Page 1 GS716T and GS724T Gigabit Smart Switches Software Administration Manual 350 East Plumeria Drive San Jose, CA 95134 October 2012 202-10484-05 v2.0...
Page 2: Technical Support
©2012 All rights reserved. Technical Support Thank you for choosing NETGEAR. To register your product, get the latest product updates, get support online, or for more information about the topics covered in this manual, visit the Support website at http://support.netgear.com...
Page 3: Table Of Contents
Chapter 1 Switch Information and Setup GS716T and GS724T Smart Switch Setup ......10 Switch Management Interface ........10 Connecting the Switch to the Network .
Page 4 GS716T and GS724T Gigabit Smart Switches LLDP-MED Port Settings ........67 Local Information .
Page 5 GS716T and GS724T Gigabit Smart Switches MSRP Reservation Parameters ......139 Qav Parameters ......... . 141 MSRP Streams Information .
Page 6 GS716T and GS724T Gigabit Smart Switches Protected Ports Membership ....... . 208 Configuring Access Control Lists .
Page 7 GS716T and GS724T Gigabit Smart Switches Specifications ..273 GS716T Specifications ........273 GS724T Specifications .
Page 8 GS716T and GS724T Gigabit Smart Switches...
Page 9: Chapter 1 Switch Information And Setup
GS716T and GS724T Smart Switch Software Administration Manual describes ® how to configure and operate the GS716T and GS724T Gigabit Smart Switches by using the Web-based graphical user interface (GUI). This manual describes the software configuration procedures and explains the options available within those procedures.
Page 10: Gs716T And Gs724T Smart Switch Setup
Smart Switches for information about issues and workarounds. GS716T and GS724T Smart Switch Setup This chapter provides an overview of starting your NETGEAR GS716T and GS724T Smart Switch and accessing the user interface. It also leads you through the steps to use the Smart Control Center utility.
Page 11: Connecting The Switch To The Network
GS716T and GS724T Gigabit Smart Switches In addition to enabling NETGEAR switch discovery, the Smart Control Center provides several utilities to help you maintain the NETGEAR switches on your network, such as password management, firmware upgrade, and configuration file backup. For more...
Page 12: Switch Discovery In A Network With A Dhcp Server
GS716T and GS724T Gigabit Smart Switches Switch Discovery in a Network with a DHCP Server This section describes how to set up your switch in a network that has a DHCP server. The DHCP client on the switch is enabled by default. When you connect it to your network, the DHCP server will automatically assign an IP address to your switch.
Page 13 GS716T and GS724T Gigabit Smart Switches Make a note of the displayed IP address assigned by the DHCP server. You will need this value to access the switch directly from a Web browser (without using the Smart Control Center). Select your switch by clicking the line that displays the switch, then click the Web Browser Access button.
Page 14: Switch Discovery In A Network Without A Dhcp Server
Install the Smart Control Center on your computer. Start the Smart Control Center. Click Discover for the Smart Control Center to find your GS716T and GS724T switch. The utility broadcasts Layer 2 discovery packets within the broadcast domain to discover the switch.
Page 15: Network Settings Configuration On The Administrative System
GS716T and GS724T Gigabit Smart Switches Enter the static switch IP address, gateway IP address, and subnet mask for the switch, and then type your password. Tip: You must enter the current password every time you use the Smart Control Center to update the switch setting. The default password is password.
Page 16: Web Access
Open a Web browser and enter the IP address of the switch in the address field. You must be able to ping the IP address of the GS716T and GS724T management interface from your administrative system for Web access to be available. If you used the Smart Control Center to set up the IP address and subnet mask, either with or without a DHCP server, use that IP address in the address field of your Web browser.
Page 17: Smart Control Center Utilities
GS716T and GS724T Gigabit Smart Switches Clicking Web Browser Access on the Smart Control Center or accessing the switch directly from your Web browser displays the login screen shown in the following figure. Figure 2. Login Screen Smart Control Center Utilities In addition to device discovery and network address assignment, the Smart Control Center includes several maintenance features.
Page 18: Configuring The Device
GS716T and GS724T Gigabit Smart Switches • Configure Device—Allows you to modify network information for the switch, including the IP address, DHCP client mode, system name, and location. For more information about this feature, see Configuring the Device • Change Password—Allows you to set a new password for the device. For more...
Page 19: Configuration Upload And Download
GS716T and GS724T Gigabit Smart Switches Configuration Upload and Download When you make changes to the switch, the configuration information is stored in a file on the switch. You can backup the configuration by uploading the configuration file from the switch to an administrative system.
Page 20: Firmware Upgrade
Firmware Upgrade The application software for the GS716T and GS724T Smart Switches is upgradable, enabling your switch to take advantage of improvements and additional features as they become available. The upgrade procedure and the required equipment are described in this section.
Page 21 Run this FW after download option is clear. Note: NETGEAR recommends that you download the same image as the primary and secondary image for redundancy. From the Select new firmware window that appears, navigate to and select the firmware image to download to the switch.
Page 22: Viewing And Managing Tasks
GS716T and GS724T Gigabit Smart Switches Viewing and Managing Tasks From the Tasks tab, you can view information about configuration downloads and firmware upgrades that have already occurred, are in progress, or are scheduled to take place at a later time. You can also delete or reschedule selected tasks.
Page 23: User Interfaces
Each of the standards-based management methods allows you to configure and monitor the components of the GS716T and GS724T Smart Switches software. The method you use to manage the system depends on your network size and requirements, and on your preference.
Page 24 GS716T and GS724T Gigabit Smart Switches Navigation Tab Feature Link Help Link Logout Button Help Page Page Menu Configuration and Status and Options Figure 4. Administrative Page Layout Navigation Tabs, Feature Links, and Page Menu The navigation tabs along the top of the Web interface give you quick access to the various switch functions.
Page 25 GS716T and GS724T Gigabit Smart Switches Page Link Configuration Pages Figure 5. Menu Hierarchy Configuration and Status Options The area directly under the feature links and to the right of the page menu displays the configuration information or status for the page you select. On pages that contain configuration options, you can input information into fields or select options from drop-down menus.
Page 26: Device View
• A yellow LED indicates that the port is enabled and operating at a transfer rate of 10 Mbps/100 Mbps. The following image shows the Device View of the GS716T. The following image shows the Device View of the GS724T.
Page 27 GS716T and GS724T Gigabit Smart Switches Click the port you want to view or configure to see a menu that displays statistics and configuration options. Click the menu option to access the page that contains the configuration or monitoring options.
Page 28: Snmp Management
>| SNMP Management The GS716T and GS724T Smart Switches software supports the configuration of SNMP groups and users that can manage traps that the SNMP agent generates. The switches use both standard public MIBs for standard functionality and private MIBs that support additional switch functionality.
Page 29: Interface Naming Convention
GS716T and GS724T Gigabit Smart Switches Interface Naming Convention The GS716T and GS724T Smart Switches supports physical and logical interfaces. Interfaces are identified by their type and the interface number. All the physical ports 1–48 are Gigabit ports and the SFP Ports 47–50 support 1000M Speed fiber modules. Ports 47–48 are Combo ports and ports 49–50 will support dedicated SFP modules.
Page 30 GS716T and GS724T Gigabit Smart Switches...
Page 31: Management
System Information Features Use the features in the System tab to define the switch’s relationship to its environment. The System tab contains links to the following features: • Management on page 31 • License on page 56 • SNMP on page 58 •...
Page 32: System Information
GS716T and GS724T Gigabit Smart Switches System Information After a successful login, the System Information page displays. Use this page to configure and view general device information. To display the System Information page, click System Management System Information.  ...
Page 33: Ip Configuration
GS716T and GS724T Gigabit Smart Switches The following table describes the status information the System Page displays. Field Description Serial Number The serial number of the switch. System Object ID The base object ID for the switch's enterprise MIB. Date & Time The current date and time.
Page 34 GS716T and GS724T Gigabit Smart Switches To configure the network information for the management interface: Select the appropriate radio button to determine how to configure the network information for the switch management interface: • Dynamic IP Address (DHCP). Specifies that the switch must obtain the IP address through a DHCP server.
Page 35: Ipv6 Network Configuration
GS716T and GS724T Gigabit Smart Switches If you change any of the network connection parameters, click Apply to apply the changes to the system. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
Page 36 GS716T and GS724T Gigabit Smart Switches To configure the network information for an IPv6 network: Admin Mode. Enable or disable the IPv6 network interface on the switch. The default value is Enable. IPv6 Address Auto Configuration Mode. The IPv6 address for the IPv6 network interface is set in auto configuration mode if this option is enabled.
Page 37: Ipv6 Network Neighbor
GS716T and GS724T Gigabit Smart Switches IPv6 Network Neighbor Use the IPv6 Network Neighbor page to configure the IPv6 Network Interface IPv6 Neighbor Table. To access the page, click System Management IPv6 Network Neighbor. A screen similar   to the following displays.
Page 38: Time
SNTP assures accurate network device clock time synchronization up to the millisecond. Time synchronization is performed by a network SNTP server. GS716T and GS724T Smart Switches software operates only as an SNTP client and cannot provide time services to other systems.
Page 39: Time Configuration
GS716T and GS724T Gigabit Smart Switches SNTP time definitions are assessed and determined by the following time levels: • T1: Time at which the original request was sent by the client. • T2: Time at which the original request was received by the server.
Page 40 GS716T and GS724T Gigabit Smart Switches To configure the time by using the CPU clock cycle as the source: From the Clock Source field, select Local. In the Date field, enter the date in the DD/MM/YYYY format. In the Time field, enter the time in HH:MM:SS format.
Page 41 GS716T and GS724T Gigabit Smart Switches Field Description Last Attempt Status Specifies the status of the last SNTP request or unsolicited message for both unicast mode. If no message has been received from a server, a status of Other is displayed. These values are appropriate for all operational modes: •...
Page 42: Sntp Server Configuration
GS716T and GS724T Gigabit Smart Switches SNTP Server Configuration Use the SNTP Server Configuration page to view and modify information for adding and modifying Simple Network Time Protocol SNTP servers. To display the SNTP Server Configuration page, click System Management...
Page 43 GS716T and GS724T Gigabit Smart Switches To change the settings for an existing SNTP server, select the check box next to the configured server and enter new values in the available fields, and then click Apply. Configuration changes take effect immediately.
Page 44: Denial Of Service
GS716T and GS724T Gigabit Smart Switches Denial of Service Use the Denial of Service (DoS) page to configure DoS control. The GS716T and GS724T switch provide support for classifying and blocking specific types of DoS attacks. The type of DoS attacks the switch can detect and prevent are described in DoS Configuration page 45.
Page 45 GS716T and GS724T Gigabit Smart Switches To configure the Auto-DoS feature: Select a radio button to enable or disable Auto-DoS: • Disable. Auto-DoS is disabled (default). • Enable. Auto-DoS is enabled. Click Apply to send the updated configuration to the switch. Configuration changes occur immediately.
Page 46 GS716T and GS724T Gigabit Smart Switches • Denial of Service Min TCP Hdr Size: Specifies the Min TCP Hdr Size allowed. If First TCP Fragment DoS prevention is enabled, then the switch will drop packets that have a TCP header smaller than this configured Min TCP Hdr Size. The factory default is 20.
Page 47: Dns
Enter the DNS default domain name to include in DNS queries. When the system is performing a lookup on an unqualified host name, this field is provided as the domain name (for example, if default domain name is netgear.com and the user enters test, then test is changed to test.netgear.com to resolve the name).
Page 48: Host Configuration
GS716T and GS724T Gigabit Smart Switches Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. Click Apply to send the updated configuration to the switch. Configuration changes take effect immediately.
Page 49: Green Ethernet
Green Ethernet The Green Ethernet features allow the switch to reduce power consumption on a per-port basis, except for the Combo ports (g15–16 for GS716T; g23–24 for GS724T). Each switch can support one or more of the following features: •...
Page 50: Green Ethernet Configuration
GS716T and GS724T Gigabit Smart Switches Green Ethernet Configuration Use this page to configure the administrative mode for the Green Ethernet features available on the switch. These features must also be enabled on each port to take advantage of the possible power savings.
Page 51 GS716T and GS724T Gigabit Smart Switches Green Ethernet Interface Configuration Use this page to configure Green Ethernet features on a per-port basis. The Green Ethernet modes must be administratively enabled on the switch for the mode enabled on the port to take effect.
Page 52 GS716T and GS724T Gigabit Smart Switches Green Ethernet Detail Use this page to configure Green Ethernet monitor and manage Green Ethernet features on a specific port. To access this page, click System Management Green Ethernet Green Ethernet   ...
Page 53 GS716T and GS724T Gigabit Smart Switches To configure or view details about the Green Ethernet feature on a port: Within the Local Device Information, select the port to view or configure from the Interface menu. Enable or disable the Energy Detect or Short Reach administrative modes on the interface.
Page 54 GS716T and GS724T Gigabit Smart Switches Green Ethernet Statistics Summary This page summarizes the Green Ethernet Summary settings currently in use. To access this page, click System Management Green Ethernet Green Ethernet    Statistics Summary. The following table describes the information available on the Green Mode Statistics Summary page.
Page 55 GS716T and GS724T Gigabit Smart Switches Field Description Energy Detect Admin Mode Shows whether Energy Detect Mode is administratively enabled on the port. Energy Detect Operational Shows the current operational status of the Green Mode for the selected Status port.
Page 56: License
GS716T and GS724T Gigabit Smart Switches License From the License link under the System tab, you can view information about the switch license.The License link provides access to the following pages: • Show License on page 56 • License Features...
Page 57: License Features
GS716T and GS724T Gigabit Smart Switches License Features Use the License Features page to view information about the features on the device that require an active license. To display the License Features page, click System > License > License Features. A...
Page 58: Snmp
GS716T and GS724T Gigabit Smart Switches SNMP From SNMP link under the System tab, you can configure SNMP settings for SNMP V1/V2 and SNMPv3. From the SNMP link, you can access the following pages: • SNMPV1/V2 on page 58 •...
Page 59 GS716T and GS724T Gigabit Smart Switches Use this page when you are using the SNMPv1 and SNMPv2c protocol. To configure SNMP communities: To add a new SNMP community, enter community information in the available fields described below, and then click Add.
Page 60: Trap Configuration
GS716T and GS724T Gigabit Smart Switches To delete a community, select the check box next to the community and click Delete. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
Page 61: Trap Flags
GS716T and GS724T Gigabit Smart Switches Trap Flags The pages in the Trap Manager folder allow you to view and configure information about SNMP traps the system generates. Use the Trap Flags page to enable or disable traps the switch can send to an SNMP manager.
Page 62: Snmp V3 User Configuration
GS716T and GS724T Gigabit Smart Switches SNMP v3 User Configuration Use this page to configure user access for management of the switch using SNMP v3. To access this page, click System SNMP SNMP V3 User Configuration.    The SNMPv3 Access Mode is a read-only field that shows the access privileges for the user account.
Page 63: Lldp
GS716T and GS724T Gigabit Smart Switches LLDP The IEEE 802.1AB-defined standard, Link Layer Discovery Protocol (LLDP), allows stations on an 802 LAN to advertise major capabilities and physical descriptions. This information is viewed by a network manager to identify system topology and detect bad configurations on the LAN.
Page 64 GS716T and GS724T Gigabit Smart Switches To configure global LLDP settings: Configure the following LLDP properties. • TLV Advertised Interval. Specify the interval at which frames are transmitted. The default is 30 seconds, and the valid range is 5–32768 seconds.
Page 65: Lldp Port Settings
GS716T and GS724T Gigabit Smart Switches LLDP Port Settings Use the LLDP Port Settings page to specify LLDP parameters that are applied to a specific interface. To display the LLDP Port Settings page, click System LLDP Advanced LLDP Port ...
Page 66: Lldp-Med Network Policy
GS716T and GS724T Gigabit Smart Switches • Optional TLV(s). Enable or disable the transmission of optional type-length value (TLV) information from the interface. The TLV information includes the system name, system description, system capabilities, and port description. The default is enabled.
Page 67: Lldp-Med Port Settings
GS716T and GS724T Gigabit Smart Switches Field Description VLAN Type Specifies whether the VLAN associated with the policy is tagged or untagged. User Priority Specifies the priority associated with the policy. DSCP Specifies the DSCP associated with a particular policy type.
Page 68: Local Information
GS716T and GS724T Gigabit Smart Switches From the Transmit Optional TLVs field, specify whether the port should transmit optional type length values (TLVs) in the LLDP PDU frames. If enabled, the following LLDP-MED TLVs are transmitted: • MED Capabilities •...
Page 69 TLVs, as the following table describes: Field Description Chassis ID Subtype The type of information used to identify the GS716T and GS724T in the Chassis ID field. Chassis ID The hardware platform identifier for the GS716T and GS724T. System Name The user-configured system name for the GS716T and GS724T.
Page 70 GS716T and GS724T Gigabit Smart Switches To view additional details about a port, click the name of the port in the Interface column of the Port Information table. A popup window displays information for the selected port. The following table describes the detailed local information that displays for the selected port.
Page 71 GS716T and GS724T Gigabit Smart Switches Field Description Auto-Negotiation Supported Specifies whether the interface supports port-speed auto-negotiation. The possible values are True or False. Auto-Negotiation Enabled Displays the port speed auto-negotiation support status. The possible values are True (enabled) or False (disabled).
Page 72: Neighbors Information
GS716T and GS724T Gigabit Smart Switches Neighbors Information Use the LLDP Neighbors Information page to view the data that a specified interface has received from other LLDP-enabled systems. To display the LLDP Neighbors Information page, click System > LLDP > Advanced >...
Page 73 GS716T and GS724T Gigabit Smart Switches A popup window displays information for the selected port. Field Description Port Details Local Port Displays the interface on the local system that received LLDP information from a remote system. MSAP Entry Displays the Media Service Access Point (MSAP) entry number for the remote device.
Page 74 GS716T and GS724T Gigabit Smart Switches Field Description Managed Addresses Address SubType Specifies the type of the management address. Address Specifies the advertised management address of the remote system. Interface SubType Specifies the port subtype. Interface Number Identifies the port on the remote device that sent the information.
Page 75 GS716T and GS724T Gigabit Smart Switches Field Description Location Information Civic Displays the physical location, such as the street address, the remote device has advertised in the location TLV. For example, 123 45th St. E. The field value length range is 6–160 characters.
Page 76: Services - Dhcp Filtering
GS716T and GS724T Gigabit Smart Switches Services — DHCP Filtering DHCP Filtering is a useful feature that can be employed as a security measure against unauthorized DHCP servers. A known attack is when an unauthorized DHCP server responds to a client that is requesting an IP address. The server configures the gateway for the client to be equal to the IP address of the server.
Page 77: Interface Configuration
GS716T and GS724T Gigabit Smart Switches Interface Configuration Use the DHCP Filtering Interface Configuration page to view and configure each port as a trusted or untrusted port. Any DHCP responses received on a trusted port are forwarded. If a port is configured as untrusted, any DHCP (or BootP) responses received on that port are discarded.
Page 78 GS716T and GS724T Gigabit Smart Switches...
Page 79: Ports
Switching Features Use the features in the Switching tab to define Layer 2 features. The Switching tab contains links to the following features: • Ports on page 79 • Link Aggregation Groups on page 83 • VLANs on page 89 •...
Page 80: Port Configuration
GS716T and GS724T Gigabit Smart Switches Port Configuration Use the Port Configuration page to configure the physical interfaces on the switch. To access the Port Configuration page, click Switching Ports Port Configuration.   To configure port settings: To configure settings for a physical port, click PORTS.
Page 81 GS716T and GS724T Gigabit Smart Switches Select the check box next to the port or LAG to configure. You can select multiple ports and LAGs to apply the same setting to the selected interfaces. Select the check box in the heading row to apply the same settings to all interfaces.
Page 82: Flow Control
If you change the mode, click Apply to apply the changes to the system. The GS716T and GS724T supports two combo ports using 1000M SFP modules. Each combo port can operate in either ‘copper’ or ‘fiber’ mode. When a cable is plugged into the RJ-45 port, copper mode is used.
Page 83: Link Aggregation Groups
Static LAGs are supported. When a port is added to a LAG as a static member, it neither transmits nor receives LAGPDUs. The GS716T and GS724T Smart Switches supports eight LAGs.
Page 84: Lag Configuration
GS716T and GS724T Gigabit Smart Switches LAG Configuration Use the LAG (Port Channel) Configuration page to group one or more full-duplex Ethernet links to be aggregated together to form a link aggregation group, which is also known as a port-channel. The switch treats the LAG as if it were a single link.
Page 85: Lag Membership
GS716T and GS724T Gigabit Smart Switches • LAG Type. Specifies whether the LAG is configured as a Static or LACP port. When the LAG is static, it does not transmit or process received LAGPDUs, for example the member ports do not transmit LAGPDUs and all the LAGPDUs it may receive are dropped.
Page 86 GS716T and GS724T Gigabit Smart Switches To add ports to a LAG: From the LAG ID field, select the LAG to configure. Optionally, in the LAG Name field, enter the name you want assigned to the LAG. You may enter any string of up to 15 alphanumeric characters. A valid name has to be specified to create the LAG.
Page 87: Lacp Configuration
GS716T and GS724T Gigabit Smart Switches LACP Configuration To display the LACP Configuration page, click Switching Advanced LACP    Configuration. To configure LACP: From the LACP System Priority field, specify the device’s link aggregation priority relative to the devices at the other ends of the links on which link aggregation is enabled.
Page 88: Lacp Port Configuration
GS716T and GS724T Gigabit Smart Switches LACP Port Configuration To display the LACP Port Configuration page, click Switching Advanced LACP    Port Configuration. To configure LACP port priority settings: Select the check box next to the port to configure. You can select multiple ports to apply the same setting to all selected ports.
Page 89: Vlans
VLAN Configuration Use the VLAN Configuration page to define VLAN groups stored in the VLAN membership table. The GS716T and GS724T supports up to 256 VLANs. VLAN 1 is created by default, and all ports are untagged members. To display the VLAN Configuration page, lick Switching...
Page 90: Vlan Membership Configuration
GS716T and GS724T Gigabit Smart Switches To configure VLANs: To add a VLAN, configure the VLAN ID, name, and type, and then click Add. • VLAN ID. Specify the VLAN Identifier for the new VLAN. (You can enter data in this field only when you are creating a new VLAN.) The range of the VLAN ID is 1–4093.
Page 91 GS716T and GS724T Gigabit Smart Switches To configure VLAN membership: From the VLAN ID field, select the VLAN to which you want to add ports. Click the orange bar below the VLAN Type field to display the physical ports on the switch.
Page 92: Port Vlan Id Configuration
GS716T and GS724T Gigabit Smart Switches Use the Group Operations field to select all the ports and configure them. Possible values are: • Untag All: Select all the ports on which all frames transmitted from this VLAN will be untagged. All the ports will be included in the VLAN.
Page 93 GS716T and GS724T Gigabit Smart Switches To configure PVID information: To configure PVID settings for a physical port, click PORTS. To configure PVID settings for a Link Aggregation Group (LAG), click LAGS. To configure PVID settings for both physical ports and LAGs, click ALL.
Page 94: Voice Vlan
GS716T and GS724T Gigabit Smart Switches Voice VLAN Configure the Voice VLAN settings for ports that carry traffic from IP phones. The Voice VLAN feature can help ensure that the sound quality of an IP phone is safeguarded from deteriorating when the data traffic on the port is high.
Page 95: Voice Vlan Port Setting
GS716T and GS724T Gigabit Smart Switches From the Voice VLAN Aging Time field, specify the amount of time after the last IP phone’s OUI is aged out for a specific port. The port will age out after the bridge and voice aging time.
Page 96: Voice Vlan Oui
GS716T and GS724T Gigabit Smart Switches Voice VLAN OUI The Organizational Unique Identifier (OUI) identifies the IP phone manufacturer. The switch comes preconfigured with the following OUIs: • 00:01:E3: SIEMENS • 00:03:6B: CISCO1 • 00:12:43: CISCO2 • 00:0F:E2: H3C •...
Page 97 GS716T and GS724T Gigabit Smart Switches To configure OUI settings: To add a new OUI prefix, type the VOIP OUI prefix in the Telephony OUI(s) field, provide a description of the prefix, and click Add. The OUI prefix must be in the format AA:BB:CC.
Page 98: Auto-Voip Configuration
GS716T and GS724T Gigabit Smart Switches Auto-VoIP Configuration The Auto-VoIP automatically makes sure that time-sensitive voice traffic is given priority over data traffic on ports that have this feature enabled. Auto-VoIP checks for packets carrying the following VoIP protocols: •...
Page 99: Spanning Tree Protocol
GS716T and GS724T Gigabit Smart Switches Spanning Tree Protocol The Spanning Tree Protocol (STP) provides a tree topology for any arrangement of bridges. STP also provides one path between end stations on a network, eliminating loops. Spanning tree versions supported include Common STP, Multiple STP, and Rapid STP.
Page 100: Stp Switch Configuration
GS716T and GS724T Gigabit Smart Switches STP Switch Configuration The Spanning Tree Switch Configuration/Status page contains fields for enabling STP on the switch. To display the Spanning Tree Switch Configuration/Status page, click Switching > STP > Basic STP Configuration. ...
Page 101 GS716T and GS724T Gigabit Smart Switches Specify the BPDU Flooding status for all ports or for individual ports. When this feature is enabled, BPDU packets arriving at this port are flooded to other ports if STP is disabled. Click Cancel to cancel the configuration on the screen and reset the data on the screen to...
Page 102: Cst Configuration
GS716T and GS724T Gigabit Smart Switches CST Configuration Use the Spanning Tree CST Configuration page to configure Common Spanning Tree (CST) and Internal Spanning Tree on the switch. To display the Spanning Tree CST Configuration page, click Switching > STP > Advanced ...
Page 103: Cst Port Configuration
GS716T and GS724T Gigabit Smart Switches • Bridge Forward Delay (secs). Specifies the switch forward delay time, which indicates the amount of time in seconds a bridge remains in a listening and learning state before forwarding packets. The value must be greater or equal to (Bridge Max Age / 2) + 1.
Page 104 GS716T and GS724T Gigabit Smart Switches To configure CST port settings: To configure CST settings for a physical port, click PORTS. To configure CST settings for a Link Aggregation Group (LAG), click LAGS. To configure CST settings for both physical ports and LAGs, click ALL.
Page 105: Cst Port Status
GS716T and GS724T Gigabit Smart Switches CST Port Status Use the Spanning Tree CST Port Status page to display Common Spanning Tree (CST) and Internal Spanning Tree on a specific port on the switch. To display the Spanning Tree CST Port Status page, click Switching Advanced ...
Page 106: Rapid Stp
GS716T and GS724T Gigabit Smart Switches Field Description CST Regional Root Displays the bridge priority and base MAC address of the CST Regional Root. CST Path Cost Displays the path Cost to the CST tree Regional Root. Port Forwarding State Displays the Forwarding State of this port.
Page 107: Mst Configuration
GS716T and GS724T Gigabit Smart Switches MST Configuration Use the Spanning Tree MST Configuration page to configure Multiple Spanning Tree (MST) on the switch. To display the Spanning Tree MST Configuration page, click Switching Advanced    MST Configuration.
Page 108 GS716T and GS724T Gigabit Smart Switches To configure an MST instance: To add an MST instance, configure the MST values and click Add: • MST ID. Specify the ID of the MST to create. Valid values for this are between 1 and 4094.
Page 109: Mst Port Configuration
GS716T and GS724T Gigabit Smart Switches MST Port Configuration Use the Spanning Tree MST Port Configuration page to configure and display Multiple Spanning Tree (MST) settings on a specific port on the switch. To display the Spanning Tree MST Port Status page, click Switching Advanced ...
Page 110 GS716T and GS724T Gigabit Smart Switches Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch If you make any configuration changes, click Apply to send the updated configuration to the switch.
Page 111: Stp Statistics
GS716T and GS724T Gigabit Smart Switches STP Statistics Use the Spanning Tree Statistics page to view information about the number and type of bridge protocol data units (BPDUs) transmitted and received on each port. To display the Spanning Tree Statistics page, click Switching Advanced ...
Page 112: Multicast
GS716T and GS724T Gigabit Smart Switches Multicast Multicast IP traffic is traffic that is destined to a host group. Host groups are identified by class D IP addresses, which range from 224.0.0.0 to 239.255.255.255. From the Multicast link, you can access the following pages: •...
Page 113: Igmp Snooping
GS716T and GS724T Gigabit Smart Switches IGMP Snooping Internet Group Management Protocol (IGMP) Snooping is a feature that allows a switch to forward multicast traffic intelligently on the switch. Multicast IP traffic is traffic that is destined to a host group. Host groups are identified by class D IP addresses, which range from 224.0.0.0 to 239.255.255.255.
Page 114: Igmp Snooping Configuration
GS716T and GS724T Gigabit Smart Switches IGMP Snooping Configuration Use the IGMP Snooping Configuration page to configure the parameters for IGMP snooping, which is used to build forwarding lists for multicast traffic. To access the IGMP Snooping Configuration page, click Switching...
Page 115: Igmp Snooping Interface Configuration
GS716T and GS724T Gigabit Smart Switches Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch The following table displays information about the global IGMP snooping status and statistics on the page.
Page 116 GS716T and GS724T Gigabit Smart Switches To configure IGMP Snooping interface settings: To configure IGMP Snooping settings for a physical port, click PORTS. To configure IGMP Snooping settings for a Link Aggregation Group (LAG), click LAGS. To configure IGMP Snooping settings for both physical ports and LAGs, click ALL.
Page 117: Igmp Snooping Table
GS716T and GS724T Gigabit Smart Switches IGMP Snooping Table Use the IGMP Snooping Table page to view all of the entries in the Multicast Forwarding Database that were created for IGMP snooping. To access the IGMP Snooping Table page, click Switching...
Page 118 GS716T and GS724T Gigabit Smart Switches Multicast Forwarding Database Table The Layer 2 Multicast Forwarding Database (MFDB) is used by the switch to make forwarding decisions for packets that arrive with a multicast destination MAC address. By limiting multicasts to only certain ports in the switch, traffic is prevented from going to parts of the network where that traffic is unnecessary.
Page 119 GS716T and GS724T Gigabit Smart Switches The following table describes the fields in the MFDB Table. Field Description MAC Address The MAC Address to which the multicast MAC address is related. To search by MAC address, enter the address with the MFDB table entry you want displayed.
Page 120: Mfdb Statistics
GS716T and GS724T Gigabit Smart Switches MFDB Statistics Use the multicast forwarding database Statistics page to view statistical information about the MFDB table. To access the MFDB Statistics page, click Switching Multicast IGMP Snooping MFDB    Statistics. The following table describes the information available on the MFDB Statistics page:...
Page 121 GS716T and GS724T Gigabit Smart Switches IGMP Snooping VLAN Configuration Use the IGMP Snooping VLAN Configuration page to configure IGMP snooping settings for VLANs on the system. To access the IGMP Snooping VLAN Configuration page, click Switching Multicast IGMP ...
Page 122: Multicast Router Configuration
GS716T and GS724T Gigabit Smart Switches • MRouter Timeout. Enter the amount of time that a switch will wait to receive a query on the VLAN before removing it from the list of VLANs with multicast routers attached. Enter a value between 0 and 3600 seconds. The default is 0 seconds, which means there is no expiration.
Page 123: Multicast Router Vlan Configuration
GS716T and GS724T Gigabit Smart Switches To configure the multicast router settings: Select the check box associated with each interface you want to configure. Select the check box in the heading row to apply the same settings to all interfaces.
Page 124: Igmp Snooping Querier
GS716T and GS724T Gigabit Smart Switches IGMP Snooping Querier IGMP snooping requires that one central switch or router periodically query all end-devices on the network to announce their multicast memberships. This central device is the IGMP querier. The IGMP query responses, known as IGMP reports, keep the switch updated with the current multicast group membership on a port-by-port basis.
Page 125 GS716T and GS724T Gigabit Smart Switches In the Snooping Querier Address field, specify the IP address to be used as source address in periodic IGMP queries. This address is used when no address is configured on the VLAN on which the query is being sent.
Page 126: Igmp Snooping Querier Vlan Configuration
GS716T and GS724T Gigabit Smart Switches IGMP Snooping Querier VLAN Configuration Use this page to configure IGMP queriers for use with VLANs on the network. To access this page, click Switching Multicast IGMP Snooping Querier Querier VLAN   ...
Page 127: Igmp Snooping Querier Vlan Status
GS716T and GS724T Gigabit Smart Switches IGMP Snooping Querier VLAN Status Use this page to view the operational state and other information for IGMP snooping queriers for VLANs on the network. To access this page, click Switching Multicast IGMP Snooping Querier Querier VLAN ...
Page 128: Address Table
GS716T and GS724T Gigabit Smart Switches Field Description Last Querier Version Displays the IGMP protocol version of the last querier from which a query was snooped on the VLAN. Operational Max Response Displays the maximum response time to be used in the queries that are sent Time by the snooping querier.
Page 129 GS716T and GS724T Gigabit Smart Switches To search for an entry in the MAC Address Table: Use the Search By field to search for MAC Addresses by MAC Address, VLAN ID, or Interface. • MAC Address: Select MAC Address from the menu and enter a six-byte hexadecimal MAC address in two-digit groups separated by colons, then click Go.
Page 130: Dynamic Address Configuration
GS716T and GS724T Gigabit Smart Switches Dynamic Address Configuration Use the Dynamic Addresses page to set the amount of time to keep a learned MAC address entry in the forwarding database. The forwarding database contains static entries, which are never aged out, and dynamically learned entries, which are removed if they are not updated within a given time.
Page 131: Static Mac Address
GS716T and GS724T Gigabit Smart Switches Static MAC Address Use the Static MAC Address Configuration page to configure and view static MAC addresses on an interface. To access the Static MAC Address Configuration page, click Switching Address Table  ...
Page 132: Multiple Registration Protocol Configuration
End stations may request to join or leave a multicast group, or to register an individual MAC address with a specific VLAN. MAC address entries can be dynamically registered and deregistered if MMRP is administratively enabled on GS716T and GS724T Smart Switches.
Page 133: Mrp Configuration
GS716T and GS724T Gigabit Smart Switches MRP Configuration Use the MRP Configuration page to configure global MRP settings for the switch. To access the basic MRP Configuration page click the Switching tab, then click MRP  Basic  MRP Configuration.
Page 134: Mrp Port Settings
GS716T and GS724T Gigabit Smart Switches Configure the 802.1Qav mapping for the Class A and/or Class B EAV streams. Class A streams have a higher transmission priority than Class B traffic. • In the EAV Priority field, specify the priority for each EAV stream class. The range is 0–7.
Page 135: Mmrp Statistics
GS716T and GS724T Gigabit Smart Switches c. Specify the value, in centiseconds, of the MRP Join Timer. The range is 10 to 100 centiseconds, and the default value is 20. d. Specify the value, in centiseconds, of the MRP Leave Timer. The range is 10 to 600 centiseconds, and the default value is 120.
Page 136 GS716T and GS724T Gigabit Smart Switches The following table describes the fields on the MMRP Statistics page. Field Description Global MMRP Statistics Frames Received Shows the number of MMRP frames which were received on the switch. Bad Header Shows number of MMRP frames with bad headers which were received on the switch.
Page 137: Msrp Statistics
GS716T and GS724T Gigabit Smart Switches MSRP Statistics The MSRP Statistics page displays information about the MSRP frames transmitted and received by the switch and by each interface. To access the MSRP Statistics page click the Switching tab, then click MRP  Advanced  MSRP Statistics.
Page 138 GS716T and GS724T Gigabit Smart Switches Field Description Per-Interface MSRP Statistics Interface Identifies the interface associated with the rest of the MSRP statistics in the row. Frames Received Displays the number of MSRP frames which were received the interface. Bad Header Displays the number of MSRP frames with bad header which were received on the interface.
Page 139: Msrp Reservation Parameters
GS716T and GS724T Gigabit Smart Switches MSRP Reservation Parameters Use the MSRP Reservation Parameters page to view information about the talker, listener, and intermediate device status for the devices involved in each MSRP stream flowing through the switch. To display the MSRP Reservation Parameters page, click the Switching tab, then click MRP ...
Page 140 GS716T and GS724T Gigabit Smart Switches Field Description Talker Declaration Type Identifies the MSRP declaration type of the talker attribute. Accumulated Latency Identifies how much latency, in nanoseconds, the stream has suffered in its path from the Talker to a given Listener. It starts as a 0 in a Talker...
Page 141: Qav Parameters
GS716T and GS724T Gigabit Smart Switches Qav Parameters Use the Qav Parameters page to configure and view the per-port IEEE 802.1Qav settings. The IEEE 802.1Qav standard supports time-sensitive traffic streams by pacing all switch traffic, including legacy asynchronous Ethernet traffic, through queuing and forwarding.
Page 142 GS716T and GS724T Gigabit Smart Switches Configure the Class B MSRP delta bandwidth. Class B Delta bandwidth is the additional bandwidth represented as a percentage of port transmit rate which can be reserved for the traffic class B. The range is 0–100.
Page 143: Msrp Streams Information
GS716T and GS724T Gigabit Smart Switches MSRP Streams Information Use the MSRP Stream Information page to view information about MSRP streams flowing through each interface. To display the MSRP Stream Information page click the Switching tab, then click MRP  Advanced  MSRP Stream Information.
Page 144 GS716T and GS724T Gigabit Smart Switches Field Description TSpec Max Frame Size The 32-bit unsigned Bandwidth component is used to allocate resources and adjust queue selection parameters in order to supply the quality of service requested by an MSRP Talker Declaration. It...
Page 145: 802.1As Configuration
GS716T and GS724T Gigabit Smart Switches 802.1AS The IEEE 802.1AS standard specifies the protocol and procedures used to ensure that the QoS requirements are guaranteed for time-sensitive applications, such as audio and video. The IEEE 1588 Precision Time Protocol (PTP) forms the basis of the IEEE 802.1AS standard.
Page 146 GS716T and GS724T Gigabit Smart Switches To configure the global 802.1AS settings on the switch: Enable or disable 802.1AS globally on the switch. The default mode is Enable. Configure the Priority1 value of the local clock (this time-aware bridge). Configure the Priority2 value of the local clock (this time-aware bridge).
Page 147: 802.1As Port Settings
GS716T and GS724T Gigabit Smart Switches 802.1AS Port Settings Use the 802.1AS Port Settings page to configure and view per-port 802.1AS settings. To display the 802.1AS Port Settings page click the Switching tab, then click 802.1AS  Advanced  802.1AS Port Settings.
Page 148 GS716T and GS724T Gigabit Smart Switches View the following non-configurable fields: • The Port Role specifies the 802.1AS role of the interface. The possible roles are as follows: • Disabled (default) • Master • Slave • Passive • The Propagation Delay field shows the mean propagation delay on the interface.
Page 149: 802.1As Statistics
GS716T and GS724T Gigabit Smart Switches 802.1AS Statistics The 802.1AS Statistics page displays information regarding the 802.1AS messages transmitted and received by each interface.To display the 802.1AS Statistics page click the Switching tab, then click 802.1AS  Advanced  802.1AS Statistics.
Page 150 GS716T and GS724T Gigabit Smart Switches Field Description Followup Tx Displays the total number of FOLLOWUP packets transmitted without error. Followup Rx Displays the total number of FOLLOWUP packets received without error. Announce Tx Displays the total number of ANNOUNCE packets transmitted without error.
Page 151: Chapter 4 Quality Of Service Features
Quality of Service Features Use the features in the QoS tab to configure Quality of Service (QoS) settings on the switch. The QoS tab contains links to the following features: • Class of Service on page 151 • Differentiated Services on page 159 In a typical switch, each physical port consists of one or more queues for transmitting packets on the attached network.
Page 152: Basic Cos Configuration
GS716T and GS724T Gigabit Smart Switches From the Class of Service link under the QoS tab, you can access the following pages: • Basic CoS Configuration on page 152 • CoS Interface Configuration on page 153 • Interface Queue Configuration on page 155 •...
Page 153: Cos Interface Configuration
GS716T and GS724T Gigabit Smart Switches To configure global CoS settings: Select the Global radio button to configure the trust mode settings that apply to all interfaces. Alternatively, you can select the Interface radio button to apply trust mode settings to individual interfaces.
Page 154 GS716T and GS724T Gigabit Smart Switches To configure CoS settings for an interface: To configure CoS settings for a physical port, click PORTS. To configure CoS settings for a Link Aggregation Group (LAG), click LAGS. To configure CoS settings for both physical ports and LAGs, click ALL.
Page 155: Interface Queue Configuration
GS716T and GS724T Gigabit Smart Switches Interface Queue Configuration Use the Interface Queue Configuration page to define what a particular queue does by configuring switch egress queues. User-configurable parameters control the amount of bandwidth used by the queue, the queue depth during times of congestion, and the scheduling of packet transmission from the set of all queues on a port.
Page 156: 802.1P To Queue Mapping
GS716T and GS724T Gigabit Smart Switches • Scheduler Type. Selects the type of queue processing from the drop down menu. Options are Weighted and Strict. Defining on a per-queue basis allows the user to create the desired service characteristics for different types of traffic.
Page 157 GS716T and GS724T Gigabit Smart Switches To map 802.1p priorities to queues: Select the Global radio button to apply the same 802.1p priority mapping to all CoS configurable interfaces or select the Interface radio button to apply 802.1p priority mapping to on a per-interface basis.
Page 158: Dscp To Queue Mapping
GS716T and GS724T Gigabit Smart Switches DSCP to Queue Mapping Use the DSCP to Queue Mapping page to specify which internal traffic class to map the corresponding DSCP value. To display the IP DSCP Mapping page, click QoS Advanced DSCP to Queue ...
Page 159: Differentiated Services
GS716T and GS724T Gigabit Smart Switches Differentiated Services The QoS feature contains Differentiated Services (DiffServ) support that allows traffic to be classified into streams and given certain QoS treatment in accordance with defined per-hop behaviors. Standard IP-based networks are designed to provide “best effort” data delivery service. “Best effort”...
Page 160: Diffserv Configuration
GS716T and GS724T Gigabit Smart Switches DiffServ Configuration Use the DiffServ Configuration page to display DiffServ General Status Group information, which includes the current administrative mode setting as well as the current and maximum number of rows in each of the main DiffServ private MIB tables.
Page 161: Class Configuration
GS716T and GS724T Gigabit Smart Switches Field Description Policy Attributes Table Displays the current and maximum number of rows of the policy attributes table. Service Table Displays the current and maximum number of rows of the service table. Class Configuration Use the Class Configuration page to add a new DiffServ class name, or to rename or delete an existing class.
Page 162 GS716T and GS724T Gigabit Smart Switches To configure the class match criteria: Click the class name for an existing class. The class name is a hyperlink. The following figure shows the configuration fields for the class. Define the criteria to associate with a DiffServ class: •...
Page 163 GS716T and GS724T Gigabit Smart Switches • Ethernet Type. Select an EtherType keyword or enter an EtherType value to add a match condition based on the EtherType value. • Source MAC. Requires a packet’s source MAC address to match the address specified here.
Page 164: Ipv6 Class Configuration
GS716T and GS724T Gigabit Smart Switches Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. If you change any of the settings on the page, click Apply to send the updated configuration to the switch.
Page 165 GS716T and GS724T Gigabit Smart Switches To configure the class match criteria: Click the class name for an existing class. The class name is a hyperlink. The following figure shows the configuration fields for the class. Class Name - Displays the name for the configured DiffServ class.
Page 166 GS716T and GS724T Gigabit Smart Switches • Source L4 Port - This lists the keywords for the known source layer 4 ports from which one can be selected. The list includes 'other' as an option for the unnamed ports. •...
Page 167: Policy Configuration
GS716T and GS724T Gigabit Smart Switches Policy Configuration Use the Policy Configuration page to associate a collection of classes with one or more policy statements. After creating a Policy, click the policy link to the Policy page. To display the page, click QoS...
Page 168 GS716T and GS724T Gigabit Smart Switches To configure the policy attributes: Click the name of the policy. The policy name is a hyperlink. The following figure shows the configuration fields for the policy. Select the queue to which packets will of this policy-class will be assigned.
Page 169 GS716T and GS724T Gigabit Smart Switches Configure the policy attributes:. • Drop. Select this option to drop packets for this policy-class. • Mark CoS. Enter the specified Class of Service queue number to mark all packets for the associated traffic stream with the specified class of service value in the priority field of the 802.1p header.
Page 170: Service Configuration
GS716T and GS724T Gigabit Smart Switches Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch. If you change any of the settings on the page, click Apply to send the updated configuration to the switch.
Page 171: Service Statistics
GS716T and GS724T Gigabit Smart Switches To configure DiffServ policy settings on an interface: To configure DiffServ policy settings for a physical port, click PORTS. To configure DiffServ policy settings for a Link Aggregation Group (LAG), click LAGS. To configure DiffServ policy settings for both physical ports and LAGs, click ALL.
Page 172 GS716T and GS724T Gigabit Smart Switches The following table describes the information available on the Service Statistics page. Field Description Interface Displays the interface for which service statistics are to display. Direction Displays the direction of packets for which service statistics display, which is always In.
Page 173: Management Security Settings
Device Security Use the features available from the Security tab to configure management security settings for port, user, and server security. The Security tab contains links to the following features: • Management Security Settings on page 173 • Configuring Management Access on page 185 •...
Page 174: Change Password
GS716T and GS724T Gigabit Smart Switches Change Password Use the page to change the login password. To display the page, click Security  Management Security User Configuration Change Password.   To change the login password for the management interface: Specify the current password in the Old Password field.
Page 175: Radius Configuration
GS716T and GS724T Gigabit Smart Switches RADIUS Configuration RADIUS servers provide additional security for networks. The RADIUS server maintains a user database, which contains per-user authentication information. The switch passes information to the configured RADIUS server, which can authenticate a user name and password before authorizing use of the network.
Page 176 GS716T and GS724T Gigabit Smart Switches To configure global RADIUS server settings: In the Max Number of Retransmits field, specify the value of the maximum number of times a request packet is retransmitted to the RADIUS server. Consideration to maximum delay time should be given when configuring RADIUS max retransmit and RADIUS timeout.
Page 177: Radius Server Configuration
GS716T and GS724T Gigabit Smart Switches RADIUS Server Configuration Use the RADIUS Server Configuration page to view and configure various settings for the current RADIUS server configured on the system. To access the RADIUS Server Configuration page, click Security Management Security, ...
Page 178 GS716T and GS724T Gigabit Smart Switches The following table describes the RADIUS server statistics available on the page. Field Description Server Address This displays all configured RADIUS servers. Round Trip Time The time interval, in hundredths of a second, between the most recent Access-Reply/Access-Challenge and the Access-Request that matched it from this RADIUS authentication server.
Page 179 GS716T and GS724T Gigabit Smart Switches Accounting Server Configuration Use the RADIUS Accounting Server Configuration page to view and configure various settings for one or more RADIUS accounting servers on the network. To access the RADIUS Accounting Server Configuration page, click Security Management ...
Page 180 GS716T and GS724T Gigabit Smart Switches The following table describes RADIUS accounting server statistics available on the page. Field Description Accounting Server Address Displays the IP address of the supported RADIUS accounting server. Round Trip Time (secs) Displays the time interval, in hundredths of a second, between the most recent Accounting-Response and the Accounting-Request that matched it from this RADIUS accounting server.
Page 181: Configuring Tacacs
GS716T and GS724T Gigabit Smart Switches Configuring TACACS+ TACACS+ provides a centralized user management system, while still retaining consistency with RADIUS and other authentication processes. TACACS+ provides the following services: • Authentication: Provides authentication during login and via user names and user-defined passwords.
Page 182 In the Connection Timeout field, specify the maximum number of seconds allowed to establish a TCP connection between the GS716T and GS724T and the TACACS+ server. The valid range is 1–30 seconds. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
Page 183 The default is port 49, and the range is 0–65535. In the Key String field, specify the authentication and encryption key for TACACS+ communications between the GS716T and GS724T and the TACACS+ server. This key must match the encryption used on the TACACS+ server. The valid range is 0–128 characters.
Page 184: Authentication List Configuration
GS716T and GS724T Gigabit Smart Switches Authentication List Configuration Use the Authentication List page to configure the default login list. A login list specifies one or more authentication methods to validate switch or port access for the admin user. Note: Admin is the only user on the system and is assigned to a preconfigured list named defaultList, which you cannot delete.
Page 185: Configuring Management Access
If you make changes to the page, click Apply to apply the changes to the system. Configuring Management Access From the Access page, you can configure HTTP and Secure HTTP access to the GS716T and GS724T management interface. You can also configure Access Control Profiles and Access Rules.
Page 186: Http Configuration
GS716T and GS724T Gigabit Smart Switches HTTP Configuration Use the HTTP Configuration page to configure the HTTP server settings on the system. To access the HTTP Configuration page, click the Security tab, then click Access, and then click the HTTP HTTP Configuration link.
Page 187: Secure Http Configuration
GS716T and GS724T Gigabit Smart Switches Secure HTTP Configuration Secure HTTP enables the transmission of HTTP over an encrypted Secure Sockets Layer (SSL) or Transport Layer Security (TLS) connection. When you manage the switch by using a Web interface, secure HTTP can help ensure that communication between the management system and the switch is protected from eavesdroppers and man-in-the-middle attacks.
Page 188: Certificate Download
GS716T and GS724T Gigabit Smart Switches After the session is inactive for the configured amount of time, the administrator is automatically logged out and must re-enter the password to access the management interface. A value of zero corresponds to an infinite timeout. The default value is 5 minutes.
Page 189 GS716T and GS724T Gigabit Smart Switches To configure the certificate download settings for HTTPS sessions: From the File Type menu, select the type of SSL certificate to download, which can be one of the following: • SSL Trusted Root Certificate PEM File. SSL Trusted Root Certificate File (PEM Encoded).
Page 190: Access Profile Configuration
GS716T and GS724T Gigabit Smart Switches Access Profile Configuration Use the Access Profile Configuration page to configure settings that control management access to the switch. Access profile configuration requires three steps: Use the Access Profile Configuration page to create an access profile. To add rules to the profile, the access profile must be deactivated, which is the default setting.
Page 191 GS716T and GS724T Gigabit Smart Switches To create an Access Profile: In the Access Profile Name field, specify the name of the access profile to be added. The maximum length is 15 characters. To activate an access profile, select the Activate Profile check box. You cannot add rules to an active profile.
Page 192: Access Rule Configuration
To configure access profile rules: To add an access profile rule, configure the following settings and click Add. • Rule Type: Specify whether the rule permits or denies access to the GS716T and GS724T management interface. • Select Permit to allow access to the management interface for traffic that meets the criteria you configure for the rule.
Page 193: Port Authentication
GS716T and GS724T Gigabit Smart Switches • Source IP Address. Specify the IP Address of the client originating the management traffic. • Mask. Specify the subnet mask associated with the IP address. The subnet mask is a standard subnet mask, and not an inverse (wildcard) mask that you use with IP ACLs.
Page 194: 802.1X Configuration
GS716T and GS724T Gigabit Smart Switches 802.1X Configuration Use the 802.1X Configuration page to enable or disable port access control on the system. To display the 802.1X Configuration page, click Security Port Authentication Basic    802.1X Configuration. To configure global 802.1X settings: Select the appropriate radio button in the Port Based Authentication State field to enable or disable 802.1X administrative mode on the switch.
Page 195: Port Authentication
GS716T and GS724T Gigabit Smart Switches Port Authentication Use the Port Authentication page to enable and configure port access control on one or more ports. To access the Port Authentication page, click Security Port Authentication, and then click  the Advanced Port Authentication link.
Page 196 GS716T and GS724T Gigabit Smart Switches To configure 802.1X settings for the port: Select the check box next to the port to configure. You can also select multiple check boxes to apply the same settings to the select ports, or select the check box in the heading row to apply the same settings to all ports.
Page 197 GS716T and GS724T Gigabit Smart Switches • Supplicant Timeout. Defines the amount of time that lapses before EAP requests are resent to the user. The field value is in seconds. The field default is 30 seconds. • Server Timeout. Defines the amount of time that lapses before the switch resends a request to the authentication server.
Page 198: Port Summary
GS716T and GS724T Gigabit Smart Switches Click Initialize to begin the initialization sequence on the selected port(s). This button is only selectable if the control mode is auto. If the button is not selectable, it will be grayed out. When this button is clicked, the action is immediate. It is not required to click Apply for the action to occur.
Page 199 GS716T and GS724T Gigabit Smart Switches The following table describes the fields on the Port Summary page. Field Description Port The port whose settings are displayed in the current table row. Control Mode Defines the port authorization state. The control mode is only set if the link status of the port is link up.
Page 200: Traffic Control
GS716T and GS724T Gigabit Smart Switches Traffic Control From the Traffic Control link, you can configure MAC Filters, Storm Control, Port Security, and Protected Port settings. To display the page, click the Security Traffic Control tab.  The Traffic Control folder contains links to the following features: •...
Page 201 GS716T and GS724T Gigabit Smart Switches To configure MAC filter settings: To configure a new MAC filter: a. Select Create Filter from the MAC Filter menu. If no filters have been configured, this is the only option available. b. From the VLAN ID menu, select the VLAN to use with the MAC address to fully identify packets you want filtered.
Page 202: Mac Filter Summary
GS716T and GS724T Gigabit Smart Switches MAC Filter Summary Use the MAC Filter Summary page to view the MAC filters that are configured on the system. To display the MAC Filter Summary page, click Security Traffic Control, and then click the ...
Page 203: Storm Control
GS716T and GS724T Gigabit Smart Switches Storm Control A broadcast storm is the result of an excessive number of broadcast messages simultaneously transmitted across a network by a single port. Forwarded message responses can overload network resources and/or cause the network to time out.
Page 204: Port Security Configuration
GS716T and GS724T Gigabit Smart Switches When the selected Ingress Control Mode is an option other than Disable, select Enable or Disable from the Status menu to specify the administrative status of the mode. In the Threshold field, specify the maximum rate at which unknown packets are forwarded.
Page 205: Port Security Interface Configuration
GS716T and GS724T Gigabit Smart Switches The Port Security Violation table shows information about violations that occurred on ports that are enabled for port security. The following table describes the fields in the Port Security Violation table. Field Description Port Identifies the port where a violation occurred.
Page 206 GS716T and GS724T Gigabit Smart Switches To configure port security settings: To configure port security settings for a physical port, click PORTS. To configure port security settings for a Link Aggregation Group (LAG), click LAGS. To configure port security settings for both physical ports and LAGs, click ALL.
Page 207: Security Mac Address
GS716T and GS724T Gigabit Smart Switches Security MAC Address Use the Security MAC Address page to convert a dynamically learned MAC address to a statically locked address. To display the Security MAC Address page, click Security Traffic Control, and then click ...
Page 208: Protected Ports Membership
GS716T and GS724T Gigabit Smart Switches Protected Ports Membership If a port is configured as protected, it does not forward traffic to any other protected port on the switch, but it will forward traffic to unprotected ports. Use the Protected Ports Membership page to configure the ports as protected or unprotected.
Page 209: Configuring Access Control Lists
GS716T and GS724T Smart Switches software supports IPv4, IPv6 and MAC ACLs.
Page 210: Acl Wizard
GS716T and GS724T Gigabit Smart Switches ACL Wizard The ACL Wizard allows you to configure ACL permissions for devices based on the source and destination of MAC address, IP address, and port IDs. To display the MAC ACL page, click Security ACL Wizard.
Page 211: Mac Acl
GS716T and GS724T Gigabit Smart Switches MAC ACL A MAC ACL consists of a set of rules which are matched sequentially against a packet. When a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and the additional rules are not checked for a match.
Page 212: Mac Rules
GS716T and GS724T Gigabit Smart Switches To change the name of a MAC ACL, select the check box next to the Name field, update the name, then click Apply. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
Page 213 GS716T and GS724T Gigabit Smart Switches • Destination MAC. Requires an Ethernet frame’s destination port MAC address to match the address listed here. Enter a MAC address in this field. The valid format is xx:xx:xx:xx:xx:xx. • Destination MAC Mask. If desired, enter the MAC Mask associated with the Destination MAC to match.
Page 214: Mac Binding Configuration
GS716T and GS724T Gigabit Smart Switches MAC Binding Configuration When an ACL is bound to an interface, all the rules that have been defined are applied to the selected interface. Use the MAC Binding Configuration page to assign MAC ACL lists to ACL Priorities and Interfaces.
Page 215: Mac Binding Table
GS716T and GS724T Gigabit Smart Switches Click the appropriate orange bar to expose the available ports or LAGs. • To add the selected ACL to a port or LAG, click the box directly below the port or LAG number so that an X appears in the box.
Page 216: Ip Acl
GS716T and GS724T Gigabit Smart Switches IP ACL IP ACLs allow network managers to define classification actions and rules for specific ingress ports. Packets can be filtered on ingress (inbound) ports only. If the filter rules match, then some actions can be taken, including dropping the packet or disabling the port. For example, a network administrator defines an ACL rule that says port number 20 can receive TCP packets.
Page 217: Ip Rules
GS716T and GS724T Gigabit Smart Switches • Type. Identifies the ACL as either a standard or extended IP ACL. To delete an IP ACL, select the check box next to the IP ACL ID field, then click Delete. To change the name of an IP ACL, select the check box next to the IP ACL ID field, update the name, then click Apply.
Page 218 GS716T and GS724T Gigabit Smart Switches To configure rules for an IP ACL: To add an IP ACL rule, select the ACL ID to add the rule to, complete the fields described in the following list, and click Add. •...
Page 219: Ip Extended Rules
GS716T and GS724T Gigabit Smart Switches IP Extended Rules Use the IP Extended Rules page to define rules for IP-based extended ACLs. The access list definition includes rules that specify whether traffic matching the criteria is forwarded normally or discarded.
Page 220 GS716T and GS724T Gigabit Smart Switches To configure rules for an IP ACL: To add an IP ACL rule, select the ACL ID to add the rule to, select the check box in the Extended ACL Rule table, and click Add. The page displays the extended ACL Rule Configuration fields.
Page 221 GS716T and GS724T Gigabit Smart Switches • Src L4 Port. Requires a packet’s TCP/UDP source port to match the port listed here. Click Complete one of the following fields: • Source L4 Keyword: Select the desired L4 keyword from a list of source ports on which the rule can be based.
Page 222: Ipv6 Acl
GS716T and GS724T Gigabit Smart Switches To delete an IP ACL rule, select the check box associated with the rule, and then click Delete. Click Cancel to cancel the configuration on the screen and reset the data on the screen to the latest value of the switch.
Page 223: Ipv6 Rules
GS716T and GS724T Gigabit Smart Switches To create an IPv6 ACL: To add an ACL, type a name in the IPv6 ACL field, and then click Add. To delete an ACL, select the check box associated with the ACL, and then click Delete.
Page 224 GS716T and GS724T Gigabit Smart Switches To configure the IPv6 rules, select the following: To add an IPv6 rule, use the pull-down list in the ACL Name field to select the IP ACL for which to create or update a rule. Complete the fields described in the following list, and click Add.
Page 225 GS716T and GS724T Gigabit Smart Switches • Source L4 Port: Specify a packet's source layer 4 port as a match condition for the selected IPv6 ACL rule. Source port information is optional. Source port information can be specified in two ways: •...
Page 226: Ip Binding Configuration
GS716T and GS724T Gigabit Smart Switches IP Binding Configuration When an ACL is bound to an interface, all the rules that have been defined are applied to the selected interface. Use the IP Binding Configuration page to assign IPv4 and IPv6 ACLs to ports and LAGs.
Page 227: Ip Binding Table
GS716T and GS724T Gigabit Smart Switches To configure IP ACL interface bindings: Select an existing IP ACL from the ACL ID menu. The packet filtering direction for ACL is Inbound, which means the IP ACL rules are applied to traffic entering the port.
Page 228 GS716T and GS724T Gigabit Smart Switches The following table describes the information displayed in the MAC Binding Table. Field Description Interface Displays the interface to which the IP ACL is bound. Direction Specifies the packet filtering direction for ACL. The only valid direction is Inbound, which means the IP ACL rules are applied to traffic entering the port.
Page 229: Ports
Monitoring the System Use the features available from the Monitoring tab to view a variety of information about the switch and its ports and to configure how the switch monitors events. The Monitoring tab contains links to the following features: •...
Page 230 GS716T and GS724T Gigabit Smart Switches The following table describes the Switch Statistics displayed on the screen. Field Description ifIndex This object indicates the ifIndex of the interface table entry associated with the processor of this switch. Octets Received The total number of octets of data received by the processor (excluding framing bits, but including FCS octets).
Page 231 GS716T and GS724T Gigabit Smart Switches Field Description Octets Transmitted The total number of octets transmitted out of the interface, including framing characters. Packets Transmitted Without The total number of packets transmitted out of the interface. Errors Unicast Packets Transmitted...
Page 232: Port Statistics
GS716T and GS724T Gigabit Smart Switches Port Statistics The Port Statistics page displays a summary of per-port traffic statistics on the switch. To access the Port Summary page, click Monitoring Ports tab, and then click the Port  Statistics link.
Page 233: Port Detailed Statistics
GS716T and GS724T Gigabit Smart Switches Field Description Packets Transmitted Without The number of frames that have been transmitted by this port to its segment. Errors Transmit Packet Errors The number of outbound packets that could not be transmitted because of errors.
Page 234 GS716T and GS724T Gigabit Smart Switches The following table describes the detailed port information displayed on the screen. To view information about a different port, select the port number from the Interface menu. Field Description Interface Use the drop down menu to select the interface for which data is to be displayed or configured.
Page 235 GS716T and GS724T Gigabit Smart Switches Field Description LACP Mode Selects the Link Aggregation Control Protocol administration state: • Enable: Specifies that the port is allowed to participate in a port channel (LAG), which is the default mode. • Disable: Specifies that the port cannot participate in a port channel (LAG).
Page 236 GS716T and GS724T Gigabit Smart Switches Field Description Packets Received 65-127 The total number of packets (including bad packets) received that were Octets between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 128-255...
Page 237 GS716T and GS724T Gigabit Smart Switches Field Description Alignment Errors The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad Frame Check Sequence (FCS) with a non-integral number of octets.
Page 238 GS716T and GS724T Gigabit Smart Switches Field Description Packets Transmitted The total number of packets (including bad packets) transmitted that were 256-511 Octets between 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets). Packets Transmitted...
Page 239 GS716T and GS724T Gigabit Smart Switches Field Description STP BPDUs Received Number of STP BPDUs received at the selected port. STP BPDUs Transmitted Number of STP BPDUs transmitted from the selected port. RSTP BPDUs Received Number of RSTP BPDUs received at the selected port.
Page 240: Eap Statistics
GS716T and GS724T Gigabit Smart Switches EAP Statistics Use the EAP Statistics page to display information about EAP packets received on a specific port. To display the EAP Statistics page, click the Monitoring Ports tab, and then click the EAP ...
Page 241: System Logs
GS716T and GS724T Gigabit Smart Switches Field Description Response/ID Frames Received Displays the number of EAP Respond ID frames that have been received on the port. Response Frames Received Displays the number of valid EAP Response frames received on the port.
Page 242: Memory Logs
GS716T and GS724T Gigabit Smart Switches Memory Logs The in-memory log stores messages in memory based upon the settings for message component and severity. Use the Memory Logs page to set the administrative status and behavior of logs in the system buffer. These log messages are cleared when the switch reboots.
Page 243 GS716T and GS724T Gigabit Smart Switches The Memory Log table also appears on the Memory Log page. Field Description Total Number of Messages Displays the number of messages the system has logged in memory. Only the 64 most recent entries are displayed on the page.
Page 244: Flash Log Configuration
GS716T and GS724T Gigabit Smart Switches FLASH Log Configuration The FLASH log is a log that is stored in persistent storage, which means that the log messages are retained across a switch reboot. • The first log type is the system startup log. The system startup log stores the first N messages received after system reboot.
Page 245 GS716T and GS724T Gigabit Smart Switches Error, the logged messages include Error, Critical, Alert, and Emergency. The default severity level is Alert (1). The severity can be one of the following levels: • Emergency (0): The highest level warning level. If the device is down or not functioning properly, an emergency log is saved to the device.
Page 246: Server Log Configuration
GS716T and GS724T Gigabit Smart Switches Server Log Configuration Use the Server Log Configuration page to allow the switch to send log messages to the remote logging hosts configured on the system. To access the Server Log Configuration page, click the Monitoring Logs tab, and then click ...
Page 247 GS716T and GS724T Gigabit Smart Switches To configure a remote log server To add a remote syslog host (log server), specify the settings in the following list and click Add. • Host Address. Specify the IP address or host name of the host configured for syslog.
Page 248: Trap Logs
GS716T and GS724T Gigabit Smart Switches Trap Logs Use the Trap Logs page to view information about the SNMP traps generated on the switch. To access the Trap Logs page, click the Monitoring Logs tab, and then click the Trap Logs ...
Page 249: Event Logs
The number of the entry within the event log. The most recent entry is first. Type Specifies the type of entry. Filename The GS716T and GS724T source code filename identifying the code that detected the event. Line The line number within the source file of the code that detected the event.
Page 250: Port Mirroring
GS716T and GS724T Gigabit Smart Switches Field Description Task ID The OS-assigned ID of the task reporting the event. Code The event code passed to the event log handler by the code reporting the event. Time The time the event occurred, measured from the previous reset.
Page 251 GS716T and GS724T Gigabit Smart Switches To configure Port Mirroring: Select the check box next to a port to configure it as a source port. In the Destination Port field, specify the port to which port traffic is be copied. Use the g1, g2,...format to specify the port.
Page 252 GS716T and GS724T Gigabit Smart Switches...
Page 253: Reset
The Reset menu contains links to the following options: • Device Reboot on page 253 • Factory Default on page 254 Device Reboot Use the Device Reboot page to reboot the GS716T and GS724T. To access the Device Reboot page, click Maintenance Reset Device Reboot.  ...
Page 254: Factory Default
GS716T and GS724T Gigabit Smart Switches To reboot the switch: Select the check box on the page. Click Apply to reset the switch immediately, or click Cancel to abandon the reset request. After the switch reset begins, the management interface is not available until the switch completes the boot cycle.
Page 255: Upload File From Switch
GS716T and GS724T Gigabit Smart Switches Upload File From Switch The switch supports system file uploads from the switch to a remote system by using either TFTP or HTTP. The Upload menu contains links to the following options: • TFTP File Upload on page 255 •...
Page 256: Http File Upload
GS716T and GS724T Gigabit Smart Switches From the Server Address Type filed, specify the format to use for the address you type in the TFTP Server Address field: • IPv4. Indicates the TFTP server address is an IP address in dotted-decimal format.
Page 257: Download File To Switch
If you are uploading an GS716T and GS724T image (Code), select the image on the switch to upload to the management system. This field is visible only when Code is selected as the File Type.
Page 258 GS716T and GS724T Gigabit Smart Switches Before you download a file to the switch, the following conditions must be true: • The file to download from the TFTP server is on the server in the appropriate directory. • The file is in the correct format.
Page 259 GS716T and GS724T Gigabit Smart Switches If you are downloading an GS716T and GS724T image (Code), select the image on the switch to overwrite. This field is visible only when Code is selected as the File Type. Note: It is recommended that you not overwrite the active image. The system will display a warning that you are trying to overwrite the active image.
Page 260: Http File Download
GS716T and GS724T Gigabit Smart Switches HTTP File Download Use the HTTP File Download page to download files of various types to the switch using an HTTP session (for example, via your Web browser). To display this page, click Maintenance Download HTTP File Download.
Page 261: File Management
GS716T and GS724T Gigabit Smart Switches If you are downloading an GS716T and GS724T image (Code), select the image on the switch to overwrite. This field is only visible when Code is selected as the File Type. Note: It is recommended that you not overwrite the active image. The system will display a warning that you are trying to overwrite the active image.
Page 262 GS716T and GS724T Gigabit Smart Switches To configure Dual Image settings: Select the image to configure. The Current-active field displays the name of the active image. To configure a descriptive name for the selected software image, type the name in the Image Description field.
Page 263: Dual Image Status
GS716T and GS724T Gigabit Smart Switches Dual Image Status You can use the Dual Image Status page to view information about the system images on the device. To display the Dual Image Status page, click Maintenance > File Management Dual Image ...
Page 264: Troubleshooting
GS716T and GS724T Gigabit Smart Switches Troubleshooting The Troubleshooting menu contains links to the following options: • Ping on page 264 • Ping IPv6 on page 266 • Traceroute on page 267 Ping Use the Ping page to tell the switch to send a Ping request to a specified IP address. You can use this feature to check whether the switch can communicate with a particular network host.
Page 265 GS716T and GS724T Gigabit Smart Switches Click Apply to send the ping. The switch sends the number of pings specified in the Count field, and the results are displayed below the configurable data in the Ping area. • If successful, you will see “Reply From IP/Host: icmp_seq = 0. time = xx usec. Tx = x, Rx = x Min/Max/Avg RTT = x/x/x msec.”...
Page 266: Ping Ipv6
GS716T and GS724T Gigabit Smart Switches Ping IPv6 Use the Ping IPv6 page to send a Ping request to a specified Hostname or IPv6 address. You can use this to check whether the switch can communicate with a particular IPv6 station.
Page 267: Traceroute
GS716T and GS724T Gigabit Smart Switches Click Apply to send the ping. The switch sends the number of pings specified in the Count field, and the results are displayed below the configurable data in the Result area. • If successful, the output will be Send count=3, Receive count = n from (IPv6 Address).Average round trip time = n ms.
Page 268 GS716T and GS724T Gigabit Smart Switches • InitTTL. Specify the initial time-to-live for a packet in number of hops. The valid range is 0– 255. • MaxFail. Specify the maximum number of failures allowed in the session. The valid range is 0–255.
Page 269: Chapter 8 Help
270 Support Use the Support page to connect to the Online Support site at netgear.com. To access the Support page, click Help Support.  To connect to the NETGEAR support site for the GS716T and GS724T, click Apply.
Page 270: User Guide
GS716T and GS724T Gigabit Smart Switches User Guide Use the User Guide page to access the GS716Tv2 and GS724Tv3 Software Administration Manual (the guide you are now reading) that is available on the NETGEAR Website. To access the User Guide page, click Help User Guide.
Page 271: Registration
GS716T and GS724T Gigabit Smart Switches Registration Use the Registration page to register your GS716T or GS724T switch. Completing the registration confirms your email address, lowers technical support resolution time, and ensures your shipping address accuracy. NETGEAR, Inc. would also like to incorporate your feedback into future product development.
Page 272 • REMIND ME LATER. The pop-up window is closed without taking any action, and the registration reminder pop-up appears on next successful login. • REGISTER NOW. The NETGEAR Registration Server is contacted to initiate the registration process.
Page 273: Appendix A Hardware Specifications And Default Values
Hardware Specifications and Default Values GS716T and GS724T Gigabit Smart Switches Specifications The GS716T and GS724T Gigabit Smart Switches conform to the TCP/IP, UDP, HTTP, ICMP, TFTP, DHCP, IEEE 802.1D, IEEE 802.1p, and IEEE 802.1Q standards. GS716T Specifications Feature Value...
Page 274: Gs716T And Gs724T Switch Performance
100M:148,810 pps/ 1G:1,488,000 pps MAC addresses Green Ethernet Power consumption savings by cable length (<10m) Automatic power down on port when link is down GS716T and GS724T Switch Features and Defaults Port Characteristics Feature Sets Supported Default Auto negotiation/static All ports...
Page 275: Traffic Control
GS716T and GS724T Gigabit Smart Switches Traffic Control Feature Sets Supported Default Storm control All ports Disabled Jumbo frame All ports Disabled Max = 9216 bytes Quality Of Service Feature Sets Supported Default Number of queues Port based 802.1p Enabled...
Page 276: System Setup
GS716T and GS724T Gigabit Smart Switches System Setup Feature Sets Supported Default Boot code update DHCP/manual IP DHCP enabled/192.168.0.239 Default gateway 192.168.0.254 System name configuration NULL Configuration save/restore Firmware upgrade Restore defaults 1 (Web and front-panel button) Dual image support...
Page 277: Other Features
GS716T and GS724T Gigabit Smart Switches Other Features Feature Sets Supported Default IGMP snooping v1/v2 All ports Disabled Configurations upload/download EAPoL flooding All ports Disabled BPDU flooding All ports Disabled Static multicast groups Disabled Filter multicast control Disabled...
Page 278 GS716T and GS724T Gigabit Smart Switches...
Page 279: Appendix B Configuration Examples
Configuration Examples This chapter contains information about how to configure the following features: • Virtual Local Area Networks (VLANs) on page 279 • Access Control Lists (ACLs) on page 282 • Differentiated Services (DiffServ) on page 285 • 802.1X on page 290 •...
Page 280 GS716T and GS724T Gigabit Smart Switches VLANs have a number of advantages: • It is easy to do network segmentation. Users that communicate most frequently with each other can be grouped into common VLANs, regardless of physical location. Each group’s traffic is contained largely within the VLAN, reducing extraneous traffic and improving the efficiency of the whole network.
Page 281: Vlan Example Configuration
GS716T and GS724T Gigabit Smart Switches VLAN Example Configuration This example demonstrates several scenarios of VLAN use and describes how the switch handles tagged and untagged traffic. In this example, you create two new VLANs, change the port membership for default...
Page 282: Access Control Lists (Acls)
Apply the access list to an interface in the inbound direction. The GS716T and GS724T Smart Switches allows ACLs to be bound to physical ports and LAGs.The switch software supports MAC ACLs and IP ACLs.
Page 283 GS716T and GS724T Gigabit Smart Switches • Destination MAC Mask: 00:00:00:00:FF:FF • Source MAC: 02:02:1A:BC:DE:EF • Source MAC Mask: 00:00:00:00:FF:FF • VLAN ID: 200 For detailed information about MAC ACL rules, see MAC Rules on page 212. From the MAC Binding Configuration screen, assign the Sales_ACL to Ethernet ports 6, 7,...
Page 284: Standard Ip Acl Example Configuration
GS716T and GS724T Gigabit Smart Switches Click Apply (See MAC Binding Configuration on page 214). The MAC Binding Table displays the interface and MAC ACL binding information (See MAC Binding Table on page 215). The ACL named Sales_ACL looks for Ethernet frames with destination and source MAC addresses and MAC masks defined in the rule.
Page 285: Differentiated Services (Diffserv)
(resource reservation) according to network management policy (RSVP, for example). • Differentiated Services: network resources are apportioned based on traffic classification and priority, giving preferential treatment to data with strict timing requirements. The GS716T and GS724T Smart Switches supports DiffServ.
Page 286: Class
GS716T and GS724T Gigabit Smart Switches The DiffServ feature contains a number of conceptual QoS building blocks you can use to construct a differentiated service network. Use these same blocks in different ways to build other types of QoS architectures.
Page 287: Creating Policies
GS716T and GS724T Gigabit Smart Switches To configure DiffServ, you must define service levels, namely the forwarding classes/PHBs identified by a given DSCP value, on the egress interface. These service levels are defined by configuring BA classes for each. Creating Policies Use DiffServ policies to associate a collection of classes that you configure with one or more QoS policy statements.
Page 288: Diffserv Example Configuration
GS716T and GS724T Gigabit Smart Switches Color Mode Awareness: Policing in the DiffServ feature uses either color blind or color aware mode. Color blind mode ignores the coloration (marking) of the incoming packet. Color aware mode takes into consideration the current packet marking when determining the policing outcome.
Page 289 GS716T and GS724T Gigabit Smart Switches From the Policy Configuration screen, create a new policy with the following settings: • Policy Selector: Policy1 • Member Class: Class1 For more information about this screen, see Policy Configuration on page 167. Click Add to add the new policy.
Page 290: 290
(the system that requests authentication), as well as between the authenticator and the authentication server. The GS716T and GS724T Smart Switches supports a guest VLAN, which allows unauthenticated users to have limited access to the network resources.
Page 291: 802.1X Example Configuration
Supplicant on behalf of the Authenticator. All three roles are required in order to complete an authentication exchange. The GS716T and GS724T Smart Switches supports the Authenticator role only, in which the PAE is responsible for communicating with the Supplicant. The Authenticator PAE is also...
Page 292 Authentication List Configuration on page 184). This example enables 802.1X-based port security on the GS716T and GS724T switch and prompts the hosts connected on ports g1–g8 for an 802.1X-based authentication. The switch passes the authentication information to the configured RADIUS server.
Page 293: Mstp
GS716T and GS724T Gigabit Smart Switches MSTP Spanning Tree Protocol (STP) runs on bridged networks to help eliminate loops. If a bridge loop occurs, the network can become flooded with traffic. IEEE 802.1s Multiple Spanning Tree Protocol (MSTP) supports multiple instances of Spanning Tree to efficiently channel VLAN traffic over different interfaces.
Page 294 GS716T and GS724T Gigabit Smart Switches An MST Region comprises of one or more MSTP Bridges with the same MST Configuration Identifier, using the same MSTIs, and which have no Bridges attached that cannot receive and transmit MSTP BPDUs. The MST Configuration Identifier has the following components:...
Page 295: Mstp Example Configuration
GS716T and GS724T Gigabit Smart Switches MSTP Example Configuration This example shows how to create an MSTP instance from the GS716T and GS724T switch. The example network has three different GS716T and GS724T switches that serve different locations in the network. In this example, ports g1–g5 are connected to host stations, so those links are not subject to network loops.
Page 296 GS716T and GS724T Gigabit Smart Switches If you do not specify a root bridge and all switches have the same Bridge Priority value, the switch with the lowest MAC address is elected as the root bridge (see Configuration on page 102).
Page 297: Appendix C Notification Of Compliance
This transmitter must not be co-located or operating in conjunction with any other antenna or transmitter. FCC Declaration Of Conformity We, NETGEAR, Inc., 350 East Plumeria Drive, San Jose, CA 95134, declare under our sole responsibility that the GS716T and GS724T Gigabit Smart Switches complies with Part 15 of FCC Rules.
Page 298 Canadian Department of Communications Radio Interference Regulations This digital apparatus, GS716T and GS724T Gigabit Smart Switches, does not exceed the Class B limits for radio-noise emissions from digital apparatus as set out in the Radio Interference Regulations of the Canadian Department of Communications.
Page 299 GS716T and GS724T Gigabit Smart Switches GPL License Agreement GPL may be included in this product; to view the GPL license agreement go to ftp://downloads.netgear.com/files/GPLnotice.pdf For GNU General Public License (GPL) related information, visit http://support.netgear.com/app/answers/detail/a_id/2649...
Page 300: Index
Index Numerics DHCP Filtering Differentiated Services 802.1AS DiffServ global settings port role Dual Image port settings Dynamic Address statistics Dynamic Host 802.1X Global example configuration Green Ethernet HTTP IGMP Snooping LACP LACP Port access control ACL example configuration LLDP ACLs MAC Filter management interface Management Access...
Page 301 GS716T and GS724T Gigabit Smart Switches Filtering Interface Configuration IEEE 802.3 flow control refreshing the client IGMP DiffServ interface logical naming convention download physical a file queue configuration files via HTTP IP address from a remote system administrative system software...
Page 302 GS716T and GS724T Gigabit Smart Switches MMRP button definition configuration to defaults statistics switch RSTP global settings port settings MSRP definition Security MAC Address reservation parameters server, HTTP statistics severity, log message streams Simple Network Time Protocol Multiple Registration Protocol...
Page 303 GS716T and GS724T Gigabit Smart Switches trademarks traffic control trap flags manager TSpec Unicast upload configuration VLAN example configuration guest management managing RADIUS-based assignment voice Voice VLAN OUI VoIP Web interface panel...

This manual is also suitable for:

Gs724t

NETGEAR GS716T Software Administration Manual

Chapter 1 Switch Information and Setup

Switch Management Interface

Connecting the Switch to the Network

Switch Discovery in a Network with a DHCP Server

Switch Discovery in a Network Without a DHCP Server

Network Settings Configuration on the Administrative System

Web Access

Smart Control Center Utilities

User Interfaces

Interface Naming Convention

Chapter 2 System Information Features

Management

System Information

IP Configuration

Ipv6 Network Configuration

Ipv6 Network Neighbor

Time

Denial of Service

Dns

Green Ethernet

License

Snmp

Lldp

Services - DHCP Filtering

Chapter 3 Switching Features

Chapter 4 Quality of Service Features

Chapter 5 Device Security

MAC Filter Configuration

MAC Filter Summary

Storm Control

Port Security Configuration

Port Security Interface Configuration

Security MAC Address

Protected Ports Membership

MAC ACL MAC Rules

Mac Acl

MAC Rules

MAC Binding Configuration

MAC Binding Table

Ip Acl

IP Rules

IP Extended Rules

Ipv6 ACL

Ipv6 Rules

IP Binding Configuration

IP Binding Table

Chapter 6 Monitoring the System

Chapter 7 Maintenance

Chapter 8 Help

Appendix A Hardware Specifications and Default Values

Appendix B Configuration Examples

Appendix C Notification of Compliance

Index

Quick Links

Need help?

Questions and answers

Subscribe to Our Youtube Channel

Related Manuals for NETGEAR GS716T

Summary of Contents for NETGEAR GS716T