NETGEAR GSM7248NA Administration Manual
  1. Manuals
  2. Brands
  3. NETGEAR Manuals
  4. Switch
  5. GSM7248NA
  6. Administration manual

NETGEAR GSM7248NA Administration Manual

7000 series managed switch
Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
NETGEAR 7000 Series
Managed Switch
Administration Guide
Version 6.0
NETGEAR, Inc.
4500 Great America Parkway
Santa Clara, CA 95054 USA
202-10238-01
Jan 2007

Advertisement

Table of Contents
loading

Related Manuals for NETGEAR GSM7248NA

Summary of Contents for NETGEAR GSM7248NA

  • Page 1 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 NETGEAR, Inc. 4500 Great America Parkway Santa Clara, CA 95054 USA 202-10238-01 Jan 2007...
  • Page 2 In the interest of improving internal design, operational function, and/or reliability, NETGEAR reserves the right to make changes to the products described in this document without notice. NETGEAR does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein.

  • Page 3: Canadian Department Of Communications Radio Interference Regulations

    Tested to Comply with FCC Standards FOR HOME OR OFFICE USE Modifications made to the product, unless expressly approved by NETGEAR, Inc., could void the user's right to operate the equipment. Canadian Department of Communications Radio Interference Regulations This digital apparatus (7000 Series Managed Switch) does not exceed the Class A limits for radio-noise emissions from digital apparatus as set out in the Radio Interference Regulations of the Canadian Department of Communications.
  • Page 4 Product and Publication Details Model Number: 7xxx Publication Date: Jan 2007 Product Family: Managed Switch Product Name: 7000 Series Managed Switch Home or Business Product: Business Language: English Publication Part Number: 202-10238-01 Publication Version Number: v1.0, Jan 2007...

  • Page 5: Table Of Contents

    Contents NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 About This Manual ....................... xiii Chapter 1 Introduction Document Organization ....................1-1 Audience .........................1-2 CLI Documentation ......................1-3 Related Documentation ....................1-3 Chapter 2 Getting Started In-band and Out-of-band Connectivity ................2-5 Configuring for In-band Connectivity ................2-5 Using BootP or DHCP ..................2-5...
  • Page 6 Chapter 4 Using the Web Interface Configuring for Web Access ...................4-1 Starting the Web Interface ....................4-2 Web Page Layout .....................4-2 Configuring an SNMP V3 User Profile ..............4-2 Command Buttons ....................4-3 Chapter 5 Virtual LANs VLAN Configuration Example ..................5-2 CLI Examples .........................5-2 Example #1: Create Two VLANs ................5-2 Example #2: Assign Ports to VLAN2 ................5-3 Example #3: Assign Ports to VLAN3 ................5-3...
  • Page 7 VLAN Routing OSPF Configuration ...............7-10 CLI Example ....................7-10 Routing Information Protocol ..................7-12 RIP Configuration ....................7-12 CLI Example ......................7-13 Example #1: Enable Routing for the Switch: ...........7-13 Example #2: Enable Routing for Ports .............7-14 Example #3. Enable RIP for the Switch ............7-14 Example #4.
  • Page 8 Example #5: show mac access-lists ................9-9 Chapter 10 Class of Service (CoS) Queuing Overview ........................10-1 CoS Queue Mapping ....................10-1 Trusted Ports ......................10-1 Untrusted Ports ......................10-2 CoS Queue Configuration ....................10-2 Port Egress Queue Configuration ................10-2 Drop Precedence Configuration (per Queue) ............10-3 Per Interface Basis ....................10-3 CLI Examples .......................10-3 Example #1: show classofservice trust ..............10-4...
  • Page 9 CLI Examples .......................13-3 Example #1: show port security ................13-3 Example #2: show port security on a specific interface .........13-3 Example #3: (Config) port security .................13-3 Chapter 14 Traceroute CLI Example .........................14-2 Chapter 15 Configuration Scripting Overview ........................15-1 Considerations ......................15-1 CLI Examples .......................15-1 Example #1: script ....................15-2 Example #2: script list and script delete ..............15-2 Example #3: script apply running-config.scr ............15-2...
  • Page 10 Chapter 18 Simple Network Time Protocol (SNTP) Overview ........................18-1 CLI Examples .......................18-1 Example #1: show sntp ..................18-1 Example #2: show sntp client .................18-2 Example #3: show sntp server ................18-2 Example #4: Configure SNTP ................18-2 Example #5: Setting Time Zone ................18-4 Example #6: Setting Named SNTP Server ............18-4 Chapter 19 Managing Switch Stacks...
  • Page 11 Renumbering Stack Members ................19-14 Moving a Master to a Different Unit in the Stack ..........19-14 Removing a Master Unit from an Operating Stack ..........19-14 Merging Two Operational Stacks .................19-15 Preconfiguration ....................19-15 Upgrading Firmware .....................19-15 Migration of Configuration With a Firmware Upgrade ..........19-16 Code Mismatch ....................19-17 Chapter 20 Pre-Login Banner...
  • Page 12 v1.0, Jan 2007...

  • Page 13: About This Manual

    About This Manual The NETGEAR ® FVX538 ProSafe™ VPN Firewall 200 Reference Manual describes how to install, configure and troubleshoot the 7000 Series Managed Switch. The information in this manual is intended for readers with intermediate computer and Internet skills.

  • Page 14: How To Use This Manual

    • button to access the full NETGEAR, Inc. online knowledge base for the product model. • Links to PDF versions of the full manual and individual chapters.

  • Page 15: Revision History

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 • Click the PDF of This Chapter link at the top left of any page in the chapter you want to print. The PDF version of the chapter you were viewing opens in a browser window.
  • Page 16 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 v1.0, Jan 2007...

  • Page 17: Introduction

    Chapter 1 Introduction This document provides an understanding of the CLI and Web configuration options for software Release 6.0 features. Document Organization This document provides examples of the use of the switch software in a typical network. It describes the use and advantages of specific functions provided by the 7000 Series Managed Switch, and includes information on configuring those functions using the Command Line Interface and Web Interface.

  • Page 18: Audience

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 – Class of Service (CoS) – Differentiated Services • Multicast – IGMP Snooping • Security – Denial of Service – Port Security • Operating System – Dual Configuration • Tools –...

  • Page 19: Cli Documentation

    • Netgear Quick Installation Guide, 7000 Series Managed Switch • Netgear CLI Reference for the Prosafe 7X00 Series Managed Switch. There are three documents in this series; choose the appropriate one for your product. • Netgear Hardware Installation Guide for your switch These documents may be found at http://www.NETGEAR.com...
  • Page 20 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Introduction v1.0, Jan 2007...

  • Page 21: Getting Started

    Chapter 2 Getting Started Connect a terminal to the switch to begin configuration. In-band and Out-of-band Connectivity Ask the system administrator to determine whether you will configure the switch for in-band or out-of-band connectivity. Configuring for In-band Connectivity In-band connectivity allows you to access the switch from a remote workstation using the Ethernet network.

  • Page 22: Using The Eia-232 Port

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 MAC Address MAC address of the switch When you connect the switch to the network for the first time after setting up the BootP or DHCP server, it is configured with the information supplied above. The switch is ready for in-band connectivity over the network.

  • Page 23: Configuring For Out-Of-Band Connectivity

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 IP Address Unique IP address for the switch. Each IP parameter is made up of four decimal numbers, ranging from 0 to 255. The default for all IP parameters is zeroes (0.0.0.0).

  • Page 24: Starting The Switch

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 e. Select the proper mode under Properties. Select Terminal keys. Note: When using HyperTerminal with Microsoft Windows 2000, make sure that you have Windows 2000 Service Pack 2 or later installed. With Windows 2000 Service Pack 2, the arrow keys function properly in HyperTerminal's VT100 emulation.

  • Page 25: Initial Configuration Procedure

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 • The console connection was established and the console prompt appears on the screen of a VT100 terminal or terminal equivalent. The initial switch configuration is performed through the console port. After the initial configuration, you can manage the switch either from the already-connected console port or remotely through an interface defined during the initial configuration.

  • Page 26: Software Installation

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Software Installation This section contains procedures to help you become acquainted quickly with the switch software. Before installing switch software, you should verify that the switch operates with the most recent firmware.
  • Page 27 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 • Uploading from Networking Device to Out-of-Band PC (Only XMODEM) • Downloading from Out-of-Band PC to Networking Device (Only XMODEM) • Downloading from TFTP Server • Restoring factory defaults If you configure any network parameters, you should execute the following command: copy system:running-config nvram:startup-config This command saves the changes to the configuration file.
  • Page 28 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Table 2-1. Quick Start Commands Command Mode Description Privileged Saves passwords and all other changes to the device. copy system:run- ning-config EXEC If you do not save the configuration, all changes are lost when nvram:startup- you power down or reset the networking device.
  • Page 29 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Table 2-1. Quick Start Commands Command Mode Description Privileged Starts the error log upload, displays the mode and type of copy nvram:error- log <tftp:// EXEC upload and confirms the upload is progressing.
  • Page 30 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Table 2-1. Quick Start Commands Command Mode Description Privileged Sets the destination (download) datatype to be an image. copy <tftp:// <ipaddress>/ EXEC The URL must be specified as: <filepath>/<file- tftp://<ipaddress>/<filepath>/<filename> name>> sys- tem:image The system:image option downloads the code file.

  • Page 31: Using Ezconfig For Switch Setup

    Ezconfig can be entered either in Global Config mode (#) or in Display mode (>). The utility displays the following text when you enter the ezconfig command (FSM7352S) >ezconfig NETGEAR EZ Configuration Utility -------------------------------- Hello and Welcome! This utility will walk you thru assigning the IP address for the switch management CPU.

  • Page 32: Changing The Password

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Changing the Password The first question it will ask is whether you wish to change the admin password. For security reasons, you should change the password by typing Y. If you have already set the password and do not wish to change it again, just enter N.

  • Page 33: Assigning Switch Name And Location Information

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 If an IP address is already assigned, and you do not wish to change the IP address again, simply type N. Assigning Switch Name and Location Information Ezconfig will proceed to the next step in the setup:...
  • Page 34 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 If during the session, the switch loses its power, the setup information will be lost if Ezconfig does not have the chance to save the changes before power-down. Using Ezconfig for Switch Setup...

  • Page 35: Using The Web Interface

    Chapter 4 Using the Web Interface This chapter is a brief introduction to the web interface; for example, it explains how to access the Web-based management panels to configure and manage the system. Tip: Use the Web interface for configuration instead of the CLI interface. Web configuration is quicker and easier than entering the multiple required CLI commands.

  • Page 36: Starting The Web Interface

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 a. At the CLI prompt, enter the show network command. b. Set Web Mode to Enabled. Starting the Web Interface Follow these steps to start the switch Web interface: 1. Enter the IP address of the switch in the Web browser address field.

  • Page 37: Command Buttons

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 3. Enter a new user name in the User Name field. 4. Enter a new user password in the Password field and then retype it in the Confirm Password field. Note: If SNMPv3 Authentication is to be used for this user, the password must be eight or more alphanumeric characters.
  • Page 38 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Using the Web Interface v1.0, Jan 2007...

  • Page 39: Virtual Lans

    Chapter 5 Virtual LANs Adding Virtual LAN (VLAN) support to a Layer 2 switch offers some of the benefits of both bridging and routing. Like a bridge, a VLAN switch forwards traffic based on the Layer 2 header, which is fast, and like a router, it partitions the network into logical segments, which provides better administration, security and management of multicast traffic.

  • Page 40: Vlan Configuration Example

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 VLAN Configuration Example The diagram in this section shows a switch with four ports configured to handle the traffic for two VLANs. port 1/0/2 handles traffic for both VLANs, while port 1/0/1 is a member of VLAN 2 only, and ports 1/0/3 and 1/0/4 are members of VLAN 3 only.

  • Page 41: Example #2: Assign Ports To Vlan2

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #2: Assign Ports to VLAN2 This sequence shows how to assign ports to VLAN2, specify that frames will always be transmitted tagged from all member ports, and that untagged frames will be rejected on receipt.

  • Page 42: Graphical User Interface

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Graphical User Interface Use the following screens to perform the same configuration using the Graphical User Interface: • Switching --> VLAN--> Configuration. To create the VLANs and specify port participation. •...

  • Page 43: Chapter 6 Link Aggregation

    Chapter 6 Link Aggregation This section includes instructions on configuring Link Aggregation using the Command Line Interface and the Graphical User Interface. Link Aggregation (LAG) allows the switch to treat multiple physical links between two end-points as a single logical link. All of the physical links in a given LAG must operate in full-duplex mode at the same speed.
  • Page 44 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Figure 6-1 shows the example network. Figure 6-1 Link Aggregation v1.0, Jan 2007...

  • Page 45: Example 1: Create Two Lags

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example 1: Create two LAGS: (Netgear Switch) #config (Netgear Switch) (Config)#port-channel lag_10 (Netgear Switch) (Config)#port-channel lag_20 (Netgear Switch) (Config)#exit Use the show port-channel all command to show the logical interface ids you will use to identify the LAGs in subsequent commands.

  • Page 46: Example 2: Add The Ports To The Lags

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example 2: Add the ports to the LAGs: (Netgear Switch) #config (Netgear Switch) (Config)#interface 0/2 (Netgear Switch) (Interface 0/2)#addport 1/1 (Netgear Switch) (Interface 0/2)#exit (Netgear Switch) (Config)#interface 0/3 (Netgear Switch) (Interface 0/3)#addport 1/1...

  • Page 47: Ip Routing Services

    Chapter 7 IP Routing Services IP routing services are divided into five areas: • Port Routing • VLAN Routing • Routing Information Protocol (RIP) • Open Shortest Path First (OSPF) Protocol • Proxy Address Resolution Protocol (ARP) Port Routing The first networks were small enough for the end stations to communicate directly. As networks grew, Layer 2 bridging was used to segregate traffic, a technology that worked well for unicast traffic, but had problems coping with large quantities of multicast packets.

  • Page 48: Port Routing Configuration

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Port Routing Configuration The 7000 Series Managed Switch always supports Layer 2 bridging, but Layer 3 routing must be explicitly enabled, first for the 7000 Series Managed Switch as a whole, and then for each port which is to participate in the routed network.

  • Page 49: Cli Examples

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 CLI Examples This diagram shows a Layer 3 switch configured for port routing. It connects three different subnets, each connected to a different port. The script shows the commands you would use to configure a 7000 Series Managed Switch to provide the port routing support shown in the diagram.

  • Page 50: Example 2. Enabling Routing For Ports On The Switch

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example 2. Enabling Routing for Ports on the Switch Use the following commands to enable routing for ports on the switch. The default link-level encapsulation format is Ethernet. Configure the IP addresses and subnet masks for the ports.

  • Page 51: Vlan Routing Configuration

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 The next section will show you how to configure the 7000 Series Managed Switch to support VLAN routing and how to use RIP and OSPF. A port may be either a VLAN port or a router port, but not both.

  • Page 52: Example 1: Create Two Vlans

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example 1: Create Two VLANs The following code sequence shows an example of creating two VLANs with egress frame tagging enabled. (Netgear Switch) #vlan data (Netgear Switch) (Vlan)#vlan 10 (Netgear Switch) (Vlan)#vlan 20...

  • Page 53: Vlan Routing Rip Configuration

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 The next sequence shows an example of configuring the IP addresses and subnet masks for the virtual router ports. (Netgear Switch) (Config)#interface vlan 10 (Netgear Switch) (Interface-vlan 10)#ip address 192.150.3.1 255.255.255.0...

  • Page 54: Cli Example

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 CLI Example This example adds support for RIPv2 to the configuration created in the base VLAN routing example. A second router, using port routing rather than VLAN routing, has been added to the network.
  • Page 55 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example of configuring VLAN Routing with RIP support on a 7000 Series Managed Switch (Netgear Switch) #vlan data (Netgear Switch) (Vlan)#vlan 10 (Netgear Switch) (Vlan)#vlan 20 (Netgear Switch) (Vlan)#vlan routing 10...

  • Page 56: Vlan Routing Ospf Configuration

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 VLAN Routing OSPF Configuration For larger networks Open Shortest Path First (OSPF) is generally used in preference to RIP. OSPF offers several benefits to the administrator of a large and/or complex network: •...
  • Page 57 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example of configuring OSPF on a 7000 Series Managed Switch acting as an inter-area router: (Netgear Switch) #vlan data (Netgear Switch) (Vlan)#vlan 10 (Netgear Switch) (Vlan)#vlan 20 (Netgear Switch) (Vlan)#vlan routing 10...

  • Page 58: Routing Information Protocol

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Set the OSPF priority and cost for the VLAN and physical router ports. (Netgear Switch) (Config)#interface vlan 10 (Netgear Switch) (Interface vlan 10)#ip ospf priority 128 (Netgear Switch) (Interface vlan 10)#ip ospf cost 32...

  • Page 59: Cli Example

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 • To prevent any RIP packets from being transmitted CLI Example The configuration commands used in the following example enable RIP on ports 1/0/2 and 1/0/3 as shown in the network illustrated in...

  • Page 60: Example #2: Enable Routing For Ports

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #2: Enable Routing for Ports The following command sequence enables routing and assigns IP addresses for ports 1/0/2 and 1/ 0/3. (Netgear Switch) #config (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface 1/0/2)#routing (Netgear Switch) (Interface 1/0/2)#ip address 192.150.2.1 255.255.255.0...

  • Page 61: Example #4. Enable Rip For Ports 1/0/2 And 1/0/3

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #4. Enable RIP for ports 1/0/2 and 1/0/3 This command sequence enables RIP for ports 1/0/2 and 1/0/3. Authentication defaults to none, and no default route entry is created. The commands specify that both ports receive both RIPv1 and RIPv2 frames, but send only RIPv2 formatted frames.

  • Page 62: Cli Examples

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 • Intra-area • Inter-area • External type 1: the route is external to the AS • External Type 2: the route was learned from other protocols such as RIP CLI Examples The examples in this section show you how to configure a 7000 Series Managed Switch first as an inter-area router and then as a border router.

  • Page 63: Example #1 Configuring An Inter-Area Router

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #1 Configuring an Inter-Area Router Figure 7-5 Enable Routing for the Switch. The following command sequence enables ip routing for the switch. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#exit Assign IP Addresses for Ports.
  • Page 64 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Specify Router ID and Enable OSPF for the Switch. The following sequence specifies the router ID and enables OSPF for the switch. Set disable1583 compatibility to prevent the routing loop. (Netgear Switch) #config...

  • Page 65: Example #2 - Configuring Ospf On A Border Router

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #2 - Configuring OSPF on a Border Router Figure 7-6 IP Routing Services 7-19 v1.0, Jan 2007...
  • Page 66 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 The following example configures OSPF on a 7000 Series Managed Switch operating as a border router: Enable routing for the switch. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing Enable routing & assign IP for ports 1/0/2, 1/0/3 and 1/0/4.

  • Page 67: Proxy Address Resolution Protocol (Arp)

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Enable OSPF for the ports and set the OSPF priority and cost for the ports. (Netgear Switch) #config (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface 1/0/2)#ip ospf (Netgear Switch) (Interface 1/0/2)#ip ospf areaid 0.0.0.2...

  • Page 68: Cli Examples

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 CLI Examples The following are examples of the commands used in the proxy ARP feature. Example #1: show ip interface (Netgear Switch) #show ip interface ? <slot/port> Enter an interface in slot/port format.

  • Page 69: Virtual Router Redundancy Protocol

    Chapter 8 Virtual Router Redundancy Protocol When an end station is statically configured with the address of the router that will handle its routed traffic, a single point of failure is introduced into the network. If the router goes down, the end station is unable to communicate.

  • Page 70: Cli Examples

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 CLI Examples This example shows how to configure the 7000 Series Managed Switch to support VRRP. Router 1 will be the default master router for the virtual route, and Router 2 will be the backup router.
  • Page 71 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 The following is an example of configuring VRRP on a 7000 Series Managed Switch acting as the master router: Enable routing for the switch. IP forwarding will then be enabled by default.
  • Page 72 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 The following is an example of configuring VRRP on a 7000 Series Managed Switch acting as the backup router: Enable routing for the switch. IP forwarding will then be enabled by default.

  • Page 73: Access Control Lists (Acls)

    Chapter 9 Access Control Lists (ACLs) This section describes the Access Control Lists (ACLs) feature. Overview Access Control Lists (ACLs) can control the traffic entering a network. Normally ACLs reside in a firewall router or in a router connecting two internal networks. When you configure ACLs, you can selectively admit or reject inbound traffic, thereby controlling access to your network or to specific resources on your network.

  • Page 74: Configuring Ip Acls

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 • Destination MAC address with mask • VLAN ID (or range of IDs) • Class of Service (CoS) (802.1p) • Ethertype • L2 ACLs can apply to one or more interfaces •...

  • Page 75: Process

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Process To configure ACLs, follow these steps: • Create an ACL by specifying a name (MAC ACL) or a number (IP ACL) • Add new rules to the ACL • Configure the match criteria for the rules •...

  • Page 76: Mac Acl Cli Examples

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 The following is an example of configuring ACL support on a 7000 Series Managed Switch: Create ACL 101. Define the first rule: it will permit packets with a match on the...

  • Page 77: Example #1: Mac Access List

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #1: mac access list (Netgear Switch)(Config)#mac access-list ? extended Configure extended MAC Access List parameters. Netgear Switch)(Config)#mac access-list extended ? <name> Enter access-list name up to 31 characters in length.

  • Page 78: Example #2: Permit Any

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #2: permit any (Netgear Switch) (Config-mac access-list)#permit ? <srcmac> Enter a MAC address. Configure a match condition for all the destination MAC addresses in the Destination MAC Address field. (Netgear Switch) (Config-mac access-list)#permit any ? <dstmac>...

  • Page 79: Example #3 Configure Mac Access-Group

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #3 Configure mac access-group (Netgear Switch) (Config)#interface 1/0/5 (Netgear Switch) (Interface 1/0/5)#mac ? access-group Attach MAC Access List to Interface. (Netgear Switch) (Interface 1/0/5)#mac access-group ? <name> Enter name of MAC Access Control List.

  • Page 80: Example #4 Permit

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #4 permit (Netgear Switch) (Config)#mac access-list extended b2 (Netgear Switch) (Config-mac-access-list)#permit 00:00:00:00:00:00 ? <dstmac> Enter a MAC Address. Configure a a match condition for all the destination MAC addresses in the Destination MAC Address field.

  • Page 81: Example #5: Show Mac Access-Lists

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #5: show mac access-lists (Netgear Switch) #show mac access-lists Current number of all ACLs: 2 Maximum number of all ACLs: 100 MAC ACL Name Rules Interface(s) Direction ------------ ----- ------------...
  • Page 82 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 9-10 Access Control Lists (ACLs) v1.0, Jan 2007...

  • Page 83: Class Of Service (Cos) Queuing

    Chapter 10 Class of Service (CoS) Queuing This section describes the Class of Service (CoS) Queue Mapping and Traffic Shaping features. Overview Each port has one or more queues for packet transmission. During configuration, you can determine the mapping and configuration of these queues. Based on service rate and other criteria you configure, queues provide preference to specified packets.

  • Page 84: Untrusted Ports

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 – IP Precedence – IP DiffServ Code Point (DSCP) The system can assign service level based upon the 802.1p priority field of the L2 header. You configure this by mapping the 802.1p priorities to one of three traffic class queues. These queues are: •...

  • Page 85: Drop Precedence Configuration (Per Queue)

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 – Tail drop vs. WRED Drop Precedence Configuration (per Queue) • WRED parameters – Minimum threshold – Maximum threshold – Drop probability – Scale factor • Tail Drop parameters – Threshold Per Interface Basis •...

  • Page 86: Example #1: Show Classofservice Trust

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #1: show classofservice trust (Netgear Switch) #show classofservice trust ? <cr> Press Enter to execute the command. (Netgear Switch) #show classofservice trust Class of Service Trust Mode: Dot1P Example #2: set classofservice trust mode...

  • Page 87: Example #3: Show Classofservice Ip-Precedence Mapping

    Enter the minimum bandwidth percentage for Queue 0. (Netgear Switch) (Config)#cos-queue min-bandwidth 15 Incorrect input! Use 'cos-queue min-bandwidth <bw-0>..<bw-7>. (Netgear Switch) (Config)#cos-queue min-bandwidth 15 25 10 5 5 20 10 10 (Netgear Switch) (Config)#cos-queue strict ? <queue-id> Enter a Queue Id from 0 to 7.

  • Page 88: Example #5: Set Cos Trust Mode Of An Interface

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #5: Set CoS Trust Mode of an Interface (Netgear Switch) (Config)#classofservice trust ? dot1p Sets the Class of Service Trust Mode of an Interface to 802.1p. ip-dscp Sets the Class of Service Trust Mode of an Interface to IP DSCP.

  • Page 89: Example #1 Traffic-Shape

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #1 traffic-shape (Netgear Switch) (Config)#traffic-shape ? <bw> Enter the shaping bandwidth percentage from 0 to 100 in increments of 5. (Netgear Switch) (Config)#traffic-shape 70 ? <cr> Press Enter to execute the command.
  • Page 90 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 10-8 Class of Service (CoS) Queuing v1.0, Jan 2007...

  • Page 91: Differentiated Services

    Chapter 11 Differentiated Services Differentiated Services (DiffServ) is one technique for implementing Quality of Service (QoS) policies. Using DiffServ in your network allows you to directly configure the relevant parameters on the switches and routers rather than using a resource reservation protocol.This section explains how to configure the 7000 Series Managed Switch to identify which traffic class a packet belongs to, and how it should be handled to provide the desired quality of service.

  • Page 92: Cli Example

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 – Marking the packet with a given DSCP code point, IP precedence, or CoS – Policing packets by dropping or re-marking those that exceed the class’s assigned data rate – Counting the traffic within the class •...
  • Page 93 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 The following example configures DiffServ on a 7000 Series Managed Switch: Ensure DiffServ operation is enabled for the switch. (Netgear Switch) #config (Netgear Switch) (Config)#diffserv Create a DiffServ class of type “all” for each of the departments, and name them.

  • Page 94: Diffserv For Voip Configuration Example

    1/0/5 based on a normal destination address lookup for internet traffic. (Netgear Switch) (Config)#interface 1/0/5 (Netgear Switch) (Interface 1/0/5)#cos-queue min-bandwidth 0 25 25 25 25 0 0 0 (Netgear Switch) (Interface 1/0/5)#exit (Netgear Switch) (Config)#exit DiffServ for VoIP Configuration Example One of the most valuable uses of DiffServ is to support Voice over IP (VoIP).
  • Page 95 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 a class for UDP traffic, have that traffic marked on the inbound side, and then expedite the traffic on the outbound side. The configuration script is for Router 1 in the accompanying diagram: a similar script should be applied to Router 2.
  • Page 96 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 The following example configures DiffServ VoIP support: Enter Global Config mode. Set queue 5 on all ports to use strict priority mode. This queue shall be used for all VoIP packets.

  • Page 97: Igmp Snooping

    The following are examples of the commands used in the IGMP Snooping feature. Example #1: Enable IGMP Snooping The following example shows how to eanble IGMP snooping. (Netgear Switch) #config (Netgear Switch) (Config)#ip igmpsnooping (Netgear Switch) (Config)#ip igmpsnooping interfacemode (Netgear Switch) (Config)# exit 12-1 v1.0, Jan 2007...

  • Page 98: Example #2: Show Igmpsnooping

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #2: show igmpsnooping (Netgear Switch) #show igmpsnooping? <cr> Press Enter to execute the command. <slot/port> Enter interface in slot/port format. mrouter Display IGMP Snooping Multicast Router information. <1-4093> Display IGMP Snooping valid VLAN ID information.

  • Page 99: Port Security

    Chapter 13 Port Security This section describes the Port Security feature. Overview Port Security: • Allows for limiting the number of MAC addresses on a given port • Packets that have a matching MAC address (secure packets) are forwarded; all other packets (unsecure packets) are restricted •...

  • Page 100: Operation

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Operation Port Security: • Helps secure network by preventing unknown devices from forwarding packets • When link goes down, all dynamically locked addresses are ‘freed’ • If a specific MAC address is to be set for a port, set the dynamic entries to 0, then only allow packets with a MAC address matching the MAC address in the static list •...

  • Page 101: Cli Examples

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 CLI Examples The following are examples of the commands used in the Port Security feature. Example #1: show port security (Netgear Switch) #show port-security ? <cr> Press Enter to execute the command.
  • Page 102 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 13-4 Port Security v1.0, Jan 2007...

  • Page 103: Traceroute

    Chapter 14 Traceroute This section describes the Traceroute feature. Use Traceroute to discover the routes that packets take when traveling on a hop-by-hop basis to their destination through the network. • Maps network routes by sending packets with small Time-to-Live (TTL) values and watches the ICMP time-out announcements •...

  • Page 104: Cli Example

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 CLI Example The following shows an example of using the traceroute command to determine how many hops there are to the destination. The command output shows each IP address the packet passes through and how long it takes to get there.

  • Page 105: Configuration Scripting

    Chapter 15 Configuration Scripting This section describes the Configuration Scripting feature. Overview Configuration Scripting: • Allows you to generate text-formatted files • Provides scripts that can be uploaded and downloaded to the system • Provides flexibility to create command configuration scripts •...

  • Page 106: Example #1: Script

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #1: script (Netgear Switch) #script ? apply Applies configuration script to the switch. delete Deletes a configuration script file from the switch. list Lists all configuration script files present on the switch.

  • Page 107: Example #4: Creating A Configuration Script

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #4: Creating a Configuration Script (Netgear Switch) #show running-config running-config.scr Config script created successfully. (Netgear Switch) #script list Configuration Script Name Size(Bytes) ------------------------- ---------- running-config.scr 3201 1 configuration script(s) found.
  • Page 108 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 15-4 Configuration Scripting v1.0, Jan 2007...

  • Page 109: Outbound Telnet

    Chapter 16 Outbound Telnet This section describes the Outbound Telnet feature. Overview Outbound Telnet: • Establishes an outbound telnet connection between a device and a remote host • A telnet connection is initiated, each side of the connection is assumed to originate and terminate at a “Network Virtual Terminal”...

  • Page 110: Example #1: Show Network

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #1: show network (Netgear Switch Routing) >telnet 192.168.77.151 Trying 192.168.77.151... (Netgear Switch Routing) User:admin Password: (Netgear Switch Routing) >en Password: (Netgear Switch Routing) #show network IP Address....... 192.168.77.151 Subnet Mask......255.255.255.0 Default Gateway......

  • Page 111: Example #3: Transport Output Telnet

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #3: transport output telnet (Netgear Switch Routing) (Config)#lineconfig ? <cr> Press Enter to execute the command. (Netgear Switch Routing) (Config)#lineconfig (Netgear Switch Routing) (Line)#transport ? input Displays the protocols to use to connect to a specific line of the router.
  • Page 112 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 16-4 Outbound Telnet v1.0, Jan 2007...

  • Page 113: Chapter 17 Port Mirroring

    Chapter 17 Port Mirroring This section describes the Port Mirroring feature. Overview Port Mirroring: • Allows you to monitor network traffic with an external network analyzer • Forwards a copy of each incoming and outgoing packet to a specific port •...

  • Page 114: Example #1: Show Monitor Session

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #1: show monitor session (Netgear Switch Routing) #show monitor session 1 Session ID Admin Mode Probe Port Mirrored Port ---------- ---------- ---------- ------------- Enable 1/0/8 1/0/7 Note: Monitor session ID “1” - “1” is a hardware limitation.

  • Page 115: Example #4: (Config) Monitor Session 1 Mode

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 port, and what is enabled or disabled on the port. (Netgear Switch Routing) #show port 0/7 Admin Physical Physical Link Link LACP Intf Type Mode Mode Status Status Trap Mode 1/0/7...

  • Page 116: Example #5: (Config) Monitor Session 1 Source Interface

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #5: (Config) monitor session 1 source interface Specify the source (mirrored) ports and destination (probe) port. (Netgear Switch Routing)(Config)#monitor session 1 source? interface Configure interface. (Netgear Switch Routing)(Config)#monitor session 1 source interface? <slot/port>...

  • Page 117: Simple Network Time Protocol (Sntp)

    SNTP client implemented over UDP which listens on port 123 CLI Examples The following are examples of the commands used in the SNTP feature. Example #1: show sntp (Netgear Switch Routing) #show sntp ? <cr> Press Enter to execute the command. client Display SNTP Client Information.

  • Page 118: Example #2: Show Sntp Client

    Failed Unicast Requests: Example #4: Configure SNTP Netgear switches do not have a built-in real-time clock. However, it is possible to use SNTP to get the time from a public SNTP/NTP server over the Internet. You may need permission from those public time servers.
  • Page 119 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 1. Configure the SNTP server IP address. The IP address can be either from the public NTP server or your own. You can search the Internet to locate the public server. The servers available could be listed in domain-name format instead of address format.

  • Page 120: Example #5: Setting Time Zone

    Netgear provides SNTP servers accessable by Netgear devices. Because Netgear may change IP addresses assigned to its time servers, it is best to access a SNTP server by DNS name instead of using a hard-coded IP address. The public time servers available are time-a, time-b, and time-c.

  • Page 121: Managing Switch Stacks

    Chapter 19 Managing Switch Stacks This chapter describes the concepts and recommended operating procedures to manage Netgear stackable managed switches running Release 4.x.x.x or newer. Netgear stackable managed switches include the following models: • FSM7328S • FSM7352S • FSM7352PS •...

  • Page 122: Understanding Switch Stacks

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Understanding Switch Stacks A switch stack is a set of up to eight Ethernet switches connected through their stacking ports. One of the switches controls the operation of the stack and is called the stack master. The stack master and the other switches in the stack are stack members.

  • Page 123: Switch Stack Membership

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Switch Stack Membership A switch stack has up to eight stack members connected through their stacking ports. A switch stack always has one stack master. A standalone switch is a switch stack with one stack member that also operates as the stack master.

  • Page 124: Switch Stack Cabling (Fsm73Xxs)

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Switch Stack Cabling (FSM73xxS) Figure 19-1 Figure 19-2 illustrate how individual switches are interconnected to form a stack. You can use the regular Category 5 Ethernet 8 wire cable. Figure 19-1...

  • Page 125: Stack Master Election And Re-Election

    1. The switch that is currently the stack master 2. The switch with the highest stack member priority value Note: Netgear recommends assigning the highest priority value to the switch that you prefer to be the stack master. This ensures that the switch is re- electedas stack master if a re-election occurs.

  • Page 126: Stack Member Priority Values

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Stack members in the same switch stack cannot have the same stack member number. Every stack member, including a standalone switch, retains its member number until you manually change the number or unless the number is already being used by another member in the stack.

  • Page 127: Effects Of Replacing A Preconfigured Switch In A Switch Stack

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Table 19-1. Results of comparing the preconfiguration with the new switch Scenario Result The stack member numbers and the switch types The switch stack applies the configuration to the match. preconfigured new switch and adds it to the stack.

  • Page 128: Switch Stack Software Compatibility Recommendations

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Switch Stack Software Compatibility Recommendations All stack members must run the same software version to ensure compatibility between stack members. The software versions on all stack members, including the stack master, must be the same.

  • Page 129: Switch Stack Management Connectivity

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Switch Stack Management Connectivity You manage the switch stack and the stack member interfaces through the stack master. You can use the web interface, the CLI, and SNMP. You cannot manage stack members on an individual switch basis.
  • Page 130 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Table 19-2. Switch stack configuration scenarios (continued) Scenario Result Stack master election specifically determined by the The stack member with the higher MAC address is MAC address elected stack master. • Assuming that both stack members have the same priority value and software image, restart both stack members at the same time.

  • Page 131: Stacking Recommendations

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Stacking Recommendations The purpose of this section is to collect notes on recommended procedures and expected behavior of stacked managed switches. Procedures addressed initially are listed below. • Initial installation and power-up of a stack.

  • Page 132: Initial Installation And Power-Up Of A Stack

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Initial installation and Power-up of a Stack 1. Install units in rack. 2. Install all stacking cables. Fully connect, including the redundant stack link. It is highly recommended that a redundant link be installed.

  • Page 133: Adding A Unit To An Operating Stack

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Adding a Unit to an Operating Stack 1. Make sure the redundant stack connection is in place and functional. All stack members should be connected in a logical ring. 2. Preconfigure the new unit, if desired.

  • Page 134: Renumbering Stack Members

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 • Add the new stack unit to the stack using the process described in section “Adding a Unit to an Operating Stack”. The unit can be inserted into the same position as the unit just removed, or the unit can be inserted at the bottom of the stack.

  • Page 135: Merging Two Operational Stacks

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Merging Two Operational Stacks It is strongly recommended that two functioning stacks (each having an independent master) not be merged simply by the reconnection of stack cables. That process may result in a number of unpredictable results and should be avoided.

  • Page 136: Migration Of Configuration With A Firmware Upgrade

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 archive command (in stack configuration mode) may be issued to make another attempt to copy the software to the unit(s) that did not get updated. Errors during code propagation to stack members could be caused by stack cable movement or unit reconfiguration during the propagation phase.

  • Page 137: Code Mismatch

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Code Mismatch If a unit is added to a stack and it does not have the same version of code as that of the master, the following should happen: • “New” unit will boot up and become a “member” of the stack •...
  • Page 138 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 19-18 Managing Switch Stacks v1.0, Jan 2007...

  • Page 139: Pre-Login Banner

    Chapter 20 Pre-Login Banner This section describes the Pre-Login Banner feature. Overview Pre-Login Banner: • Allows you to create message screens when logging into the CLI Interface • By default, no Banner file exists • Can be uploaded or downloaded •...
  • Page 140 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 2. Transfer the file from the PC to the switch using TFTP (Netgear Switch Routing) #copy tftp://192.168.77.52/banner.txt nvram:clibanner Mode........... TFTP Set TFTP Server IP......192.168.77.52 TFTP Path......../ TFTP Filename........banner.txt Data Type........

  • Page 141: Overview

    Chapter 21 Syslog This section provides information about the Syslog feature. Overview Syslog: • Allows you to store system messages and/or errors • Can store to local files on the switch or a remote server running a syslog daemon • Method of collecting message logs from many systems Persistent Log Files •...

  • Page 142: Interpreting Log Files

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Interpreting Log Files <130> 00:00:06 0.0.0.0-1 UNKN [0x800023]: bootos.c(386) %% Event (0xaaaaaaaa) A. Priority B. Timestamp C. Stack ID D. Component Name E. Thread ID File Name Line Number CLI Examples The following are examples of the commands used in the Syslog feature.

  • Page 143: Example #1: Show Logging

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #1: show logging (Netgear Switch Routing) #show logging Logging Client Local Port CLI Command Logging disabled Console Logging disabled Console Logging Severity Filter : alert Buffered Logging enabled Syslog Logging...

  • Page 144: Example #3: Show Logging Traplogs

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #3: show logging traplogs (Netgear Switch Routing) #show logging traplogs <cr> Press Enter to execute the command. (Netgear Switch Routing) #show logging traplogs Number of Traps Since Last Reset.... Trap Log Capacity......

  • Page 145: Example #5: Logging Port Configuration

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 Example #5: logging port configuration (Netgear Switch Routing) #config (Netgear Switch Routing) (Config)#logging ? buffered Buffered (In-Memory) Logging Configuration. cli-command CLI Command Logging Configuration. console Console Logging Configuration. host Enter IP Address for Logging Host syslog Syslog Configuration.
  • Page 146 NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 21-6 Syslog v1.0, Jan 2007...

  • Page 147: Igmp Querier

    Chapter 22 IGMP Querier When the switch is used in network applications where video services such as IPTV, video streaming, and gaming are deployed, the video traffic would normally be flooded to all connected ports because such traffic packets usually have multicast Ethernet addresses. IGMP snooping can be enabled to create a multicast group to direct that traffic only to those users that require it.

  • Page 148: Cli Examples

    NETGEAR 7000 Series Managed Switch Administration Guide Version 6.0 CLI Examples Example 1: Enable IGMP Querier Using the following CLI commands to setup the switch to generate IGMP querier packet for a designated VLAN. The IGMP packet will be transmitted to every ports on the VLAN. The following example enables the querier for VLAN 1.

This manual is also suitable for:

Gsm7224v1 - layer 2 managed gigabit switchGsm7248v1 - prosafe 48 port layer 2 gigabit l2 ethernet switch7000 series

Table of Contents