× Get free training on Switching for AV over IP and receive AVIXA Credits. Sign up at NETGEAR.academy
Reply

Re: How to prevent NVY traffic to go out of M4300 ?

vincelaus
Aspirant

How to prevent NVY traffic to go out of M4300 ?

Hi

 

I have a system where I use the M4300 for Crestron NVX system (Video over IP system). So far the NVX system on the M4300 works perfect but I have an issue.

To be able to control NVX devices I need to link the M4300 at the main LAN. When I do that it floods my LAN with traffic from NVX.

How can I setup the M4300 not to broadcast the NVX video traffic to the LAN and keeps it in the M4300 ?

I have tried quite a few options in the M4300 but no luck so far.

 

Also if I need to extend the NVX network can I just stack 2 M4300 with the stack port and create the stack in the switches and it'll work straight ?

 

Thanks for all

 

Vincèn

Message 1 of 7

Accepted Solutions
LaurentMa
NETGEAR Expert

Re: How to prevent NVY traffic to go out of M4300 ?

Thank you, @vincelaus 

 

To answer your questions in the right order:

  1. Correct, please apply the "Video" profile to all ports. Don't create a new profile, it doesn't seem to me you need it. Instead, in the AV UI, go to Network Profiles\Configure page. Find the Configured Profiles table in the middle of the page. You should see Default VLAN 1 in the table. Use the three little dots on the right, and select Edit. In the popup edit window, find the Template dropdown menu, select it, find Video and select it. Click Apply to close the popup window. If you now see Video under "AV template" in the List of configured profiles, you're good. Click Save on the upper right.
  2. Yes, go to Multicast page, select the port going to the main network, and use the dropdown menu to select "Block". Click Apply. A small block icon will appear on the switch representation image, at the top of the page. Click Save (blue button) on the upper right again. So does all of it survives to the reboots.
  3. Yes, unlike M4250 or M4350, M4300 doesn't have Auto-Trunk and Auto-LAG enabled by default. You need to manually enable both in the AV UI. It's easy. At the top of the page "Network Profiles\Configure',  toggle on Auto-Trunk. Click Save on the upper right. Next, go to Link Aggregation page, and toggle on Auto-LAG. Click Save again on the upper right.
  4. Auto-LAG will take care of everything for you, don't worry. Yes, for multicast, don't touch the Default L2 hashing algorithm, it's optimized to parse traffic based on multicast groups (Multicast MACs). Just connect the switches together with 2, 3, or 4 10G in between. For instance, the 2 10G copper ports using CAT6A cables. Or the 2 10G SFP+ ports using 10G DAC cables. Or all four ports all together if really you have that much traffic expected.

 

I think you're all set! Have a great weekend.

View solution in original post

Message 6 of 7

All Replies
LaurentMa
NETGEAR Expert

Re: How to prevent NVY traffic to go out of M4300 ?

Hi @vincelaus ,

 

Don't worry, it is going very simple.

 

Please upgrade your M4300 to the latest firmware from here M4300 FW

 

NETGEAR IGMP Plus prevents any flooding outside of M4250/M4300/M4350/M4500 switches, so there are two possible root cause for the flooding to the main LAN:

  1. Misconfiguration on the M4300 switch, maybe you created a VLAN and used port based IGMP settings instead of IGMP Plus at the VLAN level only. If so, we need to help you reconfigure, please send your tech-support file (IT GUI Maintenance\Export\HTTP File Export\tech-support in the dropdown menu; or AV UI Diagnostic\Support Diagnostics) to ProAVDesign@netgear.com with a link to this thread
  2. IGMP Plus is correctly configured at the VLAN level, or you just using the VLAN 1 which is already pre-configured with IGMP Plus. In that case, the network switch (main network) you are uplinking to wrongly advertizes itself as a mutlicast router, and then the M4300 switch has no choice by sending all the multicast to it. Several solutions of course, but the easiest is: go to the AV User Interface (left login when pointing your browser to the switch Management IP address), go to Multicast, select the uplink port you are using to the main network, and configure "Block Multicast" on it. Apply, then Save. There will be no multicast anymore through that port.

 

To your other question: No! Don't stack please. Stacking also floods multicast between switches. Please make sure you activate Auto-Trunk and Auto-LAG in your existing M4300 switch, and in your new M4300 switch. It's much better to LAG the two switches, with IGMP Plus containing the multicast just right between the two switches. Of course, please calculate how many streams will traverse and calibrate your LAG (2x10G? 4x10G?) right to allow for non-blocking communication between the two switches.

 

With two switches it can be very worthwhile to use the Engage controller.

Maybe a good occasion to start fresh, factory-default your existing M4300 switch, onboard the new one with it - and use Engage to configure your VLAN 1 with the Video profile all right for NVX. Auto-LAG and Auto-Trunk will do their magic!

You can follow our step by step directions here, good collection of app notes for each step: AV over IP Technical Guides - NETGEAR

 

Please let us know how it goes!

 

 

Message 2 of 7
vincelaus
Aspirant

Re: How to prevent NVY traffic to go out of M4300 ?

Hi @LaurentMa 

 

Thanks a lot for your very detailed answer.

 

For firmware I'll do it when I'm back on site as I'm not very much into doing that remotely.

 

I didn't create any VLAN as I use them basically in default configuration so I quess I need to deactivate as you suggest the IGMP Plus feature on the port used for link with rest of LAN. My only issue is that I don't have access at AV user interface. The M4300 (same on both units) only offers the standard login and no AV login aside as I had on an other unit for a different customer. Is there a specific URL I can use to get access to it ?

 

For info both switches right now are in version 12.0.17.6, B1.0.0.16 so not far of curent version.

 

For Engage I was not aware of that tool and I'm going to use it as you suggest (reset both switches, enroll them in Engage and do the setup this way). Just to be sure I reset both switches and from then I add them in a project in Engage ? I have nothing to do on switches out of resetting them ? Also Engage is able to use the OOB port to control/setup the switch ?

 

Side question: the OOB port works how ? I had difficulties in past to access it with default IP 192.168.0.239 Will it still use the fixed IP if it's plugged on a network that has DHCP server active ?

 

Thanks for all

 

Vincèn

Message 3 of 7
LaurentMa
NETGEAR Expert

Re: How to prevent NVY traffic to go out of M4300 ?

Hi @vincelaus,

 

I didn't create any VLAN as I use them basically in default configuration so I quess I need to deactivate as you suggest the IGMP Plus feature on the port used for link with rest of LAN.

Thanks, all good then. The default configuration on VLAN 1 (untouched) has IGMP Plus. Yes, it means we just need to block multicast on the port used for the main network.

 

My only issue is that I don't have access at AV user interface. The M4300 (same on both units) only offers the standard login and no AV login aside as I had on an other unit for a different customer. Is there a specific URL I can use to get access to it ?

This is because you have an old firmware. We introduced the AV UI approx. one year ago on M4300. Please upgrade the firmware to the latest from and you will then see it. When you point your browser to the switch management IP address (OOB or VLAN 1), you will see two logins. On the left, direct login to the AV UI. On the right, a button for the IT GUI (the GUI you have already today). 

 

For info both switches right now are in version 12.0.17.6, B1.0.0.16 so not far of curent version.

Right, it is too old. Please upgrade to 12.0.17.15 from https://www.netgear.com/support/product/m4300#download

 

For Engage I was not aware of that tool and I'm going to use it as you suggest (reset both switches, enroll them in Engage and do the setup this way). Just to be sure I reset both switches and from then I add them in a project in Engage ? I have nothing to do on switches out of resetting them ? Also Engage is able to use the OOB port to control/setup the switch ?

Since you are using VLAN 1 without real modifications, it's safe for you to just discover the M4300 switch in Engage, and onboard it directly (without factory-resetting it before). You don't have to worry! Since your firmware is very old, please update the switch before though, to the latest firmware . Onboarding will be easier, and faster. 

Yes, you can use Engage with either the OOB ports of the M4300 switches, or the VLAN 1 directly. When you configure your "site", you just need to configure which NIC you are using, static IP or DHCP client NIC. You can also configure a static NIC and use it with a DHCP server in Engage, so that the OOB ports get an IP address from your computer when you configure them, as they are by default DHCP client. I gave the link to our app notes above (previous post), please review, we explain all this very well@!

 

Side question: the OOB port works how ? I had difficulties in past to access it with default IP 192.168.0.239 Will it still use the fixed IP if it's plugged on a network that has DHCP server active ?

The OO port, by defaut, is DHCP client. Right after the boot of the switch, the OOB is sending DHCP discovery packets in order to receive a DHCP address from a DHCP server. This is useful when there is a "management network" connecting all OOB ports in the network. When no DHCP server, the OOB port has unreachable 0.0.0.0 IP address at the beginning, after the boot. The boot itself takes 3 minutes, then the switch is online. Approximately 2 minutes after that moment (120 seconds after the end of the boot), the OOB port is reverting to 192.168.0.239 255.255.255.0 when there is no DHCP offer because no DHCP server on the OOB side. This is when you can start connecting to it using 192.168.0.239 only.

To answer your question, if a few hours later, or all a sudden a few weeks later there is a DHCP server on the OOB side, then it will take approximately 2 minutes to the OOB port to release 192.168.0.239 and get a DHCP client address. The reason is, even when the OOB port has reverted to 192.168.0.239, it is sending a new DHCP discover packet every ~ 2 minutes, just in case.

 

I hope this helps,

 

 

Message 4 of 7
vincelaus
Aspirant

Re: How to prevent NVY traffic to go out of M4300 ?

Thanks a lot for all your explanations that make it a lot easier to understand.

 

I have upgraded both switches so now I have well the AV UI login 😉

 

If I have well understood your explanations:

  • I apply on both Switches the Crestron profile on all ports.
  • I block the Multicast on the port I use to connect the NVX network with main network.
  • I activate in both switches the Auto-Trunk and Auto-Lag
  • I'm all good, right ?

Just something about Auto-Lag, it doesn't ask anything about size of it (I'll do it physically linking one of the 2 10G ports of each switch together) but it asks for Auto-Lag Hash setup by default at Layer 2: Destination. Default is ok for it ?

 

Vincèn

 

Message 5 of 7
LaurentMa
NETGEAR Expert

Re: How to prevent NVY traffic to go out of M4300 ?

Thank you, @vincelaus 

 

To answer your questions in the right order:

  1. Correct, please apply the "Video" profile to all ports. Don't create a new profile, it doesn't seem to me you need it. Instead, in the AV UI, go to Network Profiles\Configure page. Find the Configured Profiles table in the middle of the page. You should see Default VLAN 1 in the table. Use the three little dots on the right, and select Edit. In the popup edit window, find the Template dropdown menu, select it, find Video and select it. Click Apply to close the popup window. If you now see Video under "AV template" in the List of configured profiles, you're good. Click Save on the upper right.
  2. Yes, go to Multicast page, select the port going to the main network, and use the dropdown menu to select "Block". Click Apply. A small block icon will appear on the switch representation image, at the top of the page. Click Save (blue button) on the upper right again. So does all of it survives to the reboots.
  3. Yes, unlike M4250 or M4350, M4300 doesn't have Auto-Trunk and Auto-LAG enabled by default. You need to manually enable both in the AV UI. It's easy. At the top of the page "Network Profiles\Configure',  toggle on Auto-Trunk. Click Save on the upper right. Next, go to Link Aggregation page, and toggle on Auto-LAG. Click Save again on the upper right.
  4. Auto-LAG will take care of everything for you, don't worry. Yes, for multicast, don't touch the Default L2 hashing algorithm, it's optimized to parse traffic based on multicast groups (Multicast MACs). Just connect the switches together with 2, 3, or 4 10G in between. For instance, the 2 10G copper ports using CAT6A cables. Or the 2 10G SFP+ ports using 10G DAC cables. Or all four ports all together if really you have that much traffic expected.

 

I think you're all set! Have a great weekend.

Message 6 of 7
vincelaus
Aspirant

Re: How to prevent NVY traffic to go out of M4300 ?

Sorry for late answer and thanks again for your help, everything works fine since few months now 😉
Message 7 of 7
Top Contributors
Discussion stats
  • 6 replies
  • 3093 views
  • 6 kudos
  • 2 in conversation
Announcements

AV over IP Switches by NETGEAR