ARP Inspection
ARP Inspection is a secure feature. Several types of attacks can be launched against a host or devices
connected to Layer 2 networks by "poisoning" the ARP caches. This feature is used to block such
attacks. Only valid ARP requests and responses can go through the switch device.
Auto-Negotiation
Auto-negotiation is the process where two different devices establish the mode of operation and the
speed settings that can be shared by those devices for a link.
D
DEI
DEI is an acronym for Drop Eligible Indicator. It is a 1-bit field in the VLAN tag.
DES
DES ( Data Encryption Standard) provides a complete description of a mathematical algorithm for
encrypting (enciphering) and decrypting (deciphering) binary coded information. Encrypting data
converts it to an unintelligible form called cipher. Decrypting cipher converts the data back to its
original form called plaintext. The algorithm described in this standard specifies both enciphering and
deciphering operations which are based on a binary number called a key.
DHCP
The DHCP (Dynamic Host Configuration Protocol) is used for assigning dynamic IP addresses to
devices on a network. DHCP used by networked computers (clients) to obtain IP addresses and other
parameters such as the default gateway, subnet mask, and IP addresses of DNS servers from a DHCP
server. The DHCP server ensures that all IP addresses are unique, for example, no IP address is assigned
to a second client while the first client's assignment is valid (its lease has not expired). Therefore, IP
address pool management is done by the server and not by a human network administrator.
Dynamic addressing simplifies network administration because the software keeps track of IP
addresses rather than requiring an administrator to manage the task. This means that a new computer
can be added to a network without the hassle of manually assigning it a unique IP address.
DHCP Relay
DHCP Relay is used to forward and to transfer DHCP messages between the clients and the server
when they are not on the same subnet domain. The DHCP option 82 enables a DHCP relay agent to
insert specific information into a DHCP request packets when forwarding client DHCP packets to a
DHCP server and remove the specific information from a DHCP reply packets when forwarding server
DHCP packets to a DHCP client. The DHCP server can use this information to implement IP address or
other assignment policies. Specifically the option works by setting two suboptions: Circuit ID (option 1)
and Remote ID (option2). The Circuit ID sub-option is supposed to include information specific to
which circuit the request came in on. The Remote ID sub-option was designed to carry information
relating to the remote host end of the circuit.
The definition of Circuit ID in the switch is 4 bytes in length and the format is "vlan_id" "module_id"
"port_no". The parameter of "vlan_id" is the first two bytes represent the VLAN ID. The parameter of
"module_id" is the third byte for the module ID (in standalone switch it always equal 0). The parameter
of "port_no" is the fourth byte and it means the por t number. The Remote ID is 6 bytes in length, and
the value is equal the DHCP relay agents MAC address.
DHCP Snooping
DHCP Snooping is used to block intruder on the untrusted ports of the switch device when it tries to
intervene by injecting a bogus DHCP reply packet to a legitimate conversation between the DHCP
client and server.
DNS
DNS (Domain Name System) stores and associates many types of information with domain names.
To Next Page
Loading...