Manuals / NETGEAR / Computer Equipment / Switch

NETGEAR XS712T-100NES MAC ACL Example Configuration, Assign Queue Match Every. False CoS, Vlan ID

Models: XS712T-100NES

1 310

Download 310 pages 34.14 Kb

Page 288

XS712T Smart Switch

criteria to a particular queue or redirect the traffic to a particular port. A default deny all rule is the last rule of every list.

2.Apply the access list to an interface in the inbound direction.

The XS712T Smart Switch allows ACLs to be bound to physical ports and LAGs.The switch software supports MAC ACLs and IP ACLs.

MAC ACL Example Configuration

The following example shows how to create a MAC-based ACL that permits Ethernet traffic from the Sales department on specified ports and denies all other traffic on those ports.

1.From the MAC ACL screen, create an ACL with the name Sales_ACL for the Sales department of your network (see MAC ACL on page 215).

By default, this ACL will be bound on the inbound direction, which means the switch will examine traffic as it enters the port.

2.From the MAC Rules screen, create a rule for the Sales_ACL with the following settings:

•ID. 1

•Action. Permit

•Assign Queue. 0

•Match Every. False

•CoS. 0

•Destination MAC. 01:02:1A:BC:DE:EF

•Destination MAC Mask. 00:00:00:00:FF:FF

•Source MAC. 02:02:1A:BC:DE:EF

•Source MAC Mask. 00:00:00:00:FF:FF

•VLAN ID. 2

For more information about MAC ACL rules, see MAC Rules on page 216.

3.From the MAC Binding Configuration screen, assign the Sales_ACL to Ethernet ports 6, 7, and 8, and then click Apply (seeMAC Binding Configuration on page 218).

288

Image 288

NETGEAR XS712T-100NES MAC ACL Example Configuration, Assign Queue Match Every. False CoS, Destination MAC Mask Ffff, 288

Contents

XS712T Smart Switch XS712T Smart Switch Technical SupportTrademarks Statement of Conditions Contents Configuring Routing Monitoring the System Appendix a Smart Control Center Utilities Getting Started with the XS712T Smart Switch Getting Started Switch Management Interface Connect the Switch to the Network Discover a Switch in a Network with a Dhcp Server  To install the switch in a network with a Dhcp server Discover a Switch in a Network without a Dhcp Server  To assign a static IP address XS712T Smart Switch Configure the Network Settings on the Administrative System Click the Local Area Connection link XS712T Smart Switch  To configure a static address on the switch Access the Management Interface from a Web Browser Click Web Browser Access Understand the User Interfaces Use the Web Interface To log on to the Web interface Navigation Tabs, Configuration Menus, and Links Smart Switch Web Interface Configuration and Status Options XS712T Smart Switch Link Submenu LinksCommand buttons Device View Device view Help Access Use SNMPv3 User-Defined FieldsDisallowed characters in user-defined fields XS712T Smart Switch Interface Naming Convention Interface naming conventions Online Help SupportUser Guide  To register the switch with Netgear Select Help Register RegistrationClick Register Configure System Information Management System Information  To define a system name, location, and contact System Information screen status fields Field Description IP Configuration XS712T Smart Switch IPv6 Network Configuration  To configure the network information for an IPv6 network IPv6 Network Neighbor IPv6 neighbor table fields XS712T Smart Switch IPv6 neighbor table fields Time Time Configuration  To manually configure the time XS712T Smart Switch Time Configuration status fields Sntp Server Configuration  To configure a new Sntp serverXS712T Smart Switch Time Configuration status fields  To change the settings for an existing Sntp server  To remove an Sntp serverSntp server status fields Summer Time Configuration  To configure the summer time settingsXS712T Smart Switch Sntp server status fields Denial of Service Configure Auto-DoS To enable the Auto-DoS feature Configure Denial of Service  To configure individual DoS settings XS712T Smart Switch Click Apply Configure DNS  To configure the global DNS settings Configure and View Hostname-to-IP Address Information  To remove an entry from the static DNS table To change the hostname or IP address in an entry Dynamically learned host name mapping information Green Ethernet Interface Configuration Green Ethernet  To configure Green Ethernet mode settings for a port Green Ethernet Detail Green Ethernet local device information XS712T Smart Switch Green Ethernet local device information Green Ethernet Summary Green Ethernet power saving information Green Ethernet summary screen View and Configure Green Ethernet LPI History  To configure the LPI settingsGreen Ethernet support information Green Ethernet interface information LPI history information Configure the Snmp Community  To add an Snmp community  To modify an existing community  To delete a community Trap Configuration  To add an Snmp trap receiver To modify information about an existing Snmp recipient  To delete an Snmp trap recipient  To configure the trap flags Trap FlagsSnmp Supported Mibs Lldp Lldp Configuration  To configure global Lldp settings Lldp Port Settings  To configure Lldp port settings LLDP-MED Network Policy LLDP-MED Port Settings  To configure LLDP-MED settings for a portXS712T Smart Switch LLDP-MED network policy information Local Information  To view local Lldp information Model and platform Are True enabled or False disabled Neighbors Information  To view Lldp information received from a neighbor device Field Field Description Port Details Field Description MED Details Services-DHCP Snooping Global Configuration  To configure Dhcp snooping global settings Interface Configuration  To configure Dhcp snooping interface settings XS712T Smart Switch Binding Configuration Dhcp Snooping dynamic binding information Persistent Configuration  To configure Dhcp snooping persistent settings Statistics  To view and clear the Dhcp snooping statisticsDhcp Snooping statistics XS712T Smart Switch Dhcp Snooping statistics Port Configuration  To configure port settingsPorts XS712T Smart Switch Flow Control LAG Configuration Link Aggregation Groups  To create a LAG Select Switching LAG Basic LAG Membership LAG Membership Lacp Configuration Lacp Port Configuration VLANs Basic Vlan Configuration  To delete a one or more VLANs To modify the Vlan name Vlan Membership Configuration Port Vlan ID Configuration Vlan Status XS712T Smart Switch MAC Based Vlan Protocol Based Vlan Group Configuration Protocol Based Vlan Group Membership  To modify protocol based Vlan information To delete a protocol based Vlan group Voice Vlan Auto-VoIP Configuration Configure Protocol-Based Auto VoIP Settings XS712T Smart Switch Port Settings OUI Based Properties OUI Table  To delete one or more OUI prefixes from the table Spanning Tree Protocol STP Configuration 100 CST Configuration 101 CST Port Configuration 102 103 CST Port Status 104 Rapid STP 105 MST Configuration 106 MST Port Configuration  To delete an MST instance107 108 STP Statistics 109 110 Multicast Bridge Multicast Forwarding111 Mfdb Table 112 Mfdb Statistics 113 Auto-Video Igmp Snooping114 Igmp Snooping Configuration 115 Igmp Snooping Interface Configuration 116 Igmp Snooping Table 117 Igmp Snooping Vlan Configuration 118 Multicast Router Configuration  To disable Igmp snooping on one or more VLANs119 Multicast Router Vlan Configuration 120 Igmp Snooping Querier Configuration Igmp Snooping Querier121 Igmp Snooping Querier Vlan Configuration 122 Igmp Snooping Querier Vlan Status 123 MLD Snooping Igmp snooping querier Vlan status124 MLD Snooping Configuration MLD Interface Configuration125 126 MLD Vlan Configuration 127  To disable MLD snooping on a Vlan 128 Querier Configuration 129 Querier Vlan Configuration 130 131  To remove an MLD snooping querier configuration Forwarding DatabaseMAC Address Table 132 Dynamic Address Configuration 133 Address Table 134 Static MAC Address 135  To delete a static MAC address 136 Configure IP Settings 137 IP Statistics  To display the IP statistics screen138 IP routing statistics 139 XS712T Smart Switch IP routing statistics 140 141 Configure Vlan Routing Vlan Routing Wizard142 143 Vlan Routing Configuration 144 Configure Router Discovery Router Discovery Configuration145 Configure and View Routes 146  To delete one or more static routes Routing table information147 Configure ARP ARP Cache To display entries in the ARP table 148 Create a Static ARP Entry ARP cache informationARP cache information for routing VLANs 149 Configure Global ARP Settings 150 151 Remove an ARP Entry From the ARP Cache All Dynamic Entries All Dynamic and Gateway EntriesSpecific Static Entry 152 Class of Service 153 Basic CoS Configuration 154 CoS Interface Configuration 155 Interface Queue Configuration 156 157 802.1p to Queue Mapping 158 Dscp to Queue Mapping 159 Differentiated Services Defining DiffServ160 Diffserv Configuration DiffServ MIB table information161 Class Configuration  To configure the class match criteria To rename an existing class  To delete a class 163 164 IPv6 Class Configuration 165 Policy Configuration  To delete a policy166 167 168 Service Configuration 169 Service Statistics  To display the service statistics screenService statistics  To remove a policy from an interface Management Security Settings Change Password171  To reset the password to the default value 172 Radius Configuration Global Configuration173 Radius Server Configuration 174  To delete a configured Radius server Radius server statistics175 Accounting Server Configuration 176 Radius accounting server statistics 177 Configuring TACACS+ TACACS+ Configuration178 TACACS+ Server Configuration 179 Authentication List Configuration Http Authentication List180 Https Authentication List 181 Dot1x Authentication List 182 Configure Management Access Http Configuration183 Secure Http Configuration 184 Certificate Management 185 Certificate Download 186 187 Access Control Access Profile Configuration188 Access Rule Configuration 189 Port Authentication 802.1X Configuration190 Port Authentication 191 192 193 Port authentication status information 194  To access the port Summary screen XS712T Smart Switch Port authentication status informationPort Summary 195 Ieee 802.1X port summary information 196 MAC Filter Configuration XS712T Smart Switch Ieee 802.1X port summary informationTraffic Control 197  To delete a configured MAC filter 198 MAC Filter Summary  To display the MAC filter summary screenMAC filter summary information 199 Storm Control 200 Port Security Configuration 201 Port Security Interface Configuration Port security violation information202 203 Security MAC Address Dynamic MAC address table information204 Private Vlan Configuration Protected Ports Membership205 Private Vlan Association Configuration Private Vlan type table information206 Private Vlan Port Mode Configuration Private Vlan association table information207 Private Vlan Host Interface Configuration 208 Private Vlan host interface table information 209 Private Vlan Promiscuous Interface Configuration 210 Private Vlan promiscuous interface table information 211 Configuring Access Control Lists 212 ACL Wizard 213  To remove a rule 214  To add a MAC ACL Select Security Basic MAC ACL  To change the name of a MAC ACL215 MAC Rules  To delete a MAC ACL216  To change the match criteria for a rule  To delete a rule217 MAC Binding Configuration 218 MAC Binding Table MAC binding table information219  To delete an IP ACL 220 IP Rules  To add IP rules Select Security ACL Advanced IP Rules221 IP Extended Rules  To modify the match criteria for an ACL rule To delete and IP ACL rule 222 223 224 IPv6 ACL 225 IPv6 Rules  To add an IPv6 ACL Select Security ACL Advanced IPv6 ACL To delete an IPv6 ACL 226 227 228  To delete an IPv6 rule 229 IP Binding Configuration 230 IP Binding Table IP binding table information231 Vlan Binding Table  To delete a Vlan binding232 Switch Statistics 233 Switch statistics 234 XS712T Smart Switch Switch statistics 235 Port Statistics Port statistics236  To reset the counters for all interfaces on the switch  To reset the counters for a specific interfaceXS712T Smart Switch Port statistics 237 Port Detailed Statistics 238 Detailed interface statistics 239 XS712T Smart Switch Detailed interface statistics 240 241 242 243 244 EAP Statistics EAP statistics245 XS712T Smart Switch EAP statistics 246 Cable Test 247 Logs Cable information248 Memory Log 249 Flash Log 250 251 Server Log 252  To modify the settings for an existing host  To add a remote syslog host log server To delete an existing host 253 Trap Logs  To view trap log informationTrap log statistics Trap log information Event Logs  To view the event logsEvent log information 255 Mirroring 256  To delete a mirrored port 257 258 Reset Device Reboot259 Factory Default Upload260 Tftp File Upload 261 Http File Upload 262 Download Tftp File Download263 264 Http File Download 265 File Management Copy266 Dual Image Configuration 267 Dual Image Status 268 Network Utilities 269 270 Configure the Device  To modify switch information271 Change the Switch Password  To change the switch passwordClick Change Password 272 Manage the Switch Configuration and Firmware Upload and Download the ConfigurationClick Upload Configuration 273 Click Download Configuration 274 Upgrade the Firmware  To upgrade your firmware275 276 View and Manage Tasks 277 278 Troubleshooting Configuration Menu Ping279 280 Ping IPv6 281 TraceRoute 282 Troubleshooting Chart Troubleshooting chart283 284 Virtual Local Area Networks VLANs 285 Sample Vlan Configuration 286 Access Control Lists ACLs 287 MAC ACL Example Configuration Assign Queue Match Every. False CoSDestination MAC Mask Ffff Vlan ID Sample Standard IP ACL Configuration Rule ID Action. DenyMatch Every. False Source IP Address Rule ID Differentiated Services DiffServ 290 Class DiffServ Traffic Classes291 Create Policies Traffic Conditioning Policy292 Sample DiffServ Configuration Class Name. Class1 Class Type. AllProtocol Type. UDP Source IP Address Destination IP Address Destination Mask 802.1X Assign Queue Policy Attribute. Simple Policy294 295 Sample 802.1X Configuration Secret Configured. Yes296 Mstp 297 298 Sample Mstp Configuration Switch 1 Switch 2 Switch 3299 MST ID MST ID Priority Vlan ID300 Sample Vlan Routing Configuration Vlan Routing with a Static RouteVlan Routing Overview 301 302 XS712T Smart Switch Specifications Smart Switch specifications303 XS712T Switch Features and Defaults Switch features and defaults304 XS712T Smart Switch Switch features and defaults 305 306 Netgear Wired Products Certificate of the Manufacturer/ImporterBestätigung des Herstellers/Importeurs FCC Caution Europe EU Declaration of Conformity Edoc in Languages of the European Community308 FCC Requirements for Operation in the United States FCC Information to UserFCC Guidelines for Human Exposure FCC Declaration Of Conformity FCC Radio Frequency Interference Warnings & Instructions 310