NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
hacesoft
Mar 04, 2020Tutor
Reflex filters
hi,
I want to ask: umi Gigabit Ethernet Smart Switch GS724Tv4 ProSafe, 24 ports, 6.3.1.34 reflex filters?
Thank you for answer.
DaneA
Reflexive ACL's are available on fvery few platforms only, e.g. Cisco IOS, but not on Cisco NX-OS (on switches worth then thousands of USD!!! Was told it's a hardware limitation - so you see the importance). Huawei might have something similar on their managed switches.Definitivley not a feature available on the level of Smart Managed Pro (Web managed) switches.
4 Replies
Replies have been turned off for this discussion
- DaneANETGEAR Employee Retired
- hacesoftTutor
hi,
Reflective filter filters outgoing data packets. If it intercepts a packet that initiates a new session,
then, in the opposite direction, it generates a temporary filter item that allows the same packets to pass through
session in the opposite direction. The temporary filter entry retrieves its parameters from the outgoing packet:- The higher layer protocol is the same as the outgoing packet.
- The sender's and recipient's IP addresses are switched in the temporary filter entry because of an incoming packet
will have these items switched.
- The sender and receiver ports are also swapped. (Ports only apply to packets carrying
TCP or UDP.)The temporary item is maintained for the duration of the session. For TCP, it is maintained for 5 seconds
after passing the second flagged FIN packet or terminating after passing the flagged packet
RST (reject connection). This tactic can only be applied to TCP that establishes a connection.
Generally, the "timeout" keyword is used to set the interval after which the timeout period is set
deletes the temporary filter entry if the session has been idle for that time. - DaneANETGEAR Employee Retired
Thank you for your feedback.
Is there a specific RFC to the "reflex filters" you are referring to? If yes, kindly provide the RFC.
Regards,
DaneA
NETGEAR Community Team
DaneA
Reflexive ACL's are available on fvery few platforms only, e.g. Cisco IOS, but not on Cisco NX-OS (on switches worth then thousands of USD!!! Was told it's a hardware limitation - so you see the importance). Huawei might have something similar on their managed switches.Definitivley not a feature available on the level of Smart Managed Pro (Web managed) switches.
Related Content
NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!