Allied Telesis Rapier i Seriesの取扱説明書

デバイスAllied Telesis Rapier i Seriesの取扱説明書

デバイス: Allied Telesis Rapier i Series
カテゴリ: スイッチ
メーカー: Allied Telesis
サイズ: 0.23 MB
追加した日付: 3/12/2013
ページ数: 26
説明書を印刷

ダウンロード

使い方は?

私たちの目的は、皆様方にデバイスAllied Telesis Rapier i Seriesの取扱説明書に含まれたコンテンツを可能な限り早く提供することです。オンラインプレビューを使用すると、Allied Telesis Rapier i Seriesに関してあなたが抱えている問題に対する解決策の内容が素早く表示されます。

便宜上

説明書Allied Telesis Rapier i Seriesをこちらのサイトで閲覧するのに不都合がある場合は、2つの解決策があります:

  • フルスクリーン表示 – 説明書を(お使いのコンピュータにダウンロードすることなく)便利に表示させるには、フルスクリーン表示モードをご使用ください。説明書Allied Telesis Rapier i Seriesのフルスクリーン表示を起動するには、全画面表示ボタンを押してください。
  • コンピュータにダウンロード - Allied Telesis Rapier i Seriesの説明書をお使いのコンピュータにダウンロードし、ご自身のコレクションに加えることもできます。デバイス上のスペースを無駄にしたくない場合は、いつでもManualsBaseサイトでダウンロードすることもできます。
Allied Telesis Rapier i Series 取扱説明書 - Online PDF
Advertisement
« Page 1 of 26 »
Advertisement
印刷版

多くの人々は画面表示ではなく印刷された説明書を読むほうを好みます。説明書を印刷するオプションも提供されており、上記のリンクをクリックすることによりそれを利用できます - 説明書を印刷。説明書Allied Telesis Rapier i Seriesを全部印刷する必要はなく、選択したページだけを印刷できます。紙を節約しましょう。

要旨

次のページにある説明書Allied Telesis Rapier i Seriesの内容のプレビューは、以下にあります。次のページにある説明書の内容をすぐに表示したい場合は、こちらをご利用ください。

内容要旨
ページ1に含まれる内容の要旨

TM
AlliedWare OS
How To | Use DHCP Snooping, Option 82, and Filtering on
AT-8800, AT-8600, AT-8700XL, Rapier, and Rapier i
Series Switches
Introduction
It has increasingly become a legal requirement for service providers to identify which of their
customers were using a specific IP address at a specific time. This means that service
providers must be able to:
Know which customer was allocated an IP address at any time.
Guarantee that customers cannot avoid detection by spoofing an IP addre

ページ2に含まれる内容の要旨

Introduction This document contains the following contents: Introduction .............................................................................................................................................. 1 Which products and software version does this information apply to? .............................. 2 Related How To Notes ................................................................................................................... 3 DHCP snooping ............................

ページ3に含まれる内容の要旨

DHCP snooping Related How To Notes The following How To Note describes DHCP snooping on AT-9900, x900-48 and AT-8948 series switches: How To Use DHCP Snooping, Option 82, and Filtering on AT-9900 and x900-48 Series Switches The following How To Notes also use DHCP snooping in their solutions: How To Use MAC-Forced Forwarding with DHCP Snooping to Create Enhanced Private VLANs How To Create A Secure Network With Allied Telesis Managed Layer 3 Switches How To Use DHCP Snooping and ARP Secu

ページ4に含まれる内容の要旨

DHCP snooping The database The switch watches the DHCP packets that it is passing back-and-forth. It also maintains a database that lists the DHCP leases it knows are being held by devices downstream of its ports. Each lease in the database holds the following information: the MAC address of the client device the IP address that was allocated to that client time until expiry VLAN to which the client is attached the port to which the client is attached When inserting Option 82 information

ページ5に含まれる内容の要旨

DHCP snooping List of terms: MAC Address: The MAC address of the snooped DHCP client. IP Address: The IP address that has been allocated to the snooped DHCP client. Expires: The time, in seconds, until the DHCP client entry will expire. VLAN: The VLAN to which the snooped DHCP client is connected. Port: The port to which the snooped DHCP client is connected. ID: The unique ID for the entry in the DHCP snooping database. This ID is dynamically allocated to all clients. (The same ID can be seen i

ページ6に含まれる内容の要旨

DHCP snooping Trusted and non-trusted ports The concept of trusted and non-trusted ports is fundamental to the operation of DHCP snooping: Trusted ports connect to a trusted entity in the network, and are under the complete control of the network manager. Non-trusted ports connect an untrusted entity to the trusted network. Non-trusted ports can connect to non-trusted ports. In general, trusted ports connect to the network core, and non-trusted ports connect to subscribers. DHCP snooping

ページ7に含まれる内容の要旨

DHCP snooping Completely removing the DHCP snooping database To completely remove the database, it is necessary to delete the file nvs:bindings.dsn. Manager > delete fi=nvs:bindings.dsn nvs:bindings.dsn successfully deleted 1 file deleted. Info (1056003): Operation successful. Manager > enable dhcpsnooping DHCPSN_DB: Reloading static entries... Info (1137057): DHCPSNOOPING has been enabled. Manager > DHCPSN_DB: Reading entries from file... DHCPSN_DB: Full file name is: (nvs:bindings.dsn) DHCPSN_

ページ8に含まれる内容の要旨

DHCP Option 82 DHCP Option 82 DHCP Relay Agent Information Option 82 is an extension to the Dynamic Host Configuration Protocol (DHCP), and is defined in RFC 3046 and RFC 3993. DHCP Option 82 can be used to send information about DHCP clients to the authenticating DHCP server. DHCP Option 82 will identify the VLAN number, port number and, optionally a customer ID of a client, during any IP address allocation. When DHCP Option 82 is enabled on the switch, it inserts the above information int

ページ9に含まれる内容の要旨

DHCP Option 82 Protocol details In the DHCP packet, the Option 82 segment is organized as a single DHCP option containing one or more sub-options that convey information known by the relay agent. The format of the option is shown below: Code Len Agent Information Field +------+------+------+------+------+------+---+------+ | 82 | N | i1 | i2 | i3 | i4 | | iN | +------+------+------+------+------+------+---+------+ The sub-options with

ページ10に含まれる内容の要旨

DHCP Option 82 Analysis The following table provides an analysis of the strings in the above DHCP Request packet extract: Text Colour Analysis Green This is the Agent Circuit ID Blue This is the Agent Red This is the subscriber ID sub-option The Agent circuit ID string 00 30 00 05 translates as: 30 = vlan48 05 = switch port 5 Configuring Option 82 Different commands are used to turn on Option 82 depending on whether the switch is performing DHCP snooping or DHCP relay. For the DHCP snooping,

ページ11に含まれる内容の要旨

DHCP filtering DHCP filtering The purpose of DHCP filtering is to prevent IP addresses from being falsified or ‘spoofed’. This guarantees that customers cannot avoid detection by spoofing an IP address that was not actually allocated to them. DHCP filtering is achieved by creating dynamic classifiers. The dynamic classifiers are configured with DHCP snooping placeholders for the source IP address (and possibly source MAC address), to match on. The dynamic classifiers are attached to filters

ページ12に含まれる内容の要旨

DHCP filtering ARP security It is also possible to enable DHCP snooping ARP security. If enabled this will ensure that ARP packets received on non-trusted ports are only permitted if they originate from an IP address that has been allocated by DHCP. To enable DHCP snooping ARP security: enable dhcpsnooping arpsecurity DHCP snooping filter show command To see what addresses have been inserted into filters using DHCP snooping classifiers, use the command show dhcpsnooping filter: Manager > sh

ページ13に含まれる内容の要旨

DHCP filtering a maximum of 13 leases and ports 3 to 8 given 1 lease each. After that, no port could have its leases increased because the filter resource is completely used up. Note: On Allied Telesis switches, IGMP snooping and MLD snooping are enabled by default, which occupy 2 filter entries. To dedicate 119 entries to DHCP snooping, IGMP and MLD snooping would need to be disabled with disable igmpsnooping and disable mldsnooping. Disabling these services is not desirable if multicasting

ページ14に含まれる内容の要旨

Configuration examples Configuration examples This section contains the following examples: "Configuring the switch for DHCP snooping, filtering and Option 82, when it is acting as a layer 2 switch" on page 14 "Configuring the switch for DHCP snooping, filtering, and Option 82, when it is acting as a layer 3 BOOTP Relay Agent" on page 17 Configuring the switch for DHCP snooping, filtering and Option 82, when it is acting as a layer 2 switch In a layer 2 switching environment, a switch confi

ページ15に含まれる内容の要旨

Configuration examples Add the tagged uplink ports to the VLAN: add vlan="48" port=24 frame=tagged uplink Add the untagged ports for the customers: add vlan="48" port=1-23 This is a layer 2 solution. The IP protocol does not need to be configured. Enable DHCP snooping and Option 82 support: enable dhcpsnooping enable dhcpsnooping option82 It is also possible to enable DHCP snooping ARP security. If enabled, this will ensure that ARP packets received on non-trusted ports are only permitted i

ページ16に含まれる内容の要旨

Configuration examples Create a set of QoS classifiers: create classifier=50 tcpdport=20 create classifier=51 tcpdport=21 create classifier=52 tcpdport=23 create classifier=53 ethformat=ethii prot=0800 Classifiers will be applied in QoS to allow prioritisation or traffic shaping. The above example classifies FTP and telnet. Note: These switches do filtering by default. You do not need to write a rule to drop the traffic that doesn’t have a current binding in the DHCP database. Define the ups

ページ17に含まれる内容の要旨

Configuration examples Configuring the switch for DHCP snooping, filtering, and Option 82, when it is acting as a layer 3 BOOTP Relay Agent In a layer 3 routing environment, the switch takes on a role of BOOTP Relay Agent, with support for DHCP Option 82. The relay agent inserts the information mentioned above when forwarding client-originated DHCP packets to a DHCP server. DHCP servers that are configured to recognise the relay agent information option may use the information to keep a lo

ページ18に含まれる内容の要旨

Configuration examples Configure the switch’s IP: enable ip add ip int=vlan48 ip=10.11.67.254 mask=255.255.255.0 add ip int=vlan50 ip=10.50.1.254 mask=255.255.255.0 add ip rou=0.0.0.0 mask=0.0.0.0 int=vlan50 next=10.50.1.1 For layer 3 support, enable the BOOTP Relay: enable bootp relay add bootp relay=10.50.1.100 Here the DHCP server is set to 10.50.1.100. Enable DHCP snooping and Option 82 support: enable dhcpsnooping enable dhcpsnooping option82 Note: It is also possible to enable DHCP sn

ページ19に含まれる内容の要旨

Configuration examples Create a set of QoS classifiers: create classifier=50 tcpdport=20 create classifier=51 tcpdport=21 create classifier=52 tcpdport=23 create classifier=53 ethformat=ethii prot=0800 Classifiers will be applied in QoS to allow prioritisation or traffic shaping. The above example classifies FTP and telnet. Note: These switches do filtering by default. You do not need to write a rule to drop the traffic that doesn’t have a current binding in the DHCP database. Define the ups

ページ20に含まれる内容の要旨

Troubleshooting Troubleshooting Use the command enable dhcpsnooping debug=all to get the most verbose level of debugging available. In the following sections, all debugging comes from that command. Let’s look at how you can use debugging to investigate some common problem scenarios. No trusted ports configured In the following output, you can see that a DHCP request has arrived at the switch on port 1. The switch does not forward this on to any other port. DHCPSN_Process: [0b4333cc] DHCP Snoop


類似の説明書
# 取扱説明書 カテゴリ ダウンロード
1 Allied Telesis 24i 取扱説明書 スイッチ 24
2 Allied Telesis AT -8000S/24 取扱説明書 スイッチ 182
3 Allied Telesis 8100S 取扱説明書 スイッチ 28
4 Allied Telesis 4000 Series 取扱説明書 スイッチ 9
5 Allied Telesis 48W 取扱説明書 スイッチ 5
6 Allied Telesis AT -8000S/48 取扱説明書 スイッチ 33
7 Allied Telesis 86241-06 取扱説明書 スイッチ 0
8 Allied Telesis 613-001480 取扱説明書 スイッチ 4
9 Allied Telesis 8PS 取扱説明書 スイッチ 1
10 Allied Telesis AT-8100L/8POE 取扱説明書 スイッチ 3
11 Allied Telesis AT-8100S/24F-LC 取扱説明書 スイッチ 0
12 Allied Telesis AT-8000GS/48 取扱説明書 スイッチ 34
13 Allied Telesis AT-8100S/16F8-SC 取扱説明書 スイッチ 3
14 Allied Telesis AT-8100S/16F8-LC 取扱説明書 スイッチ 0
15 Allied Telesis AT-8100S/48 取扱説明書 スイッチ 6
16 Sony 4-296-436-11 (2) 取扱説明書 スイッチ 0
17 3Com 10/100BASE-TX 取扱説明書 スイッチ 61
18 3Com 2226-SFP 取扱説明書 スイッチ 688
19 3Com 16985ua.bk 取扱説明書 スイッチ 10
20 3Com 10BASE-T 取扱説明書 スイッチ 4