Home » Netgear Manuals » Hubs & Switches » Netgear GS418TPP » Manual Viewer

Netgear GS418TPP User Manual - Page 444

VLAN Routing Interface Configuration Example, Con the Router IP

Add to My Manuals
Save this manual to your list of manuals

Page 444 highlights

ProSAFE 8-Port or 16-Port Gigabit Smart Managed Switch Model GS418TPP, GS510TLP, and GS510TPP In this example, assume that Switch 1 became the root bridge for the MST instance 1, and Switch 2 became the root bridge for MST instance 2. Switch 3 supports hosts in the sales department (ports 1/0/1, 1/0/2, and 1/0/3) and in the HR department (ports 1/0/4 and 1/0/5). Switches 1 and 2 also include hosts in the sales and HR departments. The hosts connected from Switch 2 use VLAN 500, MST instance 2 to communicate with the hosts on Switch 3 directly. Likewise, hosts of Switch 1 use VLAN 300, MST instance 1 to communicate with the hosts on Switch 3 directly. The hosts use different instances of MSTP to effectively use the links across the switch. The same concept can be extended to other switches and more instances of MSTP. VLAN Routing Interface Configuration Example VLANs divide broadcast domains in a LAN environment. When hosts in one VLAN must communicate with hosts in another VLAN, the traffic must be routed between them. This is known as inter-VLAN routing. On the switch, it is accomplished by creating Layer 3 interfaces (switch virtual interfaces [SVI]). When a port is enabled for bridging (the default) rather than routing, all normal bridge processing is performed for an inbound packet, which is then associated with a VLAN. Its MAC destination address (MAC DA) and VLAN ID are used to search the MAC address table. If routing is enabled for the VLAN, and the MAC DA of an inbound unicast packet is that of the internal bridge-router interface, the packet is routed. An inbound multicast packet is forwarded to all ports in the VLAN, plus the internal bridge-router interface, if it was received on a routed VLAN. Since a port can be configured to belong to more than one VLAN, VLAN routing might be enabled for all of the VLANs on the port, or for a subset. VLAN routing can be used to allow more than one physical port to reside on the same subnet. It could also be used when a VLAN spans multiple physical networks, or when additional segmentation or security is required. A port can be either a VLAN port or a router port, but not both. However, a VLAN port can be part of a VLAN that is itself a router port. Complete these steps to configure a switch to perform interVLAN routing: 1. Use the IP Configuration page to enable routing on the switch. For more information about this step, see Configure the Router IP on page 212. 2. Determine the IP addresses that you want to assign to the VLAN interface on the switch. For the switch to be able to route between the VLANs, the VLAN interfaces must be configured with an IP address. When the switch receives a packet destined for another subnet/VLAN, the switch looks at the routing table to determine where to forward the packet. The packet is then passed to the VLAN interface of the destination. It is then sent to the port where the end device is attached. 3. Use the VLAN Routing Wizard page to create a routing VLAN, configure the IP address and subnet mask, and add the member ports. For more information about this step, see Use the VLAN Static Routing Wizard on page 233. Configuration Examples 444

Section	Page
ProSAFE 8-Port or 16-Port Gigabit Smart Managed Switch with PoE+ and 2 SFP Ports	1
Contents	3
1. Get Started	10
Switch Management Interface Overview	11
Change the Default IP Address of the Switch	11
Discover a Switch in a Network With a DHCP Server	12
Discover a Switch in a Network Without a DHCP Server	13
Configure the Network Settings on Your Computer	14
Access the Web Browser–Based Management Interface	17
About the User Interfaces	17
Software Requirements to Use the Web Interface	17
Supported Web Browsers	18
Use a Web Browser to Access the Switch and Log In	18
Navigation Tabs, Configuration Menus, and Page Menu	19
Configuration and Status Options	20
Web Interface Buttons	20
User-Defined Fields	21
Web Browser–Based Management Interface Device View	21
Power LED	23
Fan LED	23
Interface Naming Conventions	23
Configure Interface Settings	24
Context-Sensitive Help and Access to the Support WebSite	28
User Guide	29
Register Your Product	29
2. Configure System Information	30
View and Configure the Switch Management Settings	31
View or Define System Information	31
View the System CPU Status	36
View USB Device Information	39
IP Configuration	40
IPv6 Network Configuration	42
View the IPv6 Network Neighbor	43
Configure the Time Settings	44
Configure Denial of Service Settings	60
Configure DNS Settings	63
Configure Green Ethernet Settings	67
Use the Device View	75
Configure PoE	75
Configure the Global PoE Settings	75
Configure the PoE Port Settings	77
Configure SNMP	80
Configure the SNMPv1/v2 Community	80
Configure SNMPv1/v2 Trap Settings	83
Configure SNMPv1/v2 Trap Flags	85
View the Supported MIBs	86
Configure SNMP V3 Users	87
Configure LLDP	88
Configure LLDP Global Settings	89
Configure LLDP Port Settings	90
LLDP-MED Network Policy	91
LLDP-MED Port Settings	93
Local Information	94
Neighbors Information	96
Configure DHCP L2 Relay, DHCP Snooping, and Dynamic ARP Inspection	99
DHCP L2 Relay	100
DHCP Snooping	103
Dynamic ARP Inspection	110
Set Up PoE Timer Schedules	118
Create a PoE Timer Schedule	119
Specify the Settings for an Absolute PoE Timer Schedule	119
Specify the Settings for a Recurring PoE Timer Schedule	120
Change the Settings for a Recurring PoE Timer Schedule Entry	122
Delete a PoE Timer Schedule Entry	123
Delete a PoE Timer Schedule	124
3. Configure Switching	125
Configure Port Settings	126
Configure Link Aggregation Groups	128
Configure LAG Settings	129
Configure LAG Membership	131
Set the LACP System Priority	132
Set the LACP Port Priority Settings	133
Configure VLANs	134
Configure VLAN Settings	134
Configure VLAN Membership	137
View VLAN Status	139
Configure Port PVID Settings	140
Configure a MAC-Based VLAN	142
Configure Protocol-Based VLAN Groups	144
Configure Protocol-Based VLAN Group Membership	145
Configure a Voice VLAN	147
Configure GARP Switch Settings	148
Configure GARP Ports	150
Configure Auto-VoIP	151
Configure Protocol-Based Port Settings	151
Configure Auto-VoIP OUI-Based Properties	153
OUI-Based Port Settings	154
Manage the OUI Table	155
Display the Auto-VoIP Status	157
Configure Spanning Tree Protocol	158
Configure STP Settings	159
Configure CST Settings	161
Configure CST Port Settings	162
View CST Port Status	164
View Rapid STP Information	166
Manage MST Settings	167
MST Port Configuration	169
View STP Statistics	172
Configure Multicast	173
View the MFDB Table	173
View the MFDB Statistics	174
Auto-Video	175
IGMP Snooping	176
Configure IGMP Snooping	176
Configure IGMP Snooping for Interfaces	178
View the IGMP Snooping Table	179
Configure IGMP Snooping for VLANs	180
Modify IGMP Snooping Settings for a VLAN	182
Disable IGMP Snooping on a VLAN and Remove It From the Table	182
Configure Multicast Router Interfaces	183
Configure a Multicast Router VLAN	184
IGMP Snooping Querier Overview	185
Configure IGMP Snooping Querier	185
Configure IGMP Snooping Querier for VLANs	186
Display IGMP Snooping Querier for VLAN Status	187
Enable MLD Snooping	189
Configure a MLD Snooping Interface	190
Configure MLD VLAN Settings	191
Enable or Disable a Multicast Router on Interfaces	193
Configure Multicast Router VLAN Settings	194
Configure MLD Snooping Querier	195
Configure MLD Snooping Querier VLAN Settings	196
Configure Multicast VLAN Registration	197
Configure Basic MVR Settings	198
Configure an MVR Group	199
Configure an MVR Interface	200
Configure MVR Group Membership	201
View MVR Statistics	202
View and Configure the MAC Address Table	203
Configure the MAC Address Table	204
Set the Dynamic Address Aging Interval	205
Configure a Static MAC Address	206
Configure Layer 2 Loop Protection	207
Configure Global Layer 2 Loop Protection	208
Configure Layer 2 Loop Protection on a Port	209
4. Configure Routing	211
Configure IP Settings	212
Configure the Router IP	212
IP Statistics	213
Configure IPv6	217
Configure IPv6 Global Settings	217
View the IPv6 Route Table	218
Configure IPv6 VLAN Interface Settings	219
IPv6 Prefix Configuration	222
View IPv6 Statistics	223
View the IPv6 Neighbor Table	228
IPv6 Static Route Configuration	230
View the IPv6 Route Table	231
IPv6 Route Preferences	232
Configure VLAN Routing	233
Use the VLAN Static Routing Wizard	233
VLAN Routing Configuration	235
Delete a VLAN Routing Interface	236
Configure Router Discovery	237
Manage Routes	238
Configure a Basic Route	238
Modify a Route	240
Delete a Route	241
Configure Address Resolution Protocol	242
Display Basic ARP Cache	242
Add an Entry to the ARP Table	244
View or Globally Configure the ARP Table	246
Remove an ARP Entry From the ARP Cache	247
5. Configure Quality of Service	249
Manage Class of Service	250
CoS Configuration	250
Configure Global CoS Settings	250
Configure CoS Interface Settings for an Interface	252
Configure CoS Queue Settings for an Interface	253
802.1p to Queue Mapping	255
DSCP to Queue Mapping	256
Manage Differentiated Services	257
Defining DiffServ	257
Configure DiffServ Settings	258
DiffServ Configuration	258
Configure a DiffServ Class	259
Configure DiffServ IPv6 Class Settings	265
Configure a DiffServ Policy	270
Configure the DiffServ Service Interface	276
View DiffServ Service Statistics	278
6. Manage Device Security	280
Management Security Settings	281
Change the Password	281
RADIUS Overview	282
Configure TACACS+	291
Authentication List Configuration	293
Manage the Smart Control Center Utility	297
Configure Management Access	298
Configure HTTP Settings	298
HTTPS Configuration	299
Manage Certificates	301
Download Certificates	303
Access Control	304
Configure Access Rule Settings	306
Configure Port Authentication	307
Configure Global 802.1X Settings	307
Manage Port Authentication	309
View the Port Summary	313
View the Client Summary	314
Set Up Traffic Control	315
Manage MAC Filtering	315
MAC Filter Summary	318
Storm Control	318
Port Security	320
Configure Protected Ports	324
Configure a Private VLAN	325
Configure Access Control Lists	331
Use the ACL Wizard to Create a Simple ACL	331
Configure a Basic MAC ACL	336
Configure MAC ACL Rules	339
Configure MAC Bindings	343
View or Delete MAC ACL Bindings in the MAC Binding Table	344
Configure an IP ACL	345
Configure Rules for a Basic IP ACL	347
Configure Rules for an Extended IP ACL	351
Configure IPv6 ACL	359
Configure IPv6 Rules	361
Configure IP ACL Interface Bindings	367
View or Delete IP ACL Bindings in the IP ACL Binding Table	369
Configure VLAN ACL Bindings	370
7. Monitor the System	372
Monitor the Switch and the Ports	373
Switch Statistics	373
View Port Statistics	376
View Detailed Port Statistics	378
View EAP Statistics	385
Perform a Cable Test	386
Configure and View Logs	388
Manage the Memory Logs	388
Message Log Format	390
Manage the Flash Log	390
Manage the Server Log	392
View the Trap Logs	395
View the Event Log	396
Format of the Messages	398
Configure Port Mirroring	398
8. Maintenance	401
Reboot the Switch	402
Reset the Switch to Its Factory Default Settings	402
Export a File From the Switch	403
Export a File to the TFTP Server	404
HTTP File Export	405
Export a File From the Switch to a USB Device	406
Download a File to the Switch	407
Download a File to the Switch Using TFTP	408
Download a File to the Switch Using HTTP	410
Download a File From a USB Device	412
Manage Files	413
Copy an Image	414
Configure Dual Image Settings	414
Dual Image Status	416
Troubleshooting	417
Ping IPv4	417
Ping IPv6	419
Traceroute IPv4	421
Traceroute IPv6	422
Remote Diagnostics	424
Configure Memory Dump Settings and Perform a Full Memory Dump	425
A. Configuration Examples	428
Virtual Local Area Networks (VLANs)	429
VLAN Configuration Examples	430
Access Control Lists (ACLs)	431
MAC ACL Sample Configuration	431
Standard IP ACL Sample Configuration	432
Differentiated Services (DiffServ)	433
Class	434
DiffServ Traffic Classes	435
Creating Policies	435
DiffServ Example Configuration	436
802.1X	438
802.1X Example Configuration	439
MSTP	440
MSTP Example Configuration	442
VLAN Routing Interface Configuration Example	444
B. Specifications and Default Settings	446
Switch Default Settings	447
General Feature Default Settings	448
System Setup and Maintenance Settings	455
Port Characteristics	455
Traffic Control Settings	456
Quality of Service Settings	456
Security Settings	457
System Management Settings	457

Match case Limit results 1 per page

Configuration Examples

444

ProSAFE 8-Port or 16-Port Gigabit Smart Managed Switch Model GS418TPP, GS510TLP, and GS510TPP

In this example, assume that Switch 1 became the root bridge for the MST instance 1, and

Switch 2 became the root bridge for MST instance 2. Switch 3 supports hosts in the sales

department (ports 1/0/1, 1/0/2, and 1/0/3) and in the HR department (ports 1/0/4 and 1/0/5).

Switches 1 and 2 also include hosts in the sales and HR departments. The hosts connected

from Switch 2 use VLAN 500, MST instance 2 to communicate with the hosts on Switch 3

directly. Likewise, hosts of Switch 1 use VLAN 300, MST instance 1 to communicate with the

hosts on Switch 3 directly.

The hosts use different instances of MSTP to effectively use the links across the switch. The

same concept can be extended to other switches and more instances of MSTP.

VLAN Routing Interface Configuration Example

VLANs divide broadcast domains in a LAN environment. When hosts in one VLAN must

communicate with hosts in another VLAN, the traffic must be routed between them. This is

known as inter-VLAN routing. On the switch, it is accomplished by creating Layer 3 interfaces

(switch virtual interfaces [SVI]).

When a port is enabled for bridging (the default) rather than routing, all normal bridge

processing is performed for an inbound packet, which is then associated with a VLAN. Its

MAC destination address (MAC DA) and VLAN ID are used to search the MAC address

table. If routing is enabled for the VLAN, and the MAC DA of an inbound unicast packet is that

of the internal bridge-router interface, the packet is routed. An inbound multicast packet is

forwarded to all ports in the VLAN, plus the internal bridge-router interface, if it was received

on a routed VLAN.

Since a port can be configured to belong to more than one VLAN, VLAN routing might be

enabled for all of the VLANs on the port, or for a subset. VLAN routing can be used to allow

more than one physical port to reside on the same subnet. It could also be used when a

VLAN spans multiple physical networks, or when additional segmentation or security is

required. A port can be either a VLAN port or a router port, but not both. However, a VLAN

port can be part of a VLAN that is itself a router port.

Complete these steps to configure a switch to perform interVLAN routing:

Use the IP Configuration page to enable routing on the switch.

For more information about this step, see

Configure the Router IP

on page 212.

Determine the IP addresses that you want to assign to the VLAN interface on the switch.

For the switch to be able to route between the VLANs, the VLAN interfaces must be

configured with an IP address. When the switch receives a packet destined for another

subnet/VLAN, the switch looks at the routing table to determine where to forward the

packet. The packet is then passed to the VLAN interface of the destination. It is then sent

to the port where the end device is attached.

Use the VLAN Routing Wizard page to create a routing VLAN, configure the IP address and

subnet mask, and add the member ports.

For more information about this step, see

Use the VLAN Static Routing Wizard

page 233.