NETGEAR 7000 - page 72

NETGEAR 7000 Series Managed Switch Administration Guide

7-10 Access Control Lists (ACLs)

v1.1, May 2006

Contents

Main ii v1.1, May 2006 Trademarks Statement of Conditions EN 55 022 Declaration of Conformance Certificate of the Manufacturer/Importer Besttigung des Herstellers/Importeurs FCC Information to User Note: Delete this note and the information below for products that are not wireless. FCC Guidelines for Human Exposure Declaration Of Conformity Regulatory Compliance Information Canadian Department of Communications Radio Interference Regulations Product and Publication Details 7000 Series Managed Switch Contents NETGEAR 7000 Series Managed Switch Administration Guide Page Page Page Page Page About This Book Page Page Page Chapter 1 Getting Started In-band and Out-of-band Connectivity Configuring for In-band Connectivity IP Address Subnet gateway MAC Address Configuring for Out-Of-Band Connectivity Starting the Switch Initial Configuration Initial Configuration Procedure Software Installation Quick Starting the Networking Device System Information and System Setup Page Page Page Page Chapter 2 Using the Web Interface Configuring for Web Access Starting the Web Interface Web Page Layout Configuring an SNMP V3 User Profile Command Buttons Page Chapter 3 Virtual LANs VLAN Configuration Example Example #1: Create Two VLANs Example #2: Assign Ports to VLAN2 Example #3: Assign Ports to VLAN3 Example #4: Assign VLAN3 as the Default VLAN Page Chapter 4 Link Aggregation Page Example 1: Create two LAGS: 4-4 Link Aggregation Example 2: Add the ports to the LAGs: Example 3: Enable both LAGs. At this point, the LAGs could be added to VLANs. By default, the system enables link trap notification Chapter 5 IP Routing Services Port Routing Port Routing Configuration Page VLAN Routing VLAN Routing Configuration Page VLAN Routing RIP Configuration Page IP Routing Services 5-9 Example of configuring VLAN Routing with RIP support on a 7000 Series Managed Switch VLAN Routing OSPF Configuration IP Routing Services 5-11 Example of configuring OSPF on a 7000 Series Managed Switch acting as an inter-area router: Routing Information Protocol RIP Configuration CLI Example Page OSPF Page Page Page Page 5-20 IP Routing Services The following example configures OSPF on a 7000 Series Managed Switch operating as a border router: Proxy Address Resolution Protocol (ARP) Overview 5-22 IP Routing Services Example #2: ip proxy-arp Chapter 6 Virtual Router Redundancy Protocol Page Virtual Router Redundancy Protocol 6-3 6-4 Virtual Router Redundancy Protocol Chapter 7 Access Control Lists (ACLs) Limitations MAC ACLs Configuring IP ACLs Process IP ACL CLI Example 7-4 Access Control Lists (ACLs) The following is an example of configuring ACL support on a 7000 Series Managed Switch: MAC ACL CLI Examples The following are examples of the commands used for the MAC ACLs feature. Example #1: mac access list 7-6 Access Control Lists (ACLs) Example #2: permit any Example #3 Configure mac access-group Example #4 permit Example #5: show mac access-lists Page Chapter 8 Class of Service (CoS) Queuing CoS Queue Mapping Trusted Ports Untrusted Ports CoS Queue Configuration Port Egress Queue Configuration Drop Precedence Configuration (per Queue) Per Interface Basis 8-4 Class of Service (CoS) Queuing Example #1: show classofservice trust Example #2: set classofservice trust mode Class of Service (CoS) Queuing 8-5 Example #3: show classofservice ip-precedence mapping Example #4: Configure Cos-queue Min-bandwidth and Strict Priority Scheduler Mode Example #5: Set CoS Trust Mode of an Interface Traffic Shaping CLI Example Example #1 traffic-shape Page Chapter 9 Differentiated Services Page Differentiated Services 9-3 The following example configures DiffServ on a 7000 Series Managed Switch: 9-4 Differentiated Services DiffServ for VoIP Configuration Example Page 9-6 Differentiated Services The following example configures DiffServ VoIP support: Chapter 10 IGMP Snooping Example #1: Enable IGMP Snooping 10-2 IGMP Snooping Example #2: show igmpsnooping Example #3: show mac-address-table igmpsnooping Chapter 11 Port Security Operation Port Security 11-3 The following are examples of the commands used in the Port Security feature. Example #1: show port security Example #2: show port security on a specific interface Example #3: (Config) port security Page Chapter 12 Traceroute 12-2 Traceroute Chapter 13 Configuration Scripting Considerations 13-2 Configuration Scripting Example #1: script Example #2: script list and script delete Example #3: script apply running-config.scr Configuration Scripting 13-3 Example #4: Creating a Configuration Script Example #5: Upload a Configuration Script Page Chapter 14 Outbound Telnet 14-2 Outbound Telnet Example #1: show network Example #2: show telnet Outbound Telnet 14-3 Example #3: transport output telnet Example #4: session-limit and session-timeout Page Chapter 15 Port Mirroring 15-2 Port Mirroring Example #1: show monitor session Example #2: show port all Use this command for a specific port. The output shows whether the port is the mirror or the probe Example #3: show port interface Note: Monitor session ID 1 - 1 is a hardware limitation. Example #4: (Config) monitor session 1 mode To set up port mirroring, specify the monitor session, then the mode. 15-4 Port Mirroring Example #5: (Config) monitor session 1 source interface Specify the source (mirrored) ports and destination (probe) port. Example #6: (Interface) port security Chapter 16 Simple Network Time Protocol (SNTP) Example #1: show sntp 16-2 Simple Network Time Protocol (SNTP) Example #2: show sntp client Example #3: show sntp server Example #4: Configure SNTP Page Page Chapter 17 Pre-Login Banner 2. Transfer the file from the PC to the switch using TFTP Note: The command no clibanner removes the banner from the switch. Chapter 18 Syslog Persistent Log Files Interpreting Log Files DEF GH I C Syslog 18-3 Example #1: show logging Example #2: show logging buffered 18-4 Syslog Example #3: show logging traplogs Example 4: show logging hosts Syslog 18-5 Example #5: logging port configuration