluster
- 16.1 NDP
- 16.2 NTDP
- 16.3 Cluster
Chapter 17 Maintenance
- 17.1 System Monitor
  - 17.1.1 CPU Monitor
  - 17.1.2 Memory Monitor
- 17.2 Log
- 17.3 Device Diagnostics
- 17.4 Network Diagnostics
  - 17.4.1 Ping
  - 17.4.2 Tracert
Chapter 18 System Maintenance via FTP
Appendix A: Glossary

239

DoS Attack Type Description

SYN/SYN-ACK

Flooding

The attacker uses a fake IP address to send TCP request packets to

the Server. Upon receiving the request packets, the Server

responds with SYN-A

CK packets. Since the IP address is fake, no

response will be returned. The Server will keep on sending SYN-ACK

packets. If the attacker sends overflowing fake request packets, the

network resource will be occupied maliciously and the requests of

the legal clients will be denied.

winNuke Attack Since the Operation System with bugs cannot correctly process the

URG (Urgent Pointer) of TCP packets, the attacker sends this type of

packets to the TCP port139 (NetBIOS) of the Host with the

Operation System bugs

, which will cause the Host with a blue

screen.

Ping Of Death ICMP ECHO Request Packet whose sum of "Fragment Offset" and

"Total Length" fields in the IP header

is greater than 65535 may

cause Ping of Death attack.

As the maximum packet length of an

IPv4 packet including the IP header is 65,535 bytes, many computer

systems could not properly handle

this malformed or malicious

ICMP ECHO Request Packet. Thus, the hosts may break down or

reboot automatically when receive this kind of packet.

Table 13-1 Defendable DoS Attack Types

13.5.1 DoS Defend

On this page, you can enable the DoS Defend type appropriate to your need.

Choose the menu Network Security→DoS Defend→DoS Defend to load the following page.