Home » Netgear Manuals » Hubs & Switches » Netgear GS716Tv2 » Manual Viewer

Netgear GS716Tv2 GS716Tv2/GS724Tv3 Software Admin Manual - Page 169

Table, 31. MAC ACL Rule Configuration Fields continued, Assign Queue, Match Every, Destination MAC

Add to My Manuals
Save this manual to your list of manuals

Page 169 highlights

GS716Tv2 and GS724Tv3 Software Administration Manual Table 5-31. MAC ACL Rule Configuration Fields (continued) Field Assign Queue Match Every CoS Destination MAC Destination MAC Mask EtherType Key EtherType User Value Source MAC Source MAC Mask VLAN Description Specifies the hardware egress queue identifier used to handle all packets matching this ACL rule. Enter an identifying number from 0-3 in this field. Requires a packet to match the criteria of this ACL. Select True or False from the drop down menu. Match Every is exclusive to the other filtering rules, so if Match Every is True, the other rules on the screen are not available. Requires a packet's class of service (CoS) to match the CoS value listed here. Enter a CoS value between 0-7 to apply this criteria. Requires an Ethernet frame's destination port MAC address to match the address listed here. Enter a MAC address in this field. The valid format is xx:xx:xx:xx:xx:xx. If desired, enter the MAC Mask associated with the Destination MAC to match. The MAC address mask specifies which bits in the destination MAC to compare against an Ethernet frame. Use F's and zeros in the MAC mask, which is in a wildcard format. An F means that the bit is not checked, and a zero in a bit position means that the data must equal the value given for that bit. For example, if the MAC address is aa:bb:cc:dd:ee:ff, and the mask is 00:00:ff:ff:ff:ff, all MAC addresses with aa:bb:xx:xx:xx:xx result in a match (where x is any hexadecimal number). Requires a packet's EtherType to match the EtherType you select. Select the EtherType value from the drop down menu. If you select User Value, you can enter a custom EtherType value. This field is configurable if you select User Value from the EtherType drop down menu. The value you enter specifies a customized Ethertype to compare against an Ethernet frame. The valid range of values is 0x0600-0xFFFF. Requires a packet's source port MAC address to match the address listed here. Enter a MAC address in the this field. The valid format is xx:xx:xx:xx:xx:xx. If desired, enter the MAC mask for the source MAC address to match. Use Fs and zeros in the MAC mask, which is in a wildcard format. An F means that the bit is not checked, and a zero in a bit position means that the data must equal the value given for that bit. The valid format is xx:xx:xx:xx:xx:xx. Requires a packet's VLAN ID to match the ID listed here. Enter the VLAN ID to apply this criteria. The valid range is 0-4093. 2. To add a rule, complete the desired fields and click Add. Managing Device Security v1.0, July 2009 5-43

Section	Page
GS716Tv2 and GS724Tv3 Software Administration Manual	1
Contents	5
About This Manual	11
Audience	11
Organization	11
Conventions, Formats and Scope	12
How to Use This Manual	14
How to Print this Manual	14
Revision History	15
Chapter 1 Getting Started	17
Connecting the Switch to the Network	17
Switch Management Interface	18
SmartWizard Discovery in a Network with a DHCP Server	19
SmartWizard Discovery in a Network without a DHCP Server	20
Manually Assigning Network Parameters	21
Configuring the Network Settings on the Administrative System	22
SmartWizard Discovery Utilities	22
Password Change	23
Firmware Upgrade	23
Exit	24
Understanding the User Interfaces	25
Using the Web Interface	25
Navigation Tabs	27
Configuration and Monitoring Options	28
Device View	29
Help Page Access	30
User-Defined Fields	30
Using SNMP	30
Common Parameter Values	31
Interface Naming Convention	32
Chapter 2 Configuring System Information	33
System Information	33
Defining System Information	35
Network Connectivity	35
Time	37
Time Configuration	38
SNTP Global Status	40
SNTP Server Configuration	42
SNTP Server Status	43
Denial of Service	45
Green Ethernet Configuration	47
SNMP V1/V2	48
Community Configuration	49
Trap Configuration	51
Trap Flags	52
SNMP v3 User Configuration	53
LLDP	55
LLDP Configuration	55
LLDP Port Settings	56
Local Information	59
Neighbors Information	62
Chapter 3 Configuring Switching Information	65
Configuring and Viewing Device Port Information	65
Port Configuration	65
Flow Control	68
Creating LAGs	69
LAG Configuration	69
LAG Membership	71
LACP Configuration	72
LACP Port Configuration	73
Managing VLANs	74
VLAN Configuration	74
VLAN Membership Configuration	76
Port VLAN ID Configuration	78
Configuring Spanning Tree Protocol	80
STP Switch Configuration/Status	81
CST Configuration	83
CST Port Configuration	85
CST Port Status	87
Rapid STP Configuration	88
MST Configuration	90
MST Port Configuration	91
STP Statistics	95
Configuring IGMP Snooping	96
Global Configuration	96
IGMP Snooping Interface Configuration	98
Viewing Multicast Forwarding Database Information	99
IGMP Snooping Table	100
MFDB Table	101
MFDB Statistics	103
IGMP Snooping VLAN Configuration	104
Configuring IGMP Snooping Queriers	106
IGMP Snooping Querier Configuration	107
IGMP Snooping Querier VLAN Configuration	108
IGMP Snooping Querier VLAN Status	109
Searching and Configuring the Forwarding Database	111
Searching the MAC Address Table	111
Dynamic Address Configuration	113
MAC Address Table	114
Static MAC Address	116
Chapter 4 Configuring Quality of Service	119
Configuring Class of Service	119
Basic CoS Configuration	120
CoS Interface Configuration	121
Interface Queue Configuration	123
802.1p to Queue Mapping	124
DSCP to Queue Mapping	125
Chapter 5 Managing Device Security	127
Management Security Settings	127
Change Password	128
RADIUS Configuration	129
Global Configuration	129
Server Configuration	131
Accounting Server Configuration	133
Configuring TACACS+	136
TACACS+ Configuration	136
Server Configuration	137
Authentication List Configuration	139
Configuring Management Access	141
HTTP Configuration	141
Secure HTTP Configuration	142
Certificate Download	144
Access Profile Configuration	145
Access Rule Configuration	147
Port Authentication	148
802.1X Configuration	149
Port Authentication	150
Port Summary	154
Traffic Control	156
MAC Filter Configuration	156
MAC Filter Summary	158
Storm Control	159
Port Security Configuration	160
Port Security Interface Configuration	161
Security MAC Address	163
Protected Ports Membership	164
Configuring Access Control Lists	165
MAC ACL	166
MAC Rules	168
MAC Binding Configuration	170
MAC Binding Table	171
IP ACL	173
IP Rules	174
IP Extended Rule	176
IP Binding Configuration	180
IP Binding Table	182
Chapter 6 Monitoring the System	183
Switch Statistics	183
Viewing Port Statistics	186
Port Statistics	186
Port Detailed Statistics	187
EAP Statistics	194
Managing Logs	196
Memory Logs	196
FLASH Log Configuration	198
Server Log Configuration	201
Trap Logs	203
Event Logs	204
Configuring Port Mirroring	205
Multiple Port Mirroring	205
Chapter 7 Maintenance	207
Reset	207
Rebooting the Switch	207
Reset Configuration to Defaults	208
Upload File From Switch	209
Uploading Files	211
Download File To Switch	211
TFTP File Download	212
Downloading a File to the Switch	214
HTTP File Download	214
File Management	216
Dual Image Configuration	216
Viewing the Dual Image Status	218
Troubleshooting	219
Ping	219
TraceRoute	220
Appendix A Hardware Specifications and Default Values	223
GS7xxT Gigabit Smart Switch Specifications	223
GS7xxTR Gigabit Smart Switch Features and Defaults	224
Appendix B Configuration Examples	227
Virtual Local Area Networks (VLANs)	227
VLAN Example Configuration	228
Access Control Lists (ACLs)	230
MAC ACL Example Configuration	231
Standard IP ACL Example Configuration	232
802.1X	234
802.1X Example Configuration	236
MSTP	237
MSTP Example Configuration	239

Match case Limit results 1 per page

GS716Tv2 and GS724Tv3 Software Administration Manual

Managing Device Security

5-43

v1.0, July 2009

To add a rule, complete the desired fields and click

Add

Assign Queue

Specifies the hardware egress queue identifier used to handle all

packets matching this ACL rule. Enter an identifying number from 0–3 in

this field.

Match Every

Requires a packet to match the criteria of this ACL. Select True or False

from the drop down menu. Match Every is exclusive to the other filtering

rules, so if Match Every is True, the other rules on the screen are not

available.

CoS

Requires a packet’s class of service (CoS) to match the CoS value listed

here. Enter a CoS value between 0–7 to apply this criteria.

Destination MAC

Requires an Ethernet frame’s destination port MAC address to match

the address listed here. Enter a MAC address in this field. The valid

format is xx:xx:xx:xx:xx:xx.

Destination MAC Mask

If desired, enter the MAC Mask associated with the Destination MAC to

match. The MAC address mask specifies which bits in the destination

MAC to compare against an Ethernet frame. Use F’s and zeros in the

MAC mask, which is in a wildcard format. An F means that the bit is not

checked, and a zero in a bit position means that the data must equal the

value given for that bit. For example, if the MAC address is

aa:bb:cc:dd:ee:ff, and the mask is 00:00:ff:ff:ff:ff, all MAC addresses with

aa:bb:xx:xx:xx:xx result in a match (where

is any hexadecimal

number).

EtherType Key

Requires a packet’s EtherType to match the EtherType you select.

Select the EtherType value from the drop down menu. If you select User

Value, you can enter a custom EtherType value.

EtherType User Value

This field is configurable if you select User Value from the EtherType

drop down menu. The value you enter specifies a customized Ethertype

to compare against an Ethernet frame. The valid range of values is

0x0600–0xFFFF.

Source MAC

Requires a packet’s source port MAC address to match the address

listed here. Enter a MAC address in the this field. The valid format is

xx:xx:xx:xx:xx:xx.

Source MAC Mask

If desired, enter the MAC mask for the source MAC address to match.

Use Fs and zeros in the MAC mask, which is in a wildcard format. An F

means that the bit is not checked, and a zero in a bit position means that

the data must equal the value given for that bit. The valid format is

xx:xx:xx:xx:xx:xx.

VLAN

Requires a packet’s VLAN ID to match the ID listed here. Enter the

VLAN ID to apply this criteria. The valid range is 0–4093.

Table

5-31. MAC ACL Rule Configuration Fields (continued)

Field

Description