NETGEAR FSM726v3

Introduction

External design

Hardware

Firmware upgrade

Web-interface

Command line interface

SNMP

Testing

Conclusion

Introduction

Unfortunately, our laboratory does not receive rack-mounted switches for review that often, but the nature of our job makes it obligatory for us to be on really good terms with all kinds of network equipment. Today our readers are welcomed to find out more about capabilities of NETGEAR FSM726v3 L2-switch.

External design

NETGEAR FSM726v3 L2-switch comes in a metal case with dimensions of 440x205x43 mm (excluding the brackets) and is intended for rack-mounting.

The upper panel of the switch is not remarkable at all and there is only a 3D brand tag located on it.

On the bottom of the device there are rubber leg housings and sticker with brief information about the device.

There are ventilation grates on the side panels of the device and just by the side of one of them there is a 40x40 mm fan (located inside of the case).

The back panel has a power connector, DB-9 console port, Kensington lock, and a sticker with additional information about the switch.

On the front panel of the device there are 24 Fast Ethernet ports and two combo Gigabit Ethernet ports (optical and copper). Apart from it, there are LEDs indicating the device and port statuses located on it. We cannot help to mention that there is a sunken Reset button used to reset user settings located on the front panel.

Now let's have a look at the insides of the case.

Hardware

The hardware platform of the switch is four textolite cards, two of which perform only support functions by maintaining operation of LEDs on the front panel. The two other cards are a power supply unit and motherboard. We will give the latter a more careful look.

The main elements are located on one side of the motherboard.

The modules accessible for review are two DDR PC400MIRA P3S12D30ETP RAM cards with the capacity of 64 Mbytes each, making the total amount of the device RAM 128 Mbytes; Spansion S29GL256P11TFI01 of 32 Mbytes serves as the flash memory chip and Lattice LC4128V acts as the FPGA.

Hidden under the black radiators there are the NPU Broadcom BCM56025B0KPBG module, Broadcom BCM5482SA2KFBG which is responsible for the operation of two gigabit ports, and three Broadcom BCM5248UA4KQMG modules that maintain operation of 24 Fast Ethernet ports.

Now let's pass on to reviewing of the software capabilities of the device.

Firmware upgrade

Firmware upgrade process may be carried out using the device web-interface. NETGEAR FSM726v3 allows storing two firmware files on the built-in flash card and an administrator may choose one of them when the device is booting. One can view these files in Dual Image Configuration sub-group, File Management group, Maintenance tab. Over here the administrator can also choose the applicable software version for the next boot.

The administrator can upload the firmware upgrade file to the switch using HTTP File Download sub-group, Download group, in the same tab of the device web-interface.

Also, one can upload the firmware upgrade file through TFTP protocol by specifying the TFTP server address in File Download sub-group.

The file uploading speed cannot really be called high and on the average it is about 34 Kbyte/s. However, we understand that it doesn't have any effect on the operation speed of the switch.

The administrator can also launch the file uploading process through TFTP, SFTP, or SCP protocols using the device command line (the command output is shortened).

(FSM726V3) #copy tftp://172.17.35.134/fsm726v3-V8.0.1.36.stk system:image
Mode........................................... TFTP
Set Server IP.................................. 172.17.35.134
Path........................................... ./
Filename....................................... fsm726v3-V8.0.1.36.stk
Data Type...................................... Code
Destination Filename........................... image1
Destination image is active.
WARNING:Continuing with this command will overwrite the active image.
Management access will be blocked for the duration of the transfer
Are you sure you want to start? (y/n) y
TFTP code transfer starting
........................................................................................................................
................................................................................
7264157 bytes transferred
Verifying CRC of file in Flash File System
TFTP receive complete... storing in Flash File System...
Distributing the code to the members of the stack!
File transfer operation completed successfully.
(FSM726V3) #

Apart from uploading the system image file to the switch, the administrator can as well copy it from the device.

By using Copy sub-group, File Management group, Maintenance tab, the administrator can copy and replace one of the image files.

Once the administrator is through with all file preparatory works the device must be rebooted. It can be carried out using Device Reboot sub-group, Reset group, Maintenance tab in the web-interface or by typing reload in the device command line.

One can make sure whether the firmware has been upgraded successfully on the web-interface main page or by using show hardware command.

(FSM726V3) #show hardware
Switch: 1
System Description............................. FSM726V3 - ProSafe 24 FE, 2 GE
Machine Model.................................. FSM726V3
Serial Number.................................. 2A441A3T00040
Burned In MAC Address.......................... E0:46:9A:2E:A6:92
Software Version............................... 8.0.1.36
Bootcode Version............................... 01.00.22
Supported Java Plugin Version.................. 1.6
Current Time................................... NOV 30 19:22:36 2012 (UTC+0:00)
Current SNTP Sync Status....................... Success
Fans:
Unit Description Status
---- ----------- ------
1 Fan 1 OK
Temperature:
Unit System
----- -------
1 25c
CPLD Version:
Unit Version
---- -------------
1 0x2

It's worth noticing that before upgrading the firmware the vendor strongly advises to back up the configuration to a local or remote PC.

The similar thing can also be performed using the command line.

(FSM726V3) #copy nvram:startup-config tftp://172.17.35.134/config.txt
Mode........................................... TFTP
Set Server IP.................................. 192.168.1.50
Path........................................... ./
Filename....................................... config.txt
Data Type...................................... Text Configuration
Management access will be blocked for the duration of the transfer
Are you sure you want to start? (y/n) y
File transfer operation completed successfully.

Once the device firmware is upgraded your web-browser may display an invitation to register the device on-line.

The firmware upgrade procedure may also be launched using a standalone NMS200 utility that is intended to manage NETGEAR network equipment.

That's where we draw the firmware upgrade chapter to a close.

Web-interface

Control module of the NETGEAR FSM726v3 Ethernet switch always attempts to receive the IP-address using DHCP and if there is no DHCP server available in LAN, it uses 169.254.100.100 instead of it. To log in an administrator must specify login and password (by default one must specify admin as login and leave the password field blank).

Upon successful authentication the administrator will find him/herself on the home page of the device (System-Management-System Information) where s/he can learn the essential information about the device as well as the temperature and case fan status data. Web-interface is available only in English.

Network statistics and resource distribution information are available in Switch Statistics and System Resources sub-groups, System group, Management tab.

Management of network interface IP parameters is carried out using subgroups of Network Interface group, same-named tab.

Sub-groups of Time group are used to manage the switch time parameters and synchronize the device with an external time source through SNTP.

DNS configuration parameters are located in sub-groups of DNS group.

Device view is located in Device View group.

Sub-groups of DHCP Server group, Services tab, are used to fine-tune the DHCP-server or to relay the DHCP broadcast messages to a certain server. Apart from it, FSM726v3 switch allows the administrator to send random UDP datagrams.

Configuration of SNMP is performed using sub-groups of the same-named group.

NETGEAR FSM726v3 switch has support of LLDP which is used to send and receive notifications on capabilities of network equipment. Operation parameters of this protocol are located in sub-groups of LLDP group.

ISDP sub-group (Industry Standard Discovery Protocol) gives the administrator a possibility to manage parameters of nearby device detection. Using ISDP we managed to detect nearby Cisco Catalyst switches the FSM726v3 has been connected to (Cisco Systems network equipment uses CDP to detect its neighbours).

Sub-groups of VLAN group, Switching tab, are used to manage virtual network settings. FSM726v3 switch allows identifying virtual network membership on the basis of ports, protocol tags, MAC and IP-addresses. Also, one can separate the voice traffic from the rest of the data flow over here. Apart from all features described above the administrator can assign a virtual network the second tag using IEEE 802.1ad (QinQ). Since NETGEAR FSM726v3 is not a device oriented to service providers, one won't be able to find QinQ add-ons here which we already stumbled upon earlier like Selective QinQ or Flexible QinQ.

FSM726v3 switch supports both one STP tree for the entire switch cloud (regardless of the VLAN), or CST, and several STP trees, or MST; the corresponding preferences are available in sub-groups of STP group, Switching tab.

In order to browse through and change parameters of multicast an administrator must use sub-groups of Multicast group, the same-named tab.

The device bridge table is available for review in Address Table sub-group.

Using sub-groups in Ports group the administrator can view the port statuses and their descriptions.

NETGEAR FSM726v3 switch supports grouping of several full-duplex physical interfaces into one logical, improving the fault-tolerance and allowing the administrator to balance the load between physical links. Balancing can be carried out based not only on the source and destination MAC addresses, but also based on their IP addresses and TCP/UDP ports.

Since the device under review is solely L2-switch, all sub-groups in Routing group relate only to the control interface.

Quality of service parameters are located in QoS tab. Over here the administrator can choose what QoS field is to use (802.1p protocol or IP DSCP), bind the priority to queue, manage CoS, and attach rules to the interface.

User login management is performed using sub-groups in Management Security group, Security tab.

In order to manage the access rights to the device through the console port or HTTP, HTTPS, SSH, and Telnet protocols, the administrator must use sub-groups of Access group in the same tab. Also, over here one will find the protection rules against DOS attacks.

If it's necessary to limit the access to the network for certain interfaces, the administrator can set additional authentication using 802.1x protocol in Port Authentication group.

Using Traffic Control, Control, and ACL groups in Security menu one can carry out additional filtering of traffic transferred via the device.

Device interface usage statistics is located in sub-groups of Ports group, Monitoring tab. One will also be able to find a simple cable tester here.

Log information can be viewed in sub-groups of Logs group, same-named tab.

When required, traffic of one port can be copied to another. In order to do this the administrator must use Mirroring group. Apart from it, FSM726v3 can analyse the traffic flow by itself and send the information about it over to the remote server using sFlow, which can be managed using the corresponding group.

Management of configuration files and loading images is performed in Maintenance tab. Also, the administrator can check the network connectivity here using ping and traceroute commands.

By using Help tab the administrator will be able to enter the vendor's web-site to receive additional help information.

All settings described above are available as a list in Index tab.

That is where we bring review of NETGEAR FSM726v3 web-interface to a conclusion and pass on to examining capabilities of its command line.

 

Command line interface

In order to access the command line of NETGEAR FSM726v3 one must use the same logon information as for the connection to the device web-interface. Upon successful authentication the administrator will be logged in non-privileged mode where s/he will be able to use certain view commands and several supplementary ones that are used for connection to any other device through Telnet protocol and checking the availability of a remote node using ICMP protocol. We won't be reviewing the command line interface as closely as we reviewed the device web-interface, but we will point out some of its key capabilities.

(FSM726V3)
User:admin
Password:
(FSM726V3) >?
Ezconfig Run the easy configuration.
enable Enter into user privilege mode.
help Display help for various special keys.
logout Exit this session. Any unsaved changes are lost.
password Change an existing user's password.
ping Send ICMP echo packets to a specified IP address.
quit Exit this session. Any unsaved changes are lost.
show Display Switch Options and Settings.
telnet Telnet to a remote host.
(FSM726V3) >show ?
bootpdhcprelay Display the value of BOOTP/DHCP relay parameters.
capture Display Capture packet Information.
class-map Display DiffServ Class information.
classofservice Display class of service information.
dhcp Displays DHCP parameters
dos-control Display Denial of Service Configuration.
dot1q-tunnel Display Dot1q Tunneling configuration.
dvlan-tunnel Display double VLAN Tunneling configuration.
garp Display Generic Attribute Registration Protocol information.
gmrp Display GMRP interface information.
gvrp Display GARP VLAN Registration Protocol parameters.
hosts To display the default domain name, a list of name server hosts, the static and the cached list of host names and addresses.
ip Display IP information.
ipv6 Display IPv6 information.
network Display configuration for inband connectivity.
port-channel Display port-channel information.
serial Display EIA-232 parameters and serial port inactivity timeout.
service-policy Display DiffServ Service Statistical information.
spanning-tree Display spanning tree information.
switchport Display Switchport Mode.
telnet Display Outbound Telnet configuration information.
telnetcon Display Telnet configuration information.
vlan Display VLAN configuration and configure VLANs.

Among the show commands available in non-privileged mode is show dos-control, which is used to view the operation parameters of the mechanism that protects the user against DOS attacks.

(FSM726V3) >show dos-control
First Fragment Mode............................ Disable
Min TCP Hdr Size............................... 20
ICMPv4 Mode.................................... Disable
Max ICMPv4 Pkt Size............................ 512
ICMPv6 Mode.................................... Disable
Max ICMPv6 Pkt Size............................ 512
ICMP Fragment Mode............................. Disable
TCP Port Mode.................................. Disable
UDP Port Mode.................................. Disable
SIPDIP Mode.................................... Disable
SMACDMAC Mode.................................. Disable
TCP FIN&URG&PSH Mode........................... Disable
TCP Flag & Sequence Mode....................... Disable
TCP SYN Mode................................... Disable
TCP SYN&FIN Mode............................... Disable
TCP Fragment Mode.............................. Disable
TCP Offset Mode................................ Disable

In order to receive information about IPv4 and IPv6 addresses that have been configured in the device control interface one needs to use show network command.

(FSM726V3) >show network
Interface Status............................... Always Up
IP Address..................................... 172.17.35.39
Subnet Mask.................................... 255.255.255.0
Default Gateway................................ 172.17.35.1
IPv6 Administrative Mode....................... Enabled
IPv6 Prefix is ................................ FE80::E246:9AFF:FE2E:A692/64
Burned In MAC Address.......................... E0:46:9A:2E:A6:92
Locally Administered MAC address............... 00:00:00:00:00:00
MAC Address Type............................... Burned In
Configured IPv4 Protocol....................... None
Configured IPv6 Protocol....................... None
IPv6 AutoConfig Mode........................... Disabled
Management VLAN ID............................. 1

To change for the privileged mode one must run enable command. Sometimes typing just a part of the command is enough if the system can accurately identify the query typed in. Actually, the command line interface of the switch under review is cisco-like and we believe that it comes as an advantage since it facilitates the device management process for people who are already familiar with equipment of the brand specified above. One can also use Ezconfig wizard to facilitate the primary configuration process. It should be noted that this module is supposed to be used only with console connection.

(FSM726V3) >ena
(FSM726V3) #?
Ezconfig Run the easy configuration.
arp Purge a dynamic or gateway ARP entry.
boot Marks the given image as active for subsequent re-boots.
cablestatus Isolate the problem in the cable attached to an interface.
clear Reset configuration to factory defaults.
configure Enter into Global Config Mode.
copy Uploads or Downloads file.
debug Configure debug flags.
delete Deletes given image on the node.
disconnect Close active remote session(s).
dot1x Configure dot1x privileged exec parameters.
enable Set the password for the enable privilege level.
erase Erase configuration file.
exit To exit from the mode.
filedescr Sets text description for a given image.
help Display help for various special keys.
hostname Change the system hostname.
ip Configure IP parameters.
logout Exit this session. Any unsaved changes are lost.
network Configuration for inband connectivity.
ping Send ICMP echo packets to a specified IP address.
quit Exit this session. Any unsaved changes are lost.
reload Reload stack or a switch in the stack.
save Save the running configuration to NVRAM.
script Apply/Delete/List/Show/Validate Configuration Scripts.
set Set Router Parameters.
show Display Switch Options and Settings.
sshcon Configure SSH connection parameters.
telnet Telnet to a remote host.
telnetcon Configure telnet connection parameters.
terminal Set terminal line parameters.
traceroute Trace route to destination.
update Updates the bootloader on the node from the activated image.
vlan Type 'vlan database' to enter into VLAN mode.
write Save the current configuration to NVRAM.
(FSM726V3) #ezconf
NETGEAR EZ Configuration Utility
--------------------------------
Hello and Welcome!
This utility will walk you thru assigning the IP address for the switch
management CPU. It will allow you to save the changes at the end. After
the session, simply use the newly assigned IP address to access the Web
GUI using any public domain Web browser.
Admin password not defined. Do you want to change the password? (Y/N/Q)

The administrator can launch cable test using a virtual cable tester in the privileged mode.

(FSM726V3) #cablestatus 0/26
Cable Status................................... Normal
Cable Length................................... 29m - 31m

Also, the privileged mode offers an array of view commands available for use to the administrator. This way by entering show version command one can receive information about the current firmware version of the device, while show running-config displays the current device configuration (the command output presented below is substantially shortened).

(FSM726V3) #show ?
access-lists Display Access List information.
arp Display Address Resolution Protocol cache.
authentication Display ordered methods for authentication lists
auto-voip Display Auto VoIP Parameters.
autoinstall Displays the current status of the AutoInstall process.
bootpdhcprelay Display the value of BOOTP/DHCP relay parameters.
bootvar Shows the boot images on the node.
capture Display Capture packet Information.
class-map Display DiffServ Class information.
classofservice Display class of service information.
clock Display the time and date from the system clock.
debugging Display debugging configuration.
dhcp Displays DHCP parameters
diffserv Display DiffServ information.
dos-control Display Denial of Service Configuration.
dot1q-tunnel Display Dot1q Tunneling configuration.
dot1x Display dot1x information.
dvlan-tunnel Display double VLAN Tunneling configuration.
eventlog Display event log entries.
forwardingdb Display Forwarding Database aging time.
garp Display Generic Attribute Registration Protocol information.
gmrp Display GMRP interface information.
gvrp Display GARP VLAN Registration Protocol parameters.
hardware Display vital product data.
hosts To display the default domain name, a list of name server hosts, the static and the cached list of host names and addresses.
igmpsnooping Display IGMP Snooping information.
interface Display IP interface information.
interfaces Display Interfaces Information.
ip Display IP information.
ipv6 Display IPv6 information.
isdp Displays global ISDP settings.
lacp Displays LACP configuration.
lldp Display LLDP configuration.
logging Display logging parameters.
loginsession Display login session info.
mac Display MAC Access List contents.
mac-addr-table Display forwarding database information.
mac-address-table Display MAC Address Table information.
mbuf Display Mbuf Information.
memory Display the CPU memory usage.
mldsnooping Display MLD Snooping information.
monitor Display port monitor settings.
network Display configuration for inband connectivity.
passwords Display information about passwords.
policy-map Display DiffServ Policy information.
port Display Port Mode and settings
port-channel Display port-channel information.
port-security Display port-security (port MAC locking) information for system.
private-group Display Switch Private Group.
process Displays process information.
radius Display RADIUS configuration information.
running-config Display the running config.
serial Display EIA-232 parameters and serial port inactivity timeout.
service-policy Display DiffServ Service Statistical information.
sflow Display information about sFlow Receiver(s)/Samplers and Pollers.
snmpcommunity Display SNMP community entries.
snmptrap Display SNMP trap receiver entries.
sntp Display SNTP Information.
spanning-tree Display spanning tree information.
storm-control Display Storm-Control information.
switchport Display Switchport Mode.
sysinfo Display system information including system up time.
tacacs Display TACACS+ configuration.
tech-support Display switch information needed for trouble-shooting.
telnet Display Outbound Telnet configuration information.
telnetcon Display Telnet configuration information.
terminal Display terminal line information.
trapflags Display the value of trap flags that apply to the switch.
users Display Users and User Accounts information.
version Display switch description and hardware information.
vlan Display VLAN configuration and configure VLANs.
voice Display the Voice VLAN Configuration
(FSM726V3) #show version
Switch: 1
System Description............................. FSM726V3 - ProSafe 24 FE, 2 GE
Machine Type................................... ProSafe 24 FE, 2 GE
Machine Model.................................. FSM726V3
Serial Number.................................. 2A441A3T00040
FRU Number..................................... 1
Manufacturer................................... Netgear
Burned In MAC Address.......................... E0:46:9A:2E:A6:92
Software Version............................... 8.0.1.36
Additional Packages............................ FASTPATH QOS
FASTPATH IPv6 Management
(FSM726V3) #show running-config
!Current Configuration:
!System Description "FSM726V3 - ProSafe 24 FE, 2 GE"
!System Software Version "8.0.1.36"
!System Up Time "0 days 0 hrs 40 mins 38 secs"
!Additional Packages FASTPATH QOS
!Current SNTP Synchronized Time: FEB 05 18:59:52 2013 UTC
network protocol none
network parms 192.168.1.5 255.255.255.0 192.168.1.1
vlan database
vlan 7
vlan name 7 "ADMIN"
exit
network mgmt_vlan 7
ip ssh server enable
configure
sntp client mode unicast
! sntp server status is active
sntp server time-d.netgear.com
slot 1/0 3
set slot power 1/0
no set slot disable 1/0
vlan internal allocation base 7
line console
exit
line telnet
exit
line ssh
exit
spanning-tree configuration name "E0-46-9A-2E-A6-92"

Via show sysinfo command one can receive additional information about the system.

(FSM726V3) #show sysinfo
System Description............................. FSM726V3 - ProSafe 24 FE, 2 GE
System Name....................................
System Location................................
System Contact.................................
System Object ID............................... 1.3.6.1.4.1.4526.100.2.5
System Up Time................................. 0 days 0 hrs 46 mins 23 secs
Current SNTP Synchronized Time................. FEB 05 19:05:37 2013 (UTC+0:00)
MIBs Supported:
RFC 1907 - SNMPv2-MIB The MIB module for SNMPv2 entities
RFC 2819 - RMON-MIB Remote Network Monitoring Management Information Base
Broadcom-REF-MIB Broadcom Reference
SNMP-COMMUNITY-MIB This MIB module defines objects to help support coexistence between SNMPv1, SNMPv2, and SNMPv3.
SNMP-FRAMEWORK-MIB The SNMP Management Architecture MIB
SNMP-MPD-MIB The MIB for Message Processing and Dispatching
MIBs Supported:
SNMP-NOTIFICATION-MIB The Notification MIB Module
SNMP-TARGET-MIB The Target MIB Module
SNMP-USER-BASED-SM-MIB The management information definitions for the SNMP User-based Security Model.
SNMP-VIEW-BASED-ACM-MIB The management information definitions for the View-based Access Control Model for SNMP.
USM-TARGET-TAG-MIB SNMP Research, Inc.
FASTPATH-POWER-ETHERNET-MIB Fastpath Power Ethernet Extensions MIB
POWER-ETHERNET-MIB Power Ethernet MIB
SFLOW-MIB sFlow MIB
FASTPATH-ISDP-MIB Industry Standard Discovery Protocol MIB
LAG-MIB The Link Aggregation module for managing IEEE 802.3ad
RFC 1213 - RFC1213-MIB Management Information Base for Network Management of TCP/IP-based internets: MIB-II
RFC 1493 - BRIDGE-MIB Definitions of Managed Objects for Bridges (dot1d)
RFC 2674 - P-BRIDGE-MIB The Bridge MIB Extension module for managing Priority and Multicast Filtering, defined by IEEE 802.1D-1998.
RFC 2674 - Q-BRIDGE-MIB The VLAN Bridge MIB module for managing Virtual Bridged Local Area Networks
MIBs Supported:
RFC 2737 - ENTITY-MIB Entity MIB (Version 2)
RFC 2863 - IF-MIB The Interfaces Group MIB using SMIv2
RFC 3635 - Etherlike-MIB Definitions of Managed Objects for the Ethernet-like Interface Types
FASTPATH-SWITCHING-MIB FASTPATH Switching - Layer 2
FASTPATH-INVENTORY-MIB Unit and Slot configuration.
FASTPATH-PORTSECURITY-PRIVATE-MIB Port Security MIB.
IEEE Draft P802.1AB/D13 LLDP basic MIB
IEEE8021-PAE-MIB Port Access Entity module for managing IEEE 802.1X.
FASTPATH-RADIUS-AUTH-CLIENT-MIB Broadcom FastPath Radius MIB
RADIUS-ACC-CLIENT-MIB RADIUS Accounting Client MIB
RADIUS-AUTH-CLIENT-MIB RADIUS Authentication Client MIB
FASTPATH-CAPTIVE-PORTAL-MIB FastPath Captive Portal MIB
FASTPATH-MGMT-SECURITY-MIB The Broadcom Private MIB for FastPath Mgmt Security
IANA-ADDRESS-FAMILY-NUMBERS-MIB The MIB module defines the AddressFamilyNumbers textual convention.
FASTPATH-ROUTING-MIB FASTPATH Routing - Layer 3
FASTPATH-QOS-MIB FASTPATH Flex QOS Support
FASTPATH-QOS-ACL-MIB FASTPATH Flex QOS ACL
MIBs Supported:
FASTPATH-QOS-COS-MIB FASTPATH Flex QOS COS
FASTPATH-QOS-AUTOVOIP-MIB FASTPATH Flex QOS VOIP
FASTPATH-QOS-DIFFSERV-PRIVATE-MIB FASTPATH Flex QOS DiffServ Private MIBs' definitions

CPU and RAM usage information can be learnt by running show process cpu and show memory cpu commands.

(FSM726V3) #show process cpu
Memory Utilization Report
status bytes
------ ----------
free 20138688
alloc 81096432
CPU Utilization:
PID Name 5 Sec 1 Min 5 Min
---------------------------------------------------------
8218ceb0 ipnetd 0.00% 0.06% 0.00%
823372a0 bcmL2X.0 0.20% 0.31% 0.20%
82381b50 bcmCNTR.0 0.20% 0.32% 0.11%
8296aea0 bcmRX 0.20% 0.03% 0.00%
82cbde40 MAC Age Task 0.00% 0.03% 0.00%
82f4ee90 bcmLINK.0 0.00% 0.06% 0.00%
832d9910 osapiMonTask 0.00% 0.00% 0.02%
8370b170 tEmWeb 0.00% 0.06% 0.25%
83752e00 dtlTask 0.00% 0.03% 0.00%
838e3b20 hapiRxTask 0.00% 0.03% 0.00%
83e82be0 DHCP snoop 0.20% 0.20% 0.00%
840abd00 SNMPTask 0.00% 0.03% 0.01%
853f97b0 radius_task 0.00% 0.05% 0.00%
85d36dd0 tRtrDiscProcessingTask 0.00% 0.03% 0.00%
86049190 lldpTask 0.00% 0.25% 0.43%
862597b0 isdpTask 0.00% 0.03% 0.00%
868b5c40 RMONTask 0.20% 0.14% 0.05%
868c4150 boxs Req 0.00% 0.05% 0.20%
---------------------------------------------------------
Total CPU Utilization 1.00% 1.71% 1.27%
(FSM726V3) #show memory cpu
Total Memory................................... 131072 KBytes
Available Memory Space......................... 19666 KBytes

By using vlan database the administrator can change for virtual network configuration mode with the following commands available.

(FSM726V3) #vlan ?
database Type 'vlan database' to enter into VLAN mode.
(FSM726V3) #vlan database
(FSM726V3) (Vlan)#?
exit To exit from the mode.
help Display help for various special keys.
protocol Configure the Protocols associated with particular Group Ids.
set Configure switch options and settings.
vlan Create a new VLAN or delete an existing VLAN.
(FSM726V3) (Vlan)#set ?
igmp Configure IGMP Snooping parameters for the VLAN.
mld Configure MLD Snooping parameters for the VLAN.
(FSM726V3) (Vlan)#vlan ?
<vlan-list> Enter vlanId's in range <1-4093> - separate non-consecutive IDs with ',' and no spaces and no zeros in between the range; Use '-' for range.
association Configure associations to VLANs.
makestatic Change the VLAN type from 'Dynamic' to 'Static'.
name Configure an optional VLAN Name.

Apart from the virtual network configuration mode, one can also swap for the global configuration mode via configure terminal command.

(FSM726V3) #configure terminal
(FSM726V3) (Config)#?
aaa Configure an Authentication List.
access-list Configure Access List parameters.
acl-trapflags Enables/Disables sending ACL traps.
arp Configure ARP related parameters.
authorization Configure Authorization parameters.
auto-negotiate Enables/Disables automatic negotiation on a port.
auto-voip Configure the Auto VoIP Parameters.
bootpdhcprelay Configure Bootstrap Protocol/Dynamic Host Configuration Protocol Relay parameters.
bridge Configure forwarding database parameters.
capture Enable/Disable capturing Tx/Rx/All packets..
class-map Configure a DiffServ Class.
classofservice Configure Class of Service parameters.
clock Manage the system clock.
cos-queue Configure the Cos Queue Parameters.
crypto Global cryptographic key management configuration subcommands.
deleteport Delete all ports from a port-channel.
dhcp Configure DHCP L2 Relay parameters.
diffserv Enable/Disable DiffServ Admin mode.
dos-control Configure Denial of Service prevention settings.
dot1x Configure dot1x parameters.
dvlan-tunnel Configure double VLAN tunneling parameters.
exit To exit from the mode.
interface Enter into Interface Mode.
ip Configure IP parameters.
ipv6 Configure IPv6 parameters.
isdp Configure ISDP parameters.
line Enter into Line Console Config Mode.
lldp Configure LLDP.
logging Logging Configuration.
mac Configure MAC Access List parameters.
macfilter Configure static MAC filtering.
monitor Configure port mirroring.
passwords Set password management configuration parameters.
policy-map Create a DiffServ Policy.
port Configure a physical port.
port-channel Configures a new port-channel and generates a logical slot and port number for it.
port-security Enable/Disable Port MAC Locking/Security administrative mode.
private-group Configure Switchport to Private Group mode.
protocol Configure the Protocol Based VLAN parameters.
radius Configure RADIUS parameters.
service Enable/Disable DHCP server.
service-policy Configure DiffServ Service.
set Configure switch options and settings.
sflow Configure sflow parameters.
shutdown Enable/Disable a port.
slot Configure slots.
snmp Configure SNMP options.
snmp-server Set snmp-server switch options and different parameters.
snmptrap Enable/Disable trap flags that apply to the switch.
sntp Configure Simple Network Time Protocol parameters.
spanning-tree Set the spanning tree operational mode.
speed Sets the speed and duplex setting for the interface.
storm-control Configure storm-control features.
switchport Enter Switchport Mode.
tacacs-server Configure TACACS+ parameters.
traffic-shape Configure the maximum transmission bandwidth limit.
username Manage Users and User Accounts.
vlan Configure VLAN parameters.
voice Enable/Disable Voice VLAN on the admin mode.

In the global configuration mode one has access to the device global management commands. For example, the administrator can change STP parameters over here.

(FSM726V3) (Config)#spanning-tree ?
<cr> Press enter to execute the command.
bpdufilter Enable/Disable BPDU Filter
bpduforwarding Allow/Restrict BPDU forwarding while STP is disabled.
bpduguard Enable/Disable BPDU Guard.
bpdumigrationcheck Force the specified port to transmit RST or MST BPDUs.
configuration Set the Configuration Identifier Name for the configuration.
edgeport Configure a port as an edge port.
forceversion Set the Force Protocol Version parameter.
forward-time Set the Bridge Forward Delay parameter.
hold-count Set the Bridge Tx Hold Count parameter.
max-age Set the Bridge Max Age parameter.
max-hops Set the Bridge Max Hops parameter.
mst Configure a multiple spanning tree instance.
port Specify spanning tree settings for a port.
(FSM726V3) (Config)#spanning-tree configuration ?
name Set the Configuration Identifier Name for the configuration that the switch is currently using.
revision Set the Configuration Identifier Revision Level.

One can change for the device physical interface configuration mode from the global configuration mode where all commands associated with a certain port are gathered.

(FSM726V3) (Config)#interface ?
<slot/port> Enter an interface in slot/port format.
lag Enter into interface lag mode.
port-channel Enter into interface lag mode.
range Configure interface range.
vlan Enter into interface vlan mode.
(FSM726V3) (Config)#interface 0/1
(FSM726V3) (Interface 0/1)#?
addport Add this port to a port-channel.
adminmode Enable/Disable the port-channel's administrative Mode.
auto-negotiate Enables/Disables automatic negotiation on a port.
auto-voip Configure the Auto VoIP Parameters.
bandwidth Configure Bandwidth.
classofservice Configure Class of Service parameters.
cos-queue Configure the Cos Queue Parameters.
deleteport Delete this port from a port-channel.
description Add Description to the interface.
dhcp Configure DHCP L2 Relay parameters.
dot1x Configure Dot1x interface commands.
encapsulation Configure interface link layer encapsulation type.
exit To exit from the mode.
ip Configure IP parameters.
ipv6 Configure IPv6 parameters.
isdp Enables/Disables ISDP on a port.
lacp Configure LACP.
lldp Configure LLDP.
mac Configure MAC Access List group parameters.
macfilter Configure static MAC filtering.
mode Configure the double VLAN tunnel mode for this interface.
mtu Sets the default MTU size.
port Configure a physical port.
port-channel Port-Channel (LAG) to be configured as static or dynamic.
port-security Enable/Disable Port MAC Locking/Security for interface.
protocol Configure the Protocol Based VLAN parameters.
service-policy Configure DiffServ Service.
set Configure switch options and settings.
sflow Configure sflow parameters.
shutdown Enable/Disable a port.
snmp Configure SNMP options.
snmp-server Enable/Disable SNMP violation traps interface.
spanning-tree Set the spanning tree operational mode.
speed Sets the speed and duplex setting for the interface.
storm-control Configure storm-control features.
switchport Enter Switchport Mode.
traffic-shape Configure the maximum transmission bandwidth limit.
vlan Configure VLAN parameters.
voice Configure Voice VLAN Parameters.

For instance, using the device physical interface configuration mode one can move the port to a certain virtual network or make it a member of Port-Channel (LAG) virtual interface that allows grouping physical interfaces to improve the data transmission speeds between devices and ensure the connection fault-tolerance.

(FSM726V3) (Config)#port-channel ?
<name> Enter a name up to 15 alphanumeric characters in length.
adminmode Enable/Disable the port-channel's administrative Mode.
linktrap Enable/Disable Link Up/Down traps for this port.
load-balance Configures port-channel load balance.
name Configure a name for the interface port-channel.
system Configure port channel system priority (LAG).
(FSM726V3) (Config)#port-channel lag_10
(FSM726V3) (Config)#exi
(FSM726V3) #show port-channel all
Log. Channel Adm. Mbr Device/ Port Port
Intf Name Link Mode Type Ports Timeout Speed Active
------ --------------- ------ ---- ---- ------ ------------- --------- -------
3/1 lag_10 Down En. Dyn.
(FSM726V3) #configure t
(FSM726V3) (Config)#interface 0/1
(FSM726V3) (Interface 0/1)#addport ?
<name> | <lag-group-id> Enter valid LAG name or group ID.
(FSM726V3) (Interface 0/1)#addport 3/1
(FSM726V3) (Interface 0/1)#vlan ?
acceptframe Configure how to handle tagged/untagged frames received.
ingressfilter Enable/Disable application of Ingress Filtering Rules.
participation Configure how ports participate in a specific VLAN.
priority Configure the priority for untagged frames.
pvid Configure the VLAN ID for a specific port.
tagging Configure tagging for a specific VLAN port.
(FSM726V3) (Interface 0/1)#vlan participation ?
auto Set participation to auto.
exclude Set participation to exclude.
include Set participation to include.
(FSM726V3) (Interface 0/1)#vlan participation include ?
<vlan-list> Enter vlanId's in range <1-4093> - separate non-consecutive IDs with ',' and no spaces and no zeros in between the range; Use '-' for range.
(FSM726V3) (Interface 0/1)#exi
(FSM726V3) (Config)#exi
(FSM726V3) #show port-channel all
Log. Channel Adm. Mbr Device/ Port Port
Intf Name Link Mode Type Ports Timeout Speed Active
------ --------------- ------ ---- ---- ------ ------------- --------- -------
3/1 lag_10 Down En. Dyn. 0/1 actor/long Auto False
partner/long

That is where we bring the review of NETGEAR FSM726v3 command line interface to a conclusion and pass on to examining capabilities of its SNMP interface.

SNMP

Device access management through SNMP is performed using SNMP group, System tab in the web-interface, or by using snmp-server command group in the global configuration mode.

(FSM726V3) (Config)#snmp-server ?
community Configure SNMP community entries.
contact Enter a system contact.
enable Enable SNMP Traps.
location Enter a system location.
sysname Enter a system name.
(FSM726V3) (Config)#snmp-server community ?
<name> Add an SNMP community name - up to 16 characters in length.
ipaddr Configure an IP address that is allowed to access the switch.
ipmask Configure mask used to authenticate requestor's IP address.
mode Enable/Disable an SNMP community.
ro Set the access mode of the SNMP community to READ-ONLY access mode.
rw Set the access mode of the SNMP community to READ-WRITE access mode.

To access the switch through SNMP one needs to use any utility that supports this protocol; for example Getif 2.3.1.

Also, as an experiment, we added FSM726v3 to our test monitoring system powered by Cacti. The diagram presented below shows utilization of the switch network interface when it's being used.

NETGEAR also offers a proprietary control utility called NMS200 that allows monitoring and managing a whole range of the brand's networking equipment. As we have already mentioned earlier, one can also update the firmware using this utility.

Now let's skip directly on to testing the switch.

Testing

The first testing procedure we usually carry out is estimating the booting time of the device, which is a time interval starting with the moment when the power is on until the first echo reply is received through ICMP protocol. NETGEAR FSM726v3 boots in 47 seconds. We believe that the result is decent.

The second test was a security scanning procedure which has been carried out using Positive Technologies XSpider 7.7 (Demo build 3100) utility. On the whole, there were three open ports discovered, and they are TCP-23 (Telnet), TCP-80 (HTTP) and TCP-4242 (unknown). The most interesting data are presented below.

Using Cos Interface Configuration section in Advanced sub-group, CoS group, QoS tab, the administrator can specify the maximum egress user data transmission speed via certain interface in percentage of the current port performance rate. As a matter of course, we couldn't help but check to which extent these limitations correspond to reality. We used the switch gigabit ports for connection and therefore the sequence for altering the limitation was 10 Mbps. We used Jperf 2.0.2 utility as a test program to create ten simultaneous TCP sessions. Results of the measurements are presented on the diagram below.

Apart from limiting the aggregate egress speed through a certain port, FSM726v3 also allows limiting the ingress speed for the data which class is specified by the user (Advanced sub-group, DiffServ group, the same tab). We believe that this kind of limitation is more pliant; more to it, over here CIR can be measured by sequences of as few as 1 Kbps. Burst size limitation (Bc) can range from 1 to 128. All measurements were carried out using the maximum burst size of 128.

We did tests for ten simultaneous TCP sessions as well as for one high-speed UDP stream. Results of the measurements are presented on the diagram below.

That's where we draw the testing chapter to a close and move on to summing it all up.

Conclusion

Generally, we are glad about NETGEAR FSM726v3 switch we tested. Its capabilities are well enough for satisfying the in-house needs of various companies for network access equipment. We think it would be better if this switch had a Redundant Power Supply like other models, for instance, GSM7212P, GSM7228PS, etc.

Among the strength areas of FSM726v3 are the following.

  • Competitive price
  • Pliant customization of virtual network attachment
  • The control module supports both IPv4 and IPv6
  • Pliant customization of QoS
  • Support of interface aggregation

Unfortunately, we cannot help to mention several drawbacks.

  • Web-interface is available only in English
  • Inability to limit the ingress speed for a certain physical port
  • Device works not stable when capture function is turned on

As of when this article was being written, the average price for a NETGEAR FSM726v3 switch in Moscow online shops was 10000 roubles.

Add comment


Security code
Refresh

Found a typo? Please select it and press Ctrl + Enter.