NETGEAR 7000 Series manual

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220

Ir a la página of

Buen manual de instrucciones

Las leyes obligan al vendedor a entregarle al comprador, junto con el producto, el manual de instrucciones NETGEAR 7000 Series. La falta del manual o facilitar información incorrecta al consumidor constituyen una base de reclamación por no estar de acuerdo el producto con el contrato. Según la ley, está permitido adjuntar un manual de otra forma que no sea en papel, lo cual últimamente es bastante común y los fabricantes nos facilitan un manual gráfico, su versión electrónica NETGEAR 7000 Series o vídeos de instrucciones para usuarios. La condición es que tenga una forma legible y entendible.

¿Qué es un manual de instrucciones?

El nombre proviene de la palabra latina “instructio”, es decir, ordenar. Por lo tanto, en un manual NETGEAR 7000 Series se puede encontrar la descripción de las etapas de actuación. El propósito de un manual es enseñar, facilitar el encendido o el uso de un dispositivo o la realización de acciones concretas. Un manual de instrucciones también es una fuente de información acerca de un objeto o un servicio, es una pista.

Desafortunadamente pocos usuarios destinan su tiempo a leer manuales NETGEAR 7000 Series, sin embargo, un buen manual nos permite, no solo conocer una cantidad de funcionalidades adicionales del dispositivo comprado, sino también evitar la mayoría de fallos.

Entonces, ¿qué debe contener el manual de instrucciones perfecto?

Sobre todo, un manual de instrucciones NETGEAR 7000 Series debe contener:
- información acerca de las especificaciones técnicas del dispositivo NETGEAR 7000 Series
- nombre de fabricante y año de fabricación del dispositivo NETGEAR 7000 Series
- condiciones de uso, configuración y mantenimiento del dispositivo NETGEAR 7000 Series
- marcas de seguridad y certificados que confirmen su concordancia con determinadas normativas

¿Por qué no leemos los manuales de instrucciones?

Normalmente es por la falta de tiempo y seguridad acerca de las funcionalidades determinadas de los dispositivos comprados. Desafortunadamente la conexión y el encendido de NETGEAR 7000 Series no es suficiente. El manual de instrucciones siempre contiene una serie de indicaciones acerca de determinadas funcionalidades, normas de seguridad, consejos de mantenimiento (incluso qué productos usar), fallos eventuales de NETGEAR 7000 Series y maneras de solucionar los problemas que puedan ocurrir durante su uso. Al final, en un manual se pueden encontrar los detalles de servicio técnico NETGEAR en caso de que las soluciones propuestas no hayan funcionado. Actualmente gozan de éxito manuales de instrucciones en forma de animaciones interesantes o vídeo manuales que llegan al usuario mucho mejor que en forma de un folleto. Este tipo de manual ayuda a que el usuario vea el vídeo entero sin saltarse las especificaciones y las descripciones técnicas complicadas de NETGEAR 7000 Series, como se suele hacer teniendo una versión en papel.

¿Por qué vale la pena leer los manuales de instrucciones?

Sobre todo es en ellos donde encontraremos las respuestas acerca de la construcción, las posibilidades del dispositivo NETGEAR 7000 Series, el uso de determinados accesorios y una serie de informaciones que permiten aprovechar completamente sus funciones y comodidades.

Tras una compra exitosa de un equipo o un dispositivo, vale la pena dedicar un momento para familiarizarse con cada parte del manual NETGEAR 7000 Series. Actualmente se preparan y traducen con dedicación, para que no solo sean comprensibles para los usuarios, sino que también cumplan su función básica de información y ayuda.

Índice de manuales de instrucciones

  • Página 1

    202-10238-02 May 2008 NETGEAR , Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA NETGEAR 7000 Series Managed Switch Administration Guide Ve r s i o n 7 . 2[...]

  • Página 2

    ii v1.0, May 2008 © 2008 by NETGEAR, Inc. All rights reserved. T rademarks NETGEAR and Auto Uplink are trademarks or regis ter ed trademarks of NETGEAR , Inc. . Microsoft, W indows, and W indow s NT are registered trademar ks of Microsoft Corporation. Other brand and product names are registered trademarks or trad emarks of their respective holder[...]

  • Página 3

    v1.0, May 2008 iii • This device may not cause harmful interference, and • This device must accept any inte rference received, including interferen ce that may caus e undesired operation. FCC Requirement s for Operation in the United St ates Radio Frequency In terfe rence Warnings & Instructions This equipment has been tested and f ound to [...]

  • Página 4

    v1.0, May 20 08 iv Product and Publication Det ails Model Number: 7xxx Publication Date: May 2008 Product Family: Managed Switch Product Name: 7000 Series Managed Switch Home or Business Prod uc t: Business Language: Engl ish Publication Part Number: 202-10238-02 Publication V ersion Number: 1.0[...]

  • Página 5

    v v1.0, May 2008 Content s NETGEAR 7000 Series Managed Switch Ad ministration Guide V ersion 7.2 About This Manual Conventions, Formats and Scope ............................ ............. ................. ................ ......... xv How to Use This Manual ................. ................ ............. ................ ................ .......[...]

  • Página 6

    vi v1.0, May 2008 Setting Up the Switch IP Address .... ... ... ... .... ............ ............. ................. ............ ............ 3-2 Assigning Switch Name and Location Informat ion .......... ................ ............. ................ .. 3-3 Saving the Configuration ................. ................ ................ ...........[...]

  • Página 7

    vii v1.0, May 2008 VLAN Routing RIP Configuration .............. ... ... ... .... ... ... ... .... ... ... ... .... ... ... ... ............. .. 7-7 CLI Example ...... ............. ................. ............ ................. ............. ................ ........ 7-8 VLAN Routing OSPF Configuration .......... ... ...... ................. ...[...]

  • Página 8

    viii v1.0, May 2008 Example #2: Configure a One-Way Access Using a TCP Flag in an ACL .......... ..... 9-4 CLI Commands .. ................. ............. ................ ................ ............. ................ ..... 9-5 Web Interface Procedure ....... ... ... .... ... ... ... ............. ... .... ... ... ... .... ... ... ... ... .......[...]

  • Página 9

    ix v1.0, May 2008 Chapter 12 IGMP Snooping Overview ............. ................ ................ ................ ................ ................ ................ ......... .1 2 - 1 CLI Examples . ............. ................ ............. ................ ................. ............. ................ ...... 12- 1 Example #1: Enable IGMP [...]

  • Página 10

    x v1.0, May 2008 Example #4: session-limit and session-timeout ........ ................ ................ ............. 16-3 Chapter 17 Port Mirroring Overview ............. ................ ................ ................ ................ ................ ................ ......... .1 7 - 1 CLI Examples . ............. ................ .........[...]

  • Página 11

    xi v1.0, May 2008 Switch S tack Cabling (FSM73xxS) ............ ... ............. ............. ................ ............. ... 20-4 S tack Master Election and Re-Election ..... ...... ................ ............. ................ .......... 20-5 S tack Member Numbers .. ................ ............. ................ ............. ...........[...]

  • Página 12

    xii v1.0, May 2008 Chapter 22 IGMP Querier CLI Examples . ............. ................ ............. ................ ................. ............. ................ ...... 22- 2 Example #1: Enable IGMP Querier . .......... ... ............. ................ ............. ............. ... 22-2 Example #2: Show IGMP Querier St at us .. .........[...]

  • Página 13

    xiii v1.0, May 2008 Example .............. ................ ................ ................ ................ ................ ................ ......... .2 6 - 1 Example 1#: Enable 802.1x Authentication on One Port in a VLAN ... ... ... ... .... ... ... 26-1 CLI Commands .. ................. ............. ................ ............. ..........[...]

  • Página 14

    xiv v1.0, May 2008[...]

  • Página 15

    xv v1.0, May 2008 About This Manual The NETGEAR 7000 Series Managed Switch Ad ministrat ion Guide V ersion 7.2 describes how to install, configure and trou bleshoot the 7000 Se ries Managed Switch. The informa tion in this manual is intended for readers with intermediate computer and Internet skills. Conventions, Format s and Scope The conventions,[...]

  • Página 16

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 xvi v1.0, May 2008 • Scope. This manual is written for the 7000 Series Managed Switch according to these specifications: . How to Use This Manual The HTML version of this manual, if provided, includ es the following: • Buttons, and , for browsing forwards or backwards through [...]

  • Página 17

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 xvii v1.0, May 2008 • Click the PDF of This Chapter link at the top left of any page in the chapter you want to print. The PDF version of the chapter you were viewing o pens in a browser window . • Click the print icon in the upper left of your browser window . – Printing a [...]

  • Página 18

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 xviii v1.0, May 2008[...]

  • Página 19

    1-1 v1.0, May 2008 Chapter 1 Introduction This document provid es an understanding of th e CLI and W eb configuratio n options for software Release 7.2 features. Document Organization This document provides exa mples of the use of the switch software in a typical network. It describes the use and advantages of specific f unctions provided by the 70[...]

  • Página 20

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 1-2 Introduction v1.0, May 2008 – Class of Service (CoS) – Differentiated Services • Multicast – IGMP Snooping • Security – Denial of Service – Port Security • Operating System – Dual Configuration •T o o l s –A l a r m M a n a g e r – T raceroute – Confi[...]

  • Página 21

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Introduction 1-3 v1.0, May 2008 CLI Document ation The Command Line Refer ence provides information about the CLI commands used to configure the switch and the sta ck . The do cument provides CLI descriptions, syntax, and default values. Refer to the Command Line Refer ence for in[...]

  • Página 22

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 1-4 Introduction v1.0, May 2008[...]

  • Página 23

    2-5 v1.0, May 2008 Chapter 2 Getting S tarted Connect a terminal to the sw itch to begin configuration. In-band and Out-of-band Connectivity Ask the system administrator to determine whet her you will configure the switch for in-band or out-of-band connec tivity . Configuring for In -band Connectivity In-band connectivity allows you to access the s[...]

  • Página 24

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-6 Getting Started v1.0, May 2008 gateway IP address of the default r outer , if the switch is a node outside the IP range of the LAN MAC Address MAC address of the switch When you connect the switch to the network for th e first time after setting up the BootP or DHCP server , i[...]

  • Página 25

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Getting Started 2-7 v1.0, May 2008 6. Set the IP address, subnet mask, and gate way address by issue the following command: config network parms ipaddress netmask g ateway 7. T o enable these changes to be retained during a reset of the switch, type Ctrl-Z to return to the main pr[...]

  • Página 26

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-8 Getting Started v1.0, May 2008 d. Set the flow control to none. e. Select the proper mode under Properti es . f. Select T erminal keys. 3. Connect the female connec tor of the RS-232 cr ossover cable directly to the switch console port, and tighten the captive retaining screws[...]

  • Página 27

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Getting Started 2-9 v1.0, May 2008 • The console co nnection was establish ed and the console prompt appears on the screen of a VT100 terminal or terminal equivalent. The initial switch configuratio n is performed through the c onsole port. After the initial configuration, you c[...]

  • Página 28

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-10 Getting Started v1.0, May 2008 Sof tware Installation This section contains procedures to help you b ecome acquainted quickly with the switch software. Before installing switch software, you should verify that the switch operates with the most recent firmware. Quick S t artin[...]

  • Página 29

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Getting Started 2-11 v1.0, May 2008 • Uploading from Network ing Device to Out-of-Band PC (Only XMODEM) • Downloading from Out-of-Ban d PC to Networking Device ( Only XMODEM) • Downloading from TFTP Server • Restoring factory defaults If you configure any network parameter[...]

  • Página 30

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-12 Getting Started v1.0, May 2008 copy system:run- ning-config nvram:startup- config Privileged EXEC Saves passwords and all other changes to the device. If you do not save the configurat ion, all changes are lost when you power down or reset the networking device. In a stackin [...]

  • Página 31

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Getting Started 2-13 v1.0, May 2008 copy nvram:error- log <tftp:// <ipaddress>/ <filepath>/<file- name>> Privileged EXEC Starts the error log upload, displays the mode and typ e of upload and confirms th e upload i s progressing. The URL must be specified a[...]

  • Página 32

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 2-14 Getting Started v1.0, May 2008 copy <tftp:// <ipaddress>/ <filepath>/<file- name>> sys- tem:image Privileged EXEC Sets the destination (downlo ad) datatype to be an image. The URL must be specified as: tftp://<ipaddress>/<filepath>/<fi l[...]

  • Página 33

    3-1 v1.0, May 2008 Chapter 3 Using Ezconfig for Switch Setup Ezconfig is an interactive utility that provides a si mplified procedure for setting up the following switch parameters: • Switch management IP add r ess • Switch admin user pa sswo rd • Switch name and location Ezconfig can be entered either in Global Conf ig mo de (#) or in Displa[...]

  • Página 34

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 3-2 Using Ezconfig for Switch Setup v1.0, May 2008 Changing the Password The first question it will ask is whet her you wish to change the admin passw ord. For security reasons, you should change the password by typing Y . If you have already set the password and do not wish to ch[...]

  • Página 35

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Using Ezconfig for Switch Setup 3-3 v1.0, May 2008 If an IP address is already assigned, and you do not wish to change the IP address again, simply type N. Assigning Switch Name and Location Information Ezconfig will proceed to the next step in the setup: Saving the Configuration [...]

  • Página 36

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 3-4 Using Ezconfig for Switch Setup v1.0, May 2008 If during the session, the switch loses its po wer , the setup informat ion will be lost if Ezconfig does not have the chance to save th e changes before power-down.[...]

  • Página 37

    4-1 v1.0, May 2008 Chapter 4 Using the W eb Interface This chapter is a brief introduction to the web in terface; for example, it ex plains how to access the W eb-based management panels to con figure and m anage the system. Y ou can manage your switch through a W eb brow ser and Internet connection. This is referred to as W eb-based managem ent. T[...]

  • Página 38

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 4-2 Using the Web Interf ace v1.0, May 2008 2. Enable W eb mode: a. At the CLI prompt, enter the show network command. b. Set Web Mode to Enabled. S t arting the Web Interface Follow these steps to start the switch W eb interface: 1. Enter the IP address of the switch in the W eb [...]

  • Página 39

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Using the Web Interfa ce 4-3 v1.0, May 2008 The switch can accommodate two types of u sers: administrative use rs and guests. An administrative user may configur e the switch for network application, but a guest may not. The guest may only view the settings an d status of the netw[...]

  • Página 40

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 4-4 Using the Web Interf ace v1.0, May 2008 The new PCC web interface has the follo wing four new significant features: 1. A layout change: The new layout or ganizes the navigation pane into two rows of tags, as shown in the following screen: • Main T a gs The PCC provides th e [...]

  • Página 41

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Using the Web Interfa ce 4-5 v1.0, May 2008 –I n d e x This tag contains the site index that allows direct access to any of the pages under the main tags and sub tags. • Sub T ags The sub tag content changes depending on the selected main tag. In turn, each sub tag provides fu[...]

  • Página 42

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 4-6 Using the Web Interf ace v1.0, May 2008 Configuring an SNMP V3 User Profile Configuring an SNMP V3 user profile is a part o f user configuration. Any user can connect to the switch using the SNMPv3 protocol, but for authentication and encryption, additional steps are needed. U[...]

  • Página 43

    5-1 v1.0, May 2008 Chapter 5 V irtual LANs Adding V irtual LAN (VLAN) support to a Layer 2 switch offers some of the bene fits of both bridging and routing . Like a bridge, a VLAN switch forwards traffic based on the Layer 2 head er , which is fast, and like a router , it partitions the network into lo gical segments, which prov ides better adminis[...]

  • Página 44

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 5-2 Virtual LANs v1.0, May 2008 VLAN Configuration Example The diagram in this section shows a switch with four ports configured to handle the traffic for two VLANs. port 1/0/2 handles traf fic for both VLANs, while port 1/0/1 is a member of VLAN 2 only , and ports 1/0/3 and 1/0/4[...]

  • Página 45

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Virtual LANs 5-3 v1.0, May 2008 Example #2: Assign Port s to VLAN2 This sequence shows how to assign ports to VLAN2, specify that frames w ill always be transmitted tagged from all member ports, and that untagged frames will be rejected on receipt. Example #3: Assign Port s to VLA[...]

  • Página 46

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 5-4 Virtual LANs v1.0, May 2008 Graphical User Interface Use the following screens to pe rform the same configuration usin g the Graphical User Interface: • Switching --> VLAN- -> Configuration . T o create the VLANs and specify port participation. • Switching --> VLA[...]

  • Página 47

    6-1 v1.0, May 2008 Chapter 6 Link Aggregation This section includes instruc tions on configuring Link Aggregation u sing the Command Line Interface and the Graphical User Interface. Link Aggregation (LAG) allows the switch to treat multiple physical l inks between two end-points as a single logical link. All of the physical links in a given LAG mus[...]

  • Página 48

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 6-2 Link Aggr egation v1.0, May 2008 Figure 6-1 shows the example network. Example #1: Create two LAGS Use the show port-c hannel all command to show the logical interface ids you will use to identify the LAGs in subsequent c ommands. Assume that lag_10 is assigned id 1/1/1 and la[...]

  • Página 49

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Link Aggregatio n 6-3 v1.0, May 2008 Example #2: Add the port s to the LAGs Example #3: Enable both LAGs By default, the system en ables link trap notification At this point, the LAGs could be added to VLANs. (Netgear Switch) #config (Netgear Switch) (Config)#interface 0/2 (Netgea[...]

  • Página 50

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 6-4 Link Aggr egation v1.0, May 2008[...]

  • Página 51

    7-1 v1.0, May 2008 Chapter 7 IP Routing Services IP routing services are divided into five areas : • Port Routing • VLAN Routing • Routing Information Protocol (RIP) • Open Shortest Path First (OSPF) Protocol • Proxy Address Resolut ion Protocol (ARP) Port Routing The first networks were small en ough for the end stations to co mmunicate [...]

  • Página 52

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-2 IP Routing Services v1.0, May 2008 Port Routing Configuration The 7000 Series M anaged Switch always supp orts Layer 2 bridging, but Layer 3 routing must be explicitly enabled, first for the 7000 Series Managed Switch as a wh ole, and then for each port which is to participate[...]

  • Página 53

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-3 v1.0, May 2008 CLI Examples This diagram shows a Layer 3 switch configured fo r port routing. It co nnects three different subnets, each connected to a diff erent port. Th e script shows the comm ands you would use to configure a 7000 Series Managed Switch [...]

  • Página 54

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-4 IP Routing Services v1.0, May 2008 Example #2: Enabling Routing for Port s on the Switch Use the following commands to enable routing for ports on th e switch. The de fault link-level encapsulation format is Ethernet. Configure the IP addresses and subnet masks for the ports. [...]

  • Página 55

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-5 v1.0, May 2008 The next section will show you how to config ure the 7000 Series Managed Switch to support VLAN routing and how to use RIP and OSPF . A port may be either a VLAN port or a router port, but not both. However , a VLAN port may be pa rt of a VLA[...]

  • Página 56

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-6 IP Routing Services v1.0, May 2008 Example #1: Create T wo VLANs The following code sequence show s an example of creating two VL ANs with egress frame tagging enabled. Example #2: Set Up VLAN Routing for the VLANs and the Switch. The following code sequence shows ho w to enab[...]

  • Página 57

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-7 v1.0, May 2008 The next sequence shows an e xample of config uring the IP addresses and subnet masks for the virtual router ports. VLAN Routing RIP Configuration Routing Information Prot ocol (RIP) is one of the pro tocols which may be used by routers to ex[...]

  • Página 58

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-8 IP Routing Services v1.0, May 2008 CLI Example This example adds support for RIPv2 to the co nfiguration created in the base VLAN routing example. A second router , using port routing rath er than VLAN routing, has been added to the network. Figure 7-3[...]

  • Página 59

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-9 v1.0, May 2008 Example of configuring VLAN Rou ting with RIP support on a 7000 Series Managed Switch (Netgear Switch) #vlan data (Netgear Switch) (Vlan)#vlan 10 (Netgear Switch) (Vlan)#vlan 20 (Netgear Switch) (Vlan)#vlan routing 10 (Netgear Switch) (Vlan)#[...]

  • Página 60

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-10 IP Routing Services v1.0, May 2008 VLAN Routing OSPF Configuration For larger networks Open Shortest Path First (OSP F) is generally used in preference to RIP . OSPF offers several benefits to the administrator of a large and/or complex network: • Less network traffic: – [...]

  • Página 61

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-11 v1.0, May 2008 Example of configuring OSPF on a 7000 Series Managed Switch acting as an inter-area router : (Netgear Switch) #vlan data (Netgear Switch) (Vlan)#vlan 10 (Netgear Switch) (Vlan)#vlan 20 (Netgear Switch) (Vlan)#vlan routing 10 (Netgear Switch)[...]

  • Página 62

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-12 IP Routing Services v1.0, May 2008 Routing Information Protocol Routing Information Prot ocol (RIP) is one of the pro tocols which may be used by routers to exchange network topology informa tion. It is characterized as an “interior” ga teway protocol, and is typically us[...]

  • Página 63

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-13 v1.0, May 2008 • T o prevent any RIP packets from being transmitted CLI Examples The configuratio n commands used in the follo wing example enable RIP o n ports 1/0/2 and 1/0/3 as shown in the network illustrated in Figure 7-4 Example #1: Enable Routing [...]

  • Página 64

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-14 IP Routing Services v1.0, May 2008 Example #2: Enable Routing for Port s The following command sequence en ables routing and assigns IP addresses for ports 1/0/2 and 1/ 0/3. Example #3: Enable RIP for the Switch The next sequence enables RIP for the switch. the route preferen[...]

  • Página 65

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-15 v1.0, May 2008 Example #4: Enable RIP for port s 1/0/2 and 1/0/3 This command sequence en ables RIP for ports 1/0/2 and 1/0/3. Au thentication defaults to none, and no default route entry is created. The commands specify that both ports receive both RIPv1 [...]

  • Página 66

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-16 IP Routing Services v1.0, May 2008 • Intra-area • Inter-area • External type 1: the route is external to the AS • External T ype 2: the route was learned from other protocol s such as RIP CLI Examples The examples in this section show you how to co nfigure a 7000 Seri[...]

  • Página 67

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-17 v1.0, May 2008 Example #1: Configuring an Inter-Are a Router Enable Routing for the Switch. The following command sequence enables ip routing for the switch. Assign IP Addresses for Ports. The following sequence enables routing and assigns IP addresses for[...]

  • Página 68

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-18 IP Routing Services v1.0, May 2008 Specify Router ID and Enable OSPF for the Switch. The following sequence specifies the router ID and enables OSPF for the switch. Set disable1583 compatibility to prevent the routing loop. Enable and Configure OSPF for the Ports. The followi[...]

  • Página 69

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-19 v1.0, May 2008 Example #2: Configuring OSPF on a Border Router Figure 7-6[...]

  • Página 70

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-20 IP Routing Services v1.0, May 2008 The following example configures OSPF on a 7000 Series Mana ged Switch operating as a border router: Enable routing for the switch. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing Enable routing & assign IP for ports 1/0/2,[...]

  • Página 71

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 IP Routing Services 7-21 v1.0, May 2008 Proxy Address Resoluti on Protocol (ARP) This section describes the Proxy Address Resolution Protocol (ARP) feature. Overview • Proxy ARP allows a router to answer ARP requests where the target IP address is not the router itself but a des[...]

  • Página 72

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 7-22 IP Routing Services v1.0, May 2008 CLI Examples The following are examples of the comm ands used in the proxy ARP feature. Example #1: show ip interface Example #2: ip proxy-arp (Netgear Switch) #show ip interface ? <slot/port> Enter an in terface in slot/port format. b[...]

  • Página 73

    8-1 v1.0, May 2008 Chapter 8 V i rtual Router Redundancy Protocol When an end station is statically configured w ith the address of the router that will handle its routed traf fic, a single point of failure is intro duced into the network. If the router goes down, the end station is unable to communicate. Since sta tic configuration is a co nvenien[...]

  • Página 74

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 8-2 Virtual Router Redun dan cy Protocol v1.0, May 2008 CLI Examples This example shows how to configure the 7000 Series Manag ed Switch to support V RRP . Router 1 will be the default master router for the virtual route, and Router 2 will be the backup router . Figure 8-1[...]

  • Página 75

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Virtual Router Redunda ncy Pr otocol 8-3 v1.0, May 2008 Example #1: Configure VR RP on a Master Router The following is an examp le of configurin g VRRP on a 7000 Series Managed Switch acting as the master router: Enable routing for the switch. IP forwardi ng will then be enabled [...]

  • Página 76

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 8-4 Virtual Router Redun dan cy Protocol v1.0, May 2008 Example #2: Configure VR RP on a Backup Router The following is an examp le of configurin g VRRP on a 7000 Series Managed Switch acting as the backup route r: Enable routing for the switch. IP forwardi ng will then be enabled[...]

  • Página 77

    9-1 v1.0, May 2008 Chapter 9 Access Control List s (ACLs) This section describes the Access Control Lists (ACLs) feat ure . Overview Access Control Lists (ACLs) can control the traffic entering a network. Normally ACLs reside in a firewall router or in a router connecting two internal network s. Wh en you configure ACLs, yo u can selectively admit [...]

  • Página 78

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-2 Access Control Lists (ACLs) v1.0, May 2008 • Destination MAC address with mask • VLAN ID (or range of IDs) • Class of Service (CoS) (802.1p) • Ethertype • L2 ACLs can apply to one or mo re interfaces • Multiple access lists can be a pplied to a single interface - s[...]

  • Página 79

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-3 v1.0, May 2008 Process T o configure ACLs, follow these steps: • Create an ACL by specifying a name (MAC ACL) or a number (IP ACL) • Add new rules to the ACL • Configure the match criteria for the rules • Apply the ACL to one or more interf[...]

  • Página 80

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-4 Access Control Lists (ACLs) v1.0, May 2008 Example #2: Configure a One-W ay Access Using a TCP Flag in an ACL This example shows how to set up one-way web access using a TCP flag in an ACL. PC1 can access FTP server1 and FTP serve r2 but PC2 only access FTP server2. Create ACL[...]

  • Página 81

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-5 v1.0, May 2008 The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to configure the GSM724 8R, enter the following CLI commands: Step 1: Configure the GSM7248R (see Figure 9-2 ) Create VLAN 30 with p[...]

  • Página 82

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-6 Access Control Lists (ACLs) v1.0, May 2008 Create VLAN 200 with port 0/44 and a ssign IP address 192.168.200.1/2 4 . (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 200 (Netgear Switch) (Vlan)#vlan routing 200 (Netgear Switch) (Vlan)#exit (Netgear Switch) #configu[...]

  • Página 83

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-7 v1.0, May 2008 T o use the CLI to Configure the GSM735 2S, enter the following CLI commands: Step 2: Configure the GSM7352S (see Figure 9 -2 ) Create VLAN 40 with port 1/0/24 and assign IP address 192.168.40.1/2 4 . (Netgear Switch) #vlan database [...]

  • Página 84

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-8 Access Control Lists (ACLs) v1.0, May 2008 Web Interfac e Procedure T o use the W eb interface to configur e the GSM7248R, proceed as follows: 1. Create VLAN 30 with IP address 192.168. 30.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A scre[...]

  • Página 85

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-9 v1.0, May 2008 2. Create VLAN 100 with IP address 192.168.100.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays. b. Enter the following informatio n in the VLAN Routing W iz[...]

  • Página 86

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-10 Access Control Lists (ACLs ) v1.0, May 2008 3. Create VLAN 200 with IP address 192.168.200.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays. b. Enter the following informatio n in the VLAN Routing W i[...]

  • Página 87

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-11 v1.0, May 2008 4. Enable IP Routing: a. From the main menu, select Ro uting > IP > Basic > IP Configuration. A scr een similar to the following displays. b. Under IP Configuration, ma ke the following selections: • Next to Routing Mode,[...]

  • Página 88

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-12 Access Control Lists (ACLs ) v1.0, May 2008 b. Under Configure Routes, make the following selection and enter the following information: • Select St a t i c from the Route T y pe pulldown menu . • In the Network Address field, enter 192.168.40.0 . • In the Subnet Mask f[...]

  • Página 89

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-13 v1.0, May 2008 7. Create an ACL with ID 101: a. From the main menu, select Security > ACL > Ad vanced > IP ACL. A screen similar to the following displays. b. In the IP ACL ID field of the IP ACL T able, enter 101 . c. Click Add . 8. Crea[...]

  • Página 90

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-14 Access Control Lists (ACLs ) v1.0, May 2008 9. Add and configure an IP extended rule that is associated with ACL 101: a. From the main menu, select Se curity > ACL > Advanced > IP Extended Rules. A screen similar to the following displays. b. Under IP Extended Rules,[...]

  • Página 91

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-15 v1.0, May 2008 d. Under Extended ACL Rule Config uration (100-199), enter the following information and make the following selections: • In the Rule ID field, enter 1 . • Next to Action mode, select the Deny rad io but ton. • Select False fr[...]

  • Página 92

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-16 Access Control Lists (ACLs ) v1.0, May 2008 d. Under Extended ACL Rule Config uration (100-199), enter the following information and make the following selections: • In the Rule ID field, enter 1 . • Next to Action mode, select the Permit rad i o but ton. • Select False[...]

  • Página 93

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-17 v1.0, May 2008 11 . Apply ACL 101 to port 4 4: a. From the main menu, select Security > ACL > Advanced > IP Binding Configura tion. A screen similar to the following displays. b. Under Binding Configurat io n, make the fo llowing selectio[...]

  • Página 94

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-18 Access Control Lists (ACLs ) v1.0, May 2008 12. Apply ACL 102 to po rt 44: a. From the main menu, select Security > ACL > Advanced > IP Binding Configura tion. A screen similar to the following displays. b. Under Binding Configurat io n, make the fo llowing selection[...]

  • Página 95

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-19 v1.0, May 2008 T o use the W eb interface to config ure the GSM7352S, proceed as follows: 1. Create VLAN 40 with IP address 192.168. 40.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the follo[...]

  • Página 96

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-20 Access Control Lists (ACLs ) v1.0, May 2008 2. Create VLAN 50 with IP address 192.168. 50.1/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays. b. Enter the following informatio n in the VLAN Routing W iz[...]

  • Página 97

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-21 v1.0, May 2008 3. Create VLAN 200 with IP address 192.168.200.2/24: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays. b. Enter the following informatio n in the VLAN Routing W i[...]

  • Página 98

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-22 Access Control Lists (ACLs ) v1.0, May 2008 4. Create a static route with IP address 192.168.100.0/2 4: a. From the main menu, select Routing > Routing T able > Bas i c > Rou te Configuration. A screen similar to the following displays. b. Under Configure Routes, mak[...]

  • Página 99

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-23 v1.0, May 2008 5. Create a static route with IP address 192.168.30.0/24: a. From the main menu, select Routing > Routing T able > Bas i c > Rou te Configuration. A screen similar to the following displays. b. Under Configure Routes, make [...]

  • Página 100

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-24 Access Control Lists (ACLs ) v1.0, May 2008 The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to isolate VLANs on a Layer 3 switch by using ACLs, enter the following CLI commands: Figure 9-22 Create VLAN 24, add po rt 1/0/24 [...]

  • Página 101

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-25 v1.0, May 2008 Create VLAN 48, add po rt 1/0/48 to it, and assign IP address 192.168.48.1 to it . (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 48 (Netgear Switch) (Vlan)#vlan routing 48 (Netgear Switch) (Vlan)#exit (Netgear Switch)[...]

  • Página 102

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-26 Access Control Lists (ACLs ) v1.0, May 2008 Web Interfac e Procedure T o use the W eb interface to isolate VLANs on a Laye r 3 switch by using ACLs, pr oceed as follows: 1. Create VLAN 24 with IP address 192.168. 24.1: a. From the main menu, select Routing > VL AN > VLA[...]

  • Página 103

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-27 v1.0, May 2008 b. Enter the following informatio n in the VLAN Routing W izard: • In the Vlan ID field, enter 24 . • In the IP Address field, enter 192.168.24.1 . • In the Network Mask field, enter 255.255.255 .0 . c. Click Unit 1 . The port[...]

  • Página 104

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-28 Access Control Lists (ACLs ) v1.0, May 2008 e. Click Apply to save VLAN 48. 3. Create VLAN 38 with IP address 10.100.5.34: a. From the main menu, select Routing > VL AN > VLAN Routing W izard. A screen similar to the following displays. b. Enter the following informatio[...]

  • Página 105

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-29 v1.0, May 2008 b. Under IP Configuration, ma ke the following selections: • Next to Routing Mode, select the Enable radio button. • Next to IP Forwarding Mode, select the Enable radio button. c. Click Apply to enable IP Routing. 5. Create an A[...]

  • Página 106

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-30 Access Control Lists (ACLs ) v1.0, May 2008 6. Create an ACL with ID 102: a. From the main menu, select Security > ACL > Ad vanced > IP ACL. A screen similar to the following displays. b. In the IP ACL ID field of the IP ACL T able, enter 102 . c. Click Add . 7. Crea[...]

  • Página 107

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-31 v1.0, May 2008 b. In the IP ACL ID field of the IP ACL T able, enter 103 . c. Click Add . 8. Add and configure an IP extended rule that is associated with ACL 101: a. From the main menu, select Se curity > ACL > Advanced > IP Extended Rul[...]

  • Página 108

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-32 Access Control Lists (ACLs ) v1.0, May 2008 d. Under Extended ACL Rule Config uration (100-199), enter the following information and make the following selections: • In the Rule ID field, enter 1 . • Next to Action mode, select the Deny rad io but ton. • Select False fr[...]

  • Página 109

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-33 v1.0, May 2008 d. Under Extended ACL Rule Config uration (100-199), enter the following information and make the following selections: • In the Rule ID field, enter 1 . • Next to Action mode, select the Deny rad io but ton. • Select False fr[...]

  • Página 110

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-34 Access Control Lists (ACLs ) v1.0, May 2008 10. Add and configure an IP extended rule that is associated with ACL 103: a. From the main menu, select Se curity > ACL > Advanced > IP Extended Rules. A screen similar to the following displays. b. Under IP Extended Rules[...]

  • Página 111

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-35 v1.0, May 2008 • Next to Action mode, select the Permit rad i o but ton. • Select False from the Match Every pulld own menu. • Select IP from the Protocol T ype pulldown menu. e. Click Apply to save the settings. 11 . Apply ACL 102 to port 2[...]

  • Página 112

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-36 Access Control Lists (ACLs ) v1.0, May 2008 12. Apply ACL 101 to po rt 48: a. From the main menu, select Security > ACL > Advanced > IP Binding Configura tion. A screen similar to the following displays. b. Under Binding Configurat io n, make the fo llowing selection[...]

  • Página 113

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-37 v1.0, May 2008 13. Apply ACL 103 to port 24 and po rt 48 : a. From the main menu, select Security > ACL > Advanced > IP Binding Configura tion. A screen similar to the following displays. b. Under Binding Configurat io n, make the fo llow[...]

  • Página 114

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-38 Access Control Lists (ACLs ) v1.0, May 2008 MAC ACL CLI Examples The following are examples of the comm ands used for the MAC ACLs feature. Example #1: mac access list (Netgear Switch)(Config)#mac access- list ? extended Configure extended MAC Access List parameters. Netgear [...]

  • Página 115

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-39 v1.0, May 2008 Example #2: permit any (Netgear Switch) (Config-mac access- list)#permit ? <srcmac> Enter a MAC address. any Configure a match condition for all the destination MAC addresses in the Destination MAC Address field. (Netgear Swit[...]

  • Página 116

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-40 Access Control Lists (ACLs ) v1.0, May 2008 Example #3 Configure mac access-group (Netgear Switch) (Config)#interface 1/0/5 (Netgear Switch) (Interface 1/0/5)#m ac ? access-group Attach MAC Access Li st to Interface. (Netgear Switch) (Interface 1/0/5)#m ac access-group ? <[...]

  • Página 117

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Access Control Lists (ACLs ) 9-41 v1.0, May 2008 Example #4 permit (Netgear Switch) (Config)#mac access -list extended b2 (Netgear Switch) (Config-mac-access- list)#permit 00:00:00:00:00:00 ? <dstmac> Enter a MAC Address. any Configure a a match condition for al l the destin[...]

  • Página 118

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 9-42 Access Control Lists (ACLs ) v1.0, May 2008 Example #5: show mac access-list s (Netgear Switch) #show mac access-li sts Current number of all ACLs: 2 Max imum number of all ACLs: 100 MAC ACL Name Rules Interface( s) Direction ------------ ----- ----------- - --------- b1 1 1/[...]

  • Página 119

    10-1 v1.0, May 2008 Chapter 10 Class of Service (CoS) Queuing This section describes the Class of Service (C oS) Queue Mapping and T raffic Shaping features. Overview Each port has one or more queues for packet transmission. During configuration, you can determine the mapping and conf iguration of these queues. Based on service rate and other crite[...]

  • Página 120

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 10-2 Class of Service (CoS) Queuing v1.0, May 2008 – IP Precedence – IP Dif fServ Code Point (DSCP) The system can assign service level based upon the 802.1p priority field of the L2 header . Y ou configure this by mapping the 80 2.1p priorities to one of three traffic class q[...]

  • Página 121

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Class of Service (CoS) Queuing 10-3 v1.0, May 2008 – T ail drop vs. WRED Drop Precedence Conf iguration (per Queue) •W R E D p a r a m e t e r s – Minimum threshold – Maximum threshold – Drop probability – Scale factor • T ail Drop parameters – Threshold Per-Interf[...]

  • Página 122

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 10-4 Class of Service (CoS) Queuing v1.0, May 2008 Example #1: show classofservice trust Example #2: set clas sofservice trust mode (Netgear Switch) #show classofservic e trust ? <cr> Press Enter to execute the command. (Netgear Switch) #show classofservic e trust Class of S[...]

  • Página 123

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Class of Service (CoS) Queuing 10-5 v1.0, May 2008 Example #3: show classofser vice ip-precedence mapping Example #4: Config Co s-queue Min-bandwid th and Strict Priority Scheduler Mode (Netgear Switch) #show classofservic e ip-precedence-mapping IP Precedence Traffic Class ------[...]

  • Página 124

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 10-6 Class of Service (CoS) Queuing v1.0, May 2008 Example #5: Set CoS T rus t Mode of an Interface T raffic Shaping This section describes the T raffic Shaping feature. T raffic shaping controls the amou nt and volume of traf fic transmitted through a network. This has the ef fec[...]

  • Página 125

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Class of Service (CoS) Queuing 10-7 v1.0, May 2008 Example #1 traffic-shape (Netgear Switch) (Config)#traffic-sh ape ? <bw> Enter the s haping bandwidth percentage from 0 to 100 in incremen ts of 5. (Netgear Switch) (Config)#traffic-sh ape 70 ? <cr> Press Enter to exec[...]

  • Página 126

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 10-8 Class of Service (CoS) Queuing v1.0, May 2008[...]

  • Página 127

    11-1 v1.0, May 2008 Chapter 1 1 Differentiated Services Differentiated Services ( DiffServ) is one technique for implementing Qu ality of Service (QoS) policies. Using DiffServ in your network allows you to direct ly co nfigure the relevant parameters on the switches and routers ra ther than using a re source reservation protocol.This section expla[...]

  • Página 128

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 11-2 Differentiated Services v1.0, May 2008 – Marking the packet with a given DSCP code point, IP precedence, or CoS – Policing packets by dropping or re -marking th ose that exceed the class’ s assigned data rate – Counting the traffic within the class • Service. Assign[...]

  • Página 129

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Differentiated Services 11-3 v1.0, May 2008 The following examp le configures Dif fServ on a 7000 Series Managed Switch: Ensure DiffServ operation is enabled for the switch. (Netgear Switch) #config (Netgear Switch) (Config)#diffserv Create a DiffServ class of type “all” for e[...]

  • Página 130

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 11-4 Differentiated Services v1.0, May 2008 DiffServ for V oIP Configuration Example One of the most valuable uses of Dif fServ is to support V oice over IP (V oIP). V oIP traffic is inherently time-sensitive: for a ne twork to provide acceptable servic e, a guaranteed transmissio[...]

  • Página 131

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Differentiated Services 11-5 v1.0, May 2008 a class for UDP traffic, have that traf fic marked on the inbound side, and then expedite the traffic on the outbound side. The config uration script is for Router 1 in the acco mpanying diagram: a similar script should be applied to Rou[...]

  • Página 132

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 11-6 Differentiated Services v1.0, May 2008 The following example config ures Dif fServ V oIP support: Enter Global Config mode. Set queue 5 on all ports to use strict priority mode. This queue shall be used for all VoIP packets. Activate DiffServ for the switch. (Netgear Switch) [...]

  • Página 133

    12-1 v1.0, May 2008 Chapter 12 IGMP Snooping This section describes the Internet Group Mana gement Prot ocol (IGMP) feature: IGMPv3 and IGMP Snooping. Overview IGMP: • Uses V ersion 3 of IGMP • Includes snoopin g • Snooping can be enab led per VLAN CLI Examples The following are examples of the commands used in the IGMP Snooping feature. Exam[...]

  • Página 134

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 12-2 IGMP Snooping v1.0, May 2008 Example #2: show igmp snooping Example #3: show mac-ad dress-t able igmp snooping (Netgear Switch) #show igmpsnoop ing? <cr> Press Enter to execute the co mmand. <slot/port> Enter interface in sl ot/port format. mrouter Display IGMP Sn[...]

  • Página 135

    13-1 v1.0, May 2008 Chapter 13 Port Security This section describes the Port Security feature. Overview Port Security: • Allows for limiting the number of MAC addresses on a given port • Packets that have a matching MAC address (secure packets) are forwarde d; all other pa ckets (unsecure packets) are restricted • Enabled on a per port basis [...]

  • Página 136

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 13-2 Port Security v1.0, May 2008 Operation Port Security: • Helps secure network by preventing u nknown devices from forwarding packets • When link goes down, all dynamica lly locked addresses are ‘freed’ • If a specific MAC address is to be set for a port , set the dyn[...]

  • Página 137

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Port Security 13-3 v1.0, May 2008 CLI Examples The following are examples of the commands used in the Port Security feature. Example #1: show port security Example #2: show port securi ty on a specific interface Example #3: (Config) port security (Netgear Switch) #show port-securi[...]

  • Página 138

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 13-4 Port Security v1.0, May 2008[...]

  • Página 139

    14-1 v1.0, May 2008 Chapter 14 T raceroute This section describes the T raceroute feature. Use T raceroute to discover the routes that packets take when traveli ng on a hop-by -hop basis to their destination through the network. • Maps network routes by sending packets with small T ime-to-Live (TTL) values and watches the ICMP time-ou t announcem[...]

  • Página 140

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 14-2 Traceroute v1.0, May 2008 CLI Example The following shows an example of using the traceroute command to determi ne how many hops there are to the des tination. Th e command output shows each IP ad dress the packet passes through and how long it takes to get there. In this exa[...]

  • Página 141

    15-1 v1.0, May 2008 Chapter 15 Configuration Scripting This section describes the Conf iguration Scripting feature. Overview Configuration Scripting: • Allows you to generate text-formatted files • Provides scrip ts tha t can be uplo aded and download ed to the system • Provides flexibility to create command configuration scripts • May be a[...]

  • Página 142

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 15-2 Configuration Scripting v1.0, May 2008 Example #1: script Example #2: script list and script delete Example #3: script apply running-config.scr (Netgear Switch) #script ? apply Applies configuration script to the swit ch. delete Deletes a confi guration script file from the s[...]

  • Página 143

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Configuration Scripting 15-3 v1.0, May 2008 Example #4: Creating a Configuration Script Example #5: Upload a Configuration Script (Netgear Switch) #show running-confi g running-config.scr Config script created successfully. (Netgear Switch) #script list Configuration Script Name S[...]

  • Página 144

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 15-4 Configuration Scripting v1.0, May 2008[...]

  • Página 145

    16-1 v1.0, May 2008 Chapter 16 Outbound T e lnet This section describes the Outbound T elnet feature. Overview Outbound T elnet: • Establishes an outbound telnet connection between a device and a remote host • A telnet connection is initiated, each side of the conn ection is assumed to originate and terminate at a “Network V i rtual T erminal[...]

  • Página 146

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 16-2 Outbound Telnet v1.0, May 2008 Example #1: show network Example #2: show telnet (Netgear Switch Routing) >telnet 192 .168.77.151 Trying 192.168.77.151... (Netgear Switch Routing) User:admin Password: (Netgear Switch Routing) >en Password: (Netgear Switch Routing) #show [...]

  • Página 147

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Outbound Telnet 16-3 v1.0, May 2008 Example #3: transport output telnet Example #4: session-limi t and session-timeout (Netgear Switch Routing) (Config)#li neconfig ? <cr> Press Enter to execute the command. (Netgear Switch Routing) (Config)#li neconfig (Netgear Switch Routi[...]

  • Página 148

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 16-4 Outbound Telnet v1.0, May 2008[...]

  • Página 149

    17-1 v1.0, May 2008 Chapter 17 Port Mirroring This section describes the Port Mirroring feature. Overview Port Mirroring: • Allows you to monitor network traf fi c with an external network analyzer • Forwards a copy of each incoming a nd outgoing packet to a sp ecific port • Is used as a diagnostic tool, deb ugging feature or me ans of fendin[...]

  • Página 150

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 17-2 Port Mirr oring v1.0, May 2008 Example #1: show monitor session Example #2: show port all Example #3: show port interface Use this command for a specific por t. The output shows whether the port is the mirror or the probe (Netgear Switch Routing) #show monit or session 1 Sess[...]

  • Página 151

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Port Mirroring 17-3 v1.0, May 2008 port, and what is enabled or disable d on the port. Example #4: (Config) monitor session 1 mode T o set up port mirroring, s pecify th e monitor session, then the mode. (Netgear Switch Routing) #show port 0/7 Admin Physical Physical Link Link LAC[...]

  • Página 152

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 17-4 Port Mirr oring v1.0, May 2008 Example #5: (Config) monito r session 1 source interface Specify the source (mirrored) ports and destination (probe) port. Example #6: (Interf ace) port security (Netgear Switch Routing)(Config)#mon itor session 1 source? interface Configure int[...]

  • Página 153

    18-1 v1.0, May 2008 Chapter 18 Simple Network T ime Protocol (SNTP) This section describes the Simple Netw ork T ime Protocol (SNTP) feature . Overview SNTP: • Used for synchronizin g network resources • Adaptation of NTP • Provides synchron ized network tim estamp • Can be used in broadcast or unicast mode • SNTP client implemented over [...]

  • Página 154

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 18-2 Simple Network Time Protocol (SNTP) v1.0, May 2008 Example #2: show sntp client Example #3: show sntp server Example #4: Configure SNTP Netgear switches do not have a built-in real-time cloc k. However , it is possible to use SNTP to get the time from a public SNTP/NTP se rve[...]

  • Página 155

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Simple Network Time Protocol (SNTP) 18-3 v1.0, May 2008 1. Configure the SNTP server IP address. The IP address can be either from the public NTP server or your own. Y ou can search the Intern et to locate the public server . The serve rs available could be listed in domain-name f[...]

  • Página 156

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 18-4 Simple Network Time Protocol (SNTP) v1.0, May 2008 Example #5: Setting T ime Zone The SNTP/NTP server is set to Coordina ted Universal Time (UTC) by default. The following example shows how to set the time zone to Pacifi c Standard Time (PST) which is 8 hours behind GMT/UTC. [...]

  • Página 157

    19-1 v1.0, May 2008 Chapter 19 Syslog This section provides informa tion about the Syslog feature. Overview Syslog: • Allows you to store system messages and/or errors • Can store to local files on the switch or a remote server running a syslog daemon • Method of collecting messag e logs from many systems Persistent Log Files • Currently th[...]

  • Página 158

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 19-2 Syslog v1.0, May 2008 Interpreting Log Files CLI Examples The following are examples of the comm ands used in the Syslog feature. <130> JAN 01 00:00:0 6 0.0.0.0-1 UNKN [0x 800023]: boot os.c(386) 4 %% Event (0xaaaaaaaa) A. Priority B. T imestamp C. S tack ID D. Componen[...]

  • Página 159

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Syslog 19-3 v1.0, May 2008 Example #1: show logging Example #2: show logging buffered (Netgear Switch Routing) #show loggi ng Logging Client Local Port : 514 CLI Command Logging : disabled Console Logging : disabled Console Logging Severity Filter : alert Buffered Logging : enable[...]

  • Página 160

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 19-4 Syslog v1.0, May 2008 Example #3: show logging traplogs Example #4: show logging host s (Netgear Switch Routing) #show logging traplogs ? <cr> Press Enter to execute the c ommand. (Netgear Switch Routing) #show logging traplogs Number of Traps Since Last Reset.... .....[...]

  • Página 161

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Syslog 19-5 v1.0, May 2008 Example #5: logging port configuration (Netgear Switch Routing) #config (Netgear Switch Routing) (Config)#logging ? buffered Buffered (In-Memory) Logging Configuration. cli-command CLI Command Logging Configuration. console Console Logging Configuration.[...]

  • Página 162

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 19-6 Syslog v1.0, May 2008[...]

  • Página 163

    20-1 v1.0, May 2008 Chapter 20 Managing Switch S t acks This chapter describes the concepts and recommen ded operating procedures to manage Netg ear stackable managed switches running Release 4. x. x.x or newer . Netgear stack able managed switches include the following models: • FSM7328S • FSM7352S • FSM7352PS • GSM7328S • GSM7352S This [...]

  • Página 164

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-2 Managing Sw itch Stacks v1.0, May 2008 Underst anding Switch St acks A switch stack is a set of up to eight Et hernet switches connected throug h their stacking ports. One of the switches controls the operation of th e stack and is called the stack master . The stack master a[...]

  • Página 165

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 2 0-3 v1.0, May 2008 Switch St ack Membership A switch stack has up to eight stack members connected through their stacking ports. A switch stack always has one stack master . A standalone switch is a switch stac k with one stack member that al so operates a[...]

  • Página 166

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-4 Managing Sw itch Stacks v1.0, May 2008 Switch St ack Cabling (FSM73xxS) Figure 20-1 and Figure 20-2 illustrate how indivi dual switches ar e interconnected to form a stack. Y ou can use the regular Category 5 Et hernet 8 wire cable. Figure 20-1 Figure 20-2 Interconnect port s[...]

  • Página 167

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 2 0-5 v1.0, May 2008 S t ack Master Election and Re-Election The stack master is el ected or re-elec ted based on one of these factors and in the order listed: 1. The switch that is currently the stack master 2. The switch with the highest stack member prior[...]

  • Página 168

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-6 Managing Sw itch Stacks v1.0, May 2008 Stack members in the same switch stack cannot have the same stack member numbe r . Every stack member , including a standa lone switch, retains its member nu mber until you manu ally change the number or unless the number i s already bei[...]

  • Página 169

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 2 0-7 v1.0, May 2008 Effect s of Replacing a Preconfigu red Switch in a Switch St ack When a preconfigured switch in a switch stack fails, is removed from the stack, and is replaced with another switch, the stack applies either the pr econfiguration or the d[...]

  • Página 170

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-8 Managing Sw itch Stacks v1.0, May 2008 Switch St ack Software Comp atibility Recommendations All stack members must run the same software version to ensure comp atibility between stack members. The software versions on all stack memb ers, including the stack master , must be [...]

  • Página 171

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 2 0-9 v1.0, May 2008 Switch St ack Management Connectivity Y ou manage the switch stack and the stack member interfaces through the stack master . Y ou ca n use the web interface , the CLI, and SNMP . Y ou cannot mana ge stack members on an ind i vidual swit[...]

  • Página 172

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-10 Managing Switch Stacks v1.0, May 2008 S tack master election specifically determined by the MAC address • Assuming that both stack members have the same priority value and software image, restart both stack members at the same time. The stack member with the higher MAC add[...]

  • Página 173

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 20-11 v1.0, May 2008 S t acking Recommendations The purpose of this section is to collect notes on recommended pr ocedures and expe cted behavior of stacked manage d switches. Proc edures addressed initially are listed below . • Initial installation and po[...]

  • Página 174

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-12 Managing Switch Stacks v1.0, May 2008 Initial inst allation an d Power-up of a S t ack 1. Install units in rack. 2. Install all stacki ng cables. Fully connect, including the redundant stack link. It is highly recommended that a redu ndant link be installed. 3. Identify the [...]

  • Página 175

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 20-13 v1.0, May 2008 Adding a Unit to an O perating St ack 1. Make sure the redundant stack connection is in place and functional. All stack members should be connected in a logical ring. 2. Preconfigure the new unit, if de sired . 3. Install new unit in the[...]

  • Página 176

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-14 Managing Switch Stacks v1.0, May 2008 • Add the new stack unit to the stac k using the pro cess described in s ection “Adding a Unit to an Operating Stack” . The unit can be inserted into the same position as the unit just removed, or the unit can be inserted at the bo[...]

  • Página 177

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 20-15 v1.0, May 2008 Merging T wo Operational S tacks It is strongly recommend ed that two functioning stacks (each having an independent master) not be merged simply by the reconnection of stack cab les. That process may result in a number of unpredictable [...]

  • Página 178

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-16 Managing Switch Stacks v1.0, May 2008 archive command (in stack configuration mode) may be issued to make another attempt to copy the software t o the unit(s) that did not get updated. Errors duri ng code propagati on to stack members could be caused by stack cable mo vement[...]

  • Página 179

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Managing Switch Stacks 20-17 v1.0, May 2008 Code Mismatch If a unit is added to a stack and it does not have the same version of code as tha t of the master , the following should happ en: • “New” unit will boot up and become a “member” of the stack • Ports on the adde[...]

  • Página 180

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 20-18 Managing Switch Stacks v1.0, May 2008[...]

  • Página 181

    21-1 v1.0, May 2008 Chapter 21 Pre-Login Banner This section describes the Pre-Login Banner feature. Overview Pre-Login Banner: • Allows you to create message screens when logging into the CLI Interface • By default, no Banner file exists • Can be uploaded or downloaded • File size cannot be larger than 2K The Pre-Login Banner feature is on[...]

  • Página 182

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 21-2 Pre-Login Banner v1.0, May 2008 2. T ransfer the file from the PC to the switch using TFTP (Netgear Switch Routing) #copy tftp: //192.168.77.52/banner.txt nvram:clibanner Mode................................ ........... TFTP Set TFTP Server IP.................. ........... 19[...]

  • Página 183

    22-1 v1.0, May 2008 Chapter 22 IGMP Querier When the switch is used in ne twork applications where video se rvice s such as IP TV , vide o streaming, and gaming are deployed, the video traf fic would normally be flooded to all connected ports because such traffic packets usually have mu lticast Ethernet addresses. IGMP snooping can be enabled to cr[...]

  • Página 184

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 22-2 IGMP Querier v1.0, May 2008 CLI Examples Example #1: Enable IGMP Querier Use the following CLI commands to set up the switch to genera te IGMP querier packet for a designated VLAN. The IGMP pa cket will be transmitted to every port s on the VLAN. The following example enables[...]

  • Página 185

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DNS 23-1 v1.0, May 2008 Chapter 23 DNS This section describes the Domain Name System (DNS) feature. The DNS protocol maps a ho st name to an IP address, allow ing you to replace the IP address with the host name for IP commands such as a ping and a traceroute, and for features suc[...]

  • Página 186

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 23-2 DNS v1.0, May 2008 CLI Commands T o use the CLI to specify two DNS serve rs, enter the following CLI commands: Web Interfac e Procedure T o use the W eb interface to specify two DNS servers, proceed as follows: 1. From the main menu, select System > Manage ment > DNS &g[...]

  • Página 187

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DNS 23-3 v1.0, May 2008 Example 2#: Manually Add a Ho st Name and an IP Address The following example shows commands to add a sta tic host name entry to the switc h so that you can use this entry to resolve the IP address. The example is shown as CLI commands and as a W eb interfa[...]

  • Página 188

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 23-4 DNS v1.0, May 2008 2. Under DNS Host Configuration, enter the following information: • In the Host Name field, enter www .netgear .com . • In the IP Address field, enter 206.82.202.4 6 . 3. Click Add . The host name and IP address now show in the DNS Ho st Configuration t[...]

  • Página 189

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DHCP Server 24 -1 v1.0, May 2008 Chapter 24 DHCP Server This section describes the DHCP server configuration. When a client sends a request to a DHCP server , the DHCP server assigns the IP address from ad dress pools that are sp ecified on the switch. The network in the DHCP pool[...]

  • Página 190

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 24-2 DHCP Server v1.0, May 2008 Web Interfac e Procedure T o use the W eb interface to create a DHCP se rver with a dynamic pool, proceed as follows: 1. From the main menu, select System > Se rvices > DHCP Server > DHCP Se rver Configuration. A screen simila r to the foll[...]

  • Página 191

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DHCP Server 24 -3 v1.0, May 2008 4. From the main menu, select System > Services > D HCP Server > D HCP Pool Configuration. A screen similar to the following displays. 5. Under DHCP Pool Configuration, enter the followi ng information: • Select Create from the Pool Name[...]

  • Página 192

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 24-4 DHCP Server v1.0, May 2008 Example #2: Configure a DHCP Server in Manual Mode The following example sh ows how to cre at e a DHCP server with a manual pool. The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to create a DHCP s[...]

  • Página 193

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 DHCP Server 24 -5 v1.0, May 2008 Web Interfac e Procedure T o use the W eb interface to create a DHCP server with a manual pool, proceed as follows: 1. From the main menu, select System > Se rvices > DHCP Server > DHCP Se rver Configuration. A screen simila r to the follo[...]

  • Página 194

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 24-6 DHCP Server v1.0, May 2008 4. Under DHCP Pool Configuration, enter the followi ng information: • Select Create from the Pool Name pulldown menu. • In the Pool Name field, enter pool_m anual . • Select Manual from the T ype of Binding pu lldown menu. • In the Client Na[...]

  • Página 195

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Protected Ports 25-1 v1.0, May 2008 Chapter 25 Protected Port s This section describes how to set up protected por ts on the switch. Some si tuations might require that traf fic is prevented from bein g forwarded between an y ports at Layer 2 so that on e user cannot see the traff[...]

  • Página 196

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 25-2 Protected Po rts v1.0, May 2008 . The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to configure a protected port in order to isolate ports, enter the following CLI commands: Figure 25-1 Step 1: Create one VLAN 192 includin g[...]

  • Página 197

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Protected Ports 25-3 v1.0, May 2008 Web Interfac e Procedure T o use the W eb Interface to configure a protec ted po rt in order to isolate ports, procee d as follows: 1. Create a DHCP pool: Step 2: Create one VLAN 202 connecte d to the Internet . (Netgear Switch) #vlan database ([...]

  • Página 198

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 25-4 Protected Po rts v1.0, May 2008 a. From the main menu, select System > Se rvices > DHCP Server > DHCP Server Configuration. A screen simila r to the following displays. b. Under DHCP Pool Configuration, enter the followi ng information: • Select Create from the Poo[...]

  • Página 199

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Protected Ports 25-5 v1.0, May 2008 • In the Network Number field, enter 192.168.1.0 . • In the Network Mask field, enter 255.255.255 .0 . • In the Days field, enter 1 . • Click on Default Router Addresses . The DNS server address fields display . In the first router addre[...]

  • Página 200

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 25-6 Protected Po rts v1.0, May 2008 The U specifies that the egress p acket is untagged for the port. d. Click Apply to save the VLAN that includes ports 23 and 24. 3. Configure a VLAN and includ e port 1/0/48 in the VLAN: a. From the main menu, select Routing > VL AN > VLA[...]

  • Página 201

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Protected Ports 25-7 v1.0, May 2008 b. Under IP Configuration, ma ke the following selections: • Next to Routing Mode, select the Enable radio button. • Next to IP Forwarding Mode, select the Enable radio button. c. Click Apply to enable IP Routing. 5. Configure default route [...]

  • Página 202

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 25-8 Protected Po rts v1.0, May 2008 6. Configure port 23 and port 2 4 as protected ports: a. From the main menu, select Security > T raffi c Control > Protected Port. A screen similar to the following displays. b. Under Protected Ports Configuration, Click Un it 1 . The por[...]

  • Página 203

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 802.1x Port Security 26-1 v1.0, May 2008 Chapter 26 802.1x Port Security This section describes how to c onfigure the 802.1x Port Secur ity feature on a switch port. IEEE 802.1x authentication prev ents unauthorized clients fro m connecting to a VLAN unless these clients are autho[...]

  • Página 204

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 26-2 802.1x Port Security v1.0, May 2008 The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to enable 802.1x authentication on one port, and to allow only the user with the name “adam” to access the VL AN, ente r the following [...]

  • Página 205

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 802.1x Port Security 26-3 v1.0, May 2008 Web Interfac e Procedure T o use the W eb Interface to enable 802.1x authen tication on one port, and to allow only the user with the name “adam” to access the VLA N, proceed as follows: 1. Create VLAN 100 with IP address 192.168.100.1:[...]

  • Página 206

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 26-4 802.1x Port Security v1.0, May 2008 b. Enter the following informatio n in the VLAN Routing W izard: • In the Vlan ID field, enter 100 . • In the IP Address field, enter 192.168.100. 1 . • In the Network Mask field, enter 255.255.255 .0 . c. Click Unit 1 . The ports dis[...]

  • Página 207

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 802.1x Port Security 26-5 v1.0, May 2008 3. Add a new user account with the name “adam”: a. From the main menu, select Security > Manage ment Security > User Configuration > User Management. A screen similar to the foll owing displays. b. Under Manage Users, in the Us[...]

  • Página 208

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 26-6 802.1x Port Security v1.0, May 2008 5. Enable port authentication: a. From the main menu, select Security > Port Authentication > Basic > 802.1x Configuration. A screen simila r to the following displays. b. Under Mode, next to Administrative Mode, select the Enable [...]

  • Página 209

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 802.1x Port Security 26-7 v1.0, May 2008 b. Under Port Authentication, enter the following information: • In the Max Users field, enter 4 . • Select Mac based from the Port Method p ulldown menu. c. Click Apply to save the settings.[...]

  • Página 210

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 26-8 802.1x Port Security v1.0, May 2008[...]

  • Página 211

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Double VLANs 27-1 v1.0, May 2008 Chapter 27 Double VLANs This section describes how to configure the Do uble VLAN (DVLAN) feature on the switch. A DVLAN is a way to pass traffic of customers who have multiple VLANs from one customer domain to another customer domain. Custo m VLAN [...]

  • Página 212

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 27-2 Double VLANs v1.0, May 2008 The example is shown as CLI commands and as a W eb interface procedure. CLI Commands T o use the CLI to enable a double VLAN on a VLAN, enter the following CLI commands: Figure 27-1 Create a VLAN 200 . (Netgear Switch)#vlan database (Netgear Switch[...]

  • Página 213

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Double VLANs 27-3 v1.0, May 2008 Web Interfac e Procedure T o use the W eb Interface to enable a d ouble VLAN on a VLAN, proceed as follows: 1. Create static VLAN 200: a. From the main menu, select Switching > VL AN > Basic > VLAN Configuration. A screen similar to the fo[...]

  • Página 214

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 27-4 Double VLANs v1.0, May 2008 2. Add ports 24 and 48 to VLAN 20 0. a. From the main menu, select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following displays. b. Under VLAN Membership, select 200 from the VLAN ID pulldown me nu. c. Click Un[...]

  • Página 215

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Double VLANs 27-5 v1.0, May 2008 3. Change the Port VLAN ID (PVID) of port 24 to 200: a. From the main menu, select Switching > VLAN > Advanced > Port PVID Configuration. A screen similar to the following displays. b. Under PVID Configuration, sc roll down to interface 1/[...]

  • Página 216

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 27-6 Double VLANs v1.0, May 2008 4. Configure port 48 as the provider service port: a. From the main menu, select Switchi ng > VLAN > Advanced > Port DVLAN Configuration. A screen simila r to the following displays. b. Under DVLAN Configuration, scroll down to in terface [...]

  • Página 217

    Index-1 v1.0, May 2008 Index Numerics 802.1x port security 26-1 A ACL 9-1 add 4-5 apply 4-5 ARP 7-21 C cancel 4-5 command archive 20-16 archive download-sw 20-8 clear config 2-14 clock timezone 18-4 copy nvram errorlog 2-13 copy nvram startup-config 2-12 , 2-13 copy nvram tr aplog 2-13 copy system image 2-13 copy system running-config nvram startup[...]

  • Página 218

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 Index-2 v1.0, May 2008 switch priority 20-6 switch renumber 20-14 traceroute 14-1 traf fic-shape 10-7 transport output telnet 16-3 users passwd 2-1 1 configuration scripting 15-1 CoS 10-1 drop precedence configuration 10-3 per-interface basis 10-3 port egress queue configuration 1[...]

  • Página 219

    NETGEAR 7000 Series Managed Switch Administration Guide Versio n 7.2 Index-3 v1.0, May 2008 protected ports 25-1 Q QoS class 11 - 1 policy 11 - 1 service 11 - 2 R refresh 4-5 RIP 7-1 , 7-2 , 7-7 , 7-12 S SNMP V3 user profile 4-6 SNTP 18-1 static host name 23-1 switch FSM family of swit ches 20-1 GSM family of switches 20-1 IP address 3- 2 name 3-3 [...]

  • Página 220

    NETGEAR 7000 Series Managed Switch Administr ation Guide Version 7.2 Index-4 v1.0, May 2008[...]