Home » Netgear Manuals » Hubs & Switches » Netgear GS748Tv4 » Manual Viewer

Netgear GS748Tv4 GS748Tv4 Software Administration Manual - Page 48

DNS, Denial of Service Mx ICMP Pkt Size - gs748t 48 port

Add to My Manuals
Save this manual to your list of manuals

Page 48 highlights

GS748T Smart Switch Software Administration Manual • Denial of Service TCP Fragment: TCP Header size is smaller than the configured value. Enable or disable this option by selecting the corresponding line on the radio button. Enabling TCP Fragment DoS prevention causes the switch to drop packets that have a TCP header smaller than the configured Min TCP Hdr Size. The factory default is disabled. • Denial of Service TCP Flag: Enable or disable this option by selecting the corresponding line on the radio button. Enabling TCP Flag DoS prevention causes the switch to drop packets that have TCP flag SYN set and TCP source port less than 1024 or TCP control flags set to 0 and TCP sequence number set to 0 or TCP flags FIN, URG, and PSH set and TCP sequence number set to 0 or both TCP flags SYN and FIN set. The factory default is disabled. • Denial of Service L4 Port: Enable or disable this option by selecting the corresponding line on the radio button. Enabling L4 Port DoS prevention causes the switch to drop packets that have TCP/UDP source port equal to TCP/UDP destination port. The factory default is disabled. • Denial of Service ICMP: Enable or disable this option by selecting the corresponding line on the radio button. Enabling ICMP DoS prevention causes the switch to drop ICMP packets that have a type set to ECHO_REQ (ping) and a size greater than the configured ICMP Pkt Size. The factory default is disabled. • Denial of Service Mx ICMP Pkt Size: If ICMP DoS prevention is enabled and if the ICMP echo request is carried in an unfragmented IPv4/IPv6 datagram and if the total length (in the IP header)indicates a value greater than MAX ICMP Size configured + IP header length, then the specified packet is dropped. The factory default is 512. 2. If you change any of the DoS settings, click Apply to apply the changes to the switch. 3. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. DNS You can use these pages to configure information about DNS servers the network uses and how the switch operates as a DNS client. DNS Configuration Use this page to configure global DNS settings and DNS server information. To access this page, click System > Management > DNS > DNS Configuration. 48 | Chapter 2: Configuring System Information

Section	Page
GS748T Smart Switch	1
Table of Contents	3
1. Getting Started	9
Getting Started with the GS748T Smart Switch	10
Switch Management Interface	11
Connecting the Switch to the Network	12
Switch Discovery in a Network with a DHCP Server	13
Switch Discovery in a Network without a DHCP Server	15
Configuring the Network Settings on the Administrative System	16
Web Access	18
Smart Control Center Utilities	19
Network Utilities	19
Configuration Upload and Download	20
Firmware Upgrade	22
Viewing and Managing Tasks	24
Understanding the User Interfaces	25
Using the Web Interface	25
Using SNMP	30
Interface Naming Convention	31
2. Configuring System Information	33
Management	34
System Information	34
IP Configuration	35
IPv6 Network Configuration	37
IPv6 Network Neighbor	39
Time	40
Denial of Service	45
DNS	48
Green Ethernet Configuration	51
SNMP	52
SNMPV1/V2	52
Trap Flags	55
SNMP v3 User Configuration	56
LLDP	58
LLDP Configuration	58
LLDP Port Settings	59
LLDP-MED Network Policy	61
LLDP-MED Port Settings	62
Local Information	64
Neighbors Information	66
Services — DHCP Filtering	71
DHCP Filtering Configuration	71
Interface Configuration	72
3. Configuring Switching Information	75
Ports	76
Port Configuration	76
Flow Control	77
Link Aggregation Groups	79
LAG Configuration	79
LAG Membership	81
LACP Configuration	82
LACP Port Configuration	83
VLANs	84
VLAN Configuration	84
VLAN Membership Configuration	85
Port VLAN ID Configuration	87
Voice VLAN	89
Voice VLAN Properties	89
Voice VLAN Port Setting	90
Voice VLAN OUI	91
Auto-VoIP Configuration	93
Spanning Tree Protocol	94
STP Switch Configuration	94
CST Configuration	96
CST Port Configuration	98
CST Port Status	99
Rapid STP	101
MST Configuration	101
MST Port Configuration	103
STP Statistics	105
Multicast	107
Auto-Video Configuration	107
IGMP Snooping	107
IGMP Snooping Querier	116
Forwarding Database	120
MAC Address Table	120
Dynamic Address Configuration	122
Static MAC Address	123
4. Configuring Quality of Service	125
Class of Service	126
Basic CoS Configuration	126
CoS Interface Configuration	127
Interface Queue Configuration	129
802.1p to Queue Mapping	130
DSCP to Queue Mapping	131
Differentiated Services	133
Defining DiffServ	133
Diffserv Configuration	134
Class Configuration	135
Policy Configuration	138
Service Configuration	143
Service Statistics	144
5. Managing Device Security	147
Management Security Settings	148
Change Password	148
RADIUS Configuration	149
Configuring TACACS+	154
Authentication List Configuration	157
Configuring Management Access	159
HTTP Configuration	159
Secure HTTP Configuration	160
Certificate Download	161
Access Profile Configuration	163
Access Rule Configuration	164
Port Authentication	166
802.1X Configuration	166
Port Authentication	168
Port Summary	172
Traffic Control	173
MAC Filter Configuration	173
MAC Filter Summary	175
Storm Control	175
Port Security Configuration	177
Port Security Interface Configuration	178
Security MAC Address	179
Protected Ports Membership	180
Configuring Access Control Lists	181
ACL Wizard	181
MAC ACL	182
MAC Rules	183
MAC Binding Configuration	185
MAC Binding Table	186
IP ACL	187
IP Rules	189
IP Extended Rules	190
IP Binding Configuration	194
IP Binding Table	195
6. Monitoring the System	197
Ports	198
Switch Statistics	198
Port Statistics	200
Port Detailed Statistics	201
EAP Statistics	208
Cable Test	209
System Logs	211
Memory Logs	211
FLASH Log Configuration	213
Server Log Configuration	214
Trap Logs	216
Event Logs	218
Port Mirroring	219
Multiple Port Mirroring	219
7. Maintenance	221
Reset	222
Device Reboot	222
Factory Default	222
Upload File From Switch	224
TFTP File Upload	224
HTTP File Upload	225
Download File To Switch	227
TFTP File Download	227
HTTP File Download	229
File Management	231
Dual Image Configuration	231
Dual Image Status	232
Troubleshooting	234
Ping	234
Ping IPv6	235
Traceroute	236
8. Help	239
Online Help	239
Support	239
User Guide	240
A. Hardware Specifications and Default Values	242
GS748T Smart Switch Specifications	242
GS748T Switch Features and Defaults	243
B. Configuration Examples	247
Virtual Local Area Networks (VLANs)	248
VLAN Example Configuration	249
Access Control Lists (ACLs)	250
MAC ACL Example Configuration	250
Standard IP ACL Example Configuration	252
Differentiated Services (DiffServ)	253
Class	253
DiffServ Traffic Classes	254
Creating Policies	254
DiffServ Example Configuration	255
802.1X	258
802.1X Example Configuration	259
MSTP	261
MSTP Example Configuration	262
C. Notification of Compliance	266

Match case Limit results 1 per page

Chapter 2:

Configuring System Information

GS748T Smart Switch Software Administration Manual

•

Denial of Service TCP Fragment

: TCP Header size is smaller than the configured

value. Enable or disable this option by selecting the corresponding line on the radio

button. Enabling TCP Fragment DoS prevention causes the switch to drop packets

that have a TCP header smaller than the configured Min TCP Hdr Size. The factory

default is disabled.

•

Denial of Service TCP Flag

: Enable or disable this option by selecting the

corresponding line on the radio button. Enabling TCP Flag DoS prevention causes

the switch to drop packets that have TCP flag SYN set and TCP source port less than

1024 or TCP control flags set to 0 and TCP sequence number set to 0 or TCP flags

FIN, URG, and PSH set and TCP sequence number set to 0 or both TCP flags SYN

and FIN set. The factory default is disabled.

•

Denial of Service L4 Port

: Enable or disable this option by selecting the

corresponding line on the radio button. Enabling L4 Port DoS prevention causes the

switch to drop packets that have TCP/UDP source port equal to TCP/UDP destination

port. The factory default is disabled.

•

Denial of Service ICMP

: Enable or disable this option by selecting the corresponding

line on the radio button. Enabling ICMP DoS prevention causes the switch to drop

ICMP packets that have a type set to ECHO_REQ (ping) and a size greater than the

configured ICMP Pkt Size. The factory default is disabled.

•

Denial of Service Mx ICMP Pkt Size

: If ICMP DoS prevention is enabled and if the

ICMP echo request is carried in an unfragmented IPv4/IPv6 datagram and if the total

length (in the IP header)indicates a value greater than MAX ICMP Size configured +

IP header length, then the specified packet is dropped. The factory default is 512.

If you change any of the DoS settings, click

Apply

to apply the changes to the switch.

Click

Cancel

to cancel the configuration on the screen and reset the data on the screen to

the latest value of the switch.

DNS

You can use these pages to configure information about DNS servers the network uses and

how the switch operates as a DNS client.

DNS Configuration

Use this page to configure global DNS settings and DNS server information.

To access this page, click

System

Management

DNS

DNS Configuration