User Guide

ManualsBrandsTP-LINK ManualsNetworkingTL-SG5428

161

162

163

164

165

166

167

168

169

170

Table Of Contents

Package Contents
Chapter 1 About this Guide
- 1.1 Intended Readers
- 1.2 Conventions
- 1.3 Overview of This Guide
Chapter 2 Introduction
- 2.1 Overview of the Switch
- 2.2 Main Features
- 2.3 Appearance Description
  - 2.3.1 Front Panel
  - 2.3.2 Rear Panel
Chapter 3 Login to the Switch
- 3.1 Login
- 3.2 Configuration
Chapter 4 System
- 4.1 System Info
- 4.2 User Management
  - 4.2.1 User Table
  - 4.2.2 User Config
- 4.3 System Tools
- 4.4 Access Security
Chapter 5 Switching
- 5.1 Port
- 5.2 LAG
- 5.3 Traffic Monitor
  - 5.3.1 Traffic Summary
  - 5.3.2 Traffic Statistics
- 5.4 MAC Address
Chapter 6 VLAN
- 6.1 802.1Q VLAN
  - 6.1.1 VLAN Config
  - 6.1.2 Port Config
- 6.2 Protocol VLAN
- 6.3 VLAN VPN
  - 6.3.1 VPN Config
  - 6.3.2 Port Enable
- 6.4 GVRP
- 6.5 Private VLAN
  - 6.5.1 PVLAN Config
  - 6.5.2 Port Config
- 6.6 Application Example for 802.1Q VLAN
- 6.7 Application Example for Protocol VLAN
- 6.8 Application Example for Private VLAN
Chapter 7 Spanning Tree
- 7.1 STP Config
  - 7.1.1 STP Config
  - 7.1.2 STP Summary
- 7.2 Port Config
- 7.3 MSTP Instance
- 7.4 STP Security
  - 7.4.1 Port Protect
  - 7.4.2 TC Protect
- 7.5 Application Example for STP Function
Chapter 8 Multicast
- 8.1 IGMP Snooping
- 8.2 Application Example for Multicast VLAN
- 8.3 Multicast IP
  - 8.3.1 Multicast IP Table
  - 8.3.2 Static Multicast IP
- 8.4 Multicast Filter
  - 8.4.1 IP-Range
  - 8.4.2 Port Filter
- 8.5 Packet Statistics
Chapter 9 QoS
- 9.1 DiffServ
- 9.2 Bandwidth Control
  - 9.2.1 Rate Limit
  - 9.2.2 Storm Control
- 9.3 Voice VLAN
Chapter 10 ACL
- 10.1 Time-Range
- 10.2 ACL Config
- 10.3 Policy Config
- 10.4 Policy Binding
- 10.5 Application Example for ACL
Chapter 11 Network Security
- 11.1 IP-MAC Binding
- 11.2 ARP Inspection
- 11.3 IP Source Guard
- 11.4 DoS Defend
  - 11.4.1 DoS Defend
- 11.5 802.1X
Chapter 12 SNMP
- 12.1 SNMP Config
- 12.2 Notification
- 12.3 RMON
Chapter 13 LLDP
- 13.1 Basic Config
  - 13.1.1 Global Config
  - 13.1.2 Port Config
- 13.2 Device Info
  - 13.2.1 Local Info
  - 13.2.2 Neighbor Info
- 13.3 Device Statistics
Chapter 14 Cluster
- 14.1 NDP
- 14.2 NTDP
- 14.3 Cluster
- 14.4 Application Example for Cluster Function
Chapter 15 Maintenance
- 15.1 System Monitor
  - 15.1.1 CPU Monitor
  - 15.1.2 Memory Monitor
- 15.2 Log
- 15.3 Device Diagnostics
  - 15.3.1 Cable Test
  - 15.3.2 Loopback
- 15.4 Network Diagnostics
  - 15.4.1 Ping
  - 15.4.2 Tracert
Chapter 16 System Maintenance via FTP
Appendix A: Specifications
Appendix B: Configuring the PCs
Appendix C: 802.1X Client Software
Appendix D: Glossary

Figure 11-7 DHCP Cheating Attack Implementation Procedure

DHCP Snooping feature only allows the port connected to the DHCP Server as the trusted port to

forward DHCP packets and thereby ensures that users get proper IP addresses. DHCP Snooping

is to monitor the process of the Host obtaining the IP address from DHCP server, and record the IP

address, MAC address, VLAN and the connected Port number of the Host for automatic binding.

The bound entry can cooperate with the ARP Inspection, IP Source Guard and the other security

protection features. DHCP Snooping feature prevents the network from the DHCP Server

Cheating Attack by discarding the DHCP packets on the distrusted port, so as to enhance the

network security.

Choose the menu Network Security→IP-MAC Binding→DHCP Snooping to load the following

page.

152