Netgear GS728TXS GS728TXS/GS752TXS Software Administration Manual
Netgear GS728TXS Manual
View all Netgear GS728TXS manuals
Add to My Manuals
Save this manual to your list of manuals |
Netgear GS728TXS manual content summary:
- Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 1
GS752TXS and GS728TXS Smart Switches Software Administration Manual 350 East Plumeria Drive San Jose, CA 95134 USA March 2013 202-11255-02 v2.0 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 2
GS728TXS Smart Switches Support Thank you for selecting NETGEAR products. After installing your device, locate the serial number on the label of your product and use it to register your product at https://my.netgear.com. You must register your product before you can use NETGEAR telephone support - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 3
Convention 25 Online Help 26 Support 26 User Guide 26 Registration 27 Chapter 2 Configure System Information Management 28 System Information 29 Slot Information 31 IP Configuration 33 IPv6 Network Configuration 35 IPv6 Network Neighbor 36 Time 37 Denial of Service 44 DNS 47 Green - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 4
Switch Stack Configuration Stacking Overview 81 Stack Features 82 Factory Defaults Stack Firmware 94 Chapter 4 Configuring Switching Ports 95 Port Configuration 95 Flow Control 97 Link Aggregation Groups 98 LAG Configuration 98 LAG Membership 100 LACP Configuration 101 LACP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 5
153 Chapter 5 Configuring Routing Configuring IP Settings 155 IP Configuration 156 IP Statistics 156 Configure VLAN Routing 160 Entry From the ARP Cache 170 Chapter 6 Configuring Quality of Service Class of Service 171 Basic CoS Configuration 172 CoS Interface Configuration 173 Interface - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 6
Service Configuration 187 Service Statistics 188 Chapter 7 Managing Device Security Management Security Settings 189 Change Password 229 MAC Binding Table 230 IP ACL 231 IP Rules 232 IP Extended Rules 233 IPv6 ACL 236 IPv6 Rules 237 IP Binding Configuration 241 IP Binding Table 242 VLAN - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 7
Smart Control Center Utilities Network Utilities 281 Configure the Device 283 Change the Switch Password 284 Manage the Switch Configuration and Firmware 285 Upload and Download the Configuration 285 Upgrade the Firmware 287 View and Manage Tasks 289 Appendix B Troubleshooting Troubleshooting - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 8
MAC ACL Example Configuration 300 Sample Standard IP ACL Configuration 301 Differentiated Services (DiffServ 302 Class 303 DiffServ Traffic Specifications and Default Values GS752TXS and GS728TXS Smart Switches Specifications 315 GS752TXS/GS728TXS Switch Features and Defaults 316 Appendix - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 9
the GS752TXS and GS728TXS Smart Switches by using the web-based graphical user interface (GUI). The manual describes the GS728TXS Smart Switches. Getting Started with the GS752TXS and GS728TXS Smart Switches This chapter provides an overview of starting your NETGEAR GS752TXS/GS728TXS Smart Switch - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 10
and assign static network information. In addition to enabling NETGEAR switch discovery, the Smart Control Center provides several utilities to help you maintain the NETGEAR switches on your network, such as password management, firmware upgrade, and configuration file backup. For more information - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 11
and GS728TXS Smart Switches host (administrative system) in the 192.168.0.0/24 network and change the settings by using the web management interface on the switch. For information about how to set the IP address on the administrative system so it is in the same subnet as the default IP address - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 12
clicking the line that displays the switch, then click the Web Browser Access button. The Smart Control Center displays a login window. Use your web browser to manage your switch. The default password is password. Use this screen to manage your switch. For more information, see Use the Web Interface - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 13
static switch IP address, gateway IP address, and subnet mask for the switch, and then type your password. Tip: You must enter the current password every time you use the Smart Control Center to update the switch setting. The default password is password. 9. Click Apply to configure the switch with - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 14
choose not to use the Smart Control Center to configure the network information on the switch, you can connect directly to the switch from an administrative system, such as a computer or laptop. The IP address of the administrative system must be in the same subnet as the default IP address on the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 15
GS752TXS and GS728TXS Smart Switches 3. In the Local Area Connection Status window, click Properties. The Local Area Connection Properties window displays. 4. Select the Internet Protocol Version 4 (TCP/IPv4) option, and - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 16
and GS728TXS Smart Switches 5. Select Use the following IP address and set the IP address of the administrative system to an address in the 192.168.0.0 network, such as 192.168.0.200. The IP address must be different from that of the switch but within the same subnet. WARNING: When you change the IP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 17
web browser. If you did not change the IP address of the switch from the default value, enter 192.168.0.239 in the address field. To access the switch management interface, use one of the following methods: • From the Smart Control Center, select the switch and click Web Browser Access. • Open a web - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 18
and monitor the components of the GS752TXS and GS728TXS Smart Switches software. The method you use to manage the IP address of the switch in the web browser address field. The login screen displays. 2. Type the password in the Password field. The factory default password is password. Passwords - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 19
GS752TXS and GS728TXS Smart Switches The following figure shows the layout of the Smart Switch web interface. Navigation tab Configuration menus Help link Logout button Help screen Links Configuration status and options Figure 1. Smart Switch Web Interface Navigation Tabs, Configuration Menus, - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 20
GS752TXS and GS728TXS Smart Switches Link Submenu Links Figure 2. Menu hierarchy Configuration and Status Options The area directly under the configuration with the latest information from the device. Ends the session. Clears all information and returns the switch to its default settings. 20 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 21
GS752TXS and GS728TXS Smart Switches Device View The Device View is a Java applet that displays the ports on the switch. This graphic provides an alternate way to navigate to configuration and monitoring options. The graphic also provides information about device ports, current configuration and - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 22
GS752TXS and GS728TXS Smart Switches Seven-Segment LED for the Stacking ID A solid green LED displays the stack ID (1-6). The following image shows the Device View of the GS752TXS. Figure 3. GS752TXS The following image shows the Device View of the GS728TXS. Figure 4. GS728TSX Click the port you - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 23
GS752TXS and GS728TXS Smart Switches If you click the graphic, but do not click a specific which contains information to assist in configuring and managing the switch. The online help screens are context-sensitive. For example, if the IP Addressing screen is open, the help topic for that screen - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 24
GS752TXS and GS728TXS Smart Switches use both standard public MIBs for standard functionality and private MIBs that support additional switch functionality. All , the user login password will be used as SNMPv3 authentication password. To configure the login password, see Change Password on page 189. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 25
GS752TXS and GS728TXS Smart Switches Interface Naming Convention The GS752TXS and GS728TXS Smart Switches support physical and logical interfaces. Interfaces are identified by their type and the interface number. All the physical ports are as follows: • GS752TXS. 1-48 are gigabit - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 26
website from the web management interface: 1. Select Help Support.. The Support screen displays. 2. Click Apply to access the NETGEAR support site for the switch. User Guide The GS752TXS and GS728TXS Smart Switches Software Administration Manual (the guide you are now reading) is available at the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 27
GS752TXS and GS728TXS Smart Switches Registration To qualify for product updates and product warranty, NETGEAR encourages you to register your product. The first time that you connect to the switch while it is connected to the Internet, you have the option to register your product. At any time, you - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 28
described in the following sections: • Management • SNMP • LLDP • Services-DHCP Snooping Management This section describes how to display the switch status and specify some basic switch information, such as the management interface IP address, system clock settings, and DNS information. From the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 29
GS752TXS and GS728TXS Smart Switches System Information After a successful login, the System switch. You can use up to 255 alphanumeric characters. The factory default is blank. • System Location. Enter the location of this switch. You can use up to 255 alphanumeric characters. The factory default - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 30
GS752TXS and GS728TXS Smart Switches The following table describes the status information the System since the last system restart. The universally assigned network address. The model name of the switch. This table shows temperature of different system sensors. The temperature is instant and can be - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 31
GS752TXS and GS728TXS Smart Switches Slot Information Use this screen to display details of the different slots in the different units in the stack. To display the Slot Information screen, - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 32
GS752TXS and GS728TXS Smart Switches The following table describes the status information supported card. This is a 32-bit data field. Displays a data field used to identify the supported card. Displays the list of models of all supported switches. Displays the index assigned to the selected switch - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 33
that the switch must obtain the IP address through a DHCP server. • Dynamic IP Address (BOOTP). Specifies that the switch must obtain the IP address through a BootP server. • Static IP Address. Specifies that the IP address, subnet mask, and default gateway must be manually configured. Enter - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 34
GS752TXS and GS728TXS Smart Switches 4. Specify the VLAN ID for the management VLAN. Note: to establish an IP connection to the switch from a workstation that is connected to a port in the same VLAN. If not specified, the active management VLAN ID is 1 (default), which allows an IP connection to be - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 35
GS752TXS and GS728TXS Smart Switches IPv6 Network Configuration Use the IPv6 Network Configuration screen to configure the IPv6 network interface, which is the logical interface used for in-band connectivity with the switch through all of the switch's front panel ports. The configuration parameters - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 36
GS752TXS and GS728TXS Smart Switches information from a DHCPv6 server. Selecting None disables the ) when sending messages to the DHCPv6 server. 4. In the IPv6 Gateway field, specify the default gateway for the IPv6 network interface. The gateway address is in IPv6 global or link-local address - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 37
and GS728TXS Smart Switches Table Time The switch supports the Simple Network Time Protocol (SNTP). You can also set the system time manually SNTP assures for unicast information is used for polling a server for which the IP address is known. SNTP servers that have been configured on the device - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 38
GS752TXS and GS728TXS Smart Switches Time Configuration Use the Time Configuration screen to view and adjust date and time settings. To manually configure the time: 1. Select System Management Time Time Configuration. The Time Configuration screen displays. 2. Next to the Clock Source field, - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 39
GS752TXS and GS728TXS Smart Switches 3. Next to the Client Mode field, select Unicast or Broadcast: • Unicast. a multicast address has Internet-wide scope. 4. Optionally, configure the following settings to non default values: • Port. The local UDP port to listen for responses/broadcasts. • Unicast - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 40
GS752TXS and GS728TXS Smart Switches • Time Zone Name. The acronym that represents the time zone. Status Server IP Address Address Type Server Stratum Description Specifies the SNTP Version the client supports. Specifies the SNTP modes the client supports. Multiple modes can be supported by a - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 41
GS752TXS and GS728TXS Smart Switches Table 7. Time Configuration status fields (Continued) Field Description address to enter in the Address field, which is either an IP address (IPv4) or hostname (DNS). 3. Under the Address field, specify the IP address or the host name of the SNTP server. 4. If - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 42
GS752TXS and GS728TXS Smart Switches 6. Under the Version field, specify the NTP version running on by the SNTP server is not valid. • Version Not Supported. The SNTP version supported by the server is not compatible with the version supported by the client. • Server Unsynchronized. The SNTP server - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 43
GS752TXS and GS728TXS Smart Switches Table 8. SNTP server status fields (Continued) Field Description same time every year. The start and end times and dates for the time shift must be manually configured. • Recurring EU. The system clock uses the standard recurring summer time settings used in - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 44
GS752TXS and GS728TXS Smart Switches • Begins At: From the appropriate in effect. Denial of Service Use the Denial of Service (DoS) feature to configure DoS control. The switch software provides support for classifying and blocking specific enabled only manually by the admin user. 3. Click Apply. 44 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 45
GS752TXS and GS728TXS Smart Switches Configure Denial of Service The Denial of Service Configuration screen lets you to select which types of DoS attacks for the switch to monitor and block. To configure individual DoS settings: 1. Select System Management Denial of Service Denial of Service - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 46
and GS728TXS Smart Switches • Denial of Service Max ICMPv6 Packet Size: Specify the Max IPv6 ICMP packet size allowed. If ICMPv6 DoS prevention is enabled, the switch will drop IPv6 ICMP ping packets that have a size greater than this configured Max ICMPv6 Pkt Size. • Denial of Service First - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 47
. • Disable: Prevent the switch from sending DNS queries. 3. Enter the DNS default domain name to include in DNS queries. When the system is performing a lookup on an unqualified host name, this field is provided as the domain name (for example, if default domain name is netgear.com and the user - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 48
GS752TXS and GS728TXS Smart Switches Configure and View Host Name-to-IP Address Information Use this screen to manually map host names to IP addresses or to view dynamic DNS mappings. To add a static entry to the local DNS table: 1. Select System Management DNS Host Configuration. 2. The DNS - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 49
GS752TXS and GS728TXS Smart Switches Green Ethernet Use this screen to configure Green Ethernet cable is - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 50
GS752TXS and GS728TXS Smart Switches 2. Select the port(s) to configure. • To configure a single port, the cable is less than 10m, PHYs are put into low power mode so enough power is used to support a short cable. The EEE and the Short Cable modes are not intended to be active simultaneously. • - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 51
GS752TXS and GS728TXS Smart Switches Green Ethernet Detail Use this screen to view detailed per-port Green Ethernet information and , PHYs are put into low power mode so enough power is used to support a short cable. The EEE and the Short Cable modes are not intended to be active simultaneously. 51 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 52
GS752TXS and GS728TXS Smart Switches • EEE Mode: When this mode is enabled and the remote system's receive Tw_sys that was used by the local system to compute the Tw_sys that it can support Fallback Tw_sys (uSec) The value of fallback Tw_sys that the local system requests from the remote system - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 53
GS752TXS and GS728TXS Smart Switches Table 10. Green Ethernet local device information (Continued) Field Tx_dll_enabled Tx_dll_ready Rx_dll_enabled Rx_dll_ready Time Since Counters Last Cleared Description The initialization status of the EEE - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 54
GS752TXS and GS728TXS Smart Switches Green Ethernet Summary This screen summarizes the Green Ethernet Summary settings currently in use. To access this screen, select System Management Green Ethernet Green Ethernet - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 55
and GS728TXS Smart Switches The following table describes the information in the Green Ethernet feature support table. Table 12. Green Ethernet support information Field Description Unit The ID number for the stack unit. Green Features supported on this The Green Ethernet feature(s) supported - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 56
GS752TXS and GS728TXS Smart Switches View and Configure Green Ethernet LPI History Use this screen to configure and view the Green Ethernet low power idle (LPI) history. Viewing the Green - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 57
GS752TXS and GS728TXS Smart Switches Table 14. LPI history information (Continued) Field you to configure SNMPv1/v2 community information, traps, and trap flags. Configure the SNMP Community By default, two SNMP Communities exist: • Private, with Read/Write privileges and status set to Enable. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 58
GS752TXS and GS728TXS Smart Switches The Community Configuration screen displays. 2. Next to Management Station IP, specify the IP address of the management station. 3. Next to Management Station IP Mask, specify the subnet mask to associate with the management station IP address. Together, the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 59
GS752TXS and GS728TXS Smart Switches Trap Configuration Use this screen to configure SNMP SNMP V1/V2 Trap Configuration The Trap Configuration screen displays. 2. Next to Recipients IP, specify the IP address in x.x.x.x format to receive SNMP traps from this device. 3. From the Version list, - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 60
GS728TXS Smart Switches Trap Flags Use the Trap Flags screen to enable or disable traps the switch can send to an SNMP manager. When the condition identified by an active trap is encountered by the switch and password. Supported MIBS This screen displays a list of all MIBs supported by the switch. 60 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 61
GS752TXS and GS728TXS Smart Switches LLDP The IEEE 802.1AB-defined standard, Link Layer Discovery Protocol ( function. The transmit and receive functions can be enabled/disabled separately per port. By default, both transmit and receive are enabled on all ports. The application is responsible for - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 62
GS728TXS Smart Switches LLDP Configuration Use the LLDP Configuration screen to specify the global LLDP and LLDP-MED parameters that are applied to the switch receiver(s) configured on the device. 3. Optionally, configure a non-default value next to Fast Start Duration. This value sets the number - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 63
GS752TXS and GS728TXS Smart Switches LLDP Port on the selected ports. • Management IP Address: Choose whether to advertise the management IP address from the interface. The possible IP address from the interface. • Auto Advertise: Advertise the current IP address of the device as the management IP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 64
GS752TXS and GS728TXS Smart Switches • Optional TLV(s): Enable or disable the transmission of optional type-length value (TLV) information from the interface. The TLV information includes the system name, system - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 65
GS752TXS and GS728TXS Smart Switches Table 15. LLDP-MED network policy information Field Network Policy Number Application VLAN ID VLAN Type User Priority DSCP Description The policy number. The media - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 66
GS752TXS and GS728TXS Smart Switches 3. Use the lists to enable or disable the following LLDP-MED settings for the selected port: Select System Advanced LLDP Local Information. The Local Information screen displays. 2. View summary LLDP information for the switch and the LLDP-enabled ports. 66 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 67
GS752TXS and GS728TXS Smart Switches Note: The list includes only the interfaces on which LLDP is for the switch. The user-configured system name for the switch. The switch description, which includes information about the product model and platform. The primary function(s) the switch supports. The - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 68
GS752TXS and GS728TXS Smart Switches 3. To view additional details about a port, click the name of the port The number that identifies the port. MAC/PHY Details Auto-Negotiation Supported Indicates whether the interface supports port speed auto-negotiation. The possible values are True or False. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 69
GS752TXS and GS728TXS Smart Switches Field Operational MAU Type MED Details Capabilities Supported Current Capabilities Device Class Network Policies Application Type VLAN ID VLAN Type User Priority DSCP Description The Medium Attachment Unit (MAU) type. The MAU performs - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 70
GS752TXS and GS728TXS Smart Switches The following table describes the information that displays for all LLDP neighbors that have been discovered. Field Description MSAP Entry The Media Service Access Point (MSAP) entry number for the remote device. Local Port The interface on the local - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 71
GS752TXS and GS728TXS Smart Switches The following table describes the information transmitted by the neighbor. Field Description Port Details Local Port The interface on the local system that received LLDP information from a remote system. MSAP Entry The Media Service Access Point (MSAP) - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 72
and GS728TXS Smart Switches Field MED Details Capabilities Supported Current Capabilities Device Class Hardware Revision Firmware TLV, including latitude, longitude, and altitude. Displays the Emergency Call Service (ECS) Emergency Location Identification Number (ELIN) the remote device has - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 73
GS752TXS and GS728TXS Smart Switches Field User Priority DSCP LLDP Unknown TLVs Type Value Description The priority associated with the policy. The DSCP associated with a particular policy type. Displays the unknown TLV type field. Displays the unknown TLV value field. Services-DHCP Snooping - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 74
GS752TXS and GS728TXS Smart Switches Global Configuration Use this screen to view and configure the global settings for DHCP Snooping. To configure DHCP snooping global settings: 1. Select System Services DHCP Snooping Global Configuration. The DHCP Snooping Global Configuration screen - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 75
GS752TXS and GS728TXS Smart Switches Interface Configuration Use the DHCP Snooping Interface port are discarded. To configure DHCP snooping interface settings: 1. Select System Services DHCP Snooping Interface Configuration. The DHCP Snooping Interface Configuration screen displays. 2. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 76
GS752TXS and GS728TXS Smart Switches 3. From the Trust Mode list, select the desired trust mode. • Disabled. The interface is considered to be untrusted and could potentially be used to launch a - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 77
GS728TXS Smart Switches Binding Configuration Use this screen to view, add, and remove static bindings in the DHCP snooping bindings database and to view or clear the dynamic bindings in the bindings table. To configure static DHCP bindings: 1. Select System Services IP Address, specify the IP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 78
and GS728TXS Smart Switches Persistent Configuration Use this screen to configure the persistent location of the DHCP snooping bindings database. The bindings database can be stored locally on the device or on a remote system somewhere else in the network. The device must be able to reach the IP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 79
GS752TXS and GS728TXS Smart Switches Statistics Use this screen to view and clear per-interface statistics about the DHCP messages filtered by the DHCP snooping feature on untrusted interfaces. To view and clear the DHCP snooping statistics: 1. Select System Services DHCP Snooping Statistics - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 80
GS752TXS and GS728TXS Smart Switches 80 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 81
) features that apply to all stack members • Interface-level features for all interfaces on any stack member A switch stack is identified in the network by its network IP address. The network IP address is assigned according to the MAC address of the stack manager. Every stack member is uniquely - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 82
manager will automatically distribute firmware to subordinate switches when you upgrade the firmware so that all stack members are synchronized when reloading the stack. Stack Features The primary stacking features are as follows: • Up to 6 switches in a stack • Single IP Address management through - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 83
and GS728TXS Smart Switches Factory Defaults Reset Behavior The configurations applied on GS752TXS/GS728TXS would be switch that is currently the stack manager • The switch with the highest stack member priority value Note: NETGEAR recommends assigning the highest priority value to the switch - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 84
GS752TXS and GS728TXS Smart Switches Stack Configuration Install a Stack Use the following steps to connect a stack of switches: 1. Make sure to the stack. See Configure a Stack Member on page 89. 4. Connect each switch to the stack by installing the stacking cables. The units are connected to the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 85
GS752TXS and GS728TXS Smart Switches Remove a Unit from the Stack You do not need to power down the stack or any stack unit to remove a switch from the stack. To remove a switch from the stack: 1. Make sure the redundant stack connection is in place and functional. All stack members should be - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 86
GS752TXS and GS728TXS Smart Switches 7. If the software version of the newly added member is not the same as the existing stack, update the software image. For more information, see Synchronize Stack Firmware on page 94. Renumber a Stack Member If particular numbering is required, we recommend that - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 87
GS752TXS and GS728TXS Smart Switches Move the Stack Manager Role to a Different Unit in the Stack When you force a switch to become the new stack manager, the entire stack (including all interfaces in the stack) is unconfigured and reconfigured with the configuration on the new - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 88
GS752TXS and GS728TXS Smart Switches Remove a Stack Manager from an Operating Stack Use the from the stack. See Remove a Unit from the Stack on page 85. Merge Two Operational Stacks NETGEAR recommends that you power down all units before merging two stacks. However, two operational stacks can also - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 89
GS752TXS and GS728TXS Smart Switches Configure a Stack Member Before you add a switch to a stack, you can with another device of the same type without having to reconfigure the switch. Unit numbers are stored independently on each switch, so that after power cycling or reloading the stack, the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 90
GS752TXS and GS728TXS Smart Switches 5. In the Management Status list, select the role of the new as the Standby Unit and the configured Standby Unit is not part of the stack. • None - The switch is not configured as the Standby Unit. The status of the selected unit. The possible values are: • - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 91
GS728TXS Smart Switches Table 19. Basic stack status information (Continued) Field Description Uptime The relative time since the last reboot of the switch Attempt Status The status of last tried stack firmware synchronisation. "None" is the default value if SFS has not been tried. Configure - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 92
GS752TXS and GS728TXS Smart Switches 6. Monitor the port information to verify that the running stack mode is Ethernet. The following table describes port status fields on the Stack Port Configuration screen. Field Description Unit ID The unit number assigned to the switch. Port The stackable - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 93
and GS728TXS Smart Switches View Stack Port Diagnostic Information Use the Stack Port Diagnostics screen to view diagnostic information about stack ports. The screen displays three text fields that are populated by the driver and contain debug and status information. Each text field supports - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 94
GS752TXS and GS728TXS Smart Switches Synchronize Stack Firmware Stack firmware Synchronization (SFS) provides the ability to automatically synchronize firmware for all stack members. If a unit joins the stack and its firmware version is different from the version running on the stack manager, the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 95
The screens you access from the Ports menu allow you to view and monitor the physical port information for the ports available on the switch. The Ports menu contains links described in the following sections. • Port Configuration • Flow Control Port Configuration Use the Port Configuration screen to - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 96
GS752TXS and GS728TXS Smart Switches 2. Select the interfaces for which you want to configure the state, which can be one of the following: - Enable. The port can participate in the network (default). - Disable. The port is administratively down and does not participate in the network. • Port Speed. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 97
GS752TXS and GS728TXS Smart Switches • Link Trap. This object determines whether or not to send a trap when link status changes. The factory default is Enable. - Enable. Specifies that the system sends a trap when the link status changes. - Disable. Specifies that the system does not send a trap - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 98
GS728TXS Smart Switches after you create a LAG. The LAG by default becomes member of default management VLAN (i.e, 1). A LAG interface can be switch supports eight LAGs. The LAGs menu contains links described in the following sections. • LAG Configuration • LAG Membership • LACP Configuration • LACP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 99
and GS728TXS Smart Switches 3. whether you want to have a trap sent when link status changes. The factory default is Disable, which will cause the trap to be sent. • Admin Mode. LAG Type. Specifies whether the LAG is configured as a Static or LACP port. When the LAG is static, it does not transmit or - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 100
GS752TXS and GS728TXS Smart Switches LAG Membership Use the LAG Membership screen to select two or more full-duplex Ethernet links to be aggregated together to form a link aggregation group (LAG), which is also known as a port channel. The switch can treat the port channel as if it were a single - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 101
GS752TXS and GS728TXS Smart Switches LACP Configuration The LACP configuration screen is used to set the LACP system priority. To configure LACP: 1. Select Switching LAG Advanced LACP Configuration. 2. From the LACP System Priority field, specify the device's link aggregation priority - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 102
GS752TXS and GS728TXS Smart Switches 3. Configure the LACP Priority Default value is 128. 4. Configure the administrative LACP Timeout value. • Long. Specifies a long timeout value. • Short. Specifies a short timeout value. 5. Click Apply. VLANs Adding Virtual LAN (VLAN) support to a Layer 2 switch - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 103
GS752TXS and GS728TXS Smart Switches Basic VLAN Configuration Use the VLAN Configuration screen to define VLAN groups stored in the VLAN membership table. The GS752TXS/GS728TXS supports up to 256 VLANs. The Default VLAN (1), Voice VLAN (2) and Auto-Video VLAN (3) are created by default, and all - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 104
GS752TXS and GS728TXS Smart Switches VLAN Membership Configuration Use this screen to configure VLAN Port Membership for a particular VLAN. You can select the Group operation through this screen. To configure VLAN membership for individual ports and LAGs: 1. Select Switching VLAN Advanced - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 105
GS752TXS and GS728TXS Smart Switches In the following figure, ports 6, 7, and 8 from Unit 1 are being added as tagged members to VLAN 2. 6. Click Apply. To configure the same VLAN membership settings for all ports and LAGs: 1. Select Switching VLAN Advanced VLAN Membership. 2. In the VLAN ID - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 106
GS752TXS and GS728TXS Smart Switches 2. View the following VLAN status information: • VLAN ID. The VLAN Identifier (VID) of the VLAN. The range of the VLAN ID is (1 to 4093) • VLAN Name. The name of the VLAN. VLAN ID 1 is always named Default. • VLAN Type. The VLAN type: - Default (VLAN ID = 1). - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 107
GS752TXS and GS728TXS Smart Switches To configure PVID information: 1. Select Switching VLAN Advanced Port PVID Configuration. 2. will be forwarded in accordance with the IEEE 802.1Q VLAN standard. The factory default is Admit All. • VLAN Only. The port will discard any untagged or priority - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 108
GS752TXS and GS728TXS Smart Switches MAC-Based VLAN The MAC-based VLAN feature allows incoming table that has MAC address to VLAN ID mappings). When untagged or priority tagged packets arrive at the switch and entries exist in the MAC to VLAN table, the source MAC address of the packet is looked - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 109
GS728TXS Smart Switches Protocol-Based VLAN Group Configuration Protocol-based VLAN can be used to define filtering criteria for untagged packets. By default When adding a protocol, you can specify the EtherType hex value or (for IP, ARP, and IPX) the protocol keyword. 5. Under VLAN ID, specify the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 110
GS752TXS and GS728TXS Smart Switches To modify protocol based VLAN information: 1. Select the check box a given protocol. If you have already added a port to a group for IP, you cannot add it to another group that also includes IP, although you could add it to a new group for IPX. The Group Name - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 111
GS752TXS and GS728TXS Smart Switches Voice VLAN Configure the Voice VLAN settings for ports that carry traffic from IP phones. The Voice VLAN feature can help ensure that the sound quality of an IP phone is safeguarded from deteriorating when the data traffic on the port is high. To configure the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 112
GS752TXS and GS728TXS Smart Switches • Untagged. Send untagged voice traffic. • Disable.Operationally disables so that they can be prioritized above data packets in order to provide better Quality of Service (QoS). With the Auto VoIP feature, voice prioritization is provided based on call-control - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 113
GS752TXS and GS728TXS Smart Switches 2. In the Prioritization Type list, select method used to prioritize VoIP traffic when a call-control protocol is detected, which is one of the following: • Remark. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 114
GS752TXS and GS728TXS Smart Switches OUI-Based Properties With Organizationally Unique Identifier (OUI)-based Auto VoIP, voice prioritization is provided based on OUI bits. To configure OUI-based properties: 1. Select Switching Auto-VoIP OUI-based Properties. 2. In the VoIP VLAN ID list, - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 115
GS752TXS and GS728TXS Smart Switches Port Settings The port settings screen allows you to configure the OUI port settings. To configure OUI port settings: 1. Select Switching Auto-VoIP Advanced Port Settings. 2. Select the interface(s) to configure. 3. In the Auto VoIP Mode list, select - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 116
and GS728TXS Smart Switches OUI Table Device hardware manufacturers can include an OUI in a network adapter to help identify a hardware device. The OUI is a unique 24-bit number assigned by the IEEE registration authority. The switch comes preconfigured with the following OUIs that identify the IP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 117
GS752TXS and GS728TXS Smart Switches 3. Under Description, type a description that identifies the manufacturer or vendor one path between end stations on a network, eliminating loops. Spanning tree versions supported include Common STP, Multiple STP, and Rapid STP. Classic STP provides a single - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 118
and GS728TXS Smart Switches • STP Statistics STP Configuration The STP Configuration screen contains fields for enabling STP on the switch. To configure STP settings on the switch: 1. Select Switching currently being used. The values allowed are between 0 and 65535. The default value is 0. 118 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 119
GS752TXS and GS728TXS Smart Switches 5. The Forward BPDU while STP Disabled field specifies whether spanning tree BPDUs should be forwarded or not while spanning-tree is disabled on the switch. The value is enabled or disabled. 6. Click Apply. 7. View the STP Status information displayed on the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 120
GS728TXS Smart Switches CST Configuration Use the CST Configuration screen to configure Common Spanning Tree (CST) and Internal Spanning Tree on the switch. To configure CST settings: 1. Select Switching and 4095, it will be set to 0. The default priority is 32768. • Bridge Max Age (secs). Specify - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 121
GS752TXS and GS728TXS Smart Switches 3. Click Apply. 4. View the MSTP status information displayed on the Tree (CST) and Internal Spanning Tree on a specific port on the switch. To configure CST port settings: 1. Select Switching STP Advanced CST Port Configuration. 2. To configure CST - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 122
GS752TXS and GS728TXS Smart Switches • STP Status. Enable or disable the Spanning Tree Protocol Administrative Mode associated with the port or port channel. • Fast Link. Specifies if the specified port is an Edge Port with the CST. Possible values are Enable or Disable. The default is Disable. • - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 123
GS752TXS and GS728TXS Smart Switches CST Port Status Use the Spanning Tree CST Port Status screen to display Common Spanning Tree (CST) and Internal Spanning Tree on a specific port on the switch. To display the Spanning Tree CST Port Status screen, click Switching STP Advanced CST Port Status - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 124
GS752TXS and GS728TXS Smart Switches Field Description Point-to-point MAC Derived value of information about Rapid Spanning Tree (RSTP) port status. To display the Rapid STP screen, click Switching STP Advanced RSTP. The following table describes the Rapid STP Status information displayed - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 125
GS752TXS and GS728TXS Smart Switches Field Mode Fast Link Status Description Specifies the and 4095, it will be set to 0. The default priority is 32768.The valid range is 0-61440. • VLAN ID. The menu contains all VLANs configured on the switch. Select a VLAN to associate with the MST instance. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 126
GS752TXS and GS728TXS Smart Switches Field Description Bridge Identifier The bridge identifier for the selected Multiple Spanning Tree (MST) settings on a specific port on the switch. To configure MST port settings: 1. Select Switching STP Advanced MST Port Configuration. Note: If no MST - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 127
GS752TXS and GS728TXS Smart Switches 2. To configure MST settings for a physical port, enter the interface and click Go to select that particular interface. 3. Select the interfaces for which you want - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 128
GS752TXS and GS728TXS Smart Switches Field Description Port Forwarding State Indicates the current STP state of a port. If enabled, the port (BPDUs) transmitted and received on each port. To display the Spanning Tree Statistics screen, select Switching STP Advanced STP Statistics. 128 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 129
GS752TXS and GS728TXS Smart Switches The following table describes the information available on received at the selected port. Number of MSTP BPDUs transmitted from the selected port. Multicast Multicast IP traffic is traffic that is destined to a host group. Host groups for IPv4 multicast are - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 130
GS728TXS Smart Switches Bridge Multicast Forwarding When you create a VLAN, a default multicast forwarding option is assigned. You can use the Global Multicast Mode setting to set all VLANs currently configured on the switch to a selected forwarding mode. The global setting does not create a default - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 131
GS752TXS and GS728TXS Smart Switches MFDB Table The Multicast Forwarding Database (MFDB) pair. Entries can contain data for more than one protocol. To search the MFDB table: 1. Select Switching Multicast MFDB MFDB Table. 2. Next to Search By MAC Address, specify the MAC Address whose MFDB - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 132
GS752TXS and GS728TXS Smart Switches MFDB Statistics This screen displays the MFDB statistics for the system. To view the MFDB statistics: 1. Select Switching Multicast MFDB MFDB Statistics. The MFDB Statistics screen displays the following: • Max MFDB Table Entries. The maximum number of - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 133
GS728TXS Smart Switches IGMP Snooping Internet Group Management Protocol (IGMP) Snooping is a feature that allows a switch to forward multicast traffic intelligently on the switch. Multicast IP traffic is traffic that is destined to a host group. Host groups are identified by class D IP addresses - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 134
GS752TXS and GS728TXS Smart Switches 2. Enable or disable IGMP Snooping on the switch: • Enable. The switch snoops all IGMP packets it receives to determine which segments should receive packets directed to the group address. • Disable. The switch does not snoop IGMP packets. 3. Select whether to - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 135
GS752TXS and GS728TXS Smart Switches IGMP Snooping Interface Configuration Use the IGMP Snooping Interface Configuration screen to configure IGMP snooping settings on specific interfaces. To configure IGMP snooping interface settings: 1. Select Switching Multicast IGMP Snooping IGMP Snooping - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 136
GS752TXS and GS728TXS Smart Switches • Max Response Time. Specify the amount of time you want the switch to wait after sending a query Mode. Select the Fast Leave mode for a particular interface from the menu. The default is Disable. 6. Click Apply. IGMP Snooping Table Use the IGMP Snooping Table - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 137
GS728TXS Smart Switches traffic directed to that group. Also, fast-leave processing is supported only with IGMP version 2 hosts. • Host Timeout. Sets than the Group Membership Interval. The default is 10 seconds. • MRouter Timeout. Enter the amount of time that a switch will wait to receive a query - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 138
GS752TXS and GS728TXS Smart Switches • Query Mode. Enable or disable the IGMP Querier Mode for the specified VLAN ID. • Query Interval. Enter the value for IGMP Query Interval for the specified VLAN ID. The valid range is 1-1800 seconds. The default is 60 seconds. 3. Click Add. To disable IGMP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 139
GS752TXS and GS728TXS Smart Switches 3. Use the Multicast Router menu to enable or disable router attached to this interface. The configuration is not needed most of the time since the switch will automatically detect the presence of a multicast router and forward IGMP packets accordingly. It is - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 140
GS728TXS Smart Switches IGMP Snooping Querier Configuration Use this screen to enable or disable the IGMP Snooping Querier feature, specify the IP address of the router to perform the querying, and configure the related parameters. To configure IGMP snooping querier settings: 1. Select Switching - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 141
and GS728TXS Smart Switches IGMP Snooping Querier VLAN Configuration To create a new VLAN ID for IGMP snooping: 1. Select Switching Multicast . The snooping querier participates in querier election, in which the least IP address operates as the querier in that VLAN. The other querier moves - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 142
GS728TXS Smart Switches IGMP Snooping Querier VLAN Status Use this screen to view the operational state and other information for IGMP snooping queriers for VLANs on the network. To view operational information on IGMP snooping queriers, select Switching querier. Displays the IP address of the last - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 143
GS752TXS and GS728TXS Smart Switches MLD Snooping MLD is a protocol used by IPv6 multicast routers to Layer 2 interfaces so that multicast traffic is forwarded to only those interfaces associated with IP multicast address. In IPv6, MLD snooping performs a similar function. With MLD snooping, - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 144
GS728TXS Smart Switches • VLAN IDs Enabled For MLD Snooping. The VLANs enabled for MLD snooping. To enable a VLAN for MLD snooping, see MLD VLAN Configuration on page 145. 5. Click Refresh to update the screen with the latest information from the switch switch from the Admin Mode field. The default - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 145
GS752TXS and GS728TXS Smart Switches The valid range is from (2 to 3600) seconds. The configured value must be greater than Max Response Time. The default is 260 seconds. 7. Use the Max Response Time(secs) field to specify the amount of time you want the switch to wait after sending a query on an - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 146
GS752TXS and GS728TXS Smart Switches 6. Under Group Membership Interval, specify the number of multicast routers attached. The multicast router present expiration time is configurable via management. The default value for the multicast router expiration time is zero, which indicates an infinite time - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 147
GS752TXS and GS728TXS Smart Switches 2. To configure Multicast Router settings for a physical port, enter the active and is a member of the VLAN. Unlike in the previous release of the system firmware, Snooping dynamic learning mode (snooping interface mode or snooping VLAN mode) does not need not - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 148
GS752TXS and GS728TXS Smart Switches 2. Select the interface in this screen to enable or disable the MLD Querier Configuration feature, specify the IP address of the router to perform the querying, and configure the related is being sent. The supported IPv6 formats are x:x:x:x:x:x:x:x and x::x. 148 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 149
GS728TXS Smart Switches 4. In the MLD Version field, the MLD protocol version used in periodic MLD queries is displayed. The supported in the range of 60-300 seconds. The default value is 60. 7. Click Apply. Querier in querier election, in which the least IP address operates as the querier in that - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 150
GS728TXS Smart Switches Field Operational State Operational Version Last Querier Address Last Querier Version Operational Max Response Time Description Specifies the operational state of the IGMP Snooping Querier on a VLAN: • Querier. The snooping switch querier. Displays the IP address of the last - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 151
GS752TXS and GS728TXS Smart Switches MAC Address Table The MAC Address Table contains information about unicast entries for which the switch has forwarding and/or filtering information. This information is used by the transparent bridging function in determining how to propagate a received frame. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 152
GS752TXS and GS728TXS Smart Switches The following table describes the information available for each entry in the address table deleting a learned entry that has not been updated. IEEE 802.1D-1990 recommends a default of 300 seconds. Enter any number of seconds between 10 and 1000000. The factory - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 153
GS752TXS and GS728TXS Smart Switches Static MAC Address Use the Static MAC Address Configuration screen to configure and view static MAC addresses on an interface. To add a static MAC address: 1. Select Switching Address Table Advanced Static MAC Address. 2. Select the VLAN ID corresponding - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 154
GS752TXS and GS728TXS Smart Switches 154 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 155
5. Configuring Routing 5 The GS752TXS and GS728TXS Smart Switches supports IP routing. Use the menus under the Routing tab to manage routing on the system. When a packet enters the switch, the destination MAC address is checked to see if it matches any of the configured routing interfaces. If it - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 156
value is not supplied by the transport layer protocol. The default value is 64. The maximum number of hops supported by the switch. This is a compile-time constant. The default value is 1. IP Statistics The statistics reported on the IP Statistics screen are as specified in RFC 1213. To display - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 157
GS752TXS and GS728TXS Smart Switches Figure 6. IP statistics screen The following table describes the IP statistics information displayed on the screen. Table 21. IP routing statistics Field IpInReceives IpInHdrErrors IpInAddrErrors Description The total number of input datagrams received from - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 158
GS728TXS Smart Switches Table 21. IP protocol. The number of input IP datagrams for which no problems were encountered to prevent their default gateways are down. The maximum number of seconds which received fragments are held while they are awaiting reassembly at this entity. The number of IP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 159
GS752TXS and GS728TXS Smart Switches Table 21. IP routing statistics (Continued all those counted by icmpOutErrors. The number of ICMP messages which this entity did not send due to problems discovered within ICMP such as a lack of buffers. This value should not include errors discovered outside the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 160
Smart Switches software with some ports supporting VLANs and some supporting routing. You can also configure the software to allow traffic on a VLAN to be treated as if the VLAN were a router port. When a port is enabled for bridging (default and GS728TXS Smart Switches software to support VLAN - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 161
GS752TXS and GS728TXS Smart Switches • Create a LAG, add selected ports to a LAG, then add another VLAN. • Exclude ports not selected from the VLAN. • Enable routing on the VLAN using the IP address and subnet mask entered. To configure VLAN routing using the VLAN routing wizard: 1. Click Routing - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 162
GS752TXS and GS728TXS Smart Switches VLAN Routing Configuration Use the VLAN Routing Configuration screen to view information about the VLAN routing interfaces configured on the system or to assign an IP address and subnet mask to VLANs on the system. To configure VALN routing: 1. Select Routing - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 163
GS728TXS Smart Switches Router Advertisements are transmitted from the selected interface. 4. Enter the IP Address to be used to advertise the router. 5. Enter the interface. The value must be in the range of (4 to 1800). Default value is 600. 6. Enter the minimum time (in seconds) allowed between - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 164
GS752TXS and GS728TXS Smart Switches 8. Specify the preference level of the router as a default router relative to other routers on the same subnet. Higher numbered addresses are preferred. You must enter an integer. The value must be in the range of (-2147483648 to 2147483647). Default value is 0. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 165
GS752TXS and GS728TXS Smart Switches The preference is an integer value from 1 to 255. You can specify the is a static or default route. The IP route prefix for the destination. Also referred to as the subnet/network mask, this indicates the portion of the IP interface address that identifies the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 166
IPv4 address. GS752TXS and GS728TXS Smart Switches software features both dynamic and manual ARP configuration. With manual ARP configuration, you can GS728TXS switches support 1024 ARP entries, which includes dynamic and static ARP entries. Devices can be moved in a network, which means the IP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 167
GS752TXS and GS728TXS Smart Switches The following table provides information included in the management VLAN ARP section. Table 23. ARP cache information Field Description IP Address Displays the associated IP address of a device on a subnet attached to one of the switch's existing routing - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 168
GS752TXS and GS728TXS Smart Switches To add an entry to the ARP table: 1. Select Routing ARP > Advanced ARP Create. 2. Under IP Address, specify the IP address to add. It must be the IP address of a device on a subnet attached to one of the switch's existing routing interfaces. 3. Under MAC - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 169
GS752TXS and GS728TXS Smart Switches You must enter a valid integer, which represents the number of seconds the switch will wait for a response to an ARP request. The range for this field is 1 to 10 seconds. The default value for Response Time is 10 second. 4. Enter an integer which specifies the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 170
GS752TXS and GS728TXS Smart Switches Remove an ARP Entry From the ARP Cache Use this All Dynamic and Gateway Entries • Specific Dynamic / Gateway Entry. Selecting this allows you to specify the required IP address. • Specific Static Entry. • None. Select if you do not want to delete any entry from - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 171
Service (QoS) settings on the switch. The QoS tab contains links described in the following sections. • Class of Service • Differentiated Services In a typical switch the queue (or port) level. Eight queues per port are supported. The eighth queue is used for stacking which is not configurable for - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 172
GS728TXS Smart Switches From the Advanced link, the Class of service mapping table to be of any use, so there are default actions performed when this is not the case. These actions be honored, such as when a non-IP packet arrives at a port configured to trust the IP DSCP value. To configure global - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 173
GS752TXS and GS728TXS Smart Switches Global Trust Mode can be one of the following: • Untrusted. Do queues. • DSCP. The six most significant bits of the DiffServ field are called the Differentiated Services Code Point (DSCP) bits. 4. From the Interface Trust Mode drop down list, select the trust - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 174
GS752TXS and GS728TXS Smart Switches 4. From six most significant bits of the DiffServ field are called the Differentiated Services Code Point (DSCP) bits. 5. In the Interface Shaping Rate It is effectively a second-level shaping mechanism. The default value is 0. The value 0 means the maximum is - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 175
GS752TXS and GS728TXS Smart Switches 2. To configure CoS queue settings for a physical port, to create the desired service characteristics for different types of traffic. - Weighted. Weighted round robin associates a weight to each queue. This is the default. - Strict. Services traffic with the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 176
GS752TXS and GS728TXS Smart Switches - Queue Management Type. Displays the type of packet management used priority-to-traffic class mappings can be applied globally or per-interface. The mapping allows the switch to group various traffic types (for example, data or voice) based on their latency - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 177
GS752TXS and GS728TXS Smart Switches DSCP to Queue Mapping Use the DSCP to Queue Mapping screen to specify which internal traffic class to map the corresponding DSCP value. To map - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 178
GS752TXS and GS728TXS Smart Switches Differentiated Services The QoS feature contains Differentiated Services (DiffServ) support that allows traffic to be classified into streams and given certain QoS treatment in accordance with defined per-hop behaviors. Standard IP-based networks are designed to - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 179
GS752TXS and GS728TXS Smart Switches Diffserv Configuration Use the DiffServ Configuration screen Advanced DiffServ Configuration. 2. Select the administrative mode for DiffServ: • Enable. Differentiated Services are active. • Disable. The DiffServ configuration is retained and can be changed, but - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 180
GS752TXS and GS728TXS Smart Switches Class Configuration Use the Class Configuration screen to add the Class Name field, enter a class name. 3. Select the class type 4. Click Add. The switch supports only the Class Type value All, which means all the various match criteria defined for the class - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 181
GS752TXS and GS728TXS Smart Switches 2. Define the criteria to associate with a DiffServ class: • class can reference at most one other class of the same type. • Class of Service. Select the field and enter a class of service 802.1p user priority value to be matched for the packets. The valid range - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 182
GS752TXS and GS728TXS Smart Switches • Protocol Type. Requires a packet's layer 4 protocol to match the protocol you select. If you select Other, enter a protocol number in the field that displays. The valid range is 0-255. • Source IP Address. Requires a packet's source port IP address to match the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 183
GS728TXS Smart Switches IPv6 Class Configuration The IPv6 Class Configuration feature extends the existing QoS ACL and DiffServ functionality by providing support signify some form of quality-of-service (QoS) handling in routers. Packets or the IP DSCP field in the Traffic Class octet. IP Precedence is - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 184
GS752TXS and GS728TXS Smart Switches To delete a class: 1. Select the check box next to the class name. 2. Click Delete. The same set of fields described for IPv6 ACL classification are also supported as match criteria for DiffServ classes. Prior to the introduction of IPv6 class rule fields, any - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 185
GS752TXS and GS728TXS Smart Switches To configure the policy attributes: 1. Click the name of the policy. The policy name is a hyperlink. . This is an integer value in the range from 0 to 7 for setting the VLAN priority. • Mark IP Precedence. Select this value from the drop-down list. This is an - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 186
GS752TXS and GS728TXS Smart Switches • Mark IP DSCP. This lists the keywords for the known valid for use with this policy instance; otherwise, the color mode is color blind, which is the default. • Color Conform Mode. The match-criteria of the color Conform class. • Committed Rate. The committed - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 187
GS728TXS Smart Switches - Mark IP Precedence. These packets are marked by DiffServ with the specified IP Precedence value before being presented to the system forwarding element. This selection requires that the Mark IP Precedence value field be set. - Mark IP Advanced Service Configuration. 2. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 188
GS752TXS and GS728TXS Smart Switches To remove a policy from an interface: 1. Select the interface(s) on which the policy is to be removed. 2. From the Policy In Name list, select None. 3. Click Apply. Service Statistics Use the Service Statistics screen to display service-level statistical - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 189
Access Control Lists Management Security Settings From the Management Security menu, you can configure the login password, Remote Authorization Dial-In User Service (RADIUS) settings, Terminal Access Controller Access Control System (TACACS+) settings, and authentication lists. The Management - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 190
GS752TXS and GS728TXS Smart Switches 2. Specify the current password in the Old Password field. The entered password will be displayed in asterisks (*). Passwords are 1-20 alphanumeric characters in length and are case sensitive. 3. Enter the new password. It will not display as it is typed, and - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 191
settings: 1. Select Security Management Security RADIUS Global Configuration. The Current Server IP Address field is blank if no servers are configured (see RADIUS Server Configuration on page 192). The switch supports up to three configured RADIUS servers. If more than one RADIUS servers are - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 192
GS728TXS Smart Switches the following settings: • In the Server Address field, specify the IP address of the RADIUS server to add. • In the Authentication verify the RADIUS server authentication. The valid range is 1-65535. The default value is 1812. • From the Secret Configured menu, select Yes to - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 193
GS752TXS and GS728TXS Smart Switches To modify settings for a RADIUS server that is already configured on the switch: 1. Select the check box next to the server IP address. 2. Update the desired fields for the selected server. 3. Click Apply. To delete a configured RADIUS server: 1. Select the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 194
GS728TXS Smart Switches Use the buttons at the bottom of the screen to perform the following actions: • Click Clear Counters to clear the authentication server and RADIUS statistics to their default values. • Click Refresh to refresh the screen with the most current data from the switch IP address - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 195
GS752TXS and GS728TXS Smart Switches 7. Click Apply. The following table describes RADIUS accounting server statistics available on the screen. Table 28. RADIUS accounting server statistics Field Description Accounting Server Address Displays the IP address of the supported RADIUS accounting - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 196
GS752TXS and GS728TXS Smart Switches Configuring TACACS+ TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the following services: • Authentication. Provides authentication during login and via - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 197
GS728TXS Smart Switches TACACS+ Server Configuration Use the TACACS+ Server Configuration screen to configure up to five TACACS+ servers with which the switch is selected in the TACACS+ Server IP Address field. After you add one which the TACACS+ session occurs. The default is port 49, and the range - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 198
GS728TXS Smart Switches Authentication List Configuration Use the Authentication List screen to configure the default login list. A login list specifies one or more authentication methods to validate switch method. • RADIUS. The user's ID and password will be authenticated using the RADIUS server. If - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 199
and GS728TXS Smart Switches 4. Use defines the HTTPS authentication method used for the default list. To change the HTTPS authentication method have specified more than one method. • RADIUS. The user's ID and password will be authenticated using the RADIUS server. If you select RADIUS or TACACS+ - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 200
GS728TXS Smart Switches • TACACS+. The user's ID and password will be authenticated using the TACACS+ server. If you select RADIUS or TACACS+ as the first method and an error occurs during the authentication, the switch the dot1x authentication method used for the default list. To change the Dot1x - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 201
GS728TXS Smart Switches 4. Click Apply. Configuring Management Access From the Access menu, you can configure HTTP and Secure HTTP access to the GS752TXS/GS728TXS logged out and must reenter the password to access the management interface. A is 0 to 60 minutes. The default value is 5 minutes. 4. In - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 202
GS752TXS and GS728TXS Smart Switches 5. In the Maximum Number of HTTP Sessions field, specify the maximum number of HTTP sessions that can exist at the same time. The value must be in the range of (0-4). The default value is 4. 6. Click Apply. Secure HTTP Configuration Secure HTTP enables the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 203
GS728TXS Smart Switches After the session is inactive for the configured amount of time, the administrator is automatically logged out and must re-enter the password to access the management interface. A value of zero corresponds to an infinite timeout. The valid range is 1-60 minutes. The default - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 204
GS752TXS and GS728TXS Smart Switches Certificate Download For the Web server on the switch to accept HTTPS connections from a management station, the Web server needs a public key certificate. You can generate a certificate externally (for example, off-line) and download it to the switch. Before you - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 205
GS752TXS and GS728TXS Smart Switches You can enter up to 32 characters. 7. Select the Start File Transfer check box. 8. Click Apply to start the transfer. 9. A status message displays during the transfer and upon successful completion of the transfer. 205 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 206
GS728TXS Smart Switches action to be performed when the rules selected are matched. • Service Type. The policy is restricted by the management chosen from Drop ". • Source IP Address. This is the Source IP Address of the client originating the management traffic. Fill in the "Source IP address" in the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 207
GS752TXS and GS728TXS Smart Switches IP 10.10.10.10 is configured with priority 1 to permit, and Source IP 10.10.10.10 is configured matched. Use the drop-down box and select "Permit" or "Deny" access. • Service Type. Select from the drop-down box. The policy is restricted by the management chosen - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 208
and GS728TXS Smart Switches Port in this mode are under bidirectional control. This is the default authentication mode. The 802.1X network has three components: • indicates whether the user is authorized to access system services. The Port Authentication links described in the following sections - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 209
GS752TXS and GS728TXS Smart Switches 2. Specify the Port Based Authentication State mode on the switch. The default setting is Disable. • Enable. Port-based authentication is permitted on the switch. Note: If 802.1X is enabled, authentication is performed by a RADIUS server. This means the primary - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 210
GS728TXS Smart Switches the interface into unauthorized state. The switch cannot provide authentication services to the client through the interface. configure the Guest VLAN ID on the interface. The valid range is 0-4093.The default value is 0. Enter 0 to reset the Guest VLAN ID on the interface. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 211
GS752TXS and GS728TXS Smart Switches used by the Guest VLAN Authentication. The Guest VLAN timeout must be a value in the range of 1-300. The default value is 90. • Unathenticated VLAN ID. This input field allows the user to enter the Unauthenticated VLAN Id for the selected port. The valid range - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 212
GS752TXS and GS728TXS Smart Switches This button is only selectable if the control mode is auto. If the button is not selectable, it will be grayed out. When this button - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 213
GS752TXS and GS728TXS Smart Switches Port Summary To access the port Summary screen: Select Security Port Authentication Advanced Port Summary. The Port Summary screen for the 802.1X feature displays. Figure 7. IEEE 802.1X port summary information 213 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 214
GS752TXS and GS728TXS Smart Switches The following table describes the fields on the Port Summary screen. selected interface system access by moving the interface into unauthorized state. The switch cannot provide authentication services to the client through the interface. • MAC Based. Selects MAC - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 215
GS752TXS and GS728TXS Smart Switches Traffic Control From the Traffic Control menu, you can configure MAC Filters, Storm Control, Port Security, and Protected Port settings. The Traffic Control folder contains - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 216
GS752TXS and GS728TXS Smart Switches 3. From the VLAN ID menu, select the VLAN to use with the MAC address to fully identify packets you want filtered. You can change this - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 217
GS752TXS and GS728TXS Smart Switches MAC Filter Summary Use the MAC Filter Summary screen to view the MAC filters that are configured on the system. To display the MAC filter - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 218
and GS728TXS Smart Switches Storm Control A broadcast storm is the result of an excessive number of broadcast messages simultaneously transmitted across a network by a single port. Forwarded message responses can overload network resources and/or cause the network to time out. The switch measures - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 219
GS752TXS and GS728TXS Smart Switches 5. Select Control Action mode to either Shutdown or RateLimit. The default mode is RateLimit. The the appropriate radio button to enable or disable port security on the switch. 3. Click Apply. The Port Security Violation table shows information about violations - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 220
GS752TXS and GS728TXS Smart Switches Port Security Interface Configuration A MAC address can be defined as allowable by one of two methods: dynamically or statically. Both methods are used concurrently when a - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 221
GS752TXS and GS728TXS Smart Switches 6. Specify the following settings: • Port Security. Enable or Disable the port security feature for the selected port. • Max Allowed Dynamically Learned MAC. Sets the maximum - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 222
GS752TXS and GS728TXS Smart Switches The Dynamic MAC Address Table shows the MAC addresses and is configured as protected, it does not forward traffic to any other protected port on the switch, but it will forward traffic to unprotected ports. Use the Protected Ports Membership screen to configure - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 223
and above all provide security for the network. GS752TXS and GS728TXS Smart Switches software supports IPv4 and MAC ACLs. To configure an ACL, first create Table • Advanced • IP ACL • IP Rules • IP Extended Rules • IPv6 ACL • IPv6 Rules • IP Binding Configuration • IP Binding Table • VLAN Binding - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 224
GS752TXS and GS728TXS Smart Switches ACL Wizard ACL Wizard helps you to create a simple ACL the ACL, but does not allow you to modify it. For information about how to modify it, see the instructions on the to the ACL configuration screen. To display the ACL wizard screen: 1. Select Security ACL - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 225
GS752TXS and GS728TXS Smart Switches • ACL Based on Destination IPv6 L4 Port. Use this to create an ACL based on the destination IPv6 layer4 port number. • ACL Based on Source - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 226
GS752TXS and GS728TXS Smart Switches MAC ACL A MAC ACL consists of a set of rules which are Security Basic > MAC ACL. The MAC ACL table displays the number of ACLs currently configured in the switch and the maximum number of ACLs that can be configured. The current size is equal to the number of - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 227
and GS728TXS Smart Switches specify whether traffic matching the criteria is forwarded normally or discarded. A default 'deny all' rule is the last rule of every list. Note: screen are not available. • CoS. Requires a packet's class of service (CoS) to match the CoS value listed here. Enter a CoS - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 228
GS752TXS and GS728TXS Smart Switches • Destination MAC Mask. If desired, enter the MAC Mask A trap is not issued if the ACL rule hit count is zero for the current interval. This field is only supported for a 'Deny' Action. 5. Click Add. To change the match criteria for a rule: 1. Select the check - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 229
GS752TXS and GS728TXS Smart Switches MAC Binding Configuration When an ACL is bound to an interface, all the rules that have been defined are applied to the selected interface. Use - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 230
GS752TXS and GS728TXS Smart Switches The Interface Binding Status section on the MAC Binding Configuration screen displays the following information: • Interface. Displays selected interface. • Direction. Displays selected packet filtering direction - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 231
GS752TXS and GS728TXS Smart Switches IP ACL IP ACLs allow network managers to define classification actions and rules for specific ingress ports. Packets can be filtered on ingress (inbound) ports only. If the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 232
GS752TXS and GS728TXS Smart Switches IP Rules Use the IP Rules screen to define rules for IP-based standard ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded. Note: There is an - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 233
GS752TXS and GS728TXS Smart Switches - Permit. Forwards packets which meet the ACL criteria. - Deny decimal notation. The address you enter is compared to a packet's source IP Address. • Src IP Mask. Specifies the source IP address wildcard mask. Wild card masks determine which bits are used and - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 234
GS752TXS and GS728TXS Smart Switches Note: There is an implicit "deny all" rule at applies and the packet is dropped. To add rules to an IP ACL: 1. Select Security ACL > Advanced IP Extended Rules. In the following figure, an extended IP ACL exists, and one rule has been configured. 2. In the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 235
GS752TXS and GS728TXS Smart Switches 5. Select or specify values for one or more of the following decimal notation. The address you enter is compared to a packet's source IP Address. • Src IP Mask. Specifies the source IP address wildcard mask. Wild card masks determines which bits are used and which - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 236
and GS728TXS Smart Switches - Destination L4 Port Number. If the destination L4 keyword is Other, enter a user-defined Port ID by which packets are matched to the rule. • Service Type. Select one of the Service Type match conditions for the extended IP ACL rule. The possible values are IP DSCP, IP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 237
GS752TXS and GS728TXS Smart Switches which an IP ACL applies must be specified, as well as Lists. The IPv6 Access Control Lists are created using the IPv6 Access Control List Configuration screen. By default, no specific value is in effect for any of the IPv6 ACL rules. To add a rule to - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 238
GS752TXS and GS728TXS Smart Switches 2. In the ACL Name list, select the name of the ACL to add a rule to. 3. Click Add. The screen displays the IPv6 ACL Rule Configuration - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 239
GS752TXS and GS728TXS Smart Switches • Match Every. Select true or false from the pull , used by end stations to signify quality-of-service handling in routers. Flow label can be specified within the range (0 to 1048575). • IPv6 DSCP Service. Specify the IP DiffServ Code Point (DSCP) field. The DSCP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 240
GS752TXS and GS728TXS Smart Switches To delete an IPv6 rule: 1. On the IPv6 Rules screen in the ACL Name list, select the name of the ACL that includes the rule to remove. 2. In the IPv6 Rule Table, select the check box of the rule to delete. 3. Click Delete. 240 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 241
GS752TXS and GS728TXS Smart Switches IP Binding Configuration When an ACL is bound to an interface, all the rules that have been defined are applied to the selected interface. Use the IP Binding Configuration screen to assign ACL lists to ACL Priorities and Interfaces. To add IP ACL interface - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 242
GS752TXS and GS728TXS Smart Switches IP Binding Table Use the IP Binding Table screen to view or delete the IP ACL bindings. To delete an IP ACL binding: 1. Select Security ACL > Advanced Binding Table. 2. Select the check box associated with the ACL-to-interface binding to remove. 3. Click - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 243
GS752TXS and GS728TXS Smart Switches VLAN Binding Table Use the VLAN binding table screen to associate an ACL with a be used. Valid range is (1 to 4294967295). 5. From the ACL Type list, select the type of ACL: • IP ACL • MAC ACL • IPv6 ACL 6. From the ACL ID list, select the ID of the ACL to bind - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 244
GS752TXS and GS728TXS Smart Switches 244 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 245
the System 8 Use the features available from the Monitoring tab to view a variety of information about the switch and its ports and to configure how the switch monitors events. The Monitoring tab contains configuration menus described in the following sections. • Ports • Logs • Mirroring Ports - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 246
GS752TXS and GS728TXS Smart Switches Figure 9. Switch Statistics screen The following table describes the switch statistics displayed on the screen. Table 36. Switch statistics Field Description ifIndex This object indicates the ifIndex of the interface table entry associated with the processor - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 247
GS752TXS and GS728TXS Smart Switches Table 36. Switch statistics (Continued) Field Description Receive Packets • Click Clear to clear all the statistics counters, resetting all switch summary and detailed statistics to default values. The discarded packets count cannot be cleared. • Click Refresh - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 248
GS752TXS and GS728TXS Smart Switches Port Statistics The Port Statistics screen displays a summary of per-port traffic statistics on the switch. To : • 1 (or the unit ID of the switch). Only physical interfaces are displayed. This is the default setting. • LAGS. Only link aggregation groups are - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 249
GS752TXS and GS728TXS Smart Switches Table 37. Port statistics (Continued) Field Description since the statistics for this port were last cleared. To reset the counters for all interfaces on the switch: 1. Select the check box in the heading of the table. 2. Click Clear. To reset the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 250
GS752TXS and GS728TXS Smart Switches Port Detailed Statistics The Port Detailed Statistics screen displays a variety of per-port traffic statistics. To access the port detailed screen: 1. Select Monitoring Ports > Port - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 251
GS752TXS and GS728TXS Smart Switches The following table describes the detailed port information displayed the port control administration state: • Enable. The port can participate in the network (default). • Disable. The port is administratively down and does not participate in the network. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 252
GS752TXS and GS728TXS Smart Switches Table 38. Detailed interface statistics (Continued) Field Description LACP Mode Selects the Link Aggregation Control Protocol administration state: • Enable. Specifies that the port is allowed to participate in a port channel (LAG), which is the default mode - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 253
GS752TXS and GS728TXS Smart Switches Table 38. Detailed interface statistics (Continued) Field Description Octets Received The total number of octets of data (including those in bad packets) received on the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 254
GS752TXS and GS728TXS Smart Switches Table 38. Detailed interface statistics (Continued) Field Description Jabbers Received The total number of packets received that were longer than 1518 octets (excluding framing bits, - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 255
GS752TXS and GS728TXS Smart Switches Table 38. Detailed interface statistics (Continued) Field Description The maximum ethernet frame size the interface supports or is configured, including ethernet header, CRC, and payload. (1518 to 9216). The default maximum frame size is 1518. Total Packets - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 256
GS752TXS and GS728TXS Smart Switches Table 38. Detailed interface statistics (Continued) Field Description Dropped Transmit the counters. This resets all statistics for this port to the default values. • Click Refresh to refresh the data on the screen and display the most current statistics. 256 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 257
GS752TXS and GS728TXS Smart Switches EAP Statistics Use the EAP Statistics screen to display information about the table heading: • 1 (or the unit ID of the switch). Only physical interfaces are displayed. This is the default setting. • All. Both physical interfaces and link aggregation groups are - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 258
GS752TXS and GS728TXS Smart Switches Table 39. EAP statistics (Continued) Field Description the EAP counters for all ports on the switch, select the check box in the row heading and click Clear. The button resets all statistics for all ports to default values. • To clear the counters for - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 259
GS752TXS and GS728TXS Smart Switches • All. Both physical interfaces and link aggregation groups are displayed the cable status is always 'Normal'. The command returns a cable length estimate if this feature is supported by the PHY for the current link speed. Note that if the link is down and a - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 260
GS752TXS and GS728TXS Smart Switches Logs The switch can generate messages in response to events, administrative status and behavior of logs in the system buffer. These log messages are cleared when the switch reboots. To configure the memory log settings: 1. Select Monitoring Logs > Memory Log - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 261
GS752TXS and GS728TXS Smart Switches 3. From the Behavior menu, specify the behavior of the log when it Server Log on page 263. The message was generated on March 24 at 5:34:05 a.m by the switch with an IP address of 10.131.12.183. The component that generated the message is unknown, but it came - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 262
GS728TXS Smart Switches FLASH Log The FLASH log is a log that is stored in persistent storage, which means that the log messages are retained across a switch the logged messages include Error, Critical, Alert, and Emergency. The default severity level is Alert (1). The severity can be one of the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 263
and GS728TXS Smart Switches • Notice (5). Normal but significant conditions. Provides the network administrators with device information. • Informational (6). Provides device information. • Debug (7). Provides detailed information about the log. Debugging should only be entered by qualified support - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 264
GS728TXS Smart Switches IP Address Type of Host. It can be one of the following: - IPv4 - IPv6 - DNS • Host Address. Specify the hostname of the host configured for syslog. • Port. Specify the port on the host to which syslog messages are sent. The default entered by qualified support personnel. 2. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 265
GS752TXS and GS728TXS Smart Switches To delete an existing host: 1. Select the check box next to the Trap Logs Use the Trap Logs screen to view information about the SNMP traps generated on the switch. To view trap log information: Select Monitoring Logs > Trap Logs. The Trap Logs screen displays - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 266
GS752TXS and GS728TXS Smart Switches The following table describes the Trap Log information displayed on the screen. Table 41. Trap log statistics Field Description Number of Traps Since The number of traps that have occurred since the switch last reboot. Last Reset Trap Log Capacity The - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 267
GS752TXS and GS728TXS Smart Switches Event Logs Use the Event Log screen to display the event log, which is used to hold error messages for catastrophic events. After the event is logged and the updated log is saved in flash memory, the switch will be reset. The log can hold at least 2,000 entries - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 268
GS752TXS and GS728TXS Smart Switches Mirroring The Port Mirroring screen allows you to view and configure port mirroring on the system. Port mirroring selects the network traffic for analysis by a network analyzer. This is done for specific ports of the switch. As such, many switch ports are - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 269
GS752TXS and GS728TXS Smart Switches 3. Select the mode for port mirroring on the selected port from Direction list, specify the direction of the Traffic to be mirrored from the configured mirrored port(s). The default value is Tx and Rx. • Tx and Rx. Enable both transmitting and receiving on the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 270
GS752TXS and GS728TXS Smart Switches 270 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 271
Management Reset The Reset menu contains links described in the following sections. • Device Reboot • Factory Default Device Reboot Use the Device Reboot screen to reboot the switch. To reboot the switch: 1. Select Maintenance Reset Device Reboot. 2. Select the Unit ID of the stack member to - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 272
GS752TXS and GS728TXS Smart Switches The management interface is not available until the switch completes the boot cycle. After the switch resets, the login screen displays. Factory Default Use the Factory Default screen to reset the system configuration to the factory default values. Note: If you - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 273
GS728TXS Smart Switches TFTP File Upload Use the TFTP File Upload screen to upload configuration (ASCII), log (ASCII), and image (binary) files from the switch to a TFTP server on the network. To upload a file from the switch log. The factory default is Archive. 3. IP address in dotted-decimal - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 274
GS752TXS and GS728TXS Smart Switches 8. Select the Start File Transfer check box to initiate the the device name, serial number, IP address), and download it to that device. 3. If you are uploading an GS752TXS/GS728TXS image (Archive), select the image on the switch to upload to the management system - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 275
GS752TXS and GS728TXS Smart Switches Download The switch supports system file downloads from a remote system to the switch by using either TFTP or HTTP. The Download menu contains links described in the following sections. • TFTP File Download • HTTP File Download TFTP File Download - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 276
GS752TXS and GS728TXS Smart Switches • Text Configuration. A text-based configuration file enables you to edit a configured text file (startup-config) offline as needed without having to translate the contents for the switch to understand. The most common usage of text-based configuration is to - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 277
GS728TXS Smart Switches The last row of the table displays information about the progress of the file transfer. The screen refreshes automatically until the file transfer completes or fails. To activate a software image that you download to the switch name, serial number, IP address), and download it - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 278
GS752TXS and GS728TXS Smart Switches Note: It is recommended that you do not overwrite the image. The active image is loaded during subsequent switch restarts. This feature reduces switch down time when upgrading or downgrading the GS752TXS/GS728TXS software. The File Management menu contains links - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 279
GS752TXS and GS728TXS Smart Switches 3. Select image1 or image2 as the destination image. 4. Click Apply > Dual Image Configuration. 2. Select the unit number of the stack member to configure and individual switch or select All to configure all units in the stack with the same dual image settings. 3. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 280
GS752TXS and GS728TXS Smart Switches Dual Image Status The Dual Image Status screen shows the following: • Image1 Ver. The version of the image1 code file. • Image2 Ver. The version of - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 281
NETGEAR Smart switches in your network and connect them to your network. For information about device discovery and network connectivity, see Chapter 1, Getting Started. In addition to device discovery, the Smart modify network information for the switch, including the IP address, DHCP client mode, - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 282
GS752TXS and GS728TXS Smart Switches • Change Password. Allows you to set a new password for the device. For more information about this feature, see Change the Switch Password on page 284. 282 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 283
GS728TXS Smart Switches Configure the Device Use the Configure Device button to define basic switch configuration information. To modify switch information: 1. Select the switch. 2. Click Configure Device. Additional fields appear on the screen. 3. To assign or update a static IP address, default - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 284
GS752TXS and GS728TXS Smart Switches Change the Switch Password Use the Change Password button to change the administrative password you use to log in to the switch management interface. To change the switch password: 1. Select the switch. 2. Click Change Password. Additional fields appear on the - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 285
GS752TXS and GS728TXS Smart Switches Manage the Switch Configuration and Firmware The Maintenance tab includes links to perform the following tasks: • Upload and download the configuration. Upload the configuration file from the switch to an administrative system or other network location or - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 286
GS752TXS and GS728TXS Smart Switches 4. Click OK. 5. Enter the switch password and click Apply. The file is uploaded to the and enter a date and time to complete the download. 6. Enter the switch password in the Current Password field. 7. Click Apply. Note: Click the Tasks tab to view status - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 287
software for the GS752TXS and GS728TXS Smart Switches is upgradeable, enabling your switch to take advantage of improvements and additional features as they become available. Before you begin, download the firmware file from the NETGEAR Support web site for your switch to a TFTP server on your - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 288
GS728TXS Smart Switches 6. Download the firmware to primary or secondary storage. • Download the firmware as to primary storage. By default, the firmware is downloaded to primary storage and will be become the active image after the download completes and the switch reboots. • Download the firmware - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 289
GS752TXS and GS728TXS Smart Switches View and Manage Tasks From the Tasks tab, you can view information about configuration downloads and firmware upgrades that have already occurred, are in progress, or are scheduled to take place at a later time. You can also delete or reschedule selected tasks. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 290
GS752TXS and GS728TXS Smart Switches 290 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 291
the packet's path to a remote destination. The Troubleshooting configuration menu has the links that are described in the following sections: • Ping • Ping IPv6 • TraceRoute Ping Use the Ping screen to tell the switch to send a Ping request to a specified IP address. You can use this feature to - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 292
GS752TXS and GS728TXS Smart Switches 2. In the IP Address/Host Name field, specify the IP address or the host name of the station you want the switch to ping. The initial value is blank. This information is not retained across a power cycle. 3. Configure the following settings: • In the Count field, - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 293
GS752TXS and GS728TXS Smart Switches Ping IPv6 Use the Ping IPv6 screen to send a Ping request to a specified host name or IPv6 address. You can use this to check whether the switch can communicate with a particular IPv6 station. When you click the Apply button, the switch will send three pings and - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 294
and GS728TXS Smart Switches TraceRoute Use the traceroute utility to discover the paths that a packet takes to a remote destination. To trace a route to an IPv4 address or host: 1. Select Maintenance Troubleshooting TraceRoute. 2. In the Hostname/IP Address field, specify the IP address - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 295
GS752TXS and GS728TXS Smart Switches Troubleshooting Chart The following table lists symptoms, causes, and solutions of possible problems. Table 44. Troubleshooting chart Symptom Power LED is off. Cause No power is received. Link/ACT LED is off when a cable connects the port to a valid device. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 296
GS752TXS and GS728TXS Smart Switches 296 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 297
Local Area Networks (VLANs) • Access Control Lists (ACLs) • Differentiated Services (DiffServ) • 802.1X • MSTP • VLAN Routing with a Static LAN) can generally be defined as a broadcast domain. Hubs, bridges, or switches in the same physical segment or segments connect all end node devices. End - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 298
GS752TXS and GS728TXS Smart Switches • They are easy to manage. The addition of nodes, as well as on page 106. • When a tagged packet enters a port, the tag for that packet is unaffected by the default VLAN ID setting. The packet proceeds to the VLAN specified by its VLAN ID tag number. • If the port - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 299
GS752TXS and GS728TXS Smart Switches • For the VLAN with VLAN ID 10, specify the following members: port 1 set up, the following situations produce results as described: • If an untagged packet enters port 1, the switch tags it with VLAN ID 10. The packet has access to port 2 and port 3. The outgoing - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 300
to a particular port. A default deny all rule is the last rule of every list. 2. Apply the access list to an interface in the inbound direction. The GS752TXS and GS728TXS Smart Switches allows ACLs to be bound to physical ports and LAGs.The switch software supports MAC ACLs and IP ACLs. MAC ACL - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 301
GS752TXS and GS728TXS Smart Switches You can assign an optional sequence number to indicate the order of this access list relative to other access lists if any are already assigned - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 302
GS752TXS and GS728TXS Smart Switches • Source IP Mask. 255.255.255.0 For additional information about IP ACL rules, see IP Rules on page 232. 3. Click Add. 4. From the IP Rules screen, create a second rule for IP ACL 1 with the following settings: • Rule ID. 2 • Action. Permit • Match Every. True 5. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 303
GS728TXS Smart Switches supports DiffServ. The DiffServ feature contains a number of conceptual QoS building blocks you can use to construct a differentiated service • Class of Service (802.1p priority) value (first/only VLAN tag) • VLAN ID range (first/only VLAN tag) • IP Service Type octet (also - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 304
GS752TXS and GS728TXS Smart Switches DiffServ Traffic Classes With DiffServ, you define which traffic classes to track on an ingress interface. You can define simple BA classifiers (DSCP) and a wide variety of multifield (MF) classifiers: • Layer 2; Layers 3, 4 (IP only) • Protocol-based • Address- - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 305
GS728TXS Smart Switches convey some QoS characteristics to downstream switches which do not routinely look at the DSCP value in the IP excess of the conformance specification or are non-conformant. The DiffServ feature supports the following types of traffic policing treatments (actions): - Drop. - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 306
and GS728TXS Smart Switches • Source Mask. 255.255.255.0 • Source L4 Port. Other, and enter 4567 as the source port value • Destination IP Address. about this screen, see Policy Configuration on page 184. 9. From the Service Configuration screen, select the check box next to interfaces g7 and g8 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 307
the authenticator and the authentication server. The GS752TXS and GS728TXS Smart Switches supports a guest VLAN, which allows unauthenticated users to preventing unauthorized access by supplicants to the services offered by a system. Control over the access to a switch and the LAN to which it is - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 308
Supplicant on behalf of the Authenticator. All three roles are required in order to complete an authentication exchange. The GS752TXS and GS728TXS Smart Switches supports the Authenticator role only, in which the PAE is responsible for communicating with the Supplicant. The Authenticator PAE is also - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 309
and GS728TXS Smart Switches 3. default List to use RADIUS as the first authentication method (See Authentication List Configuration on page 198). This example enables 802.1X-based port security on the GS752TXS/GS728TXS switch 1s bridge inherently also supports IEEE 802.1w and IEEE 802.1D. 309 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 310
GS752TXS and GS728TXS Smart Switches The MSTP algorithm and protocol provides simple and full while discarding for instance 2. The port states have changed since IEEE 802.1D specification. To support multiple spanning trees, a MSTP bridge has to be configured with an unambiguous assignment of VLAN - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 311
GS752TXS and GS728TXS Smart Switches The combination of VID to FID and then FID to MSTI allocation shows how to create an MSTP instance from the GS752TXS/GS728TXS switch. The example network has three different GS752TXS/GS728TXS switches that serve different locations in the network. In this example - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 312
and GS728TXS Smart Switches Use the default values for the rest of the STP configuration settings. By default, the STP Operation Mode is MSTP and the Configuration Name is the switch MAC address. 4. From the CST Configuration screen, set the Bridge Priority value for each of the three switches to - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 313
GS752TXS and GS728TXS Smart Switches hosts connected from Switch 2 use VLAN 500, MST instance 2 to communicate with the hosts on Switch 3 directly. Likewise, hosts of Switch 1 use VLAN 300, MST instance 1 to communicate with the hosts on Switch 3 directly. The hosts use different instances of MSTP - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 314
GS752TXS and GS728TXS Smart Switches Sample VLAN Routing Configuration Complete these steps to configure a switch to perform interVLAN routing. 1. Use the VLAN Configuration screen to enable routing on the switch (see Basic VLAN Configuration on page 103). 2. Determine the IP addresses you want to - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 315
Default Values D GS752TXS and GS728TXS Smart Switches Specifications The GS752TXS and GS728TXS Smart Switches conform to the TCP/IP, UDP, HTTP, ICMP, TFTP, DHCP, IEEE 802.1D, IEEE 802.1p, and IEEE 802.1Q standards. Table 45. Switch switching ports 4-10 Gbps SFP+ slots (port 25~28) to support 10 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 316
GS752TXS and GS728TXS Smart Switches GS752TXS/GS728TXS Switch Features and Defaults The tables in this section provide information about the switch features and default values. Table 46. Port characteristics Feature Sets Supported Default Auto negotiation/static speed/duplex All ports Auto - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 317
and GS728TXS Smart Switches Table 48. Quality of service Feature Number of queues Port based 802.1p DSCP Rate limiting Auto-QoS Sets Supported 7 N/A 1 1 All ports All ports Default N/A N/A Enabled Disabled Disabled Disabled Table 49. Security Feature 802.1X MAC ACL IP ACL IPv6 ACL Password - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 318
GS752TXS and GS728TXS Smart Switches Table 50. System setup and maintenance Feature Boot code update DHCP/manual IP Default gateway System name configuration Configuration save/restore Firmware upgrade Restore defaults Dual image support Factory reset Sets Supported 1 1 1 1 1 1 1 (Web and front - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 319
GS752TXS and GS728TXS Smart Switches Table 52. Other features Feature IGMP snooping v1/v2/ static entries MLD Snooping Protocol and MAC-based VLAN Sets Supported All ports 1 All ports All ports 8 1 32 15 1024 8K 1024 N/A N/A Default Disabled N/A Disabled Disabled Disabled Disabled N/A N/A N/A N/A - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 320
GS752TXS and GS728TXS Smart Switches 320 - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 321
NETGEAR Wired Products E Certificate of the Manufacturer/Importer It is hereby certified that the ProSafe™ GS752TXS Smart Switch the notes in the operating instructions. The Federal Office for tigt, daß das ProSafe™ GS752TXS Smart Switch gemäß der im BMPT This product's firmware limits operation to - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 322
GS752TXS and GS728TXS Smart Switches Europe - EU Declaration of Conformity Marking by the požadavky a dalšími príslušnými ustanoveními smernice 1999/5/ES. Dansk [Danish] Undertegnede NETGEAR Inc. erklærer herved, at følgende udstyr Radiolan overholder de væsentlige krav og øvrige relevante - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 323
FCC Information to User This product does not contain any user serviceable components and is to be used with approved antennas only. We, NETGEAR, Inc., 350 East Plumeria Drive, Santa Clara, CA 95134, declare under our sole responsibility that the ProSafe™ GS752TXS Smart Switch complies with - Netgear GS728TXS | GS728TXS/GS752TXS Software Administration Manual - Page 324
made to the product, unless expressly approved by NETGEAR, Inc., could void the user's right to operate the equipment. Canadian Department of Communications Radio Interference Regulations This digital apparatus, (ProSafe™ GS752TXS Smart Switch), does not exceed the Class B limits for radio
350 East Plumeria Drive
San Jose, CA 95134
USA
March 2013
202-11255-02
v2.0
GS752TXS and GS728TXS
Smart Switches
Software Administration Manual