NETGEAR ProSafe 7000 Скачать руководство пользователя

Страница: 158 / 562

Create VLAN 38, add port 1/0/38 to it, and assign IP address

10.100.5.34

to it

(Netgear Switch) #vlan database

(Netgear Switch) (Vlan)#vlan 38

(Netgear Switch) (Vlan)#vlan routing

(Netgear Switch) (Vlan)#exit

(Netgear Switch) #config

(Netgear Switch) (Config)#interface 1/0/38

(Netgear Switch) (Interface 1/0/38)#vlan participation include 38

(Netgear Switch) (Interface 1/0/38)#vlan pvid 38

(Netgear Switch) (Interface 1/0/38)#exit

Netgear Switch) (Config)#interface vlan 38

(Netgear Switch) (Interface-vlan 38)#routing

(Netgear Switch) (Interface-vlan 38)#ip address 10.100.5.34 255.255.255.0

(Netgear Switch) (Interface-vlan 38)#exit

Enable IP routing on the switch

(Netgear Switch) (Config)#ip routing

Add a default route so that all the traffic without a destination is forwarded

according to this default route

(Netgear Switch) (Config)#ip route default 10.100.5.252

Create ACL 101 to deny all traffic that has destination IP 192.168.24.0/24

(Netgear Switch) (Config)#access-list 101 deny ip any 192.168.24.0 0.0.0.255

Create ACL 102 to deny all traffic that has destination IP 192.168.48.0/24

(Netgear Switch) (Config)#access-list 102 deny ip any 192.168.48.0 0.0.0.255

Create ACL 103 to permit all other traffic

(Netgear Switch) (Config)#access-list 103 permit ip any any

Deny all traffic with destination IP address 192.168.48.0/24 and permit all other

traffic

(Netgear Switch) (Config)#interface 1/0/24

(Netgear Switch) (Interface 1/0/24)#ip access-group 102 in 1

(Netgear Switch) (Interface 1/0/24)#ip access-group 103 in 2

(Netgear Switch) (Interface 1/0/24)#exit

Deny all traffic with destination IP address 192.168.24.0/24 and permit all other

traffic

(Netgear Switch) (Config)#interface 1/0/48

(Netgear Switch) (Interface 1/0/48)#ip access-group 101 in 1

(Netgear Switch) (Interface 1/0/48)#ip access-group 103 in 2

(Netgear Switch) (Interface 1/0/48)#exit

ProSafe 7000 Managed Switch Software Administration Manual, Release 8.0.3

Access Control Lists (ACLs)

9-28

v1.0, June 2010

Содержание ProSafe 7000

Страница 1: ...202 10515 03 June 2010 v1 0 NETGEAR Inc 350 East Plumeria Drive San Jose CA 95134 ProSafe 7000 Managed Switch Software Administration Manual Release 8 0 3...

Страница 2: ...e products described in this document without notice NETGEAR does not assume any liability that may occur due to the use or application of the product s or circuit layout s described herein Netgear s...

Страница 3: ...Aggregation Create Two LAGs 2 2 Add the Ports to the LAGs 2 3 Enable Both LAGs 2 5 Chapter 3 Port Routing Port Routing Configuration 3 1 Enable Routing for the Switch 3 2 Enable Routing for Ports on t...

Страница 4: ...8 4 Chapter 9 Access Control Lists ACLs MAC ACLs 9 1 Configuring IP ACLs 9 2 Set up an IP ACL with Two Rules 9 3 Configure a One Way Access Using a TCP Flag in an ACL 9 8 Configure Isolated VLANs on...

Страница 5: ...ng VLAN 12 5 IGMP Querier 12 7 Enable IGMP Querier 12 7 Show IGMP Querier Status 12 10 Chapter 13 Security Management Port Security 13 1 Protected Ports 13 6 802 1x Port Security 13 13 Create a Guest...

Страница 6: ...ck Configuration Files 17 7 Switch Stack Management Connectivity 17 7 Switch Stack Configuration Scenarios 17 8 Stacking Recommendations 17 9 Renumber Stack Members 17 11 Moving a Master to a Differen...

Страница 7: ...802 1s 23 4 Chapter 24 Tunnel Chapter 25 IPv6 Interface Configuration Creating an IPv6 Routing Interface 25 1 Create an IPv6 Network Interface 25 4 Create an IPv6 Routing VLAN 25 6 Chapter 26 PIM PIM...

Страница 8: ...oftware Administration Manual Release 8 0 3 x v1 0 June 2010 Block a Captive Portal Instance 31 5 Local Authorization User Group Configuration 31 6 Remote Authorization RADIUS User Configuration 31 8...

Страница 9: ...for your switch Hardware Installation Guide Software Setup Guide NETGEAR CLI Reference for the Prosafe 7X00 Series Managed Switch Refer to the Command Line Reference for information for the command st...

Страница 10: ...he only physical requirement is that the end station and the port to which it is connected both belong to the same VLAN Each VLAN in a network has an associated VLAN ID which appears in the IEEE 802 1...

Страница 11: ...ing examples show how to create VLANs assign ports to the VLANs and assign a VLAN as the default VLAN to a port Create Two VLANs The example is shown as CLI commands and as a Web interface procedure C...

Страница 12: ...g displays Figure 1 2 b Enter the following information in the VLAN Configuration In the VLAN ID field enter 2 In the VLAN Name field enter VLAN2 Select Static in the VLAN Type field c Click Add 2 Cre...

Страница 13: ...ear Switch Config interface range 1 0 1 1 0 2 Netgear Switch conf if range 1 0 1 1 0 2 vlan participation include 2 Netgear Switch conf if range 1 0 1 1 0 2 vlan acceptframe vlanonly Netgear Switch co...

Страница 14: ...o the following displays Figure 1 5 b Under PVID Configuration scroll down to interface 1 0 1 and select the checkbox for 1 0 1 Then scroll down to the interface 1 0 2 and select the checkbox for 1 0...

Страница 15: ...Netgear Switch Interface 1 0 4 exit Netgear Switch Config exit Web Interface Assigning Ports to VLAN3 To use the Web interface to configure the managed switch proceed as follows 1 Assign ports to VLAN...

Страница 16: ...mit All in the Acceptable Frame Type polyhedron field d Click Apply to save the settings Assign VLAN3 as the Default VLAN for Port 1 0 2 This example shows how to assign VLAN 3 as the default VLAN for...

Страница 17: ...imilar to the following displays Figure 1 8 b Under PVID Configuration scroll down to interface 1 0 2 and select the checkbox for that interface Now 1 0 2 appears in the Interface field at the top c U...

Страница 18: ...be set to zero The assigned VLAN ID is verified against the VLAN table if the VLAN is valid ingress processing on the packet continues otherwise the packet is dropped This implies that the user is all...

Страница 19: ...3 a From the main menu select Switching VLAN Basic VLAN configuration A screen similar to the following displays Figure 1 10 b Enter the following information in the VLAN Configuration In the VLAN ID...

Страница 20: ...select Switching VLAN Advanced Port PVID Configuration A screen similar to the following displays Figure 1 12 b Under PVID Configuration scroll down to interface 1 0 23 and select the checkbox for 1...

Страница 21: ...ased VLAN Create a vlan protocol group vlan_ipx based on IPX protocol Netgear Switch config Netgear Switch Config vlan protocol group vlan_ipx Netgear Switch Config vlan protocol group add protocol 1...

Страница 22: ...Interface 1 0 11 exit Web Interface Creating a Protocol based VLAN To use the Web interface to configure the managed switch proceed as follows 1 Create protocol based VLAN group vlan_ipx a From the m...

Страница 23: ...roup Configuration In the Group Name field enter vlan_Ip In the Protocol field select IP and ARP while holding down the Ctrl key In the VLAN field enter 5 c Click Add 3 Add the port 11 to the group vl...

Страница 24: ...d VLAN In an IP subnet based VLAN all the end workstations in an IP subnet are classified to the same VLAN In this VLAN users can move their workstations without reconfiguring their network addresses...

Страница 25: ...1 Figure 1 18 CLI Creating an IP Subnet Based VLAN Netgear Switch vlan database Netgear Switch Vlan vlan 2000 Netgear Switch Vlan vlan association subnet 10 100 0 0 255 255 0 0 2000 Netgear Switch Vl...

Страница 26: ...to configure the IP subnet based VLAN proceed as follows 1 Create VLAN 2000 a From the main menu select Switching VLAN Basic VLAN configuration A screen similar to the following displays Figure 1 19 b...

Страница 27: ...Unit 1 The Ports display d Click the gray box before the Unit 1 until U displays e Click Apply 3 Associate the IP subnet with VLAN 2000 a From the main menu select Switching VLAN Advanced IP Subnet B...

Страница 28: ...of an IP phone could be safeguarded from deteriorating when the data traffic on the port is high Also the inherent isolation provided by VLANs ensures that inter VLAN traffic is under management cont...

Страница 29: ...e 10 Netgear Switch conf if range 1 0 1 1 0 2 vlan tagging 10 Netgear Switch conf if range 1 0 1 1 0 2 exit Configure Voice VLAN globally Netgear Switch Config voice vlan Configure Voice VLAN Mode in...

Страница 30: ...Switch Config policy classmap exit Assign it to the interfaces 1 0 1 and 1 0 2 Netgear Switch Config interface range 1 0 1 1 0 2 Netgear Switch conf if range 1 0 1 1 0 2 service policy in PolicyVoiceV...

Страница 31: ...d At the end of this configuration a screen similar to the following displays Figure 1 24 2 Include the ports 1 0 1 and 1 0 2 in the VLAN 10 a From the main menu select Switching VLAN Advanced VLAN Me...

Страница 32: ...10 c Select Port 1 and Port 2 as Tagged A screen similar to the following displays Figure 1 26 d Click Apply 3 Configure Voice VLAN globally a From the main menu select Switching VLAN Advanced Voice V...

Страница 33: ...g displays Figure 1 28 4 Configure Voice VLAN Mode in the interface 1 0 2 a From the main menu select Switching VLAN Advanced Voice VLAN Configuration b Select the checkbox for 1 0 2 c Set the Interfa...

Страница 34: ...lowing displays Figure 1 30 b Enter Class Name as ClassVoiceVLAN c Select Class Type as All A screen similar to the following displays Figure 1 31 d Click Add A screen similar to the one in Figure 1 3...

Страница 35: ...class ClassVoiceVLAN A screen similar to the following displays Figure 1 33 c In the DiffServ Class Configuration table select VLAN d Enter VLAN ID as 10 A screen similar to the following displays Fig...

Страница 36: ...figuration A screen similar to the following displays Figure 1 36 b Enter Policy Name as PolicyVoiceVLAN c Select Policy Type as In d Select Member Class as ClassVoiceVLAN A screen similar to the foll...

Страница 37: ...al Release 8 0 3 1 28 Virtual LANs v1 0 June 2010 a From the main menu select QoS Advanced Policy Configuration A screen similar to the following displays Figure 1 38 b Click the Policy PolicyVoiceVLA...

Страница 38: ...Assign Queue as 3 A screen similar to the following displays Figure 1 40 d Click Apply 9 Assign it to the interfaces 1 0 1 and 1 0 2 a From the main menu select QoS Advanced Service Interface Configur...

Страница 39: ...e Administration Manual Release 8 0 3 1 30 Virtual LANs v1 0 June 2010 c Select Policy Name as PolicyVoiceVLAN A screen similar to the following displays Figure 1 42 d Click Apply A screen similar to...

Страница 40: ...a higher bandwidth connection to a public network Management functions treat a LAG as if it were a single physical port You can include a LAG in a VLAN You can configure more than one LAG for a given...

Страница 41: ...LAGs Netgear Switch config Netgear Switch Config port channel lag_10 Netgear Switch Config port channel lag_20 Netgear Switch Config exit Use the show port channel all command to show the logical inte...

Страница 42: ...om the main menu select Switching LAG LAG Configuration A screen similar to the following displays Figure 2 2 b In the Lag Name field enter lag_10 c Click the Add 2 Create LAG lag_20 a From the main m...

Страница 43: ...ce 0 8 Netgear Switch Interface 0 8 addport 1 2 Netgear Switch Interface 0 8 exit Netgear Switch Config interface 0 9 Netgear Switch Interface 0 9 addport 1 2 Netgear Switch Interface 0 9 exit Netgear...

Страница 44: ...Configuration enter the following information Select Lag 2 in the LAG ID field c Click the Unit 1 The Ports display d Click on the gray box under port 8 and 9 Two flags appear in the box e Click Apply...

Страница 45: ...o use the Web interface to configure the switch proceed as follows a From the main menu select Switching LAG LAG Configuration A screen similar to the following displays Figure 2 6 b Select the checkb...

Страница 46: ...packet to the MAC address of a router When the Layer 3 router receives the packet it will minimally Look up the Layer 3 address in its address table to determine the outbound port Update the Layer 3...

Страница 47: ...outing protocols You may then activate RIP or OSPF used by routers to exchange route information on top of IP Routing RIP is more often used in smaller networks while OSPF was designed for larger and...

Страница 48: ...e to configure the managed switch proceed as follows 1 From the main menu select Routing Basic IP Configuration A screen similar to the following displays Figure 3 2 2 Next to the Routing Mode select...

Страница 49: ...itch Config interface 1 0 5 Netgear Switch Interface 1 0 5 routing Netgear Switch Interface 1 0 5 ip address 192 150 5 1 255 255 255 0 Netgear Switch Interface 1 0 5 exit Netgear Switch Config exit We...

Страница 50: ...ct Routing Advanced IP Interface Configuration A screen similar to the following displays Figure 3 4 b Under IP Interface Configuration scroll down to interface 1 0 3 and select the checkbox for that...

Страница 51: ...192 150 5 1 In the Subnet Mask enter 255 255 255 0 Select Enable in the Routing Mode field d Click Apply to save the settings Adding a Default Route When IP routing takes place on a switch a route ta...

Страница 52: ...n the next chapter See Web Interface Add a Default Route 1 Go to Routing Routing Table Route Configuration The Route Configuration page displays Figure 3 6 1 From the Route Type drop down menu select...

Страница 53: ...routing table CLI Command Procedure The following commands assume the switch has already defined a routing interface with network address of 10 10 10 0 and configured that all packets destined for ne...

Страница 54: ...0 100 100 1 The last number should always be zero 4 Enter Subnet Mask that matches the subnet range desired 5 The Preference field is optional A value of one will be chosen if nothing is entered 6 Cli...

Страница 55: ...N plus the internal bridge router interface if it was received on a routed VLAN Since a port can be configured to belong to more than one VLAN VLAN routing might be enabled for all of the VLANs on the...

Страница 56: ...tch Layer 2 Switch VLAN 10 VLAN 20 Port 1 0 1 Figure 4 1 CLI Creating Two VLANs The following code sequence shows an example of creating two VLANs with egress frame tagging enabled Netgear Switch vlan...

Страница 57: ...te VLAN 10 VLAN20 a From the main menu select Switching VLAN Advanced VLAN configuration A screen similar to the following displays Figure 4 2 b In the VLAN ID field enter 10 c In the VLAN Name field...

Страница 58: ...he main menu select Switching VLAN Advanced VLAN Membership A screen similar to the following displays Figure 4 4 b Select 10 in the VLAN ID field c Click the Unit 1 The Ports display d Click the gray...

Страница 59: ...rt j Click Apply 3 Assign PVID to the VLAN10 and VLAN20 a From the main menu select Switching VLAN Advanced Port PVID Configuraton A screen similar to the following displays Figure 4 6 b Under PVID Co...

Страница 60: ...4093 field enter 20 i Click Apply to save the settings Set Up VLAN Routing for the VLANs and the Switch The example is shown as CLI commands and as a Web interface procedure CLI Setting Up VLAN Routi...

Страница 61: ...gear Switch Config interface vlan 20 Netgear Switch Interface vlan 20 ip address 192 150 4 1 255 255 255 0 Netgear Switch Interface vlan 20 exit Netgear Switch Config exit Web Interface Setting Up VLA...

Страница 62: ...ting VLAN VLAN Routing VLAN Routing Configuration A screen similar to the following displays Figure 4 9 5 Under the VLAN Routing Configuration enter the following information Select 10 in the VLAN ID...

Страница 63: ...m the routing table it will be flagged as unusable by the receiving routers after 180 seconds and removed from their tables after an additional 120 seconds There are two versions of RIP RIPv1 defined...

Страница 64: ...192 130 3 1 Port 1 0 5 192 64 4 1 Port 1 0 2 192 150 2 2 Layer 3 Switch acting as a router Figure 5 1 Enable Routing for the Switch The example is shown as CLI commands and as a Web interface procedu...

Страница 65: ...nable routing and assigns IP addresses for ports 1 0 2 and 1 0 3 Netgear Switch config Netgear Switch Config interface 1 0 2 Netgear Switch Interface 1 0 2 routing Netgear Switch Interface 1 0 2 ip ad...

Страница 66: ...Under IP Interface Configuration scroll down to interface 1 0 2 and select the checkbox for that interface Now 1 0 2 appears in the Interface field at the top c Under the IP Interface Configuration en...

Страница 67: ...face Configuration scroll down to interface 1 0 3 and select the checkbox for that interface Now 1 0 3 appears in the Interface field at the top c Under the IP Interface Configuration enter the follow...

Страница 68: ...e the Web interface to configure the managed switch proceed as follows 1 From the main menu select Routing RIP Basic RIP Configuration A screen similar to the following displays Figure 5 5 2 Next to t...

Страница 69: ...rface 1 0 3 Netgear Switch Interface 1 0 3 ip rip Netgear Switch Interface 1 0 3 ip rip receive version both Netgear Switch Interface 1 0 3 ip rip send version rip2 Netgear Switch Interface 1 0 3 exit...

Страница 70: ...nformation Protocol RIP is one of the protocols which may be used by routers to exchange network topology information It is characterized as an interior gateway protocol and is typically used in small...

Страница 71: ...to Receive packets in either or both formats Transmit packets formatted for RIPv1 or RIPv2 or send RIPv2 packets to the RIPv1 broadcast address Prevent any RIP packets from being received Prevent any...

Страница 72: ...tgear Switch Interface 1 0 2 exit Netgear Switch Config interface 1 0 3 Netgear Switch Interface 1 0 3 vlan participation include 20 Netgear Switch Interface 1 0 3 vlan pvid 20 Netgear Switch Interfac...

Страница 73: ...e VLAN Routing RIP Configuration To use the Web interface to configure RIP on the switch proceed as follows 1 Configure a VLAN and include ports 1 0 2 in the VLAN a From the main menu select Routing V...

Страница 74: ...he Network Mask field enter 255 255 255 0 c Click Unit 1 The ports display Click the gray box under port 3 once until T displays The T specifies that the egress packet is tagged for the port d Click A...

Страница 75: ...0 a From the main menu select Routing RIP Advanced RIP Configuration A screen similar to the following displays Figure 5 12 b Under the Interface Configuration enter the following information Select 0...

Страница 76: ...ierarchical management allowing the network to be subdivided The top level of the hierarchy of an OSPF network is known as an autonomous system AS or routing domain and is a collection of networks wit...

Страница 77: ...network segment with an inter area router connecting areas 0 0 0 2 and 0 0 0 3 The example script shows the commands used to configure a 7000 Series Managed Switch as the inter area router in the diag...

Страница 78: ...ter enable Netgear Switch Config router router id 192 150 9 9 Netgear Switch Config router no 1583compatibility Netgear Switch Config router exit Netgear Switch Config exit Step 4 Enable OSPF and set...

Страница 79: ...sign IP address 192 150 2 1 to the port 1 0 2 a From the main menu select Routing IP Advanced IP Interface Configuration A screen similar to the following displays Figure 6 3 b Under IP Interface Conf...

Страница 80: ...he following displays Figure 6 4 b Under IP Interface Configuration scroll down to interface 1 0 3 and select the checkbox for that interface Now 1 0 3 appears in the Interface field at the top c Ente...

Страница 81: ...d OSPF Configuration A screen similar to the following displays Figure 6 5 b Under the OSPF Configuration enter the following information In the Router ID enter 192 150 9 9 Select Enable in the OSPF A...

Страница 82: ...oll down to interface 1 0 2 and select the checkbox for that interface Now 1 0 2 appears in the Interface field at the top In the OSPF Area ID field enter 0 0 0 2 Select the Enable in the OSPF Admin M...

Страница 83: ...the OSPF Area ID field enter 0 0 0 3 Select the Enable in the OSPF Admin Mode field In the Priority field enter 255 In the Metric Cost field enter 64 c Click Apply to save the settings Configure OSPF...

Страница 84: ...for the switch Set disable 1583compatibility to prevent a routing loop Netgear Switch Config router ospf Netgear Switch Config router enable Netgear Switch Config router router id 192 130 1 1 Netgear...

Страница 85: ...8 0 3 6 10 OSPF v1 0 June 2010 Web Interface Configuring OSPF on a Border Router To use the Web interface to configure OSPF on the switch proceed as follows 1 Enable IP routing on the switch a From th...

Страница 86: ...ace Configuration In the IP Address field enter 192 150 2 2 In the Network Mask field enter 255 255 255 0 Select Enable in the Admin Mode field d Click Apply to save the settings 3 Assign IP address 1...

Страница 87: ...rface Configuration A screen similar to the following displays Figure 6 11 b Under IP Interface Configuration scroll down to interface 1 0 4 and select the checkbox for that interface Now 1 0 4 appear...

Страница 88: ...llowing information In the Router ID enter 192 130 1 1 Select the Enable in the OSPF Admin Mode field Select the Disable in the RFC 1583 Compatibility field c Click Apply to save the settings 6 Enable...

Страница 89: ...le OSPF on the port 1 0 3 a From the main menu select Routing OSPF Advanced Interface Configuration A screen similar to the following displays Figure 6 14 b Under Interface Configuration scroll down t...

Страница 90: ...appears in the Interface field at the top In the OSPF Area ID field enter 0 0 0 2 Select the Enable in the OSPF Admin Mode field In the Priority field enter 255 In the Metric Cost field enter 64 c Cli...

Страница 91: ...0 1 Netgear Switch Config router no area 0 0 0 1 stub summarylsa Netgear Switch Config router exit Enable OSPF area 0 on the 2 0 11 Netgear Switch Config interface 2 0 11 Netgear Switch Interface 2 0...

Страница 92: ...168 20 0 255 255 255 0 Local 2 0 19 192 168 20 1 ProSafe 7000 Managed Switch Software Administration Manual Release 8 0 3 OSPF 6 17 v1 0 June 2010 Web Interface Configuring Area 1 as a Stub Area on A...

Страница 93: ...field enter 192 168 10 1 In the Network Mask field enter 255 255 255 0 Select Enable in the Admin Mode field d Click Apply to save the settings 3 Assign IP address 192 168 20 1 to the port 2 0 19 a F...

Страница 94: ...pecify the Router ID and Enable OSPF for the switch a From the main menu select Routing OSPF Basic OSPF Configuration A screen similar to the following displays Figure 6 20 b Under the OSPF Configurat...

Страница 95: ...ort 2 0 19 a From the main menu select Routing OSPF Advanced Interface Configuration A screen similar to the following displays Figure 6 22 b Under Interface Configuration scroll down to interface 2 0...

Страница 96: ...ure the area 0 0 0 1 as a stub area Netgear Switch Config router area 0 0 0 1 stub Enable OSPF area 0 0 0 1 on the 1 0 15 Netgear Switch Config router exit Netgear Switch Config router exit Netgear Sw...

Страница 97: ...he Routing Mode select the Enable radio button c Click Apply to save the settings 2 Assign IP address 192 168 10 1 to the port 1 0 15 a From the main menu select Routing IP Advanced IP Interface Confi...

Страница 98: ...6 26 b Under the OSPF Configuration enter the following information In the Router ID enter 2 2 2 2 c Click Apply to save the settings 4 Enable OSPF on the port 1 0 15 a From the main menu select Routi...

Страница 99: ...dvanced Stub Area Configuration A screen similar to the following displays Figure 6 28 b Enter the following information in the Sub Area Configuration In the Area ID field enter 0 0 0 1 c Click Add to...

Страница 100: ...ing summary LSA to the area 0 0 0 1 Netgear Switch Config router area 0 0 0 1 nssa no summary Enable area 0 0 0 1 on the 2 0 19 Netgear Switch Config router exit Netgear Switch Config interface 2 0 11...

Страница 101: ...192 168 20 2 192 168 42 0 255 255 255 0 OSPF NSSA T2 2 0 19 192 168 20 2 ProSafe 7000 Managed Switch Software Administration Manual Release 8 0 3 6 26 OSPF v1 0 June 2010 Web Interface Configuring Ar...

Страница 102: ...field enter 192 168 10 1 In the Network Mask field enter 255 255 255 0 Select Enable in the Admin Mode field d Click Apply to save the settings 3 Assign IP address 192 168 20 1 to the port 2 0 19 a F...

Страница 103: ...fy the Router ID and Enable OSPF for the switch a From the main menu select Routing OSPF Basic OSPF Configuration A screen similar to the following displays Figure 6 33 b Under the OSPF Configuration...

Страница 104: ...port 2 0 19 a From the main menu select Routing OSPF Advanced Interface Configuration A screen similar to the following displays Figure 6 35 b Under Interface Configuration scroll down to interface 2...

Страница 105: ...1 as a nssa area Netgear Switch Config router area 0 0 0 1 nssa Redistribute the rip routes into the OSPF Netgear Switch Config router redistribute rip Netgear Switch Config router redistribute rip su...

Страница 106: ...255 0 RIP 1 0 11 192 168 30 2 ProSafe 7000 Managed Switch Software Administration Manual Release 8 0 3 OSPF 6 31 v1 0 June 2010 Web Interface Configuring Area 1 as a nssa Area on A2 To use the Web int...

Страница 107: ...e Configuration In the IP Address field enter 192 168 30 1 In the Network Mask field enter 255 255 255 0 Select Enable in the Routing Mode field d Click Apply to save the settings 3 Assign IP address...

Страница 108: ...main menu select Routing OSPF Basic OSPF Configuration A screen similar to the following displays Figure 6 40 b Under the OSPF Configuration enter the following information In the Router ID enter 2 2...

Страница 109: ...to interface 1 0 15 and select the checkbox for that interface Now 1 0 15 appears in the Interface field at the top In the OSPF Area ID field enter 0 0 0 1 Select the Enable in the OSPF Admin Mode fie...

Страница 110: ...icast not a broadcast address Hierarchical management allowing the network to be subdivided The top level of the hierarchy of an OSPF network is known as an autonomous system AS or routing domain and...

Страница 111: ...tagging all 20 Netgear Switch Config interface 1 0 2 Netgear Switch Interface 1 0 2 vlan participation include 10 Netgear Switch Interface 1 0 2 vlan pvid 10 Netgear Switch Interface 1 0 2 exit Netge...

Страница 112: ...cost for the VLAN and physical router ports Netgear Switch Config interface vlan 10 Netgear Switch Interface vlan 10 ip ospf priority 128 Netgear Switch Interface vlan 10 ip ospf cost 32 Netgear Switc...

Страница 113: ...figure a VLAN and include ports 1 0 3 in the VLAN a From the main menu select Routing VLAN VLAN Routing Wizard A screen similar to the following displays Figure 6 46 b Enter the following information...

Страница 114: ...anced Interface Configuration A screen similar to the following displays Figure 6 48 b Under the Interface Configuration click the VLANS to show all the VLAN interfaces c Under IP Interface Configurat...

Страница 115: ...ld enter 0 0 0 3 Select the Enable in the OSPF Admin Mode field In the Priority field enter 255 In the Metric Cost field enter 64 d Click Apply to save the settings OSPFv3 Open Shortest Path First OSP...

Страница 116: ...iguring OSPFv3 On A1 enable IPv6 unitcast routing on the switch Netgear Switch Config ipv6 unicast routing Enable OSPFv3 and assign 1 1 1 1 to router ID Netgear Switch Config ipv6 router ospf Netgear...

Страница 117: ...ig rtr enable Netgear Switch Config rtr router id 2 2 2 2 Netgear Switch Config rtr exit Enable routing mode on the interface 1 0 13 and assign 2000 2 to IPv6 address Netgear Switch Config interface 1...

Страница 118: ...elect the Enable radio button c Click Apply to save the settings 2 Specify the Router ID and Enable OSPFv3 for the switch a From the main menu select Routing OSPFv3 Basic OSPFv3 Configuration A screen...

Страница 119: ...he checkbox for that interface Now 1 0 1 appears in the Interface field at the top c Enter the following information in the IP Interface Configuration Select Enable in the IPv6 Mode field Select Enabl...

Страница 120: ...settings 5 Enable OSPFv3 on the port 1 0 1 a From the main menu select Routing OSPFv3 Advanced Interface Configuration A screen similar to the following displays Figure 6 55 b Under IP Interface Confi...

Страница 121: ...e 6 56 ProSafe 7000 Managed Switch Software Administration Manual Release 8 0 3 6 46 OSPF v1 0 June 2010 To use the Web interface to configure OSPF on the switch A2 refer to the configuration of switc...

Страница 122: ...l only respond to an ARP request if the target IP address is an address configured on the interface where the ARP request arrived Proxy ARP Examples The following are examples of the commands used in...

Страница 123: ...ring Proxy ARP on a Port To use the Web interface to configure proxy ARP on a port proceed as follows 1 Configure proxy ARP a From the main menu select Routing IP Advanced IP Interface Configuration A...

Страница 124: ...ssociated with static default routes by enabling a backup router to take over from a master router without affecting the end stations using the route The end stations will use a virtual IP address tha...

Страница 125: ...r the port that will participate in the protocol Netgear Switch Config interface 1 0 2 Netgear Switch Interface 1 0 2 routing Netgear Switch Interface 1 0 2 ip address 192 150 2 1 255 255 0 0 Netgear...

Страница 126: ...To use the Web interface to configure VRRP on a master router on the switch proceed as follows 1 Enable IP routing on the switch a From the main menu select Routing IP IP Configuration A screen simila...

Страница 127: ...ct Enable in the Routing Mode field d Click Apply to save the settings 3 Enable VRRP on the 1 0 2 a From the main menu select Routing VRRP Advanced VRRP Configuration A screen similar to the following...

Страница 128: ...ess 192 150 4 1 255 255 0 0 Netgear Switch Interface 1 0 4 exit Enable VRRP for the switch Netgear Switch Config ip vrrp Assign virtual router IDs to the port that will particpate in the protocol Netg...

Страница 129: ...to the following displays Figure 8 5 b Next to the Routing Mode select the Enable radio button c Click Apply to save the settings 2 Assign IP address 192 150 4 1 to the port 1 0 4 a From the main menu...

Страница 130: ...he main menu select Routing VRRP Basic VRRP Configuration A screen similar to the following displays Figure 8 7 b Under Global Configuration next to the Admin Mode select Enable radio button c Enter t...

Страница 131: ...or to specific resources on your network You can set up ACLs to control traffic at Layer 2 or Layer3 MAC ACLs are used for Layer 2 IP ACLs are used for Layers 3 Each ACL contains a set of rules that...

Страница 132: ...up to ten rules applied to inbound traffic Each rule specifies whether the contents of a given field should be used to permit or deny access to the network and may apply to one or more of the followi...

Страница 133: ...4 192 168 77 9 192 168 77 2 Layer 2 Switch Layer 3 Switch Port 1 0 2 ACL 1 TCP packet to 192 178 88 3 rejected Dest IP not in range TCP packet to 192 178 77 3 accepted Dest IP in range Figure 9 1 CLI...

Страница 134: ...tch Config interface 1 0 2 Netgear Switch Interface 1 0 2 ip access group 101 in Netgear Switch Interface 1 0 2 exit Netgear Switch Config exit Web Interface Setting up an IP ACL with Two Rules To use...

Страница 135: ...ACL ID select 101 c Click Add to create a new rule 3 Create a new ACL rule and add it to the ACL 101 a After you click the Add button on the step 2 A screen similar to the following displays Figure 9...

Страница 136: ...you click the Add button on the step 3 A screen similar to the following displays Figure 9 5 b Enter the following information in the Extended ACL Rule Configuration In the Rule ID 1 to 23 field ente...

Страница 137: ...ne 2010 to the following displays Figure 9 6 b Enter the following information in the IP Binding Configuration Select 101 in the ACL ID field In the Sequence Number field enter 1 c Click the Unit 1 Th...

Страница 138: ...t 1 0 48 Port 1 0 24 192 168 40 2 Port 0 13 192 168 100 2 Figure 9 7 CLI Configuring a One Way Access Using a TCP Flag in an ACL To use the CLI to configure the switch enter the following CLI commands...

Страница 139: ...e vlan 100 ip address 192 168 100 1 255 255 255 0 Netgear Switch Interface vlan 100 exit Netgear Switch Config exit Create VLAN 200 with port 0 44 and assign IP address 192 168 200 1 24 Netgear Switch...

Страница 140: ...face 0 44 ip access group 102 in 2 Netgear Switch Interface 0 44 exit Step 2 Configure the GSM7352S see Figure 9 7 To use the CLI to Configure the GSM7352S enter the following CLI commands Create VLAN...

Страница 141: ...Switch Config interface 1 0 48 Netgear Switch Interface 1 0 48 vlan pvid 200 Netgear Switch Interface 1 0 48 vlan participation include 200 Netgear Switch Interface 1 0 48 exit Netgear Switch interfa...

Страница 142: ...AN Routing Wizard In the Vlan ID field enter 30 In the IP Address field enter 192 168 30 1 In the Network Mask field enter 255 255 255 0 c Click Unit 1 The ports display d Click the gray box under por...

Страница 143: ...he IP Address field enter 192 168 100 1 In the Network Mask field enter 255 255 255 0 c Click Unit 1 The ports display d Click the gray box under port 13 twice until U displays The U specifies that th...

Страница 144: ...200 In the IP Address field enter 192 168 200 1 In the Network Mask field enter 255 255 255 0 c Click Unit 1 The ports display d Click the gray box under port 44 twice until U displays The U specifie...

Страница 145: ...main menu select Routing Routing Table Basic Route Configuration A screen similar to the following displays Figure 9 12 b Under Configure Routes make the following selection and enter the following i...

Страница 146: ...ormation Select Static in the Route Type field In the Network Address field enter 192 168 50 0 In the Subnet Mask field enter 255 255 255 0 In the Next Hop IP Address field enter 192 168 200 2 c Click...

Страница 147: ...dvanced IP ACL A screen similar to the following displays Figure 9 15 b In the IP ACL ID field of the IP ACL Table enter 102 c Click Add 9 Add and configure an IP extended rule that is associated with...

Страница 148: ...ake the following selections In the Rule ID field enter 1 Next to Action mode select the Deny radio button Select False in the Match Every field Select TCP in the Protocol Type field Next to TCP Flag...

Страница 149: ...eld c Click Add The Extended ACL Rule Configuration screen displays Figure 9 19 d Under Extended ACL Rule Configuration 100 199 enter the following information and make the following selections In the...

Страница 150: ...plays Figure 9 20 b Under Binding Configuration make the following selection and enter the following information Select 101 in the ACL ID field In the Sequence Number field enter 1 c Click Unit 1 The...

Страница 151: ...Select 102 in the ACL ID field In the Sequence Number field enter 2 c Click Unit 1 The ports display d Click on the gray box under port 44 A flag appears in the box e Click Apply to save the settings...

Страница 152: ...the following information in the VLAN Routing Wizard In the Vlan ID field enter 40 In the IP Address field enter 192 168 40 1 In the Network Mask field enter 255 255 255 0 c Click Unit 1 The ports di...

Страница 153: ...he following displays Figure 9 23 b Enter the following information in the VLAN Routing Wizard In the Vlan ID field enter 50 In the IP Address field enter 192 168 50 1 In the Network Mask field enter...

Страница 154: ...Wizard In the Vlan ID field enter 200 In the IP Address field enter 192 168 200 2 In the Network Mask field enter 255 255 255 0 c Click Unit 1 The ports display d Click the gray box under port 48 twic...

Страница 155: ...lowing information Select Static in the Route Type field In the Network Address field enter 192 168 100 0 In the Subnet Mask field enter 255 255 255 0 In the Next Hop IP Address field enter 192 168 20...

Страница 156: ...op IP Address field enter 192 168 200 1 c Click Add Configure Isolated VLANs on a Layer 3 Switch by Using ACLs Server 10 100 5 252 Port 11 0 38 10 100 5 34 Layer 3 Switch Port 1 0 24 192 148 24 1 Port...

Страница 157: ...Config interface vlan 24 Netgear Switch Interface vlan 24 routing Netgear Switch Interface vlan 24 ip address 192 168 24 1 255 255 255 0 Netgear Switch Interface vlan 24 exit Netgear Switch Config exi...

Страница 158: ...ffic that has destination IP 192 168 24 0 24 Netgear Switch Config access list 101 deny ip any 192 168 24 0 0 0 0 255 Create ACL 102 to deny all traffic that has destination IP 192 168 48 0 24 Netgear...

Страница 159: ...1 a From the main menu select Routing VLAN VLAN Routing Wizard A screen similar to the following displays Figure 9 28 b Enter the following information in the VLAN Routing Wizard In the Vlan ID field...

Страница 160: ...e VLAN Routing Wizard In the Vlan ID field enter 48 In the IP Address field enter 192 168 48 1 In the Network Mask field enter 255 255 255 0 c Click Unit 1 The ports display d Click the gray box under...

Страница 161: ...er 38 In the IP Address field enter 10 100 5 34 In the Network Mask field enter 255 255 255 0 c Click Unit 1 The ports display d Click the gray box under port 38 twice until U displays The U specifies...

Страница 162: ...IP Forwarding Mode select the Enable radio button c Click Apply to enable IP Routing 5 Create an ACL with ID 101 a From the main menu select Security ACL Advanced IP ACL A screen similar to the follo...

Страница 163: ...he main menu select Security ACL Advanced IP ACL A screen similar to the following displays Figure 9 34 b In the IP ACL ID field of the IP ACL Table enter 103 c Click Add 8 Add and configure an IP ext...

Страница 164: ...n and make the following selections In the Rule ID field enter 1 Next to Action mode select the Deny radio button Select False in the Match Every field In the Destination IP Address field enter 192 16...

Страница 165: ...Rule Configuration screen displays Figure 9 38 d Under Extended ACL Rule Configuration 100 199 enter the following information and make the following selections In the Rule ID field enter 1 Next to A...

Страница 166: ...to the following displays Figure 9 39 b Under IP Extended Rules select 103 in the ACL ID field c Click Add The Extended ACL Rule Configuration screen displays Figure 9 40 d Under Extended ACL Rule Co...

Страница 167: ...plays Figure 9 41 b Under Binding Configuration make the following selection and enter the following information Select 102 in the ACL ID field In the Sequence Number field enter 1 c Click Unit 1 The...

Страница 168: ...d enter the following information Select 101 in the ACL ID field In the Sequence Number field enter 1 c Click Unit 1 The ports display d Click on the gray box under port 48 A flag appears in the box e...

Страница 169: ...r 2 c Click Unit 1 The ports display Configure the following ports Click on the gray box under port 24 A flag appears in the box Click on the gray box under port 48 A flag appears in the box d Click A...

Страница 170: ...mac access list exit Apply the MAC ACL acl_bpdu to the port 1 0 2 Netgear Switch Config interface 1 0 2 Netgear Switch Interface 1 0 2 mac access group acl_bpdu in Web Interface Setting up a MAC ACL...

Страница 171: ...ect acl_bpdu in the ACL Name field b Select Deny in the Action field c Enter the following information in the Rule Table In the ID field enter 1 In the Destination MAC enter 01 80 c2 00 00 00 In the D...

Страница 172: ...ield c Click theAdd button 4 Apply the ACL acl_bpdu to the port 2 a From the main menu select Security ACL MAC ACL MAC Binding Configuration A screen similar to the following displays Figure 9 47 b En...

Страница 173: ...with ACL functionality Define ACL Rule matching the desired traffic with the option mirror to an interface Whatever the traffic matching this rule will be copied to the specified mirrored interface G...

Страница 174: ...Netgear Switch Config ipv4 acl permit every Bind the ACL with the interface 1 0 1 Netgear Switch Interface 1 0 1 ip access group monitorHost in 1 View the configuration Netgear Switch show ip access l...

Страница 175: ...on the switch proceed as follows 1 Create an IP access control list with the name monitorHost on the switch a From the main menu select Security ACL Advanced IP ACL A screen similar to the following...

Страница 176: ...ng displays Figure 9 51 b Click Add to take the Extended ACL Rule Configuration screen similar to the following displays Figure 9 52 c Enter Rule ID as 1 d Selection Action as Permit e Select Mirror I...

Страница 177: ...ACL Advanced IP Extended Rules A screen similar to the following displays Figure 9 53 b Click Add and a screen similar to the following displays Figure 9 54 c Enter the Rule ID as 2 d Select the Permi...

Страница 178: ...the main menu select Security ACL Advanced IP Binding Configuration A screen similar to the following displays Figure 9 56 b Enter Sequence Number as 1 c Click Unit 1 in the Port Selection Table to di...

Страница 179: ...section shows how to redirect HTTP traffic stream received in an interface to the desired interface This examples redirects the HTTP traffic stream received in the port 1 0 1 to the port 1 0 19 CLI Re...

Страница 180: ...Current number of ACLs 1 Maximum number of ACLs 100 ACL ID Name Rules Direction Interface s VLAN s redirectHTTP 2 inbound 1 0 1 Netgear Switch show ip access lists redirectHTTP ACL Name redirectHTTP...

Страница 181: ...om the main menu select Security ACL Advanced IP ACL A screen similar to the following displays Figure 9 59 b In the IP ACL filed enter redirectHTTP c Click Add to create the IP ACL redirectHTTP At th...

Страница 182: ...the following displays Figure 9 61 b Click Add to take the Extended ACL Rule Configuration screen similar to the following displays Figure 9 62 c Enter Rule ID as 1 d Selection Action as Permit e Sel...

Страница 183: ...ne 2010 a From the main menu select Security ACL Advanced IP Extended Rules A screen similar to the following displays Figure 9 63 b Click Add to take the Extended ACL Rule Configuration screen simila...

Страница 184: ...screen similar to the following displays Figure 9 65 4 Bind the ACL with the interface 1 0 1 a From the main menu select Security ACL Advanced IP Binding Configuration A screen similar to the followin...

Страница 185: ...the network and may apply to one or more of the following fields within a packet Source IPv6 Prefix Destination IPv6 Prefix Protocol number Source Layer 4 port Destination Layer 4 port DSCP Value Flo...

Страница 186: ...e destination network 2001 DB8 C0AB AC14 64 from the source network 2001 DB8 C0AB AC11 64 Permit IPv6 TELNET traffic to the destination network 2001 DB8 C0AB AC13 64 from the source network 2001 DB8 C...

Страница 187: ...6 acl in Netgear Switch Interface 1 0 1 exit Netgear Switch Config exit View the configuration Netgear Switch show ipv6 access lists Current number of all ACLs 1 Maximum number of all ACLs 100 IPv6 AC...

Страница 188: ...Create the Access Control List with the name ipv6 acl a From the main menu select Security ACL Advanced IPv6 ACL b In the IPv6 ACL table enter ipv6 acl in the IPv6 ACL field A screen similar to the fo...

Страница 189: ...ules A screen similar to the following displays Figure 9 71 b Select the ACL Name as ipv6 acl c Click Add d Enter Rule ID as 1 e Select Action as Permit f Enter Source Prefix as 2001 DB8 C0AB AC11 g E...

Страница 190: ...e Prefix as 2001 DB8 C0AB AC11 e Enter Source Prefix Length as 64 f Enter Destination Prefix as 2001 DB8 C0AB AC13 g Enter Destination Prefix Length as 64 h Select Destination L4 Port as telnet A scre...

Страница 191: ...lowing displays Figure 9 74 g Click Apply 5 Apply the rules to inbound traffic on port 1 0 1 Only traffic matching the criteria will be accepted a From the main menu select Security ACL Advanced IP Bi...

Страница 192: ...ontrol Lists ACLs 9 62 v1 0 June 2010 f Click Apply At the end of this configuration a screen similar to the following displays Figure 9 76 6 View the binding table From the main menu select Security...

Страница 193: ...ProSafe 7000 Managed Switch Software Administration Manual Release 8 0 3 9 63 Access Control Lists ACLs v1 0 June 2010...

Страница 194: ...o specified packets If a delay becomes necessary the system holds packets until the scheduler authorizes transmission As queues become full packets are dropped Packet drop precedence indicates the pac...

Страница 195: ...lue is used All ingress packets from Untrusted ports where the packet is classified by an ACL or a DiffServ policy are directed to specific CoS queues on the appropriate egress port That specific CoS...

Страница 196: ...classofservice trust To use the CLI to show CoS trust mode use these commands Netgear Switch show classofservice trust cr Press Enter to execute the command Netgear Switch show classofservice trust C...

Страница 197: ...ofservice trust dot1p cr Press Enter to execute the command Netgear Switch Config classofservice trust dot1p ProSafe 7000 Managed Switch Software Administration Manual Release 8 0 3 10 4 Class of Serv...

Страница 198: ...ssofservice ip precedence mapping IP Precedence Traffic Class 0 1 1 0 2 0 3 1 4 2 5 2 6 3 7 3 Web Interface Showing classofservice ip precedence Mapping To use the Web interface to show CoS trust mode...

Страница 199: ...mum bandwidth percentage for Queue 0 Netgear Switch Config cos queue min bandwidth 15 Incorrect input Use cos queue min bandwidth bw 0 bw 7 Netgear Switch Config cos queue min bandwidth 15 25 10 5 5 2...

Страница 200: ...in the Queue ID field c Under Interface Queue Configuration scroll down to interface 1 0 2 and select the checkbox for 1 0 1 1 0 2 now appears in the Interface field at the top d Enter the following i...

Страница 201: ...d at the top d Enter the following information in the Interface Queue Configuration In the Minimum Bandwidth enter 25 Select the Strict in the Scheduler Type field e Click the Apply to save the settin...

Страница 202: ...vanced CoS Configuration A screen similar to the following displays Figure 10 6 2 Under CoS Configuration Select the Interface radio button 3 Select 1 0 3 in the interface field 4 Select trust dot1p i...

Страница 203: ...ate control mechanism that regulates the output of the entire interface regardless of which queues originate the outbound traffic CLI Configuring traffic shape Netgear Switch Config traffic shape bw E...

Страница 204: ...ervice CoS Queuing 10 11 v1 0 June 2010 b Under CoS Interface Configuration scroll down to interface 1 0 3 and select the 1 0 3 checkbox Now 1 0 3 appears in the Interface field at the top c In the In...

Страница 205: ...ng away from the core An edge device segregates inbound traffic into a small set of traffic classes and is responsible for determining a packet s classification Classification is primarily based on th...

Страница 206: ...ts by dropping or re marking those that exceed the class s assigned data rate Counting the traffic within the class Service Assigns a policy to an interface for inbound traffic Differentiated Services...

Страница 207: ...ig class map match srcip 172 16 40 0 255 255 255 0 Netgear Switch Config class map exit Create a DiffServ policy for inbound traffic named internet_access adding the previously created department clas...

Страница 208: ...nterface 1 0 4 service policy in internet_access Netgear Switch Interface 1 0 4 exit Set the CoS queue configuration for the presumed egress interface 1 0 5 such that each of queues 1 2 3 and 4 get a...

Страница 209: ...b Next to the Diffserv Admin Mode select the Enable radio button c Click Apply to save the settings 2 Create class finance_dept a From the main menu select QoS DiffServ Advanced Class Configuration A...

Страница 210: ...class Figure 11 4 e Under the Diffserv Class Configuration page enter the following information In the Source IP Address field enter 172 16 10 0 In the Source Mask field enter 255 255 255 0 f Click A...

Страница 211: ...s Name field enter marketing_dept Select All in the Class Type field c Click Add to create a new class marketing_dept d Click the marketing_dept to configure this class Figure 11 6 e On the Diffserv C...

Страница 212: ...lect QoS DiffServ Advanced Class Configuration A screen similar to the following displays Figure 11 7 b Enter the following information in the Class Configuration In the Class Name field enter test_de...

Страница 213: ...Mask field enter 255 255 255 0 f Click Apply 5 Create class development_dept a From the main menu select QoS DiffServ Advanced Class Configuration A screen similar to the following displays Figure 11...

Страница 214: ...figuration page enter the following information In the Source IP Address field enter 172 16 40 0 In the Source Mask field enter 255 255 255 0 f Click Apply 6 Create a policy named internet_access and...

Страница 215: ...From the main menu select QoS DiffServ Advanced Policy Configuration A screen similar to the following displays Figure 11 12 b Under Policy Configuration scroll down to internet_access and select the...

Страница 216: ...ass test_dept to the policy internet_access 9 Add the class development_dept into the policy internet_access a From the main menu select QoS DiffServ Advanced Policy Configuration A screen similar to...

Страница 217: ...n menu select QoS DiffServ Advanced Policy Configuration A screen similar to the following displays Figure 11 15 b Click the internet_access whose member class is finance_dept another screen similar t...

Страница 218: ...in menu select QoS DiffServ Advanced Policy Configuration A screen similar to the following displays Figure 11 17 b Click the internet_access whose member class is marketing_dept another screen simila...

Страница 219: ...n menu select QoS DiffServ Advanced Policy Configuration A screen similar to the following displays Figure 11 19 b Click the internet_access whose member class is test_dept another screen similar to t...

Страница 220: ...dvanced Policy Configuration A screen similar to the following displays Figure 11 21 b Click the internet_access whose member class is development_dept another screen similar to the following displays...

Страница 221: ...elect the checkbox for 1 0 1 c Scroll down to interface 1 0 2 and select the checkbox for 1 0 2 d Scroll down to interface 1 0 3 and select the checkbox for 1 0 3 e Scroll down to interface 1 0 4 and...

Страница 222: ...rface field at the top c Select the 1 in the Queue ID field d In the Minimum Bandwidth field enter 25 e Click Apply 16 Set the CoS queue 2 configuration for the interface 1 0 5 a From the main menu se...

Страница 223: ...d Interface Queue Configuration A screen similar to the following displays Figure 11 26 b Under Interface Queue Configuration scroll down to interface 1 0 5 and select the checkbox for 1 0 5 1 0 5 now...

Страница 224: ...Click Apply DiffServ for VoIP Configuration One of the most valuable uses of DiffServ is to support Voice over IP VoIP VoIP traffic is inherently time sensitive for a network to provide acceptable se...

Страница 225: ...priority mode This queue shall be used for all VoIP packets Activate DiffServ for the switch Netgear Switch config Netgear Switch Config cos queue strict 5 Netgear Switch Config diffserv Create a Diff...

Страница 226: ...e the matching packets are assigned internally to use queue 5 of the egress port to which they are forwarded Netgear Switch Config policy map pol_voip in Netgear Switch Config policy map class class_e...

Страница 227: ...heduler Type field e Click the Apply to save the settings 2 Enable the DiffServ a From the main menu select QoS DiffServ Basic DiffServ Configuration A screen similar to the following displays Figure...

Страница 228: ...v1 0 June 2010 b In the Class Name enter class_voip c Select All in the Class Type field d Click Add to create a new class e Click the class_voip another screen similar to the following displays Figu...

Страница 229: ...nu select QoS DiffServ Advanced DiffServ Configuration A screen similar to the following displays Figure 11 33 b In the Class Name enter class_ef c Select All in the Class Type field d Click the Add t...

Страница 230: ...licy a From the main menu select QoS DiffServ Advanced Policy Configuration A screen similar to the following displays Figure 11 35 b In the Policy Selector field enter pol_voip c Select class_voip in...

Страница 231: ..._voip a From the main menu select QoS DiffServ Advanced Policy Configuration A screen similar to the following displays Figure 11 37 b Under Policy Configuration scroll down to pol_voip and select the...

Страница 232: ...efined policy to the interface 1 0 2 in the inbound direction a From the main menu select QoS DiffServ Advanced Service Configuration A screen similar to the following displays Figure 11 39 b Under Di...

Страница 233: ...he source and destination IP Address and Layer 4 Port of the current session Based on these parameters a filter will be installed to assign the highest priority to VOIP data packets As soon as the cal...

Страница 234: ...d 6 1 0 15 Enabled 6 1 0 16 Enabled 6 1 0 17 Enabled 6 1 0 18 Enabled 6 1 0 19 Enabled 6 1 0 20 Enabled 6 More or q uit Interface Auto VoIP Mode Traffic Class 1 0 21 Enabled 6 1 0 22 Enabled 6 1 0 23...

Страница 235: ...d Services v1 0 June 2010 a From the main menu select QoS DiffServ Auto VoIP A screen similar to the following displays Figure 11 41 b Select the check box in the first row to select all the interface...

Страница 236: ...00 Managed Switch Software Administration Manual Release 8 0 3 Differentiated Services 11 32 v1 0 June 2010 d Click Apply At the end of this configuration a screen similar to the following displays Fi...

Страница 237: ...y providing support for IPv6 packet classification Internet IPv6 Workstation IPv6 Workstation IPv6 Workstation ICMPv6 traffic Other traffic GSM73xxS Interface 1 0 1 Interface 1 0 3 Interface 1 0 2 Fig...

Страница 238: ...queue 6 Netgear Switch Config policy classmap assign queue 6 Netgear Switch Config policy map exit Attach the policy policy_icmpv6 in the interface 1 0 1 1 0 2 and 1 0 3 Netgear Switch Config interfac...

Страница 239: ...Pv6 Class Configuration A screen similar to the following displays Figure 11 45 b Enter Class Name as classicmpv6 c Select Class Type as All A screen similar to the following displays Figure 11 46 d C...

Страница 240: ...8 0 3 Differentiated Services 11 36 v1 0 June 2010 a From the main menu select QoS DiffServ Advanced IPv6 Class Configuration A screen similar to the following displays Figure 11 48 b Click the class...

Страница 241: ...June 2010 c For the Protocol Type select Other and enter 58 A screen similar to the following displays Figure 11 50 d Click Apply At the end of this configuration a screen similar to the following di...

Страница 242: ...y Configuration A screen similar to the following displays Figure 11 52 b Enter the Policy Name as policyicmpv6 c For the Policy Type select In d Select Member Class as classicmpv6 A screen similar to...

Страница 243: ...8 0 3 11 39 Differentiated Services v1 0 June 2010 a From the main menu select QoS DiffServ Advanced Policy Configuration A screen similar to the following displays Figure 11 54 b Click the Policy po...

Страница 244: ...vices 11 40 v1 0 June 2010 c Select Assign Queue as 6 Figure 11 56 d Click Apply 5 Attach the policy policyicmpv6 in the interface 1 0 1 1 0 2 and 1 0 3 a From the main menu select QoS DiffServ Advanc...

Страница 245: ...1 0 3 A screen similar to the following displays Figure 11 58 d Click Apply At the end of this configuration a screen similar to the following displays Figure 11 59 Color Conform Policy Configuration...

Страница 246: ...r Switch Config class map match all class_vlan Netgear Switch Config classmap match vlan 5 Netgear Switch Config classmap exit Netgear Switch Config class map match all class_color Netgear Switch Conf...

Страница 247: ...gear Switch Interface 1 0 13 service policy in policy_vlan Netgear Switch Interface 1 0 13 exit Netgear Switch Config exit Web Interface Configuring a Color Conform Policy 1 Create a VLAN a From the m...

Страница 248: ...ilar to the following displays Figure 11 61 b Select 5 in the VLAN ID field c Click Unit 1 The Ports display d Click the gray box under port 13 and 25 until T displays The T specifies that the egress...

Страница 249: ...e Class Configuration In the Class Name field enter class_vlan In the class Type field select All c Click Add to create a new class class_vlan d Click the class_vlan to configure this class Figure 11...

Страница 250: ...ain menu select QoS DiffServ Advanced Class Configuration A screen similar to the following displays Figure 11 65 b Enter the following information in the Class Configuration In the Class Name field e...

Страница 251: ...Release 8 0 3 11 47 Differentiated Services v1 0 June 2010 e After that a screen similar to the following displays Figure 11 67 f Under the Diffserv Class Configuration page select 7 from the Preceden...

Страница 252: ...ar to the following displays Figure 11 68 b In the Policy Name field enter policy_vlan c In the Policy Type field Select In d Click Add 6 Associate the policy_vlan with class_vlan a From the main menu...

Страница 253: ...ion Click the policy_vlan a screen similar to the following displays Figure 11 70 b Select the Simple Policy radio button c Select Color Aware in the Color Mode field d Select class_color from Color C...

Страница 254: ...une 2010 a From the main menu select QoS DiffServ Advanced Service Interface Configuration A screen similar to the following displays Figure 11 71 b Under Service Interface Configuration scroll and se...

Страница 255: ...describes the Internet Group Management Protocol IGMP feature IGMPv3 and IGMP Snooping IGMP Uses Version 3 of IGMP Includes snooping Snooping can be enabled per VLAN Enable IGMP Snooping The following...

Страница 256: ...figuration Next to the Admin mode field select the Enable radio button c Click Apply Show igmpsnooping The example is shown as CLI commands and as a Web interface procedure CLI Showing igmpsnooping Ne...

Страница 257: ...as CLI commands and as a Web interface procedure CLI Showing mac address table igmpsnooping Netgear Switch show mac address table igmpsnooping cr Press Enter to execute the command Netgear Switch sho...

Страница 258: ...Router The example is shown as CLI commands and as a Web interface procedure CLI Configuring the Switch with an External Multicast Router This example configures the interface as the one the multicas...

Страница 259: ...checkbox for that interface Now 1 0 3 appears in the Interface field at the top 3 In the Multicast Router field select Enable 4 Click Apply Configure the Switch with a Multicast Router Using VLAN The...

Страница 260: ...rom the main menu select Switching Multicast Multicast Router VLAN Configuration A screen similar to the following displays Figure 12 5 2 Under Multicast Router VLAN Configuration scroll down to inter...

Страница 261: ...ct that traffic only to those users that require it However the IGMP snooping operation usually requires an extra network device normally a router that can generate an IGMP membership query and solici...

Страница 262: ...the source IP address in querier packets See the CLI Manual for more details about other IGMP querier command options Netgear switch vlan database Netgear switch vlan set igmp 1 Netgear switch vlan s...

Страница 263: ...on in the IGMP VLAN Configuration In the VLAN ID field enter 1 In the Admin Mode field select Enable c Click Add 3 Enable IGMP Snooping Querier globally a From the main menu select Switching Multicast...

Страница 264: ...rier Status The example is shown as CLI commands and as a Web interface procedure CLI Showing IGMP Querier Status To see the IGMP querier status use the following command Netgear Switch show igmpsnoop...

Страница 265: ...ual Release 8 0 3 12 11 IGMP Snooping and Querier v1 0 June 2010 Web Interface Showing IGMP Querier Status 1 From the main menu select Switching Multicast IGMP Snooping Configuration A screen similar...

Страница 266: ...ts are restricted Enabled on a per port basis When locked only packets with allowable MAC address will be forwarded Supports both dynamic and static Implement two traffic filtering methods Dynamic Loc...

Страница 267: ...e example is shown as CLI commands and as a Web interface procedure CLI Setting the Dynamic and Static Limit on the Port 1 0 1 Netgear Switch Config port security Enable port security globally Netgear...

Страница 268: ...rity Traffic Control Port Security Interface Configuration A screen similar to the following displays Figure 13 2 b Under Port Security Interface Configuration scroll down to interface 1 0 1 and selec...

Страница 269: ...1 0 1 exit Netgear Switch Config exit Netgear Switch show port security static 1 0 1 Number of static MAC addresses configured 3 Statically configured MAC Address VLAN ID 00 0E 45 30 15 F3 1 00 13 46...

Страница 270: ...rt security mac address 00 13 00 01 02 03 Web Interface Creating a Static Address To use the Web interface to create a static address proceed as follows 1 From the main menu select Security Traffic Co...

Страница 271: ...s Prevent traffic from being forwarded between protected ports Allow traffic to be forwarded between a protected port and a non protected port In following example PC1 and PC2 can access the Internet...

Страница 272: ...s 192 168 1 254 255 255 255 0 Netgear Switch Interface vlan 192 exit Step 2 Create one VLAN 202 connected to the Internet Netgear Switch vlan database Netgear Switch Vlan vlan 202 Netgear Switch Vlan...

Страница 273: ...ear Switch Config interface 1 0 24 Netgear Switch Interface 1 0 24 switchport protected Netgear Switch Interface 1 0 24 exit Web Interface Configuring a Protected Port to Isolate Ports on the Switch T...

Страница 274: ...ol Name field enter pool a Select Dynamic in the Type of Binding field In the Network Number field enter 192 168 1 0 In the Network Mask field enter 255 255 255 0 In the Days field enter 1 Click on De...

Страница 275: ...ng Wizard In the Vlan ID field enter 192 In the IP Address field enter 192 168 1 254 In the Network Mask field enter 255 255 255 0 c Click Unit 1 The ports display Click the gray box under port 23 twi...

Страница 276: ...IP Address field enter 10 100 5 34 In the Network Mask field enter 255 255 255 0 c Click Unit 1 The ports display d Click the gray box under port 48 twice until U displays The U specifies that the egr...

Страница 277: ...for VLAN 202 a From the main menu select Routing Routing Table Basic Route Configuration A screen similar to the following displays Figure 13 10 b Under Configure Routes select DefaultRoute in the Rou...

Страница 278: ...ay box under ports 24 A flag appears in the box c Click Apply to activate ports 23 and 24 as protected ports 802 1x Port Security This section describes how to configure the 802 1x Port Security featu...

Страница 279: ...username list dot1xList Netgear Switch config Netgear Switch Config ip routing Netgear Switch Config interface 1 0 1 Netgear Switch Interface 1 0 1 routing Netgear Switch Interface 1 0 1 ip address 19...

Страница 280: ...en the RADIUS client and the server Netgear Switch Config radius server key auth 10 100 5 17 Enter secret 16 characters max 123456 Re enter secret 123456 Set the RADIUS server as a primary server Netg...

Страница 281: ...r the switch a From the main menu select Routing Basic IP Configuration A screen similar to the following displays Figure 13 13 b Next to the Routing Mode select the Enable radio button c Click Apply...

Страница 282: ...55 255 255 0 in the Subnet Mask Select Enable in the Routing Mode field d Click Apply to save the settings 3 Assign IP address 10 100 5 33 24 to the interface 1 0 19 a From the main menu select Routin...

Страница 283: ...16 b Select the checkbox before dot1xList c Select Radius in the 1 field d Click Apply 5 Set the port 1 0 19 to the Force Authorized mode In this case the Radius server is connected to this interface...

Страница 284: ...uration A screen similar to the following displays Figure 13 18 b Next to the Administrative Mode select the Enable radio button c Select dot1xList in the Login field d Click Apply to save settings 7...

Страница 285: ...ct Security Management Security RADIUS Radius Configuration A screen similar to the following displays Figure 13 20 b In the Server Address enter 10 100 5 17 c Select Enable in the Accounting Mode fie...

Страница 286: ...sts from the switch and the port would remain in the unauthorized state and the client is not granted access to the network If the guest VLAN was configured for that port then the port is placed in th...

Страница 287: ...1 0 24 Netgear Switch Interface 1 0 24 vlan participation include 2000 Netgear Switch Interface 1 0 24 exit Create a VLAN 2000 and have 1 0 1 and 1 0 24 being the member of VLAN 2000 Netgear Switch C...

Страница 288: ...ID 2000 Guest VLAN Period secs 90 Supplicant Timeout secs 30 Server Timeout secs 30 Maximum Requests 2 VLAN Id 2000 VLAN Assigned Reason Guest Reauthentication Period secs 3600 Reauthentication Enabl...

Страница 289: ...AN Type field d Click Add 2 Add ports to the VLAN 2000 a From the main menu select Switching VLAN Advanced VLAN Membership A screen similar to the following displays Figure 13 24 b Select 2000 in the...

Страница 290: ...er Port Authentication scroll down to interface 1 0 6 and 1 0 12 select the checkbox for that interface c Under the Port Authentication select Force Authorized in the Control Mode field d Click Apply...

Страница 291: ...ication list a From the main menu select Security Management Security Authentication List Dot1x Authentication List A screen similar to the following displays Figure 13 27 b Select the defaultList che...

Страница 292: ...iate VLAN that it is supposed to be in this is configured in the RADIUS server This gives flexibility for the clients to move around the network without requiring the administrator to do much configur...

Страница 293: ...ithin the Access Request For use in VLAN assignment the following tunnel attributes are used Tunnel Type VLAN 13 Tunnel Medium Type 802 Tunnel Private Group ID VLANID where VLANID is 12 bits taking a...

Страница 294: ...etwork radius Enable the switch to accept VLAN assignment by the radius server Netgear Switch Config radius server host auth 192 168 0 1 Set the Radius server IP address Netgear Switch Config radius s...

Страница 295: ...VLAN Period secs 90 Supplicant Timeout secs 30 Server Timeout secs 30 Maximum Requests 2 VLAN Id 2000 VLAN Assigned Reason RADIUS Reauthentication Period secs 3600 Reauthentication Enabled FALSE Key T...

Страница 296: ...e Current Network Configuration Protocol select the None Radio button c In the IP Address enter 192 168 0 5 d In the Subnet Mask enter 255 255 255 0 e Click Apply 2 Create VLAN 2000 a From the main me...

Страница 297: ...lowing displays Figure 13 33 b Under Port Authentication scroll down to interface 1 0 6 and 1 0 12 select the checkbox for that interface c Under Port Authentication select Force Authorized in the Con...

Страница 298: ...VLAN Assignment Mode select the Enable radio button d Click Apply to save settings 5 Configure dot1x authentication list a From the main menu select Security Management Security Authentication List Do...

Страница 299: ...lick Add Dynamic ARP Inspection Dynamic ARP Inspect DAI is a security feature that rejects invalid and malicious ARP packets The feature prevents a class of man in the middle attacks where an unfriend...

Страница 300: ...IP addresses DHCP snooping cannot be run or other switches in the network do not run dynamic ARP inspection A static mapping associates an IP address to a MAC address on a VLAN Static client IP addres...

Страница 301: ...LAN 1 Netgear Switch Config ip arp inspection vlan 1 Now all the ARP packets received on the ports that are member of VLAN are copied to CPU for ARP inspection If there are trusted ports it can config...

Страница 302: ...similar to the following displays Figure 13 38 b For the DHCP Snooping Mode select Enable c Click Apply At the end of this configuration a screen similar toFigure 13 38 displays 2 Enable DHCP snoopin...

Страница 303: ...reen similar to the following displays Figure 13 40 3 Configure the port through which DHCP server is reached as trusted Here Interface 1 0 1 is trusted a From the main menu select Security Control DH...

Страница 304: ...Click Apply At the end of this configuration a screen similar to the following displays Figure 13 42 4 View the DHCP Snooping Binding table a From the main menu select Security Control DHCP Snooping...

Страница 305: ...ment v1 0 June 2010 a From the main menu select Security Control Dynamic ARP Inspection DAI VLAN Configuration A screen similar to the following displays Figure 13 44 b Set the VLAN ID as 1 c Set the...

Страница 306: ...rator PC has a DHCP snooping entry or accessing the device through the trusted port for ARP Otherwise you may get disconnected from the device 6 Configure a port 1 0 1 as trusted a From the main menu...

Страница 307: ...n filter ArpFilter vlan 1 Now the ARP packets from the Static client will be through since it has an entry in the ARP ACL ARP packets from the DHCP client is also through since it has DHCP snooping en...

Страница 308: ...ain menu select Security Control Dynamic ARP Inspection DAI ACL Rule Configuration b Select ACL Name as ArpFilter c Enter Source IP Address as 192 168 10 2 d Enter the Source MAC Address as 00 11 85 E...

Страница 309: ...CP clinet and DHCP server to filter harmful DHCP message and to build a bindings database of MAC address IP address VLAN ID port tuples that are considered authorized The network administrator enables...

Страница 310: ...ted Netgear Switch Config interface 1 0 1 Netgear Switch Interface 1 0 1 ip dhcp snooping trust View the DHCP Snooping Binding table GSM7328S show ip dhcp snooping binding Total number of bindings 1 M...

Страница 311: ...n a VLAN a From the main menu select Security Control DHCP Snooping Global Configuration A screen similar to the following displays Figure 13 53 b In the VLAN Configuration table select VLAN ID as 1 c...

Страница 312: ...in menu select Security Control DHCP Snooping Interface Configuration A screen similar to the following displays Figure 13 55 b Select the checkbox for Interface 1 0 1 c Select Trust Mode as Enable fo...

Страница 313: ...binding database This script in this section shows how to enter the static binding in the binding database CLI Entering Static Binding into the Binding Database DHCP Snooping Static Entry Netgear Swi...

Страница 314: ...ets being used as a DoS attach when DHCP snooping is enabled the snooping application enforces a rate limit for DHCP packets received on untrusted interface DHCP snooping monitors the receive rate on...

Страница 315: ...2010 View the rate configured GSM7328S show ip dhcp snooping interfaces 1 0 2 Interface Trust State Rate Limit Burst Interval pps seconds 1 0 2 No 5 1 Web Interface Configuring the Maxiumum Rate of DH...

Страница 316: ...ding in the bindings database IP Source Guard can be configured to enforce just the source IP address or both the source IP address and source MAC address Static client IP address 192 168 10 1 HW addr...

Страница 317: ...ooping binding Total number of bindings 1 MAC Address IP Address VLAN Interface Type Lease Secs 00 16 76 A7 88 CC 192 168 10 86 1 1 0 2 DYNAMIC 86400 If the entry does not exist in the DHCP Snooping B...

Страница 318: ...oping Mode as Enable c Click Apply At the end of this configuration a screen similar to Figure 13 64 is displayed 2 Enable DHCP snooping in a VLAN a From the main menu select Security Control DHCP Sno...

Страница 319: ...re the port through which DHCP server is reached as trusted Here interface 1 0 1 is trusted a From the main menu select Security Control DHCP Snooping Interface Configuration A screen similar to the f...

Страница 320: ...m the main menu select Security Control IP Source Guard Interface Configuration b Select the check box for interface 1 0 2 c Select IPSG mode as Enable d Click Apply At the end of this configuration a...

Страница 321: ...7000 Managed Switch Software Administration Manual Release 8 0 3 13 56 Security Management v1 0 June 2010 f Click Add At the end of this configuration a screen similar to the following displays Figur...

Страница 322: ...otocol SNTP feature Used for synchronizing network resources Adaptation of NTP Provides synchronized network timestamp Can be used in broadcast or unicast mode SNTP client implemented over UDP which l...

Страница 323: ...etgear Switch Routing show sntp server Server IP Address 81 169 155 234 Server Type ipv4 Server Stratum 3 Server Reference Id NTP Srv 212 186 110 32 Server Mode Server Server Maximum Entries 3 Server...

Страница 324: ...14 208 19 Netgear Switch Config sntp server 208 14 208 19 2 After configuring the IP address enable SNTP client mode The client mode may be either broadcast mode or unicast mode If the NTP server is...

Страница 325: ...Time SNTP Server Configuration A screen similar to the following displays Figure 14 1 b Enter the following information in the SNTP Server Configuration Select IPV4 in the Server Type field In the Ad...

Страница 326: ...er PST In the Offset Hours field enter 8 c Click Apply Set the Time Zone CLI Only The SNTP NTP server is set to Coordinated Universal Time UTC by default The following example shows how to set the tim...

Страница 327: ...192 168 1 1 Netgear switch config sntp server time a netgear com where 192 168 1 1 is the public network gateway IP address for your device This method of setting DNS name look up can be used for any...

Страница 328: ...field enter 4 c Click Add 2 Configure the DNS server a From the main menu select System Management DNS DNS Configuration A screen similar to the following displays Figure 14 4 b Enter the following in...

Страница 329: ...alues and watches the ICMP time out announcements Command displays all L3 devices Can be used to detect issues on the network Tracks up to 20 hops Default UPD port used 33343 unless modified in the tr...

Страница 330: ...0 ms 60 ms 60 ms 14 216 115 96 185 110 ms 59 ms 70 ms 15 216 109 120 203 70 ms 66 ms 95 ms 16 216 109 118 74 78 ms 121 ms 69 ms ProSafe 7000 Managed Switch Software Administration Manual Release 8 0 3...

Страница 331: ...ipt on page 15 5 Configuration Scripting Allows you to generate text formatted files Provides scripts that can be uploaded and downloaded to the system Provides flexibility to create command configura...

Страница 332: ...ands of configuration script script list and script delete Netgear Switch script list Configuration Script Name Size Bytes basic scr 93 running config scr 3201 2 configuration script s found 1020706 b...

Страница 333: ...nfig scr tftp 192 168 77 52 running config scr Mode TFTP Set TFTP Server IP 192 168 77 52 TFTP Path TFTP Filename running config scr Data Type Config Script Source Filename running config scr Are you...

Страница 334: ...you sure you want to start y n y CLI Banner file transfer operation completed successfully Netgear Switch Routing exit Netgear Switch Routing logout Login Banner Unauthorized access is punishable by...

Страница 335: ...ce Netgear Switch Config exit Netgear Switch show monitor session 1 Session ID Admin Mode Probe Port Mirrored Port 1 Enable 1 0 3 1 0 2 Web Interface Specifying the Source Mirrored Ports and Destinati...

Страница 336: ...nd makes the current active image as the backup image for subsequent reboots On three successive errors executing the active image the switch attempts to execute the backup image If there are errors e...

Страница 337: ...sferred 6255616 bytes transferred 6423040 bytes transferred 6606336 bytes transferred 6781952 bytes transferred 6957056 bytes transferred 7111168 bytes transferred 7307776 bytes transferred 7483392 by...

Страница 338: ...elect Archive in the File Type field c Select image2 in the Image Name field d Select TFTP in the Transfer Mode field e Select IPv4 in the Server Address Type field f In the Server Address field enter...

Страница 339: ...elnet connection is initiated each side of the connection is assumed to originate and terminate at a Network Virtual Terminal NVT Server and user hosts do not maintain information about the characteri...

Страница 340: ...uting Config lineconfig Netgear Switch Routing Line transport input Displays the protocols to use to connect to a specific line of the router output Displays the protocols to use for outgoing connecti...

Страница 341: ...Enable radio button 4 Click Apply CLI session limit and session timeout Netgear Switch Routing Line session limit 0 5 Configure the maximum number of outbound telnet sessions allowed Netgear Switch Ro...

Страница 342: ...15 14 v1 0 June 2010 1 From the main menu select Security Access Telnet A screen similar to the following displays Figure 15 6 2 Enter the following information in the Outbound Telnet In the Session...

Страница 343: ...r each of the last three sessions Each log has two parts Start up log is the first 32 messages after system startup Operational log is the last 32 messages received after the startup log is full Files...

Страница 344: ...ocal Port 514 CLI Command Logging disabled Console Logging disabled Console Logging Severity Filter alert Buffered Logging enabled Syslog Logging enabled Log Messages Received 66 Log Messages Dropped...

Страница 345: ...to the Admin Status select the Enable radio button c Click Apply 2 Configure the Command Log a From the main menu select Monitoring Logs Command Log Figure 16 3 b Enter the following information in th...

Страница 346: ...16 4 v1 0 June 2010 b Enter the following information in the Console Log Configuration Next to the Admin Status click the Disable radio button c Click Apply 4 Configure Buffer Logs a From the main men...

Страница 347: ...Buffered Logging Wrapping Behavior On Buffered Log Count 66 1 JAN 01 00 00 02 0 0 0 0 0 UNKN 268434944 usmdb_sim c 1205 1 Error 0 0x0 2 JAN 01 00 00 09 0 0 0 0 1 UNKN 268434944 bootos c 487 2 Event 0x...

Страница 348: ...er to execute the command Netgear Switch Routing show logging traplogs Number of Traps Since Last Reset 6 Trap Log Capacity 256 Number of Traps Since Log Last Viewed 6 Log System Up Time Trap 0 0 days...

Страница 349: ...Logging Hosts The example is shown as CLI commands and as a Web interface procedure CLI Showing Logging Hosts Netgear Switch Routing show logging hosts cr Press Enter to execute the command Netgear S...

Страница 350: ...g Config logging buffered Buffered In Memory Logging Configuration cli command CLI Command Logging Configuration console Console Logging Configuration host Enter IP Address for Logging Host syslog Sys...

Страница 351: ...ts Index IP Address Severity Port Status 1 192 168 21 253 alert 4 Active ProSafe 7000 Managed Switch Software Administration Manual Release 8 0 3 16 9 Syslog v1 0 June 2010 Web Interface Logging Port...

Страница 352: ...up of a Stack on page 17 9 Removing a Unit from the Stack on page 17 10 Adding a Unit to an Operating Stack on page 17 10 Replacing a Stack Member with a New Unit on page 17 11 Renumber Stack Members...

Страница 353: ...are eligible stack masters If the stack master becomes unavailable the remaining stack members participate in electing a new stack master from among themselves A set of factors determine which switch...

Страница 354: ...among themselves The re elected stack master retains its role and configuration and so do its stack members All remaining switches including the former stack masters reload and join the switch stack a...

Страница 355: ...010 use the regular Category 5 Ethernet 8 wire cable Figure 17 1 Interconnect ports 51 and 52 as shown port 51 port 52 Figure 17 2 Stack Master Election and Re Election The stack master is elected or...

Страница 356: ...The member number also determines the interface level configuration that a stack member uses You can display the stack member number by using the show switch user EXEC command A new out of the box sw...

Страница 357: ...econfigured new switch and adds it to the stack The stack member numbers match but the switch types do not match If the stack member number of the preconfigured switch matches the stack member number...

Страница 358: ...pgrade a switch that has an incompatible software image by using the copy xmodem ymodem zmodem tftp ip filepath filename command It copies the software image from an existing stack member to the one w...

Страница 359: ...ned by the stack member priority value Connect two switches through their stacking ports Use the switch stack member number priority new priority number global configuration command to set one stack m...

Страница 360: ...mmand For example if a reset is issued to a stack member use the show port command to verify that the unit has re merged with the stack and all ports are joined before issuing the next command When ph...

Страница 361: ...be replaced reconnect the stack cable from the stack member above to the stack member below the unit being removed 5 Remove unit from the rack 6 If desired remove the unit from the configuration by i...

Страница 362: ...ck The unit can be inserted into the same position as the unit just removed or the unit can be inserted at the bottom of the stack In either case make sure all stack cables are connected with the exce...

Страница 363: ...follows 1 Renumbering the stacking member s ID from 3 to 2 a From the main menu select System Management Basic Stack Configuration A screen similar to the following displays Figure 17 3 b Under Stack...

Страница 364: ...movemanagement fromunit id tounit id 2 Make sure that you can log in on the console attached to the new master Use the show switch command to verify that all units rejoined the stack 3 It is recommen...

Страница 365: ...wered units at that point 3 Completely cable the stacking connections making sure the redundant link is also in place 4 Then power up each unit one at a time by following Adding a Unit to an Operating...

Страница 366: ...ack must run the same code version Ports on stack units that don t match the management unit code version don t come up and the show switch command shows a code mismatch error To resolve this situatio...

Страница 367: ...to the newly added unit from the master using the copy command The newly added member should then be reset and should reboot normally and join the stack Web Interface Upgrading Firmware To use the We...

Страница 368: ...d Running Link Stack Stack Link Speed Unit Intf SlotId Type XFP Adapter Mode Mode Status Gb s 2 0 27 None Stack Stack Link Down 0 2 0 28 AX742 stack Stack Stack Link Down 12 Netgear Switch config Netg...

Страница 369: ...k port 1 0 51 ethernet Netgear Switch Config stack exit Netgear Switch Config exit Netgear Switch reload Are you sure you want to reload the stack y n y After Switch B reboots Netgear Switch show port...

Страница 370: ...creen similar to the following displays Figure 17 9 b Select 2 for Reboot Unit No c Click Apply Web Interface On Switch B 1 Configure a stack port as an Ethernet port a From the main menu select Syste...

Страница 371: ...the following displays Figure 17 11 b Select 1 for Reboot Unit No c Click Apply Stack the Switches using 10G fiber This example shows how to make two switches stack together in different buildings at...

Страница 372: ...Switch B Show the stack port information Netgear Switch show stack port Configured Running Link Stack Stack Link Speed Unit Intf SlotId Type XFP Adapter Mode Mode Status Gb s 2 0 27 None Stack Stack L...

Страница 373: ...OK 8 0 1 2 Web Interface on Switch A a From the main menu select System Stacking Advanced Stack Port Configuration A screen similar to the following displays Figure 17 13 b Since the port 1 0 52 is s...

Страница 374: ...8 0 3 Managing Switch Stacks 17 23 v1 0 June 2010 d Click Apply to save the settings 2 Reboot the switch a From the main menu select maintenance Reset Device Reboot A screen similar to the following...

Страница 375: ...Community The example is shown as CLI commands and as a Web interface procedure CLI Adding a New Community Netgear switch config Netgear switch Config snmp server community rw public 4 Web Interface A...

Страница 376: ...to send SNMP trap to the SNMP server Netgear switch config Netgear switch Config snmptrap public 10 100 5 17 Enable send trap to SNMP server 10 100 5 17 Netgear switch Config snmp server traps linkmod...

Страница 377: ...Click the Apply button Configure SNMP V3 The example is shown as CLI commands and as a Web interface procedure CLI Configuring SNMP V3 This example shows how to configure SNMP v3 on the NETGEAR switc...

Страница 378: ...nt Security User Configuration User Management A screen similar to the following displays Figure 18 4 b Under User Management scroll down to User Name admin and select the checkbox for admin admin now...

Страница 379: ...built into network equipment and gives complete visibility into network activity enabling effective management and control of network resources The sFlow monitoring system consists of a sFlow Agent em...

Страница 380: ...cal Packet Based Sampling of Packet Flows with sFlow Configure the sFlow receiver sFlow collector IP address In this example sFlow samples will be sent to the destination address 192 168 10 2 Netgear...

Страница 381: ...sFlow receiver index sampling rate sampling max header size It has to be repeated for all the ports to be sampled Netgear Switch Config interface 1 0 1 Netgear Switch Interface 1 0 1 sflow sampler 1...

Страница 382: ...of this configuration a screen similar to the following displays Figure 18 8 2 Configure sampling ports sFlow receiver index sampling rate sampling max header size a From the main menu select Monitor...

Страница 383: ...to be repeated for all the ports to be polled Netgear Switch Config interface 1 0 1 Netgear Switch Interface 1 0 1 sflow poller 1 Netgear Switch Interface 1 0 1 sflow poller interval 300 View the poll...

Страница 384: ...oSafe 7000 Managed Switch Software Administration Manual Release 8 0 3 SNMP 18 10 v1 0 June 2010 c Enter the Poller Interval as 300 A screen similar to the following displays Figure 18 11 d Click Appl...

Страница 385: ...host s IP address Enables a static host name entry to be used to resolve the IP address The following are examples of how the DNS feature is used Specify Two DNS Servers The following example shows h...

Страница 386: ...er Configuration table Manually Add a Host Name and an IP Address The following example shows commands to add a static host name entry to the switch so that you can use this entry to resolve the IP ad...

Страница 387: ...name and an IP address proceed as follows 1 From the main menu select System Management DNS Host Configuration A screen similar to the following displays Figure 19 2 2 Under DNS Host Configuration en...

Страница 388: ...itch The network in the DHCP pool must belong to the same subnet DHCP Server Allows the switch to dynamically assign an IP address to a DHCP client that is attached to the switch Enables the IP addres...

Страница 389: ...itch Config interface vlan 200 Netgear Switch Interface vlan 200 routing Netgear Switch Interface vlan 200 ip address 192 168 100 1 255 255 255 0 Netgear Switch config Netgear Switch Config service dh...

Страница 390: ...rt 1 0 1 to VLAN 200 a From the main menu select Switching VLAN Advanced VLAN Membership A screen similar to the following displays Figure 20 3 b Select 200 in the VLAN ID field c Click Unit 1 The Por...

Страница 391: ...0 4 b Under Port PVID Configuration scroll down and select the checkbox for 1 0 1 c In the PVID Configuration PVID 1 to 4093 field enter 200 d Click Apply to save the settings 4 Create a new DHCP pool...

Страница 392: ...the Type of Binding field In the Network Number field enter 192 168 100 0 In the Network Mask field enter 255 255 255 0 As an alternate you can enter 24 in the Network Prefix Length field Do not fill...

Страница 393: ...client identifier 01 00 01 02 03 04 05 Note The unique identifier is a concatenation of the media type and MAC addresses For example the Microsoft client identifier for Ethernet address c8 19 24 88 f1...

Страница 394: ...eate in the Pool Name field In the Pool Name field enter pool_manual Select Manual in the Type of Binding field In the Client Name field enter dhcpclient In the Hardware Address field enter 00 01 02 0...

Страница 395: ...omer domain Custom VLAN IDs are preserved and a provider service VLAN ID is added to the traffic so that the traffic can pass the metro core in a simple and cost effective manner Double VLANs Pass cus...

Страница 396: ...Switch Vlan vlan 200 Netgear Switch Vlan exit Add interface 1 0 24 to VLAN 200 add pvid 200 to the port Netgear Switch config Netgear Switch Config interface 1 0 24 Netgear Switch Interface 1 0 24 vl...

Страница 397: ...A screen similar to the following displays Figure 21 2 b Under VLAN Configuration enter the following information and make the following selection In the VLAN ID field enter 200 In the VLAN Name field...

Страница 398: ...der VLAN Membership select 200 in the VLAN ID field c Click Unit 1 The ports display Click the gray box under port 24 twice until U displays The U specifies that the egress packet is untagged for the...

Страница 399: ...creen similar to the following displays Figure 21 4 b Under PVID Configuration scroll down to interface 1 0 24 and select the chechbox for that interface Now 1 0 24 appears in the Interface field at t...

Страница 400: ...June 2010 screen similar to the following displays Figure 21 5 b Under DVLAN Configuration scroll down to interface 1 0 48 and select the chechbox for that interface Now 1 0 48 appears in the Interfa...

Страница 401: ...ed or community When in isolated mode the member port in the group cannot forward its egress traffic to any other members in the same group By default the mode is community mode that each member port...

Страница 402: ...participation pvid 200 Netgear Switch Interface 1 0 16 exit Netgear Switch Config interface 1 0 17 Netgear Switch Interface 1 0 17 vlan participation include 200 Netgear Switch Interface 1 0 17 vlan...

Страница 403: ...witching VLAN Basic VLAN configuration A screen similar to the following displays Figure 22 2 b Enter the following information in the VLAN Configuration In the VLAN ID field enter 200 In the VLAN Nam...

Страница 404: ...6 1 0 7 1 0 16 and 1 0 17 a From the main menu select Switching VLAN Advanced Port PVID Configuraton A screen similar to the following displays Figure 22 4 b Under PVID Configuration scroll down to i...

Страница 405: ...enter 1 d Select community in the Group Mode field e Click Add 5 Add the port 6 7 to the group1 a From the main menu select Security Traffic Control Private Group VLAN Private Group Membership A scree...

Страница 406: ...enter group2 c In the Group ID field enter 2 d Select isolated in the Group Mode field e Click Add 7 Add the port 16 17 to the group2 a From the main menu select Security Traffic Control Private Group...

Страница 407: ...eroperate with legacy bridges on a per port basis This drops the benefits it introduces In Multiple Spanning Tree Protocol MSTP each Spanning Tree instance can contain several VLANs Each Spanning Tree...

Страница 408: ...following displays Figure 23 1 b Enter the following information in the STP Configuration Next to the Spanning Tree Admin Mode select the Enable radio button Next to the Force Protocol Version select...

Страница 409: ...mands and as a Web interface procedure CLI Configuring Rapid STP 802 1w Netgear switch Config spanning tree Netgear switch Config spanning tree forceversion 802 1w Netgear switch Interface 1 0 3 spann...

Страница 410: ...ain menu select Switching STP CST Port Configuration A screen similar to the following displays Figure 23 4 b Under CST Port Configuration scroll down to interface 1 0 3 and select the checkbox for th...

Страница 411: ...r switch Config spanning tree mst instance 2 Create a mst instance 2 Netgear switch Config spanning tree mst priority 2 4096 Netgear switch Config spanning tree mst vlan 2 11 Netgear switch Config spa...

Страница 412: ...Configure MST Configuration a From the main menu select Switching STP MST Configuration A screen similar to the following displays Figure 23 6 b Configure MST ID 1 In the MST ID field enter 1 In the...

Страница 413: ...STP MST Port Status A screen similar to the following displays Figure 23 7 4 Under MST Port Configuration scroll down to interface 1 0 3 and select the checkbox for that interface Now 1 0 3 appears in...

Страница 414: ...rived from the 6to4 IPv6 address of the tunnel s nexthop It supports the functionality of a 6to4 border router that connects a 6to4 site to a 6to4 domain It sends receives tunneled traffic from router...

Страница 415: ...1 16 exit Netgear Switch show interfacet tunnel 0 Interface Link Status Up IPv6 is enabled IPv6 Prefix is FE80 C0A8 101 128 2000 1 64 MTU size 1280 bytes show interface tunnel TunnelId Interface Tunne...

Страница 416: ...ce tunnel TunnelId Interface TunnelMode SourceAddress DestinationAddress 0 tunnel 0 6 in 4 Configured 192 168 1 2 192 168 1 1 ProSafe 7000 Managed Switch Software Administration Manual Release 8 0 3 T...

Страница 417: ...the Enable Radio button d Click Apply 3 Create a routing interface and assign IP address to it a From the main menu select Routing IP Advanced IP Interface Configuration A screen similar to the follow...

Страница 418: ...he following displays Figure 24 5 b Select 0 in Tunnel Id field c Select 6 in 4 configured in the Mode field d In the Source Address field enter 192 168 1 1 e In the Destination Address field enter 19...

Страница 419: ...in EUI64 field f Click Add On GSM7328S_2 To use the Web interface to create a tunnel proceed as follows 1 Enable IP routing on the switch a From the main menu select Routing IP Basic IP Configuration...

Страница 420: ...utton d Click Apply 3 Create a routing interface and assign IP address to it a From the main menu select Routing IP Advanced IP Interface Configuration A screen similar to the following displays Figur...

Страница 421: ...s Figure 24 10 b Select 0 in the Tunnel Id field c Select 6 in 4 configured in the Mode field d In the Source Address field enter 192 168 1 2 e In the Destination Address field enter 192 168 1 1 f Cli...

Страница 422: ...000 Managed Switch Software Administration Manual Release 8 0 3 Tunnel 24 9 v1 0 June 2010 c In the IPv6 Prefix field enter 2000 2 d In the Length field enter 64 e Select Disable in the EUI64 field f...

Страница 423: ...e switch Netgear Switch Config ipv6 forwarding Netgear Switch Config ipv6 unicast routing Assign IPv6 address to interface 1 0 1 Netgear Switch Config interface 1 0 1 Netgear Switch Interface 1 0 1 ip...

Страница 424: ...nt Other Config Flag Disabled Router Advertisement Suppress Flag Disabled IPv6 Destination Unreachables Enabled Prefix 2000 2 64 Preferred Lifetime 604800 Valid Lifetime 2592000 Onlink Flag Enabled Au...

Страница 425: ...Figure 25 2 b Under IPv6 Interface Configuration scroll down to interface 1 0 1 and select the checkbox for 1 0 1 Now 1 0 1appears in the Interface field at the top c In the IPv6 Interface Configurati...

Страница 426: ...ch network ipv6 enable Netgear Switch network ipv6 address 2001 1 1 64 Netgear Switch network ipv6 gateway 2001 1 2 Netgear Switch show network Interface Status Always Up IP Address 0 0 0 0 Subnet Mas...

Страница 427: ...able Radio button c In the IPv6 Prefix Prefix Length field enter 2001 1 1 64 d Select False in the EUI64 field e Click Add 2 Add an IPv6 gateway to the network interface a From the main menu select Sy...

Страница 428: ...ace 1 0 1 exit Netgear Switch Config interface vlan 0 4 1 Netgear Switch Interface 0 4 1 routing Netgear Switch Interface 0 4 1 ipv6 enable Netgear Switch Interface 0 4 1 ipv6 address 2000 1 64 Netgea...

Страница 429: ...ement Interval 600 Router Advertisement Managed Config Flag Disabled Router Advertisement Other Config Flag Disabled Router Advertisement Suppress Flag Disabled IPv6 Destination Unreachables Enabled P...

Страница 430: ...elect Switching VLAN Advanced VLAN Membership A screen similar to the following displays Figure 25 7 b Select 500 in the VLAN ID field c Click the Unit 1 The Ports display d Click the gray box under p...

Страница 431: ...the settings 4 Enable IPv6 forwarding and unicast routing on the switch a From the main menu select Routing IPv6 Basic Global Configuration A screen similar to the following displays Figure 25 9 b Ne...

Страница 432: ...4 2 and in the IPv6 Interface Configuration select Enable in the IPv6 Mode field d Click Apply 6 Assign an IPv6 address to the routing VLAN a From the main menu select Routing IPv6 Advanced Prefix Co...

Страница 433: ...tree as PIM SM can PIM DM assumes that when a sender starts sending data all downstream routers and hosts want to receive a multicast datagram PIM DM initially floods multicast traffic throughout the...

Страница 434: ...Densely distributed receivers A ratio of few senders to many receivers due to frequent flooding High volume of multicast traffic Constant stream of traffic The following example describes how to conf...

Страница 435: ...1 ip address 192 168 2 2 255 255 255 0 Netgear Switch Interface 1 0 1 ip rip Enable PIM DM on the interface Netgear Switch Interface 1 0 1 ip pimdm Netgear Switch Interface 1 0 1 exit Netgear Switch...

Страница 436: ...Switch Interface 1 0 11 ip pimdm Netgear Switch Interface 1 0 11 exit On Switch C Netgear Switch configure Netgear Switch Config ip routing Netgear Switch Config ip pimdm Netgear Switch Config ip mult...

Страница 437: ...re Administration Manual Release 8 0 3 26 5 PIM v1 0 June 2010 Enable igmp on the 1 0 24 Netgear Switch Config interface 1 0 24 Netgear Switch Interface 1 0 24 routing Netgear Switch Interface 1 0 24...

Страница 438: ...aged Switch Software Administration Manual Release 8 0 3 PIM 26 6 v1 0 June 2010 Web Interface Configuring PIM DM To use the Web interface to config PIM DM proceed as follows On Switch A 1 Enable IP r...

Страница 439: ...appears in the Interface field at the top c Enter the following information in the IP Interface Configuration In the IP address enter 192 168 2 2 In the Subnet Mask enter 255 255 255 0 Select Enable i...

Страница 440: ...field d Click Apply 4 Configure 1 0 13 as a routing port and assign IP address to it a From the main menu select Routing IP Advanced IP Interface Configuration A screen similar to the following displ...

Страница 441: ...b Select 1 0 1 in the Interface field c Next to the RIP Admin Mode select the Enable radio button d Click Apply 6 Enable rip on the interface 1 0 9 a From the main menu select Routing RIP Advanced Int...

Страница 442: ...he following displays Figure 26 8 b Select 1 0 13 in the Interface field c Next to the RIP Admin Mode select the Enable radio button d Click Apply 8 Enable multicast globally a From the main menu sele...

Страница 443: ...PIM DM Global Configuration A screen similar to the following displays Figure 26 10 b Next to the Admin Mode select the Enable radio button c Click Apply 10 Enable PIM DM on the interface 1 0 1 1 0 9...

Страница 444: ...lick Apply to save the settings On Switch B To use the Web interface to config PIM DM proceed as follows 1 Enable IP routing on the switch a From the main menu select Routing IP Basic IP configuration...

Страница 445: ...3 2 In the Subnet Mask enter 255 255 255 0 Select Enable in the Routing Mode d Click Apply to save the settings 3 Configure 1 0 11 as a routing port and assign IP address to it a From the main menu se...

Страница 446: ...nterface Configuration A screen similar to the following displays Figure 26 15 b Select 1 0 10 in the Interface field c Next to the RIP Admin Mode select the Enable radio button d Click Apply 5 Enable...

Страница 447: ...o the following displays Figure 26 17 b Next to the Admin Mode select the Enable radio button c Click Apply 7 Enable PIM DM globally a From the main menu select Routing Multicast PIM DM Global Configu...

Страница 448: ...nterface Configuration scroll down to interface 1 0 10 and select the checkbox for 1 0 10 Then select the interface 1 0 11 c In the PIM SM Interface Configuration select Enable in the Admin Mode field...

Страница 449: ...Configuration A screen similar to the following displays Figure 26 21 b Under IP Interface Configuration scroll down to interface 1 0 21 and select the checkbox for 1 0 21 1 0 21 now appears in the I...

Страница 450: ...2 appears in the Interface field at the top c Enter the following information in the IP Interface Configuration In the IP address enter 192 168 6 1 In the Subnet Mask enter 255 255 255 0 Select Enable...

Страница 451: ...creen similar to the following displays Figure 26 24 b Select 1 0 22 in the Interface field c Next to the RIP Admin Mode select the Enable radio button d Click Apply 6 Enable mulicast globally a From...

Страница 452: ...ble radio button c Click Apply 8 Enable PIM DM on the interface 1 0 21 and 1 0 22 a From the main menu select Routing Multicast PIM DM Interface Configuration A screen similar to the following display...

Страница 453: ...en similar to the following displays Figure 26 28 b Next to the Routing Mode select the Enable radio button c Click Apply 2 Configure 1 0 21 as a routing port and assign IP address to it a From the ma...

Страница 454: ...nterface Configuration A screen similar to the following displays Figure 26 30 b Under IP Interface Configuration scroll down to interface 1 0 22and select the checkbox for 1 0 22 1 0 22 now appears i...

Страница 455: ...in the IP Interface Configuration In the IP address enter 192 168 4 1 In the Subnet Mask enter 255 255 255 0 Select Enable in the Routing Mode field d Click Apply to save the settings 5 Enable rip on...

Страница 456: ...33 b Select 1 0 22 in the Interface field c Next to the RIP Admin Mode select the Enable radio button d Click Apply 7 Enable rip on the interface 1 0 24 a From the main menu select Routing RIP Advanc...

Страница 457: ...e following displays Figure 26 35 b Next to the Admin Mode select the Enable radio button c Click Apply 9 Enable PIM DM globally a From the main menu select Routing Multicast PIM DM Global Configurati...

Страница 458: ...erface 1 0 21 and select the checkbox for 1 0 21 Then select the 1 0 22 and 1 0 24 c Enter the following information in the PIM DM Interface Configuration Select Enable in the Admin Mode field d Click...

Страница 459: ...source traffic is relayed to the receivers Senders first send the multicast data to the RP which in turn sends the data down the shared tree to the receivers Shared trees centered on an RP do not nece...

Страница 460: ...4 Subnet 192 168 2 0 24 Subnet 192 168 5 0 24 Subnet 192 168 4 0 24 Host IP 192 168 4 2 Port 1 0 10 Port 1 0 11 Port 1 0 21 Port 1 0 22 Switch A Switch D Switch B Switch C Port 1 0 22 Port 1 0 24 Port...

Страница 461: ...itch Interface 1 0 1 ip address 192 168 2 2 255 255 255 0 Netgear Switch Interface 1 0 1 ip rip Netgear Switch Interface 1 0 1 ip pimsm Netgear Switch Interface 1 0 1 exit Netgear Switch Config interf...

Страница 462: ...h Interface 1 0 10 ip rip Netgear Switch Interface 1 0 10 ip pimsm Netgear Switch Interface 1 0 10 exit Netgear Switch Config interface 1 0 11 Netgear Switch Interface 1 0 11 routing Netgear Switch In...

Страница 463: ...1 routing Netgear Switch Interface 1 0 21 ip address 192 168 2 1 255 255 255 0 Netgear Switch Interface 1 0 21 ip rip Netgear Switch Interface 1 0 21 ip pimsm Netgear Switch Interface 1 0 21 exit Netg...

Страница 464: ...Protocol Interface Interface List 225 1 1 1 PIMSM 1 0 22 192 168 1 1 225 1 1 1 PIMSM 1 0 21 D show ip mcast mroute summary Multicast Route Table Summary Incoming Outgoing Source IP Group IP Protocol I...

Страница 465: ...e Configuration A screen similar to the following displays Figure 26 42 b Under IP Interface Configuration scroll down to interface 1 0 1 and select the checkbox for 1 0 1 1 0 1 now appears in the Int...

Страница 466: ...nterface 1 0 9 and select teh checkbox for 1 0 9 Now 1 0 9 appears in the Interface field at the top c Enter the following information in the IP Interface Configuration In the IP address enter 192 168...

Страница 467: ...llowing information in the IP Interface Configuration In the IP address enter 192 168 1 2 In the Subnet Mask enter 255 255 255 0 Select Enable in the Routing Mode field d Click Apply to save the setti...

Страница 468: ...displays Figure 26 46 b Select 1 0 9 in the Interface field c Next to the RIP Admin Mode select the Enable radio button d Click Apply 7 Enable rip on the interface 1 0 13 a From the main menu select R...

Страница 469: ...he following displays Figure 26 48 b Next to the Admin Mode select the Enable radio button c Click Apply 9 Enable PIM SM globally a From the main menu select Routing Multicast PIM SM Global Configurat...

Страница 470: ...Interface Configuration scroll down to interface 1 0 1 and select the checkbox for 1 0 1 Then select the 1 0 9 and 1 0 13 c In the PIM SM Interface Configuration select Enable in the Admin Mode field...

Страница 471: ...Configuration A screen similar to the following displays Figure 26 52 b Under IP Interface Configuration scroll down to interface 1 0 10 and select the checkbox for 1 0 10 1 0 10 now appears in the I...

Страница 472: ...w appears in the Interface field at the top c Enter the following information in the IP Interface Configuration In the IP address enter 192 168 5 1 In the Subnet Mask enter 255 255 255 0 Select Enable...

Страница 473: ...creen similar to the following displays Figure 26 55 b Select 1 0 11 in the Interface field c Next to the RIP Admin Mode select the Enable radio button d Click Apply 6 Enable multicast globally a From...

Страница 474: ...lays Figure 26 57 b Next to the Admin Mode select the Enable radio button c Click Apply 8 Enable PIM SM on the interface 1 0 10 and 1 0 11 a From the main menu select Routing Multicast PIM SM Interfac...

Страница 475: ...nfiguration a From the main menu select Routing Multicast PIM SM Candidate RP Configuration A screen similar to the following displays Figure 26 59 b Select 1 0 11 in the Interface field c In the Grou...

Страница 476: ...0 10 in the Interface field c In the Hash Mask Length field enter 30 d In the Priority field enter 7 e Click Apply On Switch C To use the Web interface to config PIM SM proceed as follows 1 Enable IP...

Страница 477: ...Configuration A screen similar to the following displays Figure 26 62 b Under IP Interface Configuration scroll down to interface 1 0 21 and select the checkbox for 1 0 21 1 0 21 now appears in the I...

Страница 478: ...w appears in the Interface field at the top c Enter the following information in the IP Interface Configuration In the IP address enter 192 168 6 1 In the Subnet Mask enter 255 255 255 0 Select Enable...

Страница 479: ...creen similar to the following displays Figure 26 65 b Select 1 0 22 in the Interface field c Next to the RIP Admin Mode select the Enable radio button d Click Apply 6 Enable multicast globally a From...

Страница 480: ...on c Click Apply 8 Enable PIM SM on the interface 1 0 21 and 1 0 22 a From the main menu select Routing Multicast PIM SM Interface Configuration A screen similar to the following displays Figure 26 68...

Страница 481: ...ate RP Configuration A screen similar to the following displays Figure 26 69 b Select 1 0 22 in the Interface field c In the Group IP enter 225 1 1 1 d In the Group Mask enter 255 255 255 0 e Click Ad...

Страница 482: ...0 21 in the Interface field c In the Hash Mask Length field enter 30 d In the Priority field enter 5 e Click Apply On Switch D To use the Web interface to config PIM SM proceed as follows 1 Enable IP...

Страница 483: ...Configuration A screen similar to the following displays Figure 26 72 b Under IP Interface Configuration scroll down to interface 1 0 21 and select the checkbox for 1 0 21 1 0 21 now appears in the I...

Страница 484: ...he top c Enter the following information in the IP Interface Configuration In the IP address enter 192 168 6 2 In the Subnet Mask enter 255 255 255 0 Select Enable in the Routing Mode field d Click Ap...

Страница 485: ...n the interface 1 0 21 a From the main menu select Routing RIP Advanced Interface Configuration A screen similar to the following displays Figure 26 75 b Select 1 0 21 in the Interface field c Next to...

Страница 486: ...e Configuration A screen similar to the following displays Figure 26 77 b Select 1 0 24 in the Interface field c Next to the RIP Admin Mode select the Enable radio button d Click Apply 8 Enable multic...

Страница 487: ...the Enable radio button c Click Apply 10 Enable PIM SM on the interface 1 0 21 1 0 22 and 1 0 24 a From the main menu select Routing Multicast PIM SM Interface Configuration A screen similar to the f...

Страница 488: ...t PIM SM Candidate RP Configuration A screen similar to the following displays Figure 26 81 b Select 1 0 22 in the Interface field c In the Group IP enter 225 1 1 1 d In the Group Mask enter 255 255 2...

Страница 489: ...the Interface field c In the Hash Mask Length field enter 30 d In the Priority field enter 3 e Click Apply 13 Enable IGMP globally a From the main menu select Routing Multicast IGMP Global Configurat...

Страница 490: ...ain menu select Routing Multicast IGMP Interface Configuration A screen similar to the following displays Figure 26 84 b Under IGMP Routing Interface Configuration scroll down to interface 1 0 24and s...

Страница 491: ...rred as Layer 3 Relay Agents In some network configurations there is a need for Layer 2 devices to append the Relay Agent Information option as they are closer to the end hosts These Layer 2 devices a...

Страница 492: ...field Enable Option 82 Remote ID field Netgear Switch Config dhcp l2relay remote id rem_id vlan 200 Enable DHCP L2relay on the port 1 0 4 Netgear Switch Config interface 1 0 4 Netgear Switch Interface...

Страница 493: ...pvid 200 Netgear Switch Interface 1 0 6 vlan participation include 200 Netgear Switch Interface 1 0 6 exit Web Interface DHCP L2 Relay To use the Web interface to create a guest VLAN proceed as follow...

Страница 494: ...he U specifies that the egress packet is untagged for the port e Click Apply 3 Specify that PVID on port 1 0 4 1 0 5 and 1 0 6 a From the main menu select Switching VLAN Advanced Port PVID Configurati...

Страница 495: ...t to the Admin Mode c Under DHCP L2 Relay VLAN Configuration scroll down to VLAN ID 200 and select the checkbox for VLAN 200 d Enter the following information in the DHCP L2 Relay VLAN Configuration S...

Страница 496: ...0 6 c Select Enable in the Admin Mode field d Click Apply to save the settings 6 Enable DHCP L2 Relay Trust on interface 1 0 6 a From the main menu select System Services DHCP L2 Relay DHCP L2 Relay I...

Страница 497: ...P L3 Relay v1 0 June 2010 Chapter 28 DHCP L3 Relay This example shows how to configure a DHCP l3 Relay on Netgear management switch and how to configure DHCP pool to assign IP addresses to DHCP client...

Страница 498: ...h Interface 1 0 3 routing Netgear Switch Interface 1 0 3 ip address 10 100 1 1 255 255 255 0 Netgear Switch Interface 1 0 3 ip rip Netgear Switch Interface 1 0 3 exit Create a DHCP pool Netgear Switch...

Страница 499: ...c Click Apply 2 Create a routing interface and assign 10 100 1 1 24 to it a From the main menu select Routing IP Advanced IP Interface Configuration A screen similar to the following displays Figure 2...

Страница 500: ...field c Next to the RIP Admin Mode select the Enable radio button d Click Apply to save the settings 4 Set up the DHCP global configuration a From the main menu select System Services DHCP Server DHCP...

Страница 501: ...the following information Select Create in the Pool Name field In the Pool Name field enter dhcp_server Select Dynamic in the Type of Binding field In the Network Number field enter 10 200 1 0 In the...

Страница 502: ...Switch Interface 1 0 4 exit Create a routing interface connecting to the client Netgear Switch Config interface 1 0 15 Netgear Switch Interface 1 0 15 routing Netgear Switch Interface 1 0 15 ip addre...

Страница 503: ...able radio button c Click Apply 2 Create a routing interface and assign 10 100 1 2 24 to it a From the main menu select Routing IP Advanced IP Interface Configuration A screen similar to the following...

Страница 504: ...min Mode select the Enable radio button d Click Apply to save the settings 4 Create a routing interface and assign 10 200 1 1 24 to it a From the main menu select Routing IP Advanced IP Interface Conf...

Страница 505: ...to the following displays Figure 28 11 b Next to the Source field select Connected c Next to Redistribute Mode field select Enable d Click Apply to save the settings 6 Enable DHCP L3 Relay a From the...

Страница 506: ...8 0 3 DHCP L3 Relay 28 10 v1 0 June 2010 a From the main menu select System Services UDP Relay A screen similar to the following displays Figure 28 13 b In the Server Address field enter 10 100 1 1 c...

Страница 507: ...f multicast data packets The Multicast router sends General Queries periodically to request multicast address listeners information from systems on an attached network These queries are used to build...

Страница 508: ...Netgear Switch Config ipv6 pimdm Netgear Switch Config ip routing Netgear Switch Config ip multicast Netgear Switch Config interface 1 0 1 Netgear Switch Interface 1 0 1 routing Netgear Switch Interf...

Страница 509: ...ast routing Enable ipv6 MLD on the switch Netgear Switch Config ipv6 mld router Enable ipv6 PIM DM on the switch Netgear Switch Config ipv6 pimdm Enable ip multicast forwarding on the switch Netgear S...

Страница 510: ...information on switch B B show ipv6 mld groups ff32 1 Interface 71 1 24 Group Address FF32 1 Last Reporter FE80 200 4FF FEE8 5EFC Up Time hh mm ss 00 00 18 Expiry Time hh mm ss Filter Mode Include Ver...

Страница 511: ...displays Figure 29 2 b Next to the Routing Mode select the Enable radio button c Click Apply 2 Enable IPv6 Unicast routing on the switch a From the main menu select Routing IPv6 Basic Global configur...

Страница 512: ...isplays Figure 29 4 b Under IPv6 Interface Configuration scroll down to interface 1 0 1 and select the checkbox for 1 0 1 then select the checkbox for 1 0 13 c Enter the following information in the I...

Страница 513: ...ration A screen similar to the following displays Figure 29 5 b Under IPv6 Interface Selection select 1 0 1 in the Interface field c Enter the following information in the IP Interface Configuration I...

Страница 514: ...Interface field c Enter the following information in the IP Interface Configuration In the IPv6 Prefix enter 2001 2 1 In the Prefix Length enter 64 Select Disable in the EUI64 field d Click Add to sa...

Страница 515: ...to the following displays Figure 29 8 b Under OSPFv3 Interface Configuration scroll down to interface 1 0 1 and select the checkbox for 1 0 1 Then select the checkbox for 1 0 13 c In the OSPFv3 Interf...

Страница 516: ...e select the Enable radio button c Click Apply 9 Enable PIM DM globally a From the main menu select Routing Multicast PIM DM Global Configuration A screen similar to the following displays Figure 29 1...

Страница 517: ...the following displays Figure 29 11 b Under PIM DM Interface Configuration scroll down to interface 1 0 1 and select the checkbox for 1 0 1 Then select the checkbox for 1 0 13 c In the PIM DM Interfa...

Страница 518: ...displays Figure 29 12 b Next to the Routing Mode select the Enable radio button c Click Apply 2 Enable IPv6 Unicast routing on the switch a From the main menu select Routing IPv6 Basic Global configur...

Страница 519: ...plays Figure 29 14 b Under IPv6 Interface Configuration scroll down to interface 1 0 21 and select the checkbox for 1 0 21 Then select the checkbox for 1 0 24 c Enter the following information in the...

Страница 520: ...ration A screen similar to the following displays Figure 29 15 b Under IPv6 Interface Selection select 1 0 21 in the Interface field c Enter the following information in the IP Interface Configuration...

Страница 521: ...nterface field c Enter the following information in the IP Interface Configuration In the IPv6 Prefix enter 2001 3 1 In the Prefix Length enter 64 Select Disable in the EUI64 field d Click Add to save...

Страница 522: ...PFv3 Interface Configuration scroll down to interface 1 0 21 and select the checkbox for 1 0 21 Then select the checkbox for 1 0 24 c In the OSPFv3 Interface Configuration select Enable in the Admin M...

Страница 523: ...ys Figure 29 20 b Next to the Admin Mode select the Enable radio button c Click Apply 10 Enable PIM DM on the interface 1 0 21and 1 0 24 a From the main menu select Routing Multicast PIM DM Interface...

Страница 524: ...Global configuration A screen similar to the following displays Figure 29 22 b Next to the Admin Mode select the Enable radio button c Click Apply 12 Enable MLD on the interface 1 0 24 a From the mai...

Страница 525: ...his list is constructed by snooping IPv6 multicast control packets MLD is a protocol used by IPv6 multicast routers to discover the presence of multicast listeners nodes wishing to receive IPv6 multic...

Страница 526: ...ear Switch Interface 1 0 24 vlan participation include 300 Netgear Switch Interface 1 0 24 vlan pvid 300 Netgear Switch Interface 1 0 24 exit Netgear Switch Config exit Netgear Switch Config set mld N...

Страница 527: ...4 b In the VLAN Configuration VLAN ID field enter 300 c Click Add 2 Assign all of the ports to VLAN 300 a From the main menu select Switching VLAN Advanced VLAN Membership A screen similar to the foll...

Страница 528: ...PVID Configuration scroll down to interface 1 0 1 and select the checkbox for 1 0 1 Then scroll down to the interface 1 0 24 and select the checkbox for 1 0 24 c In the PVID Configuration PVID 1 to 4...

Страница 529: ...able MLD Snooping on the VLAN 300 a From the main menu select Routing Multicast MLD Snooping MLD VLAN Configuration A screen similar to the following displays Figure 29 28 b Enter the following inform...

Страница 530: ...entire multicast network with respect to the time to live TTL of the packet TTL restricts the area to be flooded by the message All the leaf routers that do not have members on directly attached subn...

Страница 531: ...etgear Switch Config interface 1 0 1 Netgear Switch Interface 1 0 1 routing Netgear Switch Interface 1 0 1 ip address 192 168 1 1 255 255 255 0 Netgear Switch Interface 1 0 1 exit Netgear Switch Confi...

Страница 532: ...how ip dvmrp neighbor Interface 1 0 13 Neighbor IP Address 192 168 2 2 State Active Up Time hh mm ss 00 02 40 Expiry Time hh mm ss 00 00 25 Generation ID 1116347719 Major Version 3 Minor Version 255 C...

Страница 533: ...etgear Switch Interface 1 0 20 routing Netgear Switch Interface 1 0 20 ip address 192 l 168 4 1 255 255 255 0 Netgear Switch Interface 1 0 20 exit Netgear Switch Config exit Enable ip multicast forwar...

Страница 534: ...IP Address 192 168 4 2 State Active Up Time hh mm ss 00 01 44 Expiry Time hh mm ss 00 00 29 Generation ID 1116595033 Major Version 3 Minor Version 255 Capabilities Prune GenID Missing 11441 Received R...

Страница 535: ...Switch Config interface 1 0 24 Netgear Switch Interface 1 0 24 routing Netgear Switch Interface 1 0 24 ip address 192 168 5 1 255 255 255 0 Netgear Switch Interface 1 0 24 exit Enable ip multicast for...

Страница 536: ...e GenID Missing 11441 Received Routes 0 Received Bad Packets 0 Received Bad Routes 0 Interface 1 0 3 Neighbor IP Address 192 168 4 1 State Active Up Time hh mm ss 00 01 17 Expiry Time hh mm ss 00 00 2...

Страница 537: ...on c Click Apply 2 Configure 1 0 1 as a routing port and assign IP address to it a From the main menu select Routing IP Advanced IP Interface Configuration A screen similar to the following displays F...

Страница 538: ...figuration A screen similar to the following displays Figure 30 4 b Under IP Interface Configuration scroll down to interface 1 0 13 and select the checkbox for 1 0 13 1 0 13 now appears in the Interf...

Страница 539: ...interface 1 0 13 and select the checkbox for 1 0 13 Now 1 0 13 appears in the Interface field at the top c Enter the following information in the IP Interface Configuration In the IP address enter 192...

Страница 540: ...VMRP on the switch a From the main menu select Routing Multicast DVMRP Global Configuration A screen similar to the following displays Figure 30 7 b Next to the Admin Mode select the Enable radio butt...

Страница 541: ...ckbox c Select Enable in the Interface Mode field d Click Apply to save the settings On Switch B To use the Web interface to config DVMRP proceed as follows 1 Enable IP routing on the switch a From th...

Страница 542: ...he top c Enter the following information in the IP Interface Configuration In the IP address enter 192 168 2 2 In the Subnet Mask enter 255 255 255 0 Select Enable in the Routing Mode field d Click Ap...

Страница 543: ...ter 192 168 4 1 In the Subnet Mask enter 255 255 255 0 Select Enable in the Routing Mode field d Click Apply to save the settings 4 Enable IP multicast on the switch a From the main menu select Routin...

Страница 544: ...the Admin Mode select the Enable radio button c Click Apply 6 Enable DVMRP on the interface a From the main menu select Routing Multicast DVMRP Interface Configuration A screen similar to the followin...

Страница 545: ...b Next to the Routing Mode select the Enable radio button c Click Apply 2 Configure 1 0 11 as a routing port and assign IP address to it a From the main menu select Routing IP Advanced IP Interface C...

Страница 546: ...llowing displays Figure 30 17 b Under IP Interface Configuration scroll down to interface 1 0 3 and select the 1 0 3 checkbox Now 1 0 3 appears in the Interface field at the top c Enter the following...

Страница 547: ...r the following information in the IP Interface Configuration In the IP address enter 192 168 5 1 In the Subnet Mask enter 255 255 255 0 Select Enable in the Routing Mode field d Click Apply to save t...

Страница 548: ...displays Figure 30 20 b Next to the Admin Mode select the Enable radio button c Click Apply 7 Enable DVMRP on the interface a From the main menu select Routing Multicast DVMRP Interface Configuration...

Страница 549: ...e following displays Figure 30 22 b Next to the Admin Mode select the Enable radio button c Click Apply 9 Enable IGMP on the interface a From the main menu select Routing Multicast IGMP Routing INterf...

Страница 550: ...a Captive Portal mechanism before the client is given access to the network When a wired physical port is enabled for Captive Portal then the port would be set in captive portal enabled state such tha...

Страница 551: ...aptive Portal It explains what configurations are visible to the network administrator and enumerates the events All of the configurations included in this section are managed using the standard manag...

Страница 552: ...terface Enabling Captive Portal To use the Web interface to configure the Captive Portal proceed as follows 1 Enable Captive Portal on the switch a From the main menu select Security Control Captive P...

Страница 553: ...o CP ID 1 and select the CP 1 checkbox Now CP 1appears in the CP ID field at the top c In the Captive Portal Configuration select Enable in the Admin Mode field d Click Apply to save the settings 3 En...

Страница 554: ...nstance is blocked no client traffic is allowed through any interfaces associated with that captive portal configuration Blocking a captive portal instance is a temporary command executed by the admin...

Страница 555: ...s are also assigned to the Default group The administrator can create new groups and modify the user group association to only allow a subset of users access to a specific captive portal instance Netw...

Страница 556: ...lar to the following displays Figure 31 5 b Enter the following information in the CP Group Configuration Select 2 from the Group ID field Enter Group2 in the Group Name field c Click Add 2 Create an...

Страница 557: ...tal configuration and no RADIUS servers are assigned the captive portal activation status will indicate the instance is disabled with an appropriate reason code The following table indicates the RADIU...

Страница 558: ...wing information in the Captive Portal Configuration Select RADIUS from the Verification field In the Radius Auth Server field enter the radius server name Default RADIUS Server 4 Click Apply WISPr Ma...

Страница 559: ...protocol which requires a certificate to provide encryption The certificate is presented to the user at connection time The Captive Portal uses the same certificate that is used by 8 0 for Secure HTTP...

Страница 560: ...tting Trust Mode 10 8 show classofservice ip precedence mapping 10 5 show classofservice trust 10 3 traffic shaping 10 9 CoS queueing 10 1 D DHCP L2 relay 27 1 28 1 DHCP messages configuring the maxim...

Страница 561: ...stub area configuration 6 15 VLAN routing 6 35 OSPFv3 6 40 outbound Telnet 15 11 P PIM 26 1 PIM SM 26 27 port mirroring 15 6 port routing adding a default route 3 6 adding a static route 3 8 port sec...

Страница 562: ...priority values 17 5 membership 17 2 offline configuration 17 6 software compatibility 17 7 stacking recommendations 17 9 upgrading firmware 17 15 syslog 16 1 T time set the time zone CLI only 14 5 tr...

Результаты поиска

Содержание ProSafe 7000

Отзывы:

Похожие инструкции для ProSafe 7000

Бренды по названию

Популярные бренды

NETGEAR ProSafe 7000, Руководство по администрированию программного обеспечения

Результаты поиска

Содержание ProSafe 7000

Отзывы:

Похожие инструкции для ProSafe 7000

Бренды по названию

Популярные бренды