KTI Networks KGS-2416 User Manual

Page 12

background image

8

group, sends an unsolicited leave group membership report to the all-
routers group (244.0.0.2).

DHCP Snooping:

This feature enables the DHCP Snooping to include information about client
when forwarding DHCP requests from a DHCP client to a DHCP server via
Trust Port. DHCP snooping can be configured on LAN switches to harden
the security on the LAN to only allow clients with specific IP/MAC addresses
to have access to the network. In short, DHCP snooping ensures IP
integrity on a Layer 2 switched domain.

Power Saving:

The Power saving using the "ActiPHY Power Management" and "Perfect
Reach Power Management" two techniques to detect the client idle and
cable length automatically and provides the different power. It could efficient
to save the switch power and reduce the power consumption.

Q-in-Q VLAN for performance & security:

The VLAN feature in the switch offers the benefits of both security and
performance. VLAN is used to isolate traffic between different users and
thus provides better security. Limiting the broadcast traffic to within the
same VLAN broadcast domain also enhances performance. Q-in-Q, the use
of double VLAN tags is an efficient method for enabling Subscriber
Aggregation. This is very useful in the MAN.

Link Layer Discovery Protocol (LLDP)

IEEE Standard ─ 802.1AB ( Link Layer Discovery Protocol ) , Provide
more easy debug tool and enhance the networking management availability,
Others it can provide auto-discovery device and topology providing.

MVR:

Multicast VLAN Registration (MVR) can support carrier to serve content
provider using multicast for Video streaming application in the network.
Each content provider Video streaming has a dedicated multicast VLAN.
The MVR routes packets received in a multicast source VLAN to one or
more receive VLANs. Clients are in the receive VLANs and the multicast
server is in the source VLAN.

Access Control List (ACL):

The ACLs are divided into Ether Types. IPv4, ARP protocol, MAC and VLAN
parameters etc. Here we will just go over the standard and extended
access lists for TCP/IP. As you create ACEs for ingress classification, you
can assign a policy for each port, the policy number is 1-8, and however,
each policy can be applied to any port. This makes it very easy to
determine what type of ACL policy you will be working with.

IP-MAC-Port Binding:

The IP network layer uses a four-byte address. The Ethernet link layer uses
a six-byte MAC address. Binding these two address types together allows
the transmission of data between the layers. The primary purpose of IP-
MAC binding is to restrict the access to a switch to a number of authorized
users. Only the authorized client can access the Switch’s port by checking
the pair of IP-MAC Addresses and port number with the pre-configured
database. If an unauthorized user tries to access an IP-MAC binding
enabled port, the system will block the access by dropping its packet.

See also other documents in the category KTI Networks Computer Accessories: