Netgear 7000 - Manual

xi v1.1, May 2006 About This Book This document provides an understanding of the CLI and Web configuration options for software Release 4.3 features. Document Organization This document provides examples of the use of the switch software in a typical network. It describes the use and advantages of s...

NETGEAR 7000 Series Managed Switch Administration Guide xii v1.1, May 2006 • Multicast – IGMP Snooping • Security – Denial of Service – Port Security • Operating System – Dual Configuration • Tools – Alarm Manager – Traceroute – Configuration Scripting – Advance Keying – Prelogin Banner – Port Mirro...

NETGEAR 7000 Series Managed Switch Administration Guide xiii v1.1, May 2006 Refer to the Command Line Reference for information for the command structure Related Documentation Before proceeding, read the Release Notes for this switch product. The Release Notes detail the platform specific functional...

1-1 v1.1, May 2006 Chapter 1 Getting Started Connect a terminal to the switch to begin configuration. In-band and Out-of-band Connectivity Ask the system administrator to determine whether you will configure the switch for in-band or out-of-band connectivity. Configuring for In-band Connectivity In-...

NETGEAR 7000 Series Managed Switch Administration Guide 1-2 Getting Started v1.1, May 2006 MAC Address MAC address of the switch When you connect the switch to the network for the first time after setting up the BootP or DHCP server, it is configured with the information supplied above. The switch i...

NETGEAR 7000 Series Managed Switch Administration Guide Getting Started 1-3 v1.1, May 2006 config network parms ipaddress netmask gateway 6. To enable these changes to be retained during a reset of the switch, type Ctrl-Z to return to the main prompt, type save config at the main menu prompt, and ty...

NETGEAR 7000 Series Managed Switch Administration Guide 1-4 Getting Started v1.1, May 2006 e. Select the proper mode under Properties . f. Select Terminal keys. 3. Connect the female connector of the RS-232 crossover cable directly to the switch console port, and tighten the captive retaining screws...

NETGEAR 7000 Series Managed Switch Administration Guide Getting Started 1-5 v1.1, May 2006 • The console connection was established and the console prompt appears on the screen of a VT100 terminal or terminal equivalent. The initial switch configuration is performed through the console port. After t...

NETGEAR 7000 Series Managed Switch Administration Guide 1-6 Getting Started v1.1, May 2006 Software Installation This section contains procedures to help you become acquainted quickly with the switch software. Before installing switch software, you should verify that the switch operates with the mos...

NETGEAR 7000 Series Managed Switch Administration Guide Getting Started 1-7 v1.1, May 2006 • Uploading from Networking Device to Out-of-Band PC (Only XMODEM) • Downloading from Out-of-Band PC to Networking Device (Only XMODEM) • Downloading from TFTP Server • Restoring factory defaults If you config...

2-1 v1.1, May 2006 Chapter 2 Using the Web Interface This chapter is a brief introduction to the web interface — it explains how to access the Web-based management panels to configure and manage the system. You can manage your switch through a Web browser and Internet connection. This is referred to...

NETGEAR 7000 Series Managed Switch Administration Guide 2-2 Using the Web Interface v1.1, May 2006 a. At the CLI prompt, enter the show network command. b. Set Web Mode to Enabled. Starting the Web Interface Follow these steps to start the switch Web interface: 1. Enter the IP address of the switch ...

NETGEAR 7000 Series Managed Switch Administration Guide Using the Web Interface 2-3 v1.1, May 2006 3. Enter a new user name in the User Name field. 4. Enter a new user password in the Password field and then retype it in the Confirm Password field. 5. If you do not need authentication, go to Step 9....

NETGEAR 7000 Series Managed Switch Administration Guide 3-2 Virtual LANs v1.1, May 2006 VLAN Configuration Example The diagram in this section shows a switch with four ports configured to handle the traffic for two VLANs. port 1/0/2 handles traffic for both VLANs, while port 1/0/1 is a member of VLA...

NETGEAR 7000 Series Managed Switch Administration Guide Virtual LANs 3-3 v1.1, May 2006 Example #2: Assign Ports to VLAN2 This sequence shows how to assign ports to VLAN2, specify that frames will always be transmitted tagged from all member ports, and that untagged frames will be rejected on receip...

NETGEAR 7000 Series Managed Switch Administration Guide 3-4 Virtual LANs v1.1, May 2006 Graphical User Interface Use the following screens to perform the same configuration using the Graphical User Interface: • Switching --> VLAN--> Configuration . To create the VLANs and specify port particip...

4-1 v1.1, May 2006 Chapter 4 Link Aggregation This section includes instructions on configuring Link Aggregation using the Command Line Interface and the Graphical User Interface. Link Aggregation (LAG) allows the switch to treat multiple physical links between two end-points as a single logical lin...

NETGEAR 7000 Series Managed Switch Administration Guide 4-2 Link Aggregation v1.1, May 2006 Figure 4-1 shows the example network. Figure 4-1

NETGEAR 7000 Series Managed Switch Administration Guide Link Aggregation 4-3 v1.1, May 2006 Example 1: Create two LAGS: Use the show port-channel all command to show the logical interface ids you will use to identify the LAGs in subsequent commands. Assume that lag_10 is assigned id 1/1/1 and lag_20...

NETGEAR 7000 Series Managed Switch Administration Guide 4-4 Link Aggregation v1.1, May 2006 Example 2: Add the ports to the LAGs: Example 3: Enable both LAGs. By default, the system enables link trap notification At this point, the LAGs could be added to VLANs. (Netgear Switch) #config (Netgear Swit...

5-1 v1.1, May 2006 Chapter 5 IP Routing Services IP routing services are divided into five areas: • Port Routing • VLAN Routing • Routing Information Protocol (RIP) • Open Shortest Path First (OSPF) Protocol • Proxy Address Resolution Protocol (ARP) Port Routing The first networks were small enough ...

NETGEAR 7000 Series Managed Switch Administration Guide 5-2 IP Routing Services v1.1, May 2006 Port Routing Configuration The 7000 Series Managed Switch always supports Layer 2 bridging, but Layer 3 routing must be explicitly enabled, first for the 7000 Series Managed Switch as a whole, and then for...

NETGEAR 7000 Series Managed Switch Administration Guide IP Routing Services 5-3 v1.1, May 2006 CLI Examples This diagram shows a Layer 3 switch configured for port routing. It connects three different subnets, each connected to a different port. The script shows the commands you would use to configu...

NETGEAR 7000 Series Managed Switch Administration Guide 5-4 IP Routing Services v1.1, May 2006 Example 2. Enabling Routing for Ports on the Switch Use the following commands to enable routing for ports on the switch. The default link-level encapsulation format is Ethernet. Configure the IP addresses...

NETGEAR 7000 Series Managed Switch Administration Guide IP Routing Services 5-5 v1.1, May 2006 The next section will show you how to configure the 7000 Series Managed Switch to support VLAN routing and how to use RIP and OSPF. A port may be either a VLAN port or a router port, but not both. However,...

NETGEAR 7000 Series Managed Switch Administration Guide 5-6 IP Routing Services v1.1, May 2006 Example 1: Create Two VLANs The following code sequence shows an example of creating two VLANs with egress frame tagging enabled. Example 2: Set Up VLAN Routing for the VLANs and the Switch. The following ...

NETGEAR 7000 Series Managed Switch Administration Guide IP Routing Services 5-7 v1.1, May 2006 The next sequence shows an example of configuring the IP addresses and subnet masks for the virtual router ports. VLAN Routing RIP Configuration Routing Information Protocol (RIP) is one of the protocols w...

NETGEAR 7000 Series Managed Switch Administration Guide 5-10 IP Routing Services v1.1, May 2006 VLAN Routing OSPF Configuration For larger networks Open Shortest Path First (OSPF) is generally used in preference to RIP. OSPF offers several benefits to the administrator of a large and/or complex netw...

NETGEAR 7000 Series Managed Switch Administration Guide 5-12 IP Routing Services v1.1, May 2006 Routing Information Protocol Routing Information Protocol (RIP) is one of the protocols which may be used by routers to exchange network topology information. It is characterized as an “interior” gateway ...

NETGEAR 7000 Series Managed Switch Administration Guide IP Routing Services 5-13 v1.1, May 2006 • To prevent any RIP packets from being transmitted CLI Example The configuration commands used in the following example enable RIP on ports 1/0/2 and 1/0/3 as shown in the network illustrated in Figure 5...

NETGEAR 7000 Series Managed Switch Administration Guide IP Routing Services 5-15 v1.1, May 2006 Example #4. Enable RIP for ports 1/0/2 and 1/0/3 This command sequence enables RIP for ports 1/0/2 and 1/0/3. Authentication defaults to none, and no default route entry is created. The commands specify t...

NETGEAR 7000 Series Managed Switch Administration Guide 5-16 IP Routing Services v1.1, May 2006 • Intra-area • Inter-area • External type 1: the route is external to the AS • External Type 2: the route was learned from other protocols such as RIP CLI Examples The examples in this section show you ho...

NETGEAR 7000 Series Managed Switch Administration Guide IP Routing Services 5-17 v1.1, May 2006 Example #1 Configuring an Inter-Area Router Enable Routing for the Switch. The following command sequence enables ip routing for the switch. Assign IP Addresses for Ports. The following sequence enables r...

NETGEAR 7000 Series Managed Switch Administration Guide 5-18 IP Routing Services v1.1, May 2006 Specify Router ID and Enable OSPF for the Switch. The following sequence specifies the router ID and enables OSPF for the switch. Set disable1583 compatibility to prevent the routing loop. Enable and Conf...

NETGEAR 7000 Series Managed Switch Administration Guide IP Routing Services 5-19 v1.1, May 2006 Example #2 - Configuring OSPF on a Border Router Figure 5-6

NETGEAR 7000 Series Managed Switch Administration Guide IP Routing Services 5-21 v1.1, May 2006 Proxy Address Resolution Protocol (ARP) This section describes the Proxy Address Resolution Protocol (ARP) feature. Overview • Proxy ARP allows a router to answer ARP requests where the target IP address ...

7-1 v1.1, May 2006 Chapter 7 Access Control Lists (ACLs) This section describes the Access Control Lists (ACLs) feature. Overview Access Control Lists (ACLs) can control the traffic entering a network. Normally ACLs reside in a firewall router or in a router connecting two internal networks. When yo...

NETGEAR 7000 Series Managed Switch Administration Guide 7-2 Access Control Lists (ACLs) v1.1, May 2006 • Destination MAC address with mask • VLAN ID (or range of IDs) • Class of Service (CoS) (802.1p) • Ethertype • L2 ACLs can apply to one or more interfaces • Multiple access lists can be applied to...

NETGEAR 7000 Series Managed Switch Administration Guide Access Control Lists (ACLs) 7-3 v1.1, May 2006 Process To configure ACLs, follow these steps: • Create an ACL by specifying a name (MAC ACL) or a number (IP ACL) • Add new rules to the ACL • Configure the match criteria for the rules • Apply th...

NETGEAR 7000 Series Managed Switch Administration Guide 7-4 Access Control Lists (ACLs) v1.1, May 2006 The following is an example of configuring ACL support on a 7000 Series Managed Switch: MAC ACL CLI Examples The following are examples of the commands used for the MAC ACLs feature. Create ACL 101...

8-1 v1.1, May 2006 Chapter 8 Class of Service (CoS) Queuing This section describes the Class of Service (CoS) Queue Mapping and Traffic Shaping features. Overview Each port has one or more queues for packet transmission. During configuration, you can determine the mapping and configuration of these ...

NETGEAR 7000 Series Managed Switch Administration Guide 8-2 Class of Service (CoS) Queuing v1.1, May 2006 – IP Precedence – IP DiffServ Code Point (DSCP) The system can assign service level based upon the 802.1p priority field of the L2 header. You configure this by mapping the 802.1p priorities to ...

NETGEAR 7000 Series Managed Switch Administration Guide Class of Service (CoS) Queuing 8-3 v1.1, May 2006 – Tail drop vs. WRED Drop Precedence Configuration (per Queue) • WRED parameters – Minimum threshold – Maximum threshold – Drop probability – Scale factor • Tail Drop parameters – Threshold Per ...

NETGEAR 7000 Series Managed Switch Administration Guide 8-4 Class of Service (CoS) Queuing v1.1, May 2006 Example #1: show classofservice trust Example #2: set classofservice trust mode (Netgear Switch) #show classofservice trust ? <cr> Press Enter to execute the command. (Netgear Switch) #sho...

NETGEAR 7000 Series Managed Switch Administration Guide 8-6 Class of Service (CoS) Queuing v1.1, May 2006 Example #5: Set CoS Trust Mode of an Interface Traffic Shaping This section describes the Traffic Shaping feature. Traffic shaping controls the amount and volume of traffic transmitted through a...

9-1 v1.1, May 2006 Chapter 9 Differentiated Services Differentiated Services (DiffServ) is one technique for implementing Quality of Service (QoS) policies. Using DiffServ in your network allows you to directly configure the relevant parameters on the switches and routers rather than using a resourc...

NETGEAR 7000 Series Managed Switch Administration Guide 9-2 Differentiated Services v1.1, May 2006 – Marking the packet with a given DSCP code point, IP precedence, or CoS – Policing packets by dropping or re-marking those that exceed the class’s assigned data rate – Counting the traffic within the ...

NETGEAR 7000 Series Managed Switch Administration Guide 9-4 Differentiated Services v1.1, May 2006 DiffServ for VoIP Configuration Example One of the most valuable uses of DiffServ is to support Voice over IP (VoIP). VoIP traffic is inherently time-sensitive: for a network to provide acceptable serv...

NETGEAR 7000 Series Managed Switch Administration Guide 9-6 Differentiated Services v1.1, May 2006 The following example configures DiffServ VoIP support: Enter Global Config mode. Set queue 5 on all ports to use strict priority mode. This queue shall be used for all VoIP packets. Activate DiffServ ...

10-1 v1.1, May 2006 Chapter 10 IGMP Snooping This section describes the Internet Group Management Protocol (IGMP) feature: IGMPv3 and IGMP Snooping. Overview IGMP: • Uses Version 3 of IGMP • Includes snooping • Snooping can be enabled per VLAN CLI Examples The following are examples of the commands ...

11-1 v1.1, May 2006 Chapter 11 Port Security This section describes the Port Security feature. Overview Port Security: • Allows for limiting the number of MAC addresses on a given port • Packets that have a matching MAC address (secure packets) are forwarded; all other packets (unsecure packets) are...

NETGEAR 7000 Series Managed Switch Administration Guide 11-2 Port Security v1.1, May 2006 Operation Port Security: • Helps secure network by preventing unknown devices from forwarding packets • When link goes down, all dynamically locked addresses are ‘freed’ • If a specific MAC address is to be set...

NETGEAR 7000 Series Managed Switch Administration Guide Port Security 11-3 v1.1, May 2006 CLI Examples The following are examples of the commands used in the Port Security feature. Example #1: show port security Example #2: show port security on a specific interface Example #3: (Config) port securit...

12-1 v1.1, May 2006 Chapter 12 Traceroute This section describes the Traceroute feature. Use Traceroute to discover the routes that packets take when traveling on a hop-by-hop basis to their destination through the network. • Maps network routes by sending packets with small Time-to-Live (TTL) value...

NETGEAR 7000 Series Managed Switch Administration Guide 12-2 Traceroute v1.1, May 2006 CLI Example The following shows an example of using the traceroute command to determine how many hops there are to the destination. The command output shows each IP address the packet passes through and how long i...

13-1 v1.1, May 2006 Chapter 13 Configuration Scripting This section describes the Configuration Scripting feature. Overview Configuration Scripting: • Allows you to generate text-formatted files • Provides scripts that can be uploaded and downloaded to the system • Provides flexibility to create com...

NETGEAR 7000 Series Managed Switch Administration Guide 13-2 Configuration Scripting v1.1, May 2006 Example #1: script Example #2: script list and script delete Example #3: script apply running-config.scr (Netgear Switch) #script ? apply Applies configuration script to the switch. delete Deletes a c...

NETGEAR 7000 Series Managed Switch Administration Guide Configuration Scripting 13-3 v1.1, May 2006 Example #4: Creating a Configuration Script Example #5: Upload a Configuration Script (Netgear Switch) #show running-config running-config.scr Config script created successfully. (Netgear Switch) #scr...

14-1 v1.1, May 2006 Chapter 14 Outbound Telnet This section describes the Outbound Telnet feature. Overview Outbound Telnet: • Establishes an outbound telnet connection between a device and a remote host • A telnet connection is initiated, each side of the connection is assumed to originate and term...

15-1 v1.1, May 2006 Chapter 15 Port Mirroring This section describes the Port Mirroring feature. Overview Port Mirroring: • Allows you to monitor network traffic with an external network analyzer • Forwards a copy of each incoming and outgoing packet to a specific port • Is used as a diagnostic tool...

NETGEAR 7000 Series Managed Switch Administration Guide 15-2 Port Mirroring v1.1, May 2006 Example #1: show monitor session Example #2: show port all Example #3: show port interface Use this command for a specific port. The output shows whether the port is the mirror or the probe (Netgear Switch Rou...

NETGEAR 7000 Series Managed Switch Administration Guide Port Mirroring 15-3 v1.1, May 2006 port, and what is enabled or disabled on the port. Example #4: (Config) monitor session 1 mode To set up port mirroring, specify the monitor session, then the mode. (Netgear Switch Routing) #show port 0/7 Admi...

16-1 v1.1, May 2006 Chapter 16 Simple Network Time Protocol (SNTP) This section describes the Simple Network Time Protocol (SNTP) feature. Overview SNTP: • Used for synchronizing network resources • Adaptation of NTP • Provides synchronized network timestamp • Can be used in broadcast or unicast mod...

17-1 v1.1, May 2006 Chapter 17 Pre-Login Banner This section describes the Pre-Login Banner feature. Overview Pre-Login Banner: • Allows you to create message screens when logging into the CLI Interface • By default, no Banner file exists • Can be uploaded or downloaded • File size cannot be larger ...

NETGEAR 7000 Series Managed Switch Administration Guide 17-2 Pre-Login Banner v1.1, May 2006 2. Transfer the file from the PC to the switch using TFTP (Netgear Switch Routing) #copy tftp://192.168.77.52/banner.txt nvram:clibanner Mode........................................... TFTP Set TFTP Server I...

18-1 v1.1, May 2006 Chapter 18 Syslog This section provides information about the Syslog feature. Overview Syslog: • Allows you to store system messages and/or errors • Can store to local files on the switch or a remote server running a syslog daemon • Method of collecting message logs from many sys...

NETGEAR 7000 Series Managed Switch Administration Guide 18-2 Syslog v1.1, May 2006 Interpreting Log Files CLI Examples The following are examples of the commands used in the Syslog feature. <130> JAN 01 00:00:06 0.0.0.0-1 UNKN [0x800023]: bootos.c(386) 4 %% Event (0xaaaaaaaa) A. Priority B. Ti...

NETGEAR 7000 Series Managed Switch Administration Guide 18-4 Syslog v1.1, May 2006 Example #3: show logging traplogs Example 4: show logging hosts (Netgear Switch Routing) #show logging traplogs ? <cr> Press Enter to execute the command. (Netgear Switch Routing) #show logging traplogs Number o...