How it Works
NETGEAR
Loading...
M7100
User Manual
559 pgs31.03 Mb0
Installation Manual [zh]
27 pgs2.05 Mb0
Installation Manual [fr]
23 pgs3.94 Mb0
Installation Manual [zh]
2 pgs1.19 Mb0
Installation Manual [de]
2 pgs1.26 Mb0
Installation Manual [fr]
2 pgs1.27 Mb0
Installation Manual [es]
2 pgs1.27 Mb0
Installation Manual [zh]
27 pgs2.23 Mb0
Table of contents
Loading...

NETGEAR M7100, M4100 User Manual

ProSafe M4100 and M7100 Managed Switches

Software Administration Manual
350 East Plumeria Drive San Jose, CA 95134 USA
February 2013 202-11161-01
ProSafe M4100 and M7100 Managed Switches
Support
Thank you for selecting NETGEAR products. After installing your device, locate the serial number on the label of your product and use it to register your product
at https://my.netgear.com. You must register your product before you can use NETGEAR telephone support. NETGEAR recommends registering your product through the NETGEAR website. For product updates and web support, visit http://support.netgear.com.
Phone (US & Canada only): 1-888-NETGEAR. Phone (Other Countries): Check the list of phone numbers at
http://support.netgear.com/general/contact/default.aspx.
Trademarks
NETGEAR, the NETGEAR logo, and Connect with Innovation are trademarks and/or registered trademarks of NETGEAR, Inc. and/or its subsidiaries in the United States and/or other countries. Information is subject to change without notice. © All rights reserved.
Revision History
Publication Part Number
202-11161-01 v1.0 February 2013 Updated document. 202-1xxxx-01 v1.0 October 2012 Added iSCSI features. 202-11153-01 v1.0 August 2012 Added Private VLAN features. 202-10515-05 v1.0 August 2012 Added MVR feature. 202-10515-05 v1.0 July 2011 Added DHCPv6 and DHCPv6 mode features. 202-10515-04 v1.0 November 2010 New document template. 202-10515-03 v 1.0 June 2010 Move some content to the Software Setup
202-10515-02 Software release 8.0.2: new firmware with
202-10515-01 Original publication.
Version Publish Date Comments
Guide.
DHCP L3 Relay server in dynamic mode, and configuring a stacking port as an Ethernet port.
, color conform policy, DHCP
2 |

Table of Contents

Chapter 1 Documentation Resources Chapter 2 VLANs
Create Two VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
CLI: Create Two VLANS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .17
Web Interface: Create Two VLANS . . . . . . . . . . . . . . . . . . . . . . . . . . . .18
Assign Ports to VLAN2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
CLI: Assign Ports to VLAN2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .19
Web Interface: Assign Ports to VLAN2. . . . . . . . . . . . . . . . . . . . . . . . . .19
Create Three VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
CLI: Create Three VLANS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .20
Web Interface: Create Three VLANS. . . . . . . . . . . . . . . . . . . . . . . . . . .20
Assign Ports to VLAN3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
CLI: Assign Ports to VLAN3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .22
Web Interface: Assign Ports to VLAN3. . . . . . . . . . . . . . . . . . . . . . . . . .23
Assign VLAN3 as the Default VLAN for Port 1/0/2. . . . . . . . . . . . . . . . . . .24
CLI: Assign VLAN3 as the Default VLAN for Port 1/0/2 . . . . . . . . . . . . .24
Web Interface: Assign VLAN3 as the Default VLAN for Port 1/0/2. . . . .24
Create a MAC-Based VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
CLI: Create a MAC-Based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .25
Web Interface: Assign a MAC-Based VLAN. . . . . . . . . . . . . . . . . . . . . .26
Create a Protocol-Based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28
CLI: Create a Protocol-Based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . .28
Web Interface: Create a Protocol-Based VLAN . . . . . . . . . . . . . . . . . . .29
Virtual VLANs: Create an IP Subnet–Based VLAN . . . . . . . . . . . . . . . . . .31
CLI: Create an IP Subnet–Based VLAN. . . . . . . . . . . . . . . . . . . . . . . . .31
Web Interface: Create an IP Subnet–Based VLAN . . . . . . . . . . . . . . . .32
Voice VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33
CLI: Configure Voice VLAN and Prioritize Voice Traffic. . . . . . . . . . . . .34
Web Interface: Configure Voice VLAN and Prioritize Voice Traffic . . . .36
Private VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .44
Assign Private-VLAN Types (Primary, Isolated, Community). . . . . . . . . . .46
CLI: Assign Private-VLAN Type (Primary, Isolated, Community). . . . . .46
Web Interface: Assign Private-VLAN Type (Primary, Isolated, Community)46
Configure Private-VLAN Association . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48
CLI: Configure Private-VLAN Association . . . . . . . . . . . . . . . . . . . . . . .48
Web Interface: Configure Private-VLAN Association . . . . . . . . . . . . . . .48
Configure Private-VLAN Port Mode (Promiscuous, Host) . . . . . . . . . . . . .49
CLI: Configure Private-VLAN Port Mode (Promiscuous, Host) . . . . . . .49
Web Interface: Configure Private-VLAN Port Mode (Promiscuous, Host)49
Configure Private-VLAN Host Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .50
CLI: Configure Private-VLAN Host Ports . . . . . . . . . . . . . . . . . . . . . . . .50
Web Interface: Assign Private-VLAN Port Host Ports . . . . . . . . . . . . . .51
Contents | 3
ProSafe M4100 and M7100 Managed Switches
Map Private-VLAN Promiscuous Port . . . . . . . . . . . . . . . . . . . . . . . . . . . .52
CLI: Map Private-VLAN Promiscuous Port. . . . . . . . . . . . . . . . . . . . . . .52
Web Interface: Map Private-VLAN Promiscuous Port . . . . . . . . . . . . . .52
Chapter 3 LAGs
Create Two LAGs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
CLI: Create Two LAGs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
Web Interface: Create Two LAGs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .55
Add Ports to LAGs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .56
CLI: Add Ports to the LAGs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57
Web Interface: Add Ports to LAGs . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58
Enable Both LAGs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
CLI: Enable Both LAGs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
Web Interface: Enable Both LAGs . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59
Chapter 4 Port Routing
Port Routing Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61
Enable Routing for the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62
CLI: Enable Routing for the Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . .62
Web Interface: Enable Routing for the Switch . . . . . . . . . . . . . . . . . . . .62
Enable Routing for Ports on the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . .62
CLI: Enable Routing for Ports on the Switch . . . . . . . . . . . . . . . . . . . . .63
Web Interface: Enable Routing for Ports on the Switch . . . . . . . . . . . . .63
Add a Default Route. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65
CLI: Add a Default Route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .65
Web Interface: Add a Default Route. . . . . . . . . . . . . . . . . . . . . . . . . . . .65
Add a Static Route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
CLI: Add a Static Route . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .66
Web Interface: Add a Static Route. . . . . . . . . . . . . . . . . . . . . . . . . . . . .67
4 | Contents
Chapter 5 VLAN Routing
Create Two VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .68
CLI: Create Two VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .69
Web Interface: Create Two VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . .70
Set Up VLAN Routing for the VLANs and the Switch. . . . . . . . . . . . . . . . .73
CLI: Set Up VLAN Routing for the VLANs and the Switch. . . . . . . . . . .73
Web Interface: Set Up VLAN Routing for the VLANs and the Switch . .73
Chapter 6 RIP
Routing for the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .76
CLI: Enable Routing for the Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . .76
Web Interface: Enable Routing for the Switch . . . . . . . . . . . . . . . . . . . .76
Routing for Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .77
CLI: Enable Routing and Assigning IP Addresses for Ports 1/0/2 and 1/0/377
Web Interface: Enable Routing for the Ports . . . . . . . . . . . . . . . . . . . . .77
RIP for the Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78
ProSafe M4100 and M7100 Managed Switches
CLI: Enable RIP on the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79
Web Interface: Enable RIP on the Switch. . . . . . . . . . . . . . . . . . . . . . . .79
RIP for Ports 1/0/2 and 1/0/3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79
CLI: Enable RIP for Ports 1/0/2 and 1/0/3 . . . . . . . . . . . . . . . . . . . . . . .80
Web Interface: Enable RIP for Ports 1/0/2 and 1/0/3 . . . . . . . . . . . . . . .80
VLAN Routing with RIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82
CLI: Configure VLAN Routing with RIP Support. . . . . . . . . . . . . . . . . . .82
Web Interface: Configure VLAN Routing with RIP Support . . . . . . . . . .84
Chapter 7 OSPF
Inter-area Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87
CLI: Configure an Inter-area Router. . . . . . . . . . . . . . . . . . . . . . . . . . . .87
Web Interface: Configure an Inter-area Router . . . . . . . . . . . . . . . . . . .89
OSPF on a Border Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92
CLI: Configure OSPF on a Border Router . . . . . . . . . . . . . . . . . . . . . . .92
Web Interface: Configure OSPF on a Border Router . . . . . . . . . . . . . .93
Stub Areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .98
CLI: Configure Area 1 as a Stub Area on A1 . . . . . . . . . . . . . . . . . . . . .98
Web Interface: Configure Area 1 as a Stub Area on A1. . . . . . . . . . . .100
CLI: Configure Area 1 as a Stub Area on A2 . . . . . . . . . . . . . . . . . . . .103
Web Interface: Configure Area 1 as a Stub Area on A2. . . . . . . . . . . .104
nssa Areas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107
CLI: Configure Area 1 as an nssa Area . . . . . . . . . . . . . . . . . . . . . . . .107
Web Interface: Configure Area 1 as an nssa Area on A1. . . . . . . . . . .108
CLI: Configure Area 1 as an nssa Area on A2 . . . . . . . . . . . . . . . . . . .111
Web Interface: Configure Area 1 as an nssa Area on A2. . . . . . . . . . .113
VLAN Routing OSPF . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116
CLI: Configure VLAN Routing OSPF . . . . . . . . . . . . . . . . . . . . . . . . . .118
Web Interface: Configure VLAN Routing OSPF. . . . . . . . . . . . . . . . . .119
OSPFv3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122
CLI: Configure OSPFv3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .122
Web Interface: Configure OSPFv3. . . . . . . . . . . . . . . . . . . . . . . . . . . .124
Chapter 8 ARP
Proxy ARP Examples. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127
CLI: show ip interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127
CLI: ip proxy-arp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128
Web Interface: Configure Proxy ARP on a Port . . . . . . . . . . . . . . . . . .128
Chapter 9 VRRP
VRRP on a Master Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130
CLI: Configure VRRP on a Master Router . . . . . . . . . . . . . . . . . . . . . .130
Web Interface: Configure VRRP on a Master Router. . . . . . . . . . . . . .131
VRRP on a Backup Router. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132
CLI: Configure VRRP on a Backup Router. . . . . . . . . . . . . . . . . . . . . .132
Web Interface: Configure VRRP on a Backup Router . . . . . . . . . . . . .133
Contents | 5
ProSafe M4100 and M7100 Managed Switches
Chapter 10 ACLs
MAC ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137
IP ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137
ACL Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .137
Set Up an IP ACL with Two Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .138
CLI: Set Up an IP ACL with Two Rules . . . . . . . . . . . . . . . . . . . . . . . .138
Web Interface: Set Up an IP ACL with Two Rules . . . . . . . . . . . . . . . .139
One-Way Access Using a TCP Flag in an ACL . . . . . . . . . . . . . . . . . . . .142
CLI:Configure One-Way Access Using a TCP Flag in an ACL . . . . . .142
Web Interface: Configure One-Way Access Using a TCP Flag in an ACL146
Use ACLs to Configure Isolated VLANs on a Layer 3 Switch . . . . . . . . .158
CLI: Configure One-Way Access Using a TCP Flag in ACL Commands159
Web Interface: Configure One-Way Access Using a TCP Flag in an ACL161
Set up a MAC ACL with Two Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . .169
CLI: Set up a MAC ACL with Two Rules . . . . . . . . . . . . . . . . . . . . . . .170
Web Interface: Set up a MAC ACL with Two Rules . . . . . . . . . . . . . . .170
ACL Mirroring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .172
CLI: Configure ACL Mirroring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .173
Web Interface: Configure ACL Mirroring . . . . . . . . . . . . . . . . . . . . . . .174
ACL Redirect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .178
CLI: Redirect a Traffic Stream . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .178
Web Interface: Redirect a Traffic Stream. . . . . . . . . . . . . . . . . . . . . . .179
Configure IPv6 ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .183
CLI: Configure an IPv6 ACL. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184
Web Interface: Configure an IPv6 ACL . . . . . . . . . . . . . . . . . . . . . . . .186
Chapter 11 CoS Queuing
CoS Queue Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191
Trusted Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191
Untrusted Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .191
CoS Queue Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192
Show classofservice Trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192
CLI: Show classofservice Trust . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .192
Web Interface: Show classofservice Trust . . . . . . . . . . . . . . . . . . . . .193
Set classofservice Trust Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .193
CLI: Set classofservice Trust Mode . . . . . . . . . . . . . . . . . . . . . . . . . . .193
Web Interface: Set classofservice Trust Mode . . . . . . . . . . . . . . . . . .193
Show classofservice IP-Precedence Mapping. . . . . . . . . . . . . . . . . . . . .194
CLI: Show classofservice IP-Precedence Mapping . . . . . . . . . . . . . . .194
Web Interface: Show classofservice ip-precedence Mapping . . . . . . .194
Configure Cos-queue Min-bandwidth and Strict Priority Scheduler Mode195
CLI: Configure Cos-queue Min-bandwidth and Strict Priority Scheduler Mode195
Web Interface: Configure CoS-queue Min-bandwidth and Strict Priority Scheduler
Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .195
Set CoS Trust Mode for an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . .196
CLI: Set CoS Trust Mode for an Interface . . . . . . . . . . . . . . . . . . . . . .197
Web Interface: Set CoS Trust Mode for an Interface . . . . . . . . . . . . . .197
6 | Contents
ProSafe M4100 and M7100 Managed Switches
Configure Traffic Shaping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .197
CLI: Configure traffic-shape . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .198
Web Interface: Configure Traffic Shaping. . . . . . . . . . . . . . . . . . . . . . .198
Chapter 12 DiffServ
DiffServ. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .201
CLI: Configure DiffServ. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .202
Web Interface: Configure DiffServ . . . . . . . . . . . . . . . . . . . . . . . . . . . .204
DiffServ for VoIP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .218
CLI: Configure DiffServ for VoIP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .218
Web Interface: Diffserv for VoIP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220
Auto VoIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .225
CLI: Configure Auto VoIP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .226
Web Interface: Configure Auto-VoIP . . . . . . . . . . . . . . . . . . . . . . . . . .228
DiffServ for IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229
CLI: Configure DiffServ for IPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .230
Web Interface: Configure DiffServ for IPv6. . . . . . . . . . . . . . . . . . . . . .231
Color Conform Policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .237
CLI: Configure a Color Conform Policy. . . . . . . . . . . . . . . . . . . . . . . . .237
Web Interface: Configure a Color Conform Policy . . . . . . . . . . . . . . . .238
Chapter 13 IGMP Snooping and Querier
IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246
CLI: Enable IGMP Snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246
Web Interface: Enable IGMP Snooping . . . . . . . . . . . . . . . . . . . . . . . .246
Show igmpsnooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246
CLI: Show igmpsnooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .247
Web Interface: Show igmpsnooping. . . . . . . . . . . . . . . . . . . . . . . . . . .247
Show mac-address-table igmpsnooping . . . . . . . . . . . . . . . . . . . . . . . . .247
CLI: Show mac-address-table igmpsnooping. . . . . . . . . . . . . . . . . . . .248
Web Interface: Show mac-address-table igmpsnooping . . . . . . . . . . .248
External Multicast Router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .248
CLI: Configure the Switch with an External Multicast Router . . . . . . . .248
Web Interface: Configure the Switch with an External Multicast Router249
Multicast Router Using VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .249
CLI: Configure the Switch with a Multicast Router Using VLAN. . . . . .249
Web Interface: Configure the Switch with a Multicast Router Using VLAN249
IGMP Querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .250
Enable IGMP Querier. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251
CLI: Enable IGMP Querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251
Web Interface: Enable IGMP Querier. . . . . . . . . . . . . . . . . . . . . . . . . .252
Show IGMP Querier Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .254
CLI: Show IGMP Querier Status. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .254
Web Interface: Show IGMP Querier Status . . . . . . . . . . . . . . . . . . . . .254
Chapter 14 MVR (Multicast VLAN Registration)
Configure MVR in Compatible Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . .256
Contents | 7
ProSafe M4100 and M7100 Managed Switches
CLI: Configure MVR in Compatible Mode . . . . . . . . . . . . . . . . . . . . . .257
Web Interface: Configure MVR in Compatible Mode . . . . . . . . . . . . . .259
Configure MVR in Dynamic Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .263
CLI: Configure MVR in Dynamic Mode. . . . . . . . . . . . . . . . . . . . . . . . .263
Web Interface: Configure MVR in Dynamic Mode . . . . . . . . . . . . . . . .265
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .268
Chapter 15 Security Management
Port Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .269
Set the Dynamic and Static Limit on Port 1/0/1 . . . . . . . . . . . . . . . . . . . .270
CLI: Set the Dynamic and Static Limit on Port 1/0/1 . . . . . . . . . . . . . .270
Web Interface: Set the Dynamic and Static Limit on Port 1/0/1 . . . . . .270
Convert the Dynamic Address Learned from 1/0/1 to a Static Address. .271
CLI: Convert the Dynamic Address Learned from 1/0/1 to the Static Address272
Web Interface: Convert the Dynamic Address Learned from 1/0/1 to the Static Ad-
dress. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .272
Create a Static Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .272
CLI: Create a Static Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273
Web Interface: Create a Static Address. . . . . . . . . . . . . . . . . . . . . . . .273
Protected Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .273
CLI: Configure a Protected Port to Isolate Ports on the Switch . . . . . .274
Web Interface: Configure a Protected Port to Isolate Ports on the Switch276
802.1x Port Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .280
CLI: Authenticating dot1x Users by a RADIUS Server. . . . . . . . . . . . .280
Web Interface: Authenticating dot1x Users by a RADIUS Server . . . .281
Create a Guest VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286
CLI: Create a Guest VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .287
Web Interface: Create a Guest VLAN . . . . . . . . . . . . . . . . . . . . . . . . .288
Assign VLANs Using RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .291
CLI: Assign VLANS Using RADIUS . . . . . . . . . . . . . . . . . . . . . . . . . . .292
Web Interface: Assign VLANS Using RADIUS. . . . . . . . . . . . . . . . . . .294
Dynamic ARP Inspection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .297
CLI: Configure Dynamic ARP Inspection . . . . . . . . . . . . . . . . . . . . . . .298
Web Interface: Configure Dynamic ARP Inspection. . . . . . . . . . . . . . .299
Static Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303
CLI: Configure Static Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303
Web Interface: Configure Static Mapping. . . . . . . . . . . . . . . . . . . . . . .304
DHCP Snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .305
CLI: Configure DHCP Snooping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .306
Web Interface: Configure DHCP Snooping . . . . . . . . . . . . . . . . . . . . .307
Enter Static Binding into the Binding Database . . . . . . . . . . . . . . . . . . . .309
CLI: Enter Static Binding into the Binding Database . . . . . . . . . . . . . .309
Web Interface: Enter Static Binding into the Binding Database . . . . . .310
Maximum Rate of DHCP Messages. . . . . . . . . . . . . . . . . . . . . . . . . . . . .310
CLI: Configure the Maximum Rate of DHCP Messages. . . . . . . . . . . .311
Web Interface: Configure the Maximum Rate of DHCP Messages . . .311
IP Source Guard. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .312
CLI: Configure Dynamic ARP Inspection . . . . . . . . . . . . . . . . . . . . . . .312
8 | Contents
ProSafe M4100 and M7100 Managed Switches
Web Interface: Configure Dynamic ARP Inspection. . . . . . . . . . . . . . .313
Chapter 16 SNTP
Show SNTP (CLI Only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .317
show sntp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .317
show sntp client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318
show sntp server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .318
Configure SNTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319
CLI: Configure SNTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .319
Web Interface: Configure SNTP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .320
Set the Time Zone (CLI Only). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .321
Set the Named SNTP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .321
CLI: Set the Named SNTP Server . . . . . . . . . . . . . . . . . . . . . . . . . . . .322
Web Interface: Set the Named SNTP Server. . . . . . . . . . . . . . . . . . . .322
Chapter 17 Tools
Traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .324
CLI: Traceroute. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325
Web Interface: Traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .325
Configuration Scripting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .326
script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .327
script list and script delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .327
script apply running-config.scr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .328
Create a Configuration Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .328
Upload a Configuration Script. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .328
Pre-Login Banner . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .329
Create a Pre-Login Banner (CLI Only) . . . . . . . . . . . . . . . . . . . . . . . . .329
Port Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .330
CLI: Specify the Source (Mirrored) Ports and Destination (Probe). . . .330
Web Interface: Specify the Source (Mirrored) Ports and Destination (Probe)330
Dual Image. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .331
CLI: Download a Backup Image and Make It Active. . . . . . . . . . . . . . .332
Web Interface: Download a Backup Image and Make It Active . . . . . .333
Outbound Telnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .334
CLI: show network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335
CLI: show telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .335
CLI: transport output telnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336
Web Interface: Configure Telnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .336
CLI: Configure the session-limit and session-timeout. . . . . . . . . . . . . .337
Web Interface: Configure the Session Timeout . . . . . . . . . . . . . . . . . .337
Chapter 18 Syslog
Show Logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .340
CLI: Show Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .340
Web Interface: Show Logging. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .340
Show Logging Buffered . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .342
CLI: Show Logging Buffered. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .342
Contents | 9
ProSafe M4100 and M7100 Managed Switches
Web Interface: Show Logging Buffered . . . . . . . . . . . . . . . . . . . . . . . .343
Show Logging Traplogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .343
CLI: Show Logging Traplogs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .343
Web Interface: Show Logging Trap Logs. . . . . . . . . . . . . . . . . . . . . . .343
Show Logging Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344
CLI: Show Logging Hosts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .344
Web Interface: Show Logging Hosts . . . . . . . . . . . . . . . . . . . . . . . . . .345
Configure Logging for a Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .345
CLI: Configure Logging for the Port . . . . . . . . . . . . . . . . . . . . . . . . . . .345
Web Interface: Configure Logging for the Port. . . . . . . . . . . . . . . . . . .346
Email Alerting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .347
CLI: Send Log Messages to admin@switch.com Using Account aaaa@net-
gear.com. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .348
Chapter 19 Switch Stacks
Switch Stack Management and Connectivity. . . . . . . . . . . . . . . . . . . . . .349
The Stack Master and Stack Members . . . . . . . . . . . . . . . . . . . . . . . . . .350
Stack Master. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .350
Stack Members. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .351
Stack Member Numbers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .351
Stack Member Priority Values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .352
Install and Power-up a Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .352
Compatible Switch Models. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .352
Install a Switch Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .353
Switch Firmware. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .353
Code Mismatch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .354
Upgrade the Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .354
Migrate Configuration with a Firmware Upgrade . . . . . . . . . . . . . . . . .354
Copy Master Firmware to a Stack Member (Web Interface) . . . . . . . .355
Configure a Stacking Port as an Ethernet Port . . . . . . . . . . . . . . . . . . . .355
CLI: Configure a Stacking Port as an Ethernet Port. . . . . . . . . . . . . . .356
Web Interface: Configure a Stacking Port as an Ethernet Port . . . . . .357
Stack Switches Using 10G Fiber . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359
CLI: Stack Switches Using 10G Fiber . . . . . . . . . . . . . . . . . . . . . . . . .359
Web Interface: Stack Switches Using 10G Fiber . . . . . . . . . . . . . . . . .360
Add, Remove, or Replace a Stack Member. . . . . . . . . . . . . . . . . . . . . . .361
Add Switches to an Operating Stack . . . . . . . . . . . . . . . . . . . . . . . . . .361
Remove a Switch from the Stack . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362
Replace a Stack Member. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .363
Switch Stack Configuration Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .363
Preconfigure a Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .364
Renumber Stack Members. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .365
CLI: Renumber Stack Members. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .366
Web Interface: Renumber Stack Members . . . . . . . . . . . . . . . . . . . . .366
Move the Stack Master to a Different Unit . . . . . . . . . . . . . . . . . . . . . . . .368
CLI: Move the Stack Master to a Different Unit . . . . . . . . . . . . . . . . . .368
Web Interface: Move the Stack Master to a Different Unit . . . . . . . . . .368
10 | Contents
ProSafe M4100 and M7100 Managed Switches
Chapter 20 SNMP
Add a New Community. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .369
CLI: Add a New Community . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .369
Web Interface: Add a New Community. . . . . . . . . . . . . . . . . . . . . . . . .370
Enable SNMP Trap. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .370
CLI: Enable SNMP Trap. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .370
Web Interface: Enable SNMP Trap . . . . . . . . . . . . . . . . . . . . . . . . . . .371
SNMP V3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .371
CLI: Configure SNMP V3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .372
Web Interface: Configure SNMP V3. . . . . . . . . . . . . . . . . . . . . . . . . . .372
sFlow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .373
CLI: Configure Statistical Packet-Based Sampling of Packet Flows with sFlow374
Web Interface: Configure Statistical Packet-based Sampling with sFlow375
Time-Based Sampling of Counters with sFlow. . . . . . . . . . . . . . . . . . . . .377
CLI: Configure Time-Based Sampling of Counters with sFlow. . . . . . .377
Web Interface: Configure Time-Based Sampling of Counters with sFlow377
Chapter 21 DNS
Specify Two DNS Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .378
CLI: Specify Two DNS Servers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .378
Web Interface: Specify Two DNS Servers . . . . . . . . . . . . . . . . . . . . . .378
Manually Add a Host Name and an IP Address. . . . . . . . . . . . . . . . . . . .379
CLI: Manually Add a Host Name and an IP Address . . . . . . . . . . . . . .379
Web Interface: Manually Add a Host Name and an IP Address. . . . . .379
Chapter 22 DHCP Server
Configure a DHCP Server in Dynamic Mode . . . . . . . . . . . . . . . . . . . . . .381
CLI: Configure a DHCP Server in Dynamic Mode . . . . . . . . . . . . . . . .381
Web Interface: Configure a DHCP Server in Dynamic Mode. . . . . . . .382
Configure a DHCP Reservation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .384
CLI: Configure a DHCP Reservation . . . . . . . . . . . . . . . . . . . . . . . . . .385
Web Interface: Configure a DHCP Reservation . . . . . . . . . . . . . . . . . .385
Chapter 23 DHCPv6 Server
CLI: Configure DHCPv6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .389
Web Interface: Configure an Inter-area Router . . . . . . . . . . . . . . . . . . . .390
Configure Stateless DHCPv6 Server . . . . . . . . . . . . . . . . . . . . . . . . . . . .394
CLI: Configure Stateless DNS Server. . . . . . . . . . . . . . . . . . . . . . . . . .394
Web Interface: Configure Stateless DHCPv6 Server . . . . . . . . . . . . . .395
Chapter 24 Double VLANs and Private VLAN Groups
Double VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .398
CLI: Enable a Double VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .399
Web Interface: Enable a Double VLAN . . . . . . . . . . . . . . . . . . . . . . . .399
Private VLAN Groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .402
Contents | 11
ProSafe M4100 and M7100 Managed Switches
CLI: Create a Private VLAN Group. . . . . . . . . . . . . . . . . . . . . . . . . . . .403
Web Interface: Create a Private VLAN Group . . . . . . . . . . . . . . . . . . .404
Chapter 25 Spanning Tree Protocol
Configure Classic STP (802.1d). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .408
CLI: Configure Classic STP (802.1d) . . . . . . . . . . . . . . . . . . . . . . . . . .408
Web Interface: Configure Classic STP (802.1d). . . . . . . . . . . . . . . . . .409
Configure Rapid STP (802.1w) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .410
CLI: Configure Rapid STP (802.1w). . . . . . . . . . . . . . . . . . . . . . . . . . .410
Web Interface: Configure Rapid STP (802.1w) . . . . . . . . . . . . . . . . . .410
Configure Multiple STP (802.1s) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .411
CLI: Configure Multiple STP (802.1s). . . . . . . . . . . . . . . . . . . . . . . . . .411
Web Interface: Configure Multiple STP (802.1s) . . . . . . . . . . . . . . . . .412
Chapter 26 Tunnel
CLI: Create a Tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .415
Configure Switch GSM7328S_1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .415
Configure Switch GSM7328S_2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . .416
Web Interface: Create a Tunnel. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .417
Configure Switch GSM7328S_1. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .417
Configure Switch GSM7328S_2. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .419
Chapter 27 IPv6 Interface Configuration
Create an IPv6 Routing Interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .422
CLI: Create an IPv6 Routing Interface . . . . . . . . . . . . . . . . . . . . . . . . .422
Web Interface: Create an IPv6 Routing Interface. . . . . . . . . . . . . . . . .424
Create an IPv6 Network Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .425
CLI: Configure the IPv6 Network Interface. . . . . . . . . . . . . . . . . . . . . .426
Web Interface: Configure the IPv6 Network Interface . . . . . . . . . . . . .426
Create an IPv6 Routing VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .427
CLI: Create an IPv6 Routing VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . .427
Web Interface: Create an IPv6 VLAN Routing Interface . . . . . . . . . . .429
Configure DHCPv6 Mode on the Routing Interface . . . . . . . . . . . . . . . . .432
CLI: Configure DHCPv6 mode on routing interface . . . . . . . . . . . . . . .432
Web Interface: Configure DHCPv6 mode on routing interface. . . . . . .433
Chapter 28 PIM
PIM-DM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .435
CLI: Configure PIM-DM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .437
Web Interface: Configure PIM-DM . . . . . . . . . . . . . . . . . . . . . . . . . . . .441
PIM-SM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .460
CLI: Configure PIM-SM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .461
Web Interface: Configure PIM-SM . . . . . . . . . . . . . . . . . . . . . . . . . . . .465
12 | Contents
ProSafe M4100 and M7100 Managed Switches
Chapter 29 DHCP L2 Relay and L3 Relay
DHCP L2 Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .488
CLI: Enable DHCP L2 Relay. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .489
Web Interface: Enable DHCP L2 Relay . . . . . . . . . . . . . . . . . . . . . . . .490
DHCP L3 Relay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .494
Configure the DHCP Server Switch . . . . . . . . . . . . . . . . . . . . . . . . . . .494
Configure a DHCP L3 Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .499
Chapter 30 MLD
Configure MLD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .506
CLI: Configure MLD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .506
Web Interface: Configure MLD. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .508
MLD Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .519
CLI: Configure MLD Snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .520
Web Interface: Configure MLD Snooping. . . . . . . . . . . . . . . . . . . . . . .521
Chapter 31 DVMRP
CLI: Configure DVMRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .525
Web Interface: Configure DVMRP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .531
Chapter 32 Captive Portal
Captive Portal Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .543
Enable Captive Portal. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .543
CLI: Enable Captive Portal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .543
Web Interface: Enable Captive Portal. . . . . . . . . . . . . . . . . . . . . . . . . .544
Client Access, Authentication, and Control . . . . . . . . . . . . . . . . . . . . . . .545
Block a Captive Portal Instance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .546
CLI: Block a Captive Portal Instance . . . . . . . . . . . . . . . . . . . . . . . . . .546
Web Interface: Block a Captive Portal Instance . . . . . . . . . . . . . . . . . .546
Local Authorization, Create Users and Groups . . . . . . . . . . . . . . . . . . . .546
CLI: Create Users and Groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .547
Web Interface: Create Users and Groups . . . . . . . . . . . . . . . . . . . . . .547
Remote Authorization (RADIUS) User Configuration. . . . . . . . . . . . . . . .548
CLI: Configure RADIUS as the Verification Mode . . . . . . . . . . . . . . . .549
Web Interface: Configure RADIUS as the Verification Mode . . . . . . . .549
SSL Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .550
Chapter 33 iSCSI
Enable iSCSI Awareness with VLAN Priority Tag . . . . . . . . . . . . . . . . . .552
CLI: Enable iSCSI Awareness with VLAN Priority Tag. . . . . . . . . . . . .552
Web Interface: Enable iSCSI Awareness with VLAN Priority Tag . . . .552
Enable iSCSI Awareness with DSCP. . . . . . . . . . . . . . . . . . . . . . . . . . . .553
CLI: Enable iSCSI Awareness with DSCP . . . . . . . . . . . . . . . . . . . . . .553
Web Interface: Enable iSCSI Awareness with DSCP. . . . . . . . . . . . . .553
Set the iSCSI Target Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .554
Contents | 13
ProSafe M4100 and M7100 Managed Switches
CLI: Set iSCSI Target Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .554
Web Interface: Set iSCSI Target Port. . . . . . . . . . . . . . . . . . . . . . . . . .554
Show iSCSI Sessions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .555
CLI: Show iSCSI Sessions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .555
Web Interface: Show iSCSI Sessions . . . . . . . . . . . . . . . . . . . . . . . . .555
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .556
Index
14 | Contents

1. Documentation Resources

Before installation, read the Release Notes for this switch product. The Release Notes detail the platform-specific functionality of the switching, routing, SNMP, configuration, management, and other packages. In addition, see the following publications:
The NETGEAR installation guide for your switch
Managed Switch Hardware Installation Guide
Managed Switch Software Setup Manual
ProSafe Managed Switch Command Line Interface (CLI) User Manual
ProSafe® M4100/M7100 Managed Switch Web Management User Manual
1
Chapter 1. Documentation Resources | 15

2. VLANs

Virtual LANs
This chapter provides the following examples:
Create Two VLANs on page 17
Assign Ports to VLAN2 on page 19
Create Three VLANs on page 20
Assign Ports to VLAN3 on page 22
Assign VLAN3 as the Default VLAN for Port 1/0/2 on page 24
Create a MAC-Based VLAN on page 25
Create a Protocol-Based VLAN on page 28
Virtual VLANs: Create an IP Subnet–Based VLAN on page 31
Voice VLANs on page 33
Private VLANs on page 44
Assign Private-VLAN Types (Primary, Isolated, Community) on page 46
Configure Private-VLAN Association on page 48
Configure Private-VLAN Port Mode (Promiscuous, Host) on page 49
Configure Private-VLAN Host Ports on page 50
Map Private-VLAN Promiscuous Port on page 52
2
Adding virtual LAN (VLAN) support to a Layer 2 switch offers some of the benefits of both
bridging and routing. Like a bridge, a VLAN switch forwards traffic based on the Layer 2 header, which is fast. Like a router, it partitions the network into logical segments, which provides better administration, security, and management of multicast traffic.
A VLAN is a set of end stations and the switch ports that connect them. You can have different
reasons for the logical division, such as department or project membership. The only physical requirement is that the end station and the port to which it is connected both belong to the same VLAN.
Each VLAN in a network has an associated VLAN ID, which appears in the IEEE 802.1Q tag in the Layer 2 header of packets transmitted on a VLAN. An end station might omit the tag, or the VLAN portion of the tag, in which case the first switch port to receive the packet can either reject it or insert a tag using its default VLAN ID. A given port can handle traffic for more than one VLAN, but it can support only one default VLAN ID.
Chapter 2. VLANs | 16
ProSafe M4100 and M7100 Managed Switches
The Private Edge VLAN feature lets you set protection between ports located on the switch. This means that a protected port cannot forward traffic to another protected port on the same switch. The feature does not provide protection between ports located on different switches.
The diagram in this section shows a switch with four ports configured to handle the traffic for two VLANs. Port 1/0/2 handles traf
fic for both VLANs, while port 1/0/1 is a member of VLAN 2 only, and ports 1/0/3 and 1/0/4 are members of VLAN 3 only. The script following the diagram shows the commands you would use to configure the switch as shown in the diagram.
Layer 3 switch
Port 1/0/2 VLAN Router Port 1/3/1
192.150.3.1
Port 1/0/1
Layer 2 Switch
VLAN 10 VLAN 20
Figure 1. Switch with 4 ports configured for traffic from 2 VLANs
Port 1/0/3 VLAN Router Port 1/3/2
192.150.4.1
Layer 2 Switch
The following examples show how to create VLANs, assign ports to the VLANs, and assign a VLAN as the default VLAN to a port.

Create Two VLANs

The example is shown as CLI commands and as a Web interface procedure.

CLI: Create Two VLANS

Use the following commands to create two VLANs and to assign the VLAN IDs while leaving the names blank.
(Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 2 (Netgear Switch) (Vlan)#vlan 3 (Netgear Switch) (Vlan)#exit
Chapter 2. VLANs | 17
ProSafe M4100 and M7100 Managed Switches

Web Interface: Create Two VLANS

1. Create VLAN2.
a. Select Switching > VLAN > Basic > VLAN Configuration.
A screen similar to the following displays.
b. Enter the following information:
In the VLAN ID field, enter 2.
In the VLAN Name field, enter VLAN2.
In the VLAN T
ype list, select Static.
c. Click Add.
2. Create VLAN3.
a. Select Switching > VLAN > Basic > VLAN Configuration.
A screen similar to the following displays.
b. Enter the following information:
In the VLAN ID field, enter 3.
In the VLAN Name field, enter VLAN3.
In the VLAN T
ype list, select Static.
c. Click Add.
18 | Chapter 2. VLANs
ProSafe M4100 and M7100 Managed Switches

Assign Ports to VLAN2

This sequence shows how to assign ports to VLAN2, and to specify that frames will always be transmitted tagged from all member ports and that untagged frames will be rejected on receipt.

CLI: Assign Ports to VLAN2

(Netgear Switch) #config (Netgear Switch) (Config)#interface range 1/0/1-1/0/2 (Netgear Switch) (conf-if-range-1/0/1-1/0/2)#vlan participation include 2 (Netgear Switch) (conf-if-range-1/0/1-1/0/2)#vlan acceptframe vlanonly (Netgear Switch) (conf-if-range-1/0/1-1/0/2)#vlan pvid 2 (Netgear Switch) (conf-if-range-1/0/1-1/0/2)#exit (Netgear Switch) (Config)#vlan port tagging all 2 (Netgear Switch) (Config)#

Web Interface: Assign Ports to VLAN2

1. Assign ports to VLAN2.
a. Select Switching > VLAN >
A screen similar to the following displays.
b. In the VLAN ID list, select 2. c. Click Unit 1.
The ports display.
d. Click the gray boxes under ports 1 and 2 until T displays.
The T specifies that the egress packet is tagged for the ports.
Advanced > VLAN Membership.
e. Click Apply to save the settings.
2. Specify that only tagged frames will be accepted on ports 1/0/1 and 1/0/2.
a. Select Switching > VLAN >
Advanced > Port PVID Configuration.
Chapter 2. VLANs | 19
ProSafe M4100 and M7100 Managed Switches
A screen similar to the following displays.
b. Under PVID Configuration, scroll down and select the check box for Interface 1/0/1.
Then scroll down and select the Interface 1/0/2 check box.
c. Enter the following information:
In the Acceptable Frame Type polyhedron list, select VLAN Only.
In the PVID (1 to 4093) field, enter 2.
d. Click Apply to save the settings.

Create Three VLANs

The example is shown as CLI commands and as a Web interface procedure.

CLI: Create Three VLANS

Use the following commands to create three VLANs and to assign the VLAN IDs while leaving the names blank.
(Netgear Switch) #vlan database (Netgear Switch) (Vlan)#vlan 100 (Netgear Switch) (Vlan)#vlan 101 (Netgear Switch) (Vlan)#vlan 102 (Netgear Switch) (Vlan)#exit

Web Interface: Create Three VLANS

1. Create VLAN100.
a. Select Switching > VLAN > Basic > VLAN Configuration.
20 | Chapter 2. VLANs
ProSafe M4100 and M7100 Managed Switches
A screen similar to the following displays.
b. Enter the following information:
In the VLAN ID field, enter 100.
In the VLAN Name field, enter VLAN100.
c. Click Add.
2. Create VLAN101.
a. Select Switching > VLAN > Basic > VLAN Configuration.
A screen similar to the following displays.
b. Enter the following information:
In the VLAN ID field, enter 101.
In the VLAN Name field, enter VLAN101.
c. Click Add.
Chapter 2. VLANs | 21
ProSafe M4100 and M7100 Managed Switches
3. Create VLAN102.
a. Select Switching > VLAN > Basic > VLAN Configuration.
A screen similar to the following displays.
b. Enter the following information:
In the VLAN ID field, enter 102.
In the VLAN Name field, enter VLAN102.
c. Click Add.

Assign Ports to VLAN3

This example shows how to assign the ports that will belong to VLAN 3, and to specify that untagged frames will be accepted on port 1/0/4. Note that port 1/0/2 belongs to both VLANs and that port 1/0/1 can never belong to VLAN 3.

CLI: Assign Ports to VLAN3

(Netgear Switch) (Config)#interface range 1/0/2-1/0/4 (Netgear Switch) (conf-if-range-1/0/2-1/0/4)#vlan participation include 3 (Netgear Switch) (conf-if-range-1/0/2-1/0/4)#exit (Netgear Switch) (Config)#interface 1/0/4 (Netgear Switch) (Interface 1/0/4)#vlan acceptframe all (Netgear Switch) (Interface 1/0/4)#exit (Netgear Switch) (Config)#exit
22 | Chapter 2. VLANs
ProSafe M4100 and M7100 Managed Switches

Web Interface: Assign Ports to VLAN3

1. Assign ports to VLAN3.
a. Select Switching > VLAN >
A screen similar to the following displays.
b. In the VLAN ID list, select 3. c. Click Unit 1. The ports display d. Click the gray boxes under ports 2, 3, and 4 until
Advanced > VLAN Membership.
.
T displays.
The T specifies that the egress packet is tagged for the ports.
e. Click Apply to save the settings.
2. Specify that untagged frames will be accepted on port 1/0/4.
a. Select Switching > VLAN >
A screen similar to the following displays.
b. Scroll down and select the Interface 1/0/4 check box.
Now 1/0/4 appears in the Interface field at the top.
c. In the Acceptable Frame T d. Click Apply to save the settings.
Advanced > Port PVID Configuration.
ypes list, select Admit All.
Chapter 2. VLANs | 23
ProSafe M4100 and M7100 Managed Switches

Assign VLAN3 as the Default VLAN for Port 1/0/2

This example shows how to assign VLAN 3 as the default VLAN for port 1/0/2.

CLI: Assign VLAN3 as the Default VLAN for Port 1/0/2

(Netgear Switch) #config (Netgear Switch) (Config)#interface 1/0/2 (Netgear Switch) (Interface 1/0/2)#vlan pvid 3 (Netgear Switch) (Interface 1/0/2)#exit (Netgear Switch) (Config)#exit

Web Interface: Assign VLAN3 as the Default VLAN for Port 1/0/2

1. Assign VLAN3 as the default VLAN for port 1/0/2.
a. Select Switching > VLAN >
to the following displays.
b. Under PVID Configuration, scroll down and select the Interface 1/0/2 check box.
Now 1/0/2 appears in the Interface field at the top.
c. In the PVID (1 to 4093) field, enter 3. d. Click Apply to save the settings.
Advanced > Port PVID Configuration. A screen similar
24 | Chapter 2. VLANs
ProSafe M4100 and M7100 Managed Switches

Create a MAC-Based VLAN

The MAC-based VLAN feature allows incoming untagged packets to be assigned to a VLAN and thus classify traffic based on the source MAC address of the packet.
You define a MAC to VLAN mapping by configuring an entry in the MAC to VLAN table. An entry is specified using a source MAC address and the appropriate VLAN ID. The MAC to VLAN configurations are shared across all ports of the device (i.e., there is a system-wide table that has MAC address to VLAN ID mappings).
When untagged or priority tagged packets arrive at the switch and entries exist in the MAC to VLAN table, the source MAC address of the packet is looked up. If an entry is found, the corresponding VLAN ID is assigned to the packet. If the packet is already priority tagged it will maintain this value; otherwise, the priority will be set to 0 (zero).
The assigned VLAN ID is verified against the VLAN table. If the VLAN is valid, ingress processing on the packet continues; otherwise, the packet is dropped. This implies that you can configure a MAC address mapping to a VLAN that has not been created on the system.

CLI: Create a MAC-Based VLAN

1. Create VLAN3
(Netgear Switch)#vlan database (Netgear Switch)(Vlan)#vlan 3 (Netgear Switch)(Vlan)#exit
2. Add port 1/0/23 to VLAN3.
(Netgear Switch)#config (Netgear Switch)(Config)#interface 1/0/23 (Netgear Switch)(Interface 1/0/23)#vlan participation include 3 (Netgear Switch)(Interface 1/0/23)#vlan pvid 3 (Netgear Switch)(Interface 1/0/23)#exit
.
Chapter 2. VLANs | 25
ProSafe M4100 and M7100 Managed Switches
3. Map MAC 00:00:0A:00:00:02 to VLAN3.
(Netgear Switch)(Config)#exit (Netgear Switch)#vlan data (Netgear Switch)(Vlan)#vlan association mac 00:00:00A:00:00:02 3 (Netgear Switch)(Vlan)#exit
4. Add all the ports to VLAN3.
(Netgear Switch)#config (Netgear Switch)(Config)#interface range 1/0/1-1/0/28 (Netgear Switch)(conf-if-range-1/0/1-1/0/28)#vlan participation include 3 (Netgear Switch)(conf-if-range-1/0/1-1/0/28)#exit (Netgear Switch)(Config)#exit

Web Interface: Assign a MAC-Based VLAN

1. Create VLAN3.
a. Select Switching > VLAN > Basic > VLAN Configuration.
A screen similar to the following displays.
b. Enter the following information:
In the VLAN ID field, enter 3.
In the VLAN Name field, enter VLAN3.
In the VLAN T
ype list, select Static.
c. Click Add.
2. Assign ports to VLAN3.
a. Select Switching > VLAN >
Advanced > VLAN Membership.
26 | Chapter 2. VLANs
ProSafe M4100 and M7100 Managed Switches
A screen similar to the following displays.
b. In the VLAN ID list, select 3. c. Click Unit 1. The ports display d. Click the gray box before Unit 1 until U displays. e. Click Apply.
3. Assign
a. Select Switching > VLAN >
VPID3 to port 1/0/23.
Advanced > Port PVID Configuration.
.
A screen similar to the following displays.
b. Scroll down and select the 1/0/23 check box. c. In the PVID (1 to 4093) field, enter 3. d. Click Apply to save the settings.
4. Map the specific MAC to VLAN3.
a. Select Switching > VLAN >
Advanced > MAC based VLAN.
A screen similar to the following displays.
Chapter 2. VLANs | 27
ProSafe M4100 and M7100 Managed Switches
b. Enter the following information:
In the MAC Address field, enter 00:00:0A:00:00:02.
In the PVID (1 to 4093) field, enter 3.
c. Click Add.

Create a Protocol-Based VLAN

Create two protocol VLAN groups. One is for IPX and the other is for IP/ARP. The untagged IPX packets are assigned to VLAN 4, and the untagged IP/ARP packets are assigned to VLAN 5.

CLI: Create a Protocol-Based VLAN

1. Create a VLAN protocol group vlan_ipx based on IPX protocol.
(Netgear Switch)#config (Netgear Switch)(Config)#vlan protocol group vlan_ipx (Netgear Switch)(Config)#vlan protocol group add protocol 1 ipx
2. Create a VLAN protocol group vlan_ipx based on IP/ARP protocol.
(Netgear Switch)(Config)#vlan protocol group vlan_ip (Netgear Switch)(Config)#vlan protocol group add protocol 2 ip (Netgear Switch)(Config)#vlan protocol group add protocol 2 arp (Netgear Switch)(Config)#exit
3. Assign VLAN protocol group 1 to VLAN 4.
(Netgear Switch)#vlan database (Netgear Switch)(Vlan)#vlan 4 (Netgear Switch)(Vlan)#vlan 5 (Netgear Switch)(Vlan)#protocol group 1 4
4. Assign VLAN protocol group 2 to VLAN 5.
(Netgear Switch)(Vlan)#protocol group 2 5
28 | Chapter 2. VLANs
ProSafe M4100 and M7100 Managed Switches
5. Enable protocol VLAN group 1 and 2 on the interface.
(Netgear Switch)(Vlan)#exit (Netgear Switch)#config (Netgear Switch)(Config)#interface 1/0/11 (Netgear Switch)(Interface 1/0/11)#protocol vlan group 1 (Netgear Switch)(Interface 1/0/11)#protocol vlan group 2 (Netgear Switch)(Interface 1/0/11)#exit

Web Interface: Create a Protocol-Based VLAN

1. Create the protocol-based VLAN group vlan_ipx.
a. Select Switching > VLAN >
Configuration.
A screen similar to the following displays.
Advanced > Protocol Based VLAN Group
Enter the following information:
In the Group Name field, enter vlan_ipx.
In the Protocol list, select IPX.
In the VLAN ID field, enter 4.
b. Click Add.
2. Create the protocol-based VLAN group vlan_ip.
a. Select Switching > VLAN >Advanced > Protocol Based VLAN Group
Configuration.
A screen similar to the following displays.
Chapter 2. VLANs | 29
b. Enter the following information:
In the Group Name field, enter vlan_ip.
In the Protocol list, select IP and ARP while holding down the Ctrl key.
In the VLAN field, enter 5.
c. Click Add.
3. Add port 1
1 to the group vlan_ipx.
a. Select Switching > VLAN >
Membership.
A screen similar to the following displays.
ProSafe M4100 and M7100 Managed Switches
Advanced > Protocol Based VLAN Group
b. In the Group ID list, select 1. c. Click the gray box under port 11. d. Click the Apply button.
4. Add port 1
1 to the group vlan_ip.
a. Select Switching > VLAN >
Membership.
A screen similar to the following displays.
b. In the Group ID list, select 2. c. Click the gray box under port 11. d. Click Apply.
A check mark displays in the box.
Advanced > Protocol Based VLAN Group
A check mark displays in the box.
30 | Chapter 2. VLANs
Loading...
+ 529 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use