Home » Netgear Manuals » Hubs & Switches » Netgear GS752TS » Manual Viewer

Netgear GS752TS GS7xxTS-TPS Software Admin Manual - Page 251

Mirror Interface, Redirect Interface, Match Every, Protocol, Source Prefix/Prefix Length

Add to My Manuals
Save this manual to your list of manuals

Page 251 highlights

GS728TS, GS728TPS, GS752TS, and GS752TPS Gigabit Smart Switches is not issued if the ACL rule hit count is zero for the current interval. This field is only supported for a Deny action. • Mirror Interface: Specifies the specific egress interface where the matching traffic stream is copied in addition to being forwarded normally by the device. This field cannot be set if a Redirect Interface is already configured for the ACL rule. This field is visible for a Permit action. Mirrored interfaces do not need to be part of the traffic VLAN. • Redirect Interface: Specifies the specific egress interface where the matching traffic stream is forced, bypassing any forwarding decision normally performed by the device. This field cannot be set if a Mirror Interface is already configured for the ACL rule. This field is visible for a Permit action. Redirected interfaces should be part of the traffic VLAN. • Match Every: Select true or false from the pull down menu. True signifies that all packets will match the selected IPv6 ACL and Rule and will be either permitted or denied. In this case, since all packets match the rule, the option of configuring other match criteria will not be offered. To configure specific match criteria for the rule, remove the rule and recreate it, or reconfigure Match Every to False for the other match criteria to be visible. • Protocol: There are two ways to configure IPv6 protocol: • Specify an integer ranging from 0 to 255 after selecting protocol keyword "other". This number represents the IPv6 protocol. • Select name of a protocol from the existing list of IPv6, ICMPv6, TCP, and UDP. • Source Prefix/Prefix Length: Specify IPv6 Prefix combined with IPv6 Prefix length of the network or host from which the packet is being sent. Prefix length can be in the range (0 to 128). • Source L4 Port: Specify a packet's source layer 4 port as a match condition for the selected IPv6 ACL rule. Source port information is optional. Source port information can be specified in two ways: • Select keyword "other" from the drop-down menu and specify the number of the port in the range from 0 to 65535. • Select one of the keyword from the list: DOMAIN, ECHO, FTP, FTPDATA, HTTP, SMTP, SNMP, TELNET, TFTP, and WWW. Each of these values translates into its equivalent port number, which is used as both the start and end of the port range. • Destination Prefix/Prefix Length: Enter up to 128-bit prefix combined with prefix length to be compared to a packet's destination IP Address as a match criteria for the selected IPv6 ACL rule. Prefix length can be in the range (0 to 128). • Destination L4 Port: Specify a packet's destination layer 4 port as a match condition for the selected IPv6 ACL rule. Destination port information is optional. Destination port information can be specified in two ways: • Select keyword "other" from the drop-down menu and specify the number of the port in the range from 0 to 65535. • Select one of the keyword from the list: DOMAIN, ECHO, FTP, FTPDATA, HTTP, SMTP, SNMP, TELNET, TFTP, and WWW. Each of these values translates into its equivalent port number, which is used as both the start and end of the port range. 251

Section	Page
GS728TS, GS728TPS, GS752TS, and GS752TPS Gigabit Smart Switches	1
Contents	3
1. Getting Started	9
Getting Started with the Smart Switches	10
Switch Management Interface	10
Connecting the Switch to the Network	11
Switch Discovery in a Network with a DHCP Server	12
Switch Discovery in a Network without a DHCP Server	14
Configuring the Network Settings on the Administrative System	15
Web Access	16
Smart Control Center Utilities	17
Network Utilities	17
Configuration Upload and Download	19
Firmware Upgrade	20
Viewing and Managing Tasks	22
Understanding the User Interfaces	23
Using the Web Interface	23
Using SNMP	29
Interface Naming Convention	30
2. Configuring System Information	31
Management	31
System Information	32
Slot Information	33
IP Configuration	35
IPv6 Network Configuration	37
IPv6 Network Neighbor	38
Time	40
Denial of Service	45
DNS	49
Green Ethernet	51
Stacking	61
Stack Features	61
Firmware Synchronization and Upgrade	62
Configuration Maintenance	62
Stack Master Election	62
Factory Defaults Reset Behavior	63
Stack Configuration	63
Stack Port Configuration	66
Stack Port Diagnostics	68
Stack Firmware Synchronization	69
PoE/PoE+ (GS728TPS and GS752TPS Only)	70
PoE Configuration	70
PoE Port Configuration	72
SNMP	75
SNMPv1/v2	75
Trap Configuration	77
Trap Flags	78
SNMP Supported MIBs	79
SNMP v3 User Configuration	79
LLDP	80
LLDP Configuration	81
LLDP Port Settings	82
LLDP-MED Network Policy	83
LLDP-MED Port Settings	85
Local Information	86
Neighbors Information	88
Services — DHCP Snooping	92
DHCP Snooping Global Configuration	93
Interface Configuration	94
Binding Configuration	95
Persistent Configuration	97
Statistics	98
Timer Schedule (GS728TPS and GS752TPS Only)	99
Timer Global Configuration	99
Timer Schedule Configuration	100
3. Configuring Switching Information	102
Ports	102
Port Configuration	102
Flow Control	104
Link Aggregation Groups	105
LAG Configuration	105
LAG Membership	107
LACP Configuration	108
LACP Port Configuration	109
VLANs	110
VLAN Configuration	110
VLAN Membership Configuration	112
Port VLAN ID Configuration	113
MAC Based VLAN	114
Protocol Based VLAN Group Configuration	115
Protocol Based VLAN Group Membership	116
Voice VLAN	118
Voice VLAN Properties	118
Voice VLAN Port Setting	119
Voice VLAN OUI	120
Auto-VoIP	121
Spanning Tree Protocol	122
STP Switch Configuration	123
CST Configuration	125
CST Port Configuration	126
CST Port Status	128
Rapid STP	129
MST Configuration	130
MST Port Configuration	131
STP Statistics	134
Multicast	135
MFDB	135
Auto-Video Configuration	137
IGMP Snooping	138
IGMP Snooping Querier	144
MLD Snooping	147
Forwarding Database	156
MAC Address Table	156
Dynamic Address Configuration	158
Static MAC Address	159
4. Configuring Routing	160
Configuring IP Settings	160
IP Configuration	161
IP Statistics	162
Configuring VLAN Routing	165
VLAN Routing Wizard	165
VLAN Routing Configuration	167
Configuring Router Discovery	168
Router Discovery Configuration	168
Configuring and Viewing Routes	169
Configuring ARP	171
ARP Cache	172
ARP Create	173
Global ARP Configuration	174
ARP Entry Management	175
5. Configuring Quality of Service	177
Class of Service	177
Basic CoS Configuration	178
CoS Interface Configuration	179
Interface Queue Configuration	180
802.1p to Queue Mapping	182
DSCP to Queue Mapping	183
Differentiated Services	184
Defining DiffServ	184
Diffserv Configuration	185
Class Configuration	186
IPv6 Class Configuration	189
Policy Configuration	191
Service Configuration	195
Service Statistics	196
6. Managing Device Security	197
Management Security Settings	197
Change Password	198
RADIUS Configuration	199
Configuring TACACS+	204
Authentication List Configuration	207
Configuring Management Access	210
HTTP Configuration	211
Secure HTTP Configuration	212
Certificate Management	213
Certificate Download	214
Access Profile Configuration	215
Access Rule Configuration	217
Port Authentication	218
802.1X Configuration	219
Port Authentication	220
Port Summary	224
Traffic Control	225
MAC Filter Configuration	225
MAC Filter Summary	227
Storm Control	228
Port Security Configuration	230
Port Security Interface Configuration	231
Security MAC Address	232
Protected Ports Membership	233
Configuring Access Control Lists	234
ACL Wizard	235
MAC ACL	237
MAC Rules	238
MAC Binding Configuration	240
MAC Binding Table	241
IP ACL	242
IP Rules	243
IP Extended Rule	245
IPv6 ACL	248
IPv6 Rules	249
IP Binding Configuration	252
IP Binding Table	254
VLAN Binding Table	255
7. Monitoring the System	256
Ports	256
Switch Statistics	256
Port Statistics	259
Port Detailed Statistics	260
EAP Statistics	266
Cable Test	268
System Logs	270
Memory Logs	270
FLASH Log Configuration	272
Server Log Configuration	274
Trap Logs	276
Event Logs	277
Port Mirroring	278
Multiple Port Mirroring	278
8. Maintaining the System	280
Reset	280
Device Reboot	280
Factory Default	281
Upload File From Switch	282
TFTP File Upload	282
HTTP File Upload	283
Download File To Switch	284
TFTP File Download	285
HTTP File Download	287
File Management	288
Copy	288
Dual Image Configuration	289
Dual Image Status	291
Troubleshooting	292
Ping	292
Ping IPv6	293
Traceroute	294
9. Accessing Help	296
Online Help	296
Support	296
User Guide	297
Registration	298
A. Hardware Specifications and Default Values	300
Switch Specifications	300
GS728TS Specifications	300
GS728TPS Specifications	300
GS752TS Specifications	301
GS752TPS Specifications	301
Switch Performance	301
Switch Features and Defaults	302
Traffic Control	302
Quality of Service	303
Security	303
System Setup and Maintenance	304
System Management	304
Other Features	305
B. Configuration Examples	306
Virtual Local Area Networks (VLANs)	306
VLAN Example Configuration	307
Access Control Lists (ACLs)	308
MAC ACL Example Configuration	309
Standard IP ACL Example Configuration	310
Differentiated Services (DiffServ)	311
Class	312
DiffServ Traffic Classes	312
Creating Policies	313
DiffServ Example Configuration	314
802.1X	315
802.1X Example Configuration	317
MSTP	318
MSTP Example Configuration	320
Configuring VLAN Routing	322
Creating VLAN Routing Interfaces	322
C. Notification of Compliance	323

Match case Limit results 1 per page

251

GS728TS, GS728TPS, GS752TS, and GS752TPS Gigabit Smart Switches

is not issued if the ACL rule hit count is zero for the current interval. This field is only

supported for a

Deny

action.

•

Mirror Interface

: Specifies the specific egress interface where the matching traffic

stream is copied in addition to being forwarded normally by the device. This field

cannot be set if a Redirect Interface is already configured for the ACL rule. This field

is visible for a Permit action. Mirrored interfaces do not need to be part of the traffic

VLAN.

•

Redirect Interface

: Specifies the specific egress interface where the matching traffic

stream is forced, bypassing any forwarding decision normally performed by the

device. This field cannot be set if a Mirror Interface is already configured for the ACL

rule. This field is visible for a Permit action. Redirected interfaces should be part of

the traffic VLAN.

•

Match Every

: Select true or false from the pull down menu. True signifies that all

packets will match the selected IPv6 ACL and Rule and will be either permitted or

denied. In this case, since all packets match the rule, the option of configuring other

match criteria will not be offered. To configure specific match criteria for the rule,

remove the rule and recreate it, or reconfigure Match Every to False for the other

match criteria to be visible.

•

Protocol

: There are two ways to configure IPv6 protocol:

•

Specify an integer ranging from 0 to 255 after selecting protocol keyword “other”.

This number represents the IPv6 protocol.

•

Select name of a protocol from the existing list of IPv6, ICMPv6, TCP, and UDP.

•

Source Prefix/Prefix Length

: Specify IPv6 Prefix combined with IPv6 Prefix length of

the network or host from which the packet is being sent. Prefix length can be in the

range (0 to 128).

•

Source L4 Port

: Specify a packet's source layer 4 port as a match condition for the

selected IPv6 ACL rule. Source port information is optional. Source port information

can be specified in two ways:

•

Select keyword “other” from the drop-down menu and specify the number of the

port in the range from 0 to 65535.

•

Select one of the keyword from the list: DOMAIN, ECHO, FTP, FTPDATA, HTTP,

SMTP, SNMP, TELNET, TFTP, and WWW. Each of these values translates into its

equivalent port number, which is used as both the start and end of the port range.

•

Destination Prefix/Prefix Length

: Enter up to 128-bit prefix combined with prefix

length to be compared to a packet's destination IP Address as a match criteria for the

selected IPv6 ACL rule. Prefix length can be in the range (0 to 128).

•

Destination L4 Port

: Specify a packet's destination layer 4 port as a match condition

for the selected IPv6 ACL rule. Destination port information is optional. Destination

port information can be specified in two ways:

•

Select keyword “other” from the drop-down menu and specify the number of the

port in the range from 0 to 65535.

•

Select one of the keyword from the list: DOMAIN, ECHO, FTP, FTPDATA, HTTP,

SMTP, SNMP, TELNET, TFTP, and WWW. Each of these values translates into its

equivalent port number, which is used as both the start and end of the port range.