Netgear GSM7212P GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual
Netgear GSM7212P Manual
View all Netgear GSM7212P manuals
Add to My Manuals
Save this manual to your list of manuals |
Netgear GSM7212P manual content summary:
- Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 1
ProSafe Managed Switch Software Administration Manual 9.0.2 for GSM5212P GSM7212F GSM7212P GSM7224P 350 East Plumeria Drive San Jose, CA 95134 USA October 2011 202-10515-06 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 2
ProSafe Managed Switch ©2011 NETGEAR, Inc. All rights reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of NETGEAR, Inc. Technical Support Thank - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 3
VLANs: Create an IP Subnet-Based VLAN 21 Voice VLANs 24 Chapter 3 LAGs Create Two LAGs 35 Add Ports to LAGs 36 Enable Both LAGs 38 Chapter 4 Port Routing Port Routing Configuration 40 Enable Routing for the Switch 41 Enable Routing for Ports on the Switch 41 Add a Default Route 44 Add - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 4
ProSafe Managed Switch OSPF on a Border Router 70 Stub Areas 75 nssa Areas 84 VLAN Routing OSPF 93 OSPFv3 98 Chapter 8 ARP Proxy ARP Examples 103 Chapter 9 VRRP VRRP on a Master Router 106 VRRP on a Backup Router 108 Chapter 10 ACLs Set Up an IP ACL with Two Rules 113 One-Way Access Using a - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 5
ProSafe Managed Switch IGMP Querier 221 Enable IGMP Querier 222 Show IGMP Querier IP Source Guard 282 Chapter 16 SNTP Show SNTP (CLI Only 287 Configure SNTP 289 Set the Time Zone (CLI Only 291 Set the Named SNTP Server 291 Chapter 17 Tools Traceroute 294 Configuration Scripting 296 Pre-Login - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 6
338 SNMP V3 339 sFlow 341 Time-Based Sampling of Counters with sFlow 345 Chapter 21 DNS Specify Two DNS Servers 346 Manually Add a Host Name and an IP Address 347 Chapter 22 DHCP Server Configure a DHCP Server in Dynamic Mode 349 Configure a DHCP Reservation 352 Chapter 23 DHCPv6 Server CLI - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 7
ProSafe Managed Switch Chapter 26 Tunnel CLI: Create a Tunnel 383 Web Interface: Create a Tunnel 385 Chapter 27 IPv6 Interface Configuration Create an IPv6 Routing Interface 390 Create an - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 8
, and other packages. In addition, see the following publications: • The NETGEAR installation guide for your switch • Hardware Installation Guide • Software Setup Guide • NETGEAR CLI Reference for the Prosafe 7X00 Series Managed Switch. Refer to the Command Line Reference for information about the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 9
13 • Assign VLAN3 as the Default VLAN for Port 1/0/2 on page 15 • Create a MAC-Based VLAN on page 16 • Create a Protocol-Based VLAN on page 19 • Virtual VLANs: Create an IP Subnet-Based VLAN on page 21 • Voice VLANs on page 24 Adding virtual LAN (VLAN) support to a Layer 2 switch offers some of the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 10
Port 1/0/3 VLAN Router Port 1/3/2 192.150.4.1 Port 1/0/1 Layer 2 Switch Layer 2 Switch VLAN 10 VLAN 20 Figure 1. Switch with 4 ports configured for traffic from 2 VLANs The following examples show how to create VLANs, assign ports to the VLANs, and assign a VLAN as the default VLAN to a port - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 11
ProSafe Managed Switch a. Select Switching > VLAN > Basic > VLAN Configuration. A screen similar to the . • In the VLAN Type list, select Static. c. Click Add. 2. Create VLAN3. a. Select Switching > VLAN > Basic > VLAN Configuration. A screen similar to the following displays. b. Enter the following - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 12
ProSafe Managed Switch Assign Ports to VLAN2 This sequence shows how to assign ports to VLAN2, and to specify that frames will always be transmitted tagged from all member ports and that untagged frames will be rejected on receipt. CLI: Assign Ports to VLAN2 (Netgear Switch) #config (Netgear Switch) - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 13
ProSafe Managed Switch a. Select Switching > VLAN > Advanced > Port PVID Configuration. A screen Netgear Switch) (conf-if-range-1/0/2-1/0/4)#exit (Netgear Switch) (Config)#interface 1/0/4 (Netgear Switch) (Interface 1/0/4)#vlan acceptframe all (Netgear Switch) (Interface 1/0/4)#exit (Netgear Switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 14
ProSafe Managed Switch Web Interface: Assign Ports to VLAN3 1. Assign ports to VLAN3. a. Select Switching > VLAN > Advanced > VLAN Membership. A 2. Specify that untagged frames will be accepted on port 1/0/4. a. Select Switching > VLAN > Advanced > Port PVID Configuration. A screen similar to the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 15
ProSafe Managed Switch Assign VLAN3 as the Default VLAN for Port 1/0/2 This example shows how to assign VLAN 3 as the default VLAN for port 1/0/2. CLI: Assign VLAN3 as the Default VLAN for Port 1/0/2 (Netgear Switch) #config (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 16
a MAC address mapping to a VLAN that has not been created on the system. CLI: Create a MAC-Based VLAN 1. Create VLAN3. (Netgear Switch)#vlan database (Netgear Switch)(Vlan)#vlan 3 (Netgear Switch)(Vlan)#exit 2. Add port 1/0/23 to VLAN3. (Netgear Switch)#config (Netgear Switch)(Config)#interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 17
ProSafe Managed Switch 3. Map MAC 00:00:0A:00:00:02 to VLAN3. (Netgear Switch)(Config)#exit (Netgear Switch)#vlan data (Netgear Switch)(Vlan)#vlan association mac 00:00:00A:00:00:02 3 (Netgear Switch)(Vlan)#exit 4. Add all the ports to VLAN3. (Netgear Switch)#config (Netgear Switch)(Config)# - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 18
ProSafe Managed Switch a. Select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following 1 until U displays. e. Click Apply. 3. Assign VPID3 to port 1/0/23. a. Select Switching > VLAN > Advanced > Port PVID Configuration. A screen similar to the following displays. b. Scroll - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 19
ProSafe Managed Switch b. Enter the following information: • In the MAC Address field, enter 00:00:0A:00:00:02. • In the PVID (1 to 4093) field, enter 3. c. Click Add. Create a Protocol-Based VLAN Create two protocol VLAN groups. One is for IPX, and the other is for IP/ARP. The untagged IPX packets - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 20
ProSafe Managed Switch 5. Enable protocol VLAN group 1 and 2 on the interface. (Netgear Switch)(Vlan)#exit (Netgear Switch)#config (Netgear Switch)(Config)#interface 1/0/11 (Netgear Switch)(Interface 1/0/11)#protocol vlan group 1 (Netgear Switch)(Interface 1/0/11)#protocol vlan group 2 (Netgear - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 21
ProSafe Managed Switch • In the VLAN field, enter 5. c. Click Add. 3. Add port 11 to the group vlan_ipx. a. Select Switching > addresses. IP subnet VLANs are based on Layer 3 information from packet headers. The switch makes use of the network-layer address (for example, the subnet address for TCP/IP - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 22
VLAN PC 2 10.100.5.30 (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 2000 (Netgear Switch) (Vlan)#vlan association subnet 10.100.0.0 255.255.0.0 2000 (Netgear Switch) (Vlan)#exit Create an IP subnet-based VLAN 2000. (Netgear Switch) #config (Netgear Switch) (Config)#interface range - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 23
ProSafe Managed Switch Web Interface: Create an IP Subnet-Based VLAN 1. Create VLAN 2000. a. Select Switching > VLAN > Basic > select Static. c. Click Add. 2. Assign all the ports to VLAN 2000. a. Select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following displays. b. In - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 24
ProSafe Managed Switch a. Select Switching > VLAN > Advanced > IP Subnet Based VLAN. A screen similar to the following displays. b. Enter the following information: • In the IP Address field, enter 10.100.0.0. • In the Subnet Mask field, enter 255.255.0.0. • In the VLAN (1 to 4093) field, enter 2000 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 25
ProSafe Managed Switch management control and that clients attached to the network cannot initiate a direct : Configure Voice VLAN and Prioritize Voice Traffic 1. Create VLAN 10. (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 10 (Netgear Switch) (Vlan)#exit Chapter 2. VLANs | 25 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 26
-policy-map)#class ClassVoiceVLAN (Netgear Switch) (Config-policy-classmap)#assign-queue 3 (Netgear Switch) (Config-policy-classmap)#exit 9. Assign it to interfaces 1/0/1 and 1/0/2. (Netgear Switch) (Config)#interface range 1/0/1-1/0/2 (Netgear Switch) (conf-if-range-1/0/1-1/0/2)# service-policy in - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 27
ProSafe Managed Switch Web Interface: Configure Voice VLAN and Prioritize Voice Traffic 1. Create VLAN 10. a. Select Switching > VLAN > Basic > following displays. 2. Include ports 1/0/1 and 1/0/2 in VLAN 10. a. Select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 28
ProSafe Managed Switch c. Select Port 1 and Port 2 as tagged. A screen similar to the following displays. d. Click Apply. 3. Configure Voice VLAN globally. a. Select Switching > VLAN > Advanced > Voice VLAN Configuration. A screen similar to the following displays. b. For Admin Mode, select the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 29
ProSafe Managed Switch c. Click Apply. A screen similar to the following displays. 4. Configure Voice VLAN mode in interface 1/0/2. a. Select Switching > VLAN > Advanced > Voice VLAN Configuration. b. Select the 1/0/2 check box. c. In the Interface Mode list, select VLAN ID. d. In the Value field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 30
ProSafe Managed Switch c. In the Class Type list, select All. A screen similar to the following displays. d. Click Add. The Class Name screen displays, as shown in the next - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 31
ProSafe Managed Switch e. Click Apply. A screen similar to the following displays. 7. Create the DiffServ policy PolicyVoiceVLAN. a. Select QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. b. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 32
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. b. Click the Policy PolicyVoiceVLAN. A screen similar to the following displays. c. In the field - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 33
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > Service Interface Configuration. A screen similar to the following displays. b. Select the check boxes for Interfaces 1/0/1 and 1/0/2. c. Set the Policy Name field as PolicyVoiceVLAN. A screen similar to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 34
following examples: • Create Two LAGs on page 35 • Add Ports to LAGs on page 36 • Enable Both LAGs on page 38 Link aggregation allows the switch to treat multiple physical links between two end-points as a single logical link. All the physical links in a given LAG must operate in full-duplex - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 35
ProSafe Managed Switch • Better use of physical resources. Traffic can be load-balanced interface procedure. CLI: Create Two LAGs (Netgear Switch) #config (Netgear Switch) (Config)#port-channel lag_10 (Netgear Switch) (Config)#port-channel lag_20 (Netgear Switch) (Config)#exit Use the show port- - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 36
LAGs (Netgear Switch) #config (Netgear Switch) (Config)#interface 0/2 (Netgear Switch) (Interface 0/2)#addport 1/1 (Netgear Switch) (Interface 0/2)#exit (Netgear Switch) (Config)#interface 0/3 (Netgear Switch) (Interface 0/3)#addport 1/1 (Netgear Switch) (Interface 0/3)#exit (Netgear Switch) (Config - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 37
ProSafe Managed Switch Web Interface: Add Ports to LAGs 1. Add ports to lag_10. a. Select Switching > LAG > LAG Membership. A box. e. Click Apply to save the settings. 2. Add ports to lag_20. a. Select Switching > LAG > LAG Membership. A screen similar to the following displays. b. Under LAG - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 38
ProSafe Managed Switch Enable Both LAGs The example is shown as CLI commands and as a Web interface procedure. CLI: Enable Both LAGs By default, the system enables link trap notification. (Console) #config (Console) (Config)#port-channel adminmode all (Console) (Config)#exit At this point, the LAGs - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 39
. • Update the Layer 3 header. • Re-create the Layer 2 header. The router's IP address is often statically configured in the end station, although the 7000 Series Managed Switch supports protocols such as DHCP that allow the address to be assigned dynamically. Likewise, you can assign some of the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 40
used in the example in this section enable IP routing on ports 1/0/2,1/0/3, and 1/0/5. The router ID will be set to the 7000 Series Managed Switch's management IP address, or to that of any active router interface if the management address is not configured. After the routing configuration commands - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 41
port routing support shown in Figure 5, Layer 3 switch configured for port routing on page 40. Use the following command to enable routing for the switch. Execution of the command enables IP forwarding by default. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 42
ProSafe Managed Switch CLI: Enable Routing for Ports on the Switch (Netgear Switch) #config (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface 1/0/2)#routing (Netgear Switch) (Interface 1/0/2)#ip address 192.150.2.1 255.255.255.0 (Netgear Switch) (Interface 1/0/2)#exit (Netgear - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 43
ProSafe Managed Switch 2. Assign IP address 192.150.3.1/24 to interface 1/0/3. a. Select Routing > IP> Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the interface 1/0/3 check box. Now 1/0/3 appears in the Interface field at the top. c. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 44
when the switch can not find a match in the routing table for an IP packet. The following example shows how to create a default route. CLI: Add a Default Route (FSM7338S) (Config) #ip route default? Enter the IP Address of the next router. (FSM7328S) (Config)#ip route default 10.10 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 45
the bottom of the screen. This creates the default route entry in the routing table. Add a Static Route when the switch performas IP routing, it forwards the packet to the default route for a destination that is not in the same subnet as the source address. However, you can set a path (static route - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 46
ProSafe Managed Switch Web Interface: Add a Static Route 1. Select Routing > Routing Table > Basic > Route Configuration to display the Route Configuration screen. 2. In the Route Type list, select Static. 3. Fill in the Network Address field. Note that this field ishould have a network IP address, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 47
can configure the 7000 Series Managed Switch with some ports supporting VLANs and some supporting routing. You can also configure it to allow traffic on a VLAN to be treated as if the VLAN were a router port. When a port is enabled for bridging (the default) rather than routing, all normal bridge - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 48
ProSafe Managed Switch shows the commands you would use to configure a 7000 Series Managed Switch to provide the VLAN routing support shown in the diagram. Layer 3 switch Port 1/0/2 VLAN Router port 1/3/1 192.150.3.1 Port 1/0/3 VLAN Router port 1/3/2 192.150.4.1 Port 1/0/1 Layer 2 Switch Layer - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 49
ProSafe Managed Switch Web Interface: Create Two VLANs 1. Create VLAN 10 and VLAN20. a. Select Switching > VLAN > Advanced > VLAN10. d. In the VLAN Type list, select Static. e. Click Add. f. Select Switching > VLAN > Advanced > VLAN Configuration. A screen similar to the following displays. g. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 50
ProSafe Managed Switch a. Select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the The T specifies that the egress packet is tagged for the port. e. Click Apply. f. Select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following displays. g. In the VLAN - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 51
ProSafe Managed Switch a. Select Switching > VLAN > Advanced > Port PVID Configuraton. A screen similar to the following displays. b. Scroll down and select 1/0/1 and 1/0/2 check boxes. c. In the PVID (1 to 4093) field, enter 10. d. Click Apply to save the settings. e. Select Switching > VLAN > - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 52
for the virtual router ports. (Netgear Switch) (Config)#interface vlan 10 (Netgear Switch) (Interface-vlan 10)#ip address 192.150.3.1 255.255.255.0 (Netgear Switch) (Interface-vlan 10)#exit (Netgear Switch) (Config)#interface vlan 20 (Netgear Switch) (Interface-vlan 20)#ip address 192.150.4.1 255 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 53
ProSafe Managed Switch Web Interface: Set Up VLAN Routing for the VLANs and the Switch 1. Select Routing > VLAN> VLAN Routing. A screen similar to the following displays. 2. Enter the following information: • In the VLAN ID (1 to 4093) list, select 10. • In the IP Address field, enter 192.150.3.1. • - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 54
routers after 180 seconds, and removed from their tables after an additional 120 seconds. There are two versions of RIP (the managed switch supports both): • RIPv1 defined in RFC 1058. - Routes are specified by IP packets to the RIPv1 broadcast address. • Prevent any RIP packets from being received. • - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 55
as a Web interface procedure. CLI: Enable Routing for the Switch (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#exit Web Interface: Enable Routing for the Switch 1. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 56
ProSafe Managed Switch Routing for Ports The example is shown as CLI commands and as a Web interface procedure. CLI: Enable Routing and Assigning IP Addresses for Ports 1/0/2 and 1/0/3 (Netgear Switch) #config (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface 1/0/2)#routing ( - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 57
CLI: Enable RIP on the Switch This sequence enables RIP for the switch. The route preference defaults to 15. (Netgear Switch) #config (Netgear Switch) (Config)#router rip (Netgear Switch) (Config router)#enable (Netgear Switch) (Config router)#exit (Netgear Switch) (Config)#exit Chapter 6. RIP | 57 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 58
no default route entry is created. The commands specify that both ports receive both RIPv1 and RIPv2 frames, but send only RIPv2-formatted frames. (Netgear Switch) #config (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface 1/0/2)#ip rip (Netgear Switch) (Interface 1/0/2)#ip rip - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 59
ProSafe Managed Switch Web Interface: Enable RIP for Ports 1/0/2 and 1/0/3 1. Select Routing > RIP > Advanced > RIP Configuration. A screen similar to the following displays. 2. Enter the following information: • In the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 60
. A second router, using port routing rather than VLAN routing, has been added to the network. CLI: Configure VLAN Routing with RIP Support 1. Configure VLAN routing with RIP support on a 7000 Series Managed Switch. (Netgear Switch) #vlan data (Netgear Switch) (Vlan)#vlan 10 (Netgear Switch) (Vlan - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 61
defaults to 15. (Netgear Switch) (Config)#router rip (Netgear Switch) (Config router)#enable (Netgear Switch) (Config router)#exit 3. Configure the IP address and subnet mask for a non-virtual router port. (Netgear Switch) (Config)#interface 1/0/5 (Netgear Switch) (Interface 1/0/5)#ip address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 62
Switch Web Interface: Configure VLAN Routing with RIP Support 1. Configure a VLAN and include ports 1/0/2 in the VLAN: a. Select Routing > VLAN > VLAN Routing Wizard. A screen similar to the following displays. b. Enter the following information: • In the Vlan ID field, enter 10. • In the IP Address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 63
ProSafe Managed Switch d. Click the gray box under port 3 until T displays. The T specifies that the egress packet is tagged for the port. e. Click Apply to save the VLAN that includes port 3. 3. Enable RIP on the switch (you can skip this step since the RIP is enabled by default). a. Select Routing - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 64
and destination address are in the same area, and inter-area routing across an OSPF backbone is used when they are not. An inter-area router communicates with border routers in each of the areas to which it provides connectivity. The 7000 Series Managed Switch operating as a router and running - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 65
.3.1 Border Router Border Router Area 2 Area 3 Figure 9. Network segment with an inter-area router connecting areas 0.0.0.2 and 0.0.0.3 CLI: Configure an Inter-area Router 1. Enable routing for the switch. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 66
ProSafe Managed Switch 2. Assign IP addresses to ports. (Netgear Switch) #config (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface 1/0/2)#routing (Netgear Switch) (Interface 1/0/2)#ip address 192.150.2.1 255.255.255.0 (Netgear Switch) (Interface 1/0/2)#exit (Netgear Switch) ( - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 67
: Configure an Inter-area Router 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply to save the settings. 2. Assign IP address 192.150.2.1 to port - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 68
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the interface 1/0/3 check box. Now 1/0/3 appears in the Interface field at the top. c. Enter the following information: • In the IP Address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 69
ProSafe Managed Switch c. Click Apply to save the settings. 5. Enable OSPF on port 1/0/2. a. Select Routing > OSPF > Advanced > Interface Configuration. A screen similar to the following displays. b. Scroll downand select - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 70
.130.3.1 255.255.255.0 (Netgear Switch) (Interface 1/0/3)#exit (Netgear Switch) (Config)#interface 1/0/4 (Netgear Switch) (Interface 1/0/4)#routing (Netgear Switch) (Interface 1/0/4)#ip address 192.64.4.1 255.255.255.0 (Netgear Switch) (Interface 1/0/4)#exit 3. Specify the router ID, and enable OSPF - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 71
: Configure OSPF on a Border Router 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply to save the settings. 2. Assign IP address 192.150.2.2 to port - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 72
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the interface 1/0/2 check box. Now 1/0/2 appears in the Interface field at the top. c. Enter the following information: • In the IP Address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 73
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the interface 1/0/4 check box. Now 1/0/4 appears in the Interface field at the top. c. Enter the following information: • In the IP Address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 74
ProSafe Managed Switch c. Click Apply to save the settings. 6. Enable OSPF on the port 1/0/2. a. In the OSPF Area ID field, enter 0.0.0.2. • In the OSPF Admin Mode field, select Enable. • In the Router Priority (0 to 255) field, enter 128. • In the Metric Cost field, enter 32. c. Click Apply to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 75
ProSafe Managed Switch • In the Priority field, enter 255. • In the Metric Cost field, enter 64. c. Click as CLI commands and as a Web interface procedure. Port 2/0/11 Layer 3 switch Port 2/0/191 Port 1/0/151 Layer 3 switch Area 0 Figure 10. Area 1 is a stub area Area 1 Chapter 7. OSPF | 75 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 76
(Netgear Switch) (Config-router)#exit 5. Enable OSPF area 0 on ports 2/0/11. (Netgear Switch) (Config)#interface 2/0/11 (Netgear Switch) (Interface 2/0/11)#routing (Netgear Switch) (Interface 2/0/11)#ip address 192.168.10.1 255.255.255.0 (Netgear Switch) (Interface 2/0/11)#ip ospf (Netgear Switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 77
ProSafe Managed Switch (Netgear Switch) (Config)#ex (Netgear Switch) #show ip ospf neighbor interface all Router ID IP Address Neighbor Interface State 4.4.4.4 192.168.10.2 2/0/11 Full 2.2.2.2 192.168.20.2 2/0/19 Full (Netgear Switch) #show ip route Total Number of Routes 4 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 78
the following information: • In the IP Address field, enter 192.168.20.1. • In the Network Mask field, enter 255.255.255.0. • In the the Admin Mode field, select Enable. d. Click Apply to save the settings. 4. Specify the router ID, and enable OSPF for the switch. a. Select Routing > OSPF > Basic - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 79
ProSafe Managed Switch a. Select Routing > OSPF > Advanced > Interface Configuration. A screen similar to the following displays. b. Under Interface Configuration, scroll down and select the interface 2/0/11 check box. Now 2/0/ - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 80
ProSafe Managed Switch a. Select switch. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#router ospf 2. Set the router ID to 2.2.2.2. (Netgear Switch) (Config-router)#router-id 2.2.2.2 3. Configure area 0.0.0.1 as a stub area. (Netgear Switch) (Config-router - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 81
ProSafe Managed Switch 4. Enable OSPF area 0.0.0.1 on the 1/0/15. (Netgear Switch) (Config-router)#exit (Netgear Switch) (Config-router)#exit (Netgear Switch) (Config)#interface 1/0/15 (Netgear Switch) (Interface 1/0/15)#routing (Netgear Switch) (Interface 1/0/15)#ip address 192.168.20.2 (Netgear - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 82
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the interface 1/0/15 check box. Now 1/0/15 appears in the Interface field at the top. c. Enter the following information: • In the IP Address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 83
ProSafe Managed Switch a. Select Routing > OSPF > Advanced > Interface Configuration. A screen similar to the following displays. b. Under Interface Configuration, scroll down and select the interface 1/0/15 check box. Now 1/0/ - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 84
on the switch. (Netgear Switch) #config (Netgear Switch) (Config)#router ospf (Netgear Switch) (Config)#ip routing 2. Configure area 0.0.0.1 as an nssa area. (Netgear Switch) (Config)#router ospf (Netgear Switch) (Config-router)#router-id 1.1.1.1 (Netgear Switch) (Config-router)#area 0.0.0.1 nssa - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 85
ProSafe Managed Switch 4. Enable area 0.0.0.1 on port 2/0/19. (Netgear Switch) (Config-router)#exit (Netgear Switch) (Config)#interface 2/0/11 (Netgear Switch) (Interface 2/0/11)#routing (Netgear Switch) (Interface 2/0/11)#ip address 192.168.10.1 255.255.255.0 (Netgear Switch) (Interface 2/0/11)# - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 86
ProSafe Managed Switch 2. Assign IP address 192.168.10.1 to port 2/0/11. a. Select Routing > IP > Advanced > IP Interface Configuration. in the Interface field at the top. c. Enter the following information: • In the IP Address field, enter 192.168.20.1. • In the Subnet Mask field, enter 255.255.255 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 87
ProSafe Managed Switch 4. Specify the router ID, and enable OSPF for the switch. a. Select Routing > OSPF > Basic > OSPF Configuration. A screen similar to the following displays. b. Under OSPF Configuration, in the Router ID field, enter 2.2.2.2. c. Click Apply to save the settings. 5. Enable OSPF - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 88
ProSafe Managed Switch a. Select Routing > OSPF > Advanced > Interface Configuration. A screen similar to the Area 1 as an nssa Area on A2 1. Enable routing on the switch. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#router ospf 88 | Chapter 7. OSPF - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 89
on port 1/0/15. (Netgear Switch) (Config-router)#exit (Netgear Switch) (Config)#interface 1/0/11 (Netgear Switch) (Interface 1/0/11)#routing (Netgear Switch) (Interface 1/0/11)#ip address 192.168.30.1 255.255.255.0 (Netgear Switch) (Interface 1/0/11)#ip rip (Netgear Switch) (Interface 1/0/11 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 90
an nssa Area on A2 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply to save the settings. 2. Assign IP address 192.168.30.1 to port 1/0/11. a. Select - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 91
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface IP Address field, enter 192.168.20.2. • In the Network Mask field, enter 255.255.255.0. • In the Routing Mode field, select Enable. d. Click Apply to save the settings. 4. Specify the router ID, and enable OSPF for the switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 92
ProSafe Managed Switch b. Enter the following information: • In the Interface field, select 1/0/11. • For RIP Admin Mode, select the Enable radio button. c. Click Apply to save the settings. 6. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 93
ProSafe Managed Switch a. Select address are in the same area, and inter-area routing across an OSPF backbone is used when they are not. An inter-area router communicates with border routers in each of the areas to which it provides connectivity. The 7000 Series Managed Switch operating as a router - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 94
ip address 192.150.4.1 255.255.255.0 (Netgear Switch) (Interface vlan 20)#exit 2. Specify the router ID and enable OSPF for the switch. (Netgear Switch) (Config)#router ospf (Netgear Switch) (Config router)#router-id 192.150.9.9 (Netgear Switch) (Config router)#enable (Netgear Switch) (Config router - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 95
ProSafe Managed Switch 3. Enable OSPF for the VLAN and physical router ports. (Netgear Switch) (Config)#interface vlan 10 (Netgear Switch) (Interface vlan 10)#ip ospf areaid 0.0.0.2 (Netgear Switch) (Interface vlan 10)#ip ospf (Netgear Switch) (Interface vlan 10)#exit (Netgear Switch the IP Address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 96
ProSafe Managed Switch following information: • In the Vlan ID field, enter 20. • In the IP Address field, enter 192.150.4.1. • In the Network Mask field, enter 255.255 to save the VLAN that includes port 3. 3. Enable OSPF on the switch. a. Select Routing > OSPF > Basic > OSPF Configuration. A screen - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 97
ProSafe Managed Switch a. Select Routing > OSPF > Advanced > Interface Configuration. A screen similar to the following displays. b. Under Interface Configuration, click VLANS to show all the VLAN interfaces. c. Scroll down - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 98
works with IPv6. The following example shows how to configure OSPFv3 on a IPv6 network. Switch A1 Switch A2 Area 0 Figure 12. OSPFv3 Protocol for IPv6 CLI: Configure OSPFv3 1. On A1, enable IPv6 unitcast routing on the switch. (Netgear Switch) (Config)#ipv6 unicast-routing 98 | Chapter 7. OSPF - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 99
to router ID. (Netgear Switch) (Config)#ipv6 router ospf (Netgear Switch) (Config-rtr)#enable (Netgear Switch) (Config-rtr)#router-id 1.1.1.1 (Netgear Switch) (Config-rtr)#exit 3. Enable routing mode on the interface 1/0/1, and assign the IP address 2000::1 to IPv6,. (Netgear Switch) (Config - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 100
ProSafe Managed Switch 8. Enable OSPFv3 on interface 1/0/13, and set the OSPF network mode to broadcast. (Netgear Switch) (Interface 1/0/13)#ipv6 ospf (Netgear Switch) (Interface 1/0/13)#ipv6 ospf network broadcast (Netgear Switch) #show ipv6 ospf neighbor Router ID Priority 1.1.1.1 1 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 101
ProSafe Managed Switch a. Select Routing > IPv6 > Advanced > IP Interface Configuration. A screen similar to the following Apply to save the settings. 4. Assign the IP address 2001::1 to port 1/0/1. a. Select Routing > IPv6 > Advanced > IP Interface Configuration. A screen similar to the following - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 102
ProSafe Managed Switch a. Select Routing > OSPFv3 > Advanced > Interface Configuration. A screen similar to the following displays. b. Under IP Interface Configuration, scroll down and select the interface 1/0/1 check box. Now 1/0/1 appears in the Interface field at the top. • In the OSPF Area ID - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 103
ARP, a router responds to an ARP request only if the target IP address is an address configured on the interface where the ARP request arrived. Proxy ARP Examples The following are examples of the commands used in the proxy ARP feature. CLI: show ip interface (Netgear Switch) #show ip interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 104
ProSafe Managed Switch CLI: ip proxy-arp (Netgear Switch) (Interface 0/24)#ip proxy-arp ? Press Enter to execute the command. (Netgear Switch) (Interface 0/24)#ip proxy-arp Web Interface: Configure Proxy ARP on a Port 1. Select Routing > IP > Advanced > IP Interface Configuration. A - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 105
. 192.150.2.1 Layer 2 Switch Hosts Figure 13. VRRP VRRP eliminates the single point of failure associated with static default routes by enabling a backup router to take over from a master router without affecting the end stations using the route. The end stations use a virtual IP address that is - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 106
the default master router for the virtual route, and Router 2 is the backup router. CLI: Configure VRRP on a Master Router 1. Enable routing for the switch. IP forwarding will then be enabled by default. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing 2. Configure the IP addresses and - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 107
Configure VRRP on a Master Router 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply to save the settings. 2. Assign the IP address 192.150.2.1 to port - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 108
ProSafe Managed Switch a. Select Routing > VRRP > Advanced > VRRP Configuration. A screen similar to Backup Router 1. Enable routing for the switch. IP forwarding will then be enabled by default. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing 2. Configure the IP addresses and subnet - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 109
the same as Router 1's port 1/0/2 actual IP address, this router will always be the VRRP backup when Router 1 is active. (Netgear Switch) (Interface 1/0/4)#ip vrrp 20 ip 192.150.2.1 6. Set the priority for the port. The default priority is 100. (Netgear Switch) (Interface 1/0/4)#ip vrrp 20 priority - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 110
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Interface 1/0/4 check box. Now 1/0/4 appears in the Interface field at the top. c. Enter the following information: • In the IP Address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 111
• Use ACLs to Configure Isolated VLANs on a Layer 3 Switch on page 132 • Set up a MAC ACL with Two reside in a firewall router or in a router connecting two internal networks not support redirection. • The system does not support MAC ACLs and IP ACLs on the same interface. • The system supports ACLs - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 112
ProSafe Managed Switch MAC ACLs MAC ACLs are Layer 2 ACLs. You can configure the rules to inspect the following fields of a packet (limited by platform): • Source MAC address with mask. • Destination MAC address with mask. • VLAN ID (or range of IDs). • Class of Service (CoS) (802.1p) . • EtherType: - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 113
support on a 7000 Series Managed Switch. Create ACL 101. Define the first rule: The ACL will permit packets that match the specified source IP address are sent to the specified destination IP address. 1. Enter these commands: (Netgear Switch) #config (Netgear Switch) (Config)#access-list 101 permit - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 114
will be accepted. (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface 1/0/2)#ip access-group 101 in (Netgear Switch) (Interface 1/0/2)#exit (Netgear Switch) (Config)#exit Web Interface: Set Up an IP ACL with Two Rules 1. Create IP ACL 101 on the switch. a. Select Security > ACL - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 115
ProSafe Managed Switch c. Click Add to create a new rule. 3. Create a new ACL rule and . • In the Source IP Address field, enter 192.168.77.0. • In the Source IP Mask field, enter 0.0.0.255. • In the Destination IP Address field, enter 192.178.77.0. • In the Destination IP Mask field, enter 0.0.0.255 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 116
ProSafe Managed Switch a. After you click the Add button in step 3, a screen similar to • In the Source IP Address field, enter 192.168.77.0. • In the Source IP Mask field, enter 0.0.0.255. • In the Destination IP Address field, enter 192.178.77.0. • In the Destination IP Mask field, enter 0.0.0.255 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 117
ProSafe Managed Switch • In the ACL ID list, select 10. • In the Sequence Number field, Port 0/13 192.168.100.2 Port 1/0/24 192.168.40.2 FTP server 1 Layer 2 switch Port 1/0/48 Port 0/44 FTP server 2 Layer 3 switch Port 0/35 Port 1/0/25 PC 1 PC 2 Figure 15. One-Way Web access using a - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 118
ProSafe Managed Switch 1. Create VLAN 30 with port 0/35 and assign IP address 192.168.30.1/24. (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 30 (Netgear Switch) (Vlan)#vlan routing 30 (Netgear Switch) (Vlan)#exit (Netgear Switch) #config (Netgear Switch) (Config)#interface 0/35 ( - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 119
ProSafe Managed Switch 3. Create VLAN 200 with port 0/44 and assign IP address 192.168.200.1/24. (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 200 (Netgear Switch) (Vlan)#vlan routing 200 (Netgear Switch) (Vlan)#exit (Netgear Switch) #configure (Netgear Switch) (Config)#interface 0/44 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 120
ProSafe Managed Switch 2. Create VLAN 40 with port 1/0/24 and assign IP address 192.168.40.1/24. (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 40 (Netgear Switch) (Vlan)#vlan routing 40 (Netgear Switch) #configure (Netgear Switch) (Config)#interface 1/0/24 (Netgear Switch) (Interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 121
ProSafe Managed Switch 4. Create VLAN 200 with port 1/0/48 and assign IP address 192.168.200.1/24. (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 200 (Netgear Switch) (Vlan)#vlan routing 200 (Netgear Switch) (Config)#interface 1/0/48 (Netgear Switch) (Interface 1/0/48)#vlan pvid 200 ( - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 122
ProSafe Managed Switch a. Select Routing > VLAN > VLAN Routing Wizard. A screen similar to the following displays.n the VLAN Routing Wizard, b. In the VLAN Routing Wizard, enter the following information: • In the Vlan ID field, enter 30. • In the IP Address field, enter 192.168.30.1. • In the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 123
ProSafe Managed Switch • In the IP Address field, enter 192.168.100.1. • In the Network Mask following displays. b. Enter the following information: • In the Vlan ID field, enter 200. • In the IP Address field, enter 192.168.200.1. • In the Network Mask field, enter 255.255.255.0. c. Click Unit - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 124
ProSafe Managed Switch a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. Under IP Configuration, make the following selections: • For Routing Mode, select the Enable radio button. • For IP Forwarding Mode, select the Enable radio button. c. Click Apply - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 125
ProSafe Managed Switch a. Select Routing > Routing Table > Basic > Route Configuration. A screen similar to the following displays. b. Under Configure Routes, make the following selection and enter the following information: • In the Route Type list, select Static. • In the Network Address field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 126
ProSafe Managed Switch a. Select Security > ACL > Advanced > IP ACL. A screen similar to the following displays. b. In the IP ACL Table, in the IP ACL ID field, enter 102. c. Click Add. 9. Add and configure an IP extended rule that is associated with ACL 101. a. Select Security > ACL > Advanced > IP - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 127
ProSafe Managed Switch c. Click Add. The Extended ACL Rule Configuration screen displays. d. Add and configure an IP extended rule that is associated with ACL 102. a. Select Security > ACL > Advanced > IP Extended Rules. A screen similar to the following displays. b. Under IP Extended Rules, in the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 128
ProSafe Managed Switch c. Click Add. The Extended ACL Rule Configuration screen displays. d. the settings. 11. Apply ACL 101 to port 44. a. Select Security > ACL > Advanced > IP Binding Configuration. A screen similar to the following displays. b. Under Binding Configuration, specify the following: - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 129
ProSafe Managed Switch c. Click Unit 1. The ports display. d. Click the gray box under port 44. A check mark displays in the box. e. Click Apply to save the settings. 12. Apply ACL 102 to port 44. a. Select Security > ACL > Advanced > IP the GSM7342S Switch 1. Create VLAN 40 with IP address 192.168. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 130
ProSafe Managed Switch • In the IP Address field, enter 192.168.40.1. • In the Network Mask field following displays. b. Enter the following information: • In the Vlan ID field, enter 50. • In the IP Address field, enter 192.168.50.1. • In the Network Mask field, enter 255.255.255.0. c. Click Unit - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 131
ProSafe Managed Switch a. Select Routing > VLAN > VLAN Routing Wizard. A screen similar to the following displays. b. Enter the following information: • In the Vlan ID field, enter 200. • In the IP Address field, enter 192.168.200.2. • In the Network Mask field, enter 255.255.255.0. c. Click Unit 1. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 132
ProSafe Managed Switch c. Click Add. 5. Create a static route with IP address 192.168.30.0/24: a. Select Routing > Routing Table > Basic > Route Configuration. A screen similar to the following displays. b. Under Configure Routes, make the following selection and - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 133
vlan pvid 24 (Netgear Switch) (Interface 1/0/24)#exit (Netgear Switch) (Config)#interface vlan 24 (Netgear Switch) (Interface-vlan 24)#routing (Netgear Switch) (Interface-vlan 24)#ip address 192.168.24.1 255.255.255.0 (Netgear Switch) (Interface-vlan 24)#exit (Netgear Switch) (Config)#exit Chapter - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 134
ProSafe Managed Switch 2. Create VLAN 48, add port 1/0/48 to it, and assign IP address 192.168.48.1 to it. (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 48 (Netgear Switch) (Vlan)#vlan routing 48 (Netgear Switch) (Vlan)#exit (Netgear Switch) #config (Netgear Switch) (Config)#interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 135
ProSafe Managed Switch 6. Create ACL 101 to deny all traffic that has the destination IP address 192.168.24.0/24. (Netgear Switch) (Config)#access-list 101 deny ip any 192.168.24.0 0.0.0.255 7. Create ACL 102 to deny all traffic that has the destination IP address 192.168.48.0/24. (Netgear Switch) ( - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 136
ProSafe Managed Switch a. Select Routing > VLAN > VLAN Routing Wizard. A screen similar to the following displays. b. Enter the following information: • In the Vlan ID field, enter 24. • In the IP Address field, enter 192.168.24.1. • In the Network Mask field, enter 255.255.255.0. c. Click Unit 1. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 137
ProSafe Managed Switch c. Click Unit 1. The ports display. d. Click the gray box under port 48 twice until U displays. The U specifies that the egress packet is untagged for the port. e. Click Apply to save VLAN 48. 3. Create VLAN 38 with IP address 10.100.5.34. a. Select Routing > VLAN > VLAN - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 138
ProSafe Managed Switch c. Click Apply to enable IP routing. 5. Create an ACL with ID 101. a. Select Security > ACL > Advanced > IP ACL. A screen similar to the following displays. b. In the IP ACL Table, in the IP ACL ID field, enter 101. c. Click Add. 6. Create an ACL with ID 102. a. Select - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 139
ProSafe Managed Switch a. Select Security > ACL > Advanced > IP ACL. A screen similar to the following displays. b. In the IP ACL ID field of the IP ACL Table, enter 103. c. Click Add. 8. Add and configure an IP extended rule that is associated with ACL 101: a. Select Security > ACL > Advanced > IP - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 140
ProSafe Managed Switch c. Click Add. The Extended ACL Rule Configuration screen displays. button. • In the Match Every field, select False. • In the Destination IP Address field, enter 192.168.24.0. • In the Destination IP Mask field, enter 0.0.0.255. e. Click Apply to save the settings. 9. Add - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 141
ProSafe Managed Switch c. Click Add. The Extended ACL Rule Configuration screen displays radio button. • In the Match Every field, select False. • In the Destination IP Address field, enter 192.168.48.0. • In the Destination IP Mask field, enter 0.0.0.255. e. Click Apply to save the settings. 10. Add - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 142
ProSafe Managed Switch c. Click Add. The Extended ACL Rule Configuration screen displays. d. Under settings. 11. Apply ACL 102 to port 24: a. Select Security > ACL > Advanced > IP Binding Configuration. A screen similar to the following displays. b. Under Binding Configuration, make the following - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 143
ProSafe Managed Switch • In the Sequence Number field, enter 1. c. Click Unit 1. The ports display. d. Click the gray box under port 24. A check mark displays in the box. e. Click Apply to save the settings. 12. Apply ACL 101 to port 48: a. Select Security > ACL > Advanced > IP Binding Configuration - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 144
ProSafe Managed Switch a. Select Security > ACL > Advanced > IP Binding Configuration. A screen similar to MAC ACL with Two Rules 1. Create a new MAC ACL acl_bpdu. (Netgear Switch) # (Netgear Switch) #config (Netgear Switch) (Config)#mac access-list extended acl_bpdu 2. Deny all the traffic that - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 145
ProSafe Managed Switch 3. Permit all the other traffic. (Netgear Switch) (Config-mac-access-list)#permit any (Netgear Switch) (Config-mac-access-list)#exit 4. Apply the MAC ACL acl_bpdu to port 1/0/2. (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface 1/0/2)#mac access-group - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 146
ProSafe Managed Switch c. Enter the following information in the Rule Table. • In the ID field, enter 1. • In the Destination MAC field, enter 01:80:c2:00:00:00. • - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 147
ProSafe Managed Switch • In the Sequence Number field, enter 1. c. Click the Unit 1. The ports display. rule will be copied to the specified mirrored interface. Other network 1/0/1 L2 switch GSM73xxS 1/0/19 Probing station Packets from 10.0.0.1 workstation 10.0.0.1 workstation 10.0.0.2 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 148
---------- inbound Interface(s 1/0/1 VLAN(s (Netgear Switch) #show ip access-lists monitorHost ACL Name: monitorHost Inbound Interface(s): 1/0/1 Rule Number: 1 Action permit Match All FALSE Protocol 255(ip) Source IP Address 10.0.0.1 Source IP Mask 0.0.0.0 Mirror Interface 1/0/19 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 149
ProSafe Managed Switch a. Select Security > ACL > Advanced > IP ACL. A screen similar to the following displays. b. In the IP ACL ID field, enter monitorHost. c. Click Add to create ACL monitorHost, and the following screen displays: 2. Create a rule to match host 10.0.0.1 in the ACL - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 150
ProSafe Managed Switch b. Click Add, and the Extended ACL Rule Configuration screen displays. c. In the Rule ID field, enter 1. d. For Action, select the Permit radio button. e. In the Mirror Interface list, select 1/0/19. f. In the Src IP Address field, enter 10.0.0.1. g. In the Src IP Mask field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 151
ProSafe Managed Switch b. Click Add, and a screen similar to the following displays. c. In the following displays. 4. Bind the ACL withinterface 1/0/1. a. Select Security > ACL > Advanced > IP Binding Configuration. A screen similar to the following displays. b. In the Sequence Number field, enter - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 152
ProSafe Managed Switch e. Click Apply. A screen similar to the following displays. ACL Redirect This feature redirects a specified traffic stream to a specified interface. Other network 1/0/1 GSM73xxS 1/0/19 Workstation Workstation - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 153
ProSafe Managed Switch 1. Create an IP access control list with the name redirectHTTP. (Netgear Switch) (Config)#ip access-list redirectHTTP 2. Define a rule to match the HTTP stream and define a rule to permit all others. (Netgear Switch) (Config-ipv4-acl)# permit tcp any any eq http redirect - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 154
ProSafe Managed Switch a. Select Security > ACL > Advanced > IP ACL. A screen similar to the following displays. b. In the IP ACL field, enter redirectHTTP. c. Click Add to create the IP ACL redirectHTTP. A screen similar to the following displays. 2. Create a rule to redirect HTTP traffic. a. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 155
ProSafe Managed Switch b. Click Add, and the Extended ACL Rule Configuration screen displays. c. In the Rule ID field, procedure. 3. Create a rule to match every other traffic. a. Select Security > ACL > Advanced > IP Extended Rules. A screen similar to the following displays. Chapter 10. ACLs | 155 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 156
ProSafe Managed Switch b. Click Add, and the Extended ACL Rule Configuration screen displays. c. following displays. 4. Bind the ACL with interface 1/0/1. a. Select Security > ACL > Advanced > IP Binding Configuration. A screen similar to the following displays. b. In the Sequence Number field, enter - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 157
ProSafe Managed Switch d. Select the check box below Port 1. e. Click Apply. At the end of this configuration a screen similar to the following displays. Configure IPv6 ACLs This feature extends the existing IPv4 ACL by providing support for IPv6 packet classification. Each ACL is a set of up to 12 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 158
ProSafe Managed Switch Note that the order of the rules is important: When a packet any destination. CLI: Configure an IPv6 ACL 1. Create the access control list with the name ipv6-acl. (Netgear Switch) (Config)# ipv6 access-list ipv6-acl 2. Define three rules to: • Permit any IPv6 traffic to the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 159
(s) VLAN(s) ipv6-acl 3 inbound 1/0/1 (Netgear Switch) #show ipv6 access-lists ipv6-acl ACL Name: ipv6-acl Inbound Interface(s): 1/0/1 Rule Number: 1 Action permit Protocol 255(ipv6) Source IP Address 2001:DB8:C0AB:AC11::/64 Destination IP Address 2001:DB8:C0AB:AC14::/64 Rule - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 160
ProSafe Managed Switch Rule Number: 3 Action permit Protocol 6(tcp) Source IP Address 2001:DB8:C0AB:AC11::/64 Destination L4 Port Keyword 80(www/http) Web Interface: Configure an IPv6 ACL 1. Create the access control list with the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 161
ProSafe Managed Switch c. Click Add. d. In the Rule ID field, enter 1. e. For Action, select the Permit radio button. f. In the Source Prefix field, enter 2001:DB8:C0AB:AC11::. g. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 162
ProSafe Managed Switch h. In the Destination L4 Port list, select telnet. A screen similar to the following displays. i. Click Apply. 4. traffic on port 1/0/1. Only traffic matching the criteria will be accepted. a. Select Security > ACL > Advanced > IP Binding Configuration. 162 | Chapter 10. ACLs - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 163
ProSafe Managed Switch b. In the ACL ID list, select ipv6-acl. c. In the Sequence Number list, select 1. d. Click Unit 1. e. Select Port 1. A screen similar to the following displays. f. Click - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 164
11 This chapter describes Class of Service (CoS) queue mapping, CoS Configuration, and traffic shaping features. This chapter provides the following examples: • Show classofservice Trust on page 166 • Set classofservice Trust Mode on page 167 • Show classofservice IP-Precedence Mapping on page 168 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 165
ProSafe Managed Switch CoS Queue Mapping CoS queue mapping uses trusted and 802.1p user priority (This is the default trust mode and is managed through switching configuration.) - IP precedence - IP DiffServ Code Point (DSCP) The system can assign the service level based upon the 802.1p priority - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 166
, rail Drop vs. WRED Only if per-queue configuration is not supported • WRED decay exponent • Traffic shaping for an entire interface Show : (Netgear Switch) #show classofservice trust? Press Enter to execute the command. (Netgear Switch) #show classofservice trust Class of Service Trust Mode - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 167
Sets the Class of Service Trust Mode of an Interface. (Netgear Switch) (Config)#classofservice trust? dot1p Sets the Class of Service Trust Mode of an Interface to 802.1p. ip-dscp Sets the Class of Service Trust Mode of an Interface to IP DSCP. (Netgear Switch) (Config)#classofservice trust - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 168
and as a Web interface procedure. CLI: Show classofservice IP-Precedence Mapping (Netgear Switch) #show classofservice ip-precedence-mapping IP Precedence Traffic Class 0 1 1 0 2 0 3 1 4 2 5 2 6 3 7 3 Web Interface: Show classofservice ip-precedence Mapping 1. Select QoS > CoS - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 169
Switch The IP precedence to queue mapping of the interface is displayed. Configure Cos-queue Min-bandwidth and Strict Priority Scheduler Mode The example is shown as CLI commands and as a Web interface procedure. CLI: Configure Cos-queue Min-bandwidth and Strict Priority Scheduler Mode (Netgear - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 170
ProSafe Managed Switch c. Under Interface Queue Configuration, scroll down and select the interface 1/0/2 check box. Now 1/0/2 appears in the Interface field at the top. d. Enter the following information: • - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 171
ProSafe Managed Switch CLI: Set CoS Trust Mode for an Interface (Netgear Switch) (Interface 1/0/3)#classofservice trust? dot1p Sets the Class of Service Trust Mode of an Interface to 802.1p. ip-dscp Sets the Class of Service Trust Mode of an Interface to IP DSCP. (Netgear Switch) (Interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 172
ProSafe Managed Switch command to enable traffic shaping by specifying the maximum transmission bandwidth limit for all interfaces (Global Config) or for a single interface (Interface Config). The value is a percentage that ranges from 0 to 100 in increments of 5. The default bandwidth value - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 173
is discarded. How you configure DiffServ support on a 7000 Series Managed Switch varies depending on the role of the switch in your network: • Edge and is recorded in the Differentiated Services Code Point (DSCP) added to a packet's IP header. • Interior node. A switch in the core of the network - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 174
ProSafe Managed Switch • Class. A class consists of a set of rules that identify which packets belong to the class. Inbound traffic is separated into traffic classes based on Layer 3 and Layer 4 header data and the VLAN ID, and marked with a corresponding DSCP value. One type of class is supported: - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 175
the match criteria of source IP address for the new classes. (Netgear Switch) (Config)#class-map match-all finance_dept (Netgear Switch) (Config class-map)#match srcip 172.16.10.0 255.255.255.0 (Netgear Switch) (Config class-map)#exit (Netgear Switch) (Config)#class-map match-all marketing_dept - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 176
direction. (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#service-policy in internet_access (Netgear Switch) (Interface 1/0/1)#exit (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface 1/0/2)#service-policy in internet_access (Netgear Switch) (Interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 177
ProSafe Managed Switch assign-queue attribute. It is presumed that the switch will forward this traffic to interface 1/0/5 based on a normal destination address lookup for Internet traffic. (Netgear Switch) (Config)#interface 1/0/5 (Netgear Switch) (Interface 1/0/5)#cos-queue min-bandwidth 0 25 25 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 178
d. Click the finance_dept to configure this class. ProSafe Managed Switch e. Under Diffserv Class Configuration, enter the following information: • In the Source IP Address field, enter 172.16.10.0. • In the Source Mask field, enter 255.255.255.0. f. Click Apply. 3. Create the class marketing_dept - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 179
ProSafe Managed Switch d. Click marketing_dept to configure this class. e. Under Diffserv Class Configuration, enter the following information: • In the Source IP Address field, enter 172.16.20.0. • In the Source Mask field, enter 255.255.255.0. f. Click Apply. 4. Create the class test_dept: a. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 180
d. Click test_dept to configure this class. ProSafe Managed Switch e. Under Diffserv Class Configuration, enter the following information: • In the Source IP Address field, enter 172.16.30.0. • In the Source Mask field, enter 255.255.255.0. f. Click Apply. 5. Create class development_dept. a. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 181
ProSafe Managed Switch d. Click development_dept to configure this class. e. Under Diffserv Class Configuration, enter the following information: • In the Source IP Address field, enter 172.16.40.0. • In the Source Mask field, enter 255.255.255.0. f. Click Apply. 6. Create a policy named - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 182
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. b. Under Policy Configuration, scroll down and select the internet_access check box. internet_access now - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 183
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. b. Under Policy Configuration, scroll down and select the internet_access check box. Now internet_access - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 184
ProSafe Managed Switch b. Click the internet_access check box for the member class finance_dept. A screen similar to the following displays. c. In the Assign Queue list, select 1. d. Click Apply. 11. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 185
ProSafe Managed Switch b. Click the internet_access check box for marketing_dept. A screen similar to the following displays. c. In the Assign Queue list, select 2. d. Click Apply. 12. Assign queue 3 to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 186
ProSafe Managed Switch b. Click the internet_access check mark for test_dept. A screen similar to the following displays. c. In the Assign Queue list, select 3. d. Click Apply. 13. Assign queue 4 to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 187
ProSafe Managed Switch b. Click the internet_access check mark for development_dept. A screen similar to the 1/0/1 through 1/0/4 in the inbound direction. a. Select QoS > DiffServ > Advanced > Service Configuration. A screen similar to the following displays. b. Scroll down and select the check - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 188
ProSafe Managed Switch a. Select QoS > CoS > Advanced > Interface Queue Configuration. A screen similar to the following displays. b. Scroll down and select the Interface 1/0/5 check box. Now 1/0/5 appears in the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 189
ProSafe Managed Switch a. Select QoS > CoS > Advanced > Interface Queue Configuration. A screen similar to the following displays. b. Under Interface Queue Configuration, scroll down and select the interface 1/0/5 check box. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 190
ProSafe Managed Switch DiffServ for VoIP One of the most valuable uses of DiffServ is to support Voice over IP (VoIP). VoIP traffic is inherently time sensitive: For a network to provide acceptable service, a guaranteed transmission rate is vital. This example shows one way to provide the necessary - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 191
map)#mark ip-dscp ef (Netgear Switch) (Config policy-class-map)#assign-queue 5 (Netgear Switch) (Config policy-class-map)#exit (Netgear Switch) (Config policy-map)#exit 5. Attach the defined policy to an inbound service interface. (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 192
ProSafe Managed Switch Web Interface: Diffserv for VoIP 1. Set queue 5 on all interfaces to use strict mode. a. Select QoS > CoS > Advanced > CoS Interface Configuration. A screen similar to the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 193
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > DiffServ Configuration. A screen similar to the following displays. b. In the Class Name field, enter class_voip. c. In the Class Type list, select - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 194
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > DiffServ Configuration. A screen similar to create a new class. e. Click class_ef. Another screen similar to the following displays: f. In the IP DSCP list, select ef. g. Click Apply to create a new class. 5. Create a policy pol_voip. and - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 195
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. f. In the Assign Queue list, select 5. g. For Policy Attribute, select the Mark IP DSCP radio button, and select ef. h. Click Apply to create a new policy. 6. Add class_ef - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 196
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. b. Under Policy Configuration, scroll down and select the pol_voip check box. Pol_voip now - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 197
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > Service Configuration. A screen similar to the following displays easy to set up VoIP for IP phones on a switch. This functionality copies VoIP signaling packets to the CPU to get the source and destination IP address and Layer 4 port of - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 198
ProSafe Managed Switch installed to assign the highest priority to VOIP data packets. As soon as the call ends, the filters are shows how to set up auto VoIP system-wide. 1. Enable auto VoIP on all the interfaces in the device. (Netgear Switch) (Config)# auto-voip all 198 | Chapter 12. DiffServ - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 199
ProSafe Managed Switch 2. View the auto VoIP information: (Netgear Switch) # show auto-voip interface all Interface --------1/0/1 1/0/2 1/0/3 1/0/4 1/0/5 1/0/6 1/0/7 1/0/8 1/0/9 1/0/10 1/0/11 1/0/12 1/0/13 1/0/14 1/0/15 1/0/16 1/0/17 1/0/18 1/0/19 1/0/20 Auto VoIP Mode Traffic Class Enabled - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 200
ProSafe Managed Switch Web Interface: Configure Auto-VoIP 1. Enable auto VoIP for all the interfaces in the device. a. Select QoS > DiffServ > Auto VoIP. A screen similar to the following - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 201
ProSafe Managed Switch DiffServ for IPv6 This feature extends the existing QoS ACL and DiffServ functionality by providing support for IPv6 over other IPv6 traffic. 1. Create the IPv6 class classicmpv6. (Netgear Switch) (Config)# class-map match-all classicmpv6 ipv6 Chapter 12. DiffServ | 201 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 202
and 1/0/3: (Netgear Switch) (Config)# interface 1/0/1 (Netgear Switch) (Interface 1/0/1)# service-policy in policyicmpv6 (Netgear Switch) (Interface 1/0/1)# exit (Netgear Switch) (Config)# interface 1/0/2 (Netgear Switch) (Interface 1/0/2)# service-policy in policyicmpv6 (Netgear Switch) (Interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 203
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > IPv6 Class Configuration. A screen similar to the following displays. b. In the Class Name field, enter classicmpv6. c. In the Class Type list, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 204
ProSafe Managed Switch b. Click the class classicmpv6. A screen similar to the following displays. c. Select the Protocol Type radio button, select Other, and enter 58. A screen similar to the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 205
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. b. In the Policy Name field, enter policyicmpv6. c. In the Policy Type list, select - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 206
ProSafe Managed Switch b. Click the policy policyicmpv6. A screen similar to the following displays. c. In the Assign Queue list, select 6. d. Click Apply. 5. Attach the policy policyicmpv6 to interfaces 1/0/1,1/0/2 and 1/0/3. 206 | Chapter 12. DiffServ - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 207
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > Service Interface Configuration. A screen similar to the following displays. b. In the Policy Name list, select policyicmpv6. c. Select the Interface 1/0/1, 1/0/2, and 1/0/3 check boxes. A screen similar to the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 208
service is enabled by default. (Netgear Switch) (Config)#class-map match-all class_vlan (Netgear Switch) (Config-classmap)#match vlan 5 (Netgear Switch) (Config-classmap)#exit (Netgear Switch) (Config)#class-map match-all class_color (Netgear Switch) (Config-classmap)#match ip precedence 7 (Netgear - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 209
(Config-policy-map)#exit 4. Apply this policy to port 1/0/13. (Netgear Switch) (Config)#interface 1/0/13 (Netgear Switch) (Interface 1/0/13)#service-policy in policy_vlan (Netgear Switch) (Interface 1/0/13)#exit (Netgear Switch) (Config)#exit Web Interface: Configure a Color Conform Policy 1. Create - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 210
ProSafe Managed Switch a. Select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following displays. b. In the VLAN ID list, select 5. c. Click Unit 1. The ports display. d. Click the gray boxes - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 211
ProSafe Managed Switch c. Click Add to create a new class class_vlan. d. Click class_vlan to configure this class. A screen similar to the following displays: e. Under Diffserv Class Configuration, in the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 212
the Class Name field, enter class_color. • In the Class Type list, select All. c. Click Add to create a new class class_color. ProSafe Managed Switch d. Click class_color to configure this class. A screen similar to the following displays: e. Under Diffserv Class Configuration, in the Precedence - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 213
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. b. In the Policy Name field, enter policy_vlan. c. In the Policy Type list, select - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 214
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > Policy Configuration. Click policy_vlan. A screen similar to the following displays. b. Select the Simple Policy radio button. c. In the Color Mode list, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 215
ProSafe Managed Switch a. Select QoS > DiffServ > Advanced > Service Interface Configuration. A screen similar to the following displays. b. Under Service Interface Configuration, scroll down and select the Interface 1/0/13 check box. c. In the Policy Name list, select policy_vlan. d. Click Apply to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 216
on page 217 • Show mac-address-table igmpsnooping on page 218 • External Multicast Router on page 219 • Multicast Router Using VLAN on page 220 • IGMP . (Netgear Switch) #config (Netgear Switch) (Config)#set igmp (Netgear Switch) (Config)# set igmp unknown-multicast filter (Netgear Switch) ( - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 217
ProSafe Managed Switch Web Interface: Enable IGMP Snooping 1. Configure IGMP snooping: a. Select Switching > Multicast > IGMP Snooping Configuration. A screen as a Web interface procedure. CLI: Show igmpsnooping (Netgear Switch) #show igmpsnooping Admin Mode Disable Unknown Multicast Filtering - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 218
is shown as CLI commands and as a Web interface procedure. CLI: Show mac-address-table igmpsnooping (Netgear Switch) #show mac-address-table igmpsnooping ? Press Enter to execute the command. (Netgear Switch) #show mac-address-table igmpsnooping 00:01:01:00:5E:00:01:16 00:01:01:00:5E - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 219
ProSafe Managed Switch Web Interface: Show mac-address-table igmpsnooping Select Switching > Multicast > IGMP Snooping Table. A screen similar to the following displays. External Multicast Router The example is shown as CLI commands and as a Web interface procedure. CLI: Configure the Switch with an - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 220
interface procedure. CLI: Configure the Switch with a Multicast Router Using VLAN This example configures the interface to forward only the snooped IGMP packets that come from VLAN ID () to the multicast router attached to this interface. (Netgear Switch)(Interface 1/0/3)# set igmp mrouter - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 221
VLAN Configuration. • In the VLAN ID field, enter 2. • In the Multicast Router field, select Enable. 4. Click Apply. IGMP Querier When the switch is used in network applications where video services such as IPTV, video streaming, and gaming are deployed, the video traffic is normally flooded to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 222
ProSafe Managed Switch respond. With the built-in IGMP querier feature inside the switch, service using the IGMP querier feature. Enable IGMP Querier The example is shown as CLI commands and as a Web interface procedure. CLI: Enable IGMP Querier Use the following CLI commands to set up the switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 223
ProSafe Managed Switch address in querier packets. See the Command Line Reference for more details about other IGMP querier command options. (Netgear switch) #vlan database (Netgear switch) (vlan)#set igmp 1 (Netgear switch) (vlan)#set igmp querier 1 (Netgear switch) (vlan)#exit (Netgear switch) # - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 224
ProSafe Managed Switch c. Click Add. 3. Enable the IGMP snooping querier globally. a. Select Switching > Multicast > IGMP Snooping > IGMP VLAN In the Querier IP Address field, enter 10.10.10.1. c. Click Apply. 4. Enable the IGMP snooping querier on VLAN 1. a. Select Switching > Multicast - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 225
querier status, use the following command. (Netgear Switch) #show igmpsnooping querier vlan 1 VLAN 1 : IGMP Snooping querier status IGMP Snooping Querier VLAN Mode Enable Querier Election Participate Mode Disable Querier VLAN Address 0.0.0.0 Operational State Disabled Operational version 2 The - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 226
(MVR) is intended to solve the problem of receivers in different VLANs. It uses a dedicated manually configured VLAN, called the multicast VLAN, protocols operate independently of each other. Both protocols can be enabled on the switch interfaces at the same time. In such a case, MVR listens to the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 227
ProSafe Managed Switch multicast streams for clients in different VLANs. A diagram of a network configured for MVR is shown in the following illustration. SP is the source port and RP is the receiver port. Multicast source IGMP (GSM7328Sv2) SP (VLAN999) SP (VLAN 999) MVR (GSM7212P) RP (VLAN 1001) - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 228
ProSafe Managed Switch CLI: Configure MVR in Compatible Mode 1. Create MVlan, VLAN1, VLAN2, and VLAN3. (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 999,1001, 1002, 1003 (Netgear Switch) (Vlan)#vlan name 999 mVlan (Netgear Switch) (Vlan)#vlan name 1001 Vlan1 (Netgear Switch) (Vlan)# - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 229
ProSafe Managed Switch Note: The receive port can participate in only one VLAN. (Netgear Switch) (Config)#interface 0/1 (Netgear Switch) (Interface 0/1)#vlan participation include 1001 (Netgear Switch) (Interface 0/1)#vlan pvid 1001 (Netgear Switch) (Interface 0/1)#vlan participation exclude 1 ( - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 230
ProSafe Managed Switch 5. Show mvr status. (Netgear Switch) #show mvr MVR Running TRUE MVR multicast VLAN 999 MVR Max Multicast Groups.......... 256 MVR Current multicast groups...... 1 MVR Global query response time.... 5 (tenths of sec) MVR Mode compatible (Netgear Switch) #show mvr - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 231
ProSafe Managed Switch 2. Add port 9 into MVLAN 999 with tagged mode. a. Select Switching > VLAN > Advanced > VLAN Membership. A , and add port 0/7 to VLAN3 1003. 3. Enable MVR and multicast VLAN a. Select Switching > MVR > Basic > MVR Configuration. A screen similar to the following displays: b. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 232
ProSafe Managed Switch 4. Add multicast group 224.1.2.3 to MVR. a. Select Switching > MVR > Basic > MVR Group Configuration. A screen similar to the following displays: b. In the the MVR Group IP field, enter 224.1.2.3. c. Click Add. 5. Configure a receiver on interface 0/1, 0/5, and 0/7. a. Select - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 233
ProSafe Managed Switch 6. Configure source interface. a. Select Switching > MVR > Basic > MVR Interface Configuration. A MVR Group Membership. a. Select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following displays: b. In the Group IP list, select 224.1.2.3. c. Click - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 234
hosts to the IGMP router on the Multicast VLAN (with appropriate translation of the VLAN ID). 1. Create MVLAN, VLAN1, VLAN2, and VLAN3. (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 999,1001, 1002, 1003 (Netgear Switch) (Vlan)#vlan name 999 mVlan (Netgear Switch) (Vlan)#vlan name 1001 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 235
ProSafe Managed Switch 5. Configure the receive ports. Note: A receive port can participate in only one VLAN. (Netgear Switch) (Config)#interface 0/1 (Netgear Switch) (Interface 0/1)#vlan participation include 1001 (Netgear Switch) (Interface 0/1)#vlan pvid 1001 (Netgear Switch) (Interface 0/1)#vlan - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 236
7. After port 0/1 receive IGMP report for Multicast Group 224.1.2.3, it will be added to the MVR Group 224.1.2.3. (Netgear Switch) #show mvr members MVR Group IP 224.1.2.3 Status ACTIVE Members 0/1(d) Web Interface: Configure MVR in Dynamic Mode 1. Create MVLAN 999, VLAN1 1001, VLAN2 1002 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 237
ProSafe Managed Switch f. Select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the VLAN2 1002, and add port 0/7 to VLAN3 1003. 2. Enable MVR and multicast VLAN. a. Select Switching > MVR > Basic > MVR Configuration. A screen similar to the following displays: b. From the MVR - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 238
ProSafe Managed Switch b. In the MVR Group IP field, enter 224.1.2.3. c. Click Add. 4. Configure a receiver on interface 0/1, 0/5 and 0/7. a. Select Switching > MVR > Basic > MVR Interface Configuration. A screen similar to the following displays: b. Under MVR Interface Configuration, scroll down - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 239
ProSafe Managed Switch b. Under MVR Interface Configuration, scroll down and select the Interface 0/9 an IGMP report for multicast group 224.1.2.3, it is added into MVR group 224.1.2.3. a. Select Switching > MVR > Advanced > MVR Group Membership. A screen similar to the following displays: Chapter - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 240
1/0/1 on page 241 • Convert the Dynamic Address Learned from 1/0/1 to a Static Address on page 243 • Create a Static Address on page 244 • Protected Ports on page page 279 • Maximum Rate of DHCP Messages on page 280 • IP Source Guard on page 282 Port Security Port Security helps secure the network - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 241
for a port. Dynamically locked addresses can be converted to statically locked addresses. Set the Dynamic and Static Limit on Port 1/0/1 The example is shown as CLI commands and as a Web interface procedure. CLI: Set the Dynamic and Static Limit on Port 1/0/1 (Netgear Switch) (Config)#port-security - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 242
ProSafe Managed Switch Web Interface: Set the Dynamic and Static Limit on Port 1/0/1 1. Select Security > Traffic Control > Port Security >Port Administrator. A screen similar to the following displays. b. Under - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 243
ProSafe Managed Switch Convert the Dynamic Address Learned from 1/0/1 to a Static Address The example is shown as CLI commands and as a Web interface procedure. CLI: Convert the Dynamic Address Learned from 1/0/1 to the Static Address (Netgear Switch)(Interface 1/0/1)#port-security mac-address move - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 244
ProSafe Managed Switch Create a Static Address The example is shown as CLI commands and as a Web interface procedure. CLI: Create a Static Address (Netgear Switch) (Interface 1/0/1)#port-security mac-address 00:13:00:01:02:03 Web Interface: Create a Static Address 1. Select Security > Traffic - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 245
1/0/24)#vlan pvid 192 (Netgear Switch) (Interface 1/0/24)#vlan participation include 192 (Netgear Switch) (Interface 1/0/24)#exit (Netgear Switch) (Interface-vlan 192)#interface vlan 192 (Netgear Switch) (Interface-vlan 192)#routing (Netgear Switch) (Interface-vlan 192)#ip address 192.168.1.254 255 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 246
a DHCP pool to allocated IP addresses to PCs. (Netgear Switch) (config)#service dhcp (Netgear Switch) (config)#ip dhcp pool pool-a (Netgear Switch) (Config-dhcp-pool)#dns-server 12.7.210.170 (Netgear Switch) (Config-dhcp-pool)#default-router 192.168.1.254 (Netgear Switch) (Config-dhcp-pool)#network - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 247
ProSafe Managed Switch Web Interface: Configure a Protected Port to Isolate Ports on the Switch 1. Create a DHCP pool: Note: This example assumes that the DHCP service is enabled. For information about how to enable the DHCP service, see the Web interface procedure in Configure a DHCP Server in - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 248
ProSafe Managed Switch • In the Network Number field, enter 192.168.1.0. • In the Network Mask field, enter 255.255.255.0. • In the Days field, enter 1. • Click Default Router Addresses. The DNS server address fields display. In the first Router Address 192. • In the IP Address field, enter 192.168 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 249
ProSafe Managed Switch a. Select Routing > VLAN > VLAN Routing Wizard. A screen similar to the following displays. b. Enter the following information: • In the Vlan ID field, enter 202. • In the IP Address field, enter 10.100.5.34. • In the Network Mask field, enter 255.255.255.0. c. Click Unit 1. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 250
ProSafe Managed Switch a. Select Routing > Routing Table > Basic > Route Configuration. A screen similar to the following displays. b. Under Configure Routes, in the Route Type list, select Default Route. c. In the Next Hop IP Address field, enter 10.100.5.252. d. Click Add to add the route that is - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 251
a user name list dot1xList. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#routing (Netgear Switch) (Interface 1/0/1)#ip address 192.168.1.1 255.255.255.0 (Netgear Switch) (Config)#dot1x system-auth-control - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 252
ProSafe Managed Switch 2. Use RADIUS to authenticate the dot1x users. (Netgear Switch) (Config)#aaa authentication dot1x default radius 3. Configure a RADIUS authentication server. (Netgear Switch) (Config)#radius server host auth 10.100.5.17 4. Configure the shared secret between the RADIUS client - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 253
ProSafe Managed Switch a. Select Routing > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply to save the settings. 2. Assign IP address 192.168.1.1/24 to the interface 1/0/1. a. Select Routing > Advanced > IP - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 254
ProSafe Managed Switch a. Select Routing > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the interface 1/0/19 check box. Now 1/0/19 appears in the Interface field at the top. c. Enter the following information: • In the IP Address field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 255
ProSafe Managed Switch a. Select Security > Port Authentication > Administrative Mode, select the Enable radio button. c. In the Login list, select dot1xList. d. Click Apply to save settings. to the following displays. b. In the Server Address field, enter 10.100.5.17. Chapter 15. Security Management | - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 256
ProSafe Managed Switch c. In the Secret Configured field, select Yes. d. In the Secret field, enter Radius Accounting Server Configuration. A screen similar to the following displays. b. In the Accounting Server Address field, enter 10.100.5.17. c. In the Accounting Mode field, select Enable. d. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 257
ProSafe Managed Switch Create a Guest VLAN The guest VLAN feature allows a switch to provide a distinguished service to dot1x unaware Guest 2 1/0/1 1/0/24 1/0/6 1/0/12 Switch Figure 28. Guest VLAN If a port is in port-based mode, and a client that does not support 802.1X is connected to an - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 258
ProSafe Managed Switch CLI: Create a Guest VLAN 1. Enter the following commands: (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 2000 (Netgear Switch) (Vlan)#exit (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#vlan participation include 2000 (Netgear Switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 259
ProSafe Managed Switch 4. Enable the guest VLAN on ports 1/0/1 and 1/0/24. (Netgear Switch) #show dot1x detail 1/0/1 Protocol 0 Session Timeout 0 Session Termination Action Default Web Interface: Create a Guest VLAN 1. Create VLAN 2000. a. Select Switching > VLAN > Basic > VLAN Configuration - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 260
ProSafe Managed Switch c. In the VLAN Type field, select Static. d. Click Add. 2. Add ports to VLAN 2000. a. Select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following displays. b. In the VLAN ID list, select 2000 . c. Click Unit 1. The ports display. d. Click the gray - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 261
ProSafe Managed Switch Make sure that 1/0/12 and 1/0/6 are configured as force authorized before you do this step; otherwise you cannot access the switch through the Web Interface. a. Select Security > Port Authentication > Basic > 802.1x Configuration. A screen similar to the following displays. b. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 262
ProSafe Managed Switch a. Select Security > Management Security > Radius > Server Configuration. A screen similar to the following displays. b. In the Radius Server IP Address field, enter 192.168.0.1. c. In the Secret Configured field, select Yes. d. In the Secret field, enter 12345. e. Click Add. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 263
ProSafe Managed Switch • After a port is in an authorized state, if any client initiates reset ip configuration. Are you sure you want to continue? (y/n) y (Netgear Switch) #network parms 192.168.0.5 255.255.255.0 (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 2000 (Netgear Switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 264
RADIUS as the authenticator. (Netgear Switch) (Config)#aaa authentication dot1x default radius 4. Enable the switch to accept VLAN assignment by the RADIUS server. (Netgear Switch) (Config)#authorization network radius 5. Set the RADIUS server IP address. (Netgear Switch) (Config)#radius server host - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 265
ProSafe Managed Switch 8. Show the dot1x detail for 1/0/5. (Netgear Switch) #show dot1x detail 1/0/5 Port 1/0/5 Protocol Version 1 PAE 0 Session Timeout 0 Session Termination Action Default Web Interface: Assign VLANS Using RADIUS 1. Assign the IP address for the Web Management Interface. a. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 266
ProSafe Managed Switch b. For Current Network Configuration Protocol, select the None radio button. c. In the IP Address field, enter 192.168.0.5. d. In the Subnet Mask field, enter 255.255.255.0. e. Click Apply. 2. Create VLAN 2000. a. Select Switching > VLAN > Basic > VLAN Configuration. A screen - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 267
ProSafe Managed Switch 4. Enable dot1x on the switch. Make sure that 1/0/12 and 1/0/6 are configured as force authorized before you do this step; otherwise, you cannot access the switch through the Web Management Interface. a. Select Security > Port Authentication > Basic > 802.1x Configuration. A - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 268
ProSafe Managed Switch a. Select Security > Management Security > Radius > Server Configuration. A screen similar to the following displays. b. In the Radius Server IP Address field, enter 192.168.0.1. c. In the Secret Configured field, select Yes. d. In the Secret field, enter 12345. e. Click Add. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 269
ARP inspection DHCP client IP address: 192.168.10.86 (obtained) HW address: 00:16:76:A7:88:CC CLI: Configure Dynamic ARP Inspection 1. Enable DHCP snooping globally. (Netgear Switch) (Config)# ip dhcp snooping 2. Enable DHCP snooping in a VLAN. (Netgear Switch) (Config)# ip dhcp snooping vlan - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 270
dhcp snooping binding Total number of bindings: 1 MAC Address 00:16:76:A7:88:CC IP Address 192.168.10.86 VLAN ---- 1 Interface Type 1/0/2 DYNAMIC Lease (Secs 86400 5. Enable ARP inspection in VLAN 1. (Netgear Switch) (Config)# ip arp inspection vlan 1 Now all ARP packets received on - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 271
ProSafe Managed Switch a. Select Security > Control > DHCP Snooping Global Configuration. A screen similar to the following displays. b. In the VLAN ID field, enter 1. c. In the the DHCP Snooping Mode - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 272
ProSafe Managed Switch d. Click Apply. A screen similar to the following displays. 4. View the DHCP Snooping Binding table. a. Select Security > Control > DHCP Snooping Binding Configuration. A screen similar to the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 273
ProSafe Managed Switch c. In the Dynamic ARP Inspection field, select Enable. A screen similar to the following displays. d. Click Apply. A screen similar to the following displays. Now all the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 274
ProSafe Managed Switch d. Click Apply. A screen similar to the following displays. Mapping 1. Create an ARP ACL. (Netgear Switch) (Config)# arp access-list ArpFilter 2. Configure the rule to allow the static client. (Netgear Switch) (Config-arp-access-list)# permit ip host 192.168.10.2 mac host 00 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 275
ProSafe Managed Switch Web Interface: Configure Static Mapping 1. Create an ARP ACL. a. Select Security > Configuration. b. In the ACL Name list, select ArpFilter. c. In the Source IP Address field, enter 192.168.10.2. d. In the Source MAC Address field, enter 00:11:85:EE:54:E9. e. Click Add. A - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 276
ProSafe Managed Switch c. Click Apply. A screen similar to the following displays. DHCP Snooping DHCP snooping is a security feature that monitors DHCP messages between a DHCP client and DHCP server to filter harmful DHCP message and to build a bindings database of (MAC address, IP address, VLAN ID - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 277
is reached as trusted. (Netgear Switch) (Config)# interface 1/0/1 (Netgear Switch) (Interface 1/0/1)# ip dhcp snooping trust 4. View the DHCP Snooping Binding table. (GSM7328S) #show ip dhcp snooping binding Total number of bindings: 1 MAC Address IP Address VLAN Interface Type Lease (Secs - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 278
ProSafe Managed Switch a. Select Security > Control > DHCP Snooping Global Configuration. A screen similar to the following displays. b. In the VLAN ID list, select 1. c. For DHCP Snooping Mode, select the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 279
ProSafe Managed Switch d. Click Apply. A screen similar to the following displays. 4. View the DHCP CLI: Enter Static Binding into the Binding Database 1. Enter the DHCP snooping static binding. (Netgear Switch) (Config)# ip dhcp snooping binding 00:11:11:11:11:11 vlan 1 192.168.10 .1 interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 280
ProSafe Managed Switch 2. Check to make sure the binding database has the static entry. (GSM7328S) #show ip dhcp snooping binding Total number of bindings: 2 MAC Address IP Address VLAN Interface Type Lease (Secs) 00:11:11:11:11:11 192.168.10.1 1 1/0/2 STATIC 00:16:76:A7:88:CC - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 281
ProSafe Managed Switch CLI: Configure the Maximum Rate of DHCP Messages 1. Control the maximum rate of DHCP messages. (Netgear Switch) (Interface 1/0/2)# ip dhcp snooping limit rate 5 2. View the rate configured. (GSM7328S) #show ip dhcp snooping interfaces 1/0/2 Interface ---------- Trust - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 282
ProSafe Managed Switch IP Source Guard IP Source Guard uses the DHCP snooping bindings database. When IP Source Guard is enabled, the switch drops incoming packets that do not match a binding in the bindings database. IP Source Guard can be configured to enforce just the source IP address or both - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 283
is reached as trusted. (Netgear Switch) (Config)# interface 1/0/1 (Netgear Switch) (Interface 1/0/1)# ip dhcp snooping trust 4. View the DHCP Snooping Binding table. (GSM7328S) #show ip dhcp snooping binding Total number of bindings: 1 MAC Address IP Address VLAN Interface Type Lease (Secs - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 284
ProSafe Managed Switch b. For DHCP Snooping Mode, select the Enable radio button. c. Click Apply. 2. Enable DHCP snooping in a VLAN. a. Select Security > Control > DHCP Snooping Global Configuration. A screen similar - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 285
ProSafe Managed Switch a. Select Security > Control > DHCP Snooping Interface Configuration. A screen similar to the screen similar to the following displays. 5. Enable IP source guard in the interface 1/0/2. a. Select Security > Control > IP Source Guard > Interface Configuration. b. Select the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 286
ProSafe Managed Switch d. Click Apply. A screen similar to the following displays. 6. Set up IP source guard static binding. a. Select Security > Control > IP Source Guard > Binding Configuration. b. Select the Interface 1/0/2 check box. c. In the MAC Address field, enter 00:05:05:05:05:05. d. In - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 287
. • It can be used in broadcast or unicast mode. • It supports SNTP client implemented over UDP, which listens on port 123. Show SNTP (CLI Only) The following are examples of the commands used in the SNTP feature. show sntp (Netgear Switch Routing) #show sntp? client server Press Enter to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 288
Routing) #show sntp client Client Supported Modes: SNTP Version: Port: Client Mode: Unicast Poll Interval: Poll Timeout (seconds): Poll Retry: unicast broadcast 4 123 unicast 6 5 1 show sntp server (Netgear Switch Routing) #show sntp server Server IP Address: Server Type: Server Stratum: Server - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 289
, use the ping command on the PC to find the server's IP address. The following example configures the SNTP server IP address to 208.14.208.19. (Netgear Switch) (Config)#sntp server 208.14.208.19 2. After configuring the IP address, enable SNTP client mode. The client mode can be either broadcast - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 290
ProSafe Managed Switch command to confirm that the time has been received. The time will be used in all logging messages. (Netgear Switch) #show sntp server Server IP Address: 208.14.208.19 Server Type: ipv4 Server Stratum: 4 Server Reference Id: NTP Srv: 208.14.208.3 Server Mode: Server - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 291
ProSafe Managed Switch • Iin the Server Type field, select IPV4 . • In the Address field, enter 208.14.208.19. • In the Port (UTC) by default. The following example shows how to set the time zone to Pacific Standard Time (PST), which is 8 hours behind GMT/UTC. (Netgear switch)(config)#clock timezone - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 292
ProSafe Managed Switch CLI: Set the Named SNTP Server NETGEAR provides SNTP servers accessible by NETGEAR devices. Because NETGEAR might change IP addresses assigned to its time servers, it is best to access an SNTP server by DNS name instead of using a hard-coded IP address. The public time servers - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 293
ProSafe Managed Switch a. Select System > Management > DNS > DNS Configuration. A screen similar to the following displays. b. Enter the following information: • For DNS Status, select the Enable radio button • In the DNS Server field, enter 192.168.1.1. c. Click Add. Chapter 16. SNTP | 293 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 294
on page 296 • Pre-Login Banner on page 299 • default UPD port is used 33343 unless you specify otherwise in the traceroute command. The following shows an example of using the traceroute command to determine how many hops there are to the destination. The command output shows each IP address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 295
ProSafe Managed Switch CLI: Traceroute (Netgear Switch) #traceroute? Enter IP address. (Netgear Switch) #traceroute 216.109.118.74 ? Press Enter to execute the command. Enter port no. (Netgear Switch) #traceroute 216.109.118.74 racing route over a maximum of 20 hops 1 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 296
the network on a hop-by-hop basis. Once you click the Apply button, the switch will send three traceroute packets each hop, and the results will be displayed in the result table. 2. In the IP Address field, enter 216.109.118.74. 3. Click Apply. Configuration Scripting This section provides the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 297
ProSafe Managed Switch Here are some considerations: • The total number of scripts stored is limited by .scr Size(Bytes) ----------93 3201 2 configuration script(s) found. 1020706 bytes free. (Netgear Switch) #script delete basic.scr Are you sure you want to delete the configuration script(s)? - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 298
ProSafe Managed Switch script apply running-config.scr (Netgear Switch) #script apply running-config.scr Are you sure you a Configuration Script (Netgear Switch) #copy nvram: script running-config.scr tftp://192.168.77.52/running-config.scr Mode Set TFTP Server IP........... TFTP Path TFTP - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 299
ProSafe Managed Switch Pre-Login Banner Pre-login banner: • Allows you to create message screens that display when a user logs in to the CLI. • By default, no banner file exists. • You can upload or download. • File size cannot be larger than 2 K. The Pre-Login Banner feature is only for the CLI - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 300
ProSafe Managed Switch Port Mirroring The port ,irroring feature: • Allows you to monitor network Netgear Switch)#config (Netgear Switch)(Config)#monitor session 1 mode Enable mirror (Netgear Switch)(Config)#monitor session 1 source interface 1/0/2 Specify the source interface. (Netgear Switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 301
ProSafe Managed Switch Web Interface: Specify the image. This feature provides for reduced down time for the switches, when the firmware is being upgraded or downgraded. The images are stored in in the stack must be uniform in their support for the dual Image feature. The Dual Image feature works in the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 302
ProSafe Managed Switch problem, by using appropriate stacking commands. CLI: Download a Backup Image and Make It Active (Netgear Switch) #copy tftp://192.168.0.1/gsm73xxseps.stk image2 Mode TFTP Set Server IP (Netgear Switch) # (Netgear Switch) #show bootvar Image Descriptions image1 : default image - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 303
ProSafe Managed Switch unit image1 image2 current-active next-active 1 5.11.2.51 8.0.0.2 image1 image1 (Netgear Switch) #boot system image2 Activating image image2 .. (Netgear Switch) #show bootvar Image Descriptions image1 : default image image2 : Images currently available - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 304
ProSafe Managed Switch a. Select Maintenance > File Management > Dual Image Configuration. A screen similar to the following displays. b. Under information about the characteristics of each other's terminals and terminal handling conventions. • Must use a valid IP address. 304 | Chapter 17. Tools - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 305
ProSafe Managed Switch CLI: show network (Netgear Switch Routing) >telnet 192.168.77.151 Trying 192.168.77.151... (Netgear Switch Routing) User:admin Password: (Netgear Switch Routing) >en Password: (Netgear Switch Routing) #show network IP Address 192.168.77.151 Subnet Mask 255.255.255.0 Default - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 306
to use to connect to a specific line of the router. Displays the protocols to use for outgoing connections from a line. (Netgear Switch Routing) (Line)#transport output ? telnet Allow or disallow new telnet sessions. (Netgear Switch Routing) (Line)#transport output telnet ? Press Enter to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 307
ProSafe Managed Switch 2. Under Outbound Telnet, for Admin Mode, select the Enable radio button. 3. Click Apply. CLI: Configure the session-limit and session-timeout (Netgear Switch Routing) (Line)#session-limit ? Configure the maximum number of outbound telnet sessions allowed. (Netgear - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 308
Email Alerting on page 316 The syslog feature: • Allows you to store system messages and errors. • Can store to local files on the switch or a remote server running a syslog daemon. • Provides a method of collecting message logs from many systems. The following illustration explains how to interpret - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 309
ProSafe Managed Switch Show Logging The example is shown as CLI commands and as a Web interface procedure. CLI: Show Logging (Netgear Switch Routing) #show logging Logging Client Local Port : CLI Command Logging : Console Logging : Console Logging Severity Filter : Buffered Logging : 514 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 310
a. Select Monitoring > Logs > Command Log. ProSafe Managed Switch b. Under Command Log, for Admin Status, select the Disable radio button. c. Click Apply. 3. Configure the console log. a. Select Monitoring > Logs > Console Log. b. Under Console Log - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 311
ProSafe Managed Switch a. Select Monitoring > Logs > Buffer Logs. A screen similar to the following displays. procedure. CLI: Show Logging Buffered (Netgear Switch Routing) #show logging buffered ? Press Enter to execute the command. (Netgear Switch Routing) #show logging buffered Buffered ( - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 312
Netgear Switch Routing) #show logging traplogs ? Press Enter to execute the command. (Netgear Switch Routing) #show logging traplogs Number of Traps Since Last Reset : 2 Cold Start: Unit: 0 Failed User Login: Unit: 1 User ID: admin Failed User Login: Unit: 1 User ID: \ Multiple Users: - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 313
and as a Web interface procedure. CLI: Show Logging Hosts (Netgear Switch Routing) #show logging hosts ? Press Enter to execute the command. (Netgear Switch Routing) #show logging hosts Index ----1 IP Address 192.168.21.253 Severity ---------critical Port ---514 Status Active - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 314
. CLI Command Logging Configuration. Console Logging Configuration. Enter IP Address for Logging Host Syslog Configuration. (Netgear Switch Routing) (Config)#logging host ? Enter Logging Host IP Address reconfigure Logging Host Reconfiguration remove Logging Host Removal - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 315
host 192.168.21.253 4 1 ? Press Enter to execute the command. (Netgear Switch Routing) (Config)#logging host 192.168.21.253 4 1 (Netgear Switch Routing) #show logging hosts Index ----1 IP Address 192.168.21.253 Severity ---------alert Port ---4 Status Active Web Interface: Configure - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 316
ProSafe Managed Switch . These levels are global and apply to all destination email addresses. Log messages in the urgent group are sent immediately to group, or the never group for emailing. Traps are not emailed by default. For traps to be emailed, the network administrator has to either increase - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 317
and to-addr is the destination address of email. (Netgear Switch) (Config)#logging email (Netgear Switch) (Config)#logging email from-addr [email protected] (Netgear Switch) (Config)#logging email message-type urgent to-addr [email protected] (Netgear Switch) (Config)#logging email message-type non - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 318
. To access the stack master, use either a serial connection to the switch master's console port, or a Telnet connection to the IP address of the stack. You can use these methods to manage switch stacks: • Web Management Interface. • CLI (over a serial connection). • A network management application - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 319
all stack members. • Interface-level features for all interfaces on any stack member. A switch stack is identified in the network by its network IP address. The network IP address is assigned according to the MAC address of the stack master. Every stack member is uniquely identified by its own stack - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 320
stack member uses. You can display the stack member number by using the show switch user EXEC command. A new, out-of-the-box switch (one that has not joined a switch stack or has not been manually assigned a stack member number) ships with a default stack member number of 1. When it 320 | Chapter 19 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 321
such as the GSM7200PS and GSM7300S series have a Hardware Installation Guide that includes additional information about rack mounting and stack cabling. Compatible Switch Models NETGEAR stackable managed switches include the following models: • FSM7226RS • FSM7250RS • FSM7328S • FSM7328PS • FSM7352S - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 322
is highly recommended that a redundant link be installed. 3. Identify the switch to be the master. Power up this switch first. 4. Monitor the console port. Allow this switch to come up to the login prompt. If the switch has the default configuration, it should come up as unit #1, and automatically - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 323
switch firmware version don't come up and the show switch command shows a code mismatch error. 1. NETGEAR recommends that you schedule the firmware reset all the switches so that the new firmware starts running. Migrate Configuration with a Firmware factory defaults) Chapter 19. Switch Stacks | 323 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 324
ProSafe Managed Switch 4. Continue with the boot of operational code. 5. Once the stack is up, download the saved configuration back to the master. This configuration should then be automatically propagated to all members of the stack. Copy Master Firmware to a Stack Member (Web Interface) 1. Select - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 325
ProSafe Managed Switch CLI: Configure a Stacking Port as an Ethernet Port 1. On Switch A, Configure the Stack Port and Reboot (Netgear Switch) #show stack-port Configured Running Link Stack Stack Link Speed Unit Intf SlotId Type XFP Adapter Mode Mode Status (Gb/s) ----- 2 0/27 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 326
ProSafe Managed Switch After Switch B reboots: (Netgear Switch) #show port 2/0/28 Admin Physical Mode list, select Ethernet. d. Click Apply to save the settings. 2. Reboot the switch. a. Select Maintenance > Reset > Device Reboot. A screen similar to the following displays. b. In the Reboot Unit - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 327
ProSafe Managed Switch a. Select System > Stacking > Advanced > Stack Port Configuration. A screen Mode list, select Ethernet. d. Click Apply to save the settings. 4. Reboot the switch. a. Select Maintenance > Reset > Device Reboot. A screen similar to the following displays. b. In the Reboot Unit - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 328
ProSafe Managed Switch CLI: Stack Switches Using 10G Fiber 1. On Switch A, show the port information. (Netgear Switch) #show stack-port Configured Stack Unit Intf SlotId Type XFP Adapter Mode 1 0/51 None Ethernet 1 0/52 AX741 Stack Running Stack Mode -------Ethernet Stack Link - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 329
ProSafe Managed Switch On Switch A, you see the following: (Netgear Switch) #show switch Management SW Switch 1 Mgmt Sw 2 Stack Mbr Standby Status -------- Oper Stby Preconfig Model ID ----------GSM7352Sv2 GSM7328Sv2 Plugged-in Model ID ----------GSM7352Sv2 GSM7328Sv2 Switch Status -------- - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 330
ProSafe Managed Switch a. Select Maintenance > Reset > Device Reboot. A screen similar to the following displays. b. In the Reboot Unit No. list, select 2. c. Click Apply. Add, Remove, or Replace a Stack Member Add Switches to an Operating Stack 1. Make sure the redundant stack connection is in - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 331
the firmware as described in Upgrade the Firmware on page 323. Remove a Switch switch from the stack configuration, issue the command: no member . If the switch stack divides, and you want the switch stacks to remain separate, change the IP address or addresses of the newly created switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 332
version of the newly added member is not the same as the existing stack, update the code as described in Upgrade the Firmware on page 323. Switch Stack Configuration Files The configuration files record settings for all global and interface-specific settings that define the operation of the stack - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 333
ProSafe Managed Switch Table 1. Switch Stack Master Scenarios (Continued) Scenario Action Result Stack master election specifically determined by the MAC address. Assuming that both stack members have the same priority value and firmware image, restart both stack members at the same time. The - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 334
switch. The switch stack applies the default configuration to the preconfigured switch NETGEAR recommends that you wait until the command has fully executed before issuing the next command. For example, if a reset is issued to a stack member, use the show port command to verify that the switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 335
ProSafe Managed Switch • If you need to reassign multiple existing stack unit numbers, the configuration could become mismatched. To avoid this situation, NETGEAR recommends that you power down all switches except the master, and then add them back one at a time using the procedure in Section Add - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 336
ProSafe Managed Switch to the new master. Use the show switch command to verify that all units rejoined the stack. 3. NETGEAR recommends that you rest the stack with the lose the connection to the switch because the IP address could change if the switch gets its IP address using DHCP. 336 | Chapter 19 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 337
Counters with sFlow on page 345 Add a New Community The example is shown as CLI commands and as a Web interface procedure. CLI: Add a New Community (Netgear switch) #config (Netgear switch) (Config)#snmp-server community rw public@4 Chapter 20. SNMP | 337 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 338
ProSafe Managed Switch Web Interface: Add a New Community 1. Select System > SNMP > SNMP V1/V2 > Community Configuration. A screen similar to the following displays. 2. In the Community Name field, enter public@4. 3. In the Client Address field, enter 0.0.0.0. 4. In the Client IP Mask field, enter - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 339
Managed Switch Web Interface: Enable SNMP Trap 1. Enable SNMP trap for the server 10.100.5.17. a. Select System > SNMP > SNMP V1/V2 > Trap Configuration. A screen similar to the following displays. b. In the Community Name field, enter public. c. In the Version list, select SNMPv1. d. In the Address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 340
ProSafe Managed Switch CLI: Configure SNMP V3 (Netgear Switch) #config (Netgear Switch) (Config)#users passwd admin Enter old password: Enter new password:12345678 Confirm new password:12345678 Password Changed! change the password to "12345678" (Netgear Switch) (Config)#users snmpv3 authentication - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 341
ProSafe Managed Switch a. Select System > Management > User Configuration. A screen similar to the following displays. b. resources. The sFlow monitoring system consists of an sFlow agent (embedded in a switch or router or in a standalone probe) and a central sFlow collector. The sFlow agent uses - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 342
IP address: 192.168.10.2 Figure 38. sFlow Switch/Router CLI: Configure Statistical Packet-Based Sampling of Packet Flows with sFlow 1. Configure the sFlow receiver (sFlow collector) IP address. In this example, sFlow samples will be sent to the destination address 192.168.10.2. (Netgear Switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 343
ProSafe Managed Switch 3. Here the default maxiumum satagram size is 1400. It can be modified to a value between 200 and 9116 using the command sflow receiver 1 maxdatagram . (GSM7328S) #show sflow receivers Receiver Owner Time out Max Datagram Port IP Address Index String Size 1 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 344
ProSafe Managed Switch e. In the Receiver Address field, enter 192.168.10.2. A screen similar to the following displays. f. Click Apply. A screen similar to the following displays. 2. Configure the sampling ports sFlow receiver - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 345
ProSafe Managed Switch Time-Based Sampling of Counters with sFlow CLI: Configure Time-Based Sampling of Counters with sFlow 1. Configure the sampling port sFlow receiver index, and polling interval. You need to repeat this for all the ports to be polled. (Netgear Switch) (Config)# interface 1/0/1 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 346
an IP address using the DNS server. The example is shown as CLI commands and as a Web interface procedure. CLI: Specify Two DNS Servers (Netgear Switch)#config (Netgear Switch) (Config)#ip name-server 12.7.210.170 219.141.140.10 (Netgear Switch) (Config)#ip domain-lookup (Netgear Switch) (Config - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 347
ProSafe Managed Switch Web Interface: Specify Two DNS Servers 1. Select System > Manually Add a Host Name and an IP Address (Netgear Switch)#config (Netgear Switch) (Config)#ip host www.netgear.com 206.82.202.46 (Netgear Switch) (Config)#ip domain-lookup (Netgear Switch) (Config)#ping www.netgear - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 348
ProSafe Managed Switch Web Interface: Manually Add a Host Name and an IP Address 1. Select System > Management > DNS > Host Configuration. A screen similar to the following displays. 2. Under DNS Host Configuration, enter the following information: • In the Host Name field, enter www.netgear.com. • - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 349
(Netgear Switch) (Interface 1/0/1)#exit (Netgear Switch) (Config)#interface vlan 200 (Netgear Switch) (Interface-vlan 200)#routing (Netgear Switch) (Interface-vlan 200)#ip address 192.168.100.1 255.255.255.0 (Netgear Switch) #config (Netgear Switch) (Config)#service dhcp (Netgear Switch) (Config)#ip - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 350
ProSafe Managed Switch Note: If there is no DHCP L3 relay between client PC and DHCP server, there must be an active route whose subnet is the same as the DHCP dynamic pool's subnet. Web Interface: Configure a DHCP Server in Dynamic Mode 1. Create VLAN 200. a. Select Switching > VLAN > Basic > VLAN - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 351
ProSafe Managed Switch d. Click the gray boxes under ports 1 and 24 until U displays. The U specifies that the egress packet is untagged for the port. e. Click Apply. 3. Assign PVID to the VLAN 200. a. Select Switching DHCP pool. a. Select System > Services > DHCP Server > DHCP Server Configuration - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 352
ProSafe Managed Switch d. Select System > Services > DHCP Server > DHCP Pool Configuration. A screen similar to The following example shows how to create a DHCP server with an IP address pool that is makes fixed IP to MAC address assignments. The example is shown as CLI commands and as a Web - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 353
ProSafe Managed Switch CLI: Configure a DHCP Reservation (Netgear Switch)#config (Netgear Switch) (Config)#service dhcp (Netgear Switch) (Config)#ip dhcp pool pool_manual (Netgear Switch) (Config)#client-name dhcpclient (Netgear Switch) (Config)#hardware-address 00:01:02:03:04:05 (Netgear Switch) ( - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 354
ProSafe Managed Switch 4. Select System > Services > DHCP Server > DHCP Pool Configuration. A screen similar field, enter pool_manual. • In the Type of Binding list, select Manual. • In the Client Name field, enter dhcpclient. • In the Hardware Address field, enter 00:01:02:03:04:05. • In the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 355
information such as domain name or DNS server. Although DHCPv6 supports stateful address allocation, prefix delegation and stateless services, only prefix delegation mode and stateless service are supported on managed switches. This chapter shows how to configure prefix delegation mode using - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 356
ProSafe Managed Switch In the following case, the CPE router requests prefix from the PE router. The PE router chooses prefix (2001:1::/64) for delegation, and responds with the prefix to the requesting CPE router. The CPE router subnets the prefix and assigns the longer prefixes to links in the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 357
ProSafe Managed Switch CLI: Configure DHCPv6 1. Enable IPv6 routing. (Netgear Switch) #configure (NETGEAR SWITCH) (Config)#ip routing (NETGEAR SWITCH) (Config)#ipv6 unicast routing 2. Create a DHCPv6 pool and enable DHCP service. (NETGEAR SWITCH) (Config)#service dhcpv6 (NETGEAR SWITCH) ( - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 358
ProSafe Managed Switch Web Interface: Configure an Inter-area Router 1. Enable IP routing globally a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following c. Click Apply to apply the setting. 3. Enable IPv6 address on interface 1/0/9. 358 | Chapter 23. DHCPv6 Server - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 359
ProSafe Managed Switch a. Select Routing > IPv6 > Advanced > Interface Configuration. A screen similar to the following displays. b. Scroll down and select the interface 1/0/9 check box. Now 1/0/9 appears in the Interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 360
ProSafe Managed Switch a. Select System > Services > DHCPv6 Server > DHCPv6 Server Configuration. A screen similar to the following displays. b. For Admin Mode, Select the Enable radio button. c. Click Apply to apply the setting. 6. Create a DHCPv6 pool named pool1. a. Select System > Services > - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 361
ProSafe Managed Switch c. Enter 2001:1:: in the Prefix field. d. in the Prefix Length field, enter 64. e. In the Prefix field, enter 00:01:00:01:15:40:14:4f:00:00:00:4d:aa:d0. f. Click Apply to apply the setting. 8. Configure DHCPv6 on interface 1/0/9. a. Select System > Services > DHCPv6 Server > - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 362
ProSafe Managed Switch a. Select System > Services > DHCPv6 Server address using DHCPv6 server. 1. Enable ipv6 routing. (Netgear Switch) (Config)#ipv6 unicast-routing 2. Create an IPv6 pool with DNS server and enable dhcpv6 service. (Netgear Switch) (Config)#ipv6 dhcp pool ipv6_server (Netgear Switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 363
host cannot update the DNS with it. (Netgear Switch) (Config)#interface 2/0/21 (Netgear Switch) (Interface 2/0/21)#routing (Netgear Switch) (Interface 2/0/21)#ipv6 address 2003:1000::1/64 (Netgear Switch) (Interface 2/0/21)#ipv6 enable (Netgear Switch) (Interface 2/0/21)#ipv6 nd other-config-flag - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 364
ProSafe Managed Switch f. Click Apply to save the settings. 3. Configure IPv6 address on the interface 2/0/21. a. Select Routing > IPv6 EUI64 field, select Disable. f. Click Add. 4. Enable DHCPv6 service. a. Select System > Services > DHCPv6 Server > DHCPv6 Server Configuration. A screen similar to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 365
ProSafe Managed Switch 5. Create DHCPv6 pool. a. Select System > Services > DHCP Server > DHCPv6 Pool Configuration. A screen similar to the following displays: b. From the Pool Name drop-down list, select Create. c. In the Pool Name field, enter ipv6_server. d. In the DNS Server Addresses fields, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 366
. You can use VLANs to specify customer ports and a service provider port. In this example, the switches have the same configuration. Internet Port 1/0/48 Port 1/0/48 Layer 2 switch Port 1/0/24 Port 1/0/24 Layer 2 switch Customer domain Figure 40. Double VLANS Customer domain Chapter 24 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 367
ProSafe Managed Switch The following example shows how to configure the NETGEAR switch shown in the preceding figure to add a double VLAN tag for traffic going from the subnet domain connected to port 1/0/24. This example assumes there is a Layer 2 switch connecting all these devices in your domain. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 368
ProSafe Managed Switch a. Select Switching > VLAN > Basic > VLAN Configuration. A screen similar to the field, select Static. c. Click Add. 2. Add ports 24 and 48 to VLAN 200. a. Select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following displays. b. Under VLAN Membership - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 369
ProSafe Managed Switch • Click the gray box under port 48 once until T displays. The T specifies that the egress packet is tagged for the port. d. Click Apply to save the settings. 3. Change the port VLAN ID (PVID) of port 24 to 200: a. Select Switching provider service port: a. Select Switching > - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 370
ProSafe Managed Switch b. Scroll down and select the Interface 1/0/48 check box. Now 1/0/48 port in the group cannot forward its egress traffic to any other members in the same group. the default mode is community, in which each member port can forward traffic to other members in the same group - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 371
ProSafe Managed Switch CLI: Create a Private VLAN Group 1. Enter the following commands. (Netgear Switch) # (Netgear Switch) #vlan data (Netgear Switch) (Vlan)#vlan 200 (Netgear Switch) (Vlan)#exit (Netgear Switch) #config (Netgear Switch) (Config)#interface 1/0/6 (Netgear Switch) (Interface 1/0/6)# - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 372
ProSafe Managed Switch 5. Add 1/0/16 and 1/0/7 to the private group 1. (Netgear Switch) (Config)#interface range 1/0/16-1/0/17 (Netgear Switch) (conf-if-range-1/0/16-1/0/17)#switchport private-group 2 6. Add 1/0/16 and 1/0/7 to the private group 2. (Netgear Switch) (conf-if-range-1/0/16-1/0/17)#exit - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 373
ProSafe Managed Switch b. Under VLAN Membership, in the VLAN ID list, select 200. c. Click Unit 1. The e. Click Apply. 3. Specify the PVID on ports 1/0/6, 1/0/7, 1/0/16, and 1/0/17. a. Select Switching > VLAN > Advanced > Port PVID Configuration. A screen similar to the following displays. b. Under - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 374
ProSafe Managed Switch e. Click Add. 5. Add port 6 and 7 to group1. a. Select Security > Traffic Control > Private Group VLAN >Private Group Membership. A screen similar to the following displays. b. In the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 375
ProSafe Managed Switch a. Select Security > Traffic Control > Private Group VLAN > Private Group VLAN > Private Group Membership. A screen similar to the following displays. b. In the Group ID list, select 2. c. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 376
Tree instances required to support a large number of VLANs. Configure Classic STP (802.1d) The example is shown as CLI commands and as a Web interface procedure. CLI: Configure Classic STP (802.1d) (Netgear Switch) (Config)# spanning-tree (Netgear Switch) (Config)# spanning-tree forceversion - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 377
ProSafe Managed Switch Web Interface: Configure Classic STP (802.1d) 1. Enable 802.1d on the switch. a. Select Switching > STP > STP Configuration. A screen similar to the following displays. b. Enter the following information: • For Spanning Tree Admin Mode, select the Enable radio button. • For - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 378
ProSafe Managed Switch Configure Rapid STP (802.1w) The example is shown as CLI commands and as a Web interface procedure. CLI: Configure Rapid STP (802.1w) (Netgear switch) (Config)# spanning-tree (Netgear switch) (Config)# spanning-tree forceversion 802.1w (Netgear switch) (Interface 1/0/3)# - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 379
ProSafe Managed Switch a. Select Switching Netgear switch) (Config)# spanning-tree (Netgear switch) (Config)# spanning-tree forceversion 802.1s (Netgear switch) (Config)# spanning-tree mst instance 1 Create a mst instance 1 (Netgear switch) (Config)# spanning-tree mst priority 1 4096 (Netgear switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 380
ProSafe Managed Switch Web Interface: Configure Multiple STP (802.1s) 1. Enable 802.1s on the switch. a. Select Switching > STP > STP Configuration. A screen similar to the following displays. b. Enter the following information: • For Spanning Tree Admin Mode, select the Enable radio button. • For - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 381
ProSafe Managed Switch • In the VLAN Id field, enter 2. • Click Add. • In the VLAN Id field, . • In the VLAN Id field, enter 12. • Click Apply. 3. Configure the MST port. a. Select Switching > STP > MST Port Status. A screen similar to the following displays. 4. Under MST Port Configuration, scroll - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 382
IP protocol number set to 41. The 6to4 tunnel IPv6 prefix is constructed by prepending 2002 (hex) to the global IPv4 address. For example, if the IPv4 address destination address is derived from the 6to4 IPv6 address of the tunnel's nexthop. It supports the functionality of a 6to4 border router that - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 383
Switch GSM7328S_1 (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#ipv6 forwarding (Netgear Switch) (Config)#ipv6 unicast-routing (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#routing (Netgear Switch) (Interface 1/0/1)#ip address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 384
00 ms (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#ipv6 forwarding (Netgear Switch) (Config)#ipv6 unicast-routing (Netgear Switch) (Config)#interface 1/0/13 (Netgear Switch) (Interface 1/0/13)#routing (Netgear Switch) (Interface 1/0/13)#ip address 192.168 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 385
the switch. a. Select Routing > IPv6 > Basic> Global Configuration. A screen similar to the following displays. b. For IPv6 Unicast Routing, select the Enable radio button. c. For IPv6 Forwarding, select the Enable radio button. d. Click Apply. 3. Create a routing interface and assign an IP address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 386
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Under IP Interface Configuration, scroll down and select the Port 1/0/1 check box. Now 1/0/1 appears in the Interface field at the top. • In the IP Address field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 387
ProSafe Managed Switch a. Select Routing > IPv6 > Advanced > Prefix Configuration. A screen similar to field, select Disable. f. Click Add. Configure Switch GSM7328S_2 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 388
Switch a. Select Routing > IPv6 > Basic > Global Configuration. A screen similar to the following displays. b. For IPv6 Unicast Routing, select the Enable radio button. c. For IPv6 Forwarding, select the Enable radio button. d. Click Apply. 3. Create a routing interface and assign an IP address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 389
ProSafe Managed Switch a. Select Routing > IPv6 > Advanced > Tunnel Configuration. A screen similar to the following displays. b. In the Tunnel Id list, select 0. c. In the Mode list, select 6-in-4-configured. d. In the Source Address field, enter 192.168.1.2. e. In the Destination Address field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 390
is shown as CLI commands and as a Web interface procedure. CLI: Create an IPv6 Routing Interface 1. Enable IPV6 forwarding and unicast routing on the switch. (Netgear Switch) (Config)#ipv6 forwarding (Netgear Switch) (Config)#ipv6 unicast-routing Chapter 27. IPv6 Interface Configuration | 390 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 391
ProSafe Managed Switch 2. Assign an IPv6 address to interface 1/0/1. (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#ipv6 enable (Netgear Switch) (Interface 1/0/1)#ipv6 address 2000::2/64 (Netgear Switch) (Interface 1/0/1)#routing (Netgear Switch) (Interface 1/0/1)#exit - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 392
ProSafe Managed Switch Web Interface: Create an IPv6 Routing Interface 1. Enable IPv6 forwarding and unicast routing on the switch. a. Select Routing > IPv6 > Basic > Global Apply to save the settings. 3. Assign an IPv6 address to the routing interface. 392 | Chapter 27. IPv6 Interface Configuration - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 393
ProSafe Managed Switch a. Select Routing > IPv6 > Advanced > Prefix Configuration. A screen similar to the following displays traffic is switched or routed. To access the switch over an IPv6 network you must first configure it with IPv6 information (IPv6 prefix, prefix length, and default gateway). - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 394
(Netgear Switch) #network ipv6 gateway 2001:1::2 (Netgear Switch) #show network Interface Status Always Up IP Address 0.0.0.0 Subnet Mask 0.0.0.0 Default Gateway 0.0.0.0 IPv6 Administrative Mode Enabled IPv6 Prefix is FE80::2FF:F9FF:FE70:485/64 IPv6 Prefix is 2001:1::1/64 IPv6 Default Router - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 395
ProSafe Managed Switch 2. Add an IPv6 gateway to the network interface. a. Netgear Switch) (Vlan)#vlan 500 (Netgear Switch) (Vlan)#vlan routing 500 (Netgear Switch) (Vlan)#exit 2. Add interface 1/0/1 to VLAN 500. (Netgear Switch) #config (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 396
ProSafe Managed Switch 3. Assign IPv6 address 2000::1/64 to VLAN 500 and enable IPv6 routing. (Netgear Switch) (Config)#interface vlan 0/4/1 (Netgear Switch) (Interface 0/4/1)#routing (Netgear Switch) (Interface 0/4/1)#ipv6 enable (Netgear Switch) (Interface 0/4/1)#ipv6 address 2000::1/64 (Netgear - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 397
ProSafe Managed Switch Web Interface: Create an IPv6 VLAN Routing Interface 1. Create VLAN 500. a. Select Switching > VLAN > Basic > field, select Static. d. Click Add. 2. Add ports to VLAN 500. a. Select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following displays. b. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 398
ProSafe Managed Switch a. Select Switching > VLAN > Advanced > Port PVID Configuration. A screen similar to the d. Click Apply to save the settings. 4. Enable IPv6 forwarding and unicast routing on the switch. a. Select Routing > IPv6 > Basic > Global Configuration. A screen similar to the following - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 399
ProSafe Managed Switch a. Select Routing > IPv6 > Advanced > Interface Configuration. A screen similar to the following Configuration, in the IPv6 Mode field, select Enable. e. Click Apply. 6. Assign an IPv6 address to the routing VLAN. a. Select Routing > IPv6 > Advanced > Prefix Configuration. A - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 400
interface supports DHCPv6 mode, which can get the IPv6 address from a DHCPv6 server (address allocation). Note: Before you enable DHCPv6 mode, you have to disable IPv6 unitcast mode globally. CLI: Configure DHCPv6 mode on routing interface 1. Enable IPv6 unicast globally. (Netgear Switch) (Config - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 401
ProSafe Managed Switch 3. Show the ipv6 address assigned from 1/0/23. (Netgear Switch) #show ipv6 interface 1/0/23 IPv6 is enabled IPv6 Prefix is FE80::E291:F5FF:FE06:2BF6/128 2000::1D5C:7CFE:828F:8144/128 [DHCP] Routing Mode - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 402
ProSafe Managed Switch a. Select Routing > IPv6 > Advanced > Interface Configuration. A screen similar to Client Mode field, select Enable. d. Click Apply to apply the settings. 3. Show the ipv6 address assigned from 1/0/23. a. Select Routing > IPv6 > Advanced > Prefix Configuration. A screen similar - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 403
are used to deliver multicast packets from one source to multiple receivers. They facilitate better bandwidth utilization, and use less host and router processing, making them ideal for usage in applications such as video and audio conferencing, whiteboard tools, stock distribution tickers, and so - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 404
IP 192.168.1.1 ProSafe Managed Switch Switch A Port 1/0/13 Port 1/0/1 Port 1/0/9 Port 1/0/10 Subnet 192.168.3.0/24 Port 1/0/11 Switch B Switch downstream routers and hosts want to receive a multicast datagram. PIM-DM initially floods multicast traffic throughout the network. Routers that - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 405
on the switch. (Netgear Switch) (Config)#ip multicast 4. Enable RIP to build the unicast IP routing table. (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#routing (Netgear Switch) (Interface 1/0/1)#ip address 192.168.2.2 (Netgear Switch) (Interface 1/0/1)#ip rip 255 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 406
ProSafe Managed Switch 5. Enable PIM-DM on the interface. (Netgear Switch) (Interface 1/0/1)#ip pim dense (Netgear Switch) (Interface 1/0/1)#exit (Netgear Switch) (Config)#interface 1/0/9 (Netgear Switch) (Interface 1/0/9)#routing (Netgear Switch) (Interface 1/0/9)#ip address 192.168.3.1 (Netgear - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 407
DM on Switch C (Netgear Switch) #configure (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#ip pim dense (Netgear Switch) (Config)#ip multicast (Netgear Switch) (Config)#interface 1/0/21 (Netgear Switch) (Interface 1/0/21)#routing (Netgear Switch) (Interface 1/0/21)#ip address 192.168 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 408
. (Netgear Switch) (Config)#interface 1/0/24 (Netgear Switch) (Interface 1/0/24)#routing (Netgear Switch) (Interface 1/0/24)#ip pim dense (Netgear Switch) (Interface 1/0/24)#ip igmp (Netgear Switch) (Interface 1/0/24)#ip rip (Netgear Switch) (Interface 1/0/24)#ip address 192.168.4.1 (Netgear Switch - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 409
DM PIM-DM on Switch A 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Configure 1/0/1 as a routing port and assign an IP address to it. a. Select - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 410
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Port 1/0/9 check box. Now 1/0/9 appears in the Port field at the top. c. Enter the following information : • In the IP Address field, enter - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 411
ProSafe Managed Switch • In the Routing Mode field, select Enable. d. Click Apply to save the settings. 5. Enable RIP on the interface 1/0/1. a. Select Routing > RIP > Advanced > Interface Configuration. A screen - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 412
ProSafe Managed Switch a. Select Routing > RIP > Advanced > Interface Configuration. A screen similar to the following displays. b. In the Interface list, select 1/0/13 . c. For RIP Admin Mode, select the Enable - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 413
ProSafe Managed Switch b. For PIM Protocol Type, select the PIM-DM radio button. c. For Admin Mode, select the Enable radio button. d. Click Apply. 10. Enable PIM-DM on - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 414
Managed Switch PIM-DM on Switch B: 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Configure 1/0/10 as a routing port and assign an IP address to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 415
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Under IP in the Port field at the top. c. Enter the following information: • In the IP Address field, enter 192.168.5.1. • In the Subnet Mask field, enter 255.255.255 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 416
ProSafe Managed Switch a. Select Routing > RIP > Advanced > Interface Configuration. A screen similar to the following displays. b. In the Interface list, select 1/0/11. c. For RIP Admin Mode, select the Enable - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 417
ProSafe Managed Switch b. For Switch C 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Configure 1/0/21 as a routing port and assign an IP address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 418
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down select the Port 1/0/21 check box. Now 1/0/21 appears in the Interface field at the top. c. Enter the following information: • In the IP Address field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 419
ProSafe Managed Switch a. Select Routing > RIP > Advanced > Interface Configuration. A screen similar to the following displays. b. In the Interface list, select 1/0/21. c. For RIP Admin Mode, select the Enable - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 420
ProSafe Managed Switch a. Select Routing > Multicast > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. 7. Enable PIM-DM globally. a. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 421
ProSafe Managed Switch a. Switch D: 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Configure 1/0/21 as a routing port and assign an IP address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 422
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Port 1/0/21 check box. Now 1/0/21 appears in the Port field at the top. c. Enter the following information in the IP the IP Address field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 423
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down tand select the Port 1/0/24 check box. Now 1/0/24 appears in the Interface field at the top. c. Enter the following information: • In the IP Address field - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 424
ProSafe Managed Switch a. Select Routing > RIP > Advanced > Interface Configuration. A screen similar to the following displays. b. In the Interface list, select 1/0/22. c. For RIP Admin Mode, select the Enable - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 425
ProSafe Managed Switch a. Select Routing > Multicast > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. 9. Enable PIM-DM globally. a. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 426
ProSafe Managed Switch a. Select Routing > Multicast > PIM > Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Interface 1/0/21, 1/0/22, and 1/0/24 check boxes. c. In - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 427
ProSafe Managed Switch b. Scroll down and select the interface 1/0/24 check box. c. In the Port 1/0/22 Subnet 192.168.6.0/24 Port 1/0/21 Switch C Subnet 192.168.4.0/24 Host IP 192.168.4.2 Figure 44. PIM-SM PIM-SM uses shared trees by default and implements source-based trees for efficiency; it - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 428
on the switch. (Netgear Switch) (Config)#ip multicast 4. Enable RIP to build a unicast IP routing table. (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#routing (Netgear Switch) (Interface 1/0/1)#ip address 192.168.2.2 (Netgear Switch) (Interface 1/0/1)#ip rip 255 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 429
ProSafe Managed Switch (Netgear Switch) (Interface 1/0/1)#ip pim sparse (Netgear Switch) (Interface 1/0/1)#exit (Netgear Switch) (Config)#interface 1/0/9 (Netgear Switch) (Interface 1/0/9)#routing (Netgear Switch) (Interface 1/0/9)#ip address 192.168.3.1 (Netgear Switch) (Interface 1/0/9)#ip rip ( - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 430
1/0/22)#ip address 192.168.6.1 255.255.255.0 (Netgear Switch) (Interface 1/0/22)#ip rip (Netgear Switch) (Interface 1/0/22)#ip pim sparse (Netgear Switch) (Interface 1/0/22)#exit PIM-SM on Switch D (Netgear Switch)#configure (Netgear Switch) (Config)#ip multicast (Netgear Switch) (Config)#ip routing - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 431
ProSafe Managed Switch (Netgear Switch) (Config)#interface 1/0/24 (Netgear Switch) (Interface 1/0/24)#routing (Netgear Switch) (Interface 1/0/24)#ip address 192.168.4.1 (Netgear Switch) (Interface 1/0/24)#ip rip (Netgear Switch) (Interface 1/0/24)#ip igmp (Netgear Switch) (Interface 1/0/24)#ip pim - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 432
SM PIM-SM on Switch A 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Configure 1/0/1 as a routing port and assign an IP address to it. a. Select - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 433
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the interface 1/0/9 check box. Now 1/0/9 appears in the Interface field at the top. c. Enter the following information: • In the IP Address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 434
ProSafe Managed Switch • In the Subnet Mask field, enter 255.255.255.0. • In the Routing Mode field, select Enable. d. Click Apply to save the settings. 5. Enable RIP on - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 435
ProSafe Managed Switch a. Select Routing > RIP > Advanced > Interface Configuration. A screen similar to the following displays. b. Select 1/0/13 in the Interface field. c. For RIP Admin Mode, select the Enable - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 436
ProSafe Managed Switch b. For PIM Protocol Type, select the PIM-SM radio button. c. For Enable. d. Click Apply to save the settings. PIM-SM on Switch B: 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 437
ProSafe Managed Switch 2. Configure 1/0/10 as a routing port and assign an IP address to it. a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the interface 1/0/10 check box. Now 1/0/10 appears in the Interface field - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 438
ProSafe Managed Switch a. Select Routing > RIP > Advanced > Interface Configuration. A screen similar to the following displays. b. In the Interface field, select 1/0/10. c. For RIP Admin Mode, select the Enable - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 439
ProSafe Managed Switch a. Select Routing > Multicast > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. 7. Enable PIM-SM globally. a. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 440
ProSafe Managed Switch a. Select Routing > Multicast > PIM > Interface Configuration. A screen similar to the screen similar to the following displays. b. In the Interface list, select 1/0/11. c. In the Group IP field, enter 225.1.1.1. d. In the Group Mask field, enter 255.255.255.0. e. Click Add. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 441
. PIM-SM on Switch C: 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Configure 1/0/21 as a routing port and assign an IP address to it. Chapter - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 442
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Port 1/0/21 check box. Now 1/0/21 appears in the Interface field at the top. c. Enter the following information: • In the IP address, enter - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 443
ProSafe Managed Switch a. Select Routing > RIP > Advanced > Interface Configuration. A screen similar to the following displays. b. In the Interface field, select 1/0/21. c. For RIP Admin Mode, select the Enable - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 444
ProSafe Managed Switch a. Select Routing > Multicast > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. 7. Enable PIM-SM globally. a. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 445
ProSafe Managed Switch a. Select Routing > Multicast > PIM > Interface Configuration. A screen similar to the screen similar to the following displays. b. In the Interface list, welect 1/0/22. c. In the Group IP field, enter 225.1.1.1. d. In the Group Mask field, enter 255.255.255.0. e. Click Add. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 446
Apply. PIM-SM on Switch D 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Configure 1/0/21 as a routing port and assign an IP address to it. 446 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 447
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Interface 1/0/21 check box. Now 1/0/21 appears in the Interface field at the top. c. Enter the following information: • In the IP Address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 448
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Interface 1/0/24 check box. Now 1/0/24 appears in the Interface field at the top. c. Enter the following information: • In the IP Address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 449
ProSafe Managed Switch a. Select Routing > RIP > Advanced > Interface Configuration. A screen similar to the following displays. b. In the Interface list, select 1/0/22. c. For RIP Admin Mode, select the Enable - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 450
ProSafe Managed Switch a. Select Routing > Multicast > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. 9. Enable PIM-SM globally. a. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 451
ProSafe Managed Switch a. Select Routing > Multicast > PIM > Interface Configuration. A screen similar to the similar to the following displays. b. In the Interface list, select 1/0/22. c. In the Group IP field, enter 225.1.1.1. d. In the Group Mask field, enter 255.255.255.0. e. Click Add. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 452
ProSafe Managed Switch a. Select Routing > Multicast > PIM > BSR Candidate Configuration. A screen similar to the following displays. b. In the Interface list, select 1/0/22. c. In the Hash Mask Length field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 453
ProSafe Managed Switch a. Select Routing > Multicast > IGMP > Interface Configuration. A screen similar to the following displays. b. Under IGMP Routing Interface Configuration, scroll down and select the Interface 1/0/24 check - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 454
a DHCP L3 Switch on page 465 DHCP L2 Relay DHCP relay agents eliminate the need to have a DHCP server on each physical network. Relay agents populate the giaddr field and also append the Relay Agent Information option to the DHCP messages. DHCP servers use this option for IP addresses and other - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 455
ProSafe Managed Switch These Layer 2 devices typically operate only as bridges for the network and might not have an IPv4 address on the network. Lacking a valid IPv4 source address, they cannot relay packets directly to a DHCP server located on another network. These Layer 2 devices append the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 456
ProSafe Managed Switch 6. Enable DHCP L2 relay on port 1/0/5. (Netgear Switch) (Config)#interface 1/0/5 (Netgear Switch) (Interface 1/0/5)# dhcp l2relay (Netgear Switch) (Interface 1/0/5)# vlan pvid 200 (Netgear Switch) (Interface 1/0/5)# vlan participation include 200 (Netgear Switch) (Interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 457
ProSafe Managed Switch a. Select Switching > VLAN > Advanced > VLAN Membership. A screen similar to the following displays e. Click Apply. 3. Specify the PVID on ports 1/0/4, 1/0/5 and 1/0/6. a. Select Switching > VLAN > Advanced > Port PVID Configuration. A screen similar to the following displays. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 458
ProSafe Managed Switch a. Select System > Services > DHCP L2 Relay > DHCP L2 Relay Configuration. A screen the settings. 5. Enable DHCP L2 Relay on interfaces 1/0/4,1/0/5, and 1/0/6. a. Select System > Services > DHCP L2 Relay > DHCP L2 Relay Interface Configuration. A screen similar to the following - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 459
ProSafe Managed Switch a. Select System > Services > DHCP L2 Relay > DHCP L2 Relay Interface Configuration. A screen similar to the following displays. b. Under DHCP L2 Relay Configuration, scroll down and select the Interface 1/0/6 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 460
ProSafe Managed Switch DHCP L3 Relay This case has two steps, DHCP server configuration and DHCP L3 relay configuration. This example shows how to configure a DHCP L3 relay on a NETGEAR switch and how to configure DHCP pool to assign IP addresses to DHCP clients using DHCP L3 relay. DHCP server - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 461
-dhcp-pool)#exit (Netgear Switch) (Config)#ip dhcp pool dhcp_server_second (Netgear Switch) (Config-dhcp-pool)#network 10.200.2.0 255.255.255.0 (Netgear Switch) (Config-dhcp-pool)#exit (Netgear Switch) (Config)#service dhcp (Netgear Switch) (Config)#exit 4. Exclude the IP address 10.200.1.1 and - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 462
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the 1/0/3 check box. c. In the IP Address field, enter 10.100.1.1. d. In the Subnet Mask field, enter 255.255.255.0. e. In the Routing Mode - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 463
ProSafe Managed Switch a. Select System > Services > DHCP Server > DHCP Server Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. In the IP Range From field, enter 10.200.1.1. d. In the IP Range To field, enter 10.200.1.1. e. Click Add. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 464
ProSafe Managed Switch a. Select System > Services > DHCP Server > DHCP Pool Configuration. A screen similar to the following displays. b. Under DHCP Pool Configuration, enter the following information: • In the Pool Name list, select - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 465
. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)# 2. Create a routing interface and enable RIP on it. (Netgear Switch) (Config)# (Netgear Switch) (Config)#interface 1/0/4 (Netgear Switch) (Interface 1/0/4)#routing (Netgear Switch) (Interface 1/0/4)#ip address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 466
ProSafe Managed Switch 3. Create a routing interface connecting to the client. (Netgear Switch) (Config)# (Netgear Switch) (Config)#interface 1/0/16 (Netgear Switch) (Interface 1/0/16)#routing (Netgear Switch) (Interface 1/0/16)#ip address 10.200.2.1 255.255.255.0 (Netgear Switch) (Interface 1/0/16 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 467
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Port 1/0/4 check box. c. In the IP Address field, enter 10.100.1.2. d. In the Subnet Mask field, enter 255.255.255.0. e. In the Routing - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 468
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Under IP Interface Configuration, scroll down and select the Port 1/0/15 check box. c. In the IP Address Configuration Method field, enter Manual. d. In the IP - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 469
ProSafe Managed Switch a. Select Routing > RIP > Advanced > Route Redistribution. A screen similar to the settings. 8. Configure the DHCP server IP address. a. Select System > Services > UDP Relay. A screen similar to the following displays. b. In the Server Address field, enter 10.100.1.1. c. In the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 470
the active multicast routing protocol that makes decisions on the flow of multicast data packets. Periodically, the multicast router sends general queries requesting multicast address listener information from systems on an attached networks. These queries are used to build and refresh the multicast - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 471
13 Port 1/0/1 2001:1::/64 Switch B Port 1/0/21 Port 1/0/24 2001:3::/64 Host Figure 47. Configure MLD CLI: Configure MLD MLD on Switch A (Netgear Switch) #configure (Netgear Switch) (Config)#ipv6 router ospf (Netgear Switch) (Config-rtr)#router-id 1.1.1.1 (Netgear Switch) (Config)#exit Chapter - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 472
ProSafe Managed Switch (Netgear Switch) (Config)#ipv6 unicast-routing (Netgear Switch) (Config)#ipv6 pim dense (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#ip multicast (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#routing (Netgear Switch) (Interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 473
(Netgear Switch) (Interface 1/0/21)#exit (Netgear Switch) (Config)#interface 1/0/24 (Netgear Switch) (Interface 1/0/24)#routing (Netgear Switch) (Interface 1/0/24)#ipv6 address 2001:3::1/64 (Netgear Switch) (Interface 1/0/24)#ipv6 enable (Netgear Switch) (Interface 1/0/24)#ipv6 mld router (Netgear - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 474
ProSafe Managed Switch a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Enable IPv6 unicast routing on the switch. a. Select Routing > IPv6 > Basic > Global Configuration. A screen - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 475
ProSafe Managed Switch b. Scroll down and select the Interface 1/0/1 and 1/0/13 check boxes. c. the Admin Mode field, select Enable. d. Click Apply to save the settings. 4. Assign an IPv6 address to 1/0/1. a. Select Routing > IPv6 > Advanced > Prefix Configuration. A screen similar to the following - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 476
ProSafe Managed Switch a. Select Routing > IPv6 > Advanced > Prefix Configuration. A screen similar to the > OSPFv3 > Basic > OSPFv3 Configuration. A screen similar to the following displays. b. In the Router ID field, enter 1.1.1.1. c. For Admin Mode, select the Enable radio button. d. Click Apply. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 477
ProSafe Managed Switch a. Select Routing > OSPFv3 > Advanced > Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Interface 1/0/1 and 1/0/13 check boxes. c. In the Admin - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 478
ProSafe Managed Switch a. Select Routing > IPv6 Multicast > IPv6 PIM > Global Configuration. A screen similar to the following displays. b. For . c. In the Admin Mode field, select Enable. d. Click Apply to save the settings. MLD on Switch B 1. Enable IP routing on the switch. 478 | Chapter 30. MLD - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 479
ProSafe Managed Switch a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Enable IPv6 unicast routing on the switch. a. Select Routing > IPv6 > Basic > Global Configuration. A screen - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 480
ProSafe Managed Switch b. Scroll down and select the Interface 1/0/21 and 1/0/24 check boxes. the Admin Mode field, select Enable. d. Click Apply to save the settings. 4. Assign an IPv6 address to 1/0/21. a. Select Routing > IPv6 > Advanced > Prefix Configuration. A screen similar to the following - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 481
ProSafe Managed Switch a. Select Routing > IPv6 > Advanced > Prefix Configuration. A screen similar to > OSPFv3 > Basic > OSPFv3 Configuration. A screen similar to the following displays. b. In the Router ID field, enter 2.2.2.2. c. For Admin Mode, select the Enable radio button. d. Click Apply. - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 482
ProSafe Managed Switch a. Select Routing > OSPFv3 > Advanced > Interface Configuration. A screen similar to the following displays. b. Under OSPFv3 Interface Configuration, scroll down and select the Interface 1/0/21 and 1/0/24 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 483
ProSafe Managed Switch a. Select Routing > IPv6 Multicast > IPv6PIM > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the In the Admin Mode field, select Enable. d. Click Apply to save the settings. 11. Enable MLD on the switch. Chapter 30. MLD | 483 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 484
ProSafe Managed Switch a. Select Routing > IPv6 Multicast > MLD > Global Configuration. A screen similar to the interfaces so that multicast traffic is forwarded to only those interfaces associated with IP multicast address. In IPv6, MLD snooping performs a similar function. With MLD snooping, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 485
MAC addresses. The switch can be configured to perform MLD snooping and IGMP snooping simultaneously. CLI: Configure MLD Snooping 1. Enter the following commands. (Netgear Switch) #vlan da (Netgear Switch) (Vlan)#vlan 300 (Netgear Switch) (Vlan)#exit (Netgear Switch) #config (Netgear Switch) (Config - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 486
ProSafe Managed Switch Web Interface: Configure MLD Snooping 1. Create VLAN 300. a. Select Switching > VLAN > Basic > VLAN Configuration. A screen similar to the following displays. b. In the VLAN ID field, enter 300. c. Click Add. 2. Assign all of the ports to VLAN 300. a. Select Switching > VLAN > - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 487
ProSafe Managed Switch a. Select Switching > VLAN > Advanced > Port PVID Configuration. A screen similar to the field, enter 300. d. Click Apply to save the settings. 4. Enable MLD snooping on the switch. a. Select Routing > Multicast > MLD Snooping > Configuration. A screen similar to the following - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 488
b. Enter the following information: • In the VLAN ID field, enter 300. • In the Admin Mode field, select Enable. 6. Click Add. ProSafe Managed Switch 488 | Chapter 30. MLD - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 489
over IP networks without routing protocols to support multicast. router. • The branch that transmitted a prune message is deleted from the delivery tree. • The delivery tree, which is spanning to all the members in the multicast group, is constructed. In this example, DVMRP is running on switches - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 490
21. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#routing (Netgear Switch) (Interface 1/0/1)#ip address 192.168.1.1 255.255.255.0 (Netgear Switch) (Interface 1/0/1)#exit (Netgear Switch) (Config)#interface - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 491
(Netgear Switch) (Interface 1/0/13)#ip dvmrp (Netgear Switch) (Interface 1/0/13)#exit (Netgear Switch) (Config)#interface 1/0/21 (Netgear Switch) (Interface 1/0/21)#ip dvmrp (Netgear Switch) (Interface 1/0/21)#exit (Netgear Switch) #show ip dvmrp neighbor Interface 1/0/13 Neighbor IP Address 192 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 492
and 1/0/20. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#interface 1/0/13 (Netgear Switch) (Interface 1/0/13)#routing (Netgear Switch) (Interface 1/0/13)#ip address 192.168.2.2 255.255.255.0 (Netgear Switch) (Interface 1/0/13)#exit (Netgear Switch) (Config - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 493
ProSafe Managed Switch (Netgear Switch) #show ip dvmrp neighbor Interface 1/0/13 Neighbor IP Address 192.168.2.1 State Active Up Time (hh:mm:ss 00:02:26 Expiry Time (hh:mm:ss 00:00:20 Generation ID 88091 Major Version 3 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 494
ProSafe Managed Switch DVRMP on Switch C: 1. Create routing interfaceS 1/0/11, 1/0/3, and 1/0/24. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#ip interface 1/0/11 (Netgear Switch) (Interface 1/0/11)#ip routing (Netgear Switch) (Interface 1/0/11)#ip address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 495
ProSafe Managed Switch 6. Enable IGMP mode on the interface 1/0/24. (Netgear Switch) (Config)#interface 1/0/24 (Netgear Switch) (Interface 1/0/24)#ip igmp (Netgear Switch) (Interface 1/0/24)#exit (Netgear Switch) #show ip dvmrp neighbor Interface 1/0/11 Neighbor IP Address 192.168.3.2 State - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 496
Switch A 1. Enable IP routing on the switch. a. Select Routing > IP > Basic >IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Configure 1/0/1 as a routing port and assign an IP address to it. a. Select Routing > IP - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 497
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Port 1/0/13 check box. Now 1/0/13 appears in the Port field at the top. c. Enter the following information: • In the IP Address field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 498
ProSafe Managed Switch a. Select Routing > Multicast > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. 6. Enable DVMRP on the switch. a. Select Routing > Multicast > DVMRP > Global Configuration. A screen similar to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 499
ProSafe Managed Switch a. Switch B 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Configure 1/0/13 as a routing port and assign and IP address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 500
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Port 1/0/13 check box. Now 1/0/13 appears in the Port field at the top. c. Enter the following information in the IP the IP Address field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 501
ProSafe Managed Switch a. Select Routing > Multicast > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. 5. Enable DVMRP on the switch. a. Select Routing > Multicast > DVMRP> Global Configuration. A screen similar to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 502
ProSafe Managed Switch a. Switch C 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Configure 1/0/11 as a routing port and assign an IP address - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 503
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Port 1/0/11 check box. Now 1/0/11 appears in the Port field at the top. c. Enter the following information: • In the IP Address field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 504
ProSafe Managed Switch a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down and select the Port 1/0/24 check box. Now 1/0/24 appears in the Port field at the top. c. Enter the following information: • In the IP Address field, - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 505
ProSafe Managed Switch a. Select Routing > Multicast > DVMRP > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the c. Select Enable in the Interface Mode field. d. Click Apply to save the settings. 8. Enable IGMP on the switch. Chapter 31. DVMRP | 505 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 506
ProSafe Managed Switch a. Select Routing > Multicast > IGMP > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. 9. Enable IGMP on - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 507
authorized captive portal users before access is granted. The authentication server supports both HTTP and HTTPS Web connections. In addition, you can , DNS and NETBIOS packets. The switch forwards these packets so that unauthenticated clients can get an IP address and resolve the hostname or domain - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 508
ProSafe Managed Switch You can enable captive portal on all the physical ports on the switch. It is not supported switch, but instead asks the switch whether switch so that the client can authenticate with the switch through the switch. Captive a physical port on the switch. Software release 8.0 and - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 509
ProSafe Managed Switch 2. Enable captive portal instance 1. (Netgear Switch) (Config-CP)#configuration 1 (Netgear Switch) (Config-CP 1)#enable 3. Enable captive portal instance 1 on port 1/0/1. (Netgear Switch) (Config-CP 1)#interface 1/0/1 Web Interface: Enable Captive Portal 1. Enable captive - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 510
ProSafe Managed Switch a. Select Security > Control > Captive Portal > CP Configuration. A screen similar to the following displays. b. Scroll down and select the CP 1 check box. Now CP 1 appears in - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 511
ProSafe Managed Switch captive portal instance is a temporary command executed by the administrator and not saved in the configuration. Block a Captive Portal Instance CLI: Block a Captive Portal Instance (Netgear Switch created by default with the group name Default to which all new users are - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 512
ProSafe Managed Switch CLI: Create Users and Groups 1. Create a group whose group ID is 2. (Netgear Switch) #config (Netgear Switch) (config)#captive-portal (Netgear Switch)(Config-CP)# user group 2 2. Create a user whose name is user1. (Netgear Switch) (Config-CP)#user 2 name user1 3. Configure the - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 513
ProSafe Managed Switch c. Click Add. 2. Create a user. a. Select Security > Control > Captive Portal > CP User Configuration. A screen similar to the following displays. b. Enter the following information: • In the User - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 514
ProSafe Managed Switch are used to configure captive portal. VSAs are denoted in the ID column portal. Integer Optional Default None None 0 0 0 0 CLI: Configure RADIUS as the Verification Mode (Netgear Switch) (Config-CP 1)#radius-auth-server Default-RADIUS-Server (Netgear Switch) (Config-CP - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 515
ProSafe Managed Switch Web Interface: Configure RADIUS as the Verification Mode 1. Select Security > Control > field, select RADIUS. • In the Radius Auth Server field, enter the RADIUS server name Default-RADIUS-Server. 4. Click Apply. SSL Certificates A captive portal instance can be configured to - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 516
pre-login 299 C captive portal 507 configuration 508 classic STP (802.1d) 376 code mismatch (stacked switches) IP address 347 documentation 8 dual image 301 DVMRP 489, 490, 496 E Ethernet configuration for stacking ports 324 F firmware upgrading stacked switches 323, 324 firmware for stacked switches - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 517
ProSafe Managed Switch IGMP querier 221, 222 enable 222, 223 status 225 IGMP snooping 217, 222 217 external multicast router 219, 220 multicast router using VLAN 220, 221 show igmpsnooping 217 show ignpsnooping 218 show mac-address-table 218 show mac-address-table igmpsnooping 218, 219 IGMPv3 216 - Netgear GSM7212P | GSM5212P/GSM7212P/GSM7212F/GSM7224P Administration Manual - Page 518
show SNTP (CLI only) 287 show switch 322 show telnet 305 SNMP 337 SNMP ProSafe Managed Switch upgrading firmware 323 Syslog show logging 309 show logging buffered 311 syslog 308 T technical support 14 creating two VLANs 10 default 15 guest VLANs 257, 258, 259 IP subnet based 21 IP subnet-based 21, 22
350 East Plumeria Drive
San Jose, CA 95134
USA
October 2011
202-10515-06
ProSafe Managed Switch
Software Administration Manual
9.0.2 for
GSM5212P
GSM7212F
GSM7212P
GSM7224P