Manual NETGEAR 7000 Series

220 pages 2.99 mb

Download

Go to site of 220

Prev Next

Summary

NETGEAR 7000 Series - page 1

202-10238-02 May 2008 NETGEAR , Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA NETGEAR 7000 Series Managed Switch Administration Guide Ve r s i o n 7 . 2 ...
NETGEAR 7000 Series - page 2

ii v1.0, May 2008 © 2008 by NETGEAR, Inc. All rights reserved. T rademarks NETGEAR and Auto Uplink are trademarks or regis ter ed trademarks of NETGEAR , Inc. . Microsoft, W indows, and W indow s NT are registered trademar ks of Microsoft Corporation. Other brand and product names are registered trademarks or trad emarks of their respective holder ...
NETGEAR 7000 Series - page 3

v1.0, May 2008 iii • This device may not cause harmful interference, and • This device must accept any inte rference received, including interferen ce that may caus e undesired operation. FCC Requirement s for Operation in the United St ates Radio Frequency In terfe rence Warnings & Instructions This equipment has been tested and f ound to ...
NETGEAR 7000 Series - page 4

v1.0, May 20 08 iv Product and Publication Det ails Model Number: 7xxx Publication Date: May 2008 Product Family: Managed Switch Product Name: 7000 Series Managed Switch Home or Business Prod uc t: Business Language: Engl ish Publication Part Number: 202-10238-02 Publication V ersion Number: 1.0 ...
NETGEAR 7000 Series - page 5

v v1.0, May 2008 Content s NETGEAR 7000 Series Managed Switch Ad ministration Guide V ersion 7.2 About This Manual Conventions, Formats and Scope ............................ ............. ................. ................ ......... xv How to Use This Manual ................. ................ ............. ................ ................ ....... ...
NETGEAR 7000 Series - page 6

vi v1.0, May 2008 Setting Up the Switch IP Address .... ... ... ... .... ............ ............. ................. ............ ............ 3-2 Assigning Switch Name and Location Informat ion .......... ................ ............. ................ .. 3-3 Saving the Configuration ................. ................ ................ ........... ...
NETGEAR 7000 Series - page 7

vii v1.0, May 2008 VLAN Routing RIP Configuration .............. ... ... ... .... ... ... ... .... ... ... ... .... ... ... ... ............. .. 7-7 CLI Example ...... ............. ................. ............ ................. ............. ................ ........ 7-8 VLAN Routing OSPF Configuration .......... ... ...... ................. ... ...
NETGEAR 7000 Series - page 8

viii v1.0, May 2008 Example #2: Configure a One-Way Access Using a TCP Flag in an ACL .......... ..... 9-4 CLI Commands .. ................. ............. ................ ................ ............. ................ ..... 9-5 Web Interface Procedure ....... ... ... .... ... ... ... ............. ... .... ... ... ... .... ... ... ... ... ....... ...
NETGEAR 7000 Series - page 9

ix v1.0, May 2008 Chapter 12 IGMP Snooping Overview ............. ................ ................ ................ ................ ................ ................ ......... .1 2 - 1 CLI Examples . ............. ................ ............. ................ ................. ............. ................ ...... 12- 1 Example #1: Enable IGMP ...
NETGEAR 7000 Series - page 10

x v1.0, May 2008 Example #4: session-limit and session-timeout ........ ................ ................ ............. 16-3 Chapter 17 Port Mirroring Overview ............. ................ ................ ................ ................ ................ ................ ......... .1 7 - 1 CLI Examples . ............. ................ ......... ...
NETGEAR 7000 Series - page 11

xi v1.0, May 2008 Switch S tack Cabling (FSM73xxS) ............ ... ............. ............. ................ ............. ... 20-4 S tack Master Election and Re-Election ..... ...... ................ ............. ................ .......... 20-5 S tack Member Numbers .. ................ ............. ................ ............. ........... ...
NETGEAR 7000 Series - page 12

xii v1.0, May 2008 Chapter 22 IGMP Querier CLI Examples . ............. ................ ............. ................ ................. ............. ................ ...... 22- 2 Example #1: Enable IGMP Querier . .......... ... ............. ................ ............. ............. ... 22-2 Example #2: Show IGMP Querier St at us .. ......... ...
NETGEAR 7000 Series - page 13

xiii v1.0, May 2008 Example .............. ................ ................ ................ ................ ................ ................ ......... .2 6 - 1 Example 1#: Enable 802.1x Authentication on One Port in a VLAN ... ... ... ... .... ... ... 26-1 CLI Commands .. ................. ............. ................ ............. .......... ...
NETGEAR 7000 Series - page 14

xiv v1.0, May 2008 ...
NETGEAR 7000 Series - page 15

xv v1.0, May 2008 About This Manual The NETGEAR 7000 Series Managed Switch Ad ministrat ion Guide V ersion 7.2 describes how to install, configure and trou bleshoot the 7000 Se ries Managed Switch. The informa tion in this manual is intended for readers with intermediate computer and Internet skills. Conventions, Format s and Scope The conventions, ...
NETGEAR 7000 Series - page 16

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 xvi v1.0, May 2008 • Scope. This manual is written for the 7000 Series Managed Switch according to these specifications: . How to Use This Manual The HTML version of this manual, if provided, includ es the following: • Buttons, and , for browsing forwards or backwards through ...
NETGEAR 7000 Series - page 17

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 xvii v1.0, May 2008 • Click the PDF of This Chapter link at the top left of any page in the chapter you want to print. The PDF version of the chapter you were viewing o pens in a browser window . • Click the print icon in the upper left of your browser window . – Printing a ...
NETGEAR 7000 Series - page 18

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 xviii v1.0, May 2008 ...
NETGEAR 7000 Series - page 19

1-1 v1.0, May 2008 Chapter 1 Introduction This document provid es an understanding of th e CLI and W eb configuratio n options for software Release 7.2 features. Document Organization This document provides exa mples of the use of the switch software in a typical network. It describes the use and advantages of specific f unctions provided by the 70 ...
NETGEAR 7000 Series - page 20

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 1-2 Introduction v1.0, May 2008 – Class of Service (CoS) – Differentiated Services • Multicast – IGMP Snooping • Security – Denial of Service – Port Security • Operating System – Dual Configuration •T o o l s –A l a r m M a n a g e r – T raceroute – Confi ...
NETGEAR 7000 Series - page 21

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Introduction 1-3 v1.0, May 2008 CLI Document ation The Command Line Refer ence provides information about the CLI commands used to configure the switch and the sta ck . The do cument provides CLI descriptions, syntax, and default values. Refer to the Command Line Refer ence for in ...
NETGEAR 7000 Series - page 22

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 1-4 Introduction v1.0, May 2008 ...
NETGEAR 7000 Series - page 23

2-5 v1.0, May 2008 Chapter 2 Getting S tarted Connect a terminal to the sw itch to begin configuration. In-band and Out-of-band Connectivity Ask the system administrator to determine whet her you will configure the switch for in-band or out-of-band connec tivity . Configuring for In -band Connectivity In-band connectivity allows you to access the s ...
NETGEAR 7000 Series - page 24

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-6 Getting Started v1.0, May 2008 gateway IP address of the default r outer , if the switch is a node outside the IP range of the LAN MAC Address MAC address of the switch When you connect the switch to the network for th e first time after setting up the BootP or DHCP server , i ...
NETGEAR 7000 Series - page 25

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Getting Started 2-7 v1.0, May 2008 6. Set the IP address, subnet mask, and gate way address by issue the following command: config network parms ipaddress netmask g ateway 7. T o enable these changes to be retained during a reset of the switch, type Ctrl-Z to return to the main pr ...
NETGEAR 7000 Series - page 26

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-8 Getting Started v1.0, May 2008 d. Set the flow control to none. e. Select the proper mode under Properti es . f. Select T erminal keys. 3. Connect the female connec tor of the RS-232 cr ossover cable directly to the switch console port, and tighten the captive retaining screws ...
NETGEAR 7000 Series - page 27

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Getting Started 2-9 v1.0, May 2008 • The console co nnection was establish ed and the console prompt appears on the screen of a VT100 terminal or terminal equivalent. The initial switch configuratio n is performed through the c onsole port. After the initial configuration, you c ...
NETGEAR 7000 Series - page 28

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-10 Getting Started v1.0, May 2008 Sof tware Installation This section contains procedures to help you b ecome acquainted quickly with the switch software. Before installing switch software, you should verify that the switch operates with the most recent firmware. Quick S t artin ...
NETGEAR 7000 Series - page 29

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Getting Started 2-11 v1.0, May 2008 • Uploading from Network ing Device to Out-of-Band PC (Only XMODEM) • Downloading from Out-of-Ban d PC to Networking Device ( Only XMODEM) • Downloading from TFTP Server • Restoring factory defaults If you configure any network parameter ...
NETGEAR 7000 Series - page 30

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-12 Getting Started v1.0, May 2008 copy system:run- ning-config nvram:startup- config Privileged EXEC Saves passwords and all other changes to the device. If you do not save the configurat ion, all changes are lost when you power down or reset the networking device. In a stackin ...
NETGEAR 7000 Series - page 31

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Getting Started 2-13 v1.0, May 2008 copy nvram:error- log <tftp:// <ipaddress>/ <filepath>/<file- name>> Privileged EXEC Starts the error log upload, displays the mode and typ e of upload and confirms th e upload i s progressing. The URL must be specified a ...
NETGEAR 7000 Series - page 32

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-14 Getting Started v1.0, May 2008 copy <tftp:// <ipaddress>/ <filepath>/<file- name>> sys- tem:image Privileged EXEC Sets the destination (downlo ad) datatype to be an image. The URL must be specified as: tftp://<ipaddress>/<filepath>/<fi l ...
NETGEAR 7000 Series - page 33

3-1 v1.0, May 2008 Chapter 3 Using Ezconfig for Switch Setup Ezconfig is an interactive utility that provides a si mplified procedure for setting up the following switch parameters: • Switch management IP add r ess • Switch admin user pa sswo rd • Switch name and location Ezconfig can be entered either in Global Conf ig mo de (#) or in Displa ...
NETGEAR 7000 Series - page 34

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 3-2 Using Ezconfig for Switch Setup v1.0, May 2008 Changing the Password The first question it will ask is whet her you wish to change the admin passw ord. For security reasons, you should change the password by typing Y . If you have already set the password and do not wish to ch ...
NETGEAR 7000 Series - page 35

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Using Ezconfig for Switch Setup 3-3 v1.0, May 2008 If an IP address is already assigned, and you do not wish to change the IP address again, simply type N. Assigning Switch Name and Location Information Ezconfig will proceed to the next step in the setup: Saving the Configuration ...
NETGEAR 7000 Series - page 36

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 3-4 Using Ezconfig for Switch Setup v1.0, May 2008 If during the session, the switch loses its po wer , the setup informat ion will be lost if Ezconfig does not have the chance to save th e changes before power-down. ...
NETGEAR 7000 Series - page 37

4-1 v1.0, May 2008 Chapter 4 Using the W eb Interface This chapter is a brief introduction to the web in terface; for example, it ex plains how to access the W eb-based management panels to con figure and m anage the system. Y ou can manage your switch through a W eb brow ser and Internet connection. This is referred to as W eb-based managem ent. T ...
NETGEAR 7000 Series - page 38

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 4-2 Using the Web Interf ace v1.0, May 2008 2. Enable W eb mode: a. At the CLI prompt, enter the show network command. b. Set Web Mode to Enabled. S t arting the Web Interface Follow these steps to start the switch W eb interface: 1. Enter the IP address of the switch in the W eb ...
NETGEAR 7000 Series - page 39

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Using the Web Interfa ce 4-3 v1.0, May 2008 The switch can accommodate two types of u sers: administrative use rs and guests. An administrative user may configur e the switch for network application, but a guest may not. The guest may only view the settings an d status of the netw ...
NETGEAR 7000 Series - page 40

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 4-4 Using the Web Interf ace v1.0, May 2008 The new PCC web interface has the follo wing four new significant features: 1. A layout change: The new layout or ganizes the navigation pane into two rows of tags, as shown in the following screen: • Main T a gs The PCC provides th e ...
NETGEAR 7000 Series - page 41

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Using the Web Interfa ce 4-5 v1.0, May 2008 –I n d e x This tag contains the site index that allows direct access to any of the pages under the main tags and sub tags. • Sub T ags The sub tag content changes depending on the selected main tag. In turn, each sub tag provides fu ...
NETGEAR 7000 Series - page 42

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 4-6 Using the Web Interf ace v1.0, May 2008 Configuring an SNMP V3 User Profile Configuring an SNMP V3 user profile is a part o f user configuration. Any user can connect to the switch using the SNMPv3 protocol, but for authentication and encryption, additional steps are needed. U ...
NETGEAR 7000 Series - page 43

5-1 v1.0, May 2008 Chapter 5 V irtual LANs Adding V irtual LAN (VLAN) support to a Layer 2 switch offers some of the bene fits of both bridging and routing . Like a bridge, a VLAN switch forwards traffic based on the Layer 2 head er , which is fast, and like a router , it partitions the network into lo gical segments, which prov ides better adminis ...
NETGEAR 7000 Series - page 44

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 5-2 Virtual LANs v1.0, May 2008 VLAN Configuration Example The diagram in this section shows a switch with four ports configured to handle the traffic for two VLANs. port 1/0/2 handles traf fic for both VLANs, while port 1/0/1 is a member of VLAN 2 only , and ports 1/0/3 and 1/0/4 ...
NETGEAR 7000 Series - page 45

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Virtual LANs 5-3 v1.0, May 2008 Example #2: Assign Port s to VLAN2 This sequence shows how to assign ports to VLAN2, specify that frames w ill always be transmitted tagged from all member ports, and that untagged frames will be rejected on receipt. Example #3: Assign Port s to VLA ...
NETGEAR 7000 Series - page 46

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 5-4 Virtual LANs v1.0, May 2008 Graphical User Interface Use the following screens to pe rform the same configuration usin g the Graphical User Interface: • Switching --> VLAN- -> Configuration . T o create the VLANs and specify port participation. • Switching --> VLA ...
NETGEAR 7000 Series - page 47

6-1 v1.0, May 2008 Chapter 6 Link Aggregation This section includes instruc tions on configuring Link Aggregation u sing the Command Line Interface and the Graphical User Interface. Link Aggregation (LAG) allows the switch to treat multiple physical l inks between two end-points as a single logical link. All of the physical links in a given LAG mus ...
NETGEAR 7000 Series - page 48

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 6-2 Link Aggr egation v1.0, May 2008 Figure 6-1 shows the example network. Example #1: Create two LAGS Use the show port-c hannel all command to show the logical interface ids you will use to identify the LAGs in subsequent c ommands. Assume that lag_10 is assigned id 1/1/1 and la ...
NETGEAR 7000 Series - page 49

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Link Aggregatio n 6-3 v1.0, May 2008 Example #2: Add the port s to the LAGs Example #3: Enable both LAGs By default, the system en ables link trap notification At this point, the LAGs could be added to VLANs. (Netgear Switch) #config (Netgear Switch) (Config)#interface 0/2 (Netgea ...
NETGEAR 7000 Series - page 50

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 6-4 Link Aggr egation v1.0, May 2008 ...
NETGEAR 7000 Series - page 51

7-1 v1.0, May 2008 Chapter 7 IP Routing Services IP routing services are divided into five areas : • Port Routing • VLAN Routing • Routing Information Protocol (RIP) • Open Shortest Path First (OSPF) Protocol • Proxy Address Resolut ion Protocol (ARP) Port Routing The first networks were small en ough for the end stations to co mmunicate ...
NETGEAR 7000 Series - page 52

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-2 IP Routing Services v1.0, May 2008 Port Routing Configuration The 7000 Series M anaged Switch always supp orts Layer 2 bridging, but Layer 3 routing must be explicitly enabled, first for the 7000 Series Managed Switch as a wh ole, and then for each port which is to participate ...
NETGEAR 7000 Series - page 53

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-3 v1.0, May 2008 CLI Examples This diagram shows a Layer 3 switch configured fo r port routing. It co nnects three different subnets, each connected to a diff erent port. Th e script shows the comm ands you would use to configure a 7000 Series Managed Switch ...
NETGEAR 7000 Series - page 54

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-4 IP Routing Services v1.0, May 2008 Example #2: Enabling Routing for Port s on the Switch Use the following commands to enable routing for ports on th e switch. The de fault link-level encapsulation format is Ethernet. Configure the IP addresses and subnet masks for the ports. ...
NETGEAR 7000 Series - page 55

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-5 v1.0, May 2008 The next section will show you how to config ure the 7000 Series Managed Switch to support VLAN routing and how to use RIP and OSPF . A port may be either a VLAN port or a router port, but not both. However , a VLAN port may be pa rt of a VLA ...
NETGEAR 7000 Series - page 56

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-6 IP Routing Services v1.0, May 2008 Example #1: Create T wo VLANs The following code sequence show s an example of creating two VL ANs with egress frame tagging enabled. Example #2: Set Up VLAN Routing for the VLANs and the Switch. The following code sequence shows ho w to enab ...
NETGEAR 7000 Series - page 57

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-7 v1.0, May 2008 The next sequence shows an e xample of config uring the IP addresses and subnet masks for the virtual router ports. VLAN Routing RIP Configuration Routing Information Prot ocol (RIP) is one of the pro tocols which may be used by routers to ex ...
NETGEAR 7000 Series - page 58

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-8 IP Routing Services v1.0, May 2008 CLI Example This example adds support for RIPv2 to the co nfiguration created in the base VLAN routing example. A second router , using port routing rath er than VLAN routing, has been added to the network. Figure 7-3 ...
NETGEAR 7000 Series - page 59

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-9 v1.0, May 2008 Example of configuring VLAN Rou ting with RIP support on a 7000 Series Managed Switch (Netgear Switch) #vlan data (Netgear Switch) (Vlan)#vlan 10 (Netgear Switch) (Vlan)#vlan 20 (Netgear Switch) (Vlan)#vlan routing 10 (Netgear Switch) (Vlan)# ...
NETGEAR 7000 Series - page 60

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-10 IP Routing Services v1.0, May 2008 VLAN Routing OSPF Configuration For larger networks Open Shortest Path First (OSP F) is generally used in preference to RIP . OSPF offers several benefits to the administrator of a large and/or complex network: • Less network traffic: – ...
NETGEAR 7000 Series - page 61

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-11 v1.0, May 2008 Example of configuring OSPF on a 7000 Series Managed Switch acting as an inter-area router : (Netgear Switch) #vlan data (Netgear Switch) (Vlan)#vlan 10 (Netgear Switch) (Vlan)#vlan 20 (Netgear Switch) (Vlan)#vlan routing 10 (Netgear Switch) ...
NETGEAR 7000 Series - page 62

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-12 IP Routing Services v1.0, May 2008 Routing Information Protocol Routing Information Prot ocol (RIP) is one of the pro tocols which may be used by routers to exchange network topology informa tion. It is characterized as an “interior” ga teway protocol, and is typically us ...
NETGEAR 7000 Series - page 63

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-13 v1.0, May 2008 • T o prevent any RIP packets from being transmitted CLI Examples The configuratio n commands used in the follo wing example enable RIP o n ports 1/0/2 and 1/0/3 as shown in the network illustrated in Figure 7-4 Example #1: Enable Routing ...
NETGEAR 7000 Series - page 64

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-14 IP Routing Services v1.0, May 2008 Example #2: Enable Routing for Port s The following command sequence en ables routing and assigns IP addresses for ports 1/0/2 and 1/ 0/3. Example #3: Enable RIP for the Switch The next sequence enables RIP for the switch. the route preferen ...
NETGEAR 7000 Series - page 65

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-15 v1.0, May 2008 Example #4: Enable RIP for port s 1/0/2 and 1/0/3 This command sequence en ables RIP for ports 1/0/2 and 1/0/3. Au thentication defaults to none, and no default route entry is created. The commands specify that both ports receive both RIPv1 ...
NETGEAR 7000 Series - page 66

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-16 IP Routing Services v1.0, May 2008 • Intra-area • Inter-area • External type 1: the route is external to the AS • External T ype 2: the route was learned from other protocol s such as RIP CLI Examples The examples in this section show you how to co nfigure a 7000 Seri ...
NETGEAR 7000 Series - page 67

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-17 v1.0, May 2008 Example #1: Configuring an Inter-Are a Router Enable Routing for the Switch. The following command sequence enables ip routing for the switch. Assign IP Addresses for Ports. The following sequence enables routing and assigns IP addresses for ...
NETGEAR 7000 Series - page 68

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-18 IP Routing Services v1.0, May 2008 Specify Router ID and Enable OSPF for the Switch. The following sequence specifies the router ID and enables OSPF for the switch. Set disable1583 compatibility to prevent the routing loop. Enable and Configure OSPF for the Ports. The followi ...
NETGEAR 7000 Series - page 69

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-19 v1.0, May 2008 Example #2: Configuring OSPF on a Border Router Figure 7-6 ...
NETGEAR 7000 Series - page 70

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-20 IP Routing Services v1.0, May 2008 The following example configures OSPF on a 7000 Series Mana ged Switch operating as a border router: Enable routing for the switch. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing Enable routing & assign IP for ports 1/0/2, ...
NETGEAR 7000 Series - page 71

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-21 v1.0, May 2008 Proxy Address Resoluti on Protocol (ARP) This section describes the Proxy Address Resolution Protocol (ARP) feature. Overview • Proxy ARP allows a router to answer ARP requests where the target IP address is not the router itself but a des ...
NETGEAR 7000 Series - page 72

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-22 IP Routing Services v1.0, May 2008 CLI Examples The following are examples of the comm ands used in the proxy ARP feature. Example #1: show ip interface Example #2: ip proxy-arp (Netgear Switch) #show ip interface ? <slot/port> Enter an in terface in slot/port format. b ...
NETGEAR 7000 Series - page 73

8-1 v1.0, May 2008 Chapter 8 V i rtual Router Redundancy Protocol When an end station is statically configured w ith the address of the router that will handle its routed traf fic, a single point of failure is intro duced into the network. If the router goes down, the end station is unable to communicate. Since sta tic configuration is a co nvenien ...
NETGEAR 7000 Series - page 74

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 8-2 Virtual Router Redun dan cy Protocol v1.0, May 2008 CLI Examples This example shows how to configure the 7000 Series Manag ed Switch to support V RRP . Router 1 will be the default master router for the virtual route, and Router 2 will be the backup router . Figure 8-1 ...
NETGEAR 7000 Series - page 75

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Virtual Router Redunda ncy Pr otocol 8-3 v1.0, May 2008 Example #1: Configure VR RP on a Master Router The following is an examp le of configurin g VRRP on a 7000 Series Managed Switch acting as the master router: Enable routing for the switch. IP forwardi ng will then be enabled ...
NETGEAR 7000 Series - page 76

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 8-4 Virtual Router Redun dan cy Protocol v1.0, May 2008 Example #2: Configure VR RP on a Backup Router The following is an examp le of configurin g VRRP on a 7000 Series Managed Switch acting as the backup route r: Enable routing for the switch. IP forwardi ng will then be enabled ...
NETGEAR 7000 Series - page 77

9-1 v1.0, May 2008 Chapter 9 Access Control List s (ACLs) This section describes the Access Control Lists (ACLs) feat ure . Overview Access Control Lists (ACLs) can control the traffic entering a network. Normally ACLs reside in a firewall router or in a router connecting two internal network s. Wh en you configure ACLs, yo u can selectively admit ...
NETGEAR 7000 Series - page 78

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-2 Access Control Lists (ACLs) v1.0, May 2008 • Destination MAC address with mask • VLAN ID (or range of IDs) • Class of Service (CoS) (802.1p) • Ethertype • L2 ACLs can apply to one or mo re interfaces • Multiple access lists can be a pplied to a single interface - s ...
NETGEAR 7000 Series - page 79

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-3 v1.0, May 2008 Process T o configure ACLs, follow these steps: • Create an ACL by specifying a name (MAC ACL) or a number (IP ACL) • Add new rules to the ACL • Configure the match criteria for the rules • Apply the ACL to one or more interf ...
NETGEAR 7000 Series - page 80

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-4 Access Control Lists (ACLs) v1.0, May 2008 Example #2: Configure a One-W ay Access Using a TCP Flag in an ACL This example shows how to set up one-way web access using a TCP flag in an ACL. PC1 can access FTP server1 and FTP serve r2 but PC2 only access FTP server2. Create ACL ...
NETGEAR 7000 Series - page 81

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-5 v1.0, May 2008 The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to configure the GSM724 8R, enter the following CLI commands: Step 1: Configure the GSM7248R (see Figure 9-2 ) Create VLAN 30 with p ...
NETGEAR 7000 Series - page 82

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-6 Access Control Lists (ACLs) v1.0, May 2008 Create VLAN 200 with port 0/44 and a ssign IP address 192.168.200.1/2 4 . (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 200 (Netgear Switch) (Vlan)#vlan routing 200 (Netgear Switch) (Vlan)#exit (Netgear Switch) #configu ...
NETGEAR 7000 Series - page 83

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-7 v1.0, May 2008 T o use the CLI to Configure the GSM735 2S, enter the following CLI commands: Step 2: Configure the GSM7352S (see Figure 9 -2 ) Create VLAN 40 with port 1/0/24 and assign IP address 192.168.40.1/2 4 . (Netgear Switch) #vlan database ...
NETGEAR 7000 Series - page 84

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-8 Access Control Lists (ACLs) v1.0, May 2008 Web Interfac e Procedure T o use the W eb interface to configur e the GSM7248R, proceed as follows: 1. Create VLAN 30 with IP address 192.168. 30.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A scre ...
NETGEAR 7000 Series - page 85

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-9 v1.0, May 2008 2. Create VLAN 100 with IP address 192.168.100.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays. b. Enter the following informatio n in the VLAN Routing W iz ...
NETGEAR 7000 Series - page 86

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-10 Access Control Lists (ACLs ) v1.0, May 2008 3. Create VLAN 200 with IP address 192.168.200.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays. b. Enter the following informatio n in the VLAN Routing W i ...
NETGEAR 7000 Series - page 87

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-11 v1.0, May 2008 4. Enable IP Routing: a. From the main menu, select Ro uting > IP > Basic > IP Configuration. A scr een similar to the following displays. b. Under IP Configuration, ma ke the following selections: • Next to Routing Mode, ...
NETGEAR 7000 Series - page 88

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-12 Access Control Lists (ACLs ) v1.0, May 2008 b. Under Configure Routes, make the following selection and enter the following information: • Select St a t i c from the Route T y pe pulldown menu . • In the Network Address field, enter 192.168.40.0 . • In the Subnet Mask f ...
NETGEAR 7000 Series - page 89

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-13 v1.0, May 2008 7. Create an ACL with ID 101: a. From the main menu, select Security > ACL > Ad vanced > IP ACL. A screen similar to the following displays. b. In the IP ACL ID field of the IP ACL T able, enter 101 . c. Click Add . 8. Crea ...
NETGEAR 7000 Series - page 90

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-14 Access Control Lists (ACLs ) v1.0, May 2008 9. Add and configure an IP extended rule that is associated with ACL 101: a. From the main menu, select Se curity > ACL > Advanced > IP Extended Rules. A screen similar to the following displays. b. Under IP Extended Rules, ...
NETGEAR 7000 Series - page 91

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-15 v1.0, May 2008 d. Under Extended ACL Rule Config uration (100-199), enter the following information and make the following selections: • In the Rule ID field, enter 1 . • Next to Action mode, select the Deny rad io but ton. • Select False fr ...
NETGEAR 7000 Series - page 92

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-16 Access Control Lists (ACLs ) v1.0, May 2008 d. Under Extended ACL Rule Config uration (100-199), enter the following information and make the following selections: • In the Rule ID field, enter 1 . • Next to Action mode, select the Permit rad i o but ton. • Select False ...
NETGEAR 7000 Series - page 93

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-17 v1.0, May 2008 11 . Apply ACL 101 to port 4 4: a. From the main menu, select Security > ACL > Advanced > IP Binding Configura tion. A screen similar to the following displays. b. Under Binding Configurat io n, make the fo llowing selectio ...
NETGEAR 7000 Series - page 94

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-18 Access Control Lists (ACLs ) v1.0, May 2008 12. Apply ACL 102 to po rt 44: a. From the main menu, select Security > ACL > Advanced > IP Binding Configura tion. A screen similar to the following displays. b. Under Binding Configurat io n, make the fo llowing selection ...
NETGEAR 7000 Series - page 95

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-19 v1.0, May 2008 T o use the W eb interface to config ure the GSM7352S, proceed as follows: 1. Create VLAN 40 with IP address 192.168. 40.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the follo ...
NETGEAR 7000 Series - page 96

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-20 Access Control Lists (ACLs ) v1.0, May 2008 2. Create VLAN 50 with IP address 192.168. 50.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays. b. Enter the following informatio n in the VLAN Routing W iz ...
NETGEAR 7000 Series - page 97

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-21 v1.0, May 2008 3. Create VLAN 200 with IP address 192.168.200.2/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays. b. Enter the following informatio n in the VLAN Routing W i ...
NETGEAR 7000 Series - page 98

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-22 Access Control Lists (ACLs ) v1.0, May 2008 4. Create a static route with IP address 192.168.100.0/2 4: a. From the main menu, select Routing > Routing T able > Bas i c > Rou te Configuration. A screen similar to the following displays. b. Under Configure Routes, mak ...
NETGEAR 7000 Series - page 99

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-23 v1.0, May 2008 5. Create a static route with IP address 192.168.30.0/24: a. From the main menu, select Routing > Routing T able > Bas i c > Rou te Configuration. A screen similar to the following displays. b. Under Configure Routes, make ...
NETGEAR 7000 Series - page 100

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-24 Access Control Lists (ACLs ) v1.0, May 2008 The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to isolate VLANs on a Layer 3 switch by using ACLs, enter the following CLI commands: Figure 9-22 Create VLAN 24, add po rt 1/0/24 ...
NETGEAR 7000 Series - page 101

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-25 v1.0, May 2008 Create VLAN 48, add po rt 1/0/48 to it, and assign IP address 192.168.48.1 to it . (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 48 (Netgear Switch) (Vlan)#vlan routing 48 (Netgear Switch) (Vlan)#exit (Netgear Switch) ...
NETGEAR 7000 Series - page 102

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-26 Access Control Lists (ACLs ) v1.0, May 2008 Web Interfac e Procedure T o use the W eb interface to isolate VLANs on a Laye r 3 switch by using ACLs, pr oceed as follows: 1. Create VLAN 24 with IP address 192.168. 24.1: a. From the main menu, select Routing > VL AN > VLA ...
NETGEAR 7000 Series - page 103

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-27 v1.0, May 2008 b. Enter the following informatio n in the VLAN Routing W izard: • In the Vlan ID field, enter 24 . • In the IP Address field, enter 192.168.24.1 . • In the Network Mask field, enter 255.255.255 .0 . c. Click Unit 1 . The port ...
NETGEAR 7000 Series - page 104

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-28 Access Control Lists (ACLs ) v1.0, May 2008 e. Click Apply to save VLAN 48. 3. Create VLAN 38 with IP address 10.100.5.34: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays. b. Enter the following informatio ...
NETGEAR 7000 Series - page 105

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-29 v1.0, May 2008 b. Under IP Configuration, ma ke the following selections: • Next to Routing Mode, select the Enable radio button. • Next to IP Forwarding Mode, select the Enable radio button. c. Click Apply to enable IP Routing. 5. Create an A ...
NETGEAR 7000 Series - page 106

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-30 Access Control Lists (ACLs ) v1.0, May 2008 6. Create an ACL with ID 102: a. From the main menu, select Security > ACL > Ad vanced > IP ACL. A screen similar to the following displays. b. In the IP ACL ID field of the IP ACL T able, enter 102 . c. Click Add . 7. Crea ...
NETGEAR 7000 Series - page 107

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-31 v1.0, May 2008 b. In the IP ACL ID field of the IP ACL T able, enter 103 . c. Click Add . 8. Add and configure an IP extended rule that is associated with ACL 101: a. From the main menu, select Se curity > ACL > Advanced > IP Extended Rul ...
NETGEAR 7000 Series - page 108

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-32 Access Control Lists (ACLs ) v1.0, May 2008 d. Under Extended ACL Rule Config uration (100-199), enter the following information and make the following selections: • In the Rule ID field, enter 1 . • Next to Action mode, select the Deny rad io but ton. • Select False fr ...
NETGEAR 7000 Series - page 109

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-33 v1.0, May 2008 d. Under Extended ACL Rule Config uration (100-199), enter the following information and make the following selections: • In the Rule ID field, enter 1 . • Next to Action mode, select the Deny rad io but ton. • Select False fr ...
NETGEAR 7000 Series - page 110

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-34 Access Control Lists (ACLs ) v1.0, May 2008 10. Add and configure an IP extended rule that is associated with ACL 103: a. From the main menu, select Se curity > ACL > Advanced > IP Extended Rules. A screen similar to the following displays. b. Under IP Extended Rules ...
NETGEAR 7000 Series - page 111

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-35 v1.0, May 2008 • Next to Action mode, select the Permit rad i o but ton. • Select False from the Match Every pulld own menu. • Select IP from the Protocol T ype pulldown menu. e. Click Apply to save the settings. 11 . Apply ACL 102 to port 2 ...
NETGEAR 7000 Series - page 112

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-36 Access Control Lists (ACLs ) v1.0, May 2008 12. Apply ACL 101 to po rt 48: a. From the main menu, select Security > ACL > Advanced > IP Binding Configura tion. A screen similar to the following displays. b. Under Binding Configurat io n, make the fo llowing selection ...
NETGEAR 7000 Series - page 113

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-37 v1.0, May 2008 13. Apply ACL 103 to port 24 and po rt 48 : a. From the main menu, select Security > ACL > Advanced > IP Binding Configura tion. A screen similar to the following displays. b. Under Binding Configurat io n, make the fo llow ...
NETGEAR 7000 Series - page 114

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-38 Access Control Lists (ACLs ) v1.0, May 2008 MAC ACL CLI Examples The following are examples of the comm ands used for the MAC ACLs feature. Example #1: mac access list (Netgear Switch)(Config)#mac access- list ? extended Configure extended MAC Access List parameters. Netgear ...
NETGEAR 7000 Series - page 115

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-39 v1.0, May 2008 Example #2: permit any (Netgear Switch) (Config-mac access- list)#permit ? <srcmac> Enter a MAC address. any Configure a match condition for all the destination MAC addresses in the Destination MAC Address field. (Netgear Swit ...
NETGEAR 7000 Series - page 116

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-40 Access Control Lists (ACLs ) v1.0, May 2008 Example #3 Configure mac access-group (Netgear Switch) (Config)#interface 1/0/5 (Netgear Switch) (Interface 1/0/5)#m ac ? access-group Attach MAC Access Li st to Interface. (Netgear Switch) (Interface 1/0/5)#m ac access-group ? < ...
NETGEAR 7000 Series - page 117

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-41 v1.0, May 2008 Example #4 permit (Netgear Switch) (Config)#mac access -list extended b2 (Netgear Switch) (Config-mac-access- list)#permit 00:00:00:00:00:00 ? <dstmac> Enter a MAC Address. any Configure a a match condition for al l the destin ...
NETGEAR 7000 Series - page 118

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-42 Access Control Lists (ACLs ) v1.0, May 2008 Example #5: show mac access-list s (Netgear Switch) #show mac access-li sts Current number of all ACLs: 2 Max imum number of all ACLs: 100 MAC ACL Name Rules Interface( s) Direction ------------ ----- ----------- - --------- b1 1 1/ ...
NETGEAR 7000 Series - page 119

10-1 v1.0, May 2008 Chapter 10 Class of Service (CoS) Queuing This section describes the Class of Service (C oS) Queue Mapping and T raffic Shaping features. Overview Each port has one or more queues for packet transmission. During configuration, you can determine the mapping and conf iguration of these queues. Based on service rate and other crite ...
NETGEAR 7000 Series - page 120

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 10-2 Class of Service (CoS) Queuing v1.0, May 2008 – IP Precedence – IP Dif fServ Code Point (DSCP) The system can assign service level based upon the 802.1p priority field of the L2 header . Y ou configure this by mapping the 80 2.1p priorities to one of three traffic class q ...
NETGEAR 7000 Series - page 121

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Class of Service (CoS) Queuing 10-3 v1.0, May 2008 – T ail drop vs. WRED Drop Precedence Conf iguration (per Queue) •W R E D p a r a m e t e r s – Minimum threshold – Maximum threshold – Drop probability – Scale factor • T ail Drop parameters – Threshold Per-Interf ...
NETGEAR 7000 Series - page 122

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 10-4 Class of Service (CoS) Queuing v1.0, May 2008 Example #1: show classofservice trust Example #2: set clas sofservice trust mode (Netgear Switch) #show classofservic e trust ? <cr> Press Enter to execute the command. (Netgear Switch) #show classofservic e trust Class of S ...
NETGEAR 7000 Series - page 123

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Class of Service (CoS) Queuing 10-5 v1.0, May 2008 Example #3: show classofser vice ip-precedence mapping Example #4: Config Co s-queue Min-bandwid th and Strict Priority Scheduler Mode (Netgear Switch) #show classofservic e ip-precedence-mapping IP Precedence Traffic Class ------ ...
NETGEAR 7000 Series - page 124

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 10-6 Class of Service (CoS) Queuing v1.0, May 2008 Example #5: Set CoS T rus t Mode of an Interface T raffic Shaping This section describes the T raffic Shaping feature. T raffic shaping controls the amou nt and volume of traf fic transmitted through a network. This has the ef fec ...
NETGEAR 7000 Series - page 125

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Class of Service (CoS) Queuing 10-7 v1.0, May 2008 Example #1 traffic-shape (Netgear Switch) (Config)#traffic-sh ape ? <bw> Enter the s haping bandwidth percentage from 0 to 100 in incremen ts of 5. (Netgear Switch) (Config)#traffic-sh ape 70 ? <cr> Press Enter to exec ...
NETGEAR 7000 Series - page 126

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 10-8 Class of Service (CoS) Queuing v1.0, May 2008 ...
NETGEAR 7000 Series - page 127

11-1 v1.0, May 2008 Chapter 1 1 Differentiated Services Differentiated Services ( DiffServ) is one technique for implementing Qu ality of Service (QoS) policies. Using DiffServ in your network allows you to direct ly co nfigure the relevant parameters on the switches and routers ra ther than using a re source reservation protocol.This section expla ...
NETGEAR 7000 Series - page 128

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 11-2 Differentiated Services v1.0, May 2008 – Marking the packet with a given DSCP code point, IP precedence, or CoS – Policing packets by dropping or re -marking th ose that exceed the class’ s assigned data rate – Counting the traffic within the class • Service. Assign ...
NETGEAR 7000 Series - page 129

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Differentiated Services 11-3 v1.0, May 2008 The following examp le configures Dif fServ on a 7000 Series Managed Switch: Ensure DiffServ operation is enabled for the switch. (Netgear Switch) #config (Netgear Switch) (Config)#diffserv Create a DiffServ class of type “all” for e ...
NETGEAR 7000 Series - page 130

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 11-4 Differentiated Services v1.0, May 2008 DiffServ for V oIP Configuration Example One of the most valuable uses of Dif fServ is to support V oice over IP (V oIP). V oIP traffic is inherently time-sensitive: for a ne twork to provide acceptable servic e, a guaranteed transmissio ...
NETGEAR 7000 Series - page 131

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Differentiated Services 11-5 v1.0, May 2008 a class for UDP traffic, have that traf fic marked on the inbound side, and then expedite the traffic on the outbound side. The config uration script is for Router 1 in the acco mpanying diagram: a similar script should be applied to Rou ...
NETGEAR 7000 Series - page 132

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 11-6 Differentiated Services v1.0, May 2008 The following example config ures Dif fServ V oIP support: Enter Global Config mode. Set queue 5 on all ports to use strict priority mode. This queue shall be used for all VoIP packets. Activate DiffServ for the switch. (Netgear Switch) ...
NETGEAR 7000 Series - page 133

12-1 v1.0, May 2008 Chapter 12 IGMP Snooping This section describes the Internet Group Mana gement Prot ocol (IGMP) feature: IGMPv3 and IGMP Snooping. Overview IGMP: • Uses V ersion 3 of IGMP • Includes snoopin g • Snooping can be enab led per VLAN CLI Examples The following are examples of the commands used in the IGMP Snooping feature. Exam ...
NETGEAR 7000 Series - page 134

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 12-2 IGMP Snooping v1.0, May 2008 Example #2: show igmp snooping Example #3: show mac-ad dress-t able igmp snooping (Netgear Switch) #show igmpsnoop ing? <cr> Press Enter to execute the co mmand. <slot/port> Enter interface in sl ot/port format. mrouter Display IGMP Sn ...
NETGEAR 7000 Series - page 135

13-1 v1.0, May 2008 Chapter 13 Port Security This section describes the Port Security feature. Overview Port Security: • Allows for limiting the number of MAC addresses on a given port • Packets that have a matching MAC address (secure packets) are forwarde d; all other pa ckets (unsecure packets) are restricted • Enabled on a per port basis ...
NETGEAR 7000 Series - page 136

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 13-2 Port Security v1.0, May 2008 Operation Port Security: • Helps secure network by preventing u nknown devices from forwarding packets • When link goes down, all dynamica lly locked addresses are ‘freed’ • If a specific MAC address is to be set for a port , set the dyn ...
NETGEAR 7000 Series - page 137

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Port Security 13-3 v1.0, May 2008 CLI Examples The following are examples of the commands used in the Port Security feature. Example #1: show port security Example #2: show port securi ty on a specific interface Example #3: (Config) port security (Netgear Switch) #show port-securi ...
NETGEAR 7000 Series - page 138

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 13-4 Port Security v1.0, May 2008 ...
NETGEAR 7000 Series - page 139

14-1 v1.0, May 2008 Chapter 14 T raceroute This section describes the T raceroute feature. Use T raceroute to discover the routes that packets take when traveli ng on a hop-by -hop basis to their destination through the network. • Maps network routes by sending packets with small T ime-to-Live (TTL) values and watches the ICMP time-ou t announcem ...
NETGEAR 7000 Series - page 140

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 14-2 Traceroute v1.0, May 2008 CLI Example The following shows an example of using the traceroute command to determi ne how many hops there are to the des tination. Th e command output shows each IP ad dress the packet passes through and how long it takes to get there. In this exa ...
NETGEAR 7000 Series - page 141

15-1 v1.0, May 2008 Chapter 15 Configuration Scripting This section describes the Conf iguration Scripting feature. Overview Configuration Scripting: • Allows you to generate text-formatted files • Provides scrip ts tha t can be uplo aded and download ed to the system • Provides flexibility to create command configuration scripts • May be a ...
NETGEAR 7000 Series - page 142

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 15-2 Configuration Scripting v1.0, May 2008 Example #1: script Example #2: script list and script delete Example #3: script apply running-config.scr (Netgear Switch) #script ? apply Applies configuration script to the swit ch. delete Deletes a confi guration script file from the s ...
NETGEAR 7000 Series - page 143

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Configuration Scripting 15-3 v1.0, May 2008 Example #4: Creating a Configuration Script Example #5: Upload a Configuration Script (Netgear Switch) #show running-confi g running-config.scr Config script created successfully. (Netgear Switch) #script list Configuration Script Name S ...
NETGEAR 7000 Series - page 144

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 15-4 Configuration Scripting v1.0, May 2008 ...
NETGEAR 7000 Series - page 145

16-1 v1.0, May 2008 Chapter 16 Outbound T e lnet This section describes the Outbound T elnet feature. Overview Outbound T elnet: • Establishes an outbound telnet connection between a device and a remote host • A telnet connection is initiated, each side of the conn ection is assumed to originate and terminate at a “Network V i rtual T erminal ...
NETGEAR 7000 Series - page 146

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 16-2 Outbound Telnet v1.0, May 2008 Example #1: show network Example #2: show telnet (Netgear Switch Routing) >telnet 192 .168.77.151 Trying 192.168.77.151... (Netgear Switch Routing) User:admin Password: (Netgear Switch Routing) >en Password: (Netgear Switch Routing) #show ...
NETGEAR 7000 Series - page 147

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Outbound Telnet 16-3 v1.0, May 2008 Example #3: transport output telnet Example #4: session-limi t and session-timeout (Netgear Switch Routing) (Config)#li neconfig ? <cr> Press Enter to execute the command. (Netgear Switch Routing) (Config)#li neconfig (Netgear Switch Routi ...
NETGEAR 7000 Series - page 148

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 16-4 Outbound Telnet v1.0, May 2008 ...
NETGEAR 7000 Series - page 149

17-1 v1.0, May 2008 Chapter 17 Port Mirroring This section describes the Port Mirroring feature. Overview Port Mirroring: • Allows you to monitor network traf fi c with an external network analyzer • Forwards a copy of each incoming a nd outgoing packet to a sp ecific port • Is used as a diagnostic tool, deb ugging feature or me ans of fendin ...
NETGEAR 7000 Series - page 150

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 17-2 Port Mirr oring v1.0, May 2008 Example #1: show monitor session Example #2: show port all Example #3: show port interface Use this command for a specific por t. The output shows whether the port is the mirror or the probe (Netgear Switch Routing) #show monit or session 1 Sess ...
NETGEAR 7000 Series - page 151

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Port Mirroring 17-3 v1.0, May 2008 port, and what is enabled or disable d on the port. Example #4: (Config) monitor session 1 mode T o set up port mirroring, s pecify th e monitor session, then the mode. (Netgear Switch Routing) #show port 0/7 Admin Physical Physical Link Link LAC ...
NETGEAR 7000 Series - page 152

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 17-4 Port Mirr oring v1.0, May 2008 Example #5: (Config) monito r session 1 source interface Specify the source (mirrored) ports and destination (probe) port. Example #6: (Interf ace) port security (Netgear Switch Routing)(Config)#mon itor session 1 source? interface Configure int ...
NETGEAR 7000 Series - page 153

18-1 v1.0, May 2008 Chapter 18 Simple Network T ime Protocol (SNTP) This section describes the Simple Netw ork T ime Protocol (SNTP) feature . Overview SNTP: • Used for synchronizin g network resources • Adaptation of NTP • Provides synchron ized network tim estamp • Can be used in broadcast or unicast mode • SNTP client implemented over ...
NETGEAR 7000 Series - page 154

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 18-2 Simple Network Time Protocol (SNTP) v1.0, May 2008 Example #2: show sntp client Example #3: show sntp server Example #4: Configure SNTP Netgear switches do not have a built-in real-time cloc k. However , it is possible to use SNTP to get the time from a public SNTP/NTP se rve ...
NETGEAR 7000 Series - page 155

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Simple Network Time Protocol (SNTP) 18-3 v1.0, May 2008 1. Configure the SNTP server IP address. The IP address can be either from the public NTP server or your own. Y ou can search the Intern et to locate the public server . The serve rs available could be listed in domain-name f ...
NETGEAR 7000 Series - page 156

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 18-4 Simple Network Time Protocol (SNTP) v1.0, May 2008 Example #5: Setting T ime Zone The SNTP/NTP server is set to Coordina ted Universal Time (UTC) by default. The following example shows how to set the time zone to Pacifi c Standard Time (PST) which is 8 hours behind GMT/UTC. ...
NETGEAR 7000 Series - page 157

19-1 v1.0, May 2008 Chapter 19 Syslog This section provides informa tion about the Syslog feature. Overview Syslog: • Allows you to store system messages and/or errors • Can store to local files on the switch or a remote server running a syslog daemon • Method of collecting messag e logs from many systems Persistent Log Files • Currently th ...
NETGEAR 7000 Series - page 158

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 19-2 Syslog v1.0, May 2008 Interpreting Log Files CLI Examples The following are examples of the comm ands used in the Syslog feature. <130> JAN 01 00:00:0 6 0.0.0.0-1 UNKN [0x 800023]: boot os.c(386) 4 %% Event (0xaaaaaaaa) A. Priority B. T imestamp C. S tack ID D. Componen ...
NETGEAR 7000 Series - page 159

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Syslog 19-3 v1.0, May 2008 Example #1: show logging Example #2: show logging buffered (Netgear Switch Routing) #show loggi ng Logging Client Local Port : 514 CLI Command Logging : disabled Console Logging : disabled Console Logging Severity Filter : alert Buffered Logging : enable ...
NETGEAR 7000 Series - page 160

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 19-4 Syslog v1.0, May 2008 Example #3: show logging traplogs Example #4: show logging host s (Netgear Switch Routing) #show logging traplogs ? <cr> Press Enter to execute the c ommand. (Netgear Switch Routing) #show logging traplogs Number of Traps Since Last Reset.... ..... ...
NETGEAR 7000 Series - page 161

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Syslog 19-5 v1.0, May 2008 Example #5: logging port configuration (Netgear Switch Routing) #config (Netgear Switch Routing) (Config)#logging ? buffered Buffered (In-Memory) Logging Configuration. cli-command CLI Command Logging Configuration. console Console Logging Configuration. ...
NETGEAR 7000 Series - page 162

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 19-6 Syslog v1.0, May 2008 ...
NETGEAR 7000 Series - page 163

20-1 v1.0, May 2008 Chapter 20 Managing Switch S t acks This chapter describes the concepts and recommen ded operating procedures to manage Netg ear stackable managed switches running Release 4. x. x.x or newer . Netgear stack able managed switches include the following models: • FSM7328S • FSM7352S • FSM7352PS • GSM7328S • GSM7352S This ...
NETGEAR 7000 Series - page 164

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-2 Managing Sw itch Stacks v1.0, May 2008 Underst anding Switch St acks A switch stack is a set of up to eight Et hernet switches connected throug h their stacking ports. One of the switches controls the operation of th e stack and is called the stack master . The stack master a ...
NETGEAR 7000 Series - page 165

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 2 0-3 v1.0, May 2008 Switch St ack Membership A switch stack has up to eight stack members connected through their stacking ports. A switch stack always has one stack master . A standalone switch is a switch stac k with one stack member that al so operates a ...
NETGEAR 7000 Series - page 166

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-4 Managing Sw itch Stacks v1.0, May 2008 Switch St ack Cabling (FSM73xxS) Figure 20-1 and Figure 20-2 illustrate how indivi dual switches ar e interconnected to form a stack. Y ou can use the regular Category 5 Et hernet 8 wire cable. Figure 20-1 Figure 20-2 Interconnect port s ...
NETGEAR 7000 Series - page 167

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 2 0-5 v1.0, May 2008 S t ack Master Election and Re-Election The stack master is el ected or re-elec ted based on one of these factors and in the order listed: 1. The switch that is currently the stack master 2. The switch with the highest stack member prior ...
NETGEAR 7000 Series - page 168

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-6 Managing Sw itch Stacks v1.0, May 2008 Stack members in the same switch stack cannot have the same stack member numbe r . Every stack member , including a standa lone switch, retains its member nu mber until you manu ally change the number or unless the number i s already bei ...
NETGEAR 7000 Series - page 169

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 2 0-7 v1.0, May 2008 Effect s of Replacing a Preconfigu red Switch in a Switch St ack When a preconfigured switch in a switch stack fails, is removed from the stack, and is replaced with another switch, the stack applies either the pr econfiguration or the d ...
NETGEAR 7000 Series - page 170

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-8 Managing Sw itch Stacks v1.0, May 2008 Switch St ack Software Comp atibility Recommendations All stack members must run the same software version to ensure comp atibility between stack members. The software versions on all stack memb ers, including the stack master , must be ...
NETGEAR 7000 Series - page 171

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 2 0-9 v1.0, May 2008 Switch St ack Management Connectivity Y ou manage the switch stack and the stack member interfaces through the stack master . Y ou ca n use the web interface , the CLI, and SNMP . Y ou cannot mana ge stack members on an ind i vidual swit ...
NETGEAR 7000 Series - page 172

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-10 Managing Switch Stacks v1.0, May 2008 S tack master election specifically determined by the MAC address • Assuming that both stack members have the same priority value and software image, restart both stack members at the same time. The stack member with the higher MAC add ...
NETGEAR 7000 Series - page 173

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 20-11 v1.0, May 2008 S t acking Recommendations The purpose of this section is to collect notes on recommended pr ocedures and expe cted behavior of stacked manage d switches. Proc edures addressed initially are listed below . • Initial installation and po ...
NETGEAR 7000 Series - page 174

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-12 Managing Switch Stacks v1.0, May 2008 Initial inst allation an d Power-up of a S t ack 1. Install units in rack. 2. Install all stacki ng cables. Fully connect, including the redundant stack link. It is highly recommended that a redu ndant link be installed. 3. Identify the ...
NETGEAR 7000 Series - page 175

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 20-13 v1.0, May 2008 Adding a Unit to an O perating St ack 1. Make sure the redundant stack connection is in place and functional. All stack members should be connected in a logical ring. 2. Preconfigure the new unit, if de sired . 3. Install new unit in the ...
NETGEAR 7000 Series - page 176

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-14 Managing Switch Stacks v1.0, May 2008 • Add the new stack unit to the stac k using the pro cess described in s ection “Adding a Unit to an Operating Stack” . The unit can be inserted into the same position as the unit just removed, or the unit can be inserted at the bo ...
NETGEAR 7000 Series - page 177

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 20-15 v1.0, May 2008 Merging T wo Operational S tacks It is strongly recommend ed that two functioning stacks (each having an independent master) not be merged simply by the reconnection of stack cab les. That process may result in a number of unpredictable ...
NETGEAR 7000 Series - page 178

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-16 Managing Switch Stacks v1.0, May 2008 archive command (in stack configuration mode) may be issued to make another attempt to copy the software t o the unit(s) that did not get updated. Errors duri ng code propagati on to stack members could be caused by stack cable mo vement ...
NETGEAR 7000 Series - page 179

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 20-17 v1.0, May 2008 Code Mismatch If a unit is added to a stack and it does not have the same version of code as tha t of the master , the following should happ en: • “New” unit will boot up and become a “member” of the stack • Ports on the adde ...
NETGEAR 7000 Series - page 180

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-18 Managing Switch Stacks v1.0, May 2008 ...
NETGEAR 7000 Series - page 181

21-1 v1.0, May 2008 Chapter 21 Pre-Login Banner This section describes the Pre-Login Banner feature. Overview Pre-Login Banner: • Allows you to create message screens when logging into the CLI Interface • By default, no Banner file exists • Can be uploaded or downloaded • File size cannot be larger than 2K The Pre-Login Banner feature is on ...
NETGEAR 7000 Series - page 182

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 21-2 Pre-Login Banner v1.0, May 2008 2. T ransfer the file from the PC to the switch using TFTP (Netgear Switch Routing) #copy tftp: //192.168.77.52/banner.txt nvram:clibanner Mode................................ ........... TFTP Set TFTP Server IP.................. ........... 19 ...
NETGEAR 7000 Series - page 183

22-1 v1.0, May 2008 Chapter 22 IGMP Querier When the switch is used in ne twork applications where video se rvice s such as IP TV , vide o streaming, and gaming are deployed, the video traf fic would normally be flooded to all connected ports because such traffic packets usually have mu lticast Ethernet addresses. IGMP snooping can be enabled to cr ...
NETGEAR 7000 Series - page 184

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 22-2 IGMP Querier v1.0, May 2008 CLI Examples Example #1: Enable IGMP Querier Use the following CLI commands to set up the switch to genera te IGMP querier packet for a designated VLAN. The IGMP pa cket will be transmitted to every port s on the VLAN. The following example enables ...
NETGEAR 7000 Series - page 185

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DNS 23-1 v1.0, May 2008 Chapter 23 DNS This section describes the Domain Name System (DNS) feature. The DNS protocol maps a ho st name to an IP address, allow ing you to replace the IP address with the host name for IP commands such as a ping and a traceroute, and for features suc ...
NETGEAR 7000 Series - page 186

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 23-2 DNS v1.0, May 2008 CLI Commands T o use the CLI to specify two DNS serve rs, enter the following CLI commands: Web Interfac e Procedure T o use the W eb interface to specify two DNS servers, proceed as follows: 1. From the main menu, select System > Manage ment > DNS &g ...
NETGEAR 7000 Series - page 187

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DNS 23-3 v1.0, May 2008 Example 2#: Manually Add a Ho st Name and an IP Address The following example shows commands to add a sta tic host name entry to the switc h so that you can use this entry to resolve the IP address. The example is shown as CLI commands and as a W eb interfa ...
NETGEAR 7000 Series - page 188

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 23-4 DNS v1.0, May 2008 2. Under DNS Host Configuration, enter the following information: • In the Host Name field, enter www .netgear .com . • In the IP Address field, enter 206.82.202.4 6 . 3. Click Add . The host name and IP address now show in the DNS Ho st Configuration t ...
NETGEAR 7000 Series - page 189

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DHCP Server 24 -1 v1.0, May 2008 Chapter 24 DHCP Server This section describes the DHCP server configuration. When a client sends a request to a DHCP server , the DHCP server assigns the IP address from ad dress pools that are sp ecified on the switch. The network in the DHCP pool ...
NETGEAR 7000 Series - page 190

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 24-2 DHCP Server v1.0, May 2008 Web Interfac e Procedure T o use the W eb interface to create a DHCP se rver with a dynamic pool, proceed as follows: 1. From the main menu, select System > Se rvices > DHCP Server > DHCP Se rver Configuration. A screen simila r to the foll ...
NETGEAR 7000 Series - page 191

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DHCP Server 24 -3 v1.0, May 2008 4. From the main menu, select System > Services > D HCP Server > D HCP Pool Configuration. A screen similar to the following displays. 5. Under DHCP Pool Configuration, enter the followi ng information: • Select Create from the Pool Name ...
NETGEAR 7000 Series - page 192

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 24-4 DHCP Server v1.0, May 2008 Example #2: Configure a DHCP Server in Manual Mode The following example sh ows how to cre at e a DHCP server with a manual pool. The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to create a DHCP s ...
NETGEAR 7000 Series - page 193

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DHCP Server 24 -5 v1.0, May 2008 Web Interfac e Procedure T o use the W eb interface to create a DHCP server with a manual pool, proceed as follows: 1. From the main menu, select System > Se rvices > DHCP Server > DHCP Se rver Configuration. A screen simila r to the follo ...
NETGEAR 7000 Series - page 194

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 24-6 DHCP Server v1.0, May 2008 4. Under DHCP Pool Configuration, enter the followi ng information: • Select Create from the Pool Name pulldown menu. • In the Pool Name field, enter pool_m anual . • Select Manual from the T ype of Binding pu lldown menu. • In the Client Na ...
NETGEAR 7000 Series - page 195

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Protected Ports 25-1 v1.0, May 2008 Chapter 25 Protected Port s This section describes how to set up protected por ts on the switch. Some si tuations might require that traf fic is prevented from bein g forwarded between an y ports at Layer 2 so that on e user cannot see the traff ...
NETGEAR 7000 Series - page 196

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 25-2 Protected Po rts v1.0, May 2008 . The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to configure a protected port in order to isolate ports, enter the following CLI commands: Figure 25-1 Step 1: Create one VLAN 192 includin g ...
NETGEAR 7000 Series - page 197

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Protected Ports 25-3 v1.0, May 2008 Web Interfac e Procedure T o use the W eb Interface to configure a protec ted po rt in order to isolate ports, procee d as follows: 1. Create a DHCP pool: Step 2: Create one VLAN 202 connecte d to the Internet . (Netgear Switch) #vlan database ( ...
NETGEAR 7000 Series - page 198

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 25-4 Protected Po rts v1.0, May 2008 a. From the main menu, select System > Se rvices > DHCP Server > DHCP Server Configuration. A screen simila r to the following displays. b. Under DHCP Pool Configuration, enter the followi ng information: • Select Create from the Poo ...
NETGEAR 7000 Series - page 199

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Protected Ports 25-5 v1.0, May 2008 • In the Network Number field, enter 192.168.1.0 . • In the Network Mask field, enter 255.255.255 .0 . • In the Days field, enter 1 . • Click on Default Router Addresses . The DNS server address fields display . In the first router addre ...
NETGEAR 7000 Series - page 200

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 25-6 Protected Po rts v1.0, May 2008 The U specifies that the egress p acket is untagged for the port. d. Click Apply to save the VLAN that includes ports 23 and 24. 3. Configure a VLAN and includ e port 1/0/48 in the VLAN: a. From the main menu, select Routing > VL AN > VLA ...
NETGEAR 7000 Series - page 201

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Protected Ports 25-7 v1.0, May 2008 b. Under IP Configuration, ma ke the following selections: • Next to Routing Mode, select the Enable radio button. • Next to IP Forwarding Mode, select the Enable radio button. c. Click Apply to enable IP Routing. 5. Configure default route ...
NETGEAR 7000 Series - page 202

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 25-8 Protected Po rts v1.0, May 2008 6. Configure port 23 and port 2 4 as protected ports: a. From the main menu, select Security > T raffi c Control > Protected Port. A screen similar to the following displays. b. Under Protected Ports Configuration, Click Un it 1 . The por ...
NETGEAR 7000 Series - page 203

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 802.1x Port Security 26-1 v1.0, May 2008 Chapter 26 802.1x Port Security This section describes how to c onfigure the 802.1x Port Secur ity feature on a switch port. IEEE 802.1x authentication prev ents unauthorized clients fro m connecting to a VLAN unless these clients are autho ...
NETGEAR 7000 Series - page 204

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 26-2 802.1x Port Security v1.0, May 2008 The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to enable 802.1x authentication on one port, and to allow only the user with the name “adam” to access the VL AN, ente r the following ...
NETGEAR 7000 Series - page 205

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 802.1x Port Security 26-3 v1.0, May 2008 Web Interfac e Procedure T o use the W eb Interface to enable 802.1x authen tication on one port, and to allow only the user with the name “adam” to access the VLA N, proceed as follows: 1. Create VLAN 100 with IP address 192.168.100.1: ...
NETGEAR 7000 Series - page 206

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 26-4 802.1x Port Security v1.0, May 2008 b. Enter the following informatio n in the VLAN Routing W izard: • In the Vlan ID field, enter 100 . • In the IP Address field, enter 192.168.100. 1 . • In the Network Mask field, enter 255.255.255 .0 . c. Click Unit 1 . The ports dis ...
NETGEAR 7000 Series - page 207

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 802.1x Port Security 26-5 v1.0, May 2008 3. Add a new user account with the name “adam”: a. From the main menu, select Security > Manage ment Security > User Configuration > User Management. A screen similar to the foll owing displays. b. Under Manage Users, in the Us ...
NETGEAR 7000 Series - page 208

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 26-6 802.1x Port Security v1.0, May 2008 5. Enable port authentication: a. From the main menu, select Security > Port Authentication > Basic > 802.1x Configuration. A screen simila r to the following displays. b. Under Mode, next to Administrative Mode, select the Enable ...
NETGEAR 7000 Series - page 209

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 802.1x Port Security 26-7 v1.0, May 2008 b. Under Port Authentication, enter the following information: • In the Max Users field, enter 4 . • Select Mac based from the Port Method p ulldown menu. c. Click Apply to save the settings. ...
NETGEAR 7000 Series - page 210

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 26-8 802.1x Port Security v1.0, May 2008 ...
NETGEAR 7000 Series - page 211

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Double VLANs 27-1 v1.0, May 2008 Chapter 27 Double VLANs This section describes how to configure the Do uble VLAN (DVLAN) feature on the switch. A DVLAN is a way to pass traffic of customers who have multiple VLANs from one customer domain to another customer domain. Custo m VLAN ...
NETGEAR 7000 Series - page 212

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 27-2 Double VLANs v1.0, May 2008 The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to enable a double VLAN on a VLAN, enter the following CLI commands: Figure 27-1 Create a VLAN 200 . (Netgear Switch)#vlan database (Netgear Switch ...
NETGEAR 7000 Series - page 213

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Double VLANs 27-3 v1.0, May 2008 Web Interfac e Procedure T o use the W eb Interface to enable a d ouble VLAN on a VLAN, proceed as follows: 1. Create static VLAN 200: a. From the main menu, select Switching > VL AN > Basic > VLAN Configuration. A screen similar to the fo ...
NETGEAR 7000 Series - page 214

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 27-4 Double VLANs v1.0, May 2008 2. Add ports 24 and 48 to VLAN 20 0. a. From the main menu, select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following displays. b. Under VLAN Membership, select 200 from the VLAN ID pulldown me nu. c. Click Un ...
NETGEAR 7000 Series - page 215

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Double VLANs 27-5 v1.0, May 2008 3. Change the Port VLAN ID (PVID) of port 24 to 200: a. From the main menu, select Switching > VLAN > Advanced > Port PVID Configuration. A screen similar to the following displays. b. Under PVID Configuration, sc roll down to interface 1/ ...
NETGEAR 7000 Series - page 216

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 27-6 Double VLANs v1.0, May 2008 4. Configure port 48 as the provider service port: a. From the main menu, select Switchi ng > VLAN > Advanced > Port DVLAN Configuration. A screen simila r to the following displays. b. Under DVLAN Configuration, scroll down to in terface ...
NETGEAR 7000 Series - page 217

Index-1 v1.0, May 2008 Index Numerics 802.1x port security 26-1 A ACL 9-1 add 4-5 apply 4-5 ARP 7-21 C cancel 4-5 command archive 20-16 archive download-sw 20-8 clear config 2-14 clock timezone 18-4 copy nvram errorlog 2-13 copy nvram startup-config 2-12 , 2-13 copy nvram tr aplog 2-13 copy system image 2-13 copy system running-config nvram startup ...
NETGEAR 7000 Series - page 218

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 Index-2 v1.0, May 2008 switch priority 20-6 switch renumber 20-14 traceroute 14-1 traf fic-shape 10-7 transport output telnet 16-3 users passwd 2-1 1 configuration scripting 15-1 CoS 10-1 drop precedence configuration 10-3 per-interface basis 10-3 port egress queue configuration 1 ...
NETGEAR 7000 Series - page 219

NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Index-3 v1.0, May 2008 protected ports 25-1 Q QoS class 11 - 1 policy 11 - 1 service 11 - 2 R refresh 4-5 RIP 7-1 , 7-2 , 7-7 , 7-12 S SNMP V3 user profile 4-6 SNTP 18-1 static host name 23-1 switch FSM family of swit ches 20-1 GSM family of switches 20-1 IP address 3- 2 name 3-3 ...
NETGEAR 7000 Series - page 220

NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 Index-4 v1.0, May 2008 ...

Manufacturer NETGEAR Category Switch

Documents that we receive from a manufacturer of a NETGEAR 7000 Series can be divided into several groups. They are, among others:
- NETGEAR technical drawings
- 7000 Series manuals
- NETGEAR product data sheets
- information booklets
- or energy labels NETGEAR 7000 Series
All of them are important, but the most important information from the point of view of use of the device are in the user manual NETGEAR 7000 Series.

A group of documents referred to as user manuals is also divided into more specific types, such as: Installation manuals NETGEAR 7000 Series, service manual, brief instructions and user manuals NETGEAR 7000 Series. Depending on your needs, you should look for the document you need. In our website you can view the most popular manual of the product NETGEAR 7000 Series.

Similar manuals

NETGEAR GS105PE

2 pages
NETGEAR JFS524NA

2 pages
NETGEAR GSM7224

3 pages
NETGEAR READYNAS 312

276 pages

A complete manual for the device NETGEAR 7000 Series, how should it look like?
A manual, also referred to as a user manual, or simply "instructions" is a technical document designed to assist in the use NETGEAR 7000 Series by users. Manuals are usually written by a technical writer, but in a language understandable to all users of NETGEAR 7000 Series.

A complete NETGEAR manual, should contain several basic components. Some of them are less important, such as: cover / title page or copyright page. However, the remaining part should provide us with information that is important from the point of view of the user.

1. Preface and tips on how to use the manual NETGEAR 7000 Series - At the beginning of each manual we should find clues about how to use the guidelines. It should include information about the location of the Contents of the NETGEAR 7000 Series, FAQ or common problems, i.e. places that are most often searched by users in each manual
2. Contents - index of all tips concerning the NETGEAR 7000 Series, that we can find in the current document
3. Tips how to use the basic functions of the device NETGEAR 7000 Series - which should help us in our first steps of using NETGEAR 7000 Series
4. Troubleshooting - systematic sequence of activities that will help us diagnose and subsequently solve the most important problems with NETGEAR 7000 Series
5. FAQ - Frequently Asked Questions
6. Contact detailsInformation about where to look for contact to the manufacturer/service of NETGEAR 7000 Series in a specific country, if it was not possible to solve the problem on our own.

Do you have a question concerning NETGEAR 7000 Series?

Use the form below

If you did not solve your problem by using a manual NETGEAR 7000 Series, ask a question using the form below. If a user had a similar problem with NETGEAR 7000 Series it is likely that he will want to share the way to solve it.

Manual NETGEAR 7000 Series

Summary

NETGEAR 7000 Series - page 1

NETGEAR 7000 Series - page 2

NETGEAR 7000 Series - page 3

NETGEAR 7000 Series - page 4

NETGEAR 7000 Series - page 5

NETGEAR 7000 Series - page 6

NETGEAR 7000 Series - page 7

NETGEAR 7000 Series - page 8

NETGEAR 7000 Series - page 9

NETGEAR 7000 Series - page 10

NETGEAR 7000 Series - page 11

NETGEAR 7000 Series - page 12

NETGEAR 7000 Series - page 13

NETGEAR 7000 Series - page 14

NETGEAR 7000 Series - page 15

NETGEAR 7000 Series - page 16

NETGEAR 7000 Series - page 17

NETGEAR 7000 Series - page 18

NETGEAR 7000 Series - page 19

NETGEAR 7000 Series - page 20

NETGEAR 7000 Series - page 21

NETGEAR 7000 Series - page 22

NETGEAR 7000 Series - page 23

NETGEAR 7000 Series - page 24

NETGEAR 7000 Series - page 25

NETGEAR 7000 Series - page 26

NETGEAR 7000 Series - page 27

NETGEAR 7000 Series - page 28

NETGEAR 7000 Series - page 29

NETGEAR 7000 Series - page 30

NETGEAR 7000 Series - page 31

NETGEAR 7000 Series - page 32

NETGEAR 7000 Series - page 33

NETGEAR 7000 Series - page 34

NETGEAR 7000 Series - page 35

NETGEAR 7000 Series - page 36

NETGEAR 7000 Series - page 37

NETGEAR 7000 Series - page 38

NETGEAR 7000 Series - page 39

NETGEAR 7000 Series - page 40

NETGEAR 7000 Series - page 41

NETGEAR 7000 Series - page 42

NETGEAR 7000 Series - page 43

NETGEAR 7000 Series - page 44

NETGEAR 7000 Series - page 45

NETGEAR 7000 Series - page 46

NETGEAR 7000 Series - page 47

NETGEAR 7000 Series - page 48

NETGEAR 7000 Series - page 49

NETGEAR 7000 Series - page 50

NETGEAR 7000 Series - page 51

NETGEAR 7000 Series - page 52

NETGEAR 7000 Series - page 53

NETGEAR 7000 Series - page 54

NETGEAR 7000 Series - page 55

NETGEAR 7000 Series - page 56

NETGEAR 7000 Series - page 57

NETGEAR 7000 Series - page 58

NETGEAR 7000 Series - page 59

NETGEAR 7000 Series - page 60

NETGEAR 7000 Series - page 61

NETGEAR 7000 Series - page 62

NETGEAR 7000 Series - page 63

NETGEAR 7000 Series - page 64

NETGEAR 7000 Series - page 65

NETGEAR 7000 Series - page 66

NETGEAR 7000 Series - page 67

NETGEAR 7000 Series - page 68

NETGEAR 7000 Series - page 69

NETGEAR 7000 Series - page 70

NETGEAR 7000 Series - page 71

NETGEAR 7000 Series - page 72

NETGEAR 7000 Series - page 73

NETGEAR 7000 Series - page 74

NETGEAR 7000 Series - page 75

NETGEAR 7000 Series - page 76

NETGEAR 7000 Series - page 77

NETGEAR 7000 Series - page 78