NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

hacesoft's avatar
Mar 04, 2020
Solved

Reflex filters

hi,
I want to ask: umi Gigabit Ethernet Smart Switch GS724Tv4 ProSafe, 24 ports, 6.3.1.34 reflex filters?

 

 

Thank you for answer.

  • DaneA 

    Reflexive ACL's are available on fvery few platforms only, e.g. Cisco IOS, but not on Cisco NX-OS (on switches worth then thousands of USD!!! Was told it's a hardware limitation - so you see the importance). Huawei might have something similar on their managed switches.

     

    Definitivley not a feature available on the level of Smart Managed Pro (Web managed) switches.

4 Replies

Replies have been turned off for this discussion
  • DaneA's avatar
    DaneA
    NETGEAR Employee Retired

    hacesoft,

     

    I want to ask: umi Gigabit Ethernet Smart Switch GS724Tv4 ProSafe, 24 ports, 6.3.1.34 reflex filters?

    What do you mean by "reflex filters" that you are referring to?  Unable to find "reflex filters" in the GS724Tv4 user manual here

     

     

    Regards,

     

    DaneA

    NETGEAR Community Team

    • hacesoft's avatar
      hacesoft
      Tutor

      hi,

      Reflective filter filters outgoing data packets. If it intercepts a packet that initiates a new session,
      then, in the opposite direction, it generates a temporary filter item that allows the same packets to pass through
      session in the opposite direction. The temporary filter entry retrieves its parameters from the outgoing packet:

       

      - The higher layer protocol is the same as the outgoing packet.
      - The sender's and recipient's IP addresses are switched in the temporary filter entry because of an incoming packet
      will have these items switched.
      - The sender and receiver ports are also swapped. (Ports only apply to packets carrying
      TCP or UDP.)

       

      The temporary item is maintained for the duration of the session. For TCP, it is maintained for 5 seconds
      after passing the second flagged FIN packet or terminating after passing the flagged packet
      RST (reject connection). This tactic can only be applied to TCP that establishes a connection.
      Generally, the "timeout" keyword is used to set the interval after which the timeout period is set
      deletes the temporary filter entry if the session has been idle for that time.

    • DaneA's avatar
      DaneA
      NETGEAR Employee Retired

      hacesoft,

       

      Thank you for your feedback. 

       

      Is there a specific RFC to the "reflex filters" you are referring to?  If yes, kindly provide the RFC.  

       

       

      Regards,

       

      DaneA

      NETGEAR Community Team

      • DaneA 

        Reflexive ACL's are available on fvery few platforms only, e.g. Cisco IOS, but not on Cisco NX-OS (on switches worth then thousands of USD!!! Was told it's a hardware limitation - so you see the importance). Huawei might have something similar on their managed switches.

         

        Definitivley not a feature available on the level of Smart Managed Pro (Web managed) switches.

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More