Procedencia de la prueba pericial - Conceptualización de la prueba pericial

1. Conceptualización de la prueba pericial

1.2 Procedencia de la prueba pericial

SKA refers to Secure Customer Connections. In this menu, it provides DHCP snooping, DHCP option 82, DHCP layer 2 relay and customer port (Port number 1~22) filtering functions.

DHCP Option 82 Guidelines

The Managed Switch can add information about the source of client DHCP requests that relay to DHCP server by adding Relay Agent Information. This helps provide authentication about the source of the requests. The DHCP server can then provide an IP address based on this information. The feature of DHCP Relay Agent Information adds Agent Information field to the Option 82 field that is in the DHCP headers of client DHCP request frames.

Guidelines:

 Enable DHCP Option 82 Relay Agent global setting.

 Create Option 82 and trust port setting.

 Create Static IP table for authorized IP address.

 Each port‟s (Port Number 1~22) configuration for DHCP, Static IP or Unlimited.

Select the folder SKA Configuration from the Switch Management menu and then the following screen page appears.

1. DHCP Option 82 Settings: To enable or disable DHCP Option 82 relay agent global setting and show each port‟s configuration.

2. DHCP Port Settings: Customer port (Port 1~22) DHCP snooping setting.

3. Filter Configuration: Customer port (Port 1~22) filtering setting.

4. Static IP Table Configuration: To create static IP table for DHCP snooping setting.

4.4.14.1 DHCP Option 82 Settings

Select the option DHCP Option 82 Settings from the SKA Configuration menu and then the following screen page appears.

Opt82 Port Setting:

Relay Agent: To enable or disable DHCP Option 82 Relay Agent Global setting. When enabled, Relay Agent Information option is inserted by the DHCP relay agent when forwarding client-originated DHCP packets to a DHCP server. Servers recognizing the Relay Agent Information option may use the Information to implement IP address or other parameter assignment policies. Switch or Router (as the DHCP relay agent) intercepting the DHCP requests, appends the circuit ID + remote ID into the option 82 fields and forwards the request message to DHCP server.

Opt82 Port: By default, port 1~22 are Opt82-enabled ports.

Enable (V): Add Agent information.

Disable: Forward.

Trust Port Setting:

Trust Port: Select “V” if you would like ports to become trust ports. The trusted ports will not discard DHCP messages.

For example:

A DHCP request is from Port 1 that is marked as both Opt 82 port and trust port.

A. If a DHCP request is with Opt 82 Agent information and then the Managed Switch will forward it.

B. If a DHCP request is without Opt82 Agent information and then the Managed Switch will add Opt82 Agent information and forward it.

A DHCP request is from Port 2 that is marked as Opt 82 port.

A. If a DHCP request is with Opt82 Agent information and then the Managed Switch will drop it because it is not marked as a trust port.

B. If a DHCP request is without Opt82 Agent information and then the Managed Switch will add Opt82 Agent information and then forward it.

4.4.14.2 DHCP Port Settings

Select the option DHCP Port Settings from the SKA Configuration menu and then the following screen page appears.

Unlimited: Non-Limited (Static IP or DHCP-assigned IP).

DHCP: DHCP-assigned IP address only.

Fixed IP: Only Static IP (You must create Static IP table first. Refer to Static IP Table Configuration for further information.).

4.4.14.3 Filter Configuration

Select the option Filter Configuration from the SKA Configuration menu and then the following screen page appears.

DHCP Snooping: Enable or disable DHCP Snooping function.

NOTE: The connection between the Managed Switch and DHCP server can only be made via uplink ports (port 23~24).

Initiated Time: Specify the time value (0~9999 Seconds) that packets might be received.

Leased Time: Specify packets‟ expired time (180~259200 Seconds).

Port Isolation: Enable or disable port isolation function. If port isolation is set to enable, the customer port (port 1~22) can‟t communicate to each other.

IPv6 Filter: Enable or disable IPv6 filter. When enabled, IPv6 packets will be dropped.

UPnP Filter: Enable or disable UPnP filter. When enabled, UPnP packets will be dropped.

4.4.14.4 Static IP Table Configuration

Select the option Static IP Table Configuration from the SKA Configuration menu and then the following screen page appears.

IP Address: View-only field that shows the current static IP address.

Mask Address: View-only field that shows the current Mask address.

VLAN ID: View-only field that shows the VLAN ID.

Click New to register a new Static IP address and then the following screen page appears.

Click Edit to edit and view Static IP Table settings.

Use Delete to remove a current Static IP address.

Current/Total/Max Group Nums: View-only field.

Current: This shows the number of current registered Static IP address(es).

Total: This shows the total number of registered Static IP address(es).

Max: This shows the maximum number available for Static ID address registration.

IP address: Specify an IP address that you accept.

Mask Address: Specify the Mask address.

VLAN ID: Specify the VLAN ID. (0 means without VLAN ID) Port: Specify the communication port number. (Port 1~22)

4.4.14.5 Configuring DHCP Snooping

When you want to use DHCP Snooping function, follow the steps described below to enable a client to receive an IP from DHCP server.

Step 1. Select each port’s IP type

Select “Unlimited” or “DHCP”

Step 2. Enable DHCP Snooping

Step 3. Connect your clients to the Managed Switch

After you complete Step 1 & 2, connect your clients to the Managed Switch. Your clients will send a DHCP Request out to DHCP Server soon after they receive a DHCP offer. When DCHP Server responds with a DHCP ACK message that contains lease duration and other configuration information, the IP configuration process is complete.

If you connect clients to the Managed Switch before you complete Step 1 & 2, please disconnect your clients and then connect your clients to the Managed Switch again to enable them to initiate conversations with DHCP server.

In document La prueba pericial en el Código General del Proceso: la paradoja de juzgar desde la ignorancia. Autor: Camilo Cárdenas Herrera. (página 11-14)