DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Table of Contents Introduction Section ............................5 Using the Command Line Interface (CLI) ............................ 5 Accessing the Switch via the Serial Port ....................5 Setting the Switch’s IP Address ........................7 Command Syntax Symbols........................
Page 4
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Loop-back Detection Commands .............................. 334 Out-of-Band Managemnet Commands ............................. 338 Routing Table Commands ................................. 340 Quality of Service (QoS) Section ........................ 344 QoS Commands ..................................344 Simple RED Commands ................................355 Access Control List (ACL) Section ......................
Switch via the Web-based management agent is discussed in the User Guide. NOTE: For the remainder of this manual, the DGS-3700-12, DGS-3700-12G, switches will be referred to as simply the Switch or the DGS-3700 Series. CCESSING THE...
Page 6
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12G Gigabit Ethernet Switch Command Line Interface Firmware: Build 2.00.B023 Copyright(C) 2009 D-Link Corporation. All rights reserved. UserName: There is no initial username or password. Just press the Enter key twice to display the CLI input cursor −...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ’ IP A ETTING THE WITCH DDRESS Each Switch must be assigned its own IP Address, which is used for communication with an SNMP network manager or other TCP/IP application (for example BOOTP, TFTP). The Switch’s default IP address is 10.90.90.90.
Page 8
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide In the above example, the Switch was assigned an IP address of 10.24.73.21 with a subnet mask of 255.0.0.0. The system message Success indicates that the command was executed successfully. The Switch can now be configured and managed via Telnet, SNMP MIB browser and the CLI or via the Web-based management agent using the above IP address to connect to the Switch.
Page 9
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config account Command: config account Next possible completions: <username> DGS-3700-12:5#config account Command: config account Next possible completions: <username> DGS-3700-12:5# In the above example, the command config account was entered without the required parameter <username>, the CLI returned the Next possible completions: <username>...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OMMAND YNTAX YMBOLS The following symbols are used to describe how command entries are made and values and arguments are specified in this manual. The online help contained in the CLI and available through the console interface uses the same syntax.
Page 12
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide BRACES command PARENTHESES Purpose Indicates at least one or more of the values or arguments in the preceding syntax enclosed by braces must be specified. Syntax config dhcp_relay {hops <value 1-16> | time <sec 0-65535>}(1) Users have the option to specify hops or time or both of them.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide NTERFACE AND ARDWARE ECTION Table of Contents Next Section Previous Section ABLE IAGNOSTIC OMMANDS Back to Section Header The Cable Diagnostic commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 14
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#cable_diag ports 1-7 Command: cable_diag ports 1-7 Perform Cable Diagnostics ... Port Type Link Status Test Result Cable Length (M) ---- ------- -------------- ------------------------- ----------------- Link Down No Cable...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DDM C OMMANDS Back to Section Header The Digital Diagnostic Monitoring (DDM) module allows real time access to the SFP module operating parameters. The DDM commands allow users to set warning and alarm thresholds on the operating parameters.
Page 16
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config ddm log enable Command: config ddm log enable Success. DGS-3700-12:5# config ddm trap To enable or disable trap action when the SFP exceed its DDM threshold. Purpose Syntax...
Page 17
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config ddm ports 6.5535 mW. For the received power threshold: when the operating parameter rises above this value, action associated with alarm is taken. The range of this parameter is 0 to 6.5535 mW.
Page 18
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config ddm ports parameter exceeds the corresponding warning threshold. none - Specify whether or not to shut down the port regardless if the operating parameter exceeds the corresponding alarm or warning threshold.
Page 20
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show ddm ports Restrictions None. Example usage: To display the DDM status for ports 8 to 12: DGS-3700-12:5#show ddm ports 8-12 Command: show ddm ports 8-12 Port Temperature Voltage...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OCAL OOPBACK OMMANDS Back to Section Header The local loop-back commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND...
Page 22
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show local_loopback Syntax show local_loopback ports {<portlist>} Description This command is used to display local loop-back configurations on the Switch. ports [<portlist> | all] – The port(s) to be set.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide UNDAMENTALS ECTION Table of Contents Next Section Previous Section ASIC OMMANDS Back to Section Header The basic switch commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 24
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create account Syntax create account [admin | operator | user] <username 15> Description This command is used to create user accounts that consist of a username of 1 to 15 characters and a password of 0 to 15 characters.
Page 25
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config account dlink Command: config account dlink Enter a old password:**** Enter a case-sensitive new password:**** Enter the new password again for confirmation:**** Success. DGS-3700-12:5# show account Purpose Used to display user accounts.
Page 26
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable password encryption Description The user account configuration information will be stored in the configuration file, and can be applied to the system later. If the password encryption is enabled, the password will be in encrypted form when it is stored in the configuration file.
Page 27
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show session Description This command is used to display a list of all the users that are logged-in at the time the command is issued. Parameters None. Restrictions Only Administrator and Operator-level users can issue this command.
Page 28
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show switch Command: show switch Device Type : DGS-3700-12G Gigabit Ethernet Switch MAC Address : 00-21-91-AF-3C-B0 IP Address : 10.73.60.100 (Manual) VLAN Name : default Subnet Mask : 255.0.0.0 Default Gateway : 0.0.0.0...
Page 29
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show environment Restrictions None. Example usage: To display the standalone device environment: DGS-3700-12G:5#show environment Command: show environment Internal Power : Active External Power : Fail Right Fan 1 : Speed 0...
Page 30
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12G:5#config temperature log state enable Command: config temperature log state enable Success. DGS-3700-12G:5# config temperature threshold To configure the warning temperature high threshold or low threshold. Purpose Syntax config temperature threshold {high <temperature> | low <temperature>}...
Page 31
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config serial_port Syntax config serial_port {baud_rate [9600 | 19200 | 38400 | 115200] | auto_logout [never | 2_minutes | 5_minutes | 10_minutes | 15_minutes]} Description This command is used to configure the serial bit rate that will be used to communicate with the management host and the auto logout time for idle connections.
Page 32
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#enable clipaging Command: enable clipaging Success. DGS-3700-12:5# disable clipaging Used to disable the pausing of the console screen scrolling at the end of each page Purpose when a command displays more than one screen of information.
Page 33
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide disable telnet Parameters None. Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To disable the Telnet protocol on the Switch: DGS-3700-12:5#disable telnet Command: disable telnet Success.
Page 34
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide save Purpose Used to save changes in the Switch’s configuration to non-volatile RAM. Syntax save {[config <config_id 1-2> | log | all]} This command is used to enter the current switch configuration into non-volatile Description RAM.
Page 35
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide reset immediatedly without further confirmation. If no parameter is specified, the Switch’s current IP address, banner, user accounts, and the switch history log are not changed. All other parameters are restored to the factory default settings.
Page 36
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide clear Purpose Used to clear the screen. Syntax clear This command is used to clear the terminal screen. Description Parameters None. None. Restrictions Example usage: To clear the screen:...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide EBUG OMMANDS Back to Section Header The Switch Debug commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND ARAMETERS...
Page 38
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#debug address_binding all Command: debug address_binding all Success. DGS-3700-12:5# no debug address_binding To close IP-MAC binding debug events and DHCP. Purpose Syntax no debug address_binding Description This command is used to close IP-MAC binding debug events and DHCP.
Page 39
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#debug buffer utilization Command: debug buffer utilization Allocate from : System memory Total size : 2MB Utilization rate : 30% DGS-3700-12:5# To clear the debug buffer: DGS-3700-12:5#debug buffer clear Command: debug buffer clear Success.
Page 40
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide debug error_log upload_toTFTP - Upload the debug log to a TFTP server specified by IP address. <path_filename 64> - The pathname specifies the DOS pathname on the TFTP server.
Page 41
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide debug show status Syntax debug show status {module <module_list>} Description This command is used to display the debug handler state and the specified module’s debug status. If the input module list is empty, the states of all registered modules which support the debug module will be displayed.
Page 42
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide debug stp config ports Description This command is used to configure the per-port STP debug level. Parameters <portlist> - Specify the STP port range to debug. all - Specify to debug all ports on the switch.
Page 43
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#debug stp show counter ports 9 Command: debug stp show counter ports 9 STP Counters ----------------------------------------- Port 9 Receive Transmit Total STP Packets Total STP Packets Configuration BPDU Configuration BPDU...
Page 44
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide debug stp show information Description This command is used to display STP debug information. Parameters None. Only Administrator and Operator-level users can issue this command. Restrictions Example usage: To display STP bug information:...
Page 45
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#debug stp state disable Command: debug stp state disable Success. DGS-3700-12:5# debug dhcpv6_relay state This command is used to enable or disable DHCPv6 relay debug functions. Purpose Syntax debug dhcpv6_relay state [enable | disable] Description Use this command to enable or disable DHCPv6 relay Debug function.
Page 46
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide debug dhcpv6_relay packet Parameters all - Set packet receiving and sending debug flags. receiving - Set packet receiving debug flag. sending - Set packet sending debug flag. enable - Enable the designated flags.
Page 47
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To enable the DHCPv6 client debugging state. DGS-3700-12G:5#debug dhcpv6_client state enable Command: debug dhcpv6_client state enable Success. DGS-3700-12G:5# debug show error_reboot state Use the command to show the error reboot status.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ASSWORD ECOVERY OMMANDS Back to Section Header The switch password recovery commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 49
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide reboot Syntax reboot { force_agree } Description This command is used to exit the Reset Configuration Mode and restarts the switch. And it pops out a confirmation message to save the current setting.
Page 50
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show account Purpose Used to show the created account. Syntax show account This command is used to display all already created accounts. Description Parameters None. None. Restrictions Example usage: To view the created account: >show account...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OWER AVING OMMANDS Back to Section Header The Switch Power Saving commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 52
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show power_saving Command: show power_saving Power Saving State: Enabled DGS-3700-12:5# Page | 52...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide WITCH TILITY OMMANDS Back to Section Header The switch utility commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND...
Page 54
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide download Parameters firmware_fromTFTP - Download and install new firmware on the switch from a TFTP server. cfg_fromTFTP - Download and install new configuration file on the switch from a TFTP server.
Page 55
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show firmware information Syntax show firmware information Description This command is used to display the firmware section information. None. Parameters Restrictions None. Example usage: To display the current firmware information on the Switch:...
Page 56
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show config Parameters effective - Show only commands which affects the behavior of the device. For example, if STP is disabled, then for STP configuration, only “STP is disabled” is displayed.
Page 58
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable autoconfig Description When autoconfig is enabled on the Switch, the DHCP reply will contain a configuration file and path name. It will then request the file from the TFTP server specified in the reply.
Page 59
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12 Gigabit Ethernet Switch Command Line Interface Firmware: Build 2.00.B023 Copyright(C) 2010 D-Link Corporation. All rights reserved. DGS-3700-12:5# DGS-3700-12:5# DGS-3700-12:5# download cfg_fromTFTP 10.41.44.44 src_file c:\cfg\setting.txt Command: download cfg_fromTFTP 10.41.44.44 src_file c:\cfg\setting.txt Connecting to server....
Page 60
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#disable autoconfig Command: disable autoconfig Success. DGS-3700-12:5# show autoconfig Used to display the current autoconfig status of the Switch. Purpose Syntax show autoconfig Description This command will list the current status of the autoconfiguration function.
Page 61
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ping Parameters <ipaddr> - Specifies the IP address of the host. times <value 1-255> - The number of individual ICMP echo messages to be sent. A value of 0 will send an infinite ICMP echo messages. The maximum value is 255.
Page 62
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#ping6 1001::3702 times 4 Command: ping6 1001::3702 times 4 Reply from 1001::3702, bytes=100 time<10 ms Reply from 1001::3702, bytes=100 time<10 ms Reply from 1001::3702, bytes=100 time<10 ms Reply from 1001::3702, bytes=100 time<10 ms...
Page 63
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide traceroute6 port - Specify the port number. The value range is from 30000 to 64900 . timeout - Specify the timeout period while waiting for a response from the remote device.
Page 64
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#telnet 10.1.1.1 Command: telnet 10.1.1.1 DES-3810-28 Fast Ethernet Switch Command Line Interface Firmware: Build 1.00.B039 Copyright(C) 2009 D-Link Corporation. All rights reserved. UserName: Page | 64...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ECHNICAL UPPORT OMMANDS Back to Section Header The Switch technical support commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 66
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To upload technical support information: DGS-3700-12:5#upload tech_support_toTFTP 10.0.0.66 tech_suppport.txt Command: upload tech_support_toTFTP 10.0.0.66 tech_suppport.txt Connecting to server....Done. Upload techsupport file....Done. Success. DGS-3700-12:5# Page | 66...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ANAGEMENT ECTION Table of Contents Next Section Previous Section OMMAND ISTORY OMMANDS Back to Section Header The switch history commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 69
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To configure the command history: DGS-3700-12:5#config command_history 20 Command: config command_history 20 Success. DGS-3700-12:5# show command_history Purpose Used to display the command history. Syntax show command_history This command is used to display currently used command history.
SIM allows intermediate devices that do not support SIM. This enables the user to manage a switch that are more than one hop away from the CS. The SIM group is a group of switches that are managed as a single entity. The DGS-3700 Series may take on three different roles: •...
Page 71
8. The CaS can be configured through the CS to become a MS. After configuring one switch to operate as the CS of a SIM group, additional DGS-3700 Series switches may join the group by either an automatic method or by manually configuring the Switch to be a MS. The CS will then serve as the in band entry point for access to the MS.
Page 72
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OMMAND ARAMETERS hold_time <sec 100-255>] download sim_ms [firmware_from_tftp | configuration_from_tftp] <ipaddr> <path_filename> {[ members <mslist 1-32> | all]} upload sim_ms [configuration_to_tftp | log_to_tftp] <ipaddr> <path_filename> {[ members <mslist> | all]} Each command is listed, in detail, in the following sections.
Page 73
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show sim SIM Version − Displays the current Single IP Management version on the Switch. Firmware Version − Displays the current Firmware version on the Switch. Device Name − Displays the user-defined device name on the Switch.
Page 74
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To show the candidate information in summary, if the candidate ID is specified: DGS-3700-12:5#show sim candidates Command: show sim candidates MAC Address Platform / Hold Firmware Device Name Capability...
Page 75
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5# show sim neighbor Command: show sim neighbor Neighbor Info Table Port MAC Address Role ------ ------------------ --------- 00-35-26-00-11-99 Commander 00-35-26-00-11-91 Member 00-35-26-00-11-90 Candidate Total Entries: 3 DGS-3700-12:5# reconfig Purpose Used to connect to a member switch, through the commander switch, using Telnet.
Page 77
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config sim dp_interval 30 Command: config sim dp_interval 30 Success. DGS-3700-12:5# To change the hold time of the discovery protocol: DGS-3700-12:5#config sim hold_time 120 Command: config sim hold_time 120 Success.
Page 78
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide download sim_ms TFTP server. members – Enter this parameter to specify the members to which the user prefers to download firmware or switch configuration files. The user may specify a member or members by adding one of the following: <mslist>...
Page 79
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide upload sim_ms configuration_from_tftp − Specify this parameter to upload a switch configuration to Parameters members of a SIM group. log_to_ftp – Specify this parameter to upload a switch log to a member of the SIM group.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DNS R ELAY OMMANDS Back to Section Header The DNS Relay commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 81
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config dnsr add static dns1 10.24.22.5 Command: config dnsr add static dns1 10.24.22.5 Success. DGS-3700-12:5# To delete the entry “dns1” with IP address 10.24.22.5 from the DNS static table: DGS-3700-12:5#config dnsr delete static dns1 10.24.22.5...
Page 82
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide disable dnsr Syntax disable dnsr {[cache | static]} Description This command is used to disable DNS relay on the switch. cache - Specify to disable the cache lookup for the DNS relay on the switch.
Page 83
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show dnsr Command: show dnsr DNSR Status : Disabled Primary Name Server : 0.0.0.0 Secondary Name Server : 0.0.0.0 DNSR Cache Status : Disabled DNSR Static Table Status : Disabled...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ODIFY ANNER AND ROMPT OMMANDS Back to Section Header Administrator level users can modify the login banner (greeting message) and command prompt by using the commands described below. OMMAND...
Page 85
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config greeting _message Move cursor: Left/Right/Up/Down Delete line: Ctrl+D Erase all settings: Ctrl+X Reload original settings: Ctrl+L Restrictions Only Administrator and Operator-level users can issue this command. Other restrictions include: •...
Page 86
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show greeting_message Command: show greeting_message ======================================================================= DGS-3700-12G Gigabit Ethernet Switch Command Line Interface Firmware: Build 2.00.B023 Copyright(C) 2009 D-Link Corporation. All rights reserved. ======================================================================= DGS-3700-12:5# Page | 86...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide EIGHBOR ISCOVERY OMMANDS Back to Section Header The following commands are used to detect IPv6 neighbors on the switch and to keep a running database about these neighbor devices. The IPv6 Neighbor Detection commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 88
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete ipv6 neighbor_cache ipif being an IPv6 neighbor of the IP interface previously entered in this command. static – Enter this command to remove all statically configured neighbor devices from being an IPv6 neighbor of the IP interface previously entered.
Page 89
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To display the IPv6 neighbors of a configured IP interface. DGS-3700-12:5#show ipv6 neighbor_cache ipif System all Command: show ipv6 neighbor_cache ipif System all Neighbor Link Layer Address Interface...
Page 90
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To display the neighbor detection parameters for IPv6: DGS-3700-12:5#show ipv6 nd Command: show ipv6 nd Interface Name : System NS Retransmit Time : 1000000 (ms) DGS-3700-12:5# Page | 90...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide LLDP C OMMANDS Back to Section Header The LLDP commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND ARAMETERS...
Page 92
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable lldp Syntax enable lldp Description This is a global control for the LLDP function. When this function is enabled, the switch can start to transmit LLDP packets and receive and process the LLDP packets.
Page 93
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config lldp switch’s MIB. The TX delay is used to change the minimum time (delay-interval) any LLDP port will delay advertising successive LLDP advertisements due to a change in LLDP MIB content. The TX delay defines the minimum interval between sending of LLDP messages due to constany change of MIB content.
Page 94
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config lldp reinit_delay 5 Command: config lldp reinit_delay 5 Success. DGS-3700-12:5# show lldp To display LLDP. Purpose Syntax show lldp Description Use this command to display LLDP. None. Parameters Restrictions None.
Page 95
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config lldp forward_message enable Command: config lldp forward_message enable Success. DGS-3700-12:5# config lldp notification_interval To configure the timer of notification interval for sending notification to configured Purpose SNMP trap receiver(s).
Page 96
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config lldp ports the list will be advertised in the LLDP from the specified interface, associated with each management address. The interface for that management address will be also advertised in the if-index form.
Page 97
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config lldp ports ipv4 - Specify the IP address of IPv4. ipv6 - Specify the IP address of IPv6. enable - Enable port(s) specified for advertising indicated management address instance.
Page 98
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config lldp ports <vlan_name 32> - Specify a VLAN name to be transmitted. vlanid - Specify a VLAN ID list to be transmitted. enable - Enable configuration of an individual port or group of ports to include one or more of IEEE 802.1 Organizationally VLAN name TLV data types from outbound...
Page 99
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config lldp ports one or more of IEEE 802.3 Organizationally Specific TLV data types from outbound LLDP advertisements. Only Administrator and Operator-level users can issue this command. Restrictions Example usage:...
Page 100
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config lldp ports all dot1_tlv_protocol_vid vlanid 1-3 enable Command: config lldp ports all dot1_tlv_protocol_vid vlanid 1-3 enable Success. DGS-3700-12:5# To include the VLAN name TLV from the outbound LLDP advertisements for all ports:...
Page 101
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show lldp ports 1 Command: show lldp ports 1 Port ID -------------------------------------------------------------- Admin Status : TX_and_RX Notification Status : Disabled Advertised TLVs Option Port Description Disabled System Name Disabled...
Page 102
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config lldp_med log state disable - Disable the log state for LLDP-MED events. The default is disabled. Restrictions Only Administrator and Operator-level users can issue this command. Example usage:...
Page 103
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config lldp_med ports all - Select to send capabilities, network policy, and inventory. capabilities - Specify that the LLDP agent should transmit “LLDP-MED capabilities TLV.” If a user wants to transmit LLDP-MED PDU, this TLV type should be enabled.
Page 104
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show lldp_med Syntax show lldp_med Description Use this command to display the switch’s general LLDP-MED configuration status. None. Parameters Restrictions None. Example usage: To display the switch’s general LLDP-MED configuration status:...
Page 105
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show lldp_med local_ports 1 Command: show lldp_med local_ports 1 Port ID : 1 ---------------------------------------------------------------- LLDP-MED Capabilities Support: Capabilities :Support Network Policy :Support Location Identification :Not Support Extended Power Via MDI PSE :Not Support...
Page 106
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show lldp_med remote_ports 1 Command: show lldp_med remote_ports 1 Port ID : 1 ---------------------------------------------------------------------------- Remote Entities Count : 1 Entity 1 Chassis ID Subtype : MAC Address Chassis ID...
Page 107
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Model Name Asset ID DGS-3700-12:5# show lldp local_ports Purpose To display the per-port information currently available for populating outbound LLDP advertisements. Syntax show lldp local_ports {<portlist>} {mode [brief | normal | detailed]}...
Page 108
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show lldp mgt_addr Command: show lldp mgt_addr Address 1 : ------------------------------------------------------ Subtype : IPv4 Address : 10.19.72.38 IF Type : IfIndex : 1.3.6.1.4.1.171.10.102.1.2 Advertising Ports Total Entries : 1...
Page 109
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show lldp statistics Command: show lldp statistics Last Change Time : 3648 Number of Table Insert : 0 Number of Table Delete : 0 Number of Table Drop Number of Table Ageout : 0...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ETWORK ONITORING OMMANDS Back to Section Header The network monitoring commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND...
Page 111
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show packet ports Purpose Used to display statistics about the packets sent and received by the Switch. Syntax show packet ports <portlist> This command is used to display statistics about packets sent and received by ports Description specified in the <portlist>.
Page 112
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show error ports 3 Command: show error ports 3 Port Number : 3 RX Frames TX Frames --------- --------- CRC Error Excessive Deferral Undersize CRC Error Oversize Late Collision...
Page 113
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show utilization cpu Command: show utilization cpu CPU Utilization ----------------------------------------------------------------- Five seconds - One minute - 10 % Five minutes - 10 % DGS-3700-12:5# show utilization dram Used to display real-time utilization statistics for the DRAM.
Page 114
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide clear counters <portlist> − Specifies a port or range of ports to be displayed. Parameters Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To clear the counters:...
Page 116
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show historical_utilization cpu 15_minute Command: show historical_utilization cpu 15_minute CPU Utilization ----------------------------------------------------------------------- 15-Minute Slot 1 (7 Jan 2009 20:25:01 - 7 Jan 2000 20:10:01) 10 % 15-Minute Slot 2 (7 Jan 2009...
Page 117
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#clear historical_counters ports all Command: clear historical_counters ports all Success. DGS-3700-12:5# clear log Used to clear the Switch’s history log. Purpose Syntax clear log Description This command is used to clear the Switch’s history log.
Page 118
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable syslog Used to enable the system log to be sent to up to 4 remote hosts. Purpose Syntax enable syslog Description This command is used to enable the system log to be sent to up to 4 remote hosts.
Page 119
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show syslog Command: show syslog Syslog Global State: Enabled DGS-3700-12:5# create syslog host Used to create a new syslog host. Purpose Syntax create syslog host <index 1-4> ipaddress [<ipaddr>| <ipv6addr>] { severity [ emergency | alert | critical | error | warning | notice | informational | debug | <level 0-7>...
Page 120
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create syslog host clock daemon local use 0 (local0) local use 1 (local1) local use 2 (local2) local use 3 (local3) local use 4 (local4) local use 5 (local5)
Page 121
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide The config syslog command configures the syslog host configurations. The user can Description choose and report a specific level of messages to a specific host. When the user chooses a specific level for a specific host, messages which are at that severity level or higher will be reported to the specified host.
Page 122
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config syslog host all severity debug Command: config syslog host all severity debug Success. DGS-3700-12:5# delete syslog host Used to remove a syslog host that has been previously configured, from the Switch.
Page 123
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12G:5#show syslog host Command: show syslog host Syslog Global State: Disabled Host IP Address : 10.73.60.123 Severity : Emergency(0) Facility : Local0 UDP port : 514 Status : Disabled...
Page 124
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show log_save_timing Command: show log_save_timing Saving Log Method: On_demand DGS-3700-12:5# show attack_log Used to show dangerous log messages. Purpose Syntax show attack_log {index <value_list>} This command is used to show content of dangerous log messages.
Page 125
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide upload attack_log_to TFTP Description This command is used to upload the switch’s dangerous log. <ipaddr> − The IP address of the TFTP server. The TFTP server must be on the same Parameters IP subnet as the switch.
Page 126
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config system_severity Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To configure the system severity settings: DGS-3700-12:5#config system_severity trap critical Command: config system_severity trap critical Success.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide AFEGUARD NGINE OMMANDS Back to Section Header Periodically, malicious hosts on the network will attack the Switch by utilizing packet flooding (ARP Storm) or other methods. These attacks may increase the CPU utilization beyond its capability. To alleviate this problem, the Safeguard Engine function was added to the Switch’s software.
Page 128
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config safeguard_engine down. The default value is 20. trap_log [enable | disable] – Choose whether to enable or disable the sending of messages to the device’s SNMP agent and switch log once the Safeguard Engine has been activated by a high CPU utilization rate.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OMMANDS Back to Section Header The sFlow commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND ARAMETERS enable sflow...
Page 130
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#enable sflow Command: enable sflow Success. DGS-3700-12:5# disable sflow Used to disable the sFlow function. Purpose Syntax disable sflow Description This command is used to disable the sFlow function.
Page 131
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create sflow flow_sampler ports where the packet will be forwarded. rate – The sampling rate for packet sampling. The configured rate value multiplied by 256 is the actual rate. For example, if the rate is 20, the actual rate 5120. One packet will be sampled from about 5120 packets.
Page 132
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete sflow flow_sampler Syntax delete sflow flow_sampler ports [<portlist> | all] Description This command is used to delete the sflow flow sampler that has been configured for the specified port.
Page 133
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create sflow counter_poller interval – The maximum number of seconds between successive statistic counters information. If set to disable, the counter-poller is disabled. If interval is not specified, its default value is disable.
Page 134
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#delete sflow counter_poller ports 1 Command: delete sflow counter_poller ports 1 Success. DGS-3700-12:5# show sflow counter_poller Used to show the sflow counter_poller information of ports which have been created.
Page 135
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To create the sflow analyzer_server: DGS-3700-12:5#create sflow analyzer_server 1 owner monitor Command: create sflow analyzer_server 1 owner monitor Success. DGS-3700-12:5# config sflow analyzer_server Used to configure the analyzer_server information .
Page 136
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#delete sflow analyzer_server 2 Command: delete sflow analyzer_server 2 Success. DGS-3700-12:5# show sflow analyzer_server Used to show the sflow analyzer_server information. Purpose Syntax show sflow analyzer_server Description This command is used to show the sflow analyzer server information. The Timeout field specifies the time configured by user.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide SNMP C OMMANDS Back to Section Header The Switch supports the Simple Network Management Protocol (SNMP) versions 1, 2c, and 3. Users can specify which version of the SNMP users want to use to monitor and control the Switch. The three versions of SNMP vary in the level of security provided between the management station and the network device.
Page 139
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#enable snmp Command: enable snmp Success. DGS-3700-12:5# disable snmp Purpose To disable the SNMP interface access function. Syntax disable snmp Description This command is used to disable the SNMP function. When SNMP function is disabled, the network manager will not be able the access SNMP MIB objects.
Page 140
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create snmp user by_key – Requires the SNMP user to enter a encryption key for authentication and privacy. The key is defined by specifying the key in hex form below. This method is not recommended.
Page 141
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete snmp user <user_name 32> − An alphanumeric string of up to 32 characters that identifies the Parameters SNMP user that will be deleted. Restrictions Only Administrator-level users can issue this command.
Page 142
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To create an SNMP view: DGS-3700-12:5#create snmp view dlinkview 1.3.6 view_type included Command: create snmp view dlinkview 1.3.6 view_type included Success. DGS-3700-12:5# delete snmp view Purpose Used to remove an SNMP view entry previously created on the Switch.
Page 143
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show snmp view Command: show snmp view Vacm View Table Settings View Name Subtree View Type ------------------- ---------------------------------- ---------- restricted 1.3.6.1.2.1.1 Included restricted 1.3.6.1.2.1.11 Included restricted 1.3.6.1.6.3.10.2.1 Included restricted 1.3.6.1.6.3.11.2.1...
Page 144
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#create snmp community dlink view ReadView read_write Command: create snmp community dlink view ReadView read_write Success. DGS-3700-12:5# delete snmp community Used to remove a specific SNMP community string from the Switch.
Page 145
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show snmp community Command: show snmp community SNMP Community Table Community Name View Name Access Right -------------- ----------- ------------ dlink ReadView read_write private CommunityView read_write public CommunityView read_only Total Entries: 3...
Page 146
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create snmp group notify_view <view_name 32>} Description This command is used to create a new SNMP group, or a table that maps SNMP users to SNMP views. <groupname 32> − An alphanumeric name of up to 32 characters that will identify Parameters the SNMP group the new SNMP user will be associated with.
Page 147
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete snmp group Description This command is used to remove an SNMP group from the Switch. <groupname 32> − An alphanumeric name of up to 32 characters that will identify Parameters the SNMP group the new SNMP user will be associated with.
Page 148
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show snmp groups Command: show snmp groups Vacm Access Table Settings Group Name : Group3 ReadView Name : ReadView WriteView Name : WriteView Notify View Name : NotifyView Security Model...
Page 149
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create snmp host centralized and distributed network management strategies. It includes improvements in the Structure of Management Information (SMI) and adds some security features. v3 – Specifies that the SNMP version 3 will be used. SNMP v3 provides secure access to devices through a combination of authentication and encrypting packets over the network.
Page 150
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show snmp host Syntax show snmp host {<ipaddr>} Description This command is used to display the IP addresses and configuration information of remote SNMP managers that are designated as recipients of SNMP traps that are generated by the Switch’s SNMP agent.
Page 151
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create trusted_host Syntax create trusted_host [<ipaddr> | <ipv6addr> | network <network_address> | ipv6_prefix <ipv6networkaddr> ] {snmp | telnet | ssh | http | https | ping} Description This command is used to create the trusted host. The Switch allows users to specify up to four IP addresses that are allowed to manage the Switch via in-band SNMP or TELNET based management software.
Page 152
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config trusted_host Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To configure the trusted host: DGS-3700-12:5#config trusted_host 10.48.74.121 add ssh telnet Command: config trusted_host 10.48.74.121 add ssh telnet Success.
Page 154
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#enable snmp traps Command: enable snmp traps Success. DGS-3700-12:5# enable snmp authenticate_traps Used to enable SNMP authentication trap support. Purpose Syntax enable snmp authenticate_traps Description This command is used to enable SNMP authentication trap support on the Switch.
Page 155
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To prevent SNMP traps from being sent from the Switch: DGS-3700-12:5#disable snmp traps Command: disable snmp traps Success. DGS-3700-12:5# disable snmp authenticate_traps Purpose Used to disable SNMP authentication trap support.
Page 156
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config snmp system_location of 255 characters can be used. <sw_location> − A maximum of 255 characters is allowed. A null string is accepted if Parameters there is no location desired.
Page 157
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide disable snmp linkchange_traps Purpose To disable SNMP linkchange trap support. Syntax disable snmp linkchange_traps This command is used to disable SNMP linkchange trap support. Description Parameters None. Only Administrator and Operator-level users can issue this command.
Page 158
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config snmp coldstart_traps enable Command: config snmp coldstart_traps enable Success. DGS-3700-12:5# config snmp warmstart_traps To configure the trap state for warmstart events. Purpose Syntax config snmp warmstart_traps [enable | disable] Description This command is used to configure the trap state for warmstart events.
Page 159
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To display current RMON settings: DGS-3700-12:5#show rmon Command: show rmon RMON Rising Alarm Trap : Enabled RMON Falling Alarm Trap : Enabled DGS-3700-12:5# Page | 159...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide WITCH OMMANDS Back to Section Header The switch port commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND ARAMETERS config ports [<portlist>...
Page 161
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config ports a selected port interface. clear description – To clear the description. config ports mdix - MDIX mode can be specified as auto, normal, and cross. If set to normal state, the port is in MDIX mode and can be connected to PC NIC using a straight cale.
Page 162
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5# config ports 1:1-1:3 auto-negotiation restart_an Success. DGS-3700-12:5# show ports Purpose Used to display the current configuration of a range of ports. Syntax show ports {<portlist>} { [description | err_disabled| media_type | details] } Description This command is used to display the current configuration of a range of ports.
Page 163
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show ports description Command: show ports description Port State/ Settings Connection Address MDIX Speed/Duplex/FlowCtrl Speed/Duplex/FlowCtrl Learning ------- -------- --------------------- ---------------------- --------- Enabled Auto/Disabled Link Down Enabled Description: Enabled Auto/Disabled...
Page 164
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#enable jumbo_frame Command: enable jumbo_frame The maximum size of jumbo frame is 13312 bytes. Success. DGS-3700-12:5# disable jumbo_frame Used to disable the jumbo frame function on the Switch. Purpose...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide SNTP C IME AND OMMANDS Back to Section Header The Simple Network Time Protocol (SNTP) (an adaptation of the Network Time Protocol (NTP)) commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 166
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config sntp primary 10.1.1.1 secondary 10.1.1.2 poll-interval 30 Command: config sntp primary 10.1.1.1 secondary 10.1.1.2 poll-interval 30 Success. DGS-3700-12:5# show sntp Used to display the SNTP information. Purpose Syntax...
Page 167
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide disable sntp Description This command will disable SNTP support. SNTP service must be separately configured (see config sntp). Parameters None. Restrictions Only Administrator and Operator-level users can issue this command.
Page 168
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config time_zone Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To configure time zone settings: DGS-3700-12:5#config time_zone operator + hour 2 min 30 Command: config time_zone operator + hour 2 min 30 Success.
Page 169
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config dst <end_week 1-4,last> − The number of the week during the month in which DST ends Parameters where 1 is the first week, 2 is the second week and so on, last is the last week of the month.
Page 170
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To show the time currently set on the Switch’s System clock: DGS-3700-12:5#show time Command: show time Current Time Source : System Clock Boot Time : 3 Jan 2000...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide AYER EATURES ECTION Table of Contents Next Section Previous Section BPDU A TTACK ROTECTION OMMANDS Back to Section Header The BPDU Attack Protection commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 172
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config bpdu_protection ports mode - Specify the BPDU protection mode. The default mode is shutdown. drop - Specify to drop all received BPDU packets when the port enters the under attack state.
Page 173
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config bpdu_protection cleared. both - Specify the events of attack_detected and attack_cleared shall be trapped or logged. Only Administrator and Operator-level users can issue this command. Restrictions Example usage:...
Page 174
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show bpdu_protection Purpose To display BPDU protection status. Syntax show bpdu_protection {ports {<portlist>}} This command is used to display BPDU protection global configuration or per port Description configuration and current status.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide (ERPS) THERNET ROTECTION WITCHING OMMANDS Back to Section Header The Ethernet Ring Protection Switching (ERPS) commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 176
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#enable erps Command: enable erps Success. DGS-3700-12:5# disable erps To disable the global ERPS function on the switch. Purpose Syntax disable erps Description This command is used to disable the ERPS function on the switch.
Page 177
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To delete an R-APS VLAN: DGS-3700-12:5#delete erps raps_vlan 4094 Command: delete erps raps_vlan 4094 Success. DGS-3700-12:5# config erps raps_vlan Purpose To set the R-APS VLAN parameters. Syntax config erps raps_vlan <vlanid>...
Page 178
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config erps raps_vlan Holdoff timer - Hold-off timer is used to filter out intermittent link faults when link failure occurs. This timer is used during the protection switching process when link failure occurs.
Page 179
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config erps raps_vlan guard_time - Specify the guard time of the R-APS function. The default guard time is 500 milliseconds. wtr_time - Specify the WTR time of the R-APS function. The range is from 5 to 12 minutes.
Page 181
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To set the trap state: DGS-3700-12:5#config erps trap enable Command: config erps trap enable Success. DGS-3700-12:5# show erps Purpose To display ERPS information. Syntax show erps {raps_vlan <vlanid> {sub_ring}} This command is used to display ERPS configuration and operation information.
Page 182
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5# show erps Command: show erps ERPS Information Global Status : Enabled Log Status : Disabled Trap Status : Disabled ------------------------ R-APS VLAN : 4092 ERPS Status : Enabled...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide (DHCP S BIOS) C ILTER ERVER OMMANDS Back to Section Header DHCP Server Screening Settings This function allows you not only to restrict all DHCP Server packets but also to receive any specified DHCP server packets by any specified DHCP client, it is useful when one or more than one DHCP servers are present on the network and both provide DHCP services to different distinct groups of clients.
Page 184
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config filter dhcp_server Purpose DHCP server packets except those that have been server IP/client MAC bound will be filtered. This command is used to configure the state of the function for filtering of DHCP server packet and to add/delete the DHCP server/client binding entry.
Page 185
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config filter dhcp_server ports 1-10 state enable Command: config filter dhcp_server ports 1-10 state enable Success DGS-3700-12:5# show filter dhcp_server Used to display current DHCP server/client filter list created on the switch.
Page 186
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config filter netbios 1-10 state enable Command: config filter netbios 1-10 state enable Success. DGS-3700-12:5# show filter netbios Used to display the switch settings to filter NetBIOS packets from specified ports.
Page 187
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show filter extensive_netbios specified ports. Parameters None. Only Administrator-level users can issue this command. Restrictions Example usage: To display the extensive NetBIOS filter status: DGS-3700-12:5#show filter extensive_netbios Command: show filter extensive_netbios...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ORWARDING ATABASE OMMANDS Back to Section Header The layer 2 forwarding database commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 189
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create multicast_fdb Syntax create multicast_fdb <vlan_name 32> <macaddr> Description This command will make an entry into the Switch’s multicast MAC address forwarding database. <vlan_name 32> − The name of the VLAN on which the MAC address resides.
Page 190
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config fdb aging_time Switch will broadcast the packet to all ports, negating many of the benefits of having a switch. <sec 10-1000000> − The aging time for the MAC address forwarding database value.
Page 191
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide clear fdb port <port> − The port number corresponding to the MAC destination address. all − Clears all dynamic entries from the Switch’s forwarding database. Restrictions Only Administrator and Operator-level users can issue this command.
Page 192
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To display unicast MAC address table: DGS-3700-12:5#show fdb Command: show fdb Unicast MAC Address Aging Time = 300 VLAN Name MAC Address Port Type ---- ----------------- ----------------- ----- -----------------...
Page 193
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show multicast vlan_filtering_mode Purpose Used to show the multicast packet filtering mode for VLANs. Syntax show multicast vlan_filtering_mode {[vlanid < vidlist > | vlan <vlan_name 32>]} This command is used to display the multicast packet filtering mode for VLAN.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide IGMP M VLAN C ULTICAST OMMANDS Back to Section Header The IGMP Multicast VLAN commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 195
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create igmp_snooping multicast_vlan <vlan_name> − The name of the VLAN to be created. Each multicast VLAN is given Parameters a name that can be up to 32 characters. vlanid – The VLAN ID of the multicast VLAN to be create. The range is 2-4094 remap_priority •...
Page 196
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config igmp_snooping multicast_vlan replace_source_ip − With the IGMP snooping function, the IGMP report packet sent by the host will be forwarded to the source port. Before forwarding of the packet, the source IP address in the join packet needs to replaced by this IP address.
Page 197
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config igmp_snooping multicast_vlan_group Note: The same profile can not be overlapped in different IGMP Multicast VLANs if these IGMP Multicast VLANs have an overlapping portlist. Multiple profiles can be added to a multicast VLAN.
Page 198
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete igmp_snooping multicast_vlan Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To delete an IGMP Multicast VLAN: DGS-3700-12:5#delete igmp_snooping multicast_vlan v1 Command: delete igmp_snooping multicast_vlan v1 Success.
Page 199
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show igmp_snooping multicast_vlan Command: show igmp_snooping multicast_vlan IGMP Multicast VLAN Global State : Enabled IGMP Multicast VLAN Forward Unmatched : Enabled VLAN Name : RG : 11 Member(Untagged) Ports...
Page 200
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config igmp_snooping multicast_vlan_group_profile can be continuous single multicast addresses, such as 225.1.1.1, 225.1.1.3, 225.1.1.8, or a multicast address range, such as 225.1.1.1-225.2.2.2, or both of them, such as 225.1.1.1, 225.1.1.18-225.1.1.20 Restrictions Only Administrator and Operator-level users can issue this command.
Page 201
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show igmp_snooping multicast_vlan_group_profile p1 Command: show igmp_snooping multicast_vlan_group_profile p1 Profile Name Multicast Addresses -------------------------------- ------------------------------- 225.1.1.1-226.1.1.1 DGS-3700-12:5# config igmp_snooping multicast_vlan forward_unmatched Used to configure forwarding mode for IGMP Multicast VLAN unmatched packets.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide IGMP S NOOPING OMMANDS Back to Section Header The IGMP Snooping commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 203
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Each command is listed, in detail, in the following sections. config igmp_snooping Used to configure IGMP snooping on the Switch. Purpose Syntax config igmp_snooping [ vlan_name <vlan_name 32> | vlanid <vlanid_list> |all ]...
Page 204
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config igmp_snooping querier subnet. The value of the robustness variable is used in calculating the following IGMP message intervals: Group member interval − Amount of time that must pass before a multicast router decides there are no more members of a group on a network.
Page 205
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config router_ports <portlist> − Specifies a port or range of ports that will be configured as router ports. Only Administrator and Operator-level users can issue this command. Restrictions Example usage:...
Page 206
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#enable igmp_snooping Command: enable igmp_snooping Success. DGS-3700-12:5# disable igmp_snooping Used to enable IGMP snooping on the Switch. Purpose Syntax disable igmp_snooping Description This command disables IGMP snooping on the Switch.
Page 207
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show igmp_snooping Command: show igmp_snooping IGMP Snooping Global State : Enabled Data Driven Learning Max Entries : 128 VLAN Name : default Query Interval : 125 Max Response Time...
Page 208
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show router_ports all Command: show router_ports all VLAN Name : default Static router port Dynamic router port Router IP Forbidden router port VLAN Name : v1 Static router port...
Page 209
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show igmp_snooping group Command: show igmp_snooping group Source/Group : NULL/224.1.1.1 VLAN Name/VID : default/1 Member Ports : 12 Up Time : 62 Expiry Time : 198 Filter Mode : EXCLUDE Source/Group : NULL/224.1.1.2...
Page 210
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To show rate limitation: DGS-3700-12G:5#show igmp_snooping rate_limit ports 1 Command: show igmp_snooping rate_limit ports 1 Port Rate Limit -------- --------------- No Limit Total Entries: 1 DGS-3700-12G:5# config igmp_snooping rate_limit Purpose Used to show rate limitation.
Page 211
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To view the current IGMP snooping forwarding information: DGS-3700-12:5#show igmp_snooping forwarding Command: show igmp_snooping forwarding VLAN Name : default Source IP Multicast Group : 225.1.1.1 Port Member Total Entries : 1...
Page 212
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create igmp_snooping static_group the member ports. For a layer 3 device, the device is also responsible to route the packet destined for this specific group to static member ports.
Page 213
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#delete igmp_snooping static_group vlanid 1 226.1.1.1 Command: delete igmp_snooping static_group vlanid 1 226.1.1.1 Success. DGS-3700-12:5# config igmp_snooping static_group Purpose Used to configure the current IGMP snooping static group on the Switch.
Page 214
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show igmp_snooping statistic counter vlanid 1 Command: show igmp_snooping statistic counter vlanid 1 VLAN Name : default -------------------------------------------------- Group Number Receive Statistics Query IGMP v1 Query IGMP v2 Query...
Page 215
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#clear igmp_snooping statistic counter Command: clear igmp_snooping statistic counter Success. DGS-3700-12:5# show igmp_snooping host Purpose To display the IGMP hosts that have joined groups on a specific port or specific VLAN.
Page 216
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config igmp_snooping data_driven_learning max_learned_ entry 100 Command: config igmp_snooping data_driven_learning max_learned_entry 100 Success. DGS-3700-12:5# config igmp_snooping data_driven_learning Purpose Used to configure the data driven learing of a IGMP snooping group.
Page 217
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5# config igmp_snooping data_driven_learning vlan_name default state enable aged_out enable expiry_time 270 Command: config igmp_snooping data_driven_learning vlan_name default state enable aged_out enable expiry_time 270 Success. DGS-3700-12:5# clear igmp_snooping data_driven_group Purpose Used to delete the IGMP snooping group learned by data driven.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide IPMC C OMMANDS Back to Section Header The IPMC commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND ARAMETERS show ipfdb {<ipaddr>}...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide (L2PT) C AYER ROTOCOL UNNELING OMMANDS Back to Section Header The BPDU Tunnelling commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 220
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To display the BPDU tunnelling state of all ports: DGS-3700-12:5#show bpdu_tunnel Command: show bpdu_tunnel BPDU Tunnel : Disabled STP Tunnel Multicast Address : 01-05-5D-00-00-00 STP Tunnel Port : 1-4...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide GGREGATION OMMANDS Back to Section Header The link aggregation commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND ARAMETERS create link_aggregation group_id <value 1-6>...
Page 222
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete link_aggregation <value 1-6> − Specifies the group ID. The Switch allows up to six link aggregation Parameters groups to be configured. The group number identifies each of the groups.
Page 223
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config link_aggregation algorithm Parameters mac_source - Indicates that the switch should examine the MAC source address. mac_destination - Indicates that the switch should examine the MAC destination address. mac_source_dest - Indicates that the switch should examine the MAC source and destination address.
Page 224
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show link_aggregation Command: show link_aggregation Link Aggregation Algorithm = MAC-Source-Dest Group ID Type : TRUNK Master Port Member Port Active Port Status : Disabled Flooding Port Total Entries : 1...
Page 225
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show lacp_port ports. Restrictions None. Example usage: To display LACP port mode settings: DGS-3700-12:5#show lacp_port 1-10 Command: show lacp_port 1-10 Port Activity ------ -------- Active Active Active Active Active...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide IP M IMITED ULTICAST DDRESS OMMANDS Back to Section Header The Limited IP Multicast command allows the administrator to permit or deny access to a port or range of ports by specifying a range of multicast addresses.
Page 227
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#create mcast_filter_profile ipv4 profile_id 2 profile_name RG Command: create mcast_filter_profile ipv4 profile_id 2 profile_name RG Success. DGS-3700-12:5# config mcast_filter_profile This command adds or deletes a range of multicast addresses to the profile.
Page 229
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show mcast_filter_profile ipv4 Command: show mcast_filter_profile ipv4 Profile ID Name Multicast Addresses ---- ---------- --------------------------- 234.1.1.1 - 238.244.244.244 Total Profile Count : 1 DGS-3700-12:5# config limited_multicast_addr ports Purpose Used to configure the multicast address filtering function on a port.
Page 230
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show limited_multicast_addr <portlist> − A range of ports to show the limited multicast address configuration. Parameters <vlanid_list> – range of VLAN IDs to show the multicast address configuration. None.
Page 231
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config max_mcast_group ipv4 ports 1,3 max_group 100 Command: config max_mcast_group ipv4 ports 1,3 max_group 100 Success. DGS-3700-12:5# show max_mcast_group This command display the max number of multicast groups that a port can join.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide MAC N OTIFICATION OMMANDS Back to Section Header The MAC notification commands in the Command Line Interface (CLI) are listed, in the following table, along with their appropriate parameters.
Page 233
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#disable mac_notification Command: disable mac_notification Success. DGS-3700-12:5# config mac_notification Purpose Used to configure MAC address notification. Syntax config mac_notification {interval <int 1-2147483647> | historysize <int 1-500>} This command is used to monitor MAC addresses learned and entered into the FDB.
Page 234
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show mac_notification Syntax show mac_notification Description This command is used to display the Switch’s MAC address table notification global settings. Parameters None. None. Restrictions Example usage: To view the Switch’s MAC address table notification global settings:...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide MLD M VLAN C ULTICAST OMMANDS Back to Section Header The MLD Multicast VLAN commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 236
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create mld_snooping multicast_vlan vlanid – The VLAN ID of the multicast VLAN to be create. The range is 2-4094. remap_priority – The remap priority value (0 to 7) to be associated with the data traffic to be forwarded on the multicast VLAN.
Page 237
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config mld_snooping multicast_vlan • <value 0-7> - The remap priority value (0 to 7) to be associated with the data traffic to be forwarded on the multicast VLAN. • none - If none is specified, the packet’s original priority is used. The default setting is none.
Page 238
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config mld_snooping multicast_vlan_group_profile <mcastv6_address_list> – Specifies the MLD multicast addresses to be configured. It can be a continuous single multicast addresses, such as FF12::1, FF12::3, FF12::8, or a multicast address range, such as FF12::1- FF12::12, or both of them, such as FF12::1, FF12::18- FF12::20.
Page 239
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show mld_snooping multicast_vlan_group_profile Command: show mld_snooping multicast_vlan_group_profile Profile Name Multicast Addresses -------------------------------- ------------------------------- FF12::1-FF12::2 Total Entry: 1 DGS-3700-12:5# config mld_snooping multicast_vlan multicast_group Purpose Used to configure the multicast group which will be learned with the specific MLD multicast VLAN.
Page 240
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config mld_snooping multicast_vlan_group mv1 add profile_name g1 Command: config mld_snooping multicast_vlan_group mv1 add profile_name g1 Success. DGS-3700-12:5# show mld_snooping multicast_vlan_group Used to display the multicast groups configured for the specified MLD multicast Purpose VLAN.
Page 241
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable/disable mld_snooping multicast_vlan VLAN will take effect when MLD snooping multicast VLAN is enabled. By default, the MLD Multicast VLAN is in a disabled state. None. Parameters Restrictions Only Administrator and Operator-level users can issue this command.
Page 242
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config mld_snooping multicast_vlan forward_unmatched the packet does not match any profiles, the packet will be forwarded or dropped based on the setting. By default, the packet will be dropped.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide MLD S NOOPING OMMANDS Back to Section Header The MLD Snooping Commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 244
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OMMAND ARAMETERS <ipv6addr> ] } Each command is listed, in detail, in the following sections. config mld_snooping Purpose Used to configure MLD snooping on the switch. Syntax config mld_snooping [ vlan <vlan_name 32> | vlanid <vlanid_list> |all ] { state...
Page 245
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config mld_snooping querier max_reponse_time − The maximum time in seconds to wait for reports from listeners. The default setting is 10 seconds. robustness_variable − Provides fine-tuning to allow for expected packet loss on a subnet.
Page 246
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To set up port range 1-10 to be static router ports: DGS-3700-12:5#config mld_snooping mrouter_ports vlan default add 1-10 Command: config mld_snooping mrouter_ports vlan default add 1-10 Success.
Page 247
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide disable mld_snooping Syntax disable mld_snooping Description This command is used to disable MLD snooping on the switch. Disabling MLD snooping allows all MLD and IPv6 multicast traffic to flood within a given IPv6 interface.
Page 248
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show mld_snooping Command: show mld_snooping MLD Snooping Global State : Disabled Data Driven Learning Max Entries : 128 VLAN Name : default Query Interval : 125 Max Response Time...
Page 249
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show mld_snooping group Command: show mld_snooping group Source/Group : 2001::2/FF1E::1 VLAN Name/VID : default/1 Member Ports : 12 UP Time Expiry Time : 258 Filter Mode : INCLUDE Total Entries : 1...
Page 250
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show mld_snooping rate_limit vlanid − Specifies a VLAN or range of VLANs that will be displayed. Only Administrator and Operator-level users can issue this command. Restrictions Example usage: To show rate limitation:...
Page 251
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show mld_snooping forwarding will be displayed. Restrictions None. Example usage: To view the current MLD snooping forwarding information: DGS-3700-12:5#show mld_snooping forwarding Command: show mld_snooping forwarding VLAN Name : default...
Page 252
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create mld_snooping static_group Purpose Used to display the current MLD snooping static group information on the Switch. Syntax create mld_snooping static_group [ vlan <vlan_name 32> | vlanid <vlanid_list> ] <ipv6addr>...
Page 253
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#delete mld_snooping static_group vlanid 1 FF12::1 Command: delete mld_snooping static_group vlanid 1 FF12::1 Success. DGS-3700-12:5# config mld_snooping static_group Purpose Used to configure the current MLD snooping static group on the Switch.
Page 254
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show mld_snooping statistic counter vlanid 1 Command: show mld_snooping statistic counter vlanid 1 VLAN Name : default -------------------------------------------------- Group Number Receive Statistics Query MLD v1 Query MLD v2 Query...
Page 255
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#clear mld_snooping statistic counter Command: clear mld_snooping statistic counter Success. DGS-3700-12:5# config mld_snooping data_driven_learning max_learned_entry Used to configure the max number of groups that can be learnt by data driven.
Page 256
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config mld_snooping data_driven_learning vlanid − The VID of the VLAN for which MLD snooping data driven learning is to be configured. state [enable | disable] − Allows users to enable or disable MLD snooping data driven learning for the specified VLAN.
Page 257
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show mld_snooping host <portlist> | group <ipv6addr>]} Description This command is used to display the MLD snooping host on the switch. vlan - Specify the VLAN name. It belongs to the host information to be displayed.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide (MSTP) C ULTIPLE PANNING ROTOCOL OMMANDS Back to Section Header This Switch supports three versions of the Spanning Tree Protocol: 802.1D-2004 STP-compatible, 802.1D- 2004 Rapid STP and 802.1Q-2005 MSTP. Multiple Spanning Tree Protocol, or MSTP, is a standard defined by the IEEE community that allows multiple VLANs to be mapped to a single spanning tree instance, which will provide multiple pathways across the network.
Page 259
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OMMAND ARAMETERS config stp mst_config_id {revision_level <int 0-65535> | name <string>} config stp mst_ports <portlist> instance_id <value 0-15> {internalCost [auto | value 1-200000000] | priority <value 0-240>} show stp show stp ports {<portlist>}...
Page 260
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config stp version Description This command allows the user to choose the version of the spanning tree to be implemented on the Switch. Parameters mstp – Selecting this parameter will set the Multiple Spanning Tree Protocol (MSTP) globally on the Switch.
Page 261
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config stp NOTE: In MSTP, the spanning tree is configured by port and therefore, the hellotime must be set using the configure stp ports command for switches utilizing the Multiple Spanning Tree Protocol.
Page 262
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config stp ports true - Specify full-duplex mode. false - Specify half-duplex mode. auto - The switch will authomatically determine the P2P mode. state - Decides if this port supports the STP functionality.
Page 263
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config stp instance_id Purpose Used to add or delete VID to/from an STP instance. Syntax config stp instance_id <value 1-15> [add_vlan | remove_vlan] <vidlist> This command is used to map VIDs (VLAN IDs) to previously configured STP Description instances on the Switch by creating an instance_id.
Page 264
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To delete STP instance ID 2 from the Switch. DGS-3700-12:5#delete stp instance_id 2 Command: delete stp instance_id 2 Success. DGS-3700-12:5# config stp priority Purpose Used to configure the bridge priority.
Page 265
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To configure the MSTP region of the Switch with revision_level 10 and the name “Trinity”: DGS-3700-12:5#config stp mst_config_id revision_level 10 name Trinity Command : config stp mst_config_id revision_level 10 name Trinity Success.
Page 266
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config stp mst_ports 1-5 instance_id 2 internalCost auto priority 16 Command : config stp mst_ports 1-5 instance_id 2 internalCost auto priority 16 Success. DGS-3700-12:5# show stp Used to display the Switch’s current STP configuration.
Page 267
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show stp Command: show stp STP Bridge Global Settings --------------------------- STP Status : Enabled STP Version : MSTP Max Age : 18 Forward Delay : 15 Max Hops : 15...
Page 268
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show stp instance_id Restrictions None. Example usage: To display the STP instance configuration for instance 0 (the internal CIST) on the Switch: DGS-3700-12:5#show stp instance 0 Command: show stp instance 0...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ACKET TORM OMMANDS Back to Section Header On a computer network, packets such as Multicast, Broadcast, and Unicast packets continually flood the network as normal procedure. At times, this traffic may increase do to a malicious endstation on the network or a malfunctioning device, such as a faulty network card.
Page 270
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config traffic control adding the new software traffic control mechanism, the user can now use both a hardware and software mechanism, the latter of which now provides shutdown, recovery and trap notification functions for the Switch.
Page 271
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To configure traffic control and enable broadcast storm control for ports 1-12: DGS-3700-12:5#config traffic control 1-12 broadcast enable action shutdown threshold 1 countdown 10 time_interval 10 Command: config traffic control 1-12 broadcast enable action shutdown threshold 1 countdown 10 time_interval 10 Success.
Page 272
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config traffic trap Parameters none – No notification will be generated or sent when a packet storm control is detected by the Switch. storm _occurred – A notification will be generated and sent when a packet storm has been detected by the Switch.
Page 273
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config traffic control log state disable – Don’t logged the storm event when a storm occurs or be cleared. Restrictions Only Administrator and Operator-level users can issue this command.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide IRRORING OMMANDS Back to Section Header The port mirroring commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND ARAMETERS config mirror port <port>...
Page 275
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config mirror port 1 add source ports 2-5 both Command: config mirror port 1 add source ports 2-5 both Success. DGS-3700-12:5# Example usage: To delete the mirroring ports: DGS-3700-12:5# config mirror port 1 delete source ports 2-4 both Command: config mirror port 1 delete source ports 2-4 both Success.
Page 276
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#disable mirror Command: disable mirror Success. DGS-3700-12:5# show mirror Used to show the current port mirroring configuration on the Switch. Purpose Syntax show mirror Description This command displays the current port mirroring configuration on the Switch.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ECURITY OMMANDS Back to Section Header The Switch’s port security commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND...
Page 278
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config port_security ports 1-5 admin_state enable max_learning_addr 5 lock_address_mode deleteonreset Command: config port_security ports 1-5 admin_state enable max_learning_addr 5 lock_address_mode deleteonreset Success. DGS-3700-12:5# delete port_security_entry Purpose Used to delete a port security entry by MAC address and VLAN ID.
Page 279
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5# clear port_security_entry ports 6 Command: clear port_security_entry ports 6 Success. DGS-3700-12:5# show port_security Used to display the current port security configuration. Purpose Syntax show port_security_entry {ports [<portlist> | all ] { [ vlan <vlan_name> | vlanid <vidlist>] }}...
Page 280
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#enable port_security trap_log Command: enable port_security trap_log Success. DGS-3700-12:5# disable port_security trap_log Used to disable the trap/log for port security. Purpose Syntax disable port_security trap_log Description This command is used to disable a port security trap/log. If the port security trap is disabled, no trap will be sent out for MAC violations.
Page 281
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config port_security system max_learning_addr 2048 Command: config port_security system max_learning_addr 2048 Success. DGS-3700-12:5# show port_security entry This command is used to show the maximum port-security entries that can be learned Purpose by a specific VLAN on a specific port.
Page 282
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To configure the port security: DGS-3700-12:5#config port_security vlan vlanid 1 max_learning_addr 64 Command: config port_security vlan vlanid 1 max_learning_addr 64 Success. DGS-3700-12:5# Page | 282...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide -Q C OMMANDS Back to Section Header The Q-in-Q commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND ARAMETERS...
Page 284
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config qinq ports Purpose This command is used to configure the Q-in-Q port parameters. Syntax [<portlist>|all] {role [uni | nni] | missdrop [enable | disable]| config qinq ports outer_tpid <hex 0x1 - 0xffff>| use_inner_priority [enable|disable]| add_inner_tag [<hex 0x1 - 0xffff>...
Page 285
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide disable qinq All dynamically learned L2 address will be cleared. All dynamically registered VLAN entries will be cleared. GVRP will be disabled. If you need to run GVRP on the switch, you shall enable GVRP manually.
Page 286
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show qinq ports Command: show qinq ports Port ID: --------------------------------------------------------- Role: Miss Drop: Disabled Outer Tpid: 0x8100 Use Inner Priority: Disabled Add Inner Tag: Disabled Port ID: --------------------------------------------------------- Role:...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide SPAN OMMANDS Back to Section Header The RSPAN commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND ARAMETERS enable rspan...
Page 290
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide disable rspan Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To disable RSPAN: DGS-3700-12:5#disable rspan Command: disable rspan Success. DGS-3700-12:5# create rspan vlan Used to create an RSPAN VLAN...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide MAC-B VLAN C TATIC ASED OMMANDS Back to Section Header The Static MAC-Based VLAN commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 294
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete mac_based_vlan mac_address − The MAC address. Parameters vlan − The VLAN to be associated with the MAC address. vlanid - Specify the VLAN ID to be associated with the MAC address.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide VLAN C TATIC UBNET OMMANDS Back to Section Header The Static Subnet VLAN commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 296
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete subnet_vlan Purpose Used to delete a static subnet VLAN entry. Syntax delete subnet_vlan [network <network_address> |ipv6network <ipv6networkaddr>] [vlan <vlan_name 32> |vlanid <vlanid 1-4094>] {priority <value 0-7>} This command is used to delete a subnet VLAN entry.
Page 297
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config vlan_precedence ports Purpose Used to configure the VLAN classification precedence. Syntax config vlan_precedence ports <portlist> [mac_based_vlan | subnet_vlan] This command is used to configure VLAN classification precedence on each port. You...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide RAFFIC EGMENTATION OMMANDS Back to Section Header Traffic segmentation allows users to further sub-divide VLANs into smaller groups of ports that will help to reduce traffic on the VLAN. The VLAN rules take precedence, and then the traffic segmentation rules are applied.
Page 299
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To display the current traffic segmentation configuration on the Switch: DGS-3700-12:5#show traffic_segmentation Command: show traffic_segmentation Traffic Segmentation Table Port Forward Portlist ---- --------------------------------------------------------- 1-12 1-12 1-12 1-12 1-12 1-12...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide VLAN C OMMANDS Back to Section Header The VLAN commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND ARAMETERS create vlan <vlan_name 32>...
Page 301
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create vlan Description This command allows the user to create a VLAN on the Switch. Parameters vlan <vlan_name 32> - Specify the name of the VLAN to be created.
Page 302
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#delete vlan v1 Command: delete vlan v1 Success. DGS-3700-12:5# delete vlan vlanid Used to delete multiple VLANs by VLAN ID on the switch. Purpose Syntax delete vlan vlanid <vidlist>...
Page 305
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#enable gvrp Command: enable gvrp Success. DGS-3700-12:5# disable gvrp Used to disable the Generic VLAN Registration Protocol (GVRP). Purpose Syntax disable gvrp Description This command, along with enable gvrp, is used to enable and disable GVRP on the Switch, without changing the GVRP configuration on the Switch.
Page 306
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show vlan Command: show vlan VLAN Trunk State : Disabled VLAN Trunk Member Ports : VLAN Name : default VLAN Type : Static Advertisement : Enabled Member Ports : 1:1-1:26,2:1-2:26...
Page 307
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show port_vlan 1-10 Command: show port_vlan 1-10 Port PVID GVRP Ingress Checking Acceptable Frame Type ------ ---- -------- --------------- --------------------- Disabled Enabled All Frames Disabled Enabled All Frames Disabled...
Page 308
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config dot1v_protocol_group add protocol Example: Ipv4 is 800, ipv6 is 86dd, ARP is 806,. and so on. For 'IEEE802.3 LLC', this is the 2-octet IEEE 802.2 Link Service Access Point (LSAP) pair: first octet is for Destination Service Access Point (DSAP), and second octet is for Source.
Page 309
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete dot1v_protocol_group − The id of protocol group which is used to identify a set of protocols. group_id Parameters group_name − The name of the protocol group. The maximum length is 32 characters.
Page 310
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config port dot1v vlan − Vlan that is to be associated with this protocol group on this port. vlan_id − Specifies the VLAN id. priority − Specifies the priority to be associated with the packet which has been classified to the specified vlan by the protocol.
Page 311
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable pvid auto_assign Purpose Enable/disable auto assignment of pvid. Syntax enable|disable pvid auto_assign The command enables the auto-assign of PVID. Description If “auto-assign PVID” is disabled, PVID only be changed by PVID configuration (user changes explicitly).
Page 312
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config gvrp for Leave time is 600 milliseconds; for LeaveAll time is 10000 milliseconds. The GVRP’s PDU MAC address can be set to which is defined in 802.1d or 802.1ad.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide VLAN C OUNTER OMMANDS Back to Section Header The VLAN counter commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 314
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete vlan_counter <portlist> [all | [all_frame | broadcast | multicast | unicast][packet | byte] ] ] ] Description This command deletes the control entry for VLAN traffic flow statistics.
Page 315
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show vlan_counter Parameters vlan_name – Specifies the VLAN name. vlanid – Specifies a list of VLANs by VLAN ID. When VLAN is not specified, all VLAN counters will be displayed.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide VLAN C OICE OMMANDS Back to Section Header The Voice VLAN commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 317
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide disable voice_vlan Syntax disable voice_vlan Description This command is used to disable the voice VLAN function on a Switch. When the voice VLAN function is disabled, the voice VLAN will become unassigned.
Page 319
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config voice_vlan ports 4-6 state enable Command: config voice_vlan ports 4-6 state enable Success. DGS-3700-12:5# To set voice VLAN ports 4 to 6 to auto mode: DGS-3700-12:5#config voice_vlan ports 4-6 mode auto Command: config voice_vlan ports 4-6 mode auto Success.
Page 320
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config voice_vlan aging_time 60 Command: config voice_vlan aging_time 60 Success. DGS-3700-12:5# show voice_vlan To display voice VLAN global information. Purpose Syntax show voice_vlan Description This command is used to display voice VLAN global information.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide AYER EATURES ECTION Table of Contents Next Section Previous Section ARP C OMMANDS Back to Section Header The ARP commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 324
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config arpentry <macaddr> − The MAC address corresponding to the IP address. Only Administrator and Operator-level users can issue this command. Restrictions Example usage: To configure a static arp entry for the IP address 10.48.74.12 and MAC address 00:50:BA:00:07:36: DGS-3700-12:5#config arpentry 10.48.74.12 00-50-BA-00-07-36...
Page 325
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config arp_aging time 30 Command: config arp_aging time 30 Success. DGS-3700-12:5# show arpentry Used to display the ARP table. Purpose Syntax show arpentry {ipif <ipif_name 12> | ipaddress <ipaddr> | static | mac_address <macaddr>}...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide IP C ASIC OMMANDS Back to Section Header The IP interface commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 328
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config ipif to the switch’s System. ipv6 - The IPv6 address and subnet prefix of the IPV6 address to be created. state - Enable or disable the state of the IP interface.
Page 329
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete ipif Syntax delete ipif [<ipif_name 12> {ipv6address <ipv6networkaddr>} | all] Description This command is used to delete an interface, all interfaces, or the IPv6 address of the interface.
Page 330
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide disable ipif Purpose Used to disable an IP interface on the switch. Syntax disable ipif [<ipif_name 12> | all ] This command is used to disable the state for an ipif.
Page 331
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable autoconfig Restrictions When autoconfig is enabled, the Switch becomes a DHCP client automatically (same as: config ipif System dhcp). The DHCP server must have the TFTP server IP address and configuration file name, and be configured to deliver this information in the data field of the DHCP reply packet.
Page 332
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To display the auto configuration status: DGS-3700-12:5#show autoconfig Command: show autoconfig Autoconfig State: Disabled DGS-3700-12:5# enable ipif_ipv6_link_local_auto Purpose Used to enable IPv6 link local auto configure on IP interfaces.
Page 333
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show ipif_ipv6_link_local_auto Purpose This command is used to show the IPv6 link local auto configure status. Syntax show ipif_ipv6_link_local_auto {<ipif_name 12>} This command is used to display the link local address automatic configuration state.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide BACK ETECTION OMMANDS Back to Section Header The Loop-back Detection commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND...
Page 335
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config loopdetect ports <portlist> − Specifies a range of ports for the loop-back detection Parameters all – Specifies all the ports used for the loop-back detection. state [enabled | disabled] – Allows the loop-back detection to be disabled and enabled.
Page 336
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show loopdetect Purpose Used to display the current loop-back detection settings on the switch. Syntax show loopdetect This command is used to display the current loop-back detection settings on the Description switch.
Page 337
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config loopdetect trap Parameters none – Trap will not be sent for both cases. loop_detected – Trap is sent when the loop condition is detected. loop_cleared – Trap is sent when the loop condition is cleared.
Page 338
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ANAGEMNET OMMANDS Back to Section Header The Out-of-Band Management commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. Parameters OMMAND config out_band_ipif {ipaddress <network_address>...
Page 339
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To display the out_band interface . DGS-3700-12:5#show out_band_ipif Command: show out_band_ipif Status : Enable IP Address : 192.168.0.1 Subnet Mask : 255.255.255.0 GateWay : 0.0.0.0 Link Status : LinkDown...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OUTING ABLE OMMANDS Back to Section Header The routing table commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND...
Page 341
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete iproute <network_address> - Specifies to remove an IP route by entering its network address. <ipaddr> - Specifies to enter the network address. Restrictions Only Administrator and Operator-level users can issue this command.
Page 342
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create ipv6route [primary | backup] – The user may choose between Primary and Backup. If the Primary Static/Default Route fails, the Backup Route will support the entry. Only Administrator and Operator-level users can issue this command.
Page 343
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12G:5#show ipv6route Command: show ipv6route IPv6 Prefix: ::/0 Protocol: Static Metric: 1 Next Hop : 3311::1 IPIF : System Backup : Primary Status : Inactive Total Entries: 1 DGS-3700-12G:5#...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide S) S UALITY OF ERVICE ECTION Table of Contents Next Section Previous Section OMMANDS Back to Section Header The Switch supports 802.1p priority queuing. The Switch has 8 priority queues. These priority queues are numbered from 7 (Class 7) —...
Page 345
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OMMAND ARAMETERS show mgmt_pkt_priority config per_queue bandwidth {ports [<portlist> | all ]} <cos_id_list 0-7> {{min_rate [no_limit | <value _control 64-1024000>]} max_rate [no_limit | <value 64-1024000>]} show per_queue bandwidth {<portlist>} _control Each command is listed, in detail, in the following sections.
Page 346
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To display port bandwidth control table: DGS-3700-12:5#show bandwidth_control 1-10 Command: show bandwidth_control 1-10 Bandwidth Control Table Port RX Rate TX Rate Effective RX Effective TX (Kbit/sec) (Kbit/sec) (Kbit/sec) (Kbit/sec)
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config scheduling Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To configure the traffic scheduling mechanism for each queue: DGS-3700-12G:5#config scheduling ports 10 3 strict Command: config scheduling ports 10 3 strict Success.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config 802.1p user_priority priority queues on the Switch. The Switch’s default is to map the following incoming 802.1p user priority values to the eight hardware priority queues: 802.1p Hardware Queue...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show 802.1 default_priority an incoming, untagged packet before being forwarded to its destination. Syntax show 802.1p default_priority {<portlist>} This command is used to display the currently configured 802.1p priority value that...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide disable hol_prevention Parameters None. Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To disable HOL prevention: DGS-3700-12:5#disable hol_prevention Command: disable hol_prevention Success. DGS-3700-12:5# show hol_prevention Purpose Used to show the HOL prevention state.
Page 353
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show mgmt_pkt_priority Syntax show mgmt_pkt_priority Description This command is used to display current priority of management packet. None. Parameters Restrictions None. Example usage: To display the current priority of management packets:...
Page 354
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config per_queue bandwidth _control <value 64-1024000> - An integer value from 64 to 1024000 sets a maximum limit in Kbits/sec. The specified bandwidth limit may be equaled but not exceeded.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide RED C IMPLE OMMANDS Back to Section Header The Simple RED commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 356
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To disable sred: DGS-3700-12:5#disable sred Command: disable sred Success. DGS-3700-12:5# config sred Purpose Used to config the simple RED parameter. Syntax config sred [<portlist>|all] [<class_id 0-7>|all] { threshold {low <value 0-100>|high<value 0-100>} | drop_rate {low<value 1-8>|high<value 1-8>}|...
Page 357
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To configure sred: DGS-3700-12:5# config sred all all threshold low 64 high 80 drop_rate low 8 high 8 drop_green disable Command: config sred all all threshold low 64 high 80 drop_rate low 8 high 8 drop_green disable Success.
Page 358
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show sred drop_counter Syntax show sred drop_counter {<portlist>} Description This command is used to display, for the egress port, the count of dropped packets portlist − A range of ports to show.
Page 359
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show dscp trust Description This command is used to display DSCP trsut state. portlist − A range of ports to display. Parameters Restrictions None. Example usage: To display the DSCP trust state:...
Page 360
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config dscp map dscp_color − Specifies a list of DSCP value to be mapped to a specific color. color − Specifies the result color of mapping. Restrictions Only Administrator and Operator-level users can issue this command.
Page 361
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show dscp map dscp_color Command: show dscp map dscp_color DSCP to Color Mapping: Port 1 DSCP 0-63 is mapped to Green Port 2 DSCP 0-63 is mapped to Green...
Page 362
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: This show 802.1p map: DGS-3700-12:5#show 802.1p map 1p_color Command: show 802.1p map 1p_color 802.1p to Color Mapping: ------------------------------------------------------------ Port 0 ---- ------ ------ ------ ------ ------ ------ ------ ------...
Page 363
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide (ACL) S CCESS ONTROL ECTION Table of Contents Next Section Previous Section (ACL) C CCESS ONTROL OMMANDS Back to Section Header The Switch implements Access Control Lists that enable the Switch to control network access to specific devices or device groups based on IP settings and MAC address.
Page 366
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide between 10.42.73.0 and 10.42.73.255, and specify the port that will not be allowed: config access_profile profile_id 1 add access_id 1 ip source_ip 10.42.73.1 port 7 deny We use the profile_id 1 which was specified when the access profile was created. The add parameter instructs the Switch to add the criteria that follows to the list of rules that are associated with access profile 1.
Page 367
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create access_profile user may enter a profile ID number between 1 - 12, yet, remember only 12 access profiles can be created on the Switch. profile_name <name 1-32> − Specifies the name of the profile. The maximum length is 32 characters.
Page 368
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create access_profile user_define_mask <hex 0x0-0xffffffff> − Specifies that the rule applies to the IP protocol ID and the mask options behind the IP header. packet_content_mask – Allows users to examine up to 4 specified offset_chunk within...
Page 369
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete access_profile Purpose Used to delete a previously created access profile. Syntax delete access_profile [profile_id <value 1-12> | all | profile_name <name 1-32 >] This command is used to delete a previously created access profile on the Switch.
Page 371
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config access_profile Protocol (IGMP) field within each packet. type <value 0-255> − Specifies that the access profile will apply to packets that have this IGMP type value. tcp − Specifies that the Switch will examine the Transmission Control Protocol (TCP) field within each packet.
Page 372
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config access_profile src_port_mask <hex 0x0-0xffff> − Specifies a TCP port mask for the source port. dst_port_mask <hex 0x0-0xffff> − Specifies a TCP port mask for the destination port. udp - Specifies that the Switch will examine each frame’s User Datagram Protocol (UDP) field.
LAN (known as ARP spoofing attack). For a more detailed explaination on how ARP protocol works and how to employ D-Link’s advanced unique Packet Content ACL to prevent an ARP spoofing attack, please see Appendix B, at the end of this manual.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show access_profile Command: show access_profile Access Profile Table Total User Set Rule Entries : 0 Total Used HW Entries Total Available HW Entries : 1536 ================================================================================ Profile ID: 5...
Page 375
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create cpu access_profile using the create cpu access_profile command, below. profile_id <value 1-5> − Enter an integer between 1 and 5 that is used to identify the Parameters CPU access profile to be created with this command.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create cpu access_profile offset_0-15 − Enter a value in hex form to mask the packet from byte 0 to byte 15. offset_16-31 − Enter a value in hex form to mask the packet from byte 16 to byte 31.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#delete cpu access_profile profile_id 1 Command: delete cpu access_profile profile_id 1 Success. DGS-3700-12:5# config cpu access_profile Used to configure a CPU access profile used for CPU Interface Filtering and to define...
Page 378
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config cpu access_profile ip − Specifies that the Switch will look into the IP fields in each packet. vlan <vlan_name 32> | vlan_id <vlanid 1-4094> − Specifies that the access profile will apply to only this VLAN.
Page 379
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config cpu access_profile offset_64-79 − Enters a value in hex form to mask the packet from byte 64 to byte 79. IPV6 − Denotes that IPv6 packets will be examined by the Switch for forwarding or filtering based on the rules configured in the config access_profile command for IPv6.
Page 380
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show cpu access_profile Command: show cpu access_profile CPU Interface Filtering State: Disabled CPU Interface Access Profile Table Total Unused Rule Entries:499 Total Used Rule Entries ================================================================================ Profile ID: 1...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#enable cpu_interface_filtering Command: enable cpu_interface_filtering Success. DGS-3700-12:5# disable cpu_interface_filtering Purpose Used to disable CPU interface filtering on the Switch. Syntax disable cpu_interface_filtering This command is used in conjunction with the enable cpu_interface_filtering Description command above to enable and disable CPU interface filtering on the Switch.
Page 382
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config flow_meter burst_size - Specify the burst size for the single rate two color mode. The unit is Kbytes. rate_exceed - Specify the action for packets that exceed the committed rate in single rate two color mode.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config time_range specifying which time range in a day and which days in a week are covered in the time range. Note that the specified time range is based on SNTP time or configured time.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show current_config access_profile Purpose This command displays the ACL part of current configuration. Syntax show current_config access_profile This command displays the ACL privilege of the current configuration in user level of Description privilege.
Page 386
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ECURITY ECTION Table of Contents Next Section Previous Section 802.1X VLAN C UEST OMMANDS Back to Section Header The Switch implements the server-side of the IEEE 802.1X Port-based and MAC-based Network Access Control.
Page 388
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To disable 802.1X on the Switch: DGS-3700-12:5#disable 802.1x Command: disable 802.1x Success. DGS-3700-12:5# create 802.1x user This command is used to create an 802.1X local user. Purpose Syntax create 802.1x user <username 15>...
Page 389
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show 802.1x user Restrictions None. Example usage: To display the 802.1X local user information: DGS-3700-12:5#show 802.1x user Command: show 802.1x user Current Accounts: Username Password -------------- --------------- test Total Entries:1 DGS-3700-12:5# config 802.1x max_users...
Page 390
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config 802.1x auth_protocol radius_eap Command: config 802.1x auth_protocol radius_eap Success. DGS-3700-12:5# config 802.1x fwd_pdu system Used to configure forwarding of EAPOL PDU when 802.1X is disabled. Purpose Syntax config 802.1x fwd_pdu system [enable | disable] Description This command is a global setting to control the forwarding of EAPOL PDU.
Page 391
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config 802.1x fwd_pdu ports 1-2 enable Command: config 802.1x fwd_pdu ports 1-2 enable Success. DGS-3700-12:5# show 802.1x Used to display the 802.1X state or configurations. Purpose Syntax show 802.1x [auth_state | auth_configuration] {ports <portlist|all>} Description This command is used to display the 802.1X state or configurations.
Page 392
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config 802.1x capability Description This command is used to configure the port capability. portlist − Specifies a range of ports to be configured. Parameters all − Specifies all of ports to be configured.
Page 393
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config 802.1x auth_parameter can be any number among 1 to 10. max_users <value 1-128> – Specifies the maximum number of users. The range is 1 to 128 or no_limit. The default is 128 users.
Page 394
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config 802.1x init Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To initialize the authentication state machine of all the ports: DGS-3700-12:5#config 802.1x init port_based ports all Command: config 802.1x init port_based ports all...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config 802.1x guest_vlan ports 1-5 state enable Command: config 802.1x guest_vlan ports 1-5 state enable Success. DGS-3700-12:5# show 802.1x guest_vlan Used to view the configurations for a 802.1X Guest VLAN.
Page 397
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#delete 802.1x guest_vlan Trinity Command: delete 802.1x guest_vlan Trinity Success. DGS-3700-12:5# config radius add Used to configure the settings the Switch will use to communicate with a RADIUS Purpose server.
Page 398
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To delete a previously entered RADIUS server communication settings: DGS-3700-12:5#config radius delete 1 Command: config radius delete 1 Success. DGS-3700-12:5# config radius Purpose Used to configure the Switch’s RADIUS settings.
Page 399
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To display RADIUS settings on the Switch: DGS-3700-12:5#show radius Command: show radius Index 1 IP Address : 10.48.74.121 Auth-Port : 1812 Acct-Port : 1813 Timeout Retransmit : dlink_default...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show auth_diagnostics Restrictions None. Example usage: To display authenticator diagnostics information from port 1: DGS-3700-12:5#show auth_diagnostics ports 1 Command: show auth_diagnostics ports 1 Port Number: 1 EntersConnecting EapLogoffsWhileConnecting EntersAuthenticating...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show acct_client Purpose Used to display account client information. Syntax show acct_client This command is used to display account client information Description Parameters None. None. Restrictions Example usage: To display account client information:...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To configure the accounting service: DGS-3700-12:5#config accounting service shell state enable Command: config accounting service shell state enable Success. DGS-3700-12:5# show accounting service Used to show the RADIUS accounting services’ status.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide CCESS UTHENTICATION ONTROL OMMANDS Back to Section Header The TACACS / XTACACS / TACACS+ / RADIUS commands allows secure access to the Switch using the TACACS / XTACACS / TACACS+ / RADIUS protocols. When a user logs in to the Switch or tries to access the administrator level privilege, he or she is prompted for a password.
Page 405
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide be listed in an order preferable, and defined by the user for normal user authentication on the Switch, and may contain up to eight authentication techniques. When a user attempts to access the Switch, the Switch will select the first technique listed for authentication.
Page 407
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#disable authen_policy Command: disable authen_policy Success. DGS-3700-12:5# show authen_policy Used to display the system access authentication policy status on the Switch. Purpose Syntax show authen_policy Description This command will show the current status of the access authentication policy on the Switch.
Page 408
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config authen_login authentication methods for users logging on to the Switch. The sequence of methods implemented in this command will affect the authentication result. For example, if a user enters a sequence of methods like tacacs – xtacacs – local, the Switch will send an authentication request to the first tacacs host in the server group.
Page 409
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config authen_login Switch. local − Adding this parameter will require the user to be authenticated using the local user account database on the Switch. none – Adding this parameter will require no authentication to access the Switch.
Page 410
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show authen_login Purpose Used to display a previously configured user defined method list of authentication methods for users logging on to the Switch. Syntax show authen_login [default | method_list_name <string 15> | all] Description This command is used to show a list of authentication methods for user login.
Page 411
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create authen_enable method_list_name implemented on the Switch. <string 15> − Enter an alphanumeric string of up to 15 characters to define the given Parameters enable method list to create.
Page 412
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config authen_enable RADIUS protocol from the remote RADIUS server hosts of the RADIUS server group list. server_group <string 15> − Adding this parameter will require the user to be authenticated using a user-defined server group previously configured on the Switch.
Page 413
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete authen_enable method_list_name Purpose Used to delete a user-defined method list of authentication methods for promoting normal user level privileges to Administrator level privileges on the Switch. Syntax delete authen_enable method_list_name <string 15>...
Page 414
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To display all method lists for promoting user level privileges to administrator level privileges. DGS-3700-12:5#show authen_enable all Command: show authen_enable all Method List Name Priority Method Name Comment ----------------...
Page 415
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config authen application http login default Command: config authen application http login default Success. DGS-3700-12:5# show authen application Used to display authentication methods for the various applications on the Switch.
Page 416
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create authen server_host radius − Enter this parameter if the server host utilizes the RADIUS protocol. port <int 1-65535> − Enter a number between 1 and 65535 to define the virtual port number of the authentication protocol on a server host.
Page 417
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config authen server_host port <int 1-65535> − Enter a number between 1 and 65535 to define the virtual port number of the authentication protocol on a server host. The default port number is 49 for TACACS/XTACACS/TACACS+ servers and 1812 and 1813 for RADIUS servers but the user may set a unique port number for higher security.
Page 418
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show authen server_host Purpose Used to view a user-defined authentication server host. Syntax show authen server_host This command is used to view user-defined authentication server hosts previously Description created on the Switch.
Page 420
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5# config authen server_group group_1 add server_host 10.1.1.121 protocol tacacs+ Command: config authen server_group group_1 add server_host 10.1.1.121 protocol tacacs+ Success. DGS-3700-12:5# delete authen server_group Used to delete a user-defined authentication server group.
Page 421
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show authen server_group Command: show authen server_group Server Group : mix_1 Group Name IP Address Protocol --------------- -------------- -------- mix_1 10.1.1.222 TACACS+ 10.1.1.223 TACACS radius 10.1.1.224 RADIUS tacacs 10.1.1.225...
Page 422
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config authen parameter attempt Restrictions Only Administrator-level users can issue this command. Example usage: To set the maximum number of authentication attempts at 5: DGS-3700-12:5# config authen parameter attempt 5 Command: config authen parameter attempt 5 Success.
Page 423
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable admin Parameters None. Restrictions None. Example usage: To enable administrator privileges on the Switch: DGS-3700-12:5#enable admin Password: ****** DGS-3700-12:5# config admin local_enable Purpose Used to configure the local enable password for administrator level privileges.
The maximum number of IP-MAC binding entries is dependant on chip capability (e.g. the ARP table size) and storage size of the device. For the DGS-3700 Series, the maximum number of IP-MAC Binding entries is 511. The creation of authorized users can be manually configured by CLI or Web.
Page 427
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config address_binding ip_mac ports filtering table, and one IPv6 entry is allowed to be forwarded, all IPv4 packets get forwarded. strict − This mode provides a more strict way of control.
Page 428
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create address_binding ip_mac ipaddress automatically. If user do not choose acl mode or arp mode, default is arp mode. ipaddress − The IP address of the device where the IP-MAC binding is made.
Page 429
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide delete address_binding Syntax delete address_binding [all | ipaddress <ipaddr> mac_address <macaddr>]| ipv6address <ipv6addr> mac_address <macaddr> | blocked [all | vlan_name <vlan_name> mac_address <macaddr>]] This command is used to delete an address binding entry.
Page 430
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config address_binding ip_mac ipaddress 10.1.1.1 mac_address 00-00-00-00- 00-11 Command: config address_binding ip_mac ipaddress 10.1.1.1 mac_address 00-00-00-00-00-11 Success. DGS-3700-12:5# To configure address_binding on the Switch to port 1: DGS-3700-12:5#config address_binding ip_mac ipaddress 10.1.1.1 mac_address 00-00-00-00- 00-11 ports 1 Command: config address_binding ip_mac ipaddress 10.1.1.1 mac_address 00-00-00-00-00-11...
Page 431
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To show the address binding global configuration: DGS-3700-12:5#show address_binding Command: show address_binding Trap/Log : Disabled ARP Inspection : Disabled DHCP Snoop(IPv4) : Disabled DHCP Snoop(IPv6) : Disabled ND Snoop...
Page 432
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show address_binding blocked all Command: show address_binding blocked all VLAN Name MAC Address Port ---- --------- ----------------- ---------- default 00-01-02-03-29-38 default 00-0C-6E-5C-67-F4 default 00-0C-F8-20-90-01 default 00-0E-35-C7-FA-3F default 00-0E-A6-8F-72-EA default...
Page 433
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable address_binding dhcp_snoop The auto-learned IP-MAC binding entry will be mapped to a specific source port based on the MAC address learning function. This entry will be created as an Auto- mode binding entry for this specific port.
Page 434
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#disable address_binding dhcp_snoop Command: disable address_binding dhcp_snoop Success. DGS-3700-12:5# clear address_binding dhcp_snoop binding_entry ports To clear the address binding entries learned for the specified ports. Purpose Syntax clear address_binding dhcp_snoop binding_entry ports [ <portlist>|all ] {[ipv6 |...
Page 435
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show address_binding dhcp_snoop binding_entry Command: show address_binding dhcp_snoop binding_entry LT(Lease Time) ST(Status) - A:Active I:Inactive IP Address MAC Address LT(sec) Port --------------------------------------- ----------------- ---------- ----- -- 10.62.58.35 00-0B-5D-05-34-0B 35964 10.33.53.82...
Page 437
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable address_binding arp_inspection ASP’s behavior. The unknown ARP packets will be checked by IMPB. When IMPB enabled ports works on strict mode, ARP inspection will be enabled, otherwise, ARP inspection will be disabled.
Page 438
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12G:5# enable address_binding nd_snoop Command: enable address_binding nd_snoop Success. DGS-3700-12G:5# disable address_binding nd_snoop This command is used to disable ND Snooping on the switch. Purpose Syntax disable address_binding nd_snoop Description This command allows the user to disable ND Snooping on switch.
Page 439
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config address_binding recover_learning ports Description Use this command to recover the IMPB check function, which was previously stopped. Parameters ports - Specifies the list of ports that need to recover the IMPB check.
Page 440
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12G:5#show address_binding nd_snoop ports 1-12 Command: show address_binding nd_snoop ports 1-12 Port Max Entry ------- ------- No Limit No Limit No Limit No Limit No Limit No Limit No Limit...
Page 441
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To clear ND Snooping entry on ports 1-3: DGS-3700-12G:5# clear address_binding nd_snoop binding_entry ports 1-3 Command: clear address_binding nd_snoop binding_entry ports 1-3 Success. DGS-3700-12G:5# debug address_binding Purpose Start the IMPB debug when the IMPB module receives an ARP/IP packet or a DHCP packet.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide MAC- BASED CCESS ONTROL OMMANDS Back to Section Header The MAC-based Access Control Commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 443
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable mac_based_access_control Syntax enable mac_based_access_control Description This command is used to enable the MAC-based Access Control function. None. Parameters Restrictions Only Administrator and Operator-level users can issue this command.
Page 444
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config mac_based_access_control password 123 Command: config mac_based_access_control password 123 Success. DGS-3700-12:5# config mac_based_access_control method This command is used to configure the mac_based_access_control authentication Purpose method Syntax config mac_based_access_control method [local | radius]...
Page 445
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config mac_based_access_control ports the option host_based for ports that are in guest VLAN mode. aging_time - A time period during which an authenticated host will be kept in the authenticated state.
Page 446
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create mac_based_access_control guest_vlan guest_vlan − If the MAC address is unauthorized, the port will be assigned to this Parameters VLAN. guest_vlanid – guest VLAN ID, if the MAC address is authorized, the port will be assigned to this vlan.
Page 447
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To create a MAC-based access control local entry: DGS-3700-12:5#create mac_based_access_control_local mac 00-00-00-00-00-01 vlan default Command: create mac_based_access_control_local mac 00-00-00-00-00-01 vlan default Success. DGS-3700-12:5# config mac_based_access_control_local Purpose Used to configure the local database entry.
Page 448
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#delete mac_based_access_control_local mac 00-00-00-00-00-01 Command: delete mac_based_access_control_local mac 00-00-00-00-00-01 Success. DGS-3700-12:5# To delete MAC-based access control local by VLAN name: DGS-3700-12:5#delete mac_based_access_control_local vlan default Command: delete mac_based_access_control_local vlan default Success.
Page 449
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To show MAC-based access control port: DGS-3700-12G:5#show mac_based_access_control ports 1-9 Command: show mac_based_access_control ports 1-9 Port State Aging Time Block Time Auth Mode Max User (min) (sec) ----- --------...
Page 450
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show mac_based_access_control_local mac 00-00-00-00-00-05 Command: show mac_based_access_control_local mac 00-00-00-00-00-05 MAC Address --------------------------- ---- 00-00-00-00-00-05 Total Entries:1 DGS-3700-12:5# To show MAC-based access control local by VLAN name: DGS-3700-12:5#show mac_based_access_control_local vlan VLAN2...
Page 451
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#clear mac_based_access_control auth_state ports all Command: clear mac_based_access_control auth_state ports all Success. DGS-3700-12:5# config mac_based_access_control max_users To configure the MAC-based access control maximum number of authorized users. Purpose Syntax config mac_based_access_control max_users [<value 1-1000>...
Page 452
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage To disable the configuration authorized from the local database: DGS-3700-12:5#config mac_based_access_control authorization attributes local disable Command: config mac_based_access_control authorization attributes local disable Success. DGS-3700-12:5# show mac_based_access_control auth_state ports Purpose To display MAC-based access control authentication MAC information.
Page 453
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12G:5#config mac_based_access_control log state disable Command: config mac_based_access_control log state disable Success. DGS-3700-12G:5# config mac_based_access_control trap This command is used to enable or disable sending of MAC-based Access Control Purpose traps.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OMPOUND UTHENTICATION OMMANDS Back to Section Header The Compound Authentication commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table. OMMAND...
Page 455
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#create authentication guest_vlan vlan guestVLAN Command: create authentication guest_vlan vlan guestVLAN Success. DGS-3700-12:5# delete authentication guest_vlan To delete a guest VLAN configuration. Purpose Syntax delete authentication guest_vlan [vlan <vlan_name 32> | vlanid <vlanid 1-4094>] Description This command is used to delete a guest VLAN setting, but not a static VLAN.
Page 457
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show authentication Purpose To display the global authentication configuration. Syntax show authentication This command is used to display the global authentication configuration. Description Parameters None. None. Restrictions Usage example:...
Page 458
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show authentication ports 1-3 Command: show authentication ports 1-3 Port Methods Authorized Mode ---- --------------- ------------------- None Host_based None Host_based None Host_based DGS-3700-12:5# enable authorization attributes Purpose To enable the authorization global state.
Page 459
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Usage example: To display the authorization status: DGS-3700-12:5#show authorization Command: show authorization Authorization for Atributes: Enabled DGS-3700-12:5# config authentication server failover Purpose To configure the authentication server failover function.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide SSH C OMMANDS Back to Section Header The steps required to use the Secure Shell (SSH) protocol for secure communication between a remote PC (the SSH Client) and the Switch (the SSH Server), are as follows: Create a user account with admin-level access using the create account admin <username>...
Page 461
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To enable SSH: DGS-3700-12G:5#enable ssh Command: enable ssh TELNET will be disabled when enable SSH. Success. DGS-3700-12G:5# disable ssh Purpose Used to disable SSH. Syntax disable ssh This command allows users to disable SSH on the Switch.
Page 462
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config ssh authmode password enable Command: config ssh authmode password enable Success. DGS-3700-12:5# show ssh authmode Used to display the SSH authentication mode settings. Purpose Syntax show ssh authmode Description This command is used to display the current SSH authentication set on the Switch.
Page 463
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config ssh server maxsession 2 contimeout 300 authfail 2 Command: config ssh server maxsession 2 contimeout 300 authfail 2 Success. DGS-3700-12:5# show ssh server Used to display the SSH server setting.
Page 464
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To configure the SSH user: DGS-3700-12:5#config ssh user Trinity authmode password Command: config ssh user Trinity authmode password Success. DGS-3700-12:5# show ssh user authmode Purpose Used to display the SSH user setting.
Page 465
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config ssh algorithm AES256 encryption algorithm. arcfour − This parameter will enable or disable the Arcfour encryption algorithm. blowfish − This parameter will enable or disable the Blowfish encryption algorithm.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide SSL C OMMANDS Back to Section Header Secure Sockets Layer or SSL is a security feature that will provide a secure communication path between a host and client through the use of authentication, digital signatures and encryption.
Page 468
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OMMAND ARAMETERS download ssl certificate <ipaddr> certfilename <path_filename 64> keyfilename <path_filename 64> Each command is listed, in detail, in the following sections. enable ssl To enable the SSL function on the Switch.
Page 469
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide NOTE: Enabling the SSL function on the Switch will disable the port for the web manager (port 80). To log on to the web based manager, the entry of the URL must begin with https://.
Page 470
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config ssl cachetimeout SSL session to reuse the master key on future connections with that particular host, therefore speeding up the negotiation process. timeout <value 60-86400> − Enter a timeout value between 60 and 86400 seconds to...
Page 471
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show ssl Command: show ssl SSL status Enabled RSA_WITH_RC4_128_MD5 Enabled RSA_WITH_3DES_EDE_CBC_SHA Enabled DHE_DSS_WITH_3DES_EDE_CBC_SHA Enabled RSA_EXPORT_WITH_RC4_40_MD5 Enabled DGS-3700-12:5# download ssl certificate Purpose Used to download a certificate file for the SSL function on the Switch.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide BASED CCESS ONTROL OMMANDS Back to Section Header The Web-based Access Control commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 473
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#enable wac Command: enable wac Success. DGS-3700-12:5# disable wac To disable the WAC function. Purpose Syntax disable wac Description This command is used to disable the WAC function. None.
Page 475
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config wac method Purpose To configure the WAC method. Syntax config wac method [local | radius] This command is used to allow specification of the RADIUS protocol used by WAC Description to complete RADIUS authentication.
Page 476
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To clear a WAC default redirect path: DGS-3700-12:5#config wac clear_default_redirpath Success. DGS-3700-12:5# config wac virtual_ip Purpose To configure the WAC virtual IP address used to accept authentication requests from unauthenticated hosts.
Page 477
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config wac switch_http_port 8888 http Command: config wac switch_http_port 8888 http Success. DGS-3700-12:5# create wac user This command is used to create a local WAC user. Purpose Syntax create wac user <username 15> { [vlan <vlan_name 32> | vlanid <vlanid 1- 4094>] }...
Page 478
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config wac user Description This command is used to change the VLAN associated with a user. Parameters <username 15> - Specify the name of user account which will change its VID.
Page 479
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show wac ports 1-3 Command: show wac ports 1-3 Port State Aging Time Idle Time Block Time (Minutes) (Minutes) (Seconds) ------- -------- ------------ ---------- ----------- Disabled 1440 Infinite Disabled...
Page 480
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show wac auth_state ports Command: show wac auth_state ports P:Port-Based Pri:Priority Port MAC Address Original State Pri Aging Time/ Idle RX VID Block Time Time ----- ------------------ --------- -------------- ---- --- ------------ ----...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ETWORK PPLICATION ECTION Table of Contents Next Section Previous Section DHCP L OCAL ELAY OMMANDS Back to Section Header The DHCP local relay commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 482
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable dhcp_local_relay Restrictions Only Administrator-level users can issue this command. Example usage: To enable the DHCP local relay function: DGS-3700-12:5#enable dhcp_local_relay Command: enable dhcp_local_relay Success. DGS-3700-12:5# disable dhcp_local_relay To disable the DHCP local relay function.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DHCP R ELAY OMMANDS Back to Section Header The DHCP relay commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 485
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config dhcp_relay DHCP packets can cross. time <sec 0-65535> − If this time is exceeded, the Switch will relay the DHCP packet. Restrictions Only Administrator and Operator-level users can issue this command.
Page 486
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config dhcp_relay delete ipif System 10.58.44.6 Command: config dhcp_relay delete ipif System 10.58.44.6 Success. DGS-3700-12:5# config dhcp_relay option_60 state This command is used to configure the state of DHCP relay agent information option Purpose 60 of the switch.
Page 487
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config dhcp_relay option_60 add string "abc" relay 10.90.90.1 exact-match Command: config dhcp_relay option_60 add string "abc" relay 10.90.90.1 exact-match Success. DGS-3700-12:5# config dhcp_relay option_60 default This command is used to configure dhcp_relay option_60 default relay servers...
Page 488
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config dhcp_relay option_60 delete all Command: config dhcp_relay option_60 delete all Success. DGS-3700-12:5# show dhcp_relay option_60 This command is used to show dhcp_relay option_60 entry. Purpose Syntax show dhcp_relay option_60 {[string <mutiword 255>| ipaddress <ipaddr>|...
Page 489
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config dhcp_relay option_61 state enable Command: config dhcp_relay option_61 state enable Success. DGS-3700-12:5# config dhcp_relay option_61 add This command is used to add a rule for dhcp_relay option_61. Purpose Syntax config dhcp_relay option_61 add [mac_address <macaddr>...
Page 490
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config dhcp_relay option_61 default drop Command: config dhcp_relay option_61 default drop Success. DGS-3700-12:5# config dhcp_relay option_61 delete This command is used to delete an option 61 rule. Purpose Syntax config dhcp_relay option_61 delete [mac_address <macaddr>...
Page 491
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config dhcp_relay option_82 state Purpose Used to configure the state of DHCP relay agent information option 82 of the switch. Syntax config dhcp_relay option_82 state [enable | disable] This command is used to configure the state of DHCP relay agent information option Description 82 of the switch.
Page 492
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config dhcp_relay option_82 check enable Command: config dhcp_relay option_82 check enable Success. DGS-3700-12:5# config dhcp_relay option_82 remote_id Used to configure the remote ID of DHCP relay agent information option 82 of the Purpose switch.
Page 493
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show dhcp_relay Purpose Used to display the current DHCP/BOOTP relay configuration. Syntax show dhcp_relay {ipif <ipif_name 12>} This command will display the current DHCP relay configuration for the Switch, or if...
Page 494
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable dhcp_relay Description This command is used to enable the DHCP/BOOTP relay function on the Switch. Parameters None. Only Administrator and Operator-level users can issue this command. Restrictions Example usage:...
Page 495
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config dhcpv6_relay Purpose This command is used to add or delete an IP destination address to and from the switch’s DHCPv6 relay table. Syntax config dhcpv6_relay [add | delete] ipif <ipif_name 12> <ipv6addr>...
Page 496
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show dhcpv6_relay Parameters ipif - The name of the IP interface for which to display the current DHCPv6 relay configuration. If no IP interface is specified, all configured DHCPv6 relay interfaces are displayed.
Page 497
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide enable dhcpv6_relay Parameters None Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To enable the DHCPv6 relay option: DGS-3700-12G:5#enable dhcpv6_relay Command: enable dhcpv6_relay Success. DGS-3700-12G:5#...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DHCP S ERVER OMMANDS Back to Section Header The DHCP Server commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 499
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create dhcp excluded_address begin_address Purpose Used to create the DHCP Server exclude address. Syntax create dhcp excluded_address begin_address <ipaddr> end_address <ipaddr> This command is used to create a DHCP server exclude address. The DHCP server...
Page 500
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To display the DHCP server excluded addresses: DGS-3700-12:5#show dhcp excluded_address Command: show dhcp excluded_address Index Begin Address End Address ----- ------------- -------------- 192.168.01 192.168.0.100 10.10.10.10 10.10.10.11 Total Entries : 2...
Page 501
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config dhcp pool network_addr Purpose Used to configure the current DHCP Server pool information. Syntax config dhcp pool network_addr <pool_name 12> <network_address> This command is used to specify the network for the DHCP pool. The addresses in the Description network are free to be assigned to the DHCP client.
Page 502
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config dhcp pool dns_server Syntax config dhcp pool dns_server <pool_name 12> {<ipaddr>} {<ipaddr>} {<ipaddr>} Description If DNS server is not specified, the DNS server information will not be provided to the client.
Page 503
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config dhcp pool netbios_node_type broadcast - Specify the NetBIOS node type for Microsoft DHCP clients as broadcast. peer_to_peer - Specify the NetBIOS node type for Microsoft DHCP clients as peer_to_peer.
Page 504
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config dhcp pool lease <minute 0-59> - Specify the number of minutes of the lease. infinite - Specify a lease of unlimited duration. Restrictions Only Administrator-level users can issue this command.
Page 505
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config dhcp pool next_server engineering 192.168.0.1 Command: config dhcp pool next_server engineering 192.168.0.1 Success. DGS-3700-12:5# config dhcp ping_packets Used to configure the DHCP Server feature of the switch. Purpose Syntax config dhcp ping_packets <number 0-10>...
Page 506
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide create dhcp pool manual_binding The IP address of a client can be assigned manually by an administrator or assigned automatically from a pool by a DHCP server. The dynamic binding entry will be created when an IP address is assigned to the client from the pool network’s...
Page 507
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide clear dhcp binding Purpose Used to delete the DHCP Server binding. Syntax clear dhcp binding [<pool_name 12> [<ipaddr> | all] | all] This command is used to clear a binding entry or all binding entries in a pool or clears Description all binding entries in all pools.
Page 508
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Example usage: To display dynamic binding entries for “engineering”: DGS-3700-12:5#show dhcp pool engineering Command: show dhcp pool engineering Pool Name : engineering Network Address : 10.10.10.0/24 Domain Name : dlink.com DNS Server : 10.10.10.1...
Page 509
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To enable DHCP server: DGS-3700-12:5#enable dhcp_server Command: enable dhcp_server Success. DGS-3700-12:5# disable dhcp_server Purpose Used to disable the DHCP Server function on the switch. Syntax disable dhcp_server This command is used to disable the DHCP server function on the switch.
Page 510
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide clear dhcp conflict_ip Restrictions Only Administrator-level users can issue this command. Example usage: To clear an IP address 10.20.3.4 from the conflict database: DGS-3700-12:5#clear dhcp conflict_ip 10.20.3.4 Command: clear dhcp conflict_ip 10.20.3.4 Success.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide (OAM) S BJECT CCESS ETHOD ECTION Table of Contents Next Section Previous Section CFM EXTENSION (ITU-T Y.1731) Back to Section Header The CFM Extension commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 512
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config cfm ais disable - AIS function disabled. level -The client level id to which the MEP sends AIS PDU. The default client MD level is MD level at which the most immediate client layer MIPs and MEPs exist.
Page 513
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide cfm lock Purpose Used to start/stop a management lock. Syntax cfm lock md <string 22> ma <string 22> mepid <int 1-8191> remote_mepid <int 1-8191> action [start | stop] Description This command is used to start/stop cfm management lock.
Page 515
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show cfm Command: show cfm Name : mep1 MEPID Port Direction : Inward CFM Port State : Enabled MAC Address : XX-XX-XX-XX-XX-XX MEP State : Enabled CCM State : Enabled...
Page 516
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show cfm fault Parameters md – Specifies the maintenance domain name. ma – Specifies the maintenance association name. Restrictions None. Example usage: To display CFM fault: DGS-3700-12:4# show cfm fault...
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ONNECTIVITY AULT ANAGEMENT OMMANDS Back to Section Header The Connectivity Fault Management commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 518
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OMMAND ARAMETERS config cfm ccm_fwd [software | hardware] show cfm ccm_fwd config cfm mp_ltr_all [enable | disable] show cfm mp_ltr_all Each command is listed, in detail, in the following sections.
Page 519
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config cfm md op_domain mip explicit Command: config cfm md op_domain mip explicit Success. DGS-3700-12:5# create cfm ma Used to create a maintenance association. Purpose Syntax create cfm ma <string 22> md <string 22>...
Page 520
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config cfm ma 10ms – 10 milliseconds. Not recommended. For test purposes. 100ms – 100 milliseconds. Not recommended. For test purposes. 1sec – One second. 10sec – Ten seconds. This is the default value.
Page 521
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#create cfm mep mep1 mepid 1 md op_domain ma op1 direction inward port 2 Command: create cfm mep mep1 mepid 1 md op_domain ma op1 direction inward port 2 Success.
Page 522
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config cfm mep be re-alarmed. The default value is 10 seconds Restrictions Only Administrator and Operator-level users can issue this command. Example usage: To configure the CFM mep: GS-3700-12:5#config cfm mep mepid 1 md 1 ma 1 state enable ccm enable Command: config cfm mep mepid 1 md 1 ma 1 state enable ccm enable Success.
Page 523
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#delete cfm ma op1 md 3 Command: delete cfm ma op1 md 3 Success. DGS-3700-12:5# delete cfm md Used to delete a created maintenance domain. Purpose Syntax delete cfm md <string 22>...
Page 524
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:4# disable cfm Command: disable cfm Success. DGS-3700-12:4# config cfm ports Purpose Used to enable or disable CFM function on per-port basis. Syntax config cfm ports <portlist> state [enable | disable] Description By default, CFM function is disabled on all ports.
Page 525
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show cfm ports 3-6 Command: show cfm ports 3-6 Port State ----- -------- Enabled Enabled Enabled Disabled DGS-3700-12:5# show cfm Purpose This command is used to show CFM information.
Page 526
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show cfm md op_domain Command: show cfm md op_domain MD Level MIP Creation: Explicit SenderID TLV: None MA Name ---- ---------- DGS-3700-12:5# Example usage: To display CFM mepname: Page | 526...
Page 527
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show cfm mepname mep1 Command: show cfm mepname mep1 Name : mep1 MEPID Port Direction : Inward CFM Port Status : Disabled MAC Address : 00-21-91-AF-3C-08 MEP State : Disabled...
Page 528
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12G:5#show cfm fault Command: show cfm fault MD Name MA Name MEPID Status AIS Status LCK Status ----------- ----------- ----- ---------------------- ------------ ------------ DGS-3700-12G:5# show cfm port This command is used to show MEPs and MIPs created on a port.
Page 529
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show cfm mipccm Command: show cfm mipccm MAC Address Port ---------- ---- ----------------- ----- opma 00-01-02-03-04-05 opma 00-01-02-03-04-05 Total: 2 DGS-3700-12:5# cfm linktrace Purpose This command is used to issue a CFM linktrack message.
Page 530
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide To display the CFM linktrace: DGS-3700-12:5#show cfm linktrace mep mep1 Command: show cfm linktrace mep mep1 Trans ID Source MEP Destination -------- ---------------- ------------------ mep1 00-01-02-03-04-05 DGS-3700-12:5#show cfm linktrace mep mep1 trans_id 26...
Page 531
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config cfm ccm_fwd By default, the CCM message is handled and forwarded by software. The software can handle the packet based on behaviour defined by the standard. Under a strict environment, there may be substantial amount of CCM packets, and it will consume substantial amount of CPU resource.
Page 534
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config cfm mp_ltr_all Purpose To configure the CFM mp linktrace on the switch. Syntax config cfm mp_ltr_all [enable | disable] This command is used to configure the CFM mp linktrace on the switch.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide OAM C THERNET OMMANDS Back to Section Header The Ethernet OAM commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 536
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config ethernet_oam ports mode disallowed by ports in passive mode. Initiate OAM discovery and Start or stop remote loop-back. Note: When a port is OAM-enabled, changing the OAM mode will cause the OAM discovery to be re-started.
Page 537
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config ethernet_oam ports link_monitor error_symbol number of frame errors as well as the number of coding symbol errors. When the number of symbol errors is equal to or greater than the specified threshold in a period and the event notification state is enabled, it generates an error symbol period event to notify the remote OAM peer.
Page 539
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide config ethernet_oam ports link_monitor error_frame_seconds Link monitoring function provides a mechanism to detect and indicate link faults under a variety of conditions. OAM monitors the counter on the number of frame errors as well as the number of coding symbol errors.
Page 541
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#config ethernet_oam ports 1 received_remote_loopback process Command: config ethernet_oam ports 1 received_remote_loopback process Success. DGS-3700-12:5# show ethernet_oam ports status Used to show primary controls and status information for Ethernet OAM.
Page 542
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show ethernet_oam ports status At present, only loop-back, link monitoring, and unidirectional are supported. Parameters portlist – Specifies a range of ports to display. None Restrictions Example usage: To show OAM control and status information on port 1-2:...
Page 544
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show ethernet_oam ports 1 statistics Command: show ethernet_oam ports 1 statistics Port 1 ----------------------------------------------------------- Information OAMPDU Tx Information OAMPDU Rx Unique Event Notification OAMPDU Tx Unique Event Notification OAMPDU Rx...
Page 545
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#show ethernet_oam ports 1 event_log Command: show ethernet_oam ports 1 event_log Port 1 ----------------------------------------------------------------- Event Listing Index Type Location Time Stamp ----- ------------------------ ------------- --------------------- Local Event Statistics Error Symbol Event...
Page 546
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide DGS-3700-12:5#clear ethernet_oam ports 1 event_log Command: clear ethernet_oam ports 1 event_log Success. DGS-3700-12:5# config duld ports Used to configure unidirectional link detection on port. Purpose Syntax config duld ports [<portlist> | all ] {state [enable |disable] | mode [shutdown | normal]| discovery_time <sec 5-65535>}...
Page 547
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show duld ports remote peer supporting this detection capability. (2) Disabled: either local or remote do not support OAM or unidirectional detection. So we should enable OAM when we need to detect the unidirectional link.
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ONITORING ECTION Table of Contents Next Section Previous Section XTERNAL LARM OMMANDS Back to Section Header The external alarm commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters) in the following table.
Page 550
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide PPENDIX ECTION Table of Contents Previous Section PPENDIX Back to Section Header ARP S ITIGATING POOFING TTACKS SING ACKET ONTENT DDRESS ESOLUTION ROTOCOL WORKS Address Resolution Protocol (ARP) is the standard method for finding a host’s hardware address (MAC...
Page 551
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide Forwarding Table Port 1 (00-20-5C-01-11-11) In addition, when the switch receives the broadcasted ARP request, it will flood the frame to all ports except the source port, port 1 (see Figure 2).
Page 552
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ARP S POOFING TTACKS A ETWORK ARP spoofing, also known as ARP poisoning, is a method to attack an Ethernet network which may allow an attacker to sniff data frames on a LAN,...
Page 553
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide or modify the data before forwarding it (man-in-the-middle attack). The hacker cheats the victim PC that it is a router and cheats the router that it is the victim. As can be seen in Figure 5 all traffic will be then sniffed by the hacker but the users will not discover.
Page 554
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide ONFIGURATION The configuration logic is as follows: 1. Only if the ARP matches Source MAC address in Ethernet, Sender MAC address and Sender IP address in ARP protocol can pass through the switch. (In this example, it is the gateway’s ARP.) 2.
Page 555
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide • Create access profile 1 to match Ethernet Type and Source Step 1: create access_profile profile_id 1 profile_name 1 ethernet source_mac FF-FF-FF-FF-FF-FF ethernet_type MAC address. • Configure access profile 1...
Page 556
This document will explain how the Password Recovery feature can help network administrators reach this goal. The following steps explain how to use the Password Recovery feature on D-Link devices to easily recover passwords. Complete these steps to reset the password: 1.
Page 557
DGS-3700 Series Layer 2 Managed Gigabit Ethernet Switch CLI Reference Guide show account The show account command displays all previously created accounts. Page | 557...