Netgear XCM89UP Software Administration Manual Software Version 11.x
Netgear XCM89UP Manual
![]() |
View all Netgear XCM89UP manuals
Add to My Manuals
Save this manual to your list of manuals |
Netgear XCM89UP manual content summary:
- Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 1
Software Administration Manual M5300, M6100, and M7100 Series ProSAFE Managed Switches Software Administration Manual Software Version 11.0.0 August 2020 202-11527-03 NETGEAR, Inc. 350 East Plumeria Drive San Jose, CA 95134, USA - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 2
01 Publication Date August 2020 October 2015 March 2015 Comments Correction on Chapter 30, STP: M5300 supports 4 PVSTP or PVRSTP instances. Made minor changes to the following chapters: • Chapter 4, MLAGs Made changes and minor additions to various commands. 2 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 3
23, Chassis Switch Management. Updated most of the rest of the manual. September 2013 Added the following chapters: • Chapter 4, MLAGs • Chapter a new format. June 2010 Moved some content to the Software Setup Guide. Software release 8.0.2: new firmware with DHCP L3 Relay, color conform policy - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 4
Table of Contents Chapter 1 Documentation Resources Chapter 2 VLANs VLAN Concepts 21 Create Two VLANs 22 CLI: Create Two VLANs 22 Web Interface: Create Two VLANs 22 Assign Ports to VLAN 2 23 CLI: Assign Ports to VLAN 2 23 Web Interface: Assign Ports to VLAN 2 24 Create Three VLANs 25 CLI: - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 5
Configure the DCPDP on the MLAG Interfaces 97 Web Interface: Configure the DCPDP on MLAG Interfaces 98 Troubleshoot the MLAG Configuration 100 The Creation of an MLAG Fails 100 Traffic Through an MLAG Is Not Configuration 105 Enable Routing for the Switch 106 5 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 6
129 Web Interface: Configure VLAN Routing with RIP Support 131 Chapter 8 OSPF Open Shortest Path First Concepts 135 Inter-area Router 135 CLI: Configure an Inter-area Router 136 Web Interface: Configure an Inter-area Router 138 OSPF on a Border Router 142 6 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 7
IPv6 BGP on Switch A 198 Configure IPv6 BGP on Switch B 198 Chapter 10 PBR Policy-Based Routing Concept 201 Route-Map Statements 201 7 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 8
ACL Mirroring 255 Web Interface: Configure ACL Mirroring 257 ACL Redirect 260 CLI: Redirect a Traffic Stream 261 Web Interface: Redirect a Traffic Stream 262 8 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 9
traffic-shape 283 Web Interface: Configure Traffic Shaping 283 Chapter 15 DiffServ Differentiated Services Concepts 285 DiffServ 286 CLI: Configure DiffServ 286 Web Interface: Configure DiffServ 289 Based Auto VoIP 312 Example 3: Create an Auto VoIP VLAN 314 9 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 10
MVR in Dynamic Mode 354 Chapter 18 Security Management Port Security Concepts 359 Set the Dynamic and Static Limit on Port 1/0/1 360 10 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 11
Interface: Configure Dynamic ARP Inspection 409 Authorization 412 Command Authorization 412 CLI: Configure Command Authorization by a TACACS+ Server . . . . 413 Exec Authorization 413 11 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 12
453 Configuration Scripting 453 script Command 455 script list Command and script delete Command 455 script apply running-config.scr Command 455 12 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 13
[email protected] 483 Chapter 23 Chassis Switch Management Chassis Switch Management and Connectivity 485 Supervisor and Chassis Members 485 Supervisor 485 13 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 14
Interface: Renumber Stack Members 513 Move the Stack Master to a Different Unit 514 CLI: Move the Stack Master to a Different Unit 514 14 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 15
Servers 527 CLI: Specify Two DNS Servers 527 Web Interface: Specify Two DNS Servers 527 Manually Add a Host Name and an IP Address 528 CLI: Manually Add a Host Name and an IP Address 529 Web Interface: Manually Add a Host Name and an IP Address. . . . . 529 Chapter 27 DHCP Server Dynamic Host - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 16
an IPv6 Routing VLAN 609 Web Interface: Create an IPv6 VLAN Routing Interface 611 Configure DHCPv6 Mode on the Routing Interface 613 16 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 17
Instance 724 CLI: Block a Captive Portal Instance 724 Web Interface: Block a Captive Portal Instance 725 Local Authorization, Create Users and Groups 725 17 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 18
Configuration File 738 CLI: Erase the Old Factory Default Configuration File 739 Chapter 40 NETGEAR SFP Connect with NETGEAR SFP AGM731F 741 18 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 19
Switch Hardware Installation Guide • Managed Switch Software Setup Manual • ProSAFE Managed Switch Command Line Interface (CLI) User Manual • ProSAFE Managed Switch Web Management User Manual Note: For more information about the topics covered in this manual, visit the support website at http - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 20
2 2VLANs Virtual LANs This chapter includes the following sections: • VLAN Concepts • Create Two VLANs • Assign Ports to VLAN 2 • Create Three VLANs • Assign Ports to VLAN 3 • Assign VLAN 3 as the Default VLAN for Port 1/0/2 • Create a MAC-Based VLAN • Create a Protocol-Based VLAN • Virtual VLANs: - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 21
its default VLAN ID. A given port can handle traffic for more than one VLAN, but it can support only one default VLAN ID. The Private Edge VLAN feature lets you set protection between ports located on Switch with 4 ports configured for traffic from 2 VLANs VLANs 21 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 22
the VLAN ID field, enter 2. • In the VLAN Name field, enter VLAN2. • In the VLAN Type list, select Static. c. Click Add. VLANs 22 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 23
) (conf-if-range-1/0/1-1/0/2)#vlan pvid 2 (Netgear Switch) (conf-if-range-1/0/1-1/0/2)#exit (Netgear Switch) (Config)#vlan port tagging all 2 (Netgear Switch) (Config)# VLANs 23 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 24
down and select the check box for Interface 1/0/1. Then scroll down and select the Interface 1/0/2 check box. c. Enter the following information: VLANs 24 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 25
the following displays. b. Enter the following information: • In the VLAN ID field, enter 100. • In the VLAN Name field, enter VLAN100. VLANs 25 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 26
the following displays. b. Enter the following information: • In the VLAN ID field, enter 102. • In the VLAN Name field, enter VLAN102. VLANs 26 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 27
display. d. Click the gray boxes under ports 2, 3, and 4 until T displays. The T specifies that the egress packet is tagged for the ports. VLANs 27 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 28
Port 1/0/2 (Netgear Switch) #config (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface 1/0/2)#vlan pvid 3 (Netgear Switch) (Interface 1/0/2)#exit (Netgear Switch) (Config)#exit VLANs 28 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 29
is dropped. This implies that you can configure a MAC address mapping to a VLAN that has not been created on the system. VLANs 29 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 30
1/0/1-1/0/28 (Netgear Switch)(conf-if-range-1/0/1-1/0/28)#vlan participation include 3 (Netgear Switch)(conf-if-range-1/0/1-1/0/28)#exit (Netgear Switch)(Config)#exit VLANs 30 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 31
> VLAN > Advanced > VLAN Membership. A screen similar to the following displays. b. In the VLAN ID list, select 3. c. Click Unit 1. The ports display. VLANs 31 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 32
: • In the MAC Address field, enter 00:00:0A:00:00:02. • In the PVID (1 to 4093) field, enter 3. c. Click Add. VLANs 32 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 33
)#vlan 4 (Netgear Switch)(Vlan)#vlan 5 (Netgear Switch)(Vlan)#protocol group 1 4 4. Assign VLAN protocol group 2 to VLAN 5. (Netgear Switch)(Vlan)#protocol group 2 5 VLANs 33 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 34
Name field, enter VLAN4. In the VLAN Type list, select Static. c. Click Add. Create VLAN5. a. Select Switching > VLAN > Basic > VLAN Configuration. VLANs 34 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 35
following information: • In the Group ID field, enter 1. • In the Group Name field, enter vlan_ipx. • In the Protocol list, enter ipx. VLANs 35 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 36
port 11 to the group vlan_ipx. a. Select Switching > VLAN > Advanced > Protocol Based VLAN Group Membership. A screen similar to the following displays. VLANs 36 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 37
only the VLAN assignment of a packet. Appropriate 802.1Q VLAN configuration must exist in order for the packet to be switched. VLANs 37 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 38
:56 1/0/1 Learned 00:00:24:59:00:62 1/0/24 Learned Web Interface: Create an IP Subnet-Based VLAN 1. Create VLAN 2000. VLANs 38 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 39
before Unit 1 until U displays. e. Click Apply. 3. Associate the IP subnet with VLAN 2000. a. Select Switching > VLAN > Advanced > IP Subnet Based VLAN. VLANs 39 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 40
the network cannot initiate a direct attack on voice components. Note: For more information about voice VLANs, seeAuto VoIP on page 309. VLANs 40 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 41
VLAN and Prioritize Voice Traffic 1. Create VLAN 10. (Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 10 (Netgear Switch) (Vlan)#exit VLANs 41 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 42
-policy-classmap)#assign-queue 3 (Netgear Switch) (Config-policy-classmap)#exit 9. Assign it to interfaces 1/0/1 and 1/0/2. (Netgear Switch) (Config)#interface range 1/0/1-1/0/2 (Netgear Switch) (conf-if-range-1/0/1-1/0/2)# service-policy in PolicyVoiceVLAN VLANs 42 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 43
displays. b. In the VLAN Membership table, in the VLAN ID list, select 10. c. Select Port 1 and Port 2 as tagged. d. Click Apply. VLANs 43 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 44
VLAN ID. d. In the Value field, enter 10. A screen similar to the following displays. e. Click Apply. 5. Create the DiffServ class ClassVoiceVLAN. VLANs 44 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 45
following displays. b. Click the class ClassVoiceVLAN. c. In the DiffServ Class Configuration table, select VLAN. d. In the VLAN ID field, enter 10. VLANs 45 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 46
this procedure. 8. Map the policy and class and assign them to the higher-priority queue. a. Select QoS > DiffServ > Advanced > Policy Configuration. VLANs 46 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 47
the following displays. c. In the field next to the Assign Queue radio button, select 3. d. Click Apply. 9. Assign it to interfaces 1/0/1 and 1/0/2. a. Select QoS > DiffServ > Advanced > Service Interface Configuration. VLANs 47 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 48
dynamically on switches that are connected through 802.1Q-tagged ports. GVRP Switch A Figure 4. GVRP configuration 1/0/24 Tagged 1/0/11 GVRP Switch B VLANs 48 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 49
GVRP. (Netgear Switch) #set gvrp adminmode (Netgear Switch) #config (Netgear Switch) (Config)#interface 1/0/11 (Netgear Switch) (Interface 1/0/11)#set gvrp interfacemode VLANs 49 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 50
Tagged 1/0/12 Exclude Autodetect Untagged 1/0/13 Exclude Autodetect Untagged 1/0/14 Exclude Autodetect Untagged 1/0/15 Exclude Autodetect Untagged 1/0/16 Exclude Autodetect Untagged VLANs 50 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 51
. a. From the VLAN ID menu, select 1000. b. Click Unit 1. The ports display. c. Click the gray box under port 24 until T displays. VLANs 51 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 52
. b. Scroll down and select the check box that corresponds to interface 1/0/24. The Interface field in the table heading displays 1/0/24. VLANs 52 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 53
button. c. Click Apply. 2. Enable GVRP on port 1/0/11: a. Select Switching > VLAN > Advanced > GARP Port Configuration. A screen similar to the following displays. VLANs 53 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 54
VLANs can be extended across multiple switches through inter-switch/stack links that transport primary, community, and isolated VLANs between devices. VLANs 54 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 55
and 102. Colored arrows represent possible packet flow paths in the private VLAN domain. Figure 6. Packet flow within a Private VLAN domain VLANs 55 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 56
Interface: Assign Private-VLAN Type (Primary, Isolated, Community) 1. Create VLAN 10. a. Select Security > Traffic Control > Private VLAN > Private VLAN Type Configuration. VLANs 56 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 57
Apply to save the settings 3. Assign VLAN 102 to community VLAN. a. Select Security > Traffic Control > Private VLAN > Private VLAN Type Configuration. VLANs 57 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 58
1. Associate VLAN 101-102 (secondary VLAN) to VLAN 100 (primary VLAN). a. Select Security > Traffic Control > Private VLAN > Private VLAN Association Configuration. VLANs 58 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 59
Managed Switches A screen similar to the following displays. b. Under Private VLAN Association Configuration, select the VLAN ID 100. c. In the Secondary VLAN(s) field, type 101-102. d. Click Apply to save the settings. VLANs 59 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 60
1/0/1 to promiscuous port mode. a. Select Security > Traffic Control > Private VLAN > Private VLAN Port Mode Configuration. A screen similar to the following displays. VLANs 60 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 61
to save the settings. Configure Private-VLAN Host Ports The example is shown as CLI commands and as a web interface procedure. VLANs 61 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 62
. 2. Associate isolated ports 1/0/4-1/0/5 to a private-VLAN (primary=100, secondary=102). a. Select Security > Traffic Control > Private VLAN > Private VLAN Host Interface Configuration. VLANs 62 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 63
a primary VLAN (100) and to selected secondary VLANs (101-102). a. Select Security > Traffic Control > Private VLAN > Private VLAN Promiscuous Interface Configuration. VLANs 63 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 64
default mode and does not restrict the configuration so you can configure the port as needed. The switch supports the following switch port modes, each with its own VLAN membership rules: • Access mode. In untagged. - Ingress filtering is always enabled. VLANs 64 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 65
1000 Switch 1/0/2 access port in VLAN 2000 1/0/3 trunk port that allows LANs 1000 and 2000 Network Figure 7. Access and trunk ports VLANs 65 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 66
1000 Web Interface: Configure a VLAN Trunk 1. Create VLAN 1000 a. Select Switching > VLAN > Advanced > VLAN Configuration. A screen similar to the following displays. VLANs 66 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 67
port 1/0/1 as an access port in VLAN 1000. a. Select Switching > VLAN > Advanced > VLAN Trunking Configuration. A screen similar to the following displays. VLANs 67 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 68
port 1/0/2 as an access port in VLAN 2000. a. Select Switching > VLAN > Advanced > VLAN Trunking Configuration. A screen similar to the following displays. VLANs 68 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 69
a trunk port that allows VLANs 1000 and 2000. a. Select Switching > VLAN > Advanced > VLAN Trunking Configuration. A screen similar to the following displays. VLANs 69 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 70
want the switch to drop untagged packets, ignore this step. e. In the Trunk Allowed VLANs field, enter 1000,2000. f. Click Apply. VLANs 70 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 71
3 3LAGs Link Aggregation Groups This chapter includes the following sections: • Link Aggregation Concepts • Add Ports to LAGs 71 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 72
could produce a tenfold increase in bandwidth; LAG produces a twofold or fivefold increase, which is useful if only a small increase is needed. LAGs 72 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 73
> LAG > LAG Membership. A screen similar to the following displays. b. In the LAG ID list, select LAG 1. c. Click Unit 1. The ports display. LAGs 73 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 74
display. d. Click the gray boxes under ports 8 and 9. Two check marks display in the boxes. e. Click Apply to save the settings. LAGs 74 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 75
Groups This chapter includes the following sections: • Multichassis Link Aggregation Concepts • Create an MLAG • Enable Static Routing on MLAG Interfaces • Enable DCPDP on MLAG Interfaces • Troubleshoot the MLAG Configuration Note: MLAGs are available on the M6100 and M7100 series switches only. 75 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 76
network can be resolved and the traffic can resume quickly. The following figure shows an example of an MLAG deployment topology. MLAGs 76 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 77
the MLAG member ports on the secondary device. The primary device handles the control plane functionality of supported protocols for the MLAG member ports on the secondary. • The two devices are connected with interfaces between the two MLAG peer switches. MLAGs 77 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 78
• If the FBD on the primary device has the same limit (that is, the same number of maximum supported MAC addresses) as on the secondary device, both devices are in synchronization until the limit is reached. When the address and not the virtual MAC address. MLAGs 78 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 79
LAGs as port channels. • NETGEAR recommends that you configure Unidirectional Link Detection (UDLD) to detect and shut down any unidirectional links. MLAGs 79 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 80
P or S) (Config)#exit 8. Create MLAG3 on LAG4. (Switch P or S) (Config)#interface lag 4 (Switch P or S) (Interface lag 4)#vpc 3 (Switch P or S) (Config)#exit MLAGs 80 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 81
3 VPC id# 2 Config mode Enabled Operational mode Enabled Port channel lag 4 Self member ports Status 0/1 UP Peer member ports Status 0/1 UP MLAGs 81 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 82
box. d. From the Port Channel menu, select lag 1. e. Click Apply. 2. Disable STP on LAG 1. a. Select Switching > MLAG > Basic > VPC Global Configuration. MLAGs 82 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 83
select Disable. d. Click Apply. 3. Enable UDLD on the members of LAG1. The web management interface does not support UDLD so you need to use the CLI. For more information, see CLI: Create an MLAG on LAG2 and , enter 1. d. Click Add. 5. Create MLAG on LAG3. MLAGs 83 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 84
. A screen similar to the following displays. b. From the LAG Interface menu, select lag 4. c. In the VPC Identifier field, enter 3. d. Click Add. MLAGs 84 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 85
VLAN routing interfaces. Static routing is supported on these VLAN interfaces. Routing interfaces that have MLAG interfaces as members do nor support routing protocols such as OSPF and IP VRRP globally. (Switch P) # configure (Switch P) (config)#ip vrrp MLAGs 85 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 86
this vrid and interface combination Track Route(pfx/len) Reachable DecrementPriority No routes are tracked for this vrid and interface combination MLAGs 86 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 87
this vrid and interface combination Track Route(pfx/len) Reachable DecrementPriority No routes are tracked for this vrid and interface combination MLAGs 87 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 88
this vrid and interface combination Track Route(pfx/len) Reachable DecrementPriority No routes are tracked for this vrid and interface combination MLAGs 88 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 89
the VRRP state is master. Note: The VRRP state is master on both switch P and switch S (see Figure 9 on page 77). MLAGs 89 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 90
that the state is master. Note: The VRRP state is master on both switch P and switch S (see Figure 9 on page 77). MLAGs 90 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 91
the VRRP state is master. Note: The VRRP state is master on both switch P and switch S (see Figure 9 on page 77). MLAGs 91 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 92
, see Chapter 5, Port Routing and Chapter 6, VLAN Routing. 2. Configure VRRP on VLAN 100 on switch P. a. Select Routing > VRRP > Basic > VRRP Configuration. MLAGs 92 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 93
Mode, select the Enable radio button. c. For the VRRP configuration, enter the following information: • In the VRID (1 to 255) field, enter 1. MLAGs 93 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 94
, see Chapter 5, Port Routing and Chapter 6, VLAN Routing. 2. Configure VRRP on VLAN 100 on switch S. a. Select Routing > VRRP > Basic > VRRP Configuration. MLAGs 94 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 95
Mode, select the Enable radio button. c. For the VRRP configuration, enter the following information: • In the VRID (1 to 255) field, enter 1. MLAGs 95 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 96
reconvergence. The DCPDP can resolve a configuration with two primary devices by identifying the presence of another peer and taking appropriate action. MLAGs 96 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 97
.1 Source IP address 192.168.105.1 UDP port 50000 Peer detection Enabled Peer detection operational status Up Peer is detected TRUE MLAGs 97 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 98
, enter 192.168.104.1. • In the Source IP Address field, select 192.168.105.1. • In the UDP Port field, enter 50000. MLAGs 98 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 99
.168.105.1. • In the Source IP Address field, select 192.168.104.1. • In the UDP Port field, enter 50000. 3. Click Apply. MLAGs 99 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 100
Managed Switches Troubleshoot the MLAG Configuration The Creation of an MLAG Fails If an MLAG is not created correctly, either • Duplex mode • MTU • Bandwidth • VLAN configuration • LACP parameters: - Actor parameters - Admin key - Collector max-delay MLAGs 100 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 101
version • STP MST VLAN configuration • STP MST instance configuration (MST instance ID/port priority/port cost/mode) • Root guard • Loop guard MLAGs 101 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 102
. (Netgear Switch) (Interface vlan 100)#ip vrrp 1 accept-mode Web Interface: Check the Accept Mode 1. Select Routing > VRRP > Advanced > VRRP Configuration. MLAGs 102 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 103
IP address, and port number. of the DCPDP. 3. Ping the destination address of the DCPDP to verify that it is reachable. MLAGs 103 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 104
5 5Port Routing Port routing, default routes, and static routes This chapter includes the following sections: • Port Routing Concepts • Port Routing Configuration • Enable Routing for the Switch • Enable Routing for Ports on the Switch • Add a Default Route • Add a Static Route 104 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 105
technology that worked well for unicast traffic, but had problems coping with large quantities of multicast packets. The next is often statically configured in the end station, although the managed switch supports protocols such as DHCP that allow the address to be assigned dynamically. Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 106
script shows the commands that you use to configure the managed switch to provide the port routing support shown in Figure 10, Layer 3 switch configured for port routing on page 106. Use the (Config)#ip routing (Netgear Switch) (Config)#exit Port Routing 106 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 107
masks for the ports. Network-directed broadcast frames will be dropped. The maximum transmission unit (MTU) size is 1500 bytes. Port Routing 107 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 108
the following information: • In the IP Address field, enter 192.150.2.1. • In the Subnet Mask field, enter 255.255.255.0. Port Routing 108 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 109
IP address 192.150.5.1/24 to interface 1/0/5. a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. Port Routing 109 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 110
entry in the routing table can either be created dynamically through routing protocols like RIP and OSPF, or be manually created by the network administrator. The route created manually is called the static or default route. A default route is used for forwarding the packet when the switch cannot - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 111
the default route if you prefer. The following procedure shows how to add a static route to the switch routing table. Port Routing 111 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 112
button on the bottom of the screen. The screen is updated with the static route shown in the routing table. Port Routing 112 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 113
Managed Switches 7. To remove a route entry, either static or default, select the check box to the left of the entry, and click the Delete button on the bottom of the screen. Port Routing 113 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 114
6 6VLAN Routing VLAN routing for a VLAN and for the switch This chapter includes the following sections: • VLAN Routing Concepts • Create Two VLANs • Set Up VLAN Routing for the VLANs and the Switch 114 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 115
ports supporting VLANs and some supporting routing you how to configure the managed switch to support VLAN routing and how to use RIP and how to configure the managed switch to support VLAN routing. The configuration of the support shown in the diagram. VLAN Routing 115 Software Administration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 116
Switch) (Interface 1/0/3)#vlan participation include 20 (Netgear Switch) (Interface 1/0/3)#vlan pvid 20 (Netgear Switch) (Interface 1/0/3)#exit (Netgear Switch) (Config)#exit VLAN Routing 116 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 117
ID field, enter 20. h. In the VLAN Name field, enter VLAN20. i. In the VLAN Type list, select Static. j. Click Add. VLAN Routing 117 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 118
display. i. Click the gray box under port 3 until T displays. The T specifies that the egress packet is tagged for the port. VLAN Routing 118 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 119
down and select the 1/0/3 check box. g. In the PVID (1 to 4093) field, enter 20. h. Click Apply to save the settings. VLAN Routing 119 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 120
) (Interface-vlan 20)#ip address 192.150.4.1 255.255.255.0 (Netgear Switch) (Interface-vlan 20)#exit (Netgear Switch) (Config)#exit VLAN Routing 120 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 121
Address field, enter 192.150.4.1. • In the Subnet Mask field, enter 255.255.255.0. 6. Click Add to save the settings. VLAN Routing 121 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 122
• Enable Routing for the Switch • Enable Routing for Ports • Enable RIP on the Switch • Enable RIP for Ports 1/0/2 and 1/0/3 • Configure VLAN Routing with RIP Support Note: RIP is available on M5300 and M6100 series switches only. However, the following M5300 series switches require a license to - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 123
their tables after an additional 120 seconds. There are two versions of RIP (the managed switch supports both): • RIPv1 defined in RFC 1058. - Routes are specified by IP destination network and 3 Figure 12. Network with RIP on ports 1/0/2 and 1/0/3 RIP 123 Subnet 5 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 124
Configuration. A screen similar to the following displays. 2. For Routing Mode, select the Enable radio button. 3. Click Apply to save the settings. RIP 124 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 125
the Interface 1/0/2 check box. Now 1/0/2 appears in the Interface field at the top. c. Enter the following information: • In the IP Address Configuration Method field, select Manual. RIP 125 Software Administration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 126
1/0/3 check box. Now 1/0/3 appears in the Interface field at the top. c. Enter the following information: In the IP Address Configuration Method field, select Manual. • In the IP Address field, enter 192.150.3.1. • In the Subnet Mask field, enter 255.255.255.0. • In the Routing Mode field, select - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 127
Configuration. A screen similar to the following displays. 2. For RIP Admin Mode, select Enable radio button. 3. Click Apply to save the setting. RIP 127 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 128
> RIP Configuration. A screen similar to the following displays. 2. Scroll down and select the Interface 1/0/2 and 1/0/3 check box. 3. Enter the following information: RIP 128 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 129
support on the managed switch. (Netgear Switch) #vlan data (Netgear Switch) (Vlan)#vlan 10 (Netgear Switch) (Vlan)#vlan 20 (Netgear Switch) (Vlan)#vlan routing 10 (Netgear Switch) (Vlan)#vlan routing 20 (Netgear Switch) (Vlan)#exit (Netgear Switch) #conf RIP 129 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 130
) (Config)#interface vlan 20 (Netgear Switch) (Interface vlan 20)#ip rip (Netgear Switch) (Interface vlan 20)#exit (Netgear Switch) (Config)#exit RIP 130 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 131
Managed Switches Web Interface: Configure VLAN Routing with RIP Support 1. Configure a VLAN and include ports 1/0/2 in the VLAN: a. Select Routing > VLAN > VLAN Routing Wizard. A include port 1/0/3 in the VLAN: a. Select Routing > VLAN > VLAN Routing Wizard. RIP 131 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 132
RIP Admin Mode, select the Enable radio button. c. Click Apply to save the setting. 4. Enable RIP on VLANs 10 and 20. RIP 132 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 133
20 check boxes. d. Enter the following information: For RIP Mode, select the Enable radio button. e. Click Apply to save the settings. RIP 133 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 134
Areas • VLAN Routing OSPF • OSPFv3 Note: OSPF is available on M5300 and M6100 series switches only. However, the following M5300 series switches require a license to support OSPF: M5300-28G, M5300-52G, M5300-28G-POE+, and M5300-52G-POE+. 134 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 135
managed switch as the inter-area router in the diagram by enabling OSPF on port 1/0/2 in area 0.0.0.2 and port 1/0/3 in area 0.0.0.3. OSPF 135 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 136
Switch) (Interface 1/0/3)#routing (Netgear Switch) (Interface 1/0/3)#ip address 192.150.3.1 255.255.255.0 (Netgear Switch) (Interface 1/0/3)#exit (Netgear Switch) (Config)#exit OSPF 136 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 137
Switch) (Interface 1/0/3)#ip ospf priority 255 (Netgear Switch) (Interface 1/0/3)#ip ospf cost 64 (Netgear Switch) (Interface 1/0/3)#exit (Netgear Switch) (Config)#exit OSPF 137 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 138
to the following displays. b. Scroll down and select the interface 1/0/2 check box. Now 1/0/2 appears in the Interface field at the top. OSPF 138 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 139
Apply to save the settings. 4. Specify the router ID, and enable OSPF for the switch. a. Select Routing > OSPF > Advanced > OSPF Configuration. OSPF 139 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 140
Apply to save the settings. 5. Enable OSPF on port 1/0/2. a. Select Routing > OSPF > Advanced > Interface Configuration. A screen similar to the following displays. OSPF 140 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 141
, select Enable. • In the Priority field, enter 255. • In the Metric Cost field, enter 64. c. Click Apply to save the settings. OSPF 141 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 142
) (Config router)#router-id 192.130.1.1 (Netgear Switch) (Config router)#no 1583compatibility (Netgear Switch) (Config router)#exit (Netgear Switch) (Config)#exit OSPF 142 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 143
switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. OSPF 143 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 144
1/0/2 check box. Now 1/0/2 appears in the Interface field at the top. c. Enter the following information: • In the IP Address Configuration Method field, select Manual. • In the IP Address field, enter 192.150.2.2. • In the Network Mask field, enter 255.255.255.0. • In the Admin Mode field, select - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 145
1/0/3 check box. Now 1/0/3 appears in the Interface field at the top. c. Enter the following information: • In the IP Address Configuration Method field, select Manual. • In the IP Address field, enter 192.130.3.1. • In the Network Mask field, enter 255.255.255.0. • In the Admin Mode field, select - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 146
Area ID field, enter 0.0.0.2. • In the OSPF Admin Mode field, select Enable. • In the Router Priority (0 to 255) field, enter 128. OSPF 146 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 147
Apply to save the settings. 8. Enable OSPF on port 1/0/4. a. Select Routing > OSPF > Advanced > Interface Configuration. A screen similar to the following displays. OSPF 147 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 148
Switch) (Config)#router ospf (Netgear Switch) (Config-router)#router-id 1.1.1.1 3. Configure area 0.0.0.1 as a stub area. (Netgear Switch) (Config-router)#area 0.0.0.1 stub OSPF 148 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 149
.168.10.0 255.255.255.0 Local 2/0/11 192.168.10.1 192.168.20.0 255.255.255.0 Local 2/0/19 192.168.20.1 OSPF 149 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 150
2/0/11 check box. Now 2/0/11 appears in the Interface field at the top. c. Enter the following information: • In the IP Address Configuration Method field, select Manual. • In the IP Address field, enter 192.168.10.1. OSPF 150 Software Administration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 151
19 check box. Now 2/0/19 appears in the Interface field at the top. c. Enter the following information: • In the IP Address Configuration Method field, select Manual. • In the IP Address field, enter 192.168.20.1. • In the Network Mask field, enter 255.255.255.0. • In the Admin Mode field, select - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 152
field, select Enable. c. Click Apply to save the settings. 6. Enable OSPF on the port 2/0/19. a. Select Routing > OSPF > Advanced > Interface Configuration. OSPF 152 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 153
information: • In the Area ID field, enter 0.0.0.1. • In the Import Summary LSAs field, select Disable. c. Click Add to save the settings. OSPF 153 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 154
.168.20.0 255.255.255.0 Local Next Hop Intf --------1/0/15 1/0/15 Next Hop IP Address 192.168.20.1 192.168.20.2 OSPF 154 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 155
1/0/15 check box. Now 1/0/15 appears in the Interface field at the top. c. Enter the following information: • In the IP Address Configuration Method field, select Manual. • In the IP Address field, enter 192.168.20.2. OSPF 155 Software Administration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 156
the Interface field at the top. • In the OSPF Area ID field, enter 0.0.0.1. • In the OSPF Admin Mode field, select Enable. OSPF 156 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 157
an NSSA Area 1. Enable routing on the switch. (Netgear Switch) #config (Netgear Switch) (Config)#router ospf (Netgear Switch) (Config)#ip routing OSPF 157 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 158
192.168.10.2 192.168.10.2 192.168.10.1 192.168.20.1 192.168.20.2 192.168.20.2 192.168.20.2 OSPF 158 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 159
the following information: • In the IP Address field, enter 192.168.10.1. • In the Network Mask field, enter 255.255.255.0. OSPF 159 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 160
the router ID, and enable OSPF for the switch. a. Select Routing > OSPF > Basic > OSPF Configuration. A screen similar to the following displays. OSPF 160 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 161
. a. Select Routing > OSPF > Advanced > Interface Configuration. A screen similar to the following displays. b. Scroll down and select the interface 2/0/19 check box. OSPF 161 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 162
ID to 2.2.2.2. (Netgear Switch) (Config-router)#router-id 2.2.2.2 3. Configure the area 0.0.0.1 as an NSSA area. (Netgear Switch) (Config-router)# area 0.0.0.1 nssa OSPF 162 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 163
.168.41.0 255.255.255.0 RIP 1/0/11 192.168.30.2 192.168.42.0 255.255.255.0 RIP 1/0/11 192.168.30.2 OSPF 163 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 164
1/0/11 check box. Now 1/0/11 appears in the Interface field at the top. c. Enter the following information: • In the IP Address Configuration Method field, select Manual. • In the IP Address field, enter 192.168.30.1. OSPF 164 Software Administration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 165
15 check box. Now 1/0/15 appears in the Interface field at the top. c. Enter the following information: • In the IP Address Configuration Method field, select Manual. • In the IP Address field, enter 192.168.20.2. • In the Network Mask field, enter 255.255.255.0. • In the Routing Mode field, select - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 166
the Enable radio button. c. Click Apply to save the settings. 6. Enable OSPF on port 1/0/15. a. Select Routing > OSPF > Advanced > Interface Configuration. OSPF 166 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 167
, enter 0.0.0.1. c. Click Add to save the settings. 8. Redistribute the RIP routes into the OSPF area. a. Select Routing > OSPF > Advanced > Route Redistribution. OSPF 167 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 168
they are not. An inter-area router communicates with border routers in each of the areas to which it provides connectivity. OSPF 168 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 169
route was learned from other protocols such as RIP CLI: Configure VLAN Routing OSPF This example adds support for OSPF to the configuration created in the base VLAN routing example in Figure 11, Layer 3 switch .0 (Netgear Switch) (Interface vlan 20)#exit OSPF 169 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 170
priority 255 (Netgear Switch) (Interface vlan 20)#ip ospf cost 64 (Netgear Switch) (Interface vlan 20)#exit (Netgear Switch) (Config)#exit OSPF 170 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 171
ID field, enter 20. • In the IP Address field, enter 192.150.4.1. • In the Network Mask field, enter 255.255.255.0. OSPF 171 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 172
. c. Scroll down and select the interface 0/2/1 check box. Now 0/2/1 appears in the Interface field at the top. d. Enter the following information: OSPF 172 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 173
; and addressing semantics have been moved to leaf LSAs, which eventually allow its use for both IPv4 and IPv6. Point-to-point links are also supported in order to enable operation over tunnels. It is possible to enable OSPF and OSPFv3 at the same time. OSPF works with IPv4, and OSPFv3 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 174
network broadcast (Netgear Switch) #show ipv6 ospf neighbor Router ID ---------- 2.2.2.2 Priority -------- 1 Intf ID ------- 13 Interface --------- 1/0/1 State Full/BACKUP-DR DeadTime ------- 34 OSPF 174 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 175
)#ipv6 ospf network broadcast (Netgear Switch) #show ipv6 ospf neighbor Router ID Priority 1.1.1.1 1 IntfID ------ 1 Interface --------1/0/13 State --------Full/ DR DeadTime ---34 OSPF 175 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 176
ID field, enter 1.1.1.1. • For Admin Mode, select the Enable radio button. c. Click Apply to save the settings. 3. Enable IPv6 on port 1/0/1. OSPF 176 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 177
64. • In the EUI64 field, select Disable. • In the Onlink Flag field, select Disable. • In the Autonomous Flag field, select Disable. OSPF 177 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 178
to the following displays. To use the web interface to configure OSPF on switch A2, repeat this process for switch A2. OSPF 178 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 179
9 9BGP Border Gateway Protocol This chapter includes the following sections: • Border Gateway Protocol Concepts • Example1: Configure BGP on Switches A, B, and C in the Same AS • Example 2: Create eBGP on Switches A and D • Example 3: Create an iBGP Connection with a Loopback Interface • Example 4: - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 180
NETGEAR ProSafe Managed Switch does not support any version of BGP other than version 4. Note: BGP can be configured through the CLI only. Note: SNMP support is limited to the standard MIB, which provides primarily support multihop (RFC 4271 section 5.1.3). BGP 180 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 181
.168.1.2 1/0/1 172.126.1.2/24 AS200 172.126.2.2/24 D E 1/0/1 172.126.2.2/24 IBPG A C 1/0/1 1/0/2 192.168.2.2/24 192.168.2.1/24 Figure 18. Topology BGP 181 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 182
) # neighbor 192.168.1.2 remote-as 100 (Netgear Switch) (Config-router) # neighbor 192.168.3.1 remote-as 100 (Netgear Switch) (Config-router) #exit BGP 182 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 183
) # neighbor 192.168.2.1 remote-as 100 (Netgear Switch) (Config-router) # neighbor 192.168.3.2 remote-as 100 (Netgear Switch) (Config-router) #exit BGP 183 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 184
neighbor on Switch A to see if the BGP neighbor is established. Use the same command to check it on Switches B and C. BGP 184 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 185
179 Connection Retry Interval 2 sec Neighbor Capabilities MP RF IPv4 Unicast Support Both IPv6 Unicast Support None Template Name None Update Source loopback 0 Configured Hold Time None Inbound 0 0 0 0 0 0 0 Outbound 207 101 2 N/A N/A 100 1 BGP 185 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 186
) (Interface 1/0/1) #vlan participation include 100 (Netgear Switch) (Interface 1/0/1) #interface vlan 100 (Netgear Switch) (Interface vlan 100) #ip address 172.126.1.1 /24 BGP 186 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 187
BGP neighbor on Switch A to see if the BGP neighbor is established. Use the same command to check it on Switch D. BGP 187 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 188
179 Connection Retry Interval 2 sec Neighbor Capabilities MP RF IPv4 Unicast Support Both IPv6 Unicast Support Received Template Name None Update Source None Configured Hold Time None Configured Keep 0 0 0 0 100 100 Outbound 206 1 0 N/A N/A 100 1 BGP 188 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 189
configure the switch to reach the IP address of loopback interface. Since NETGEAR BGP does not support multihop eBGP, eBGP cannot be established with loopback interface. Configure iBGP on Switch D 1. Create ) (Interface vlan 200) #ip address 172.126.2.1 /24 BGP 189 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 190
a static route to the loopback interface 0 (10.1.1.1) on Switch D. (Netgear Switch) (Config) #ip route 10.1.1.1 255.255.255.255 172.126.2.1 BGP 190 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 191
/Down Time Pfx Rcvd 10.1.2.1 200 11 13 ESTABLISHED 0:00:04:20 0 172.126.1.1 100 75 164 ESTABLISHED 0:00:35:40 0 BGP 191 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 192
reflection. For the an example how to configure iBGP, see Example 3: Create an iBGP Connection with a Loopback Interface on page 189. BGP 192 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 193
bind it to a BGP speaker, use the command desribute prefix or neighbor prefix-list in BGP router configuration mode. BGP 193 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 194
External Type 2 C B C BGP 192.168.1.0/24 [0/1] directly connected, 1/0/2 136.1.1.0/24 [200/0] via 192.168.1.2, 00h:00m:08s, 192.168.3.0/24 [0/1] directly connected, 1/0/3 1/0/2 194 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 195
the given texts. The following special characters are supported in AS_PATH regular expressions. Table 1. Special characters supported in AS_PATH regular expressions Special Character asterisk brackets number 2 in the pattern. the string to be matched BGP 195 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 196
route filters with BGP route maps. BGP route maps are separated by PBR route maps. BGP route maps support the following filter list: • as-path • community • ip address prefix-list • ipv6 address prefix-list on page 186 for the eBGP session configuration. BGP 196 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 197
connected, 1/0/1 C 192.168.1.0/24 [0/1] directly connected, 1/0/2 B 192.168.2.0/24 [200/0] via 192.168.1.2, 00h:10m:25s, 1/0/2 C 192.168.3.0/24 [0/1] directly connected, 1/0/3 BGP 197 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 198
port 1/0/1. (Netgear Switch) (Config) #interface 1/0/1 (Netgear Switch) (Interface 1/0/2) #routing (Netgear Switch) (Interface 1/0/2) #ipv6 enable (Netgear Switch) (Interface 1/0/2) #ipv6 address 2001:1:1::2/64 BGP 198 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 199
-router) #neighbor 2001:1:1::1 remote-as 100 (Netgear Switch) (Config-router) #address-family ipv6 (Netgear Switch) (config-router-af) #neighbor 2001:1:1::1 activate BGP 199 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 200
10 10PBR Policy-based routing This chapter includes the following sections: • Policy-Based Routing Concept • Route-Map Statements • PBR Processing Logic • PBR Configurations • PBR Example Note: PBR is available on the M6100 series switches only. 200 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 201
local PBR. However, this feature is not supported in NETGEAR Software Version 10.2. Starting with Software Version 10.2, the NETGEAR switch supports the route-map infrastructure for BGP. Match parameters mainly data traffic) to override a routing decision. PBR 201 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 202
Managed Switches The following packet entities are supported in NETGEAR Software Version 10.2 to classify L3 routed traffic: • The size of the packet • Protocol of the payload ( route-map statement in the sequence. If no next route-map statement exists, the PBR 202 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 203
). Route using the default routing table. PBR Configurations PBR is configurable on the following types of eligible routing interfaces: • Physical ports PBR 203 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 204
the VLAN interface, but do not configure a rule with the VLAN ID as the match condition. PBR supports the preconfiguration of the route map on routing interfaces. If routing is not enabled on an interface, the -sensitive routing is achieved through PBR. PBR 204 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 205
(Netgear Switch) (route-map) #match ip address 2 (Netgear Switch) (route-map) #set ip next-hop 20.2.1.2 (Netgear Switch) (route-map) #exit PBR 205 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 206
8. Configure IP address 20.2.1.1 on interface 1/0/4. Netgear Switch) (Config) #interface 1/0/4 (Netgear Switch) (Interface 1/0/4) #routing (Netgear Switch) (Interface 1/0/4) #ip add 20.2.1.1 /16 PBR 206 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 207
11 11ARP Proxy Address Resolution Protocol This chapter includes the following sections: • Proxy ARP Concepts • Proxy ARP Examples 207 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 208
where the ARP request arrived. Proxy ARP Examples The following are examples of the commands used in the proxy ARP feature. ARP 208 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 209
. (Netgear Switch) (Interface 0/24)#ip proxy-arp Web Interface: Configure Proxy ARP on a Port 1. Select Routing > IP > Advanced > IP Interface Configuration. ARP 209 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 210
1/0/3 appears in the Interface field at the top. 3. In the Proxy Arp field, select Enable. 4. Click Apply to save the settings. ARP 210 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 211
• VRRP on a Backup Router Note: VRRP is available on the M5300, M6100, and M7100 series switches. However, the following M5300 series switches require a license to support VRRP: M5300-28G, M5300-52G, M5300-28G-POE+, and M5300-52G-POE+. 211 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 212
than one port on the managed switch can be configured as a virtual router. Either a physical port or a routed VLAN can participate. VRRP 212 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 213
Switches VRRP on a Master Router This example shows how to configure the managed switch to support VRRP. Router 1 is the default master router for the virtual route, and Router 2 mode (Netgear Switch) (Interface 1/0/2)#exit (Netgear Switch) (Config)#exit VRRP 213 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 214
Routing Mode field, select Enable. d. Click Apply to save the settings. 3. Enable VRRP on port 1/0/2. a. Select Routing > VRRP > Advanced > VRRP Configuration. VRRP 214 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 215
) (Interface 1/0/4)#ip address 192.150.4.1 255.255.0.0 (Netgear Switch) (Interface 1/0/4)#exit 3. Enable VRRP for the switch. (Netgear Switch) (Config)#ip vrrp VRRP 215 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 216
button. c. Click Apply to save the settings. 2. Assign IP address 192.150.4.1 to port 1/0/4. a. Select Routing > IP > Advanced > IP Interface Configuration. VRRP 216 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 217
. • In the Primary IP Address field, enter 192.150.2.1. • In the Status list, select Active. d. Click Add to save the settings. VRRP 217 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 218
13 13ACLs Access Control Lists This chapter includes the following sections: • Access Control List Concepts • MAC ACLs • Set Up an IP ACL with Two Rules • One-Way Access Using a TCP Flag in an ACL • Use ACLs to Configure Isolated VLANs on a Layer 3 Switch • Set up a MAC ACL with Two Rules • ACL - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 219
supports ACLs set up for inbound traffic only. MAC ACLs MAC ACLs are Layer 2 ACLs. You can configure the rules to inspect the following fields of a packet (limited by platform): • Source MAC address with mask. • Destination MAC address with mask. • VLAN ID (or range of IDs). • Class of Service Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 220
will be accepted by the managed switch only if the source and destination stations have IP addresses within the defined sets. ACLs 220 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 221
UDP traffic CLI: Set Up an IP ACL with Two Rules The following is an example of configuring ACL support on a 7000 Series Managed Switch. Create ACL 101. Define the first rule: The ACL will permit packets udp 192.168.77.0 0.0.0.255 192.178.77.0 0.0.0.255 ACLs 221 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 222
. 2. Create a new rule associated with ACL 101. a. Select Security > ACL > IP ACL > IP Extended Rules. A screen similar to the following displays. ACLs 222 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 223
Configuration, enter the following information: • In the Rule ID (1 to 23) field, enter 22. • For Action, select the Permit radio button. ACLs 223 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 224
1. The ports display. d. Click the gray box under port 2. A check mark displays in the box. e. Click Apply to save the settings. ACLs 224 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 225
1: Configure the VLAN and IP addresses on Switch A (See Figure 23, One-Way Web access using a TCP flag in an ACL.) ACLs 225 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 226
) (Interface-vlan 100)#ip address 192.168.100.1 255.255.255.0 (Netgear Switch) (Interface-vlan 100)#exit (Netgear Switch) (Config)#exit ACLs 226 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 227
)#exit Step 2: Configure on Switch B (See Figure 23, One-Way Web access using a TCP flag in an ACL on page 225.) ACLs 227 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 228
) (Interface-vlan 50)#ip address 192.168.50.1 255.255.255.0 (Netgear Switch) (Interface-vlan 50)#exit (Netgear Switch) (Config)#exit ACLs 228 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 229
VLAN 30 with IP address 192.168.30.1/24. a. Select Routing > VLAN > VLAN Routing Wizard. A screen similar to the following displays. ACLs 229 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 230
Apply to save VLAN 100. 3. Create VLAN 200 with IP address 192.168.200.1/24. a. Select Routing > VLAN > VLAN Routing Wizard. ACLs 230 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 231
, select the Enable radio button. c. Click Apply to enable IP routing. 5. Add a static route with IP address 192.268.40.0/24: ACLs 231 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 232
.255.255.0. • In the Next Hop IP Address field, enter 192.168.200.2. c. Click Add. 7. Create an ACL with ID 101. ACLs 232 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 233
Add. 9. Add and configure an IP extended rule that is associated with ACL 101. a. Select Security > ACL > Advanced > IP Extended Rules. ACLs 233 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 234
. 10. Add and configure an IP extended rule that is associated with ACL 102. a. Select Security > ACL > Advanced > IP Extended Rules. ACLs 234 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 235
IP. e. Click Apply to save the settings. 11. Apply ACL 101 to port 44. a. Select Security > ACL > Advanced > IP Binding Configuration. ACLs 235 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 236
ports display. d. Click the gray box under port 44. A check mark displays in the box. e. Click Apply to save the settings. ACLs 236 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 237
field, enter 50. • In the IP Address field, enter 192.168.50.1. • In the Network Mask field, enter 255.255.255.0. ACLs 237 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 238
route with IP address 192.168.100.0/24: a. Select Routing > Routing Table > Basic > Route Configuration. A screen similar to the following displays. ACLs 238 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 239
the Subnet Mask field, enter 255.255.255.0. • In the Next Hop IP Address field, enter 192.168.200.1. c. Click Add. ACLs 239 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 240
192.148.48.1 PC1 PC2 192.148.24.2 Figure 24. Using ACLs to isolate VLANs on a Layer 3 switch 192.148.48.2 ACLs 240 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 241
) (Interface-vlan 48)#ip address 192.168.48.1 255.255.255.0 (Netgear Switch) (Interface-vlan 48)#exit (Netgear Switch) (Config)#exit ACLs 241 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 242
.168.48.0 0.0.0.255 8. Create ACL 103 to permit all other traffic. (Netgear Switch) (Config)#access-list 103 permit ip any any ACLs 242 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 243
. e. Click Apply to save VLAN 24. 2. Create VLAN 48 with IP address 192.168.48.1. a. Select Routing > VLAN > VLAN Routing Wizard. ACLs 243 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 244
. d. Click the gray box under port 38 twice until U displays. The U specifies that the egress packet is untagged for the port. ACLs 244 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 245
the IP ACL ID field, enter 101. c. Click Add. 6. Create an ACL with ID 102. a. Select Security > ACL > Advanced > IP ACL. ACLs 245 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 246
Add. 8. Add and configure an IP extended rule that is associated with ACL 101: a. Select Security > ACL > Advanced > IP Extended Rules. ACLs 246 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 247
settings. 9. Add and configure an IP extended rule that is associated with ACL 102. a. Select Security > ACL > Advanced > IP Extended Rules. ACLs 247 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 248
. 10. Add and configure an IP extended rule that is associated with ACL 103: a. Select Security > ACL > Advanced > IP Extended Rules. ACLs 248 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 249
IP. e. Click Apply to save the settings. 11. Apply ACL 102 to port 24: a. Select Security > ACL > Advanced > IP Binding Configuration. ACLs 249 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 250
Number field, enter 1. c. Click Unit 1. The ports display. d. Click the gray box under port 48. A check mark displays in the box. ACLs 250 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 251
with Two Rules 1. Create a new MAC ACL acl_bpdu. (Netgear Switch) # (Netgear Switch) #config (Netgear Switch) (Config)#mac access-list extended acl_bpdu ACLs 251 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 252
to create ACL acl_bpdu. 2. Create a new rule that is associated with the ACL acl_bpdu. a. Select Security > ACL > MAC ACL > MAC Rules. ACLs 252 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 253
Name field. b. Enter the following information in the Rule Table. • In the ID field, enter 2. • In the Action field, select Permit. ACLs 253 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 254
traffic with the option mirror to an interface. Any traffic matching this rule will be copied to the specified mirrored interface. ACLs 254 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 255
permit all others. (Netgear Switch) (Config-ipv4-acl)# permit ip 10.0.0.1 0.0.0.0 any mirror 1/0/19 (Netgear Switch) (Config-ipv4-acl)# permit every ACLs 255 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 256
FALSE Protocol 255(ip) Source IP Address 10.0.0.1 Source IP Mask 0.0.0.0 Mirror Interface 1/0/19 Rule Number: 2 Action permit Match All TRUE ACLs 256 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 257
to the following displays. 2. Create a rule to match host 10.0.0.1 in the ACL monitorHost. a. Select Security > ACL > Advanced > IP Extended Rules. ACLs 257 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 258
Src IP Mask field, enter 0.0.0.0. h. Click Apply. 3. Create a rule to match every other traffic. a. Select Security > ACL > Advanced > IP Extended Rules. ACLs 258 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 259
button. e. In the Match Every field, select True. f. Click Apply. A screen similar to the following displays. 4. Bind the ACL with interface 1/0/1. ACLs 259 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 260
for the device. d. Select the Port 1 check box. e. Click Apply. ACL Redirect This feature redirects a specified traffic stream to a specified interface. ACLs 260 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 261
1/0/19 (Netgear Switch) (Config-ipv4-acl)# permit every 3. Bind the ACL with interface 1/0/1. (Netgear Switch) (Interface 1/0/1)#ip access-group redirectHTTP in 1 ACLs 261 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 262
an IP access control list with the name redirectHTTP. a. Select Security > ACL > Advanced > IP ACL. A screen similar to the following displays. ACLs 262 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 263
. 2. Create a rule to redirect HTTP traffic. a. Select Security > ACL > Advanced > IP Extended Rules. A screen similar to the following displays. b. Click Add. ACLs 263 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 264
a rule to match every other traffic. a. Select Security > ACL > Advanced > IP Extended Rules. A screen similar to the following displays. b. Click Add. ACLs 264 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 265
with interface 1/0/1. a. Select Security > ACL > Advanced > IP Binding Configuration. A screen similar to the following displays. b. In the Sequence Number field, enter 1. ACLs 265 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 266
-ipv4-acl)#permit every (Netgear Switch) (Config-ipv4-acl)#exit (Netgear Switch) (Config)#ip access-group acl_for_cpu control-plane eq ssh ACLs 266 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 267
Managed Switches Configure IPv6 ACLs This feature extends the existing IPv4 ACL by providing support for IPv6 packet classification. Each ACL is a set of up to 12 rules applied to inbound traffic. how to set up an IPv6 ACL with the following three rules: ACLs 267 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 268
. (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)# ipv6 traffic-filter ipv6-acl in (Netgear Switch) (Interface 1/0/1)# exit (Netgear Switch) (Config)#exit ACLs 268 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 269
ipv6-acl a. Select Security > ACL > Advanced > IPv6 ACL. b. In the IPv6 ACL Table, in the IPv6 ACL field, enter ipv6-acl. ACLs 269 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 270
Managed Switches A screen similar to the following displays. c. Click Add. A screen similar to the following displays. 2. Define the first rule (1 of 3). a. Select Security > ACL > Advanced > IPv6 Rules. ACLs 270 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 271
:DB8:C0AB:AC14::. i. In the Destination Prefix Length field, enter 64. j. Click Apply. 3. Add Rule 2. a. Select Security > ACL > Advanced > IPv6 Rules. ACLs 271 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 272
field, enter 64. k. In the Destination L4 Port list, select telnet. l. Click Apply. 4. Add Rule 3. a. Select Security > ACL > Advanced > IPv6 Rules. ACLs 272 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 273
> IP Binding Configuration. b. In the ACL ID list, select ipv6-acl. c. In the Sequence Number list, select 1. d. Click Unit 1. e. Select Port 1. ACLs 273 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 274
Managed Switches A screen similar to the following displays. f. Click the Apply button. 6. View the binding table. Select Security > ACL > Advanced > Binding Table. A screen similar to the following displays. ACLs 274 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 275
14 14CoS Queuing Class of Service Queuing This chapter describes Class of Service (CoS) queue mapping, CoS Configuration, and traffic shaping features. The chapter includes the following sections: • CoS Queuing Concepts • Show classofservice Trust • Set classofservice Trust Mode • - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 276
managed through switching configuration.) - IP precedence - IP DiffServ Code Point (DSCP) The system can assign the service level based upon the 802.1p priority field of the L2 header. You configure this by mapping the priority on a per-port basis. CoS Queuing 276 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 277
a per-queue, per-drop precedence basis allows you to create the service characteristics that you want for different types of traffic. Port egress queue rail Drop vs. WRED Only if per-queue configuration is not supported • WRED decay exponent • Traffic shaping for an entire interface CoS - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 278
? Press Enter to execute the command. (Netgear Switch) #show classofservice trust Class of Service Trust Mode: Dot1P Web Interface: Show classofservice Trust Select QoS > CoS > Basic > CoS Configuration commands and as a web interface procedure. CoS Queuing 278 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 279
Netgear Switch) (Config)#classofservice trust? dot1p Sets the Class of Service Trust Mode of an Interface to 802.1p. ip-dscp Sets the Class of Service Trust Mode of an Interface to IP DSCP. (Netgear Switch) and as a web interface procedure. CoS Queuing 279 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 280
down and select the interface 1/0/2 check box. Now 1/0/2 appears in the Interface field at the top. d. Enter the following information: CoS Queuing 280 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 281
settings. Set CoS Trust Mode for an Interface The example is shown as CLI commands and as a web interface procedure. CoS Queuing 281 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 282
) (Interface 1/0/3)#classofservice trust? dot1p Sets the Class of Service Trust Mode of an Interface to 802.1p. ip-dscp Sets the Class of Service Trust Mode of an Interface to IP DSCP. (Netgear ) or for a single interface (Interface Config). CoS Queuing 282 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 283
field at the top. c. In the Interface Shaping Rate (0 to 100) field, enter 70. d. Click Apply to save the settings. CoS Queuing 283 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 284
15 15DiffServ Differentiated Services This chapter includes the following sections: • Differentiated Services Concepts • DiffServ • DiffServ for VoIP • Auto VoIP • DiffServ for IPv6 • Color Conform Policy 284 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 285
Service quality of service you want DiffServ support on the Differentiated Services Code Point services support DiffServ in the outbound direction. Rules are defined in terms of classes, policies, and services Switch supports a traffic Service. Assigns a policy to an interface - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 286
Port 1/0/2 Port 1/0/4 Port 1/0/3 VLAN 10: Finance VLAN 20: Marketing VLAN 30: Test VLAN 40: Development Figure 28. Class B subnet with differentiated services The example is shown as CLI commands and as a web interface procedure. CLI: Configure DiffServ 1. Ensure that the DiffServ operation is - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 287
(Netgear Switch) (Config policy-class-map)#assign-queue 4 (Netgear Switch) (Config policy-class-map)#exit (Netgear Switch) (Config policy-map)#exit DiffServ 287 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 288
direction. (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#service-policy in internet_access (Netgear Switch) (Interface 1/0/1)#exit (Netgear Switch) 0 0 (Netgear Switch) (Interface 1/0/5)#exit (Netgear Switch) (Config)#exit DiffServ 288 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 289
. • In the Class Type list, select All. c. Click Add to create a new class finance_dept. d. Click the finance_dept to configure this class. DiffServ 289 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 290
marketing_dept. • In the Class Type list, select All. c. Click Add to create a new class marketing_dept. d. Click marketing_dept to configure this class. DiffServ 290 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 291
test_dept. • In the Class Type list, select All. c. Click Add to create a new class test_dept. d. Click test_dept to configure this class. DiffServ 291 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 292
. • In the Class Type list, select All. c. Click the Add to create a new class development_dept. d. Click development_dept to configure this class. DiffServ 292 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 293
. c. Click Add to create a new policy internet_access. 7. Add the class marketing_dept into the policy internet_access. a. Select QoS > DiffServ > Advanced > Policy Configuration. DiffServ 293 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 294
the class test_dept to the policy internet_access. 9. Add the class development_dept into the policy internet_access. a. Select QoS > DiffServ > Advanced > Policy Configuration. DiffServ 294 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 295
QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. b. Click the internet_access check box for the member class finance_dept. DiffServ 295 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 296
2 to marketing_dept. a. Select QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. b. Click the internet_access check box for marketing_dept. DiffServ 296 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 297
3 to test_dept. a. Select QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. b. Click the internet_access check mark for test_dept. DiffServ 297 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 298
4 to development_dept. a. Select QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. b. Click the internet_access check mark for development_dept. DiffServ 298 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 299
1/0/1 through 1/0/4 in the inbound direction. a. Select QoS > DiffServ > Advanced > Service Configuration. A screen similar to the following displays. b. Scroll down and select the check a. Select QoS > CoS > Advanced > Interface Queue Configuration. DiffServ 299 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 300
Bandwidth field, enter 25. e. Click Apply. 17. Set the CoS queue 3 configuration for interface 1/0/5. a. Select QoS > CoS > Advanced > Interface Queue Configuration. DiffServ 300 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 301
the Interface field at the top. c. In the Queue ID list, select 4. d. In the Minimum Bandwidth field, enter 25. e. Click Apply. DiffServ 301 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 302
most valuable uses of DiffServ is to support Voice over IP (VoIP). VoIP traffic is inherently time sensitive: For a network to provide acceptable service, a guaranteed transmission rate is vital. )#cos-queue strict 5 (Netgear Switch) (Config)#diffserv DiffServ 302 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 303
)#exit (Netgear Switch) (Config policy-map)#exit 5. Attach the defined policy to an inbound service interface. (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface 1/0/2)#service-policy in pol_voip (Netgear Switch) (Interface 1/0/2)#exit (Netgear Switch) (Config)#exit DiffServ 303 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 304
Mode, select the Enable radio button. c. Click Apply to save the settings. 3. Create a class class_voip. a. Select QoS > DiffServ > Advanced > DiffServ Configuration. DiffServ 304 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 305
the Protocol Type list, select UDP. g. Click Apply to create a new class. 4. Create a class class_ef: a. Select QoS > DiffServ > Advanced > DiffServ Configuration. DiffServ 305 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 306
. g. Click Apply to create a new class. 5. Create a policy pol_voip. and add class_voip to this policy. a. Select QoS > DiffServ > Advanced > Policy Configuration. DiffServ 306 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 307
, and select ef. h. Click Apply to create a new policy. 6. Add class_ef to the policy pol_voip. a. Select QoS > DiffServ > Advanced > Policy Configuration. DiffServ 307 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 308
the Assign Queue list, select 5. g. Click Apply to create a new policy. 7. Attach the defined policy to interface 1/0/2 in the inbound direction. a. Select QoS > DiffServ > Advanced > Service Configuration. DiffServ 308 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 309
Protocol-based Auto VoIP provides a better class of service (CoS) to data and signaling VoIP streams than to other traffic. The supported signaling protocols are Session Initiation Protocol (SIP), H.323 configure each configuration on a per-port basis. DiffServ 309 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 310
with a default list of OUIs. You can also add OUIs that need prioritization. The switch can support up to 128 OUIs, including the default OUIs. By default, the switch uses the highest available priority VoIP, the port remains nonoperational. DiffServ 310 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 311
protocol-based Auto VoIP on a specific port of the switch. (Netgear Switch)(Configure)#interface 2/0/1 (Netgear Switch)(Interface 2/0/1)#auto-voip protocol-based DiffServ 311 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 312
places them in the higher-priority queue. By default, the packets are placed in egress queue 6. However, you can override the DiffServ 312 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 313
Switching > Auto-VoIP > Protocol-based > Port Settings. A screen similar to the following displays. b. From the Class Value menu, select 4. c. Click Apply. DiffServ 313 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 314
VoIP Mode Operational Status 2/0/1 Disabled Down Web Interface: Change the Auto VoIP VLAN 1. Create a VLAN 5: a. Select Switching > VLAN > Basic > Vlan Configuration. DiffServ 314 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 315
> Auto-VoIP > Protocol-based > Port Settings. A screen similar to the following displays. b. From the VoIP VLAN Id menu, select 5. c. Click Apply. DiffServ 315 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 316
This feature extends the existing QoS ACL and DiffServ functionality by providing support for IPv6 packet classification. Internet Interface 1/0/1 GSM73xxS Interface 1/0/3 IPv6 -classmap) # match protocol 58 (Netgear Switch) (Config-classmap) # exit DiffServ 316 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 317
and 1/0/3: (Netgear Switch) (Config)# interface 1/0/1 (Netgear Switch) (Interface 1/0/1)# service-policy in policyicmpv6 (Netgear Switch) (Interface 1/0/1)# exit (Netgear Switch) (Config)# , enter classicmpv6. c. In the Class Type list, select All. DiffServ 317 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 318
criteria as protocol ICMPv6. a. Select QoS > DiffServ > Advanced > IPv6 Class Configuration. A screen similar to the following displays. b. Click the class classicmpv6. DiffServ 318 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 319
Managed Switches A screen similar to the following displays. c. Select the Protocol Type radio button, select Other, and enter 58. A screen similar to the following displays. DiffServ 319 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 320
. b. In the Policy Name field, enter policyicmpv6. c. In the Policy Type list, select In. d. In the Member Class list, select classicmpv6. DiffServ 320 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 321
QoS > DiffServ > Advanced > Policy Configuration. A screen similar to the following displays. b. Click the policy policyicmpv6. c. In the Assign Queue list, select 6. DiffServ 321 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 322
to the following displays. d. Click Apply. 5. Attach the policy policyicmpv6 to interfaces 1/0/1,1/0/2 and 1/0/3. a. Select QoS > DiffServ > Advanced > Service Interface Configuration. A screen similar to the following displays. b. In the Policy Name list, select policyicmpv6. c. Select the - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 323
the last to be dropped when there is congestion. The example is shown as CLI commands and as a web interface procedure. DiffServ 323 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 324
5 (Netgear Switch) (Interface 1/0/25)#exit 2. Create classes class_vlan and class_color. Note: DiffServ service is enabled by default. (Netgear Switch) (Config)#class-map match-all class_vlan (Netgear Switch exit (Netgear Switch) (Config-policy-map)#exit DiffServ 324 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 325
port 1/0/13. (Netgear Switch) (Config)#interface 1/0/13 (Netgear Switch) (Interface 1/0/13)#service-policy in policy_vlan (Netgear Switch) (Interface 1/0/13)#exit (Netgear Switch) (Config)#exit VLAN ID list, select 5. c. Click Unit 1. The ports display. DiffServ 325 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 326
, select All. c. Click Add to create a new class class_vlan. A screen similar to the following displays. d. Click class_vlan to configure this class. DiffServ 326 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 327
, select All. c. Click Add to create a new class class_color. A screen similar to the following displays. d. Click class_color to configure this class. DiffServ 327 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 328
, enter policy_vlan. c. In the Policy Type list, select In. d. Click Add. 6. Associate policy_vlan with class_vlan. a. Select QoS > DiffServ > Advanced > Policy Configuration. DiffServ 328 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 329
field, enter 64. h. For Conform Action, select the Send radio button. i. For Violate Action, select the Drop radio button. j. Click Apply. DiffServ 329 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 330
Interface Configuration. A screen similar to the following displays. b. Under Service Interface Configuration, scroll down and select the Interface 1/0/13 check box. c. In the Policy Name list, select policy_vlan. d. Click Apply to save the settings. DiffServ 330 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 331
16 16IGMP Snooping and Querier Internet Group Management Protocol features This chapter includes the following sections: • Internet Group Management Protocol Concepts • IGMP Snooping • Show igmpsnooping • Show mac-address-table igmpsnooping • External Multicast Router • Multicast Router Using VLAN • - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 332
: Enable IGMP Snooping Configure IGMP snooping: 1. Select Switching > Multicast > IGMP Snooping Configuration. A screen similar to the following displays. IGMP Snooping and Querier 332 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 333
snooping None Web Interface: Show igmpsnooping Select Switching > Multicast > IGMP Snooping Configuration. A screen similar to the following displays. IGMP Snooping and Querier 333 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 334
(Netgear Switch) #show igmpsnooping ssm entries VLAN ID Group Source Ip Source Filter Mode Interfaces 1000 224.1.1.1 1.1.1.1 include 1/0/2 IGMP Snooping and Querier 334 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 335
Configuration, scroll down and select the Interface 1/0/3 check box. Now 1/0/3 appears in the Interface field at the top. IGMP Snooping and Querier 335 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 336
Managed Switches 3. In the Admin Mode field, select Enable. 4. Click Apply. IGMP Snooping and Querier 336 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 337
Router VLAN Configuration. • In the VLAN ID field, enter 2. • In the Multicast Router field, select Enable. 4. Click Apply. IGMP Snooping and Querier 337 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 338
Querier Concepts When the switch is used in network applications where video services such as IPTV, video streaming, and gaming are deployed, the figure shows a network application for video streaming service using the IGMP querier feature. IGMP Snooping and Querier 338 Software Administration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 339
similar to the following displays. 2. Enable IGMP snooping on VLAN 1. a. Select Switching > Multicast > IGMP Snooping > IGMP VLAN Configuration. IGMP Snooping and Querier 339 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 340
.10.1. c. Click Apply. 4. Enable the IGMP snooping querier on VLAN 1. a. Select Switching > Multicast > IGMP Snooping Querier VLAN Configuration. IGMP Snooping and Querier 340 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 341
mode is controlled by the set igmp command. If the mode is inactive, no query packet is sent. IGMP Snooping and Querier 341 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 342
Managed Switches Web Interface: Show IGMP Querier Status 1. Select Switching > Multicast > IGMP Snooping > Querier Configuration. A screen similar to the following displays. 2. Click Refresh. IGMP Snooping and Querier 342 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 343
17 17MVR Multicast VLAN Registration This chapter includes the following sections: • Multicast VLAN Registration • Configure MVR in Compatible Mode • Configure MVR in Dynamic Mode 343 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 344
reappears when receivers are in different VLANs. Multicast VLAN registration (MVR) is intended to solve the problem of receivers in different VLANs. It uses a dedicated manually configured VLAN, called the multicast VLAN, to forward multicast traffic over Layer 2 network in conjunction with IGMP - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 345
in this mode, the IGMP router has to be statically configured to transmit all required multicast streams to the MVR switch. MVR 345 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 346
0/9)#mvr type source (Netgear Switch) (Interface 0/9)#exit 4. Configure the receive ports. Note: The receive port can participate in only one VLAN. MVR 346 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 347
Port Type Status 0/1 RECEIVER ACTIVE/InVLAN 0/5 RECEIVER ACTIVE/InVLAN 0/7 RECEIVER ACTIVE/InVLAN 0/9 SOURCE ACTIVE/InVLAN Immediate Leave ---------DISABLED DISABLED DISABLED DISABLED MVR 347 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 348
settings. f. Repeat steps from b to e, add port 0/1 to VLAN1 1001, add port 0/5 to VLAN2 1002, and add port 0/7 to VLAN3 1003. MVR 348 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 349
the MVR Group IP field, enter 224.1.2.3. c. Click Add. 5. Configure a receiver on interface 0/1, 0/5, and 0/7. a. Select Switching > MVR > Basic > MVR Interface Configuration. MVR 349 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 350
the Type list, select source. d. Click Apply to save the settings. 7. Configure MVR Group Membership. a. Select Switching > MVR > Advanced > MVR Membership. MVR 350 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 351
name 1001 Vlan1 (Netgear Switch) (Vlan)#vlan name 1002 Vlan2 (Netgear Switch) (Vlan)#vlan name 1003 Vlan3 (Netgear Switch) (Vlan)#exit MVR 351 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 352
) (Interface 0/9)#mvr type source (Netgear Switch) (Interface 0/9)#exit 5. Configure the receive ports. Note: A receive port can participate in only one VLAN. MVR 352 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 353
Port Type Status 0/1 RECEIVER ACTIVE/InVLAN 0/5 RECEIVER ACTIVE/InVLAN 0/7 RECEIVER ACTIVE/InVLAN 0/9 SOURCE ACTIVE/InVLAN Immediate Leave DISABLED DISABLED DISABLED DISABLED MVR 353 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 354
VLAN1 1001, VLAN2 1002, and VLAN3 1003. e. Add port 9 into MVLAN 999 with tagged mode. f. Select Switching > VLAN > Advanced > VLAN Membership. MVR 354 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 355
Multicast Vlan field, enter 999. d. From the MVR mode list, select dynamic. e. Click Apply. 3. Add multicast group 224.1.2.3 to the MVR. MVR 355 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 356
the Type list, select Receiver. d. Click Apply to save the settings. 5. Configure a source interface. a. Select Switching > MVR > Basic > MVR Interface Configuration. MVR 356 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 357
224.1.2.3, it is added into MVR group 224.1.2.3. a. Select Switching > MVR > Advanced > MVR Group Membership. A screen similar to the following displays. MVR 357 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 358
18 18Security Management Port security features This chapter includes the following sections: • Port Security Concepts • Set the Dynamic and Static Limit on Port 1/0/1 • Convert the Dynamic Address Learned from 1/0/1 to a Static Address • Create a Static Address • Protected Ports • 802.1x Port - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 359
MAC addresses are eligible to be learned by another port. Static MAC addresses are not eligible for aging. • Static locking. You can manually specify a list of static MAC addresses for a port. Dynamically locked addresses can be converted to statically locked addresses. Security Management 359 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 360
. b. Under Port Security Configuration, next to Port Security Mode, select the Enable radio button. c. Click Apply to save the settings. Security Management 360 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 361
the Dynamic Address Learned from 1/0/1 to a Static Address The example is shown as CLI commands and as a web interface procedure. Security Management 361 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 362
the Port List field, select 1/0/1. 3. Select the Convert Dynamic Address to Static check box. 4. Click Apply to save the settings. Security Management 362 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 363
Managed Switches Create a Static Address The example is shown as CLI commands and as a web interface procedure. CLI: Create a Static Address (Netgear Switch) (Interface 1/0/1)#port-security mac-address 00:13:00:01:02:03 Security Management 363 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 364
PC 1 cannot see the traffic that is generated by PC 2, that is, no traffic is forwarded between PC 1 and PC 2. Security Management 364 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 365
)#routing (Netgear Switch) (Interface-vlan 192)#ip address 192.168.1.254 255.255.255.0 (Netgear Switch) (Interface-vlan 192)#exit Security Management 365 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 366
202)#exit 3. Create a DHCP pool to allocated IP addresses to PCs. (Netgear Switch) (config)#service dhcp (Netgear Switch) (config)#ip dhcp pool pool-a (Netgear Switch) (Config-dhcp-pool)#dns-server (Netgear Switch) (Interface 1/0/24)#exit Security Management 366 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 367
Create a DHCP pool: Note: This example assumes that the DHCP service is enabled. For information about how to enable the DHCP service, see the web interface procedure in Configure a DHCP Server in Dynamic ports 1/0/23 and 1/0/24 in the VLAN: Security Management 367 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 368
the gray box under port 48 twice until U displays. The U specifies that the egress packet is untagged for the port. Security Management 368 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 369
to the Learned Routes table. 6. Configure port 23 and port 24 as protected ports: a. Select Security > Traffic Control > Protected Port. Security Management 369 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 370
802.1x port security feature on a switch port. IEEE 802.1x authentication prevents unauthorized clients from connecting to a VLAN unless Security Management 370 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 371
)#dot1x port-control force-authorized 2. Use RADIUS to authenticate the dot1x users. (Netgear Switch) (Config)#aaa authentication dot1x default radius Security Management 371 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 372
Users by a RADIUS Server 1. Enable routing for the switch. a. Select Routing > Basic > IP Configuration. A screen similar to the following displays. Security Management 372 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 373
Subnet Mask field, enter 255.255.255.0. • In the Routing Mode field, select Enable. d. Click Apply to save the settings. Security Management 373 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 374
, select Force Authorized. d. Click Apply to save the settings. 6. Enable dot1x on the switch. a. Select Security > Port Authentication > Server Configuration. Security Management 374 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 375
field, select Enable. g. Click Add. 8. Enable accounting. a. Select Security > Management Security > RADIUS > Radius Configuration. A screen similar to the following displays. Security Management 375 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 376
displays. b. In the Accounting Server Address field, enter 10.100.5.17. c. In the Accounting Mode field, select Enable. d. Click Apply. Security Management 376 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 377
VLAN feature allows a switch to provide a distinguished service to dot1x unaware clients (not rogue users who fail Guest VLAN If a port is in port-based mode, and a client that does not support 802.1X is connected to an unauthorized port that has 802.1X enabled, the client does Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 378
) (Interface 1/0/1)#exit (Netgear Switch) (Config)#interface 1/0/24 (Netgear Switch) (Interface 1/0/24)#dot1x guest-vlan 2000 (Netgear Switch) (Interface 1/0/24)#exit Security Management 378 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 379
Web Interface: Create a Guest VLAN 1. Create VLAN 2000. a. Select Switching > VLAN > Basic > VLAN Configuration. A screen similar to the following displays. Security Management 379 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 380
this step; otherwise you cannot access the switch through the Web Interface. a. Select Security > Port Authentication > Basic > 802.1x Configuration. Security Management 380 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 381
Server IP Address field, enter 192.168.0.1. c. In the Secret Configured field, select Yes. d. In the Secret field, enter 12345. Security Management 381 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 382
(13) • Tunnel-Medium-Type = 802 • Tunnel-Private-Group-ID = VLANID where VLANID is 12 bits, with a value between 1 and 4094. Security Management 382 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 383
Switch) (Config)#dot1x system-auth-control 3. Use the RADIUS as the authenticator. (Netgear Switch) (Config)#aaa authentication dot1x default radius Security Management 383 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 384
to the RADIUS server. (Netgear Switch) (Config)#interface 1/0/6 (Netgear Switch) (Interface 1/0/6)#dot1x port-control force-authorized (Netgear Switch) (Interface 1/0/6)#exit Security Management 384 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 385
FALSE Key Transmission Enabled FALSE Control Direction both Maximum Users 16 Unauthenticated VLAN ID 0 Session Timeout 0 Session Termination Action Default Security Management 385 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 386
field, select Static. d. Click Add. 3. Set force authorized mode on ports 1/0/6 and 1/0/12. a. Select Security > Port Authentication > Advanced > Port Authentication. Security Management 386 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 387
button. d. Click Apply to save settings. 5. Configure the dot1x authentication list. a. Select Security > Management Security > Authentication List > Dot1x Authentication List. Security Management 387 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 388
Address field, enter 192.168.0.1. c. In the Secret Configured field, select Yes. d. In the Secret field, enter 12345. e. Click Add. Security Management 388 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 389
. Dynamic ARP inspection DHCP client IP address: 192.168.10.86 (obtained) HW address: 00:16:76:A7:88:CC Security Management 389 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 390
. For information about how to prevent ARP packets from static clients to be dropped, see Static Mapping on page 394. Security Management 390 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 391
. b. In the VLAN ID field, enter 1. c. In the DHCP Snooping Mode field, select Enable. A screen similar to the following displays. Security Management 391 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 392
. A screen similar to the following displays. 5. Enable ARP Inspection in VLAN 1. a. Select Security > Control > Dynamic ARP Inspection > DAI VLAN Configuration. Security Management 392 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 393
the device through the trusted port for ARP. Otherwise, you might get disconnected from the device. 6. Configure port 1/0/1 as trusted. Security Management 393 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 394
:11:85:ee:54:e9 3. Configure ARP ACL used for VLAN 1. (Netgear Switch) (Config)# ip arp inspection filter ArpFilter vlan 1 Security Management 394 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 395
field, enter 192.168.10.2. d. In the Source MAC Address field, enter 00:11:85:EE:54:E9. e. Click Add. Security Management 395 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 396
VLANs and configures ports within the VLAN to be trusted or untrusted. DHCP servers must be reached through trusted ports. Security Management 396 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 397
Address 00:16:76:A7:88:CC IP Address 192.168.10.89 VLAN ---1 Interface Type 1/0/2 DYNAMIC Lease (Secs) ----------86400 Security Management 397 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 398
a VLAN. a. Select Security > Control > DHCP Snooping Global Configuration. A screen similar to the following displays. b. In the VLAN ID list, select 1. Security Management 398 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 399
Trust Mode field, select Enable. d. Click Apply. A screen similar to the following displays. 4. Select Security > Control > DHCP Snooping Binding Configuration. Security Management 399 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 400
Managed Switches A screen similar to the following displays. Security Management 400 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 401
the DHCP Server Msgs Rec'd column for port 1/0/27 increased, indicating that the port is connected to a rogue DHCP server. Security Management 401 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 402
. A screen similar to the following displays. b. Determine if messages in the DHCP Server Msgs Rec'd column increase for any port. Security Management 402 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 403
address of the DHCP server is 10.100.5.253 and the MAC address is 00:26:F2:F6:B3:6C. Security Management 403 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 404
Snooping > Binding Configuration. A screen similar to the following displays. 2. Fill in the fields for the static binding and click Apply. Security Management 404 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 405
) Burst Interval (seconds) 1/0/2 No 5 1 Web Interface: Configure the Maximum Rate of DHCP Messages 1. Select Security > Control > DHCP Snooping > Interface Configuration. Security Management 405 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 406
database. When IP Source Guard is enabled, the switch drops incoming packets that do not match a binding in the bindings Security Management 406 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 407
) HW address: 00:16:76:A7:88:CC The example is shown as CLI commands and as a web interface procedure. Security Management 407 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 408
86400 If the entry does not exist in the DHCP Snooping Binding table, you can add the entry manually through the ip verify binding vlan interface - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 409
VLAN ID list, select 1. c. In the DHCP Snooping Mode field, select Enable. A screen similar to the following displays. d. Click Apply. Security Management 409 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 410
Configuration. A screen similar to the following displays. 4. View the DHCP Snooping Binding table. Select Security > Control > DHCP Snooping Binding Configuration. Security Management 410 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 411
field, enter 1. e. In the IP Address field, enter 192.168.10.80. f. Click Add. A screen similar to the following displays. Security Management 411 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 412
Authorization TACACS+ servers support command authorization. The RADIUS protocol does not support command authorization but you the vendor attribute cannot be longer than 64 bytes. RADIUS- based command authorization supports a maximum of 50 commands. Note: You can use both a TACACS+ server - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 413
attribute (VSA) "shell:priv-lvl" is used. If the service-type attribute value is returned as administrator or the Cisco VSA "shell:priv-lvl" is at least FD_USER_MGR_ADMIN_ACCESS_LEVEL(15), the user receives access to the privileged EXEC mode. Security Management 413 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 414
Because the RADIUS protocol does not support authorization, the privilege level attribute must be returned with the authentication response. If the service-type attribute is already present in RADIUS account for the following actions: Security Management 414 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 415
tool for security services. • Account when a user logs in and logs out of a user EXEC session. CLI: Configure Telnet Command Accounting by a TACACS+ Server Note: TACACS+ accounting supports both user EXEC HTTPS none none HTTP none none Security Management 415 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 416
Managed Switches Configure Telnet EXEC Accounting by RADIUS Server RADIUS accounting supports EXEC mode but does not support command mode. (Netgear Switch)(Config)#radius server host acct 10.100.5.13 ( HTTPS none none HTTP none none Security Management 416 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 417
relative priorities (that is, the highest first) are in the same order as that of the port-based authentication list. Security Management 417 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 418
and the authentication manager starts a timer. When the timer expires, the authentication manager restarts the authentication process with dot1x authentication. Security Management 418 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 419
dot1x. This situation occurs because the default priority for dot1x authentication is higher than the default priority for MAB authentication. Security Management 419 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 420
Port is authorized Succeeded Port is unauthorized Figure 42. Dot1x, MAB, and captive portal authentication method list with default priority Security Management 420 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 421
in the list. The CLI command to enable authentication is as follows. (Netgear Switch)#configure (Netgear Switch)(Config)#authentication enable Security Management 421 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 422
19 19MAB MAC Authentication Bypass This chapter includes the following sections: • MAC Authentication Bypass Concepts • Configure MAC Authentication Bypass on a Switch • Configure a Network Policy Server on a Microsoft Windows Server 2008 R2 or Later Server • Configure an Active Directory on a - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 423
and the 802.1X guest VLAN period times out, the switch denies the client access. The following figure illustrates MAB operation. MAB 423 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 424
.46 Port 1/0/1 Port 1/0/10 Switch IP address 10.1.10.50 Figure 44. MAB topology with a switch, IP phone, and Microsoft server MAB 424 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 425
server (port 1/0/1 in this example). (Netgear Switch) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#dot1x port-control force-authorized (Netgear Switch) (Interface 1/0/1)#exit MAB 425 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 426
Enable radio button. c. Click Apply. 2. Configure RADIUS to authenticate 802.1X users: a. Select Security > Management Security > Authentication List > Dot1x Authentication List. MAB 426 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 427
Primary Server menu, select Yes. • From the Message Authenticator menu, select Enable. • From the Server Type menu, select Standard. c. Click Add. MAB 427 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 428
for port 0/10. c. Configure the following settings: • From the Control Mode menu, select MAC Based. • From the MAB menu, select Enable. MAB 428 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 429
Managed Switches Leave all other settings on the screen at their default value. d. Click Apply. Note: For information about how to reduce the MAB authentication time, see Reduce the MAB Authentication Time on page 439. MAB 429 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 430
using another method. These problems might require that you reinstall your Microsoft operating system. Modify the registry at your own risk. To reenable EAP-MD5 support in Microsoft Windows Vista, add the following registry entries: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RasMan\PPP\EAP - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 431
Managed Switches a. Click Network Policy and Access Services > NPS > RADIUS Clients and Servers > RADIUS Clients. The server request policies for the network policy server: a. Click Network Policy and Access Services > NPS > Policies > Connection Request Policies. b. Double-click Secured Wired - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 432
Managed Switches c. Select the Policy enabled check box. d. From the Type of network access server menu, select Unspecified. Leave the Vendor specific radio button cleared. e. Click the Apply button. f. Click the Conditions tab. The screen adjusts. MAB 432 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 433
Managed Switches g. Configure the NAS Port Type field as Ethernet. h. Click the Apply button. i. Click the Settings tab. The screen adjusts. MAB 433 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 434
MD5-Challenge. o. Click the Apply button. 5. Configure the network policies for the network policy server: a. Click Network Policy and Access Services > NPS > Policies > Network Policies. b. Double-click Secured Wired (Ethernet) Connections. The Secure Wired (Ethernet) Connections Properties pop-up - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 435
menu, select Unspecified. Leave the Vendor specific radio button cleared. f. Click the Apply button. g. Click the Conditions tab. The screen adjusts. MAB 435 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 436
Managed Switches h. Configure the NAS Port Type field as Ethernet. i. Click the Apply button. j. Click the Constraints tab. The screen adjusts. MAB 436 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 437
Types field. n. From the EAP Types field, select MD5-Challenge. o. Click the Apply button. p. Click the Settings tab. The screen adjusts. MAB 437 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 438
for which you want to allow a connection. • Password. Any temporary password. 2. Right-click the new user account name and select Properties. MAB 438 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 439
MAB sends a request to the authentication server with the MAC address as the user name and the MD5 hash as the MAB 439 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 440
0/1. 3. In the Guest VLAN Period field, enter 10 Leave the other settings on the screen at the default value. 4. Click Apply. MAB 440 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 441
20 20SNTP Simple Network Time Protocol This chapter includes the following sections: • Simple Network Time Protocol Concepts • Show SNTP (CLI Only) • Configure SNTP • Set the Time Zone (CLI Only) • Set the Named SNTP Server 441 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 442
synchronize network resources and for adaptation of NTP. • SNTP provides synchronized network timestamp. • It can be used in broadcast or unicast mode. • It supports SNTP client implemented over UDP, which listens on port 123. Show SNTP (CLI Only) The following are examples of the commands used in - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 443
the command. Display SNTP Client Information. Display SNTP Server Information. show sntp client (Netgear Switch) #show sntp client Client Supported Modes: SNTP Version: Port: Client Mode: Unicast Poll Interval: Poll Timeout (seconds): Poll Retry: unicast broadcast 4 123 unicast 6 5 1 SNTP - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 444
PC to find the server's IP address. The following example configures the SNTP server IP address to 208.14.208.19. SNTP 444 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 445
:09 2006 Last Attempt Time: Mar 26 03:36:09 2006 Last Update Status: Success Total Unicast Requests: 2 Failed Unicast Requests: 0 SNTP 445 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 446
Add. 2. Configure SNTP globally. a. Select System > Management > Time > SNTP Global Configuration. A screen similar to the following displays. b. Enter the following information: SNTP 446 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 447
setting DNS name look-up can be used for any other applications that require a public IP address, for example, a RADIUS server. SNTP 447 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 448
Add. 2. Configure the DNS server. a. Select System > Management > DNS > DNS Configuration. A screen similar to the following displays. b. Enter the following information: SNTP 448 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 449
Managed Switches • For DNS Status, select the Enable radio button • In the DNS Server field, enter 192.168.1.1. c. Click Add. SNTP 449 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 450
21 21Tools Tools to manage, monitor, and personalize the switch and network This chapter includes the following sections: • Traceroute • Configuration Scripting • Pre-Login Banner • Port Mirroring • Remote SPAN • Dual Image • Outbound Telnet • Full Memory Dump 450 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 451
it takes for the packet to reach its destination. In this example, the packet takes 16 hops to reach its destination. Tools 451 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 452
ms 70 ms 80 ms 50 ms 70 ms 50 ms 60 ms 60 ms 70 ms 95 ms 69 ms Tools 452 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 453
Managed Switches Web Interface: Traceroute 1. Select Maintenance > Troubleshooting > Traceroute. A screen similar to the following displays. Use this screen to tell the switch script format of one CLI command per line. Here are some considerations: Tools 453 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 454
while being applied. • Validation of scripts checks for syntax errors only. It does not validate that the script will run successfully. Tools 454 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 455
you want to apply the configuration script? (y/n) y The system has unsaved changes. Would you like to save them now? (y/n) y Configuration Saved! Tools 455 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 456
.52 ./ running-config.scr Config Script running-config.scr Are you sure you want to start? (y/n) y File transfer operation completed successfully. Tools 456 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 457
) >logout Login Banner - Unauthorized access is punishable by law. User: Note: The no clibanner command removes the banner from the switch. Tools 457 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 458
the destination interface. (Netgear Switch)(Config)#exit (Netgear Switch)#show monitor session 1 Session ID Admin Mode Probe Port Mirrored Port 1 Enable 1/0/3 1/0/2 Tools 458 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 459
port 1/0/ 1/0/23 RSPAN VLAN 1/0/24 1/0/23 1/0/24 1/0/3 Switch 4 1/0/1 Switch 2 Switch 3 1/0/4 Source port Figure 45. Example of an RSPAN topology Destination port Tools 459 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 460
connected to the source switch and destination switch with the RSPAN VLAN. Only one RSPAN VLAN is supported. On the source switch, the traffic that is received on and transmitted from source port (1/0/1) RSPAN VLAN (the destination for the mirrored traffic) Tools 460 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 461
Switch) (Interface 1/0/24)#exit 3. On the destination switch (Switch 4), configure the following settings: • RSPAN VLAN (the source of the mirrored traffic) Tools 461 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 462
Admin Probe Src Mirrored Ref. Src Dst Type IP MAC ID Mode Port VLAN Port Port RVLAN RVLAN ACL ACL 1 Enable 1/0/4 5 Tools 462 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 463
works seamlessly with the stacking feature. All members in the stack must be uniform in their support for the dual Image feature. The Dual Image feature works in the following way in a intervention to correct the problem, by using appropriate stacking commands. Tools 463 Software Administration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 464
members of the stack! File transfer operation completed successfully. (Netgear Switch) # (Netgear Switch) #show bootvar Image Descriptions image1 : default image image2 : Tools 464 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 465
, enter 10.100.5.17(tftp server IP address). g. In the Remote File Name, enter gsm73xxse-r8v0m0b3.stk. h. Click Apply. 2. Activate image2. Tools 465 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 466
hosts do not maintain information about the characteristics of each other's terminals and terminal handling conventions. • Must use a valid IP address. Tools 466 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 467
(Netgear Switch)#show telnet Outbound Telnet Login Timeout (minutes)........ 5 Maximum Number of Outbound Telnet Sessions..... 5 Allow New Outbound Telnet Sessions Yes Tools 467 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 468
to execute the command. (Netgear Switch) (Line)#transport output telnet (Netgear Switch) (Line)# Web Interface: Configure Telnet 1. Select Security > Access > Telnet. Tools 468 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 469
> Enter time in minutes. (Netgear Switch) (Line)#session-timeout 15 Web Interface: Configure the Session Time-out 1. Select Security > Access > Telnet. Tools 469 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 470
) #exception dump tftp-server 172.26.2.100 3. Change the name of the dump file. The file name is formed as follows: Tools 470 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 471
) Enable the switch-chip-register. This dumps the register value in the chipset. (Netgear Switch) (Config) #exception switch-chip-register enable Tools 471 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 472
22 22Syslog System logging This chapter includes the following sections: • Syslog Concepts • Show Logging • Show Logging Buffered • Show Logging Traplogs • Show Logging Hosts • Configure Logging for a Port • Email Alerting 472 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 473
: 514 disabled disabled alert enabled Syslog Logging : enabled Log Messages Received Log Messages Dropped Log Messages Relayed Log Messages Ignored : 66 : 0 : 0 : 0 Syslog 473 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 474
the Disable radio button. c. Click Apply. 3. Configure the console log. a. Select Monitoring > Logs > Console Log. A screen similar to the following displays. Syslog 474 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 475
> Buffer Logs. A screen similar to the following displays. b. Under Buffer Logs, for Admin Status, select the Enable radio button. c. Click Apply. Syslog 475 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 476
facility. • Severity = Priority minus 8. For example, if the priority is 14, subtract 8 from 14. The result is 6, which is the severity. Syslog 476 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 477
Managed Switches Web Interface: Show Logging Buffered Select Monitoring > Logs > Buffer Logs. A screen similar to the following displays. Show Logging Traplogs The example is shown as CLI commands and as a web interface procedure. Syslog 477 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 478
. A screen similar to the following displays. Show Logging Hosts The example is shown as CLI commands and as a web interface procedure. Syslog 478 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 479
similar to the following displays. Configure Logging for a Port The example is shown as CLI commands and as a web interface procedure. Syslog 479 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 480
.168.21.253 Severity ---------alert Port ---4 Status Active Web Interface: Configure Logging for the Port 1. Select Monitoring > Logs > Sys Log Configuration. Syslog 480 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 481
divided into three groups by severity level: urgent, nonurgent, and never. FOR POSITION ONLY (FPO) Figure 47. Log message severity levels Syslog 481 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 482
, the periodic timer is ignored and all log messages that were not sent previously are immediately forwarded to the SMTP server. Syslog 482 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 483
-addr [email protected] 3. Increase the severity of traps to 3 (error). By default, it is 6 (informational). (Netgear Switch) (Config)#logging traps 3 Syslog 483 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 484
23 23Chassis Switch Management Configure system and interface features This chapter includes the following sections: • Chassis Switch Management and Connectivity • Supervisor and Chassis Members • Chassis Firmware • Add, Remove, or Replace a Chassis Member • Chassis Switch Configuration Files • - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 485
either a serial connection to the chassis supervisor's console port or a Telnet connection to the IP address of service port (out-of-baud) or normal ports on the front panel. You can use any of the following is currently the supervisor. Chassis Switch Management 485 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 486
a chassis and it does not use the same version of code as that of the supervisor, the following occurs: Chassis Switch Management 486 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 487
following procedure: 1. Save the current configuration by uploading it from the chassis, using the copy command from the CLI. Chassis Switch Management 487 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 488
to the open slot. 5. To remove the member from the chassis configuration, issue the no member command. Chassis Switch Management 488 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 489
member number, the blade type, and the interfaces associated with a blade that is not currently part of the chassis. Chassis Switch Management 489 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 490
. 1. Issue the member command. To view the supported unit types, use the show supported switchtype command. 2. Configure the member that you just defined with configuration commands, are in slot 1 and slot 2. Chassis Switch Management 490 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 491
blades rejoined the chassis. 3. NETGEAR recommends that you reset the chassis with the reload command after moving the supervisor. Chassis Switch Management 491 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 492
connection to the chassis because the IP address could change if the switch gets its IP address using DHCP. Chassis Switch Management 492 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 493
24 24Switch Stacks Manage switch stacks This chapter describes the concepts and recommended operating procedures to manage NETGEAR stackable managed switches that are running release 11.0 or a newer release. This chapter includes the following sections: • Switch Stack Management and Connectivity • - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 494
an example of switches that are interconnected to form a stack. Connecting AX742 modules with stacking cable Figure 48. Stacked switches Switch Stacks 494 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 495
elected and the previous stack master becomes available, the previous stack master does not resume its role as stack master. Switch Stacks 495 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 496
out-of-the-box switch (one that did not join a switch stack or was not manually assigned a stack member number) ships with a default stack member number of 1. When the a Stack Many switch models include a Hardware Installation Guide with information about rack mounting and stack cabling. Compatible - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 497
to the stack, repeat steps Step 6 through Step 8. Always power on a switch adjacent to the switches already in the stack. Switch Stacks 497 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 498
firmware propagation, do not move stack cables or reconfigure units. 2. If an error occurs during firmware propagation, do the following: Switch Stacks 498 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 499
Member 1. Select Maintenance > File Management > Copy. A screen similar to the following displays. 2. In the Stack Member menu, select 2. 3. Click Apply. Switch Stacks 499 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 500
Switch) (Config-stack)#exit (Netgear Switch) (Config)#exit (Netgear Switch) #reload Are you sure you want to reload the stack? (y/n) y Switch Stacks 500 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 501
Mode Status 1/0/51 Enable 10G Full 10G Full Up Link Status -----Enable Link LACP Trap Mode Enable long Actor Timeout ------ Switch Stacks 501 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 502
B, configure a stack port as an Ethernet port. a. Select System > Stacking > Advanced > Stack Port Configuration. A screen similar to the following displays. Switch Stacks 502 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 503
> Device Reboot. A screen similar to the following displays. b. In the Reboot Unit No. menu, select 1. c. Click Apply. The switch reboots. Switch Stacks 503 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 504
Status (Gb/s) Link Down 12 Link Down 0 Because port 1/0/52 is already configured as a stack port, no action is required. Switch Stacks 504 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 505
----------M5300-28G3 M5300-28G3 Plugged-in Model ID ----------M5300-28G3 M5300-28G3 Switch Status --------OK OK Code Version ----------11.0.0.3 11.0.0.3 Switch Stacks 505 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 506
. d. Click Apply to save the settings. 3. Reboot the switch. a. Select Maintenance > Reset > Device Reboot. A screen similar to the following displays. Switch Stacks 506 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 507
new switches in the rack. This procedure assumes installation below the bottom-most switch, or above the top-most switch. Switch Stacks 507 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 508
you want the switch stacks to remain separate, change the IP address or addresses of the newly created switch stacks. Switch Stacks 508 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 509
stack. However, if you want the store to store this system level configuration, you must issue the save config command. Switch Stacks 509 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 510
number, the switch type, and the interfaces that are associated with a switch that is not currently part of the stack. Switch Stacks 510 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 511
preconfigure a switch: 1. Issue the member unit-id switchindex command. 2. To view the supported unit types, use the show supported switchtype command. 3. Configure the unit that you defined in Step 1, just as if the switch and adds it to the stack. Switch Stacks 511 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 512
Manager unit renumbering and the configuration of Manager switch interfaces will be cleared. Are you sure you want to renumber? (y/n) y Switch Stacks 512 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 513
Switch ID to field, enter 2. d. Click Apply to save the settings. Now, the unit ID of the stacking member is 2. Switch Stacks 513 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 514
. 2. In the Management Unit Selected menu, select 2. A warning window displays. 3. Click the OK button. 4. Click Apply to save the settings. Switch Stacks 514 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 515
Managed Switches Note: If the master receives its IP address from a DHCP server and you move the master to a different unit, its IP address might change and you could lose the connection to the switch. Switch Stacks 515 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 516
25 25SNMP Simple Network Management Protocol This chapter includes the following sections: • Add a New Community • Enable SNMP Trap • SNMP Version 3 • sFlow • Time-Based Sampling of Counters with sFlow 516 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 517
Client IP Mask field, enter 0.0.0.0. 5. In the Access Mode field, select Read/Write. 6. In the Status field, select Enable. 7. Click Add. SNMP 517 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 518
field, select Enable. f. Click the Add button. 2. Set the Link Up/Down flag. a. Select System > SNMP > SNMP V1/V2 > Trap Flags. SNMP 518 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 519
md5 (Netgear Switch) (Config)#users snmpv3 encryption admin des 12345678 Set the encryption mode to des and the key is "12345678" SNMP 519 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 520
Protocol, select the MD5 radio button. d. For Encryption Protocol, select the DES radio button. e. In the Encryption Key field, enter 12345678. SNMP 520 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 521
. PC Interface 1/0/2 Interface 1/0/1 GSM73xxS Sflow collector IP address: 192.168.10.2 Figure 51. sFlow Uplink interface 1/0/24 Switch/Router Interface 1/0/3 PC SNMP 521 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 522
) (Config)# interface 1/0/1 (Netgear Switch) (Interface 1/0/1)# sflow sampler 1 (Netgear Switch) (Interface 1/0/1)# sflow sampler rate 1024 (Netgear Switch) (Interface 1/0/1)# sflow sampler maxheadersize 64 SNMP 522 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 523
. 2. Configure the sampling ports sFlow receiver index, sampling rate, and sampling maximum header size. a. Select Monitoring > sFlow > Advanced > sFlow Interface Configuration. SNMP 523 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 524
the ports to be polled. (Netgear Switch) (Config)# interface 1/0/1 (Netgear Switch) (Interface 1/0/1)# sflow poller 1 (Netgear Switch) (Interface 1/0/1)# sflow poller interval 300 SNMP 524 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 525
Configuration. 2. Select the Interface 1/0/1 check box. 3. In the Poller Interval field, enter 300. A screen similar to the following displays. 4. Click Apply. SNMP 525 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 526
26 26DNS Domain Name System This chapter includes the following sections: • Domain Name System Concepts • Specify Two DNS Servers • Manually Add a Host Name and an IP Address 526 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 527
Send count=3, Receive count=3 from 206.82.202.46 Web Interface: Specify Two DNS Servers 1. Select System > Management > DNS > DNS Configuration. DNS 527 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 528
. 3. Click Add. 4. In the DNS Server field, enter 219.141.140.10. 5. Click Add. Both DNS servers now show in the DNS Server Configuration table. Manually Add a Host Name and an IP Address The following example shows commands to add a static host name entry to the switch so that you can - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 529
(Config)#ip domain-lookup (Netgear Switch) (Config)#ping www.netgear.com Send count=3, Receive count=3 from 206.82.202.46 Web Interface: Manually Add a Host Name and an IP Address 1. Select System > Management > DNS > Host Configuration. A screen similar to the following displays. 2. Under DNS Host - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 530
a Fixed IP Address Note: The DHCP server is available on M5300 and M6100 series switches only. However, the following M5300 series switches require a license to support the DHCP server: M5300-28G, M5300-52G, M5300-28G-POE+, and M5300-52G-POE+. 530 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 531
vlan 200)#ip address 192.168.100.1 255.255.255.0 (Netgear Switch) #config (Netgear Switch) (Config)#service dhcp (Netgear Switch) (Config)#ip dhcp pool pool_dynamic (Netgear Switch) (Config)#network 192.168.100.0 255. the DHCP dynamic pool's subnet. DHCP Server 531 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 532
U displays. The U specifies that the egress packet is untagged for the port. e. Click Apply. 3. Assign PVID to the VLAN 200. DHCP Server 532 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 533
Apply to save the settings. 4. Create a new DHCP pool. a. Select System > Services > DHCP Server > DHCP Server Configuration. A screen similar to the following displays. b. button. c. Click Apply to enable the DHCP service. d. Select System > Services > DHCP Server > DHCP Pool Configuration. A - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 534
a DHCP Server that Assigns a Fixed IP Address (Netgear Switch)#config (Netgear Switch) (Config)#service dhcp (Netgear Switch) (Config)#ip dhcp pool pool_manual (Netgear Switch) (Config)#client-name dhcpclient Protocol Parameters" section of RFC 1700. DHCP Server 534 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 535
> Services > DHCP Server > DHCP Pool Configuration. A screen similar to the following displays. 5. Under DHCP Pool Configuration, enter the following information: • In the Pool Name list, select Create. • In the Pool Name field, enter pool_manual. • In the Type of Binding list, select Manual. • In - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 536
. • In the Days field, enter 1. 6. Click Add. The pool_manual name is now added to the Pool Name drop-down list. DHCP Server 536 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 537
a Stateful DHCPv6 Server Note: The DHCPv6 server is available on M5300 and M6100 series switches only. However, the following M5300 series switches require a license to support the DHCPv6 server: M5300-28G, M5300-52G, M5300-28G-POE+, and M5300-52G-POE+. 537 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 538
information such as domain name or DNS server. DHCPv6 supports stateful address allocation, prefix delegation, and stateless services. This chapter describes how to configure the prefix delegation mode 2001:1:2::/96 to another user's network. DHCPv6 Server 538 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 539
SWITCH) (Config)#ipv6 unicast routing 2. Create a DHCPv6 pool and enable DHCP service. (NETGEAR SWITCH) (Config)#service dhcpv6 (NETGEAR SWITCH) (Config)#ipv6 dhcp pool pool1 (NETGEAR SWITCH) (Config dhcp6 SWITCH) (Config dhcp6s pool)#exit DHCPv6 Server 539 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 540
Managed Switches 3. Enable DHCPv6 service on port 1/0/9. (NETGEAR SWITCH) (Config)#interface 1/0/9 (NETGEAR SWITCH) (Interface 1/0/9)#routing (NETGEAR SWITCH) (Interface 1/0/9)#ipv6 address Enable radio button. c. Click Apply to save the settings. DHCPv6 Server 540 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 541
field, select Enable. d. Click Apply to apply the settings. 4. Configure the prefix on interface 1/0/9. a. Select Routing > IPv6 > Advanced > Prefix Configuration. DHCPv6 Server 541 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 542
is created. 5. Enable the DHCPv6 server configuration. a. Select System > Services > DHCPv6 Server > DHCPv6 Server Configuration. A screen similar to the following DHCPv6 pool named pool1. a. Select System > Services > DHCP Server > DHCPv6 Pool Configuration. DHCPv6 Server 542 Software - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 543
the settings. 7. Configure the prefix in the pool1. a. Select System > Services > DHCPv6 Server > DHCPv6 Pool Configuration. A screen similar to the following displays DHCPv6 on interface 1/0/9. a. Select System > Services > DHCPv6 Server > DHCPv6 Interface Configuration. DHCPv6 Server - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 544
how you can use a DHCPv6 server to pass on information about a DNS server to clients that receive an IPv6 address in autoconfiguration mode or manual mode. The configured DHCP pool does not contain a prefix pool but contains information about the DNS server. The ipv6 nd other-config-flag command - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 545
)#dns-server 2011:9:18::1 (Netgear Switch) (Config-dhcp6s-pool)#exit (Netgear Switch) (Config)#service dhcpv6 3. Enable the IPv6 DHCP server on interface 2/0/21. Note: In this case, you a. Select Routing > IPv6 > Advanced > Interface Configuration. DHCPv6 Server 545 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 546
. c. In the IPv6 Prefix field, enter 2003:1000::1. d. In the Prefix Length field, enter 64. e. In the EUI64 field, select Disable. f. Click Add. 4. Enable DHCPv6 service. a. Select System > Services > DHCPv6 Server > DHCPv6 Server Configuration. DHCPv6 Server 546 Software Administration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 547
Apply to save the settings. 5. Create a DHCPv6 pool. a. Select System > Services > DHCP Server > DHCPv6 Pool Configuration. A screen similar to the following displays. interface 2/0/21. a. Select System > Services > DHCPv6 Server > DHCPv6 Interface Configuration. DHCPv6 Server 547 Software - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 548
server that functions in stateful mode. CLI: Configure a Stateful DHCPv6 Server 1. Enable IPv6 routing. (Netgear Switch) (Config)#ipv6 unicast-routing DHCPv6 Server 548 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 549
prefix 2001:1:2::/64 (Netgear Switch) (Config-dhcp6s-pool)#exit (Netgear Switch) (Config)#service dhcpv6 3. Enable the IPv6 DHCP server on interface 1/0/1. (Netgear Switch) (Config a. Select Routing > IPv6 > Advanced > Interface Configuration. DHCPv6 Server 549 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 550
, select 1/0/1. c. In the IPv6 Prefix field, enter 2001:1:2::1. d. In the Length field, enter 64. e. In the EUI64 field, select Disable. f. Click Add. 4. Enable the DHCPv6 service. a. Select System > Services > DHCPv6 Server > DHCPv6 Server Configuration. DHCPv6 Server 550 Software Administration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 551
to save the settings. 5. Create the DHCPv6 pool. a. Select System > Services > DHCP Server > DHCPv6 Pool Configuration. A screen similar to the following displays prefix for the DHCPv6 pool. a. Select System > Services > DHCPv6 Prefix Delegation Configuration > DHCPv6 Prefix Delegation Configuration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 552
enter 64. e. Click Add. 7. Enable the DHCPv6 pool on interface 1/0/1. a. Select System > Services > DHCPv6 Server > DHCPv6 Interface Configuration. A screen similar to the following displays. b. Select the . e. Click Apply to save the settings. DHCPv6 Server 552 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 553
29 29DVLANs and Private VLANs Double VLANS and private VLAN groups This chapter includes the following sections: • Double VLANs • Private VLAN Groups 553 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 554
traffic from one customer domain to another through the metro core. Custom VLAN IDs are preserved and a provider service VLAN ID is added to the traffic so the traffic can pass the metro core in a simple and as a web interface procedure. DVLANs and Private VLANs 554 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 555
a Double VLAN 1. Create static VLAN 200: a. Select Switching > VLAN > Basic > VLAN Configuration. A screen similar to the following displays. DVLANs and Private VLANs 555 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 556
. Now 1/0/24 appears in the Interface field at the top. c. In the PVID (1 to 4093) field, enter 200. DVLANs and Private VLANs 556 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 557
Managed Switches d. Click Apply to save the settings. 4. Configure port 48 as the provider service port: a. Select Switching > VLAN > Advanced > Port DVLAN Configuration. A screen similar to the following Click Apply to save the settings. DVLANs and Private VLANs 557 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 558
1/0/6 Port 1/0/7 Port 1/0/17 Port 1/0/16 Group 1 Group 2 Figure 54. Private VLAN groups in community mode and isolated mode DVLANs and Private VLANs 558 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 559
Switch) (Config)#interface range 1/0/6-1/0/7 (Netgear Switch) (conf-if-range-1/0/6-1/0/7)#switchport private-group 1 (Netgear Switch) (conf-if-range-1/0/6-1/0/7)#exit DVLANs and Private VLANs 559 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 560
, select Static. c. Click Add. 2. Add ports 1/0/6, 1/0/7, 1/0/16, and 1/0/17 to VLAN 200. a. Select Switching > VLAN > Advanced > VLAN Membership. DVLANs and Private VLANs 560 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 561
settings. 4. Create a private group, group1. a. Select Security > Traffic Control > Private Group VLAN > Private Group VLAN > Private Group Configuration. DVLANs and Private VLANs 561 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 562
each box. e. Click Apply. 6. Create a private group, group2. a. Select Security > Traffic Control > Private Group VLAN > Private Group Configuration. DVLANs and Private VLANs 562 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 563
. d. Click the gray boxes under ports 16 and 17, and a check mark displays in each box. e. Click Apply. DVLANs and Private VLANs 563 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 564
30 30STP Spanning Tree Protocol This chapter includes the following sections: • Spanning Tree Protocol Concepts • Configure Classic STP (802.1d) • Configure Rapid STP (802.1w) • Configure Multiple STP (802.1s) • Configure PVSTP and PVRSTP 564 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 565
data traffic, enabling load balancing, and reducing the number of Spanning Tree instances required to support a large number of VLANs. Configure Classic STP (802.1d) The example is shown as STP > STP Configuration. A screen similar to the following displays. STP 565 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 566
(802.1w) (Netgear switch) (Config)# spanning-tree (Netgear switch) (Config)# spanning-tree mode rstp (Netgear switch) (Interface 1/0/3)# spanning-tree port mode STP 566 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 567
Interface 1/0/3 check box. Now 1/0/3 appears in the Interface field at the top. c. In the Port Mode field, select Enable. d. Click Apply. STP 567 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 568
priority and cost on port 1/0/3: (Netgear switch) (Interface 1/0/3)# spanning-tree mst 1 port-priority 128 (Netgear switch) (Interface 1/0/3)# spanning-tree mst 1 cost 0 STP 568 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 569
the Priority field, enter 4096. • In the VLAN Id field, enter 2. • Click Add. • In the VLAN Id field, enter 3. • Click Apply. STP 569 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 570
one main difference: PVSTP runs one instance per VLAN. The protocol is equivalent to Cisco's PVST+ and can interoperate with it. STP 570 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 571
VLAN instance to communicate with a switch that runs an IEEE standard spanning tree protocol. PVRSTP embeds support for the FastUplink feature to speed up the selection of a new root and the FastBackbone feature through the Listening and Learning states. STP 571 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 572
PVSTP You must configure PVSTP on Switch 1 and Switch 2. This example assumes that all switches can support PVSTP. CLI: Configure PVSTP on Switch 1 1. Ensure that ports 1/0/1 and 1/0/2 are in VLAN PVSTP (or PVRSTP) is applied to VLANs automatically. STP 572 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 573
BPDU packets for PVSTP are transmitted in tagged packets. 2. Enable PVSTP. (Netgear Switch) #config (Netgear Switch) (Config)#spanning-tree mode pvst STP 573 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 574
the selection of a new root and indirect ports, respectively. (Netgear Switch) (Config)#spanning-tree uplinkfast (Netgear Switch) (Config)#spanning-tree backbonefast STP 574 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 575
You must configure PVSTP on Switch 1 and Switch 2. This example assumes that all switches can support PVSTP. Web Interface: Configure PVSTP on Switch 1 1. Ensure that ports 1/0/1 and 1/0/2 are > PVST Interface. A screen similar to the following displays. STP 575 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 576
, 0). a. Select Switching > STP > Advanced > PVST VLAN. A screen similar to the following displays. b. Select the 1002 check box for VLAN ID 1002. STP 576 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 577
the PVST status for ports 1/0/1 and 1/0/2 in VLAN 1002. a. Select Switching > STP > Advanced > PVST Interface. A screen similar to the following displays. STP 577 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 578
Managed Switches b. From the VLAN ID menu, select 1002. The roles of ports 1/0/1 and 1/0/2 display. STP 578 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 579
Tunnel • Create a 6to4 Tunnel Note: IPv6 tunnels are available on M5300 and M6100 series switches only. However, the following M5300 series switches require a license to support IPv6 tunnels: M5300-28G, M5300-52G, M5300-28G-POE+, and M5300-52G-POE+. 579 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 580
destination address is derived from the 6to4 IPv6 address of the tunnel's next hop. A 6to4 tunnel supports the functionality of a 6to4 border router that connects a 6to4 site to a 6to4 domain. With Switch 2 Figure 56. 6in4 tunnel configuration Tunnels for IPv6 580 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 581
192.168.1.2 (Netgear Switch) # ping ipv6 2000::2 Send count=3, Receive count=3 from 2000::2 Average round trip time = 1.00 ms Tunnels for IPv6 581 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 582
. b. For Routing Mode, select the Enable radio button. c. Click Apply. 2. Enable IPv6 forwarding and unicast routing on the switch. Tunnels for IPv6 582 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 583
.0. • In the Routing Mode field, select Enable. c. Click Apply. 4. Create a 6-in-4 tunnel interface. a. Select Routing > IPv6 > Advanced > Tunnel Configuration. Tunnels for IPv6 583 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 584
radio button. c. Click Apply. 2. Enable IPv6 forwarding and unicast routing on the switch. a. Select Routing > IPv6 > Basic > Global Configuration. Tunnels for IPv6 584 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 585
.0. • In the Routing Mode field, select Enable. c. Click Apply. 4. Create a 6-in-4 tunnel interface. a. Select Routing > IPv6 > Advanced > Tunnel Configuration. Tunnels for IPv6 585 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 586
forward traffic from one IPv6 domain (with a non-2002:: address) to other IPv6 domain (also with a non-2002:: address). Tunnels for IPv6 586 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 587
) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#routing (Netgear Switch) (Interface 1/0/1)#ip address 195.1.3.2 255.255.255.0 (Netgear Switch) (Interface 1/0/1)#exit Tunnels for IPv6 587 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 588
the tunnel address of Switch 3 as the next hop. (Netgear Switch) (Config)#ipv6 route 8888::/16 2002:c301:502::1 Tunnels for IPv6 588 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 589
Switch) (Interface tunnel 0)#tunnel mode ipv6ip 6to4 (Netgear Switch) (Interface tunnel 0)#tunnel source 195.1.4.2 (Netgear Switch) (Interface tunnel 0)#exit Tunnels for IPv6 589 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 590
) (Config)# interface 2/0/1 (Netgear Switch) (Interface 2/0/1)#routing (Netgear Switch) (Interface 2/0/1)#ip address 195.1.5.2 255.255.255.0 (Netgear Switch) (Interface 2/0/1)#exit Tunnels for IPv6 590 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 591
[0/0] via ::, tunnel 0 6To4 2002:c301:302::/48 [1/0] via fe80::c301:501, 00h:50m:06s, tunnel 0 C 8888::/64 [0/0] via ::, 2/0/24 Tunnels for IPv6 591 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 592
Unicast Routing, select the Enable radio button. c. Click Apply. 3. Create a routing interface and assign an IP address to it. Tunnels for IPv6 592 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 593
The settings for port 1/0/1 display in the fields in the table heading. c. Configure the following settings: • In the IP Address Configuration Method field, select Manual. • In the IP Address field, enter 195.1.3.2. • In the Subnet Mask field, enter 255.255.255.0. • In the Routing Mode field, select - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 594
Disable. d. Click Add. 6. Create a 6to4 tunnel interface. a. Select Routing > IPv6 > Advanced > Tunnel Configuration. A screen similar to the following displays. Tunnels for IPv6 594 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 595
, enter 8888::. • In the Prefix Length field, enter 16. • In the Next Hop IPv6 Address Type field, select Global. Tunnels for IPv6 595 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 596
.1.5.0. • In the Subnet Mask field, enter 255.255.255.0. • In the Next Hop Address field, enter 195.1.3.1. c. Click Add. Tunnels for IPv6 596 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 597
assign an IP address to it. a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. Tunnels for IPv6 597 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 598
The settings for port 2/0/1 display in the fields in the table heading. d. Configure the following settings: • In the IP Address Configuration Method field, select Manual. • In the IP Address field, enter 195.1.4.2. • In the Subnet Mask field, enter 255.255.255.0. • In the Routing Mode field, select - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 599
> Tunnel Configuration. A screen similar to the following displays. b. Configure the following tunnel settings: • In the Tunnel ID field, select 0. Tunnels for IPv6 599 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 600
.1.3.0. • In the Subnet Mask field, enter 255.255.255.0. • In the Next Hop Address field, enter 195.1.4.1. c. Click Add. Tunnels for IPv6 600 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 601
assign an IP address to it. a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. Tunnels for IPv6 601 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 602
The settings for port 2/0/1 display in the fields in the table heading. d. Configure the following settings: • In the IP Address Configuration Method field, select Manual. • In the IP Address field, enter 195.1.5.2. • In the Subnet Mask field, enter 255.255.255.0. • In the Routing Mode field, select - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 603
-4. • In the IPv6 Mode field, select Enable. • In the IPv6 Address/Prefix Length field, enter 2002:c301:402::1/16. Tunnels for IPv6 603 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 604
.1.3.0. • In the Subnet Mask field, enter 255.255.255.0. • In the Next Hop Address field, enter 195.1.5.1. c. Click Add. Tunnels for IPv6 604 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 605
the Routing Interface Note: IPv6 interface configuration is available on M5300 and M6100 series switches only. However, the following M5300 series switches require a license to support IPv6 interface configuration: M5300-28G, M5300-52G, M5300-28G-POE+, and M5300-52G-POE+. 605 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 606
Hop Limit 0 ICMPv6 Rate Limit Error Interval 1000 msec ICMPv6 Rate Limit Burst Size 100 messages Maximum Routes 12 IPv6 Interface Configuration 606 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 607
Forwarding, select the Enable radio button. d. Click Apply. 2. Enable IPv6 routing on interface 1/0/1. a. Select Routing > IPv6 > Advanced > Interface Configuration. IPv6 Interface Configuration 607 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 608
IPv6 Prefix field, enter 2000::2. d. In the Length field, enter 64. e. In the EUI64 field, select Disable. f. Click Add. IPv6 Interface Configuration 608 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 609
Switch) (Interface 0/4/1)#routing (Netgear Switch) (Interface 0/4/1)#ipv6 enable (Netgear Switch) (Interface 0/4/1)#ipv6 address 2000::1/64 (Netgear Switch) (Interface 0/4/1)#exit IPv6 Interface Configuration 609 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 610
Routing Mode Enabled Administrative Mode Enabled IPv6 Routing Operational Mode Enabled Bandwidth 10000 kbps Interface Maximum Transmit Unit 1500 Router Duplicate Address Detection Transmits... Enabled Autonomous Flag Enabled IPv6 Interface Configuration 610 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 611
is untagged for the port. e. Click Apply. 3. Specify the PVID on port 1/0/1. a. Select Switching > VLAN > Advanced > Port PVID Configuration. IPv6 Interface Configuration 611 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 612
logical VLAN interface 0/4/2 displays. c. Select the 0/4/2 check box. d. Under IPv6 Interface Configuration, in the IPv6 Mode field, select Enable. IPv6 Interface Configuration 612 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 613
Length field, enter 64. e. In the EUI64 field, select Disable. f. Click Add. Configure DHCPv6 Mode on the Routing Interface The routing interface supports DHCPv6 mode, which can get the IPv6 address from a DHCPv6 server (address allocation). Note: Before you enable DHCPv6 mode, you must disable IPv6 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 614
Advertisement Other Config Flag......... Disabled Router Advertisement Router Preference......... medium Router Advertisement Suppress Flag Disabled IPv6 Destination Unreachables Enabled IPv6 Interface Configuration 614 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 615
. d. Click Apply to apply the settings. 3. Show the ipv6 address assigned from 1/0/23. a. Select Routing > IPv6 > Advanced > Prefix Configuration. IPv6 Interface Configuration 615 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 616
Managed Switches A screen similar to the following displays. b. Scroll down and select the interface 1/0/23. You can see the IPv6 address assigned by the DHCPv6 server. IPv6 Interface Configuration 616 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 617
Concepts • PIM-DM • PIM-SM Note: PIM is available on M5300 and M6100 series switches only. However, the following M5300 series switches require a license to support PIM: M5300-28G, M5300-52G, M5300-28G-POE+, and M5300-52G-POE+. 617 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 618
receivers • A ratio of few senders to many receivers (due to frequent flooding) • High volume of multicast traffic • Constant stream of traffic PIM 618 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 619
refresh message. This message is sent by the routers directly connected to the source and is propagated throughout the network. When PIM 619 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 620
) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#routing (Netgear Switch) (Interface 1/0/1)#ip address 192.168.2.2 (Netgear Switch) (Interface 1/0/1)#ip rip 255.255.255.0 PIM 620 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 621
Switch) (Interface 1/0/13)#ip rip (Netgear Switch) (Interface 1/0/13)#ip pim (Netgear Switch) (Interface 1/0/13)#exit 192.168.1.2 255.255.255.0 PIM 621 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 622
(Netgear Switch) (Interface 1/0/22)#ip pim (Netgear Switch) (Interface 1/0/22)#exit 255.255.255.0 255.255.255.0 PIM-DM on Switch D PIM 622 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 623
Switch) (Interface 1/0/24)#ip rip (Netgear Switch) (Interface 1/0/24)#ip address 192.168.4.1 (Netgear Switch) (Interface 1/0/24)#exit 255.255.255.0 PIM 623 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 624
summary Multicast Route Table Summary Incoming Source IP Group IP Protocol Interface -------- ---------- 192.168.1.1 225.1.1.1 PIMDM 7/0/21 Outgoing Interface List 7/0/24 PIM 624 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 625
save the settings. 3. Configure 1/0/9 as a routing port and assign an IP address to it. a. Select Routing > IP > Advanced > IP Interface Configuration. PIM 625 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 626
Address field, enter 192.168.1.2. • In the Subnet Mask field, enter 255.255.255.0. • In the Routing Mode field, select Enable. PIM 626 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 627
RIP Admin Mode, select the Enable radio button. d. Click Apply. 7. Enable RIP on interface 1/0/13. a. Select Routing > RIP > Advanced > Interface Configuration. PIM 627 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 628
displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. 9. Enable PIM-DM globally. a. Select Routing > Multicast > PIM > Global Configuration. PIM 628 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 629
Apply to save the settings. PIM-DM on Switch B: 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. PIM 629 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 630
port and assign an IP address to it. a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. PIM 630 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 631
on interface 1/0/11. a. Select Routing > RIP > Advanced > Interface Configuration. A screen similar to the following displays. b. In the Interface list, select 1/0/11. PIM 631 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 632
, select the Enable radio button. d. Click Apply. 8. Enable PIM-SM on interfaces 1/0/10 and 1/0/11. a. Select Routing > Multicast > PIM > Interface Configuration. PIM 632 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 633
. a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. b. Scroll down select the Port 1/0/21 check box. PIM 633 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 634
the Interface list, select 1/0/21. c. For RIP Admin Mode, select the Enable radio button. d. Click Apply. 5. Enable RIP on interface 1/0/22. PIM 634 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 635
displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. 7. Enable PIM-DM globally. a. Select Routing > Multicast > PIM > Global Configuration. PIM 635 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 636
-DM on Switch D: 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. A screen similar to the following displays. PIM 636 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 637
the Subnet Mask field, enter 255.255.255.0. • In the Routing Mode field, select Enable. d. Click Apply to save the settings. PIM 637 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 638
RIP Admin Mode, select the Enable radio button. d. Click Apply. 6. Enable RIP on interface 1/0/22. a. Select Routing > RIP > Advanced > Interface Configuration. PIM 638 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 639
. a. Select Routing > Multicast > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. PIM 639 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 640
Apply to save the settings. 11. Enable IGMP globally. a. Select Routing > Multicast > IGMP > Global Configuration. A screen similar to the following displays. PIM 640 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 641
down and select the interface 1/0/24 check box. c. In the Admin Mode field, select Enable. d. Click Apply to save the settings. PIM 641 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 642
trees centered on an RP do not necessarily provide the shortest, most optimal path. In such cases PIM-SM provides a means PIM 642 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 643
) (Config)#interface 1/0/1 (Netgear Switch) (Interface 1/0/1)#routing (Netgear Switch) (Interface 1/0/1)#ip address 192.168.2.2 (Netgear Switch) (Interface 1/0/1)#ip rip 255.255.255.0 PIM 643 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 644
)#ip pim spars (Netgear Switch) (Config)#ip multicast (Netgear Switch) (Config)#ip pim rp-candidate interface 1/0/11 225.1.1.1 255.255.255.0 PIM 644 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 645
.168.5.1 (Netgear Switch) (Interface 1/0/11)#ip rip (Netgear Switch) (Interface 1/0/11)#ip pim (Netgear Switch) (Interface 1/0/11)#exit 255.255.255.0 PIM 645 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 646
.168.6.2 255.255.255.0 (Netgear Switch) (Interface 1/0/22)#ip rip (Netgear Switch) (Interface 1/0/22)#ip pim (Netgear Switch) (Interface 1/0/22)#exit PIM 646 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 647
Summary Incoming Source IP Group IP Protocol Interface * 225.1.1.1 PIMSM 1/0/22 192.168.1.1 225.1.1.1 PIMSM 1/0/21 Outgoing Interface List 1/0/24 1/0/24 PIM 647 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 648
save the settings. 3. Configure 1/0/9 as a routing port and assign an IP address to it. a. Select Routing > IP > Advanced > IP Interface Configuration. PIM 648 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 649
, enter 255.255.255.0. • In the Routing Mode field, select Enable. d. Click Apply to save the settings. 5. Enable RIP on interface 1/0/1. PIM 649 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 650
to the following displays. b. Select 1/0/13 in the Interface field. c. For RIP Admin Mode, select the Enable radio button. d. Click Apply. PIM 650 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 651
, select the Enable radio button. d. Click Apply. 10. Enable PIM-SM on interfaces 1/0/1,1/0/9, and 1/0/13. a. Select Routing > Multicast > PIM > Interface Configuration. PIM 651 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 652
port and assign an IP address to it. a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. PIM 652 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 653
to the following displays. b. In the Interface field, select 1/0/10. c. For RIP Admin Mode, select the Enable radio button. d. Click Apply. PIM 653 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 654
Enable radio button. c. Click Apply. 7. Enable PIM-SM globally. a. Select Routing > Multicast > PIM > Global Configuration. A screen similar to the following displays. PIM 654 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 655
field, enter 255.255.255.0. e. Click Add. 10. Set up the BSR candidate configuration. a. Select Routing > Multicast > PIM > BSR Candidate Configuration. PIM 655 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 656
. c. Click Apply. 2. Configure 1/0/21 as a routing port and assign an IP address to it. a. Select Routing > IP > Advanced > IP Interface Configuration. PIM 656 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 657
field, select Enable. d. Click Apply to save the settings. 4. Enable RIP on the interface 1/0/21. a. Select Routing > RIP > Advanced > Interface Configuration. PIM 657 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 658
Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. 7. Enable PIM-SM globally. PIM 658 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 659
Admin Mode field, select Enable. d. Click Apply to save the settings. 9. Candidate RP Configuration. a. Select Routing > Multicast > PIM > Candidate RP Configuration. PIM 659 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 660
Priority field, enter 5. e. Click Apply. PIM-SM on Switch D 1. Enable IP routing on the switch. a. Select Routing > IP > Basic > IP Configuration. PIM 660 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 661
port and assign an IP address to it. a. Select Routing > IP > Advanced > IP Interface Configuration. A screen similar to the following displays. PIM 661 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 662
to the following displays. b. In the Interface list, select 1/0/21. c. For RIP Admin Mode, select the Enable radio button. d. Click Apply. PIM 662 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 663
multicast globally. a. Select Routing > Multicast > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. PIM 663 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 664
, select Enable. d. Click Apply to save the settings. 11. Set up Candidate RP configuration. a. Select Routing > Multicast > PIM > Candidate RP Configuration. PIM 664 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 665
Length field, enter 30. d. In the Priority field, enter 3. e. Click Apply. 13. Enable IGMP globally. a. Select Routing > Multicast > IGMP > Global Configuration. PIM 665 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 666
down and select the Interface 1/0/24 check box. c. In the Admin Mode field, select Enable. d. Click Apply to save the settings. PIM 666 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 667
34 34DHCP L2 Relay and L3 Relay Dynamic Host Configuration Protocol Relays This chapter includes the following sections: • DHCP L2 Relay • DHCP L3 Relay • Configure a DHCP L3 Switch 667 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 668
the following commands: (Netgear Switch)#vlan database (Netgear Switch)(Vlan)#vlan 200 (Netgear Switch)(Vlan)#exit DHCP L2 Relay and L3 Relay 668 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 669
Switch) (Interface 1/0/6)# vlan pvid 200 (Netgear Switch) (Interface 1/0/6)# vlan participation include 200 (Netgear Switch) (Interface 1/0/6)# exit DHCP L2 Relay and L3 Relay 669 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 670
port. e. Click Apply. 3. Specify the PVID on ports 1/0/4, 1/0/5 and 1/0/6. a. Select Switching > VLAN > Advanced > Port PVID Configuration. DHCP L2 Relay and L3 Relay 670 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 671
the settings. 4. Enable DHCP L2 relay on VLAN 200. a. Select System > Services > DHCP L2 Relay > DHCP L2 Relay Configuration. A screen similar to the following L2 Relay on interfaces 1/0/4,1/0/5, and 1/0/6. a. Select System > Services > DHCP L2 Relay > DHCP L2 Relay Interface Configuration. DHCP - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 672
Apply to save the settings. 6. Enable DHCP L2 relay trust on interface 1/0/6. a. Select System > Services > DHCP L2 Relay > DHCP L2 Relay Interface Configuration. A screen similar to the following displays. b. to save the settings. DHCP L2 Relay and L3 Relay 672 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 673
1. Enable routing on the switch. (Netgear Switch) #config (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)# DHCP L2 Relay and L3 Relay 673 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 674
pool)#network 10.200.2.0 255.255.255.0 (Netgear Switch) (Config-dhcp-pool)#exit (Netgear Switch) (Config)#service dhcp (Netgear Switch) (Config)#exit 4. Exclude the IP address 10.200.1.1 and 10.200.2.1 from the 10.100.1.1/24 to it. DHCP L2 Relay and L3 Relay 674 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 675
field, select 1/0/3. c. For RIP Admin Mode, select the Enable radio button. d. Click Apply to save the settings. 4. Set up the DHCP global configuration. a. Select System > Services > DHCP Server > DHCP Server Configuration. DHCP L2 Relay and L3 Relay 675 Software Administration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 676
Click Add. 5. Exclude 10.200.2.1 from the DHCP pool. a. Select System > Services > DHCP Server > DHCP Server Configuration. A screen similar to the following displays. named dhcp_server. a. Select System > Services > DHCP Server > DHCP Pool Configuration. DHCP L2 Relay and L3 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 677
c. Click Add. The pool_dynamic name is now added to the Pool Name drop-down list. 7. Create a DHCP pool named dhcp_server_second. a. Select System > Services > DHCP Server > DHCP Pool Configuration. A screen similar to the following displays. DHCP L2 Relay and L3 Relay 677 Software Administration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 678
relay. (Netgear Switch) (Config)#ip helper-address 10.100.1.1 dhcp (Netgear Switch) (Config)#ip helper enable DHCP L2 Relay and L3 Relay 678 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 679
. f. Click Apply to save the settings. 3. Enable RIP on interface 1/0/4. a. Select Routing > RIP > Advanced > Interface Configuration. DHCP L2 Relay and L3 Relay 679 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 680
the following displays. b. Under IP Interface Configuration, scroll down and select the Port 1/0/15 check box. c. In the IP Address Configuration Method field, enter Manual. d. In the IP Address field, enter 10.200.1.1. e. In the Subnet Mask field, enter 255.255.255.0. f. In the Routing Mode field - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 681
select the Port 1/0/16 check box. c. In the IP Address Configuration Method field, enter Manual. d. In the IP Address field, enter 10.200.2.1. e. In the Subnet Mask settings. 7. Enable DHCP L3 relay. a. Select System > Services > DHCP Relay. DHCP L2 Relay and L3 Relay 681 Software Administration - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 682
. b. For Admin Mode, select the Enable radio button. c. Click Apply to save the settings. 8. Configure the DHCP server IP address. a. Select System > Services > UDP Relay. A screen similar to the following displays. b. In the Server Address field, enter 10.100.1.1. c. In the UDP Port field, enter - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 683
Concepts • Configure MLD • MLD Snooping Note: MLD is available on M5300 and M6100 series switches only. However, the following M5300 series switches require a license to support MLD: M5300-28G, M5300-52G, M5300-28G-POE+, and M5300-52G-POE+. 683 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 684
and source-list-change records from systems that want to indicate interest in receiving or not receiving traffic from particular sources. MLD 684 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 685
source 2001:2::/65 Switch A Port 1/0/13 Port 1/0/1 2001:1::/64 Switch B Port 1/0/21 Port 1/0/24 2001:3::/64 Host Figure 62. Configure MLD MLD 685 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 686
) (Config-rtr)#router-id 2.2.2.2 (Netgear Switch) (Config)#exit 2. Enable IPV6 unicast routing on the switch. (Netgear Switch) (Config)#ipv6 unicast-routing MLD 686 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 687
) (Config)#ipv6 pim dense 5. Enable IP multicast forwarding on the switch. (Netgear Switch) (Config)#ip routing (Netgear Switch) (Config)#ip multicast MLD 687 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 688
Time (hh:mm:ss Filter Mode Include Version1 Host Timer Group compat mode v2 Source Address ExpiryTime 2001:2::2 00:04:02 MLD 688 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 689
. c. Click Apply. 3. Configure 1/0/1 and 1/0/13 as a IPv6 routing ports. a. Select Routing > IPv6 > Advanced > Interface Configuration. A screen similar to the following displays. MLD 689 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 690
. 5. Assign an IPv6 address to 1/0/13. a. Select Routing > IPv6 > Advanced > Prefix Configuration. A screen similar to the following displays. b. Select Interface 1/0/13. MLD 690 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 691
. c. In the Admin Mode field, select Enable. d. Click Apply to save the settings. 8. Enable multicast globally. a. Select Routing > Multicast > Global Configuration. MLD 691 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 692
Enable radio button. c. Click Apply. 10. Enable PIM-DM on interfaces 1/0/1 and 1/0/13. a. Select Routing > IPv6 Multicast > IPv6 PIM > Interface Configuration. MLD 692 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 693
Mode, select the Enable radio button. c. Click Apply. 2. Enable IPv6 unicast routing on the switch. a. Select Routing > IPv6 > Basic > Global Configuration. MLD 693 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 694
field, select Enable. d. Click Apply to save the settings. 4. Assign an IPv6 address to 1/0/21. a. Select Routing > IPv6 > Advanced > Prefix Configuration. MLD 694 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 695
field, select Disable. d. Click Add to save the settings. 6. Configure the router ID of OSPFv3. a. Select Routing > OSPFv3 > Basic > OSPFv3 Configuration. MLD 695 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 696
. a. Select Routing > Multicast > Global Configuration. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. MLD 696 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 697
, select Enable. d. Click Apply to save the settings. 11. Enable MLD on the switch. a. Select Routing > IPv6 Multicast > MLD > Global Configuration. MLD 697 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 698
address. In IPv6, MLD snooping performs a similar function. With MLD snooping, IPv6 multicast data is selectively forwarded to a list of ports MLD 698 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 699
Admin Mode Enable Multicast Control Frame Count 0 Interfaces Enabled for MLD Snooping None VLANs enabled for MLD snooping 300 (Netgear Switch) # MLD 699 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 700
packet is untagged for the port. e. Click Apply. 3. Assign PVID to ports 1/0/1 and 1/0/24. a. Select Switching > VLAN > Advanced > Port PVID Configuration. MLD 700 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 701
displays. b. Enter the following information: • In the VLAN ID field, enter 300. • In the Admin Mode field, select Enable. 6. Click Add. MLD 701 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 702
DVMRP • Web Interface: Configure DVMRP Note: DVMRP is available on M5300 and M6100 series switches only. However, the following M5300 series switches require a license to support DVMRP: M5300-28G, M5300-52G, M5300-28G-POE+, and M5300-52G-POE+. 702 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 703
Routing Protocol (DVMRP) is used for multicasting over IP networks without routing protocols to support multicast. The DVMRP is based on the RIP protocol but more complicated than RIP. .168.5.0/24 1/0/11 Switch C 1/0/3 192.168.4.0/24 Figure 63. DVMRP DVMRP 703 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 704
multicast forwarding on the switch. (Netgear Switch) (Config)#ip multicast 3. Enable DVMRP protocol on the switch. (Netgear Switch) (Config)#ip dvmrp DVMRP 704 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 705
Version 3 Minor Version 255 More Entries or quit(q) Capabilities Prune GenID Missing 11441 Received Routes 0 Received Bad Packets 0 Received Bad Routes 0 DVMRP 705 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 706
)#ex (Netgear Switch) (Config)#interface 1/0/20 (Netgear Switch) (Interface 1/0/20)#ip dvmrp (Netgear Switch) (Interface 1/0/20)#exit (Netgear Switch) (Config)#exit DVMRP 706 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 707
detail summary Source IP Multicast Route Table Summary Incoming Group IP Protocol Interface Outgoing Interface List 192.168.1.2 225.0.0.1 DVMRP 1/0/13 DVMRP 707 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 708
Switch) (Interface 1/0/24)#ip dvrmp (Netgear Switch) (Interface 1/0/24)#exit 5. Enable IGMP protocol on the switch. (Netgear Switch) (Config)# ip igmp DVMRP 708 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 709
summary Source IP 192.168.1.2 Multicast Route Table Summary Incoming Group IP Protocol Interface 225.0.0.1 DVMRP 1/0/11 Outgoing Interface List 1/0/24 DVMRP 709 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 710
the settings. 3. Configure 1/0/13 as a routing port and assign an IP address to it. a. Select Routing > IP > Advanced > IP Interface Configuration. DVMRP 710 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 711
Mode field, select Enable. d. Click Apply to save the settings. 5. Enable IP multicast on the switch. a. Select Routing > Multicast > Global Configuration. DVMRP 711 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 712
to the following displays. b. Scroll down select the Interface 1/0/1, 1/0/13, and 1/0/21 check boxes. c. In the Interface Mode field, select 300. DVMRP 712 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 713
the settings. 3. Configure 1/0/20 as a routing port and assign an IP address to it. a. Select Routing > IP > Advanced > IP Interface Configuration. DVMRP 713 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 714
. b. For Admin Mode, select the Enable radio button. c. Click Apply. 5. Enable DVMRP on the switch. a. Select Routing > Multicast > DVMRP> Global Configuration. DVMRP 714 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 715
Routing > IP > Basic > IP Configuration. A screen similar to the following displays. b. For Routing Mode, select the Enable radio button. c. Click Apply. DVMRP 715 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 716
the settings. 4. Configure 1/0/24 as a routing port and assign an IP address to it. a. Select Routing > IP > Advanced > IP Interface Configuration. DVMRP 716 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 717
. b. For Admin Mode, select the Enable radio button. c. Click Apply. 6. Enable DVMRP on the switch. a. Select Routing > Multicast > DVMRP > Global Configuration. DVMRP 717 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 718
. A screen similar to the following displays. b. For Admin Mode, select the Enable radio button. c. Click Apply. 9. Enable IGMP on the interface. DVMRP 718 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 719
appears in the Interface field at the top. c. In the Admin Mode field, select Enable. d. Click Apply to save the settings. DVMRP 719 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 720
37 37Captive Portal Captive portals and client authentication This chapter includes the following sections: • Captive Portal Concepts • Captive Portal Configuration Concepts • Enable a Captive Portal • Client Access, Authentication, and Control • Block a Captive Portal Instance • Local Authorization - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 721
can enable the captive portal feature on all the physical ports on the switch. It is not supported for VLAN interfaces, loopback interfaces, or logical interfaces. The captive portal feature uses MAC-address client is forwarded through the switch. Captive Portal 721 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 722
Switch) (Config-CP)#configuration 1 (Netgear Switch) (Config-CP 1)#enable 3. Enable captive portal instance 1 on port 1/0/1. (Netgear Switch) (Config-CP 1)#interface 1/0/1 Captive Portal 722 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 723
, select Enable. d. Click Apply to save the settings. 3. Enable CP 1 on interface 1/0/1. a. Select Security > Controls > Captive Portal > CP Binding Configuration. Captive Portal 723 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 724
and not saved in the configuration. Block a Captive Portal Instance CLI: Block a Captive Portal Instance (Netgear Switch)(Config-CP 1)#block Captive Portal 724 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 725
-portal (Netgear Switch)(Config-CP)# user group 2 2. Create a user whose name is user1. (Netgear Switch) (Config-CP)#user 2 name user1 Captive Portal 725 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 726
, select 2. • In the Group Name field, enter Group2. c. Click Add. 2. Create a user. a. Select Security > Control > Captive Portal > CP User Configuration. Captive Portal 726 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 727
servers are assigned, the captive portal activation status will indicate that the instance is disabled with an appropriate reason code. Captive Portal 727 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 728
as the Verification Mode (Netgear Switch) (Config-CP 1)#radius-auth-server Default-RADIUS-Server (Netgear Switch) (Config-CP 1)#verification radius Captive Portal 728 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 729
not a valid certificate present on the system, the captive portal instance status will show Disabled with an appropriate reason code. Captive Portal 729 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 730
38 38iSCSI Internal Small Computer System Interface This chapter includes the following sections: • iSCSI Concepts • Enable iSCSI Awareness with VLAN Priority Tag • Enable iSCSI Awareness with DSCP • Set the iSCSI Target Port • Show iSCSI Sessions 730 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 731
VPT/DSCP queue not used for chassis management or voice VLAN. The administrator should also take care of configuring the relevant Class of Service parameters for the queue chosen in order to complete the setting. The following figure shows an example of iSCSI implementation. Figure 64. Sample - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 732
button (the default value). • In the iSCSI Aging Time field, enter 10 (the default value). c. Click Apply to save the settings. iSCSI 732 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 733
button (the default value). • In the iSCSI Aging Time field, enter 10 (the default value). 2. Click Apply to save the settings. iSCSI 733 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 734
the TCP Port field, enter 49154. • In the IP Address field, enter 172.16.1.20. c. Click Apply to save the settings. iSCSI 734 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 735
. The initiator is at IP address 192.168.10.107 and the Target is at IP address 192.168.10.116 iSCSI 735 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 736
. 2. Click Refresh. 3. Show the iSCSI session details. a. Select Switching > iSCSI > Advanced > Sessions detailed. A screen similar to the following displays. 4. Click Refresh. iSCSI 736 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 737
39 39Override Factory Defaults Use another factory default configuration file This chapter includes one section: Override the Factory Default Configuration File 737 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 738
Managed Switches Override the Factory Default Configuration File NETGEAR managed switches support a single set of default configurations and scaling parameters, which are hard-coded in transfer. please wait... File transfer successful.. Override Factory Defaults 738 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 739
factory-default 2. Reload the switch. The new factory default configuration file (that is, the factory_default.txt. file) takes effect. Override Factory Defaults 739 Software Administration Manual - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 740
40 40NETGEAR SFP Small form-factor pluggable This chapter includes one section: Connect with NETGEAR SFP AGM731F 740 - Netgear XCM89UP | Software Administration Manual Software Version 11.x - Page 741
AGM731F Cisco provides a way to support third-party small form-factor pluggables configure the following command on the Cisco switch. service unsupported-transceiver no errdisable detect cause gbic-invalid 2. the same on both sides. The following supported AN mode can be configured on the NETGEAR
![](/manual_guide/products/netgear-xcm8948-software-administration-manual-software-version-11x-679e86f/1.png)
NETGEAR, Inc.
350 East Plumeria Drive
San Jose, CA 95134, USA
August 2020
202-11527-03
Software Administration Manual
M5300, M6100, and M7100 Series
ProSAFE Managed Switches
Software Administration Manual
Software Version 11.0.0