Fujitsu Siemens Computers PRIMERGY BX Description
  1. Manuals
  2. Brands
  3. Fujitsu Siemens Computers Manuals
  4. Network Router
  5. PRIMERGY BX
  6. Description
Fujitsu Siemens Computers PRIMERGY BX Description

Fujitsu Siemens Computers PRIMERGY BX Description

Blade server systems, lan router and switch blade
Hide thumbs
1
2
3
Table Of Contents
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
Table of Contents

Advertisement

Quick Links

Download this manual
PRIMERGY BX Blade Server Systems
LAN Router and Switch Blade
User Interface Description
Editon March 2006
1
Lan Switch and Router Blade

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the PRIMERGY BX and is the answer not in the manual?

Questions and answers

Related Manuals for Fujitsu Siemens Computers PRIMERGY BX

Summary of Contents for Fujitsu Siemens Computers PRIMERGY BX

  • Page 1 PRIMERGY BX Blade Server Systems LAN Router and Switch Blade User Interface Description Editon March 2006 Lan Switch and Router Blade...

  • Page 2: Copyright And Trademarks

    There you will also find the addresses of the relevant User Documentation Department Copyright and Trademarks Copyright © 2006 Fujitsu Siemens Computers GmbH. All rights reserved. Delivery subject to availability; right of technical modifications reserved. All hardware and software names used are trademarks of their respective manufacturers.
  • Page 3 Important Notes Introduction Networking Planning Making Network Connection Configuration the Switch Blade Web Base Command Interface Command Reference Using SNMP System Defaulting Troubleshooting and Tips Lan Switch and Router Blade...

  • Page 4: Table Of Contents

    CONTENTS 1 Important Notes.......................10 1.1 Information About Boards..................10 1.2 Compliance Statements .................... 11 2 Introduction ........................14 2.1 Features of the Switch....................14 2.1.1 MAC Address Supported Features..............15 2.1.2 Layer 2 Features ....................16 2.1.3 Spanning Tree Protocol Features................18 2.1.4 Ethernet Switch Module Management Features ...........19 2.1.5 Security Features.....................21 2.1.6 Quality of Service Features...................21 2.1.7 Layer III Routing Features..................23...
  • Page 5 3.1 Introduction to Switching ...................38 3.2 Sample Applications ....................39 4 Making Network Connections ..................41 4.1 Connecting to 1000BASE-T Devices .................41 4.2 1000BASE-T Cable Requirements ................42 4.3 1000BASE-T Pin Assignments...................43 5 Configuration the Switch Blade Module ................44 5.1 Overview ........................44 5.2 Connecting the Ethernet Switch Module ..............45 5.3 Start up and Configuration the Ethernet Switch Module..........47 5.4 Configuring the Terminal ...................48 5.5 Booting Device ......................49...
  • Page 6 7.4 Device Configuration Commands................294 7.4.1 Interface.......................294 7.4.2 L2 MAC Address and Multicast Forwarding Database Tables.....307 7.4.3 VLAN Management ..................312 7.4.4 GVRP and Bridge Extension ...............326 7.4.5 IGMP Snooping ...................336 7.4.6 Port Channel....................348 7.4.7 Storm Control....................355 7.4.8 L2 Priority ....................362 7.4.9 Port Mirror....................364 7.5 Management Commands ..................366 7.5.1...
  • Page 7 7.10.1 Show Commands ..................434 7.10.2 Configuration Commands................446 7.10.3 Dot1x Configuration Commands ..............448 7.10.4 Radius Configuration Commands..............455 7.10.5 TACACS Configuration Commands ............459 7.10.6 Port Security Configuration Commands ............462 7.11 CDP (Cisco Discovery Protocol) Commands ............465 7.11.1 Show Commands ..................465 7.11.2 Configuration Commands................467 7.12 Link up &...
  • Page 8 7.16 ACL Command......................523 7.16.1 Show Commands ..................523 7.16.2 Configuration Commands................526 7.17 CoS (Class of Service) Command ................530 7.17.1 Show Commands ..................530 7.17.2 Configuration Commands................533 7.18 Address Resolution Protocol (ARP) Commands.............540 7.18.1 Show Commands ..................540 7.18.2 Configuration Commands................542 7.19 IP Routing Commands ....................546 7.19.1 Show Commands ..................546 7.19.2 Configuration Commands................550 7.20 Open Shortest Path First (OSPF) Commands ............555...
  • Page 9 7.24.7 ip irdp preference..................607 7.25 VLAN Routing Commands ..................607 7.25.1 show ip vlan....................607 7.25.2 vlan routing ....................608 7.26 Virtual Router Redundancy Protocol (VRRP) Commands ........609 7.26.1 Show Commands ..................609 7.26.2 Configuration Commands................611 7.27 Distance Vector Multicast Routing Protocol (DVMRP) Commands......615 7.27.1 Show Commands ..................615 7.27.2 Configuration Commands................619 7.28 Internet Group Management Protocol (IGMP) Commands ........620...

  • Page 10: Important Notes

    Information About Boards Important Notes 1 Important Notes Store this manual close to the device. If you pass the device on to third parties, you should pass this manual on with it. Be sure to read this page carefully and note the information before you open the device.

  • Page 11: Compliance Statements

     C onsult the dealer or an experienced radio/TV technician for help. Fujitsu Siemens Computers is not responsible for any radio or television interference caused by unauthorized modifications of this equipment or the substitution or attachment of connecting cables and equipment other than those specified by Fujitsu Siemens Computers.
  • Page 12 Compliance Statements Important Notes Japan VCCI Class A CE Mark Declaration of Conformance for EMI and Safety (EEC) This information technology equipment complies with the requirements of the Council Directive 89/336/EEC on the Approximation of the laws of the Member States relating to Electromagnetic Compatibility and 73/23/EEC for electrical equipment used within certain voltage limits and the Amendment Directive 93/68/EEC.
  • Page 13 Compliance Statements Important Notes Taiwan BSMI Class A Australia AS/NZS 3548 (1995) - Class A Lan Switch and Router Blade...

  • Page 14: Introduction

    Introduction 2 Introduction The PRIMERGY BX Blade Server system is a modular server system that can integrates up to 10 server modules, four Ethernet Switch Modules (one switch will be included in the base enclosure, the other three are optional) and two Management Modules (MMB). The Ethernet Module provides networking or Switch functions to PRIMERGY BX Blade Server.

  • Page 15: Mac Address Supported Features

    Features of the Switch Introduction network. Flow control eliminates the loss of packets due to bottlenecks caused by port saturation. And broadcast storm suppression prevents broadcast traffic storms from engulfing the network. Some of the management features are briefly described below.

  • Page 16: Layer 2 Features

    Features of the Switch Introduction Automatic Aging for MAC Addresses MAC addresses from which no traffic is received for a given period are aged out. This prevents the Bridging Table from overflowing. Port Security Port security prevents unauthorized users from accessing your network. It allows each port to learn, or be assigned, a list of MAC addresses for devices authorized to access the network through that port.
  • Page 17 Features of the Switch Introduction 1) Eliminate broadcast storms which severely degrade performance in a flat network. 2) Simplify network management for node changes/moves by remotely configuring VLAN membership for any port, rather than having to manually change the network connection.

  • Page 18: Spanning Tree Protocol Features

    Features of the Switch Introduction 2.1.3 Spanning Tree Protocol Features Spanning Tree Protocol (STP) Spanning Tree Protocol (STP, IEEE 802.1D) – This protocol adds a level of fault tolerance by allowing two or more redundant connections to be created between a pair of LAN segments.

  • Page 19: Ethernet Switch Module Management Features

    Features of the Switch Introduction 2.1.4 Ethernet Switch Module Management Features The PRIMERGY BX600 can either be managed through the console port (out-of-band management) or through the network (in-band management) with SNMP, TELNET or HTTP protocols. Various Files of Management Operation: There are three types of files for the PRIMERGY BX600: Configuration Files: The file stores system configuration information Operation Code: Executed after system boot-up, also known as Run Time Image...
  • Page 20 Start up and Configuration the Ethernet Switch Module Configuration the Switch Blade Module running, without rebooting the system. This function is available for CLI only. SNMP Alarms and Trap Logs The system logs events with severity codes and timestamps. Events are sent as SNMP traps to a Trap Recipient List.

  • Page 21: Security Features

    Features of the Switch Introduction 2.1.5 Security Features Secure Socket Layer (SSL) is an application-level protocol that enables secure transactions of data through privacy, authentication, and data integrity. It relies upon certificates and public and private keys. SSL version 3 and TLS version 1 are currently supported. Port Based Authentication (802.1x) Port based authentication enables authenticating system users on a per-port basis via an external server.
  • Page 22 Start up and Configuration the Ethernet Switch Module Configuration the Switch Blade Module that apply to packets. When a packet is received on an interface, the switch compares the fields in the packet against any applied ACLs to verify that the packet has the required permissions to be forwarded, based on the criteria specified in the access lists.

  • Page 23: Layer Iii Routing Features

    Start up and Configuration the Ethernet Switch Module Configuration the Switch Blade Module throughout the Diffserv domain and the bandwidth guarantee within the network nodes. By controlling the acceptance, the transmission and bandwidth, a policy-based range of services is established. There are 3 keys QoS building blocks to configure Diffserv.

  • Page 24: Bootp/Dhcp Relay Agent

    Start up and Configuration the Ethernet Switch Module Configuration the Switch Blade Module RIPv2 defined in RFC 1723 - The RIP routing messages are extended to include subnet mask and gateway information. - For network traffic, the RIP routing message is sent to a multicast address. - Add an authentication scheme to improve security for updating route tables.

  • Page 25: Virtual Lan (Vlan) Routing

    Features of the Switch Introduction PRIMERGY BX600 router discovery, a router periodically multicasts a Router Advertisement from each of its multicast interfaces, announcing the IP address(es) of that interface. Hosts discover the addresses of their neighboring routers simply by listening for advertisements.

  • Page 26: Open Shortest Path First (Ospf)

    Features of the Switch Introduction static routes, 150 for ). These values are arbitrary values in the range of 1 to OSPF Type-2 255 and are independent of route metrics. Most routing protocols use a route metric to determine the shortest path known to the protocol, independent of any other protocol. The best route to a destination is selected by using the route with the lowest preference value.

  • Page 27: Dns And Dns Relay

    Features of the Switch Introduction DNS and DNS Relay The DNS protocol controls the Domain Name System (DNS), a distributed database with which you can map host names to IP addresses. When you configure DNS on your switch, you can substitute the host name for the IP address with all IP commands, such as ping, telnet, traceroute, and related Telnet support operations.

  • Page 28: Protocol Independent Multicast - Dense Mode (Pim-Dm)

    Features of the Switch Introduction All IGMP messages are raw IP data grams, and are sent to multicast group addresses, with a time to leave (TTL) of 1. Since raw IP does not provide reliable transport, some messages are sent multiple times to aid reliability. IGMPv3 is a major revision of the protocol and provides improved group membership latency.

  • Page 29: Protocol Independent Multicast - Sparse Mode (Pim-Sm)

    Features of the Switch Introduction when a new host wants to join a group, and assert messages are used to shut off duplicate flows. PRIMERGY BX600 PIM-DM can be enabled but will only become operational when both routing and IGMP are enabled and operational. Protocol Independent Multicast –...

  • Page 30: Distance Vector Multicast Routing Protocol (Dvmrp)

    Features of the Switch Introduction it will take priority over a static designation. Source Sending Data As soon as an active source sends a packet to the DR that is attached to this source, the DR is responsible for “Registering” this source with the RP and requesting the RP to build a tree back to that DR.

  • Page 31: Description Of Hardware

    The PRIMERGY BX600 Ethernet Switch Module contains 6 Gigabit Ethernet ports and two 10G Ethernet port for connecting to the network and 10 Gigabit Ethernet ports for connecting PRIMERGY BX Blade Server management MMB modules. The six Gigabit Ethernet ports can operate at 10, 100 or 1000 Mbps. These ports support auto negotiation, duplex mode (Half or Full duplex), and flow control.
  • Page 32 Start up and Configuration the Ethernet Switch Module Configuration the Switch Blade Module 2.2.2 Status of LEDs The front panel contains light emitting diodes (LED) that indicate the status of links, and switch diagnostics. Port LEDs Each of uplink port has two LED indicators. One Gbe Port LED definition: Color Function...

  • Page 33: Features And Benefits

    Features and Benefits Introduction 2.3 Features and Benefits 2.3.1 Connectivity 10 internal Gigabit ports for easy network integration of your server cards 6 external 1000BASE-T Gigabit ports for uplinking to the corporate network Support for auto MDI/MDI-X on external ports allows any connections to be made with straight-through cable (with auto-negotiation enabled) Auto-negotiation enables each port to automatically select the optimum speed (10, 100 or 1000 Mbps) and communication mode (half or full duplex) if this feature is supported by the attached device;...

  • Page 34: Notational Conventions

    Notational Conventions Introduction 2.4 Notational Conventions The meanings of the symbols and fonts used in this manual are as follows: Pay particular attention to texts marked with this symbol. CAUTION! Failure to observe this warning endangers your life, destroys the system, or may lead to loss of data.

  • Page 35: Target Group

    T arget Group Introduction 2.5 Target Group This manual is intended for those responsible for installing and configuring network connections. This manual contains all the information required to configure the switch blade. Lan Switch and Router Blade...

  • Page 36: Technical Data

    Technical Data Introduction 2.6 Technical Data Electrical data Operating voltage +12 VDC @ 3 A max Maximum current 11 A max @ 3.3 VDC National and international standards Product safety IEC 60950 / EN 60950 / UL 1950, CSA 22.2 No. 950 Electromagnetic compatibility FCC class A Industry...
  • Page 37 Technical Data Introduction Environmental conditions Environment class 3K2 DIN IEC 721 part 3-3 Environment class 2K2 DIN IEC 721 part 3-2 Temperature: – Operating (3K2) 0 °C ..50 °C – Transport (2K2) -40 °C ..70 °C Humidity 10 ... 90% Condensation while operating must be avoided.

  • Page 38: Network Planning

    Introduction to Switching Network Planning 3 Network Planning 3.1 Introduction to Switching A network switch allows simultaneous transmission of multiple packets via non- crossbar switching. This means that it can partition a network more efficiently than bridges or routers. The switch has, therefore, been recognized as one of the most important building blocks for today’s networking technology.

  • Page 39: Sample Applications

    Sample Applications Network Planning 3.2 Sample Applications The switch is designed to consolidate your network core providing high- bandwidth connections between the server chassis and workgroup switches. Some typical applications are described in this section. 3.2.1 Backbone Connection The switch can connect to the network backbone or other key sites over high- speed Gigabit Ethernet links, increasing overall bandwidth and throughput.
  • Page 40 Sample Applications Network Planning identify the VLAN group to which it belongs. Untagged VLANs can be used for small networks attached to a single switch. However, tagged VLANs should be used for larger networks, and all the VLANs assigned to the inter-switch links. Figure 3: Making Vlan Connection When connecting to a switch or other network device that does not support IEEE 802.1Q VLAN tags, use untagged ports.

  • Page 41: Making Network Connections

    Connecting to 1000BASE-T Devices Making Network Connections 4 Making Network Connections The Switch Blade connects server boards installed inside the system to a common switch fabric, and also provides three external ports for uplinking to external IEEE 802.3ab compliant devices. For most applications, the external ports on the switch will be connected to other switches in the network backbone.It may also be connected directly to Gigabit Ethernet network cards in PCs or servers.

  • Page 42: 1000Base-T Cable Requirements

    1000BASE-T Cable Requirements Making Network Connections Do not plug a phone jack connector into any RJ-45 port. This may damage the switch. Instead, use only twisted-pair cables with RJ-45 connectors that conform with FCC standards. For 1000 Mbps operation, all four wire pairs in the cable must be connected. When auto-negotiation is enabled, the 1000BASE-T ports support the auto MDI/MDI-X feature, which means that at any operating speed (10, 100, or 1000 Mbps), either straight-through or crossover cables can be used to connect to any server, workstation, or other network...

  • Page 43: 1000Base-T Pin Assignments

    1000BASE-T Pin Assignments Making Network Connections 4.2.2 Adjusting Existing Category 5 Cabling for 1000BASE-T If your existing Category 5 installation does not meet one of the test parameters for 1000BASE-T, there are basically three measures that can be applied to try and correct the problem: Replace any Category 5 patch cables with high-performance Category 5e cables.

  • Page 44: Configuration The Switch Blade Module

    This section contains information about Ethernet Switch Module unpacking, installation, and cable connections. 5.1 Overview The Ethernet Switch Module is inserted in the PRIMERGY BX Blade Server which is a modular server system that can integrates up to 10 processor blades and four Ethernet Switch Modules. Package Contents While unpacking the Ethernet Switch Module, ensure that the following items are included: •...

  • Page 45: Connecting The Ethernet Switch Module

    5.2 Connecting the Ethernet Switch Module Before configuring the Ethernet Switch Module, PRIMERGY BX Blade Server console port must be connected to the Ethernet Switch Module. To connect PRIMERGY BX Blade Server console port to the Ethernet Switch Module, perform the following: 1.
  • Page 46 Connecting the Ethernet Switch Module Configuration the Switch Blade Module (5) Logout (6) Reboot Management Blade (7) System Information Dump Enter selection: 3 3. Select (3) Console Redirection. The Console Redirection Table is displayed. +-----------------------------------------------------------------------------+ Console Redirection Table +-----------------------------------------------------------------------------+ (1) Console Redirect Server Blade (2) Console Redirect Switch Blade (3) Set Return Hotkey , Ctrl+(a character) : Q Enter selection or type (0) to quit: 2...

  • Page 47: Start Up And Configuration The Ethernet Switch Module

    Ethernet Switch Module. The Ethernet Switch Module has two types of ports. One type is for interfacing the Ethernet Switch Module with PRIMERGY BX Blade Server, and the other type are regular Ethernet ports used for connecting PRIMERGY BX Blade Server to the network.

  • Page 48: Configuring The Terminal

    To configure the device, the station must be running terminal emulation software. Ensure that switch module is correctly mounted and is connected to the chassis serial port. Ensure that the terminal emulation software is set as follows: Connect PRIMERGY BX Blade Server serial port to the Ethernet Switch Module.

  • Page 49: Booting Device

    • The device is not configured with a default user name and password. After connecting the PRIMERGY BX Blade Server serial port to the Ethernet Switch Module, When the Ethernet Switch Module is connected to the local terminal, the device Ethernet Switch Module goes through Power On Self Test (POST).

  • Page 50: Software Download

    Software Download Configuration the Switch Blade Module successfully, a system prompt is displayed ((FSC Routing) #) which is used to configure the device. However, before configuring the device, ensure that the latest software version is installed on the device. If it is not the latest version, download and install the latest version. For more information on downloading the latest version see the "Software Download"...

  • Page 51: In Operation Code Cli

    Software Download Configuration the Switch Blade Module 6. Ensure that the Xmodem protocol is selected in the Protocol field. 7. Press Send. The software is downloaded. 8. Enter the reset command. The following message is displayed: 9. Enter y. The device reboots. 5.6.2 In Operation Code CLI Software Download Through TFTP Server This section contains instructions for downloading device software through a TFTP server.
  • Page 52 Software Download Configuration the Switch Blade Module 5. Enter (FSC) # copy tftp://{tftp address}/{file name} image {file name} command to copy a new system image to the device. The following message is displayed: 6. Press Y. When the new image is downloaded, it is saved in the area allocated for the other copy of system image.
  • Page 53 Software Download Configuration the Switch Blade Module 9. Enter y. The device reboots. Lan Switch and Router Blade...

  • Page 54: Web-Based Management Interface

    Overview Web-Based Management Interface 6 Web-Based Management Interface 6.1 Overview The BX600 Network Switch Blade provides a built-in browser software interface that lets you configure and manage it remotely using a standard Web browser such as Microsoft Internet Explorer or Netscape Navigator. This software interface also allows for system monitoring and management of the Network Switch.

  • Page 55: Main Menu

    Main Menu Web-Based Management Interface 6.2 Main Menu 6.2.1 System Menu 6.2.1.1 View ARP Cache The Address Resolution Protocol (ARP) dynamically maps physical (MAC) addresses to Internet (IP) addresses. This panel displays the current contents of the ARP cache. For each connection, the following information is displayed: The physical (MAC) Address The associated IP address The identification of the port being used for the connection...
  • Page 56 Main Menu Web-Based Management Interface 6.2.1.2 Viewing Inventory Information Use this panel to display the switch's Vital Product Data, stored in non-volatile memory at the factory. Non-Configurable Data System Description - The product name of this switch. Machine Type - The machine type of this switch. Machine Model - The model within the machine type.
  • Page 57 Main Menu Web-Based Management Interface Loader Version - The release-version maintenance number of the loader code currently running on the switch. For example, if the release was 1, the version was 2, and the maintenance number was 4, the format would be '1.2.4'. Boot Rom Version - The release-version maintenance number of the boot rom code currently running on the switch.
  • Page 58 Main Menu Web-Based Management Interface 6.2.1.3 Configuring Management Session and Network Parameters 6.2.1.3.1. Viewing System Description Page Configurable Data System Name - Enter the name you want to use to identify this switch. You may use up to 31 alpha-numeric characters. The factory default is blank. System Location - Enter the location of this switch.
  • Page 59 Main Menu Web-Based Management Interface Non-Configurable Data System Description - The product name of this switch. System Object ID - The base object ID for the switch's enterprise MIB. System IP Address - The IP Address assigned to the network interface. System Up time - The time in days, hours and minutes since the last switch reboot.
  • Page 60 Main Menu Web-Based Management Interface Configurable Data IP Address - The IP address of the interface. The factory default value is 0.0.0.0 Subnet Mask - The IP subnet mask for the interface. The factory default value is 0.0.0.0 Default Gateway - The default gateway for the IP interface. The factory default value is 0.0.0.0 Network Configuration Protocol Current - Choose what the switch should do following power-up: transmit a Bootp request, transmit a DHCP request, or do nothing (none).
  • Page 61 Main Menu Web-Based Management Interface 6.2.1.3.3. Configuring Telnet Session Page Configurable Data Telnet Session Timeout (minutes) - Specify how many minutes of inactivity should occur on a telnet session before the session is logged off. You may enter any number from 1 to 160.
  • Page 62 Main Menu Web-Based Management Interface 6.2.1.3.4. Configuring Outbound Telnet Client Configuration Page Configurable Data Admin Mode - Specifies if the Outbound Telnet service is Enabled or Disabled. Default value is Enabled. Maximum Sessions - Specifies the maximum number of Outbound Telnet Sessions allowed.
  • Page 63 Main Menu Web-Based Management Interface Serial Port Login Timeout (minutes) - Specify how many minutes of inactivity should occur on a serial port connection before the switch closes the connection. Enter a number between 0 and 160: the factory default is 5. Entering 0 disables the timeout. Baud Rate (bps) - Select the default baud rate for the serial port connection from the pull-down menu.
  • Page 64 Main Menu Web-Based Management Interface If you logon with a user account with 'Read/Write' privileges (that is, as admin) you can use the User Accounts screen to assign passwords and set security parameters for the default accounts, and to add and delete accounts (other than admin) up to the maximum of six. Only a user with 'Read/Write' privileges may alter data on this screen, and only one account may be created with 'Read/Write' privileges.
  • Page 65 Main Menu Web-Based Management Interface 6.2.1.3.7. Defining Authentication List Configuration Page You use this screen to configure login lists. A login list specifies the authentication method(s) you want used to validate switch or port access for the users associated with the list. The pre-configured users, admin and guest, are assigned to a pre-configured list named defaultList, which you may not delete.
  • Page 66 Main Menu Web-Based Management Interface first method) Method 2 - Use the dropdown menu to select the method, if any, that should appear second in the selected authentication login list. This is the method that will be used if the first method times out.
  • Page 67 Main Menu Web-Based Management Interface 6.2.1.3.9. Viewing Authentication List Summary Page Non-Configurable Data Authentication List - Identifies the authentication login list summarized in this row. Method List - The ordered list of methods configured for this login list. Login Users - The users you assigned to this login list on the User Login Configuration screen.
  • Page 68 Main Menu Web-Based Management Interface The pre-configured users, admin and guest, are assigned to a pre-configured list named defaultList, which you may not delete. All newly created users are also assigned to the defaultList until you specifically assign them to a different list. A user that does not have an account configured on the switch is termed the 'default' or 'non-configured' user.
  • Page 69 Main Menu Web-Based Management Interface 802.1D recommends a default of 300 seconds, which is the factory default. Command Buttons Submit - Update the switch with the values on the screen. If you want the switch to retain the new values across a power cycle you must perform a save. 6.2.1.4.2.
  • Page 70 Main Menu Web-Based Management Interface Static: the entry was added when a static MAC filter was defined. Learned: the entry was learned by observing the source MAC addresses of incoming traffic, and is currently in use. Management: the system MAC address, which is identified with interface 0.1. Self: the MAC address of one of the switch's physical interfaces.
  • Page 71 Main Menu Web-Based Management Interface 6.2.1.5.2. Viewing Buffered Log Page This help message applies to the format of all logged messages which are displayed for the buffered log, persistent log, or console log. Format of the messages <15>Aug 24 05:34:05 STK0 MSTP[2110]: mspt_api.c(318) 237 %% Interface 12 transitioned to root state on message age timer expiry -The above example indicates a user-level message (1) with severity 7 (debug) on a system that is not stack and generated by component MSTP running in thread id 2110 on...
  • Page 72 Main Menu Web-Based Management Interface 6.2.1.5.3. Configuring Command Logger Page Configurable Data Admin Mode - Enable/Disable the operation of the CLI Command logging by selecting the corresponding pulldown field and clicking Submit. Command Buttons Submit - Update the switch with the values you entered. 6.2.1.5.4.
  • Page 73 Main Menu Web-Based Management Interface threshold. Select the severity option by selecting the corresponding line on the pulldown entry field. These severity levels have been enumerated below: -Emergency (0): system is unusable -Alert (1): action must be taken immediately -Critical (2): critical conditions -Error (3): error conditions -Warning (4): warning conditions -Notice(5): normal but significant conditions...
  • Page 74 Main Menu Web-Based Management Interface 6.2.1.5.6. Configuring Hosts configuration Page Configurable Data Host - This is a list of the hosts that have been configured for syslog. Select a host for changing the configuration or choose to add a new hosts from the drop down list. IP Address - This is the ip address of the host configured for syslog.
  • Page 75 Main Menu Web-Based Management Interface 6.2.1.5.7. Configuring syslog configuration Page Configurable Data Admin Status -For Enabling and Disabling logging to configured syslog hosts. Setting this to disable stops logging to all syslog hosts. Disable means no messages will be sent to any collector/relay.
  • Page 76 Main Menu Web-Based Management Interface 6.2.1.6 Managing Switch Interface 6.2.1.6.1. Configuring Switch Interface Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Configurable Data STP Mode - The Select the Spanning Tree Protocol Administrative Mode for the port or LAG.
  • Page 77 Main Menu Web-Based Management Interface Table 1. For Table 2. For 10Gbps 10/100Mbps/1Gbps Level Packet Rate (pps) Level Packet Rate (pps) 1042 2048 3124 4167 Multicast Storm Control - Used to enable or disable the multicast storm feature on the selected interface.
  • Page 78 Main Menu Web-Based Management Interface 6.2.1.6.2. Viewing Switch Interface Configuration Page This screen displays the status for all ports in the box. Selection Criteria MST ID - Select the Multiple Spanning Tree instance ID from the list of all currently configured MST ID's to determine the values displayed for the Spanning Tree parameters.
  • Page 79 Main Menu Web-Based Management Interface LAG. The possible values are: Enable - spanning tree is enabled for this port. Disable - spanning tree is disabled for this port. Forwarding State - The port's current state Spanning Tree state. This state controls what action a port takes on receipt of a frame.
  • Page 80 Main Menu Web-Based Management Interface 6.2.1.6.3. Configuring Multiple Port Mirroring Function Page Configurable Data Session ID - A session ID or "All Sessions" option may be selected. By default the First Session is selected. Session Mode - Specifies the Session Mode for a selected session ID. By default Session Mode is enabled.
  • Page 81 Main Menu Web-Based Management Interface 6.2.1.7 Defining SNMP 6.2.1.7.1. Configuring SNMP Community Configuration Page By default, two SNMP Communities exist: private, with 'Read/Write' privileges and status set to enable public, with 'Read Only' privileges and status set to enable These are well-known communities, you can use this menu to change the defaults or to add other communities.
  • Page 82 Main Menu Web-Based Management Interface either (IP Address or IP Mask) value is 0.0.0.0, access is allowed from any IP address. Otherwise, every client's IP address is ANDed with the mask, as is the Client IP Address, and, if the values are equal, access is allowed. For example, if the Client IP Address and Client IP Mask parameters are 192.168.1.0/255.255.255.0, then any client whose IP address is 192.168.1.0 through 192.168.1.255 (inclusive) will be allowed access.
  • Page 83 Main Menu Web-Based Management Interface SNMP v2 - Uses SNMP v2 to send traps to the receiver. IP Address - Enter the IP address to receive SNMP traps from this device. Enter 4 numbers between 0 and 255 separated by periods. Status - Select the receiver's status from the pulldown menu: Enable - send traps to the receiver.
  • Page 84 Main Menu Web-Based Management Interface Lan Switch and Router Blade...
  • Page 85 Main Menu Web-Based Management Interface 6.2.1.8 Viewing Statistics 6.2.1.8.1. Viewing the whole Switch Detailed Statistics Page Non-Configurable Data ifIndex - This object indicates the ifIndex of the interface table entry associated with the Processor of this switch. Octets Received - The total number of octets of data received by the processor (excluding framing bits but including FCS octets).
  • Page 86 Main Menu Web-Based Management Interface to a higher-layer protocol. A possible reason for discarding a packet could be to free up buffer space. Most Address Entries Ever Used - The highest number of Forwarding Database Address Table entries that have been learned by this switch since the most recent reboot. Address Entries in Use - The number of Learned and static entries in the Forwarding Database Address Table for this switch.
  • Page 87 Main Menu Web-Based Management Interface 6.2.1.8.2. Viewing the whole Switch Summary Statistics Page Non-Configurable Data ifIndex - This object indicates the ifIndex of the interface table entry associated with the Processor of this switch. Packets Received Without Errors - The total number of packets (including broadcast packets and multicast packets) received by the processor.
  • Page 88 Main Menu Web-Based Management Interface Address Entries Currently in Use - The total number of Forwarding Database Address Table entries now active on the switch, including learned and static entries. VLAN Entries Currently in Use - The number of VLAN entries presently occupying the VLAN table.
  • Page 89 Main Menu Web-Based Management Interface Packets RX and TX 65-127 Octets - The total number of packets (including bad packets) received or transmitted that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). Packets RX and TX 128-255 Octets - The total number of packets (including bad packets) received or transmitted that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets).
  • Page 90 Main Menu Web-Based Management Interface Packets Received 256-511 Octets - The total number of packets (including bad packets) received that were between 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 512-1023 Octets - The total number of packets (including bad packets) received that were between 512 and 1023 octets in length inclusive (excluding framing bits but including FCS octets).
  • Page 91 Main Menu Web-Based Management Interface Rx FCS Errors - The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad Frame Check Sequence (FCS) with an integral number of octets Overruns - The total number of frames discarded as this port was overloaded with incoming packets, and could not keep up with the inflow.
  • Page 92 Main Menu Web-Based Management Interface Total Packets Transmitted Successfully - The number of frames that have been transmitted by this port to its segment. Unicast Packets Transmitted - The total number of packets that higher-level protocols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent.
  • Page 93 Main Menu Web-Based Management Interface GVRP PDUs Received - The count of GVRP PDUs received in the GARP layer. GVRP PDUs Transmitted - The count of GVRP PDUs transmitted from the GARP layer. GVRP Failed Registrations - The number of times attempted GVRP registrations could not be completed.
  • Page 94 Main Menu Web-Based Management Interface Lan Switch and Router Blade...
  • Page 95 Main Menu Web-Based Management Interface 6.2.1.8.4. Viewing Each Port Summary Statistics Page Selection Criteria Slot/Port - Selects the interface for which data is to be displayed or configured. Non-Configurable Data ifIndex - This object indicates the ifIndex of the interface table entry associated with this port on an adapter.
  • Page 96 Main Menu Web-Based Management Interface 6.2.1.9 Managing System Utilities 6.2.1.9.1. Saving All Configuration Changed Page Command Buttons Save - Click this button to have configuration changes you have made saved across a system reboot. All changes submitted since the previous save or system reboot will be retained by the switch.
  • Page 97 Main Menu Web-Based Management Interface 6.2.1.9.3. Restoring All Configuration to Default Values Page Command Buttons Reset - Clicking the Reset button will reset all of the system login passwords to their default values. If you want the switch to retain the new values across a power cycle, you must perform a save.
  • Page 98 Main Menu Web-Based Management Interface configuration. If the file has errors the update will be stopped. SSH-1 RSA Key File - SSH-1 Rivest-Shamir-Adleman (RSA) Key File SSH-2 RSA Key PEM File - SSH-2 Rivest-Shamir-Adleman (RSA) Key File (PEM Encoded) SSH-2 DSA Key PEM File - SSH-2 Digital Signature Algorithm (DSA) Key File (PEM Encoded) SSL Trusted Root Certificate PEM File - SSL Trusted Root Certificate File (PEM Encoded)
  • Page 99 Main Menu Web-Based Management Interface 6.2.1.9.6. Uploading Specific Files from Switch Flash Page Use this menu to upload a code, configuration, or log file from the switch. Configurable Data File Type - Specify the type of file you want to upload. The available options are Script, Code, CLI Banner, Configuration, Error Log, Buffered Log, and Trap Log.
  • Page 100 Main Menu Web-Based Management Interface Submit - Send the updated screen to the switch and specify the file start-up. 6.2.1.9.8. Removing Specific File Page Delete files in flash. If the file type is used for system startup, then this file cannot be deleted. Configurable Data Configuration File - Configuration files.
  • Page 101 Main Menu Web-Based Management Interface Copy to File - Send the updated screen to the switch perform the file copy. 6.2.1.9.10. Defining Ping Function Page Use this screen to tell the switch to send a Ping request to a specified IP address. You can use this to check whether the switch can communicate with a particular IP station.
  • Page 102 Main Menu Web-Based Management Interface Transmit Interval - the CDP packet sending interval. Port Authen. State - the CDP administration mode for all ports which are Enable and Disable. Command Buttons Submit - Send the updated screen to the switch. Changes take effect on the switch but these changes will not be retained across a power cycle unless a save is performed.
  • Page 103 Main Menu Web-Based Management Interface Viewing Traffic Statistics Page Use this menu to display CDP traffic statistics. Non-Configurable Data Incoming Packet Number - Received legal CDP packets number from neighbors. Outgoing Packet Number - Transmitted CDP packets number from this device. Error Packet Number - Received illegal CDP packets number from neighbors.
  • Page 104 Main Menu Web-Based Management Interface the corresponding line on the pull down entry field. The factory default is enabled. Link Up/Down - Enable or disable activation of link status traps by selecting the corresponding line on the pull down entry field. The factory default is enabled. Multiple Users - Enable or disable activation of multiple user traps by selecting the corresponding line on the pull down entry field.
  • Page 105 Main Menu Web-Based Management Interface Trap Log Capacity - The maximum number of traps stored in the log. If the number of traps exceeds the capacity, the entries will overwrite the oldest entries. Log - The sequence number of this trap. System Up Time - The time at which this trap occurred, expressed in days, hours, minutes and seconds since the last reboot of the switch.
  • Page 106 Main Menu Web-Based Management Interface Default value is Disable. Port - Specifies the local UDP port to listen for responses/broadcasts. Allowed range is (1 to 65535). Default value is 123. Unicast Poll Interval - Specifies the number of seconds between unicast poll requests expressed as a power of two when configured in unicast mode.
  • Page 107 Main Menu Web-Based Management Interface Last Update Time - Specifies the local date and time (UTC) the SNTP client last updated the system clock. Last Attempt Time - Specifies the local date and time (UTC) of the last SNTP request or receipt of an unsolicited message.
  • Page 108 Main Menu Web-Based Management Interface 6.2.1.11.3. Configuring SNTP Server Page Configurable Data Server - Specifies all the existing Server Addresses along with an additional option "Create". When the user selects "Create" another text box "Address" appears where the user may enter Address for Server to be configured. Address - Specifies the address of the SNTP server.
  • Page 109 Main Menu Web-Based Management Interface Version - Specifies the NTP Version running on the server. Allowed range is (1 to 4). Default value is 4. Command Buttons Submit - Sends the updated configuration to the switch. Configuration changes take effect immediately. Delete - Deletes the SNTP Server entry.
  • Page 110 Main Menu Web-Based Management Interface This is indicated via the 'leap indicator' field on the SNTP message. • Server Kiss Of DeathThe SNTP server indicated that no further queries were to be sent to this server. This is indicated by a stratum field equal to 0 in a message received from a server.
  • Page 111 Main Menu Web-Based Management Interface 6.2.1.11.6. Configuring Time Zone Settings Page Simple Network Time Protocol (SNTP) allows the switch to set its internal clock based on periodic updates from a time server. Maintaining an accurate time on the switch enables the system log to record meaningful dates and times for event entries.
  • Page 112 Main Menu Web-Based Management Interface 6.2.1.12 Defining DHCP Client 6.2.1.12.1. Configuring DHCP Restart Page This command issues a BOOTP or DHCP client request for any IP interface that has been set to BOOTP or DHCP mode via the IP address command. DHCP requires the server to reassign the client's last address if available.

  • Page 113: Switching Menu

    Main Menu Web-Based Management Interface Default Specific Text String Secific Hexadecimal Value Text String - A text string. Hex Value - The hexadecimal value. Command Buttons Submit - Send the updated screen to the switch perform the setting DHCP client identifier. 6.2.2 Switching Menu 6.2.2.1 Managing Port-based VLAN...
  • Page 114 Main Menu Web-Based Management Interface registration fixed in the IEEE 802.1Q standard. Exclude - This port is never a member of this VLAN. This is equivalent to registration forbidden in the IEEE 802.1Q standard. Autodetect - Specifies that port may be dynamically registered in this VLAN via GVRP.
  • Page 115 Main Menu Web-Based Management Interface Lan Switch and Router Blade...
  • Page 116 Main Menu Web-Based Management Interface 6.2.2.1.2. Viewing Port-based VLAN Information Page This page displays the status of all currently configured VLANs. VLAN ID - The VLAN Identifier (VID) of the VLAN. The range of the VLAN ID is (1 to 3965).
  • Page 117 Main Menu Web-Based Management Interface Command Buttons Submit - Update the switch with the values on this screen. If you want the switch to retain the new values across a power cycle, you must perform a save. 6.2.2.1.4. Viewing VLAN Port Summary Page Non-Configurable Data Slot/Port - The interface.
  • Page 118 Main Menu Web-Based Management Interface 6.2.2.1.5. Resetting VLAN Configuration Page Command Buttons Reset - If you select this button and confirm your selection on the next screen, all VLAN configuration parameters will be reset to their factory default values. Also, all VLANs, except for the default VLAN, will be deleted.
  • Page 119 Main Menu Web-Based Management Interface 6.2.2.2 Managing Protocol-based VLAN 6.2.2.2.1. Protocol-based VLAN Configuration Page You can use a protocol-based VLAN to define filtering criteria for untagged packets. By default, if you do not configure any port- (IEEE 802.1Q) or protocol-based VLANs, untagged packets will be assigned to VLAN 1.
  • Page 120 Main Menu Web-Based Management Interface Network-layer protocol that forwards data over a network. VLAN - VLAN can be any number in the range of (1 to 3965) . All the ports in the group will assign this VLAN ID to untagged packets received for the protocols you included in this group.
  • Page 121 Main Menu Web-Based Management Interface IP - IP is a network layer protocol that provides a connectionless service for the delivery of data. ARP - Address Resolution Protocol (ARP) is a low-level protocol that dynamically maps network layer addresses to physical medium access control (MAC) addresses. IPX - The Internetwork Packet Exchange (IPX) is a connectionless datagram Network-layer protocol that forwards data over a network.
  • Page 122 Main Menu Web-Based Management Interface Leave Time (centiseconds) - Specifies the time to wait after receiving an unregister request for a VLAN or multicast group before deleting the associated entry, in centiseconds. This allows time for another station to assert registration for the same attribute in order to maintain uninterrupted service.
  • Page 123 Main Menu Web-Based Management Interface GMRP Mode - Choose the GARP Multicast Registration Protocol administrative mode for the switch by selecting enable or disable from the pull down menu. The factory default is disabled. Command Buttons Submit - Update the switch with the values you entered. If you want the switch to retain the new values across a power cycle you must perform a save.
  • Page 124 Main Menu Web-Based Management Interface deregistered. Participants will need to rejoin in order to maintain registration. The Leave All Period Timer is set to a random value in the range of LeaveAllTime to 1.5*LeaveAllTime. The timer is specified in centiseconds. Enter a number between 200 and 6000 (2 to 60 seconds).
  • Page 125 Main Menu Web-Based Management Interface snooping. Command Buttons Submit - Update the switch with the values you entered. If you want the switch to retain the new values across a power cycle you must perform a save. You will only see this button if you have Read/Write access privileges.
  • Page 126 Main Menu Web-Based Management Interface for the switch from the pulldown menu. The default is disable. Group Membership Interval - Specify the amount of time you want the switch to wait for a report for a particular group on a particular interface before it deletes that interface from the group.
  • Page 127 Main Menu Web-Based Management Interface Group Membership Interval - Group Membership Interval of IGMP Snooping for the specified VLAN ID. Valid range is 2 to 3600. Maximum Response Time - Maximum Response Time of IGMP Snooping for the specified VLAN ID. Valid range is 1 to 3599.Its value should be greater than group membership interval value.
  • Page 128 Main Menu Web-Based Management Interface 6.2.2.4.5. Viewing Multicast Router Statistics Page Non-Configurable Data Slot/port - The single select box lists all physical and LAG interfaces. Select the interface for which you want to display the statistics. Multicast Router - Specifies for the selected interface whether multicast router is enable or disabled.
  • Page 129 Main Menu Web-Based Management Interface Command Buttons Submit - Update the switch with the values you entered. 6.2.2.4.7. Viewing Multicast Router VLAN Statistics Page Selection Criteria Slot/port - The select box lists all Slot/ports. Select the interface for which you want to display the statistics.
  • Page 130 Main Menu Web-Based Management Interface this. Command Buttons Submit - Update the switch with the values you entered. 6.2.2.4.9. Configuring L2 Static Multicast Group Configuration Page Non-Configurable Data MAC Address Table - This is the list of MAC address and VLAN ID pairings for all configured L2Mcast Groups.
  • Page 131 Main Menu Web-Based Management Interface 6.2.2.4.10. Viewing L2 Multicast Group Information Page Use this panel to display information about entries in the L2Mcast Static/Dynamic Groups. These entries are used by the transparent bridging function to determine how to forward a received frame.
  • Page 132 Main Menu Web-Based Management Interface All: the entry was configured by setting the whole L2Mcast table. Command Buttons Search - Search for the specified L2Mcast address. Refresh - Refresh the database and display it again starting with the first entry in the table. 6.2.2.4.11.
  • Page 133 Main Menu Web-Based Management Interface All: the entry was configured by setting the whole L2Mcast router table. Command Buttons Refresh - Refresh the database and display it again starting with the first entry in the table. 6.2.2.5 Managing Port-Channel 6.2.2.5.1. Defining Port-Channel Static Capability Mode Page Configurable Data Static Capability Mode - May be enabled or disabled by selecting the corresponding line on the pull down entry field.
  • Page 134 Main Menu Web-Based Management Interface Link Trap - Specify whether you want to have a trap sent when link status changes. The factory default is enable, which will cause the trap to be sent. Administrative Mode - Select enable or disable from the pull down menu. When the Port Channel is disabled no traffic will flow and LACPDUs will be dropped, but the links that form the Port Channel will not be released.
  • Page 135 Main Menu Web-Based Management Interface Port Channel - The Slot/Port identification of the Port Channel. Port Channel Name - The name of the Port Channel. Port Channel Type - The type of this Port Channel. Admin Mode - The Administrative Mode of the Port Channel, enable or disable. Link Status - Indicates whether the Link is up or down.
  • Page 136 Main Menu Web-Based Management Interface Non-Configurable Data MAC Address - The multicast MAC address for which you requested data. Type - This displays the type of the entry. Static entries are those that are configured by the end user. Dynamic entries are added to the table as a result of a learning process or protocol.
  • Page 137 Main Menu Web-Based Management Interface 6.2.2.6.3. Viewing IGMP Snooping MFDB Table Page Non-Configurable Data MAC Address - A VLAN ID - multicast MAC address pair for which the switch has forwarding and/or filtering information. The format is 8 two-digit hexadecimal numbers that are separated by colons, for example 00:01:23:45:67:89:AB:CD.
  • Page 138 Main Menu Web-Based Management Interface known as the MFDB high-water mark. Current Entries - The current number of entries in the Multicast Forwarding Database table. Command Buttons Refresh - Refresh the data on the screen with the present state of the data in the switch. 6.2.2.7 Managing Spanning Tree 6.2.2.7.1.
  • Page 139 Main Menu Web-Based Management Interface 6.2.2.7.2. Configuring Spanning Tree CST Configuration Page Configurable Data Bridge Priority - Specifies the bridge priority for the Common and Internal Spanning tree (CST). The value lies between 0 and 61440. It is set in multiples of 4096. For example, if you set the priority to any value between 0 and 4095, it will be set to 0.
  • Page 140 Main Menu Web-Based Management Interface Root Port - Port to access the Designated Root for the CST. Max Age - Path Cost to the Designated Root for the CST. Forward Delay - Derived value of the Root Port Bridge Forward Delay parameter. Hold Time - Minimum time between transmission of Configuration BPDUs.
  • Page 141 Main Menu Web-Based Management Interface 6.2.2.7.3. Configuring Spanning Tree MST Configuration Page Selection Criteria MST ID - Create a new MST which you wish to configure or configure already existing MSTs. Configurable Data MST ID - This is only visible when the select option of the MST ID select box is selected. The ID of the MST being created.
  • Page 142 Main Menu Web-Based Management Interface 6.2.2.7.4. Configuring each Port CST Configuration Page Selection Criteria Slot/Port - Selects one of the physical or LAG interfaces associated with VLANs associated with the CST. Configurable Data Port Priority - The priority for a particular port within the CST. The port priority is set in multiples of 16.
  • Page 143 Main Menu Web-Based Management Interface Port Role - Each MST Bridge Port that is enabled is assigned a Port Role for each spanning tree. The port role will be one of the following values: Root Port, Designated Port, Alternate Port, Backup Port, Master Port, or Disabled Port. Designated Root - Root Bridge for the CST.
  • Page 144 Main Menu Web-Based Management Interface 6.2.2.7.5. Configuring each Port MST Configuration Page Selection Criteria MST ID - Selects one MST instance from existing MST instances. Slot/Port - Selects one of the physical or LAG interfaces associated with VLANs associated with the selected MST instance. Configurable Data Port Priority - The priority for a particular port within the selected MST instance.
  • Page 145 Main Menu Web-Based Management Interface 6.2.2.7.6. Viewing Spanning Tree Statistics Page Selection Criteria Slot/Port - Selects one of the physical or LAG interfaces of the switch. Non-Configurable Data STP BPDUs Received - Number of STP BPDUs received at the selected port. STP BPDUs Transmitted - Number of STP BPDUs transmitted from the selected port.
  • Page 146 Main Menu Web-Based Management Interface 6.2.2.8 Defining 802.1p priority 6.2.2.8.1. Defining 802.1p Priority Mapping Page Selection Criteria Slot/Port - Select the physical interface for which you want to display or configure data. Select 'All' to set the parameters for all ports to the same values. Configurable Data Traffic Class - Specify which internal traffic class to map the corresponding 802.1p priority.
  • Page 147 Main Menu Web-Based Management Interface 6.2.2.9 Managing Port Security 6.2.2.9.1. Configuring Port Security Administration Mode Page Configurable Data Allow Port Security - Used to enable or disable the Port Security feature. Command Buttons Submit - Applies the new configuration and causes the changes to take effect. These changes will not be retained across a power cycle unless a save configuration is performed.
  • Page 148 Main Menu Web-Based Management Interface 6.2.2.9.2. Configuring Port Security Interface Page Selection Criteria Slot/port - Selects the interface to be configured. Configurable Data Allow Port Security - Used to enable or disable the Port Security feature for the selected interface. Maximum Dynamic MAC Addresses allowed - Sets the maximum number of dynamically locked MAC addresses on the selected interface.
  • Page 149 Main Menu Web-Based Management Interface 6.2.2.9.3. Deleting Port Security Statically Configured MAC Address Page Selection Criteria Slot/port - Select the physical interface for which you want to display data. VLAN ID - selects the VLAN ID corresponding to the MAC address being deleted. Configurable data MAC Address - Accepts user input for the MAC address to be deleted.
  • Page 150 Main Menu Web-Based Management Interface VLAN ID - Displays the VLAN ID corresponding to the MAC address. Number of Dynamic MAC addresses learned - Displays the number of dynamically learned MAC addresses on a specific port. 6.2.2.9.5. Viewing Port Security Violation Status Page Selection Criteria Slot/port - Select the physical interface for which you want to display data.
  • Page 151 Main Menu Web-Based Management Interface Admin Mode - Select the interface mode for the selected interface for Port Link-up state for the switch from the pulldown menu. The default is disable. Create New Group - Create the new Group to set the port link state status. Group Mode - Select the group interface mode for the selected interface for Port Link-up The default is disable.
  • Page 152 Main Menu Web-Based Management Interface 6.2.2.10.3 Port Backup Configuration Admin Mode - Select the interface mode for the selected interface for Port Link-up state for the switch from the pulldown menu. The default is disable. Create New Group - Create the new Group to set the port link state status. Group Mode - Select the group interface mode for the selected interface for Port Link-up The default is disable.

  • Page 153: Routing Menu

    Main Menu Web-Based Management Interface 6.2.3 Routing Menu 6.2.3.1 Managing ARP Table 6.2.3.1.1. Creating ARP entries Use this panel to add an entry to the Address Resolution Protocol table. Configurable Data IP - Specifies all the existing static ARP along with an additional option "Create". When the user selects "Create"...
  • Page 154 Main Menu Web-Based Management Interface Response Time - Enter the value you want the switch to use for the ARP response timeout. You must enter a valid integer, which represents the number of seconds the switch will wait for a response to an ARP request. The range for this field is 1 to 10 seconds.
  • Page 155 Main Menu Web-Based Management Interface Type - The type of the ARP entry: Local - An ARP entry associated with one of the switch's routing interface's MAC addresses Gateway - A dynamic ARP entry whose IP address is that of a router Static - An ARP entry configured by the user Dynamic - An ARP entry which has been learned by the router Age - Age since the entry was last refreshed in the ARP Table.
  • Page 156 Main Menu Web-Based Management Interface IP Forwarding Mode - Select enable or disable from the pulldown menu. This enables or disables the forwarding of IP frames. The default value is enable. Non-Configurable Data Default Time to Live - The default value inserted into the Time-To-Live field of the IP header of datagrams originated by the switch, if a TTL value is not supplied by the transport layer protocol.
  • Page 157 Main Menu Web-Based Management Interface them to that final destination. In entities which do not act as IP Gateways, this counter will include only those packets which were Source-Routed via this entity, and the Source-Route option processing was successful. IpInUnknownProtos - The number of locally-addressed datagrams received successfully but discarded because of an unknown or unsupported protocol.
  • Page 158 Main Menu Web-Based Management Interface IpRoutingDiscards - The number of routing entries which were chosen to be discarded even though they are valid. One possible reason for discarding such an entry could be to free-up buffer space for other routing entries. IcmpInMsgs - The total number of ICMP messages which the entity received.
  • Page 159 Main Menu Web-Based Management Interface IcmpOutEchos - The number of ICMP Echo (request) messages sent. IcmpOutEchoReps - The number of ICMP Echo Reply messages sent. IcmpOutTimestamps - The number of ICMP Timestamp (request) messages. IcmpOutTimestampReps - The number of ICMP Timestamp Reply messages sent. IcmpOutAddrMasks - The number of ICMP Address Mask Request messages sent.
  • Page 160 Main Menu Web-Based Management Interface Command Buttons Refresh - Refresh the data on the screen with the present state of the data in the switch. Lan Switch and Router Blade...
  • Page 161 Main Menu Web-Based Management Interface 6.2.3.2.3. Configuring IP Interfaces Selection Criteria Slot/port - Select the interface for which data is to be displayed or configured. Configurable Data IP Address - Enter the IP address for the interface. Subnet Mask - Enter the subnet mask for the interface. This is also referred to as the subnet/network mask, and defines the portion of the interface's IP address that is used to identify the attached network.
  • Page 162 Main Menu Web-Based Management Interface Secondary IP Address - Proceed to the Secondary IP Address configuration screen. 6.2.3.3 Managing OSPF 6.2.3.3.1. Configuring OSPF Configurable Data Router ID - The 32 bit integer in dotted decimal format that uniquely identifies the router within the autonomous system (AS).
  • Page 163 Main Menu Web-Based Management Interface areas. The default value is 'enable'. To prevent routing loops, you should select 'disable', but only if all OSPF routers in the routing domain are capable of operating according to RFC 2328. Exit Overflow Interval - Enter the number of seconds that, after entering overflow state, the router should wait before attempting to leave overflow state.
  • Page 164 Main Menu Web-Based Management Interface Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. 6.2.3.3.2. Configuring Area Selection Criteria Area ID - Select the area to be configured. Configurable Data Import Summary LSAs - Select enable or disable from the pulldown menu.
  • Page 165 Main Menu Web-Based Management Interface Translator Role - Select Always or Candidate from the pulldown menu. A value of always will cause the router to assume the role of the translator when it becomes a border router and a value of candidate will cause the router to participate in the translator election process when it attains border router status.
  • Page 166 Main Menu Web-Based Management Interface Type of Service - The type of service associated with the stub metric. The switch supports Normal only. Translator Status - The field tells you the translator is enabled or disabled. Command Buttons Create Stub Area - Configure the area as a stub area. Delete Stub Area - Delete the stub area designation.
  • Page 167 Main Menu Web-Based Management Interface 6.2.3.3.3. Viewing Stub Area Summary Information Non-Configurable Data Area ID - The Area ID of the Stub area Type of Service - The type of service associated with the stub metric. The switch supports Normal only. Metric Value - Set the metric value you want applied for the default route advertised into the area.
  • Page 168 Main Menu Web-Based Management Interface 6.2.3.3.4. Configuring Area Range Selection Criteria Area ID - Selects the area for which data is to be configured. Configurable Data IP address - Enter the IP Address for the address range for the selected area. Subnet Mask - Enter the Subnet Mask for the address range for the selected area.
  • Page 169 Main Menu Web-Based Management Interface 6.2.3.3.5. View Interface Statistics This panel displays statistics for the selected interface. The information will be displayed only if OSPF is enabled. Selection Criteria Slot/port - Select the interface for which data is to be displayed. Non-Configurable Data OSPF Area ID - The OSPF area to which the selected router interface belongs.
  • Page 170 Main Menu Web-Based Management Interface Originate New LSAs - The number of new link-state advertisements that have been originated. In any given OSPF area, a router will originate several LSAs. Each router originates a router-LSA. If the router is also the Designated Router for any of the area's networks, it will originate network-LSAs for those networks.
  • Page 171 Main Menu Web-Based Management Interface network . *NOTE: once OSPF is initialized on the router, it will remain initialized until the router is reset. OSPF Area ID - Enter the 32 bit integer in dotted decimal format that uniquely identifies the OSPF area to which the selected router interface connects.
  • Page 172 Main Menu Web-Based Management Interface choose 'simple' authentication you cannot use a key of more than 8 octets. If you choose 'encrypt' the key may be up to 16 octets long. The key value will only be displayed if you are logged on with Read/Write privileges, otherwise it will be displayed as asterisks.
  • Page 173 Main Menu Web-Based Management Interface Backup Designated Router either. The router attempts to form adjacencies to both the Designated Router and the Backup Designated Router. The State is only displayed if the OSPF admin mode is enabled. Designated Router - The identity of the Designated Router for this network, in the view of the advertising router.
  • Page 174 Main Menu Web-Based Management Interface Lan Switch and Router Blade...
  • Page 175 Main Menu Web-Based Management Interface 6.2.3.3.7. Viewing Neighbor Table Information This panel displays the OSPF neighbor table list. When a particular neighbor ID is specified, detailed information about a neighbor is given. The information below will only be displayed if OSPF is enabled.
  • Page 176 Main Menu Web-Based Management Interface Slot/port - Selects the interface for which data is to be displayed or configured. Slot 0 is the base unit. Neighbor IP Address - Selects the IP Address of the neighbor for which data is to be displayed.
  • Page 177 Main Menu Web-Based Management Interface Permanence - This variable displays the status of the entry. 'dynamic' and 'permanent' refer to how the neighbor became known. Hellos Suppressed - This indicates whether Hellos are being suppressed to the neighbor. Retransmission Queue Length - The current length of the retransmission queue. Command Buttons Refresh - Refresh the data on the screen with the present state of the data in the switch.
  • Page 178 Main Menu Web-Based Management Interface Router Links Network Links Network Summary ASBR Summary AS-external LS ID - The Link State ID identifies the piece of the routing domain that is being described by the advertisement. The value of the LS ID depends on the advertisement's LS type. Age - The time since the link state advertisement was first originated, in seconds.
  • Page 179 Main Menu Web-Based Management Interface 6.2.3.3.10. Configuring OSPF Virtual Link Selection Criteria Create New Virtual Link - Select this option from the dropdown menu to define a new virtual link. The area portion of the virtual link identification is fixed: you will be prompted to enter the Neighbor Router ID on a new screen.
  • Page 180 Main Menu Web-Based Management Interface choose 'simple' authentication you cannot use a key of more than 8 octets. If you choose 'encrypt' the key may be up to 16 octets long. The key value will only be displayed if you are logged on with Read/Write privileges, otherwise it will be displayed as asterisks.
  • Page 181 Main Menu Web-Based Management Interface 6.2.3.3.11. Viewing OSPF Virtual Link Summary Table Non-Configurable Data Area ID - The Area ID portion of the virtual link identification for which data is to be displayed. The Area ID and Neighbor Router ID together define a virtual link. Neighbor Router ID - The neighbor portion of the virtual link identification.
  • Page 182 Main Menu Web-Based Management Interface 6.2.3.3.12. Configuring OSPF Route Redistribution This screen can be used to configure the OSPF Route Redistribution parameters. The allowable values for each fields are displayed next to the field. If any invalid values are entered, an alert message will be displayed with the list of all the valid values.
  • Page 183 Main Menu Web-Based Management Interface All other fields (source and destination port, precedence, tos, etc.) are ignored. The source IP address is compared to the destination IP address of the route. The source IP netmask in the access list rule is treated as a wildcard mask, indicating which bits in the source IP address must match the destination address of the route.
  • Page 184 Main Menu Web-Based Management Interface 6.2.3.3.13. Viewing OSPF Route Redistribution Summary Information This screen displays the OSPF Route Redistribution Configurations. Non Configurable Data Source - The Source Route to be Redistributed by OSPF. Metric- The Metric of redistributed routes for the given Source Route. Display "Unconfigured"...
  • Page 185 Main Menu Web-Based Management Interface Admin Mode - Select enable or disable from the pulldown menu. When you select 'enable' BOOTP/DHCP requests will be forwarded to the IP address you entered in the 'Server IP address' field. Minimum Wait Time - Enter a time in seconds. This value will be compared to the time stamp in the client's request packets, which should represent the time since the client was powered up.
  • Page 186 Main Menu Web-Based Management Interface Minimum Wait Time - The Minimum time in seconds. This value will be compared to the time stamp in the client's request packets, which should represent the time since the client was powered up. Packets will only be forwarded when the time stamp exceeds the minimum wait time.
  • Page 187 Main Menu Web-Based Management Interface Configurable Data Admin Mode - Select enable or disable from the pull down menu. When you select 'enable', the IP Domain Naming System (DNS)-based host name-to-address translation will be enabled. Default Domain Name - Default domain name used to complete unqualified host names. Do not include the initial period that separates an unqualified name from the domain name.
  • Page 188 Main Menu Web-Based Management Interface Submit - Sends the updated configuration to the switch. Configuration changes take effect immediately. Delete - Deletes the domain name entry. Sends the updated configuration to the switch. Configuration changes take effect immediately. Delete All - Deletes all the domain name entries. Sends the updated configuration to the switch.
  • Page 189 Main Menu Web-Based Management Interface 6.2.3.5.4. Viewing DNS Cache Summary Information The Domain Name System (DNS) dynamically maps domain name to Internet (IP) addresses. This panel displays the current contents of the DNS cache. Non-Configurable Data Domain Name List - The domain name associated with this record. IP address - The IP address associated with this record.
  • Page 190 Main Menu Web-Based Management Interface 6.2.3.5.5. Configuring DNS Host You can use this screen to change the configuration parameters for the static entry in the DNS table. You can also use this screen to display the contents of the table. Configurable Data Domain - Specifies all the existing hosts along with an additional option "Create".
  • Page 191 Main Menu Web-Based Management Interface horizon is a technique for avoiding problems caused by including routes in updates sent to the router from which the route was originally learned. The options are: None - no special processing for this case. Simple - a route will not be included in updates sent to the router from which it was learned.
  • Page 192 Main Menu Web-Based Management Interface Slot/port - The slot and port for which the information is being displayed. IP Address - The IP Address of the router interface. Send Version - The RIP version to which RIP control packets sent from the interface conform.
  • Page 193 Main Menu Web-Based Management Interface broadcast. RIP-2 - send RIP version 2 packets using multicast. None - no RIP control packets will be sent. The default is RIP-2. Receive Version - Select what RIP control packets the interface will accept from the pulldown menu.
  • Page 194 Main Menu Web-Based Management Interface Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed 6.2.3.6.4. Configuring Route Redistribution Configuration This screen can be used to configure the RIP Route Redistribution parameters. The allowable values for each field are displayed next to the field.
  • Page 195 Main Menu Web-Based Management Interface The default is Internal. Distribute List - Distribute List - Sets the Access List that filters the routes to be redistributed by the destination protocol. Only permitted routes are redistributed. If this command refers to a non-existent access list, all routes are permitted. The valid values for Access List IDs are (1 to 199).
  • Page 196 Main Menu Web-Based Management Interface 6.2.3.6.5. Viewing Route Redistribution Configuration This screen displays the RIP Route Redistribution Configurations. Non Configurable Data Source - The Source Route to be Redistributed by RIP. Metric- The Metric of redistributed routes for the given Source Route. Displays "Unconfigured"...
  • Page 197 Main Menu Web-Based Management Interface 6.2.3.7 Managing Router Discovery 6.2.3.7.1. Configuring Router Discovery Selection Criteria Slot/port - Select the router interface for which data is to be configured. Configurable Data Advertise Mode - Select enable or disable from the pulldown menu. If you select enable, Router Advertisements will be transmitted from the selected interface.
  • Page 198 Main Menu Web-Based Management Interface 6.2.3.7.2. Viewing Router Discovery Status Non-Configurable Data Slot/port - The router interface for which data is displayed. Advertise Mode - The values are enable or disable. Enable denotes that Router Discovery is enabled on that interface. Advertise Address - The IP Address used to advertise the router.
  • Page 199 Main Menu Web-Based Management Interface 6.2.3.8 Managing Route Table 6.2.3.8.1. Viewing Router Route Table Non-Configurable Data Network Address - The IP route prefix for the destination. Subnet Mask - Also referred to as the subnet/network mask, this indicates the portion of the IP interface address that identifies the attached network.
  • Page 200 Main Menu Web-Based Management Interface BGP4 Next Hop Slot/port - The outgoing router interface to use when forwarding traffic to the destination. Next Hop IP Address - The outgoing router IP address to use when forwarding traffic to the next router (if any) in the path towards the destination. The next router will always be one of the adjacent neighbors or the IP address of the local interface for a directly attached network.
  • Page 201 Main Menu Web-Based Management Interface OSPF Type-2 BGP4 Next Hop Slot/port - The outgoing router interface to use when forwarding traffic to the destination. Next Hop IP Address - The outgoing router IP address to use when forwarding traffic to the next router (if any) in the path towards the destination.
  • Page 202 Main Menu Web-Based Management Interface Protocol - This field tells which protocol created the specified route. The possibilities are one of the following: Static Default MPLS OSPF Intra OSPF Inter OSPF Type-1 OSPF Type-2 BGP4Local Next Hop Slot/port - The outgoing router interface to use when forwarding traffic to the destination.
  • Page 203 Main Menu Web-Based Management Interface needs to be specified is the next hop IP address, otherwise each field needs to be specified. Non-Configurable Data Network Address - The IP route prefix for the destination. Subnet Mask - Also referred to as the subnet/network mask, this indicates the portion of the IP interface address that identifies the attached network.
  • Page 204 Main Menu Web-Based Management Interface Configurable Data Static - The static route preference value in the router. The default value is 1. The range is 1 to 255. OSPF Intra - The OSPF intra route preference value in the router. The default value is 8. The range is 1 to 255.
  • Page 205 Main Menu Web-Based Management Interface 6.2.3.9 Managing VLAN Routing 6.2.3.9.1. Configuring VLAN Routing Selection Criteria VLAN ID - Enter the ID of a VLAN you want to configure for VLAN Routing. Initially, the field will display the ID of the first VLAN. After you enter a new VLAN ID and click on the Create button the non-configurable data will be displayed.
  • Page 206 Main Menu Web-Based Management Interface Use the index pane to change to the IP Interface Configuration page. Select the interface assigned to the VLAN. The IP address and Subnet Mask fields will be 0.0.0.0. Enter the IP address and subnet mask for the VLAN. Select the Submit button.
  • Page 207 Main Menu Web-Based Management Interface 6.2.3.10 Managing VRRP 6.2.3.10.1. Configuring VRRP Configurable Data VRRP Admin Mode - This sets the administrative status of VRRP in the router to active or inactive. Select enable or disable from the pulldown menu. The default is disable. Command Buttons Submit - Send the updated configuration to the switch.
  • Page 208 Main Menu Web-Based Management Interface Router, or select one of the existing Virtual Routers, listed by interface number and VRID. Configurable Data VRID - This field is only configurable if you are creating new Virtual Router, in which case enter the VRID in the range 1 to 255 . Slot/port - This field is only configurable if you are creating new Virtual Router, in which case select the Slot/port for the new Virtual Router from the pulldown menu.
  • Page 209 Main Menu Web-Based Management Interface 6.2.3.10.3. Viewing Virtual Router Status Non-Configurable Data VRID - Virtual Router Identifier. Slot/port - Indicates the interface associate with the VRID. Priority - The priority value used by the VRRP router in the election for the master virtual router.
  • Page 210 Main Menu Web-Based Management Interface Owner - Set to 'True' if the Virtual IP Address and the Interface IP Address are the same, otherwise set to 'False'. If this parameter is set to 'True', the Virtual Router is the owner of the Virtual IP Address, and will always win an election for master router when it is active.
  • Page 211 Main Menu Web-Based Management Interface Router Checksum Errors - The total number of VRRP packets received with an invalid VRRP checksum value. Router Version Errors - The total number of VRRP packets received with an unknown or unsupported version number. Router VRID Errors - The total number of VRRP packets received with an invalid VRID for this virtual router.

  • Page 212: Security Menu

    Main Menu Web-Based Management Interface Command Buttons Refresh - Refresh the data on the screen with the present state of the data in the switch. 6.2.4 Security Menu 6.2.4.1 Managing Access Control (802.1x) 6.2.4.1.1. Defining Access Control Page Configurable Data Administrative Mode - This selector lists the two options for administrative mode: enable and disable.
  • Page 213 Main Menu Web-Based Management Interface Port - Selects the port to be configured. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid. Configurable Data Control Mode - This selector lists the options for control mode.
  • Page 214 Main Menu Web-Based Management Interface Reauthentication Enabled - This field allows the user to enable or disable reauthentication of the supplicant for the specified port. The selectable values are 'true' and 'false'. If the value is 'true' reauthentication will occur. Otherwise, reauthentication will not be allowed.
  • Page 215 Main Menu Web-Based Management Interface 6.2.4.1.3. Viewing each Port Access Control Configuration Information Page Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port. All physical interfaces are valid.
  • Page 216 Main Menu Web-Based Management Interface and Authenticator. This affects whether the unauthorized controlled port exerts control over communication in both directions (disabling both incoming and outgoing frames) or just in the incoming direction (disabling only the reception of incoming frames). This field is not configurable on some platforms.
  • Page 217 Main Menu Web-Based Management Interface 6.2.4.1.4. Viewing Access Control Summary Page Non-Configurable Data Port - Specifies the port whose settings are displayed in the current table row. Control Mode - This field indicates the configured control mode for the port. Possible values are: Force Unauthorized: The authenticator port access entity (PAE) unconditionally sets the controlled port to unauthorized.
  • Page 218 Main Menu Web-Based Management Interface Command Buttons Refresh - Update the information on the page. 6.2.4.1.5. Viewing each Port Access Control Statistics Page Selection Criteria Port - Selects the port to be displayed. When the selection is changed, a screen refresh will occur causing all fields to be updated for the newly selected port.
  • Page 219 Main Menu Web-Based Management Interface frames that have been received by this authenticator. EAP Response Frames Received - This displays the number of valid EAP response frames (other than resp/id frames) that have been received by this authenticator. EAP Request/Id Frames Transmitted - This displays the number of EAP request/identity frames that have been transmitted by this authenticator.
  • Page 220 Main Menu Web-Based Management Interface Submit - Sends the updated screen to the switch and causes the changes to take effect on the switch but these changes will not be retained across a power cycle unless a save is performed. Refresh - Update the information on the page.
  • Page 221 Main Menu Web-Based Management Interface Users - Displays the users that have access to the port. Command Buttons Refresh - Update the information on the page. 6.2.4.2 Managing RADIUS 6.2.4.2.1. Configuring RADIUS Configuration Page Configurable Data Max Number of Retransmits - The value of the maximum number of times a request packet is retransmitted.
  • Page 222 Main Menu Web-Based Management Interface RADIUS servers are configured, the max retransmit value on each will be exhausted before the next server is attempted. A retransmit will not occur until the configured timeout value on that server has passed without a response from the RADIUS server. Therefore, the maximum delay in receiving a response from the RADIUS application equals the sum of (retransmit times timeout) for all configured servers.
  • Page 223 Main Menu Web-Based Management Interface 6.2.4.2.2. Viewing Radius Statistics Page Non-Configurable Data Invalid Server Addresses - The number of RADIUS Access-Response packets received from unknown addresses. Command Buttons Refresh - Update the information on the page. 6.2.4.2.3. Configuring RADIUS Server Configuration Page Selection Criteria RADIUS Server IP Address - Selects the RADIUS server to be configured.
  • Page 224 Main Menu Web-Based Management Interface save is performed. Refresh - Update the information on the page. 6.2.4.2.4. Viewing RADIUS Server Statistics Page Selection Criteria RADIUS Server IP Address - Selects the IP address of the RADIUS server for which to display statistics.
  • Page 225 Main Menu Web-Based Management Interface Packets Dropped - The number of RADIUS packets received from this server on the authentication port and dropped for some other reason. Command Buttons Refresh - Update the information on the page. 6.2.4.2.5. Defining RADIUS Accounting Server Configuration Page Selection Criteria Accounting Server IP Address - Selects the accounting server for which data is to be displayed or configured.
  • Page 226 Main Menu Web-Based Management Interface on the switch but these changes will not be retained across a power cycle unless a save is performed. Remove - Remove the selected accounting server from the configuration. This button is only available to READWRITE users. These changes will not be retained across a power cycle unless a save is performed.
  • Page 227 Main Menu Web-Based Management Interface server on the accounting port and dropped for some other reason. Command Buttons Refresh - Update the information on the page. 6.2.4.2.7. Resetting All RADIUS Statistics Page Command Buttons Clear All RADIUS Statistics - This button will clear the accounting server, authentication server, and RADIUS statistics.
  • Page 228 Main Menu Web-Based Management Interface data on this screen. Configurable Data Authen. State - TACACS+ administration mode which are Enable and Disable. Server ID - The TACACS+ server index which are 1, 2, and 3. Authen. Server - TACACS+ server IP address. Authen.
  • Page 229 Main Menu Web-Based Management Interface Filter Address 1~5 - Stations that are allowed to make configuration changes to the Switch. Command Buttons Submit - Send the updated screen to the switch. Changes take effect on the switch but these changes will not be retained across a power cycle unless a save is performed. 6.2.4.5 Defining Secure Http Configuration 6.2.4.5.1.
  • Page 230 Main Menu Web-Based Management Interface 6.2.4.6 Defining Secure Shell Configuration 6.2.4.6.1. Configuring Secure Shell Configuration Page Configurable Data Admin Mode - This select field is used to Enable or Disable the administrative mode of SSH. The currently configured value is shown when the web page is displayed. The default value is Disable.

  • Page 231: Qos Menu

    Main Menu Web-Based Management Interface Submit - Send the updated screen to the switch. Changes take effect on the switch but these changes will not be retained across a power cycle unless a save is performed. Download Host Keys - Link to the File Transfer page for the Host Key download. Note that to download SSH key files SSH must be administratively disabled and there can be no active SSH sessions.
  • Page 232 Main Menu Web-Based Management Interface Table - Displays the current and maximum number of IP ACLs. Command Buttons Submit - Send the updated configuration to the switch. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed.
  • Page 233 Main Menu Web-Based Management Interface 6.2.5.1.3. Configuring IP Access Control List Rule Configuration Page Use these screens to configure the rules for the IP Access Control Lists created using the IP Access Control List Configuration screen. What is shown on this screen varies depending on the current step in the rule configuration process.
  • Page 234 Main Menu Web-Based Management Interface not be offered. To configure specific match criteria for the rule, remove the rule and re-create it, or re-configure 'Match Every' to 'False' for the other match criteria to be visible. Protocol Keyword - Specify that a packet's IP protocol is a match condition for the selected IP ACL rule.
  • Page 235 Main Menu Web-Based Management Interface Specify the IP DiffServ Code Point (DSCP) field. The DSCP is defined as the high-order six bits of the Service Type octet in the IP header. This is an optional configuration. Enter an integer from 0 to 63. The IP DSCP is selected by possibly selection one of the DSCP keyword from a dropdown box.
  • Page 236 Main Menu Web-Based Management Interface 6.2.5.1.4. Configuring MAC Access Control List Configuration Page A MAC ACL consists of a set of rules which are matched sequentially against a packet. When a packet meets the match criteria of a rule, the specified rule action (Permit/Deny) is taken and the additional rules are not checked for a match.
  • Page 237 Main Menu Web-Based Management Interface Delete - Removes the currently selected MAC ACL from the switch configuration. 6.2.5.1.5. Viewing MAC Access Control List Summary Page Non-Configurable Data MAC ACL Name - MAC ACL identifier. Rules - The number of rules currently configured for the MAC ACL. Direction - The direction of packet traffic affected by the MAC ACL.
  • Page 238 Main Menu Web-Based Management Interface 6.2.5.1.6. Configuring MAC Access Control List Rule Configuration Page Selection Criteria MAC ACL - Select the MAC ACL for which to create or update a rule. Rule - Select an existing rule or select 'Create New Rule' to add a new Rule. New rules cannot be created if the maximum number of rules has been reached.
  • Page 239 Main Menu Web-Based Management Interface VLAN - Specifies the VLAN ID to compare against an Ethernet frame. Valid range of values is (1 to 3965). Either VLAN Range or VLAN can be configured. Match Every - Specifies an indication to match every Layer 2 MAC packet. Valid values are True - Signifies that every packet is considered to match the selected ACL Rule.
  • Page 240 Main Menu Web-Based Management Interface ACL Type - Specifies the type of ACL. Valid ACL Types IP ACL MAC ACL IP ACL - Specifies list of all IP ACLs. This field is visible only if the user has selected "IP ACL"...
  • Page 241 Main Menu Web-Based Management Interface The processing is defined by a policy's attributes. Policy attributes may be defined on a per-class instance basis, and it is these attributes that are applied when a match occurs. The configuration process begins with defining one or more match criteria for a class. Then one or more classes are added to a policy.
  • Page 242 Main Menu Web-Based Management Interface 6.2.5.2.2. Configuring DiffServ Class Configuration Page Selection Criteria Class Selector - Along with an option to create a new class, this lists all the existing DiffServ class names, from which one can be selected. The content of this screen varies based on the selection of this field.
  • Page 243 Main Menu Web-Based Management Interface non-configurable field. Match Criteria - Displays the configured match criteria for the specified class. Values - Displays the values of the configured match criteria. 6.2.5.2.3. Viewing DiffServ Class Summary Page Non-Configurable Data Class Name - Displays names of the configured DiffServ classes. Class Type - Displays types of the configured classes as 'all', 'any', or 'acl'.
  • Page 244 Main Menu Web-Based Management Interface Policy Type - In indicates the type is specific to inbound traffic direction. Only when a new policy is created, this field is a selector field. After policy creation this becomes a non-configurable field displaying the configured policy type. Available Class List - This lists all existing DiffServ class names, from which one can be selected.
  • Page 245 Main Menu Web-Based Management Interface 6.2.5.2.6. Configuring DiffServ Policy Class Definition Page Selection Criteria Policy Selector - This lists all the existing DiffServ policy names, from which one can be selected. Member Class List - This lists all existing DiffServ classes currently defined as members of the specified Policy, from which one can be selected.
  • Page 246 Main Menu Web-Based Management Interface Command Buttons Refresh - Refresh the displayed data. 6.2.5.2.8. Configuring DiffServ Service Configuration Page Selection Criteria Slot/Port - Select the Slot/Port that uniquely specifies an interface. This is a list of all valid slot number and port number combinations in the system. For Read/Write users where 'All' appears in the list, select it to specify all interfaces.
  • Page 247 Main Menu Web-Based Management Interface 6.2.5.2.9. Viewing DiffServ Service Summary Page Non-Configurable Data Slot/Port - Shows the Slot/Port that uniquely specifies an interface. Direction - Shows the traffic direction of this service interface, either In or Out. Oper. Status - Shows the operational status of this service interface. Policy Name - Shows the name of the attached policy.
  • Page 248 Main Menu Web-Based Management Interface 6.2.5.2.11. Viewing DiffServ Service Detailed Statistics Page This screen displays class-oriented statistical information for the policy, which is specified by the interface and direction. The 'Member Classes' drop down list is populated on the basis of the specified interface and direction and hence the attached policy (if any).
  • Page 249 Main Menu Web-Based Management Interface 6.2.5.3 Configuring Diffserv Wizard Page Operation The DiffServ Wizard enables DiffServ on the switch by creating a traffic class, adding the traffic class to a policy, and then adding the policy to the ports selected on DiffServ Wizard page. The DiffServ Wizard will: Create a DiffServ Class and define match criteria used as a filter to determine if incoming traffic meets the requirements to be a member of the class.
  • Page 250 Main Menu Web-Based Management Interface Ports - List the ports which can be configured to support a DiffServ policy. The DiffServ policy will be added to selected ports. Policing - Enabling policing will add policing to the DiffServ Policy and the policing rate will be applied.
  • Page 251 Main Menu Web-Based Management Interface trust dot1p trust ip-precedence Default value is trust dot1p. IP Precedence Traffic Class - Specify which internal traffic class to map the corresponding IP Precedence value. Valid Range is (0 to 7) . Non-Configurable Data Untrusted Traffic Class - Displays traffic class (i.e.
  • Page 252 Main Menu Web-Based Management Interface Lan Switch and Router Blade...
  • Page 253 Main Menu Web-Based Management Interface 6.2.5.4.2. Configuring CoS interface Selection Criteria Slot/port - Specifies all CoS configurable interfaces. The option "Global" represents the most recent global configuration settings. These may be overridden on a per-interface basis. Configurable Data Interface Shaping Rate - Specifies the maximum bandwidth allowed, typically used to shape the outbound transmission rate.
  • Page 254 Main Menu Web-Based Management Interface (100). This value is considered while configuring the Minimum Bandwidth for a queue in the selected interface. Minimum Bandwidth - Specifies the minimum guaranteed bandwidth allotted to this queue. Setting this value higher than its corresponding Maximum Bandwidth automatically increases the maximum to the same value.

  • Page 255: Ip Multicast Menu

    Main Menu Web-Based Management Interface 6.2.5.4.4. Viewing CoS interface queue status Selection Criteria Slot/port - Specifies all CoS configurable interfaces. The option "Global" represents the most recent global configuration settings. These may be overridden on a per-interface basis. Non-Configurable Data Queue ID - Specifies the queueID.
  • Page 256 Main Menu Web-Based Management Interface 6.2.6.1 Managing DVMRP Protocol 6.2.6.1.1. Configuring DVMRP Global Configuration Page Configurable Data Admin Mode - Select enable or disable from the dropdown menu. This sets the administrative status of DVMRP to active or inactive. The default is disable. Non-Configurable Data Version - The current value of the DVMRP version string.
  • Page 257 Main Menu Web-Based Management Interface administrative mode of the selected DVMRP routing interface. Interface Metric - Enter the DVMRP metric for the selected interface. This value is sent in DVMRP messages as the cost to reach this network. Valid values are from (1 to 31). Command Buttons Submit - Send the updated configuration to the switch.
  • Page 258 Main Menu Web-Based Management Interface Received Bad Packets - The number of invalid packets received on the selected interface. Received Bad Routes - The number of invalid routes received on the selected interface. Sent Routes - The number of routes sent on the selected interface. Neighbor IP - The IP address of the neighbor whose information is displayed.
  • Page 259 Main Menu Web-Based Management Interface 6.2.6.1.4. Viewing DVMRP Next Hop Configuration Summary Non-Configurable Data Source IP - The IP address used with the source mask to identify the source network for this table entry. Source Mask - The network mask used with the source IP address. Next Hop Interface - The outgoing interface for this next hop.
  • Page 260 Main Menu Web-Based Management Interface 6.2.6.1.5. Viewing DVMRP Prune Summary Non-Configurable Data Group IP - The group address which has been pruned. Source IP - The address of the source or source network which has been pruned. Source Mask - The subnet mask to be combined with the source IP address to identify the source or source network which has been pruned.
  • Page 261 Main Menu Web-Based Management Interface Source Mask - The subnet mask to be combined with the source address to identify the sources for this entry. Upstream Neighbor - The address of the upstream neighbor (e.g., RPF neighbor) from which IP datagrams from these sources are received. Interface - The interface on which IP datagrams sent by these sources are received.
  • Page 262 Main Menu Web-Based Management Interface 6.2.6.2.2. Configuring IGMP Interface Configuration Page Selection Criteria Slot/port - Select the slot and port for which data is to be displayed or configured from the pulldown menu. Slot 0 is the base unit. You must have configured at least one router interface before configuring or displaying data for an IGMP interface, otherwise an error message will be displayed.
  • Page 263 Main Menu Web-Based Management Interface used for IGMP version 1. Last Member Query Count - Enter the number of queries to be sent on receiving a leave group report. Valid values are from 1 to 20. The default value is 2. Command Buttons Submit - Send the updated configuration to the router.
  • Page 264 Main Menu Web-Based Management Interface Query Interval - The frequency at which IGMP host-query packets are transmitted on the selected interface. Query Max Response Time - The maximum query response time advertised in IGMPv2 queries sent from the selected interface. Robustness - The robustness parameter for the selected interface.
  • Page 265 Main Menu Web-Based Management Interface 6.2.6.2.4. Viewing IGMP Cache Information Selection Criteria Slot/port - Select the Slot and port for which data is to be displayed. Slot 0 is the base unit. Multicast Group IP - Select the IP multicast group address for which data is to be displayed.
  • Page 266 Main Menu Web-Based Management Interface Up Time - The time elapsed since this entry was created. Expiry Time - The minimum amount of time remaining before this entry will be aged out. Version 1 Host Timer - The time remaining until the local router will assume that there are no longer any IGMP version 1 members on the IP subnet attached to this interface.
  • Page 267 Main Menu Web-Based Management Interface Interface - This parameter shows the interface on which multicast packets are forwarded. Group Compatibility Mode - This parameter shows group compatibility mode (v1, v2 and v3) for this group on the specified interface. Source Filter Mode - The source filter mode (Include/Exclude/NA) for the specified group on this interface.
  • Page 268 Main Menu Web-Based Management Interface Submit - Send the updated configuration to the router. Configuration changes take effect immediately. These changes will not be retained across a power cycle unless a save is performed. 6.2.6.3.2. Configuring Interface’s Multicast Configuration Page Selection Criteria Slot/port - Select the routing interface you want to configure from the dropdown menu.
  • Page 269 Main Menu Web-Based Management Interface Selection Criteria Source IP - Enter the IP address of the multicast packet source to be combined with the Group IP to fully identify a single route whose Mroute table entry you want to display or clear.
  • Page 270 Main Menu Web-Based Management Interface select one of the existing entries from the pulldown menu. Configurable Data Source IP - Enter the IP Address that identifies the multicast packet source for the entry you are creating. Source Mask - Enter the subnet mask to be applied to the Source IP address. RPF Neighbor - Enter the IP address of the neighbor router on the path to the source.
  • Page 271 Main Menu Web-Based Management Interface 6.2.6.3.6. Configuring Multicast Admin Boundary Configuration Page The definition of an administratively scoped boundary is a mechanism is a way to stop the ingress and egress of multicast traffic for a given range of multicast addresses on a given routing interface.
  • Page 272 Main Menu Web-Based Management Interface 6.2.6.3.7. Viewing Multicast Admin Boundary Configuration Page Non-Configurable Data Slot/port - The router interface to which the administratively scoped address range is applied. Group IP - The multicast group address for the start of the range of addresses to be excluded.
  • Page 273 Main Menu Web-Based Management Interface 6.2.6.4.2. Viewing Mrinfo Summary Page This screen displays the results of an mrinfo command. Non-Configurable Data Router Interface - The IP address of the router interface for which configuration information was requested. Neighboring router's IP Address - The IP address of the neighboring router. Metric - The routing metric for this router.
  • Page 274 Main Menu Web-Based Management Interface Submit - Initiate the mstat command on the router. If the mstat command completes successfully the browser will display the Mstat Show screen. If the mstat command fails, you will see the Mstat Run screen again. 6.2.6.4.4.
  • Page 275 Main Menu Web-Based Management Interface Admin Mode - Select enable or disable from the pulldown menu. If you select enable the router will process and forward mtrace requests received from other routers, otherwise received mtrace requests will be discarded. This field is non-configurable for read-only users.
  • Page 276 Main Menu Web-Based Management Interface 6.2.6.4.7. Viewing Mtrace Summary Page This screen displays the results of an mtrace command. The mtrace command is used to trace the path from source to a destination branch for a multicast distribution tree. Non-Configurable Data Number of hops away from destination - The number of hops away from the destination.
  • Page 277 Main Menu Web-Based Management Interface 6.2.6.5.2. Configuring Interface’s PIM-DM Configuration Page Selection Criteria Slot/port - Select the Slot and port for which data is to be displayed or configured. Slot 0 is the base unit. You must have configured at least one router interface before configuring or displaying data for a PIM-DM interface, otherwise an error message will be displayed.
  • Page 278 Main Menu Web-Based Management Interface Hello Interval - The frequency at which PIM hello messages are transmitted on the selected interface. IP Address - The IP address of the selected interface. Neighbor Count - The number of PIM neighbors on the selected interface. Designated Router - The designated router on the selected PIM interface.
  • Page 279 Main Menu Web-Based Management Interface the last-hop router will switch to a source-specific shortest path tree. The valid values are from (0 to 2000 K bits/sec) . The default value is 50. Register Threshold Rate - Enter the minimum source data rate in K bits/second above which the Rendezvous Point router will switch to a source-specific shortest path tree.
  • Page 280 Main Menu Web-Based Management Interface 6.2.6.6.3. Configuring Interface’s PIM-SM Configuration Page Selection Criteria Slot/port - Select the slot and port for which data is to be displayed or configured. Slot 0 is the base unit. Configurable Data Mode - Select enable or disable from the pulldown menu to set the administrative status of PIM-SM in the router.
  • Page 281 Main Menu Web-Based Management Interface Mode - The administrative status of PIM-SM in the router: either enable or disable. Protocol State - The operational state of the PIM-SM protocol on this interface. IP Address - The IP address of the selected PIM interface. Net Mask - The network mask for the IP address of the selected PIM interface.
  • Page 282 Main Menu Web-Based Management Interface 6.2.6.6.5. Viewing PIM-SM Component Summary Page Non-Configurable Data Component Index - Unique number identifying the component index. Component BSR Address - Displays the IP address of the bootstrap router (BSR) for the local PIM region. Component BSR Expiry Time - Displays the minimum time remaining before the bootstrap router in the local domain will be declared.
  • Page 283 Main Menu Web-Based Management Interface 6.2.6.6.7. Viewing PIM-SM Candidate RP Summary Page Non-Configurable Data Group Address - The group address transmitted in Candidate-RP-Advertisements. Group Mask - The group address mask transmitted in Candidate-RP-Advertisements to fully identify the scope of the group which the router will support if elected as a Rendezvous Point.
  • Page 284 Main Menu Web-Based Management Interface Lan Switch and Router Blade...

  • Page 285: Command Reference

    CLI Command Format Command Reference 7 Command Reference The Command Line Interface (CLI) syntax, conventions, and terminology are described in this section. Each CLI command is illustrated using the structure outlined below. 7.1 CLI Command Format Commands are followed by values, parameters, or both. Example 1 IP address <ipaddr>...

  • Page 286: Cli Mode-Based Topology

    CLI Mode-based Topology Command Reference 7.2 CLI Mode-based Topology Parameters Parameters are order dependent. The text in bold italics should be replaced with a name or number. To use spaces as part of a name parameter, enclose it in double quotes like this: "System Name with Spaces". Parameters may be mandatory values, optional values, choices, or a combination.
  • Page 287 CLI Mode-based Topology Command Reference Table 5-1. Network Address Syntax Address Type Format Range 0.0.0.0 to 255.255.255.255 IPAddr A.B.C.D YY:YY:YY:YY:YY:YY hexidecimal digit pairs MacAddr Double quotation marks such as "System Name with Spaces" set off user defined strings. If the operator wishes to use spaces as part of a name parameter then it must be enclosed in double quotation marks.

  • Page 288: System Information And Statistics Commands

    System Information and Statistics commands Command Reference 7.3 System Information and Statistics commands 7.3.1 show arp This command displays connectivity between the switch and other devices. The Address Resolution Protocol (ARP) cache identifies the MAC addresses of the IP stations communicating with the switch.

  • Page 289: Show Eventlog

    System Information and Statistics commands Command Reference Privileged Exec Display Message Current Time displays system time 7.3.3 show eventlog This command displays the event log, which contains error messages from the system, in the Primary Management System . The event log is not cleared on a system reset. Syntax show eventlog Default Setting...

  • Page 290: Show Sysinfo

    System Information and Statistics commands Command Reference with a file name extension of “.scr”, the output will be redirected to a script file. Syntax show running-config [all] [<scriptname>] [all] - enable the display/capture of all commands with settings/configurations that include values that are same as the default values.

  • Page 291: Show System

    System Information and Statistics commands Command Reference 7.3.6 show system This command displays switch system information. Syntax show system Default Setting None Command Mode Privileged Exec Display Message System Description: Text used to identify this switch. System Object ID: The manufacturing ID System Information System Up Time: The time in days, hours and minutes since the last switch reboot.

  • Page 292: Show Version

    System Information and Statistics commands Command Reference Command Mode Privileged Exec Display Message System Description: Text used to identify the product name of this switch. Machine Type: Specifies the machine model as defined by the Vital Product Data. Machine Model: Specifies the machine model as defined by the Vital Product Data. Serial Number: The unique box serial number for this switch.

  • Page 293: Show Loginsession

    System Information and Statistics commands Command Reference Syntax show version Default Setting None Command Mode Privileged Exec Display Message Serial Number: The unique box serial number for this switch. Hardware Version: The hardware version of this switch. It is divided into four parts. The first byte is the major version and the second byte represents the minor version.

  • Page 294: Device Configuration Commands

    Device Configuration Commands Command Reference User Name: The name the user will use to login using the serial port or Telnet. A new user may be added to the switch by entering a name in a blank entry. The user name may be up to 8 characters, and is not case sensitive.
  • Page 295 Device Configuration Commands Command Reference process. Note that the port's maximum capability (full duplex -100M) will be advertised. Otherwise, this object will determine the port's duplex mode and transmission rate. The factory default is Auto. Physical Status: Indicates the port speed and duplex mode. Link Status: Indicates whether the Link is up or down.
  • Page 296 Device Configuration Commands Command Reference The display parameters when the argument is 'all' are as follows: Interface: The physical slot and physical port or the logical slot and logical port. Summary: The summation of the statistics of all ports. Packets Received Without Error: The total number of packets (including broadcast packets and multicast packets) received.
  • Page 297 Device Configuration Commands Command Reference Packets Received 128-255 Octets: The total number of packets (including bad packets) received that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 256-511 Octets: The total number of packets (including bad packets) received that were between 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets).
  • Page 298 Device Configuration Commands Command Reference Total Packets Received with MAC Errors Jabbers Received: The total number of packets received that were longer than 1518 octets (excluding framing bits, but including FCS octets), and had either a bad FCS with an integral number of octets (FCS Error) or a bad FCS with a non-integral number of octets (Alignment Error).
  • Page 299 Device Configuration Commands Command Reference Total Transmit Errors FCS Errors: The total number of packets transmitted that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad FCS with an integral number of octets Tx Oversized: The total number of frames that exceeded the max permitted frame size.
  • Page 300 Device Configuration Commands Command Reference Broadcast Packets Received: The total number of packets received that were directed to the broadcast address. Note that this does not include multicast packets. Receive Packets Discarded: The number of inbound packets which were chosen to be discarded even though no errors had been detected to prevent their being deliverable to a higher-layer protocol.
  • Page 301 Device Configuration Commands Command Reference show interface switch Default Setting None Command Mode Privileged Exec Display Message Packets Received Without Error: The total number of packets (including broadcast packets and multicast packets) received by the processor. Broadcast Packets Received: The total number of packets received that were directed to the broadcast address.
  • Page 302 Device Configuration Commands Command Reference 7.4.1.5 interface range This command is used to enter Interface range configuration mode. Syntax interface range {<slot/port> [ - <slot/port>]} [, {<slot/port> [ - <slot/port>]} [, {<slot/port> [ - <slot/port>]} [, {<slot/port> [ - <slot/port>]} [, {<slot/port> [ - <slot/port>]}]]]] <slot/port>...
  • Page 303 Device Configuration Commands Command Reference This command is used to set the speed and duplex mode for all interfaces. Syntax Speed-duplex all {10 | 100} {full-duplex | half-duplex} 100 - 100BASE-T 10 - 10BASE-T full - duplex - Full duplex half - duplex - Half duplex all - This command represents all interfaces.
  • Page 304 Device Configuration Commands Command Reference Syntax negotiate all no negotiate all all - This command represents all interfaces. no - This command disables automatic negotiation on all interfaces. Default Setting Enable Command Mode Global Config 7.4.1.8 capabilities This command is used to set the capabilities on specific interface. Syntax capabilities {{10 | 100 } {full-duplex | half-duplex}} | {1000 full-duplex } no capabilities {{10 | 100 } {full-duplex | half-duplex}} | {1000 full-duplex }...
  • Page 305 Device Configuration Commands Command Reference Syntax capabilities all {{10 | 100} {full-duplex | half-duplex}} | {1000 full-duplex } no capabilities all {{10 | 100} {full-duplex | half-duplex}} | {1000 full-duplex } 10 - 10BASE-T 100 - 100BASE-T 1000 - 1000BASE-T full-duplex - Full duplex half-duplex - Half duplex all - This command represents all interfaces.
  • Page 306 Device Configuration Commands Command Reference This command enables 802.3x flow control for the specific interface. Note: This command only applies to full-duplex mode ports. Syntax storm-control flowcontrol no storm-control flowcontrol no - This command disables 802.3x flow control for the specific interface. Default Setting Disabled Command Mode...

  • Page 307: L2 Mac Address And Multicast Forwarding Database Tables

    Device Configuration Commands Command Reference Syntax shutdown all no shutdown all all - This command represents all ports. no - This command enables all ports. Default Setting Enabled Command Mode Global Config 7.4.2 L2 MAC Address and Multicast Forwarding Database Tables 7.4.2.1 show mac-addr-table This command displays the forwarding database entries.
  • Page 308 Device Configuration Commands Command Reference software version only supports IVL systems. Interface: The port on which this L2 MAC address was learned. if Index: This object indicates the if Index of the interface table entry associated with this port. Status: The status of this entry. The meanings of the values are: Static: The value of the corresponding instance was added by the system or a user when a static MAC filter was defined.
  • Page 309 Device Configuration Commands Command Reference 7.4.2.3 show mac-address-table igmpsnooping This command displays the IGMP Snooping entries in the Multicast Forwarding Database (MFDB) table. Syntax show mac-address-table igmpsnooping Default Setting None Command Mode Privileged Exec Display Message Mac Address: A unicast MAC address for which the switch has forwarding and/or filtering information.
  • Page 310 Device Configuration Commands Command Reference <vlanid> - VLAN ID (Range: 1 3965) all – This command displays the entire table. Default Setting None Command Mode Privileged Exec Display Message Mac Address: A unicast MAC address for which the switch has forwarding and/or filtering information.
  • Page 311 Device Configuration Commands Command Reference Current Entries: This displays the current number of entries in the Multicast Forwarding Database table. 7.4.2.6 show mac-address-table agetime This command displays the forwarding database address aging timeout. Syntax show mac-address-table agetime Default Setting None Command Mode Privileged Exec Display Message...

  • Page 312: Vlan Management

    Device Configuration Commands Command Reference 7.4.3 VLAN Management 7.4.3.1 show vlan This command displays brief information on a list of all configured VLANs. Syntax show vlan Default Setting None Command Mode Privileged Exec Display Message VLAN ID: There is a VLAN Identifier (vlanid) associated with each VLAN. The range of the VLAN ID is 1 to 3965.
  • Page 313 Device Configuration Commands Command Reference Display Message VLAN ID: There is a VLAN Identifier (VID) associated with each VLAN. The range of the VLAN ID is 1 to 3965. VLAN Name: A string associated with this VLAN as a convenience. It can be up to 16 alphanumeric characters, including blanks.
  • Page 314 Device Configuration Commands Command Reference Command Mode Privileged Exec Display Message Group Name: This field displays the group name of an entry in the Protocol-based VLAN table. Group ID: This field displays the group identifier of the protocol group. Protocol(s): This field indicates the type of protocol(s) for this group. VLAN: This field indicates the VLAN associated with this Protocol Group.
  • Page 315 Device Configuration Commands Command Reference GVRP: May be enabled or disabled. Default Priority: The 802.1p priority assigned to untagged packets arriving on the port. 7.4.3.5 vlan database This command is used to enter VLAN Interface configuration mode Syntax vlan database Default Setting None Command Mode...
  • Page 316 Device Configuration Commands Command Reference 7.4.3.7 vlan name This command changes the name of a VLAN. The name is an alphanumeric string of up to 32 characters, and the ID is a valid VLAN identification number. ID range is 1- 3965. Syntax vlan name <vlanid>...
  • Page 317 Device Configuration Commands Command Reference 7.4.3.9 protocol group This command attaches a <vlanid> to the protocol-based VLAN identified by <group-name>. A group may only be associated with one VLAN at a time, however the VLAN association can be changed. Syntax protocol group <group-name>...
  • Page 318 Device Configuration Commands Command Reference Command Mode Interface Config This command sets the frame acceptance mode for all interfaces. For VLAN Only mode, untagged frames or priority frames received on this interface are discarded. For Admit All mode, untagged frames or priority frames received on this interface are accepted and assigned the value of the interface VLAN ID for this port.
  • Page 319 Device Configuration Commands Command Reference received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN. Default Setting Disabled Command Mode Interface Config This command enables ingress filtering for all ports. If ingress filtering is disabled, frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN.
  • Page 320 Device Configuration Commands Command Reference <vlanid> - VLAN ID (Range: 1 –3965). no - This command sets the VLAN ID per interface to 1. Default Setting Command Mode Interface Config This command changes the VLAN ID for all interfaces. Syntax switchport native vlan all <vlanid>...
  • Page 321 Device Configuration Commands Command Reference remove - The interface is removed from the member of this VLAN. This is equivalent to registration forbidden. Default Setting None Command Mode Interface Config This command configures the degree of participation for all interfaces in a VLAN. The ID is a valid VLAN identification number.
  • Page 322 Device Configuration Commands Command Reference switchport tagging <vlanid> no switchport tagging <vlanid> <vlanid> - VLAN ID (Range: 1 –3965). no - This command configures the tagging behavior for a specific interface in a VLAN to disabled. If tagging is disabled, traffic is transmitted as untagged frames. The ID is a valid VLAN identification number.
  • Page 323 Device Configuration Commands Command Reference Syntax switchport priority <0-7> <0-7> - The range for the priority is 0 - 7. Default Setting Command Mode Interface Config This command configures the port priority assigned for untagged packets for all ports presently plugged into the device.
  • Page 324 Device Configuration Commands Command Reference Syntax switchport protocol group <group-name> no switchport protocol group <group-name> <group-name> - a VLAN Group Name (a character string of 1 to 16 characters). no - This command removes the interface from this protocol-based VLAN group that is identified by this <group-name>.
  • Page 325 Device Configuration Commands Command Reference This command adds all physical interfaces to the protocol-based VLAN identified by <group-name>. A group may have more than one interface associated with it. Each interface and protocol combination can only be associated with one group. If adding an interface to a group causes any conflicts with protocols currently associated with the group, this command will fail, and the interface(s) will not be added to the group.

  • Page 326: Gvrp And Bridge Extension

    Device Configuration Commands Command Reference identified by this <group-name>. The possible values for protocol are ip, arp, and ipx. Default Setting None Command Mode Global Config 7.4.3.17 switchport forbidden vlan This command used to configure forbidden VLANs. Syntax switchport forbidden vlan {add | remove} <vlanid> no switchport forbidden <vlanid>...
  • Page 327 Device Configuration Commands Command Reference show bridge-ext Default Setting None Command Mode Privileged Exec Display Message GMRP Admin Mode: This displays the administrative mode of GARP Multicast Registration Protocol (GMRP) for the system. GVRP Admin Mode: This displays the administrative mode of GARP VLAN Registration Protocol (GVRP) for the system.
  • Page 328 Device Configuration Commands Command Reference per-Port, per-GARP participant basis. Permissible values are 20 to 600 centiseconds (0.2 to 6.0 seconds). The factory default is 60 centiseconds (0.6 seconds). The finest granularity of specification is 1 centisecond (0.01 seconds). LeaveAll Timer: This Leave All Time controls how frequently LeaveAll PDUs are generated. A LeaveAll PDU indicates that all registrations will shortly be deregistered.
  • Page 329 Device Configuration Commands Command Reference specification is 1 centisecond (0.01 seconds). LeaveAll Timer: This Leave All Time controls how frequently LeaveAll PDUs are generated. A LeaveAll PDU indicates that all registrations will shortly be deregistered. Participants will need to rejoin in order to maintain registration. There is an instance of this timer on a per-Port, per-GARP participant basis.
  • Page 330 Device Configuration Commands Command Reference Syntax bridge-ext gvrp no bridge-ext gvrp no - This command disables GVRP. Default Setting Disabled Command Mode Global Config 7.4.4.6 bridge-ext gmrp This command enables GARP Multicast Registration Protocol (GMRP) on the system. The default value is disabled. Syntax bridge-ext gmrp no bridge-ext gmrp...
  • Page 331 Device Configuration Commands Command Reference Syntax switchport gvrp no switchport gvrp no - This command disables GVRP (GARP VLAN Registration Protocol) for a specific port. If GVRP is disabled, Join Time, Leave Time, and Leave All Time have no effect. Default Setting Disabled Command Mode...
  • Page 332 Device Configuration Commands Command Reference Syntax switchport gmrp no switchport gmrp no - This command disables GMRP Multicast Registration Protocol on a selected interface. If an interface which has GMRP enabled is enabled for routing or is enlisted as a member of a port-channel (LAG), GMRP functionality will be disabled on that interface.
  • Page 333 Device Configuration Commands Command Reference 7.4.4.9 garp timer This command sets the GVRP join time per port and per GARP. Join time is the interval between the transmission of GARP Protocol Data Units (PDUs) registering (or re-registering) membership for a VLAN or multicast group. This command has an effect only when GVRP and GMRP are enabled.
  • Page 334 Device Configuration Commands Command Reference Default Setting 20 centiseconds (0.2 seconds) Command Mode Global Config This command sets the GVRP leave time per port. Leave time is the time to wait after receiving an unregister request for a VLAN or a multicast group before deleting the VLAN entry. This can be considered a buffer time for another station to assert registration for the same attribute in order to maintain uninterrupted service.
  • Page 335 Device Configuration Commands Command Reference Syntax garp timer leave all < 20-600 > no garp timer leave all <20-600> - leave time (Range: 20 – 600) in centiseconds. all - All interfaces. no - This command sets the GVRP leave time for all ports to the default 60 centiseconds (0.6 seconds).

  • Page 336: Igmp Snooping

    Device Configuration Commands Command Reference Interface Config This command sets how frequently Leave All PDUs are generated for all ports. A Leave All PDU indicates that all registrations will be unregistered. Participants would need to rejoin in order to maintain registration. The value applies per port and per GARP participation. The time may range from 200 to 6000 (centiseconds).
  • Page 337 Device Configuration Commands Command Reference Syntax show ip igmp snooping Default Setting None Command Mode Privileged Exec Display Message Admin Mode: This indicates whether or not IGMP Snooping is active on the switch. Multicast Control Frame Count: This displays the number of multicast control frames that are processed by the CPU.
  • Page 338 Device Configuration Commands Command Reference 7.4.5.1.3. show ip igmp snooping multicast This command displays the known multicast address. Syntax show ip igmp snooping multicast [vlan <vlanid>] [static | dynamic] <vlanid> - VLAN ID (Range: 1 – 3965). static - Displays only the configured multicast entries. dynamic - Displays only entries learned through IGMP snooping.
  • Page 339 Device Configuration Commands Command Reference Default Setting None Command Mode Privileged Exec Display Message Vlan ID This is the list of VLANS on which IGMP Snooping is enabled. IGMP Snooping Admin Mode This indicates whether or not IGMP Snooping is active on the VLAN.
  • Page 340 Device Configuration Commands Command Reference 7.4.5.2.2. ip igmp snooping groupmembershipinterval This command sets the IGMP Group Membership Interval time on the system. The Group Membership Interval time is the amount of time in seconds that a switch will wait for a report from a particular group on a particular interface before deleting the interface from the entry.
  • Page 341 Device Configuration Commands Command Reference This command enables IGMP Snooping on all interfaces. If an interface which has IGMP Snooping enabled is enabled for routing or is enlisted as a member of a port-channel (LAG), IGMP Snooping functionality will be disabled on that interface. IGMP Snooping functionality will subsequently be re-enabled if routing is disabled or port-channel (LAG) membership is removed from an interface that has IGMP Snooping enabled.
  • Page 342 Device Configuration Commands Command Reference Command Mode Global Config, Interface Config 7.4.5.2.5. ip igmp snooping max-response-time This command sets the IGMP Maximum Response time on the system. The Maximum Response time is the amount of time in seconds that a switch will wait after sending a query on an interface because it did not receive a report for a particular group in that interface.
  • Page 343 Device Configuration Commands Command Reference no - This command disables IGMP Snooping fast-leave admin mode. Default Setting Disabled Command Mode Global Config, Interface Config. 7.4.5.2.7. ip igmp snooping mrouter This command configures a selected interface as a multicast router interface. When configured as a multicast router interface, the interface is treated as a multicast router interface in all VLANs.
  • Page 344 Device Configuration Commands Command Reference ‧no set igmp snooping mrouter <vlanId> <vlanId> - VLAN ID. no - This command disables the status of the interface as a statically configured multicast router interface. Default Setting Disabled Command Mode Interface Config. 7.4.5.2.8. ip igmp snooping vlan static This command is used to add a port to a multicast group.
  • Page 345 Device Configuration Commands Command Reference Syntax set igmp <1-3965> no set igmp <1-3965> <1-3965> - VLAN ID (Range: 1 – 3965). no - This command disables IGMP snooping on a particular VLAN, and in turn disabling IGMP snooping on all interfaces participating in this VLAN. Default Setting None Command Mode...
  • Page 346 Device Configuration Commands Command Reference 7.4.5.2.11. set igmp maxresponse This command sets the IGMP Maximum Response time on a particular VLAN. The Maximum Response time is the amount of time in seconds that a switch will wait after sending a query on an interface, which is participating in the VLAN, because it did not receive a report for a particular group in that interface.
  • Page 347 Device Configuration Commands Command Reference <0-3600> - The range of the Multicat Router Present Expire time is 0 to 3600 seconds. no - This command sets the IGMP Multicast Router Present Expire time on a particular VLAN to the default value. Default Setting Command Mode Vlan Database...

  • Page 348: Port Channel

    Device Configuration Commands Command Reference 7.4.6 Port Channel 7.4.6.1 show port-channel This command displays the static capability of all port-channels (LAGs) on the device as well as a summary of individual port-channels. Syntax show port-channel Default Setting None Command Mode Privileged Exec Display Message Static Capability: This field displays whether or not the device has static capability enabled.
  • Page 349 Device Configuration Commands Command Reference Default Setting None Command Mode Privileged Exec Display Message Log. Intf: The logical slot and the logical port. Port-Channel Name: The name of this port-channel (LAG). You may enter any string of up to 15 alphanumeric characters. Link : Indicates whether the Link is up or down.
  • Page 350 Device Configuration Commands Command Reference Default Setting None Command Mode Global Config Command Usage 1. Max number of port-channels could be created by user are 6 and Max. Number of members for each port-channel are 8. 7.4.6.3 port-channel adminmode all This command sets every configured port-channel with the same administrative mode setting.
  • Page 351 Device Configuration Commands Command Reference no port-channel staticcapability no - This command disables the support of static port-channels on this device. Default Setting Disabled Command Mode Global Config 7.4.6.5 port-channel linktrap This command enables link trap notifications for the port-channel (LAG). The interface is a logical slot and port for a configured port-channel.
  • Page 352 Device Configuration Commands Command Reference Syntax port-channel name {<logical slot/port> | all} <name> <logical slot/port> - Port-Channel Interface number. all - all Port-Channel interfaces. <name> - Configured Port-Channel name (up to 15 characters). Default Setting None Command Mode Global Config 7.4.6.7 adminmode This command enables a port-channel (LAG) members.
  • Page 353 Device Configuration Commands Command Reference Syntax lacp no lacp no - This command disables Link Aggregation Control Protocol (LACP) on a port. Default Setting Enabled Command Mode Interface Config This command enables Link Aggregation Control Protocol (LACP) on all ports. Syntax lacp all no lacp all...
  • Page 354 Device Configuration Commands Command Reference Syntax channel-group <logical slot/port> <logical slot/port> - Port-Channel Interface number. Default Setting None Command Mode Interface Config Command Usage 1. The maximum number of members for each Port-Channel is 6. 7.4.6.10 delete-channel-group This command deletes the port from the port-channel (LAG). The interface is a logical slot and port number of a configured port-channel.

  • Page 355: Storm Control

    Device Configuration Commands Command Reference delete-channel-group <logical slot/port> all <logical slot/port> - Port-Channel Interface number. all - All members for specific Port-Channel. Default Setting None Command Mode Global Config 7.4.7 Storm Control 7.4.7.1 show storm-control This command is used to display broadcast storm control information. Syntax show storm-control broadcast Default Setting...
  • Page 356 Device Configuration Commands Command Reference Syntax show storm-control multicast Default Setting None Command Mode Privileged Exec Display Message Intf: Displays interface number. Mode: Displays status of storm control multicast. Level: Displays level for storm control multicast Rate: Displays rate for storm control multicast. This command is used to display unicast storm control information Syntax show storm-control unicast...
  • Page 357 Device Configuration Commands Command Reference is enabled, broadcast storm recovery with high threshold is implemented. The threshold implementation follows a percentage pattern. If the broadcast traffic on any Ethernet port exceeds the high threshold percentage (as represented in “Broadcast Storm Recovery Thresholds”...
  • Page 358 Device Configuration Commands Command Reference 7.4.7.3 storm-control multicast This command enables multicast storm recovery mode on the selected interface. Syntax storm-control multicast no storm-control multicast no - This command disables multicast storm recovery mode on the selected interface. Default Setting None Command Mode Interface Config...
  • Page 359 Device Configuration Commands Command Reference Syntax storm-control unicast no storm-control unicast no - This command disables unicast storm recovery mode on the selected interface. Default Setting None Command Mode Interface Config This command enables unicast storm recovery mode on all interfaces. Syntax storm-control unicast no storm-control unicast...
  • Page 360 Device Configuration Commands Command Reference 1 - Threshold level represents 64 pps (packet per second). 2 - Threshold level represents 128 pps (packet per second). 3 - Threshold level represents 256 pps (packet per second). 4 - Threshold level represents 512 pps (packet per second). Default Setting Level 4 Command Mode...
  • Page 361 Device Configuration Commands Command Reference Syntax switchport multicast packet-rate {1 | 2 | 3 | 4} 1 - Threshold level represents 64 pps (packet per second). 2 - Threshold level represents 128 pps (packet per second). 3 - Threshold level represents 256 pps (packet per second). 4 - Threshold level represents 512 pps (packet per second).

  • Page 362: L2 Priority

    Device Configuration Commands Command Reference Syntax switchport unicast packet-rate {1 | 2 | 3 | 4} 1 - Threshold level represents 64 pps (packet per second). 2 - Threshold level represents 128 pps (packet per second). 3 - Threshold level represents 256 pps (packet per second). 4 - Threshold level represents 512 pps (packet per second).
  • Page 363 Device Configuration Commands Command Reference 7.4.8.1 show queue cos-map This command displays the class of service priority map on specific interface. Syntax show queue cos-map [<slot/port>] <slot/port> - Interface number. Default Setting None Command Mode Privileged Exec Display Message User Priority: Displays the 802.1p priority to be mapped. Traffic Class: Displays internal traffic class to map the corresponding 802.1p priority.

  • Page 364: Port Mirror

    Device Configuration Commands Command Reference Command Mode Interface Config 7.4.9 Port Mirror 7.4.9.1 show port-monitor session This command displays the Port monitoring information for the specified session. Syntax show port-monitor session <SessionNum> Default Setting None Command Mode Privileged Exec Display Message Session ID: indicates the session ID.
  • Page 365 Device Configuration Commands Command Reference no port-monitor session <session-id> { source | destination} <slot/port> - Interface number. no - This command removes the probe port or the mirrored port from a monitor session (port monitoring). Default Setting None Command Mode Global Config This command removes all configured probe ports and mirrored port.

  • Page 366: Management Commands

    Management Commands Command Reference Syntax no port-monitor Default Setting None Command Mode Global Config 7.4.9.3 port-monitor session mode This command configures the administration mode of port-monitoring function for a monitor session. Syntax port-monitor session <session-id> mode no port-monitor session <session-id> mode <session-id>...
  • Page 367 Management Commands Command Reference Syntax show ip interface Default Setting None Command Mode Privileged Exec Display Message IP Address: The IP address of the interface. The factory default value is 0.0.0.0 Subnet Mask: The IP subnet mask for this interface. The factory default value is 0.0.0.0 Management VLAN ID: Specifies the management VLAN ID.
  • Page 368 Management Commands Command Reference Default Setting None Command Mode Privileged Exec Display Message Index: The index of stations. IP Address: The IP address of stations that are allowed to make configuration changes to the Switch. 7.5.1.4 show ip ipv6 This command displays the IPv6 forwarding status of all ports. Syntax show ip ipv6 Default Setting...
  • Page 369 Management Commands Command Reference <1518-9216> - Max frame size (Range: 1518 - 9216). no - This command sets the default maximum transmission unit (MTU) size (in bytes) for the interface. Default Setting 1518 Command Mode Interface Config 7.5.1.6 interface vlan This command is used to enter Interface-vlan configuration mode.
  • Page 370 Management Commands Command Reference no - Restore the default IP address and Subnet Mask Default Setting IP address: 0.0.0.0 Subnet Mask: 0.0.0.0 Command Mode Interface-Vlan Config Command Usage Once the IP address is set, the VLAN ID’s value will be assigned to management VLAN. 7.5.1.8 ip default-gateway This command sets the IP Address of the default gateway.
  • Page 371 Management Commands Command Reference Syntax ip address protocol {bootp | dhcp | none} <bootp> - Obtains IP address from BOOTP. <dhcp> - Obtains IP address from DHCP. <none> - Obtains IP address by setting configuration. Default Setting None Command Mode Interface-Vlan Config 7.5.1.10 ip filter This command is used to enable the IP filter function.
  • Page 372 Management Commands Command Reference no ip filter <ipaddr> <ipaddr> - Configure a IP address to be a filter. No - Remove this filter IP address. Default Setting None Command Mode Global Config 7.5.1.11 ip ipv6 This command is used to enable the Ipv6 function on specific interface. Syntax ip ipv6 no ip ipv6...

  • Page 373: Serial Interface Commands

    Management Commands Command Reference all - All interfaces. no - disable IPv6. Default Setting Enabled Command Mode Global Config 7.5.2 Serial Interface Commands 7.5.2.1 show line console This command displays serial communication settings for the switch. Syntax show line console Default Setting None Command Mode...
  • Page 374 Management Commands Command Reference 7.5.2.2 line console This command is used to enter Line configuration mode Syntax line console Default Setting None Command Mode Global Config 7.5.2.3 baudrate This command specifies the communication rate of the terminal interface. The supported rates are 1200, 2400, 4800, 9600, 19200, 38400, 57600, 115200.
  • Page 375 Management Commands Command Reference Syntax exec-timeout <0-160> <0-160> - max connect time (Range: 0 -160). no - This command sets the maximum connect time (in minutes) without console activity to Default Setting Command Mode Line Config 7.5.2.5 password-threshold This command is used to set the password instruction threshold limiting the number of failed login attempts.

  • Page 376: Telnet Session Commands

    Management Commands Command Reference Syntax silent-time <0-65535> <0-65535> - silent time (Range: 0 - 65535) in seconds. no - This command sets the maximum value to the default. Default Setting Command Mode Line Config 7.5.3 Telnet Session Commands 7.5.3.1 telnet This command establishes a new outbound telnet connection to a remote host.
  • Page 377 Management Commands Command Reference This command displays telnet settings. Syntax show line vty Default Setting None Command Mode Privileged Exec Display Message Remote Connection Login Timeout (minutes): This object indicates the number of minutes a remote connection session is allowed to remain inactive before being logged off. A zero means there will be no timeout.
  • Page 378 Management Commands Command Reference 7.5.3.4 exec-timeout This command sets the remote connection session timeout value, in minutes. A session is active as long as the session has been idle for the value set. A value of 0 indicates that a session remains active indefinitely.
  • Page 379 Management Commands Command Reference Command Mode Telnet Config 7.5.3.6 maxsessions This command specifies the maximum number of remote connection sessions that can be established. A value of 0 indicates that no remote connection can be established. The range is 0 to 5. Syntax maxsessions <0-5>...
  • Page 380 Management Commands Command Reference Default Setting Enabled Command Mode Telnet Config 7.5.3.8 telnet sessions This command regulates new outbound telnet connections. If enabled, new outbound telnet sessions can be established until it reaches the maximum number of simultaneous outbound telnet sessions allowed. If disabled, no new outbound telnet session can be established. An established session remains active until the session is ended or an abnormal network error ends it.
  • Page 381 Management Commands Command Reference no maxsessions <0-5> - max sessions (Range: 0 - 5). no - This command sets the maximum value to be 5. Default Setting Command Mode Global Config 7.5.3.10 telnet exec-timeout This command sets the outbound telnet session timeout value in minute. Note: Changing the timeout value for active sessions does not become effective until the session is reaccessed.

  • Page 382: Snmp Server Commands

    Management Commands Command Reference This command displays the current outbound telnet settings. Syntax show telnet Default Setting None Command Mode User Exec, Privileged Exec Display Message Outbound Telnet Login Timeout (in minutes) Indicates the number of minutes an outbound telnet session is allowed to remain inactive before being logged off. A value of 0, which is the default, results in no timeout.
  • Page 383 Management Commands Command Reference Default Setting None Command Mode Privileged Exec Display Message SNMP Community Name: The community string to which this entry grants access. A valid entry is a case-sensitive alphanumeric string of up to 16 characters. Each row of this table must contain a unique community name.
  • Page 384 Management Commands Command Reference Multiple Users Flag: May be enabled or disabled. The factory default is enabled. Indicates whether a trap will be sent when the same user ID is logged into the switch more than once at the same time (either via telnet or serial port). Spanning Tree Flag: May be enabled or disabled.
  • Page 385 Management Commands Command Reference Default Setting None Command Mode Global Config 7.5.4.5 snmp-server contact This command sets the organization responsible for the network. The range for contact is from 1 to 31 alphanumeric characters. Syntax snmp-server contact <con> <con> - Range is from 1 to 31 alphanumeric characters. Default Setting None Command Mode...
  • Page 386 Management Commands Command Reference <name> - community name (up to 16 case-sensitive characters). no - This command removes this community name from the table. The name is the community name to be deleted. Default Setting Two default community names: public and private. You can replace these default community names with unique identifiers for each community.
  • Page 387 Management Commands Command Reference This command sets a client IP mask for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP address value to denote a range of IP addresses from which SNMP clients may use that community to access the device.
  • Page 388 Management Commands Command Reference Command Mode Global Config 7.5.4.7 snmp-server host This command sets a client IP address for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP mask value to denote a range of IP addresses from which SNMP clients may use that community to access the device.
  • Page 389 Management Commands Command Reference Default Setting Enabled Command Mode Global Config This command enables the DVMRP trap. Syntax snmp-server enable traps dvmrp no snmp-server enable traps dvmrp no - This command disables the DVMRP trap. Default Setting Enabled Command Mode Global Config This command enables Link Up/Down traps for the entire switch.
  • Page 390 Management Commands Command Reference This command enables Multiple User traps. When the traps are enabled, a Multiple User Trap is sent when a user logs in to the terminal interface (EIA 232 or telnet) and there is an existing terminal interface session. Syntax snmp-server enable traps multiusers no snmp-server enable traps multiusers...

  • Page 391: Snmp Trap Commands

    Management Commands Command Reference snmp-server enable traps pim no snmp-server enable traps pim no - This command disables PIM trap. Default Setting Enabled Command Mode Global Config This command enables the sending of new root traps and topology change notification traps. Syntax snmp-server enable traps stpmode no snmp-server enable traps stpmode...
  • Page 392 Management Commands Command Reference show snmptrap Default Setting None Command Mode Privileged Exec Display Message SNMP Trap Name: The community string of the SNMP trap packet sent to the trap manager. This may be up to 16 alphanumeric characters. This string is case sensitive. IP Address: The IP address to receive SNMP traps from this device.
  • Page 393 Management Commands Command Reference This command enables link status traps for all interfaces. Note: This command is valid only when the Link Up/Down Flag is enabled (See ‘snmpserver enable traps linkmode’ command.) Syntax snmp trap link-status all no snmp trap link-status all all - All interfaces.
  • Page 394 Management Commands Command Reference no - This command deletes trap receivers for a community. Default Setting None Command Mode Global Config 7.5.5.4 snmptrap ipaddr This command changes the IP address of the trap receiver for the specified community name. The maximum length of name is 16 case-sensitive alphanumeric characters. Note: IP addresses in the SNMP trap receiver table must be unique for the same community name.

  • Page 395: Http Commands

    Management Commands Command Reference snmptrap mode <name> <ipaddr> no snmptrap mode <name> <ipaddr> <name> - SNMP trap name. <ipadd> - an IP address. no - This command deactivates an SNMP trap. Trap receivers are inactive (not able to receive traps). Default Setting None Command Mode...
  • Page 396 Management Commands Command Reference 7.5.6.2 ip javamode This command specifies whether the switch should allow access to the Java applet in the header frame of the Web interface. When access is enabled, the Java applet can be viewed from the Web interface. When access is disabled, the user cannot view the Java applet. Syntax ip javamode no ip javamode...
  • Page 397 Management Commands Command Reference Global Config 7.5.6.4 ip http server This command enables access to the switch through the Web interface. When access is enabled, the user can login to the switch from the Web interface. When access is disabled, the user cannot login to the switch's Web server.
  • Page 398 Management Commands Command Reference Command Mode Global Config 7.5.6.6 ip http secure-server This command is used to enable the secure socket layer for secure HTTP. Syntax ip http secure-server no ip http secure-server no - This command is used to disable the secure socket layer for secure HTTP. Default Setting Disabled Command Mode...

  • Page 399: Secure Shell (Ssh) Commands

    Management Commands Command Reference Command Mode Global Config 7.5.7 Secure Shell (SSH) Commands 7.5.7.1 show ip ssh This command displays the SSH settings. Syntax show ip ssh Default Setting None Command Mode Privileged Exec Display Message Administrative Mode: This field indicates whether the administrative mode of SSH is enabled or disabled.
  • Page 400 Management Commands Command Reference no - This command is used to disable SSH. Default Setting Disabled Command Mode Global Config 7.5.7.3 ip ssh protocol This command is used to set or remove protocol levels (or versions) for SSH. Either SSH1 (1), SSH2 (2), or both SSH 1 and SSH 2 (1 and 2) can be set.

  • Page 401: Dhcp Client Commands

    Management Commands Command Reference <0-5> - maximum number of sessions. no - This command sets the maximum number of SSH connection sessions that can be established to the default value. Default Setting SSH1 and SSH2 Command Mode Global Config 7.5.7.5 ip ssh timeout This command sets the SSH connection session timeout value, in minutes.

  • Page 402: Dhcp Relay Commands

    Management Commands Command Reference 7.5.8.1 ip dhcp restart This command is used to initiate a BOOTP or DCHP client request. Syntax ip dhcp restart Default Setting None Command Mode Global Config 7.5.8.2 ip dhcp client-identifier This command is used to specify the DCHP client identifier for this switch. Use the no form to restore to default value.
  • Page 403 Management Commands Command Reference This command is used to display the DHCP relay agent configuration information on the system. Syntax show bootpdhcprelay Default Setting None Command Mode Privileged Exec Display Message Maximum Hop Count - The maximum number of Hops a client request can go without being discarded.
  • Page 404 Management Commands Command Reference Syntax bootpdhcprelay maxhopcount <1-16> no bootpdhcprelay maxhopcount <1-16> - maximum number of hops. (Range: 1-16). no - This command is used to reset to the default value. Default Setting Command Mode Global Config 7.5.9.3 Bootpdhcprelay serverip This command is used to configure the server IP Address for BootP/DHCP Relay on the system.

  • Page 405: Spanning Tree Commands

    Spanning Tree Commands Command Reference 7.6 Spanning Tree Commands This section provides detailed explanation of the spanning tree commands. Due the IEEE requirement, the basic spanning tree (STP, 802.1d) will be removed, the STP will be simulated in the satge of the mutli-spanning tree (MSTP, 802.1s). So the basic five stages will be different from the traditiaonal phases.
  • Page 406 Spanning Tree Commands Command Reference spanning tree. Root Port Identifier: The Root Port for the spanning tree instance identified by the MSTID. Bridge Max Age: Maximum message age. Bridge Max Hops: The maximum number of hops for the spanning tree. Bridge Forwarding Delay: A timeout value to be used by all Bridges in the Bridged LAN.
  • Page 407 Spanning Tree Commands Command Reference 7.6.1.3 show spanning-tree vlan This command displays the association between a VLAN and a multiple spanning tree instance. The <1-3965> corresponds to an existing VLAN ID. Syntax show spanning-tree vlan <1-3965> <vlanid> - VLAN ID (Range: 1 - 3965). Default Setting None Command Mode...
  • Page 408 Spanning Tree Commands Command Reference Display Message MST Instance ID: The multiple spanning tree instance ID. MST Bridge Priority: The bridge priority of current MST. MST Bridge Identifier: The bridge ID of current MST. Time Since Topology Change: In seconds. Topology Change Count: Number of times the topology has changed for this multiple spanning tree instance.
  • Page 409 Spanning Tree Commands Command Reference Syntax show spanning-tree mst port detailed <0-4094> <slot/port> <0-4094> - multiple spanning tree instance ID. <slot/port> - is the desired interface number. Default Setting None Command Mode Privileged Exec Display Message MST Instance ID: The multiple spanning tree instance ID. Port Identifier: The unique value to identify a port on that Bridge.
  • Page 410 Spanning Tree Commands Command Reference Hello Time: The hello time in use for this port. Edge Port: The configured value indicating if this port is an edge port. Edge Port Status: The derived value of the edge port status. True if operating as an edge port;...
  • Page 411 Spanning Tree Commands Command Reference This command displays spanning tree settings and parameters for the switch. The following details are displayed on execution of the command. Syntax show spanning-tree summary Default Setting None Command Mode Privileged Exec Display Message Spanning Tree Adminmode: Enabled or disabled. Spanning Tree Version: Version of 802.1 currently supported (IEEE 802.1s, IEEE 802.1w, or IEEE 802.1d) based upon the Force Protocol Version parameter.

  • Page 412: Configuration Commands

    Spanning Tree Commands Command Reference Bridge Hold Time: Minimum time between transmission of Configuration Bridge Protocol Data Units (BPDUs). 7.6.2 Configuration Commands 7.6.2.1 spanning-tree This command sets the spanning-tree operational mode to be enabled. Syntax spanning-tree no spanning-tree no - This command sets the spanning-tree operational mode to be disabled. While disabled, the spanning-tree configuration is retained and can be changed, but is not activated.
  • Page 413 Spanning Tree Commands Command Reference None Command Mode Global Config 7.6.2.3 spanning-tree configuration This command sets the Configuration Identifier Name for use in identifying the configuration that this switch is currently using. The <name> is a string of at most 32 alphanumeric characters.
  • Page 414 Spanning Tree Commands Command Reference <value> - Revision Level is a number in the range of 0 to 65535. no - This command sets the Configuration Identifier Revision Level for use in identifying the configuration that this switch is currently using to the default value, that is, 0. Default Setting Command Mode Global Config...
  • Page 415 Spanning Tree Commands Command Reference Syntax spanning-tree forward-time <4-30> no spanning-tree forward-time <4-30> - forward time value (Range: 4 – 30). no - This command sets the Bridge Forward Delay parameter for the common and internal spanning tree to the default value, that is, 15. Default Setting Command Mode Global Config...
  • Page 416 Spanning Tree Commands Command Reference 7.6.2.7 spanning-tree max-age This command sets the Bridge Max Age parameter to a new value for the common and internal spanning tree. The max-age value is in seconds within a range of 6 to 40, with the value being less than or equal to "2 times (Bridge Forward Delay - 1)"...
  • Page 417 Spanning Tree Commands Command Reference Command Mode Global Config 7.6.2.9 spanning-tree mst This command adds a multiple spanning tree instance to the switch. The instance <1-3965> is a number within a range of 1 to 3965 that corresponds to the new instance ID to be added. The maximum number of multiple instances supported is 4.
  • Page 418 Spanning Tree Commands Command Reference Syntax spanning-tree mst priority <0-4094> <0-61440> no spanning-tree mst priority <0-4094> <0-4094> - multiple spanning tree instance ID. <0-61440> - priority value (Range: 0 – 61440). no - This command sets the bridge priority for a specific multiple spanning tree instance to the default value, that is, 32768.
  • Page 419 Spanning Tree Commands Command Reference None Command Mode Global Config This command sets the Path Cost or Port Priority for this port within the multiple spanning tree instance or in the common and internal spanning tree. If the <0-4094> parameter corresponds to an existing multiple spanning tree instance, then the configurations are done for that multiple spanning tree instance.
  • Page 420 Spanning Tree Commands Command Reference This command sets the Path Cost or Port Priority for this port within the multiple spanning tree instance or in the common and internal spanning tree. If the <0-4094> parameter corresponds to an existing multiple spanning tree instance, then the configurations are done for that multiple spanning tree instance.
  • Page 421 Spanning Tree Commands Command Reference spanning-tree port mode no spanning-tree port mode no - This command sets the Administrative Switch Port State for this port to disabled. Default Setting Disabled Command Mode Interface Config This command sets the Administrative Switch Port State for all ports to enabled. Syntax spanning-tree port mode all no spanning-tree port mode all...

  • Page 422: System Log Management Commands

    System Log Management Commands Command Reference Syntax spanning-tree edgeport no spanning-tree edgeport no - This command specifies that this port is not an Edge Port within the common and internal spanning tree. Default Setting None Command Mode Interface Config 7.7 System Log Management Commands 7.7.1 Show Commands 7.7.1.1 show logging...

  • Page 423: Show Logging Buffered

    System Log Management Commands Command Reference Buffered Logging The mode for buffered logging. Syslog Logging The mode for logging to configured syslog hosts. If set to disable logging stops to all syslog hosts. Log Messages Received The number of messages received by the log process. This includes messages that are dropped or ignored Log Messages Dropped The number of messages that could not be processed.

  • Page 424: Configuration Commands

    System Log Management Commands Command Reference Command Mode Privileged Exec Display Message The number of traps that have occurred since the last reset of Number of Traps since last reset: this device. The maximum number of traps that could be stored in the switch. Trap Log Capacity: The sequence number of this trap.
  • Page 425 System Log Management Commands Command Reference Syntax logging buffered no logging buffered no - This command disables logging to in-memory log. Default Setting None Command Mode Privileged Exec This command enables wrapping of in-memory logging when full capacity reached. Otherwise when full capacity is reached, logging stops.
  • Page 426 System Log Management Commands Command Reference Syntax logging console [<severitylevel> | <0-7>] no logging console [<severitylevel> | <0-7>] - The value is specified as either an integer from 0 to 7 or symbolically through one of the following keywords: emergency (0), alert (1), critical (2), error (3), warning (4), notice (5), informational (6), debug (7).
  • Page 427 System Log Management Commands Command Reference Syntax logging host remove <hostindex> < hostindex > - Index of the log server. Default Setting None Command Mode Privileged Exec This command reconfigures the IP address of the log server. Syntax logging host reconfigure <hostindex> <hostaddress> <...
  • Page 428 System Log Management Commands Command Reference logging syslog no logging syslog no - Disables syslog logging. Default Setting None Command Mode Privileged Exec This command sets the local port number of the LOG client for logging messages. Syntax logging syslog port <portid> no logging syslog port no - Resets the local logging port to the default.

  • Page 429: Script Management Commands

    Script Management Commands Command Reference Syntax clear logging buffered Default Setting None Command Mode Privileged Exec 7.8 Script Management Commands 7.8.1 script apply This command applies the commands in the configuration script to the switch. The apply command backs up the running configuration and then starts applying the commands in the script file.

  • Page 430: Script List

    Script Management Commands Command Reference Syntax script delete {<scriptname> | all} <scriptname> - The name of the script to be deleted. all - Delete all scripts presented in the switch Default Setting None Command Mode Privileged Exec 7.8.3 script list This command lists all scripts present on the switch as well as the total number of files present.

  • Page 431: User Account Management Commands

    User Account Management Commands Command Reference Syntax script show <scriptname> <scriptname> - Name of the script file. Default Setting None Command Mode Privileged Exec 7.9 User Account Management Commands 7.9.1 Show Commands 7.9.1.1 show users This command displays the configured user names and their settings. This command is only available for users with readwrite privileges.

  • Page 432: Configuration Commands

    User Account Management Commands Command Reference Read/Write access and guest has Read Only access. There can only be one Read/Write user and up to five Read Only users. SNMPv3 AccessMode: This field displays the SNMPv3 Access Mode. If the value is set to Read- Write, the SNMPv3 user will be able to set and retrieve parameters on the system.
  • Page 433 User Account Management Commands Command Reference 7.9.2.2 username snmpv3 authentication This command specifies the authentication protocol to be used for the specified login user. The valid authentication protocols are none, md5 or sha. If md5 or sha are specified, the user login password will be used as the snmpv3 authentication password.

  • Page 434: Security Commands

    Security Commands Command Reference Syntax username snmpv3 encryption <username> {none | des [<key>]} no username snmpv3 encryption <username> <username> - is the login user name. des - des encryption protocol. none - no encryption protocol. no - This command sets the encryption protocol to none. The <username> is the login user name for which the specified encryption protocol will be used.
  • Page 435 Security Commands Command Reference System Login: This field displays the authentication login list assigned to the user for system login. 802.1x: This field displays the authentication login list assigned to the user for 802.1x port security. 7.10.1.2 show authentication This command displays the ordered authentication methods for all authentication login lists. Syntax show authentication Default Setting...
  • Page 436 Security Commands Command Reference Command Mode Privileged Exec Display Message User Name: This field displays the user assigned to the specified authentication login list. Component: This field displays the component (User or 802.1x) for which the authentication login list is assigned. 7.10.1.4 show dot1x This command is used to show the status of the dot1x Administrative mode.
  • Page 437 Security Commands Command Reference Command Mode Privileged Exec Display Message Port: The interface whose configuration is displayed Protocol Version: The protocol version associated with this port. The only possible value is 1, corresponding to the first version of the dot1x specification. PAE Capabilities: The port access entity (PAE) functionality of this port.
  • Page 438 Security Commands Command Reference <slot/port> - is the desired interface number. Default Setting None Command Mode Privileged Exec Display Message Port: The interface whose statistics are displayed. EAPOL Frames Received: The number of valid EAPOL frames of any type that have been received by this authenticator.
  • Page 439 Security Commands Command Reference all - All interfaces. Default Setting None Command Mode Privileged Exec Display Message Interface: The interface whose configuration is displayed. Control Mode: The configured control mode for this port. Possible values are force-unauthorized / force-authorized / auto. Operating Control Mode: The control mode under which this port is operating.
  • Page 440 Security Commands Command Reference Syntax show radius-servers Default Setting None Command Mode Privileged Exec Display Message IP Address: IP Address of the configured RADIUS server Port: The port in use by this server Type: Primary or secondary Secret Configured: Yes / No Message Authenticator: The message authenticator attribute configured for the radius server.
  • Page 441 Security Commands Command Reference 7.10.1.11 show radius accounting This command is used to display the configured RADIUS accounting mode, accounting server, and the statistics for the configured accounting server. Syntax show radius accounting [statistics <ipaddr>] <ipaddr> - is an IP Address. Default Setting None Command Mode...
  • Page 442 Security Commands Command Reference Unknown Types: The number of RADIUS packets of unknown types, which were received from this server on the accounting port. Packets Dropped: The number of RADIUS packets received from this server on the accounting port and dropped for some other reason. 7.10.1.12 show radius statistics This command is used to display the statistics for RADIUS or configured server.
  • Page 443 Security Commands Command Reference Bad Authenticators: The number of RADIUS Access-Response packets containing invalid authenticators or signature attributes received from this server. Pending Requests: The number of RADIUS Access-Request packets destined for this server that have not yet timed out or received a response. Timeouts: The number of authentication timeouts to this server.
  • Page 444 Security Commands Command Reference Server 3 Port: TACACS packet port number Server 3 Key: Secret Key between TACACS server and client Server 3 IP: Third TACACS Server IP address Server 3 Timeout (sec): Timeout value in seconds while TACACS server has no response Server 3 Retry: Retry count if TACACS server has no response Server 3 Mode: Current TACACS server admin mode (disable, master or slave) 7.10.1.14 show port-security...
  • Page 445 Security Commands Command Reference Interface Admin Mode Port Locking mode for the Interface. Dynamic Limit Maximum dynamically allocated MAC Addresses. Static Limit Maximum statically allocated MAC Addresses. Violation Trap Mode Whether violation traps are enabled. This command shows the dynamically locked MAC addresses for port. Syntax show port-security dynamic <slot/port>...

  • Page 446: Configuration Commands

    Security Commands Command Reference Syntax show port-security violation <slot/port> Default Setting None Command Mode Privileged Exec Display Message MAC address MAC address of discarded packet on locked ports. 7.10.2 Configuration Commands 7.10.2.1 authentication login This command creates an authentication login list. The <listname> is up to 15 alphanumeric characters and is not case sensitive.
  • Page 447 Security Commands Command Reference no authentication login <listname> <listname> - creates an authentication login list (Range: up to 15 characters). <method1 - 3> - The possible method values are local, radius, reject, and tacacs. no - This command deletes the specified authentication login list. The attempt to delete will fail if any of the following conditions are true: The login list name is invalid or does not match an existing authentication login list The specified authentication login list is assigned to any user or to the nonconfigured...

  • Page 448: Dot1X Configuration Commands

    Security Commands Command Reference This command assigns the specified authentication login list to the specified user for system login. The <username> must be a configured <username> and the <listname> must be a configured login list. If the user is assigned a login list that requires remote authentication, all access to the interface from all CLI, web, and telnet sessions will be blocked until the authentication is complete.
  • Page 449 Security Commands Command Reference Privileged Exec 7.10.3.2 dot1x default-login This command assigns the authentication login list to use for non-configured users for 802.1x port security. This setting is over-ridden by the authentication login list assigned to a specific user if the user is configured locally. If this value is not configured, users will be authenticated using local authentication only.
  • Page 450 Security Commands Command Reference Command Mode Global Config 7.10.3.4 dot1x system-auth-control This command is used to enable the dot1x authentication support on the switch. By default, the authentication support is disabled. While disabled, the dot1x configuration is retained and can be changed, but is not activated.
  • Page 451 Security Commands Command Reference Default Setting None Command Mode Global Config 7.10.3.6 dot1x port-control This command sets the authentication mode to be used on all ports. The control mode may be one of the following. force-unauthorized: The authenticator PAE unconditionally sets the controlled port to unauthorized.
  • Page 452 Security Commands Command Reference auto: The authenticator PAE sets the controlled port mode to reflect the outcome of the authentication exchanges between the supplicant, authenticator, and the authentication server. Syntax dot1x port-control {auto | force-authorized | force-unauthorized} no dot1x port-control no - This command sets the authentication mode to be used on the specified port to 'auto'.
  • Page 453 Security Commands Command Reference This command enables re-authentication of the supplicant for the specified port. Syntax dot1x re-authentication no dot1x re-authentication no - This command disables re-authentication of the supplicant for the specified port. Default Setting Disabled Command Mode Interface Config 7.10.3.9 dot1x re-reauthenticate This command begins the re-authentication sequence on the specified port.
  • Page 454 Security Commands Command Reference reauth-period: Sets the value, in seconds, of the timer used by the authenticator state machine on this port to determine when re-authentication of the supplicant takes place. The reauth-period must be a value in the range 1 - 65535. quiet-period: Sets the value, in seconds, of the timer used by the authenticator state machine on this port to define periods of time in which it will not attempt to acquire a supplicant.

  • Page 455: Radius Configuration Commands

    Security Commands Command Reference 7.10.4 Radius Configuration Commands 7.10.4.1 radius accounting mode This command is used to enable the RADIUS accounting function. Syntax radius accounting mode no radius accounting mode no - This command is used to set the RADIUS accounting function to the default value - that is, the RADIUS accounting function is disabled.
  • Page 456 Security Commands Command Reference Syntax radius-server host {acct | auth} <ipaddr> [port] no radius-server host {acct | auth} <ipaddr> <ipaddr> - is a IP address. [port] - Port number (Range: 1 – 65535) no - This command is used to remove the configured RADIUS authentication server or the RADIUS accounting server.
  • Page 457 Security Commands Command Reference 7.10.4.4 radius-server retransmit This command sets the maximum number of times a request packet is re-transmitted when no response is received from the RADIUS server. The retries value is an integer in the range of 1 to 15.
  • Page 458 Security Commands Command Reference Default Setting Command Mode Global Config 7.10.4.6 radius-server msgauth This command enables the message authenticator attribute for a specified server. Syntax radius-server msgauth <ipaddr> <ipaddr> - is a IP address. Default Setting None Command Mode Global Config 7.10.4.7 radius-server primary This command is used to configure the primary RADIUS authentication server for this RADIUS client.

  • Page 459: Tacacs Configuration Commands

    Security Commands Command Reference Default Setting None Command Mode Global Config 7.10.5 TACACS Configuration Commands 7.10.5.1 tacacs This command is used to enable /disable the TACACS function. Syntax tacacs no tacacs no - This command is used to disable the TACACS function. Default Setting Disabled Command Mode...
  • Page 460 Security Commands Command Reference no - This command is used to disable it. Default Setting Disabled Command Mode Global Config 7.10.5.3 tacacs server-ip This command is used to configure the TACACS server IP address. Syntax tacacs server-ip <1-3> <ipaddr> no tacacs server-ip <1-3> <ipaddr>...
  • Page 461 Security Commands Command Reference <1-65535> - service port (Range: 1 to 65535). <1-3> - The valid value of index is 1, 2, and 3. no - This command is used to reset port-id to the default value. Default Setting Command Mode Global Config 7.10.5.5 tacacs key This command is used to configure the TACACS server shared secret key.

  • Page 462: Port Security Configuration Commands

    Security Commands Command Reference no tacacs retry <1-3> <1-9> - retry times (Range: 1 to 9). <1-3> - The valid value of index is 1, 2, and 3. no - This command is used to reset retry value to the default value. Default Setting Command Mode Global Config...
  • Page 463 Security Commands Command Reference Config). Syntax port-security no port-security Default Setting None Command Mode Global Config, Interface Config 7.10.6.2 port-security max-dynamic This command sets the maximum of dynamically locked MAC addresses allowed on a specific port. Syntax port-security max-dynamic [<0-600>] no port-security max-dynamic no - This command resets the maximum of dynamically locked MAC addresses allowed on a specific port to its default value.
  • Page 464 Security Commands Command Reference 7.10.6.3 port-security max-static This command sets the maximum number of statically locked MAC addresses allowed on a specific port. Syntax port-security max-static [<0-20>] no port-security max-static no - This command resets the maximum number of statically locked MAC addresses allowed on a specific port to its default value.

  • Page 465: Cdp (Cisco Discovery Protocol) Commands

    CDP (Cisco Discovery Protocol) Commands Command Reference Default Setting None Command Mode Interface Config 7.10.6.5 port-security mac-address move This command converts dynamically locked MAC addresses to statically locked addresses. Syntax port-security mac-address move Default Setting None Command Mode Interface Config 7.11 CDP (Cisco Discovery Protocol) Commands 7.11.1 Show Commands 7.11.1.1 show cdp...
  • Page 466 CDP (Cisco Discovery Protocol) Commands Command Reference Syntax show cdp Default Setting None Command Mode Privileged Exec Display Message CDP Admin Mode: CDP enable or disable CDP Holdtime (sec): The length of time a receiving device should hold the L2 Network Switch CDP information before discarding it CDP Transmit Interval (sec): A period of the L2 Network Switch to send CDP packet Ports: Port number vs CDP status...

  • Page 467: Configuration Commands

    CDP (Cisco Discovery Protocol) Commands Command Reference Network Switch. Port Id: Identifies the port on which the CDP packet is sent. 7.11.1.3 show cdp traffic This command displays the CDP traffic counters information. Syntax show cdp traffic Default Setting None Command Mode Privileged Exec Display Message...
  • Page 468 CDP (Cisco Discovery Protocol) Commands Command Reference Command Mode Global Config 7.11.2.2 cdp run This command is used to enable CDP on a specified interface. Syntax cdp run no cdp run no - This command is used to disable CDP on a specified interface. Default Setting Enabled Command Mode...
  • Page 469 CDP (Cisco Discovery Protocol) Commands Command Reference 7.11.2.3 cdp timer This command is used to configure an interval time (seconds) of the sending CDP packet. Syntax cdp timer <5-254> no cdp timer <5-254> - interval time (Range: 5 – 254). no - This command is used to reset the interval time to the default value.

  • Page 470: Link Up & Port Backup State Commands

    Link up & Port Backup State Commands Command Reference 7.12 Link up & Port Backup State Commands 7.12.1 Show Commands 7.12.1.1 show link state This command displays the link state information Syntax show link state Default Setting None Command Mode Privileged Exec Display Message Group - A Group ID was displayed the numbers of the Group ID –...

  • Page 471: Configuration Commands

    Link up & Port Backup State Commands Command Reference Mode - For the admin mode to disable or enable or not Back/Up port(s) - The list of interfaces that are designated for Up/Down Stream port number 7.12.2 Configuration Commands 7.12.2.1 link State This command is to Enable/Disable the link state admin mode.
  • Page 472 Link up & Port Backup State Commands Command Reference link state group / no link state group < group id> Default Setting Command Mode Global Config 7.12.2.4 link State group This command is to Enable/Disable a link state group. Use ‘link state group enable <group id> to enable individual group, and use no command to disable a grou Syntax link state group enable <group id>...
  • Page 473 Link up & Port Backup State Commands Command Reference This command is to Enable/Disable the port backup admin mode. Use ‘port-backup’ to enable the admin mode of function, and use no command to disable the function Syntax Port-backup / no Port-backup Default Setting Disable Command Mode...

  • Page 474: Sntp (Simple Network Time Protocol) Commands

    SNTP (Simple Network Time Protocol) Commands Command Reference Command Mode Interface Config 7.12.2.9 Port-backup group enable This command is to Enable/Disable a port-backup group. Use ‘port-backup group enable <group id> to enable individual group, and use no command to disable a group Syntax port-backup group enable <group id>...
  • Page 475 SNTP (Simple Network Time Protocol) Commands Command Reference Broadcast Count Current number of unsolicited broadcast messages that have been received and processed by the SNTP client since last reboot. Time Zone Time zone configured. This command displays SNTP client settings. Syntax show sntp client Default Setting...

  • Page 476: Configuration Commands

    SNTP (Simple Network Time Protocol) Commands Command Reference Server Reference ID Reference clock identifier of the server for the last received valid packet. Server Mode SNTP Server mode. Server Max Entries Total number of SNTP Servers allowed. Server Current Entries Total number of SNTP configured. For each configured server: IP Address IP Address of configured SNTP Server.
  • Page 477 SNTP (Simple Network Time Protocol) Commands Command Reference 7.13.2.2 sntp client mode This command will enable Simple Network Time Protocol (SNTP) client mode and optionally setting the mode to either broadcast, multicast, or unicast. Syntax sntp client mode [broadcast | unicast] no sntp client mode no - This command will disable Simple Network Time Protocol (SNTP) client mode.
  • Page 478 SNTP (Simple Network Time Protocol) Commands Command Reference Command Mode Global Config 7.13.2.4 sntp unicast client poll-interval This command will set the poll interval for SNTP unicast clients in seconds. Syntax sntp unicast client poll-interval <6-10> no sntp unicast client poll-interval <6-10>...
  • Page 479 SNTP (Simple Network Time Protocol) Commands Command Reference The default value is 5. Command Mode Global Config 7.13.2.6 sntp unicast client poll-retry This command will set the poll retry for SNTP unicast clients in seconds. Syntax sntp unicast client poll-retry <poll-retry> no sntp unicast client poll-retry <...
  • Page 480 SNTP (Simple Network Time Protocol) Commands Command Reference < ipaddress/domain-name > - IP address of the SNTP server. < addresstype > - The address type is ipv4 or dns. <1-3> - The range is 1 to 3. <version> - The range is 1 to 4. <portid>...

  • Page 481: System Utilities

    System Utilities Command Reference 7.13.2.9 This command sets the time zone for the switch’s internal clock. Syntax sntp clock timezone <name> <0-12> <0-59> {before-utc | after-utc} <name> - Name of the time zone, usually an acronym. (Range: 1-15 characters) <0-12> - Number of hours before/after UTC. (Range: 0-12 hours) <0-59>...
  • Page 482 System Utilities Command Reference Command Mode Privileged Exec 7.14.1.2 clear traplog This command clears the trap log. Syntax clear traplog Default Setting None Command Mode Privileged Exec 7.14.1.3 clear eventlog This command is used to clear the event log, which contains error messages from the system. Syntax clear eventlog Default Setting...
  • Page 483 System Utilities Command Reference Syntax clear logging buffered Default Setting None Command Mode Privileged Exec 7.14.1.5 clear config This command resets the configuration to the factory defaults without powering off the switch. The switch is automatically reset when this command is processed. You are prompted to confirm that the reset should proceed.
  • Page 484 System Utilities Command Reference Default Setting None Command Mode Privileged Exec 7.14.1.7 clear counters This command clears the stats for a specified <slot/port> or for all the ports or for the entire switch based upon the argument. Syntax clear counters [<slot/port> | all] <slot/port>...
  • Page 485 System Utilities Command Reference Privileged Exec 7.14.1.9 clear dns cache This command clears all entries from the DNS cache. Syntax clear dns cache Default Setting None Command Mode Privileged Exec 7.14.1.10 clear cdp This command is used to clear the CDP neighbors information and the CDP packet counters. Syntax clear cdp [traffic] traffic - this command is used to clear the CDP packet counters.
  • Page 486 System Utilities Command Reference Syntax clear vlan Default Setting None Command Mode Privileged Exec 7.14.1.12 enable passwd This command changes Privileged EXEC password. Syntax enable passwd Default Setting None Command Mode Global Config. 7.14.1.13 clear igmp snooping This command clears the tables managed by the IGMP Snooping function and will attempt to delete these entries from the Multicast Forwarding Database.
  • Page 487 System Utilities Command Reference 7.14.1.14 clear port-channel This command clears all port-channels (LAGs). Syntax clear port-channel Default Setting None Command Mode Privileged Exec 7.14.1.15 clear ip filter This command is used to clear all ip filter entries. Syntax clear ip filter Default Setting None Command Mode...
  • Page 488 System Utilities Command Reference clear dot1x statistics {all | <slot/port>} <slot/port> - is the desired interface number. all - All interfaces. Default Setting None Command Mode Privileged Exec 7.14.1.17 clear radius statistics This command is used to clear all RADIUS statistics. Syntax clear radius statistics Default Setting...

  • Page 489: Copy

    System Utilities Command Reference Command Mode Privileged Exec 7.14.2 copy This command uploads and downloads to/from the switch. Local URLs can be specified using tftp or xmodem. The following can be specified as the source file for uploading from the switch: startup config (startup-config), event log (eventlog), message log (msglog) and trap log (traplog).
  • Page 490 System Utilities Command Reference Files download from PC to board Syntax copy <url> startup-config <destfilename> copy <url> image <destfilename> copy <url> {sshkey-rsa1 | sshkey-rsa2 | sshkey-dsa} copy <url> {sslpem-root | sslpem-server | sslpem-dhweak | sslpem-dhstrong} copy <url> script <destfilename> where <url>={xmodem | tftp://ipaddr/path/file} <destfilename>...

  • Page 491: Delete

    System Utilities Command Reference <filename> - name of the configuration file. Default Setting None Command Mode Privileged Exec This command upload or download the pre-login banner file Syntax copy clibanner <url> copy <url> clibanner no clibanner <url> - xmodem or tftp://ipaddr/path/file. no - Delete CLI banner.

  • Page 492: Whichboot

    System Utilities Command Reference 7.14.4 dir This command is used to display a list of files in Flash memory. Syntax dir [boot-rom | config | opcode [<filename>] ] <filename> - name of the configuration or image file. boot-rom - bootrom. config - configuration file.

  • Page 493: Boot-System

    System Utilities Command Reference None Command Mode Privileged Exec 7.14.6 boot-system This command is used to specify the file or image used to start up the system. Syntax boot-system {boot-rom | config | opcode} <filename> <filename> - name of the configuration or image file. boot-rom - bootrom.

  • Page 494: Traceroute

    System Utilities Command Reference <host> - A host name or an IP address. Default Setting None Command Mode Privileged Exec Ping on changing parameter value Syntax ping <host> count <0-20000000> [size <32-512>] ping <host> size <32-512> [count <0-20000000>] <ipaddr> - an IP address. <0-20000000>...

  • Page 495: Logging Cli-Command

    System Utilities Command Reference <host> - A host name or an IP address. <1-255> - Time to wait for a response to a probe, in seconds. <1-255> - The maximum time to live used in outgoing probe packets. Default Setting None Command Mode Privileged Exec...

  • Page 496: Reload

    System Utilities Command Reference <1-12> - Month. (Range: 1 - 12). <2000-2099> - Year (4-digit). (Range: 2000 - 2099). Default Setting None Command Mode Privileged Exec 7.14.11 reload This command resets the switch without powering it off. Reset means that all network connections are terminated and the boot code executes.

  • Page 497: Disconnect

    System Utilities Command Reference 7.14.13 disconnect This command is used to close a telnet session. Syntax disconnect {<0-10> | all} <0-11> - telnet session ID. all - all telnet sessions. Default Setting None Command Mode Privileged Exec 7.14.14 hostname This command is used to set the prompt string. Syntax hostname <prompt_string>...

  • Page 498: Differentiated Service Command

    Differentiated Service Command Command Reference Syntax quit Default Setting None Command Mode Privileged Exec 7.15 Differentiated Service Command Note: This Switching Command function can only be used on the QoS software version. This chapter contains the CLI commands used for the QOS Differentiated Services (DiffServ) package.

  • Page 499: General Commands

    Differentiated Service Command Command Reference where a field can be specified multiple ways through alternative formats. The exception to this is when the 'exclude' option is specified, in which case this restriction does not apply to the excluded fields. The following class restrictions are imposed by the 7300 Series L3 Switch DiffServ design: •...

  • Page 500: Class Commands

    Differentiated Service Command Command Reference This command sets the DiffServ operational mode to inactive. While disabled, the DiffServ configuration is retained and can be changed, but it is not activated. When enabled, Diffserv services are activated. Syntax no diffserv Command Mode Global Config 7.15.2 Class Commands The 'class' command set is used in DiffServ to define:...
  • Page 501 Differentiated Service Command Command Reference indicates all of the individual match conditions must be true for a packet to be considered a member of the class. The class type of match-access-group indicates the individual class match criteria are evaluated based on an access list (ACL). <aclid>...
  • Page 502 Differentiated Service Command Command Reference <class-map-name> is the name of an existing DiffServ class. <new-class-map-name> is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the class. Note: The class name ‘default’ is reserved and must not be used here. Default None Command Mode...
  • Page 503 Differentiated Service Command Command Reference Class-Map Config Restrictions The class types of both <classname> and <refclassname> must be identical (that is, any vs. any, or all vs. all). A class type of acl is not supported by this command. Cannot specify <refclassname> the same as <classname> (that is, self-referencing of class name not allowed).
  • Page 504 Differentiated Service Command Command Reference <ipaddr> specifies an IP address. <ipmask> specifies an IP address bit mask; note that although similar to a standard subnet mask, this bit mask need not be contiguous. Default None Command Mode Class-Map Config 7.15.2.8 match dstl4port This command adds to the specified class definition a match condition based on the destination layer 4 port of a packet using a single keyword or numeric notation or a numeric range notation.
  • Page 505 Differentiated Service Command Command Reference Syntax match ip dscp <value> <dscpval> value is specified as either an integer from 0 to 63, or symbolically through one of the following keywords: af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, be, cs0, cs1, cs2, cs3, cs4, cs5, cs6, cs7, ef.
  • Page 506 Differentiated Service Command Command Reference 7.15.2.11 match ip tos This command adds to the specified class definition a match condition based on the value of the IP TOS field in a packet, which is defined as all eight bits of the Service Type octet in the IP header.
  • Page 507 Differentiated Service Command Command Reference Note: This command does not validate the protocol number value against the current list defined by IANA. Default None Command Mode Class-Map Config 7.15.2.13 match srcip This command adds to the specified class definition a match condition based on the source IP address of a packet.

  • Page 508: Policy Commands

    Differentiated Service Command Command Reference To specify the match condition as a numeric value, one layer 4 port number is required. The port number is an integer from 0 to 65535. To specify the match condition as a range, two layer 4 port numbers are required and together they specify a contiguous port range.
  • Page 509 Differentiated Service Command Command Reference device. Syntax assign-queue <0-6> <0-6> - Queue ID. Command Mode Policy-Class-Map Config 7.15.3.2 drop This command specifies that all packets for the associated traffic stream are to be dropped at ingress. Syntax drop Command Mode Policy-Class-Map Config 7.15.3.3 redirect This command specifies that all incoming packets for the associated traffic stream are...
  • Page 510 Differentiated Service Command Command Reference redirect <slot/port> Command Mode Policy-Class-Map Config 7.15.3.4 conform-color This command is used to enable color-aware traffic policing and define the conform-color class maps used. Used in conjunction with the police command where the fields for the conform level (for simple, single-rate, and two-rate policing) are specified.
  • Page 511 Differentiated Service Command Command Reference mark cos <0-7> <0-7> - The range of COS value is 0 to 7. Command Mode Policy-Class-Map Config Policy Type 7.15.3.6 class This command creates an instance of a class definition within the specified policy for the purpose of defining treatment of the traffic class through subsequent policy attribute statements.
  • Page 512 Differentiated Service Command Command Reference This command marks all packets for the associated traffic stream with the specified IP DSCP value. Syntax mark ip-dscp <value> <value> is specified as either an integer from 0 to 63, or symbolically through one of the following keywords: af11, af12, af13, af21, af22, af23, af31, af32, af33, af41, af42, af43, be, cs0, cs1, cs2, cs3, cs4, cs5, cs6, cs7, ef.
  • Page 513 Differentiated Service Command Command Reference possible actions are drop, set-dscp-transmit, set-prec-transmit, or transmit. In this simple form of the police command, the conform action defaults to transmit and the violate action defaults to drop. These actions can be set with this command once the style has been configured. <set-cos-transmit>, an priority value is required and is specified as an integer from 0-7.

  • Page 514: Service Commands

    Differentiated Service Command Command Reference Syntax policy-map rename <policyname> <newpolicyname> <policyname> - Old Policy name. <newpolicyname> - New policy name. Command Mode Global Config Policy Type In 7.15.4 Service Commands The 'service' command set is used in DiffServ to define: Traffic Conditioning Assign a DiffServ traffic conditioning policy (as specified by the policy commands) to an interface in the incoming direction.

  • Page 515: Show Commands

    Differentiated Service Command Command Reference Note: This command effectively enables DiffServ on an interface (in a particular direction). There is no separate interface administrative 'mode' command for DiffServ. Note: This command shall fail if any attributes within the policy definition exceed the capabilities of the interface.
  • Page 516 Differentiated Service Command Command Reference • Classes • Policies • Services This information can be displayed in either summary or detailed formats. The status information is only shown when the DiffServ administrative mode is enabled; it is suppressed otherwise. There is also a 'show' command for general DiffServ information that is available at any time.
  • Page 517 Differentiated Service Command Command Reference are displayed: Class Name The name of this class. (Note that the order in which classes are displayed is not necessarily the same order in which they were created.) Class Type The class type (all, any, or acl) indicating how the match criteria are evaluated for this class.
  • Page 518 Differentiated Service Command Command Reference 7.15.5.3 show policy-map This command displays all configuration information for the specified policy. Syntax show policy-map [<policy-map-name>] <policy-map-name> is the name of an existing DiffServ policy. Default Setting None Command Mode Privileged EXEC Display Message Policy Name The name of this policy.
  • Page 519 Differentiated Service Command Command Reference Conform Action The current setting for the action taken on a packet considered to conform to the policing parameters. This is not displayed if policing is not in use for the class under this policy. Conform COS Value This field shows the priority mark value if the conform action is markcos.
  • Page 520 Differentiated Service Command Command Reference Privileged EXEC Display Message DiffServ Admin Mode The current setting of the DiffServ administrative mode. An attached policy is only in effect on an interface while DiffServ is in an enabled mode. Interface The slot number and port number of the interface (slot/port). Direction The traffic direction of this interface service.
  • Page 521 Differentiated Service Command Command Reference 7.15.5.6 show policy-map interface This command displays policy-oriented statistics information for the specified interface and direction. Syntax show policy-map interface <slot/port> in <slot/port> specifies a valid slot number and port number for the system. The direction parameter indicates the interface direction of interest.
  • Page 522 Differentiated Service Command Command Reference active queue depth management, typically due to the effects of traffic shaping. These counts are only applicable for a class instance whose policy attributes includes random dropping, and may not be supported on all platforms. Only displayed for the 'out' direction. Shape Delayed Octets/Packets A count of the octets/packets that were delayed due to traffic shaping.

  • Page 523: Acl Command

    ACL Command Command Reference 7.16 ACL Command 7.16.1 Show Commands 7.16.1.1 show mac access-lists This command displays a MAC access list and all of the rules that are defined for the ACL. The <name> parameter is used to identify a specific MAC ACL to display. Syntax show mac access-list <name>...
  • Page 524 ACL Command Command Reference This command displays a summary of all defined MAC access lists in the system. Syntax show mac access-list Default Setting None Command Mode Privileged EXEC Display Message Current number of all ACLs The number of user-configured rules defined for this ACL. Maximum number of all ACLs The maximum number of ACL rules.
  • Page 525 ACL Command Command Reference Current number of ACLs The number of user-configured rules defined for this ACL. Maximum number of ACLs The maximum number of ACL rules. ACL ID The identifier of this ACL. Rule This displays the number identifier for each rule that is defined for the ACL. Action This displays the action associated with each rule.

  • Page 526: Configuration Commands

    ACL Command Command Reference 7.16.2 Configuration Commands 7.16.2.1 mac access-list extended This command creates a MAC Access Control List (ACL) identified by <name>, consisting of classification fields defined for the Layer 2 header of an Ethernet frame. The <name> parameter is a case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the MAC access list.
  • Page 527 ACL Command Command Reference None Command Mode Global Config 7.16.2.3 mac access-list This command creates a new rule for the current MAC access list. Each rule is appended to the list of configured rules for the list. Note that an implicit 'deny all' MAC rule always terminates the access list.
  • Page 528 ACL Command Command Reference This command attaches a specific MAC Access Control List (ACL) identified by <name> to an interface in a given direction. The <name> parameter must be the name of an exsiting MAC ACL. An optional sequence number may be specified to indicate the order of this access list relative to other access lists already assigned to this interface and direction.
  • Page 529 ACL Command Command Reference specifies a source ip address and source mask for match condition of the ACL rule specified by the srcip and srcmask parameters. The source layer 4 port match condition for the ACL rule is specified by the port value parameter. <portvalue>...

  • Page 530: Cos (Class Of Service) Command

    CoS (Class of Service) Command Command Reference Syntax Ip access-group <1- 199> in [<1-4294967295>] <1- 199> The identifier of this ACL. <1-4294967295> The sequence number of this ACL. Default Setting None Command Mode Global Config, Interface Config 7.17 CoS (Class of Service) Command 7.17.1 Show Commands 7.17.1.1 show queue cos-map This command displays the current Dot1p (802.1p) priority mapping to internal traffic classes...
  • Page 531 CoS (Class of Service) Command Command Reference Display Message The following information is repeated for each user priority. User Priority The 802.1p user priority value. Traffic Class The traffic class internal queue identifier to which the user priority value is mapped.
  • Page 532 CoS (Class of Service) Command Command Reference independent per-port class of service mappings, the output represents the system-wide port trust mode used for all interfaces. Syntax show queue trust [<slot/port>] < slot/port > The interface number. Default Setting None Command Mode Privileged EXEC, User EXEC Display Message Class of Service Trust Mode The trust mode of this interface.

  • Page 533: Configuration Commands

    CoS (Class of Service) Command Command Reference Command Mode Privileged EXEC Display Message Interface This displays the slot/port of the interface. If displaying the global configuration, this output line is replaced with a Global Config indication. Interface Shaping Rate The maximum transmission bandwidth limit for the interface as a whole.
  • Page 534 CoS (Class of Service) Command Command Reference This command maps an 802.1p priority to an internal traffic class for a device. Syntax queue cos-map all <0-7> <0-7> no queue cos-map all < 0-7 > - The range of queue priority is 0 to 7. <...
  • Page 535 CoS (Class of Service) Command Command Reference This command maps an IP precedence value to an internal traffic class for a device. Syntax queue ip-precedence-mapping all <0-7> <0-7> no queue ip-precedence-mapping all < 0-7 > - The range of IP precedence is 0 to 7. <...
  • Page 536 CoS (Class of Service) Command Command Reference This command sets the class of service trust mode for all interfaces. The mode can be set to trust one of the Dot1p (802.1p), IP Precedence. Syntax queue trust all {dot1p | ip-precedence | ip-dscp} no queue trust all no - This command sets the class of service trust mode to untrusted for all interfaces.
  • Page 537 CoS (Class of Service) Command Command Reference None Command Mode Interface Config. This command specifies the minimum transmission bandwidth guarantee for each interface queue in the device. Syntax queue cos-queue min-bandwidth all <bw-0> <bw-1> <bw-6> no queue cos-queue min-bandwidth all <bw-6>- Each Valid range is (0 to 100) in increments of 5 and the <bw-0>...
  • Page 538 CoS (Class of Service) Command Command Reference queue cos-queue strict <queue-id-0> [<queue-id-1> <queue-id-6>] no queue cos-queue strict <queue-id-0> [<queue-id-1> <queue-id-6>] no - This command restores the default weighted scheduler mode for each specified queue on a "per-port" basis. Default Setting None Command Mode Interface Config.
  • Page 539 CoS (Class of Service) Command Command Reference This command specifies the maximum transmission bandwidth limit for the interface as a whole. Also known as rate shaping, this has the effect of smoothing temporary traffic bursts over time so that the transmitted traffic rate is bounded. Syntax queue cos-queue traffic-shape <bw>...

  • Page 540: Address Resolution Protocol (Arp) Commands

    Address Resolution Protocol (ARP) Commands Command Reference None Command Mode Global Config. 7.18 Address Resolution Protocol (ARP) Commands 7.18.1 Show Commands 7.18.1.1 show ip arp This command displays the Address Resolution Protocol (ARP) cache. Syntax show ip arp Default Setting None Command Mode Privileged Exec...
  • Page 541 Address Resolution Protocol (ARP) Commands Command Reference into the unit. Dynamic renew mode: Displays whether the ARP component automatically attempts to renew dynamic ARP entries when they aged out. Total Entry Count Current/Peak: Field listing the total entries in the ARP table and the peak entry count in the ARP table.

  • Page 542: Configuration Commands

    Address Resolution Protocol (ARP) Commands Command Reference Syntax show ip arp static Default Setting None Command Mode Privileged Exec Display Message IP address: Is the IP address of a device on a subnet attached to an existing routing interface. MAC address: Is the MAC address for that device. 7.18.2 Configuration Commands 7.18.2.1 arp This command creates an ARP entry.
  • Page 543 Address Resolution Protocol (ARP) Commands Command Reference where the ARP request arrived. With proxy ARP, the device may also respond if the target IP address is reachable. The device only responds if all next hops in its route to the destination are through interfaces other than the interface that received the ARP request.
  • Page 544 Address Resolution Protocol (ARP) Commands Command Reference Default Setting Enabled Command Mode Global Config 7.18.2.5 arp purge This command causes the specified IP address to be removed from the ARP table. Only entries of type dynamic or gateway are affected by this command. Syntax arp purge <ipaddr>...
  • Page 545 Address Resolution Protocol (ARP) Commands Command Reference arp retries <0-10> no arp retries <0-10> - The range of maximum request for retries is 0 to 10. no - This command configures the default count of maximum request for retries. Default Setting The default value is 4.

  • Page 546: Ip Routing Commands

    IP Routing Commands Command Reference 7.19 IP Routing Commands 7.19.1 Show Commands 7.19.1.1 show ip brief This command displays all the summary information of the IP. Syntax show ip brief Default Setting None Command Mode Privileged Exec, User Exec Display Message Default Time to Live: The computed TTL (Time to Live) of forwarding a packet from the local router to the final destination.
  • Page 547 IP Routing Commands Command Reference Subnet Mask: Is a mask of the network and host portion of the IP address for the router interface. Routing Mode: Is the administrative mode of router interface participation. The possible values are enable or disable. Administrative Mode Is the administrative mode of the specified interface.
  • Page 548 IP Routing Commands Command Reference This command displays the entire route table. Syntax show ip route Default Setting None Command Mode Privileged Exec Display Message Total Number of Routes: The total number of routes. for each next hop Network Address: Is an IP address identifying the network on the specified interface. Subnet Mask: Is a mask of the network and host portion of the IP address for the router interface.
  • Page 549 IP Routing Commands Command Reference Protocol: Tells which protocol added the specified route. The possibilities are: local, static, OSPF, or RIP. for each next hop Next Hop Intf: The outgoing router interface to use when forwarding traffic to the next destination.

  • Page 550: Configuration Commands

    IP Routing Commands Command Reference This command displays detailed information about the route preferences. Route preferences are used in determining the best route. Lower router preference values are preferred over higher router preference values. Syntax show ip route preferences Default Setting None Command Mode Privileged Exec, User Exec...
  • Page 551 IP Routing Commands Command Reference This command enables routing for an interface. Syntax routing no routing no - Disable routing for an interface. Default Setting Enabled Command Mode Interface Config 7.19.2.2 ip routing This command enables the IP Router Admin Mode for the master switch. Syntax ip routing no ip routing...
  • Page 552 IP Routing Commands Command Reference Default Setting None Command Mode Interface Config 7.19.2.4 ip route This command configures a static route. Syntax ip route <networkaddr> <subnetmask> [ <nexthopip> [<1-255 >] ] no ip route <networkaddr> <subnetmask> [ { <nexthopip> | <1-255 > } ] <ipaddr>...
  • Page 553 IP Routing Commands Command Reference None Command Mode Global Config 7.19.2.6 ip route precedence This command sets the default precedence for static routes. Lower route preference values are preferred when determining the best route. The "ip route" and "ip default-next-hop" commands allow you to optionally set the precedence of an individual static route.
  • Page 554 IP Routing Commands Command Reference 7.19.2.8 ip directed-broadcast This command enables the forwarding of network-directed broadcasts. When enabled, network directed broadcasts are forwarded. When disabled they are dropped. Syntax ip directed-broadcast no ip directed-broadcast no - Drop network directed broadcast packets. Default Setting Enabled Command Mode...

  • Page 555: Open Shortest Path First (Ospf) Commands

    Open Shortest Path First (OSPF) Commands Command Reference Syntax encapsulation {ethernet | snap} ethernet - The link layer encapsulation type is ethernet. snap - The link layer encapsulation type is SNAP. Default Setting The default value is ethernet. Command Mode Interface Config Restrictions Routed frames are always Ethernet encapsulated when a frame is routed to a VLAN.
  • Page 556 Open Shortest Path First (OSPF) Commands Command Reference when it is configured to redistribute routes learned from other protocol. The possible values for the ASBR status is enabled (if the router is configured to re-distribute routes learnt by other protocols) or disabled (if the router is not configured for the same). RFC 1583 Compatibility Reflects whether 1583 compatibility is enabled or disabled.
  • Page 557 Open Shortest Path First (OSPF) Commands Command Reference Area LSA Count Total number of link-state advertisements in this area's link-state database, excluding AS external LSA's. Area LSA Checksum A number representing the area LSA checksum for the specified AreaID excluding the external (LS type 5) link-state advertisements. Stub Mode Represents whether the specified Area is a stub area or not.
  • Page 558 Open Shortest Path First (OSPF) Commands Command Reference Default Setting None Command Mode Privileged Exec, User Exec Display Messages IP Address Represents the IP address for the specified interface. This is a configured value. Subnet Mask Is a mask of the network and host portion of the IP address for the OSPF interface.
  • Page 559 Open Shortest Path First (OSPF) Commands Command Reference configured value. Area ID Represents the OSPF Area Id for the specified interface. This is a configured value. Router Priority A number representing the OSPF Priority for the specified interface. This is a configured value.
  • Page 560 Open Shortest Path First (OSPF) Commands Command Reference link-state database. LSAs Received The number of LSAs received. Originate New LSAs The number of LSAs originated. 7.20.1.7 show ip ospf neighbor This command displays the OSPF neighbor table list. When a particular neighbor ID is specified, detailed information about a neighbor is given.
  • Page 561 Open Shortest Path First (OSPF) Commands Command Reference network-LSAs. Events The number of times this neighbor relationship has changed state, or an error has occurred. Permanence This variable displays the status of the entry, either dynamic or permanent. This refers to how the neighbor became known. Hellos Suppressed This indicates whether Hellos are being suppressed to the neighbor.
  • Page 562 Open Shortest Path First (OSPF) Commands Command Reference 7.20.1.9 show ip ospf range This command displays information about the area ranges for the specified <areaid>. The <areaid> identifies the OSPF area whose ranges are being displayed. Syntax show ip ospf range <areaid> <areaid>...
  • Page 563 Open Shortest Path First (OSPF) Commands Command Reference Display Messages Area ID Is a 32-bit identifier for the created stub area. Type of Service Is the type of service associated with the stub metric. FASTPATH only supports Normal TOS. Metric Val The metric value is applied based on the TOS. It defaults to the least metric of the type of service among the interfaces to other areas.

  • Page 564: Configuration Commands

    Open Shortest Path First (OSPF) Commands Command Reference Syntax show ip ospf virtual-link brief Default Setting None Command Mode Privileged Exec, User Exec Display Messages Area Id Is the area id of the requested OSPF area. Neighbor Is the neighbor interface of the OSPF virtual interface. Hello Interval Is the configured hello interval for the OSPF virtual interface.
  • Page 565 Open Shortest Path First (OSPF) Commands Command Reference 7.20.2.2 no area This command removes an OSPF area. Syntax no area <areaid> Default Setting None Command Mode Router OSPF Config 7.20.2.3 ip ospf This command enables OSPF on a router interface. Syntax ip ospf no ip ospf...
  • Page 566 Open Shortest Path First (OSPF) Commands Command Reference Syntax 1583compatibility no 1583compatibility <no> - This command disables OSPF 1583 compatibility. Default Setting Enabled Command Mode Router OSPF Config 7.20.2.5 area default-cost This command configures the monetary default cost for the stub area. Syntax area <areaid>...
  • Page 567 Open Shortest Path First (OSPF) Commands Command Reference <areaid> - Area ID. <no> - This command disables nssa from the specified area id. Default Setting None Command Mode Router OSPF Config 7.20.2.7 area nssa default-info-originate This command configures the metric value and type for the default route advertised into the NSSA.
  • Page 568 Open Shortest Path First (OSPF) Commands Command Reference Default Setting None Command Mode Router OSPF Config 7.20.2.9 area nssa no-summary This command configures the NSSA so that summary LSAs are not advertised into the NSSA Syntax area <areaid> nssa no- summary <areaid>...
  • Page 569 Open Shortest Path First (OSPF) Commands Command Reference 7.20.2.11 area nssa translator-stab-intv This command configures the translator stability interval of the NSSA. The <stabilityinterval> is the period of time that an elected translator continues to perform its duties after it determines that its translator status has been deposed by another router.
  • Page 570 Open Shortest Path First (OSPF) Commands Command Reference Default Setting None Command Mode Router OSPF Config 7.20.2.13 area stub This command creates a stub area for the specified area ID. A stub area is characterized by the fact that AS External LSAs are not propagated into the area. Removing AS External LSAs and Summary LSAs can significantly reduce the link state database of routers within the stub area.
  • Page 571 Open Shortest Path First (OSPF) Commands Command Reference Default Setting Disabled Command Mode Router OSPF Config 7.20.2.15 area virtual-link authentication This command configures the authentication type and key for the OSPF virtual interface identified by <areaid> and <neighborid>. Syntax area <areaid> virtual-link <neighborid> authentication [{none | {simple <key>} | {encrypt <key>...
  • Page 572 Open Shortest Path First (OSPF) Commands Command Reference Syntax area <areaid> virtual-link <neighborid> dead-interval <1-65535> no area <areaid> virtual-link <neighborid> dead-interval <areaid> - Area ID. <neighbor> - Router ID of the neighbor. <1-65535> - The range of the dead interval is 1 to 65535. <no>...
  • Page 573 Open Shortest Path First (OSPF) Commands Command Reference 7.20.2.18 area virtual-link retransmit-interval This command configures the retransmit interval for the OSPF virtual interface on the interface identified by <areaid> and <neighborid>. Syntax area <areaid> virtual-link <neighborid> retransmit-interval <0-3600> no area <areaid> virtual-link <neighborid> retransmit-interval <areaid>...
  • Page 574 Open Shortest Path First (OSPF) Commands Command Reference Default Setting The default value of hello interval is 1 second. Command Mode Router OSPF Config 7.20.2.20 default-information originate This command is used to control the advertisement of default routes. Syntax default-information originate [always] [metric <1-16777215>] [metric-type {1 | 2}] no default-information originate [metric] [metric-type] [always] - Sets the router advertise 0.0.0.0/0.0.0.0.
  • Page 575 Open Shortest Path First (OSPF) Commands Command Reference <1-16777215> - The range of default metric is 1 to 16777215. <no> - This command configures the default advertisement of default routes. Default Setting None Command Mode Router OSPF Config 7.20.2.22 distance ospf This command sets the route preference value of OSPF in the router.
  • Page 576 Open Shortest Path First (OSPF) Commands Command Reference Syntax distribute-list <1-199> out {rip | static | connected} no distribute-list <1-199> out {rip | static | connected} <1-199> - The range of default list id is 1 to 199. <no> - This command is used to specify the access list to filter routes received from the source protocol.
  • Page 577 Open Shortest Path First (OSPF) Commands Command Reference 7.20.2.25 external-lsdb-limit This command configures the external LSDB limit for OSPF. If the value is -1, then there is no limit. When the number of non-default AS-external-LSAs in a router's link-state database reaches the external LSDB limit, the router enters overflow state.
  • Page 578 Open Shortest Path First (OSPF) Commands Command Reference Default Setting None Command Mode Interface Config 7.20.2.27 ip ospf authentication This command sets the OSPF Authentication Type and Key for the specified interface. The value of <type> is either none, simple or encrypt. If the type is encrypt a <keyid> in the range of 0 and 255 must be specified.
  • Page 579 Open Shortest Path First (OSPF) Commands Command Reference Syntax ip ospf cost <1-65535> no ip ospf cost < 1-65535 > - The range of the cost is 1 to 65535. <no> - This command configures the default cost on an OSPF interface. Default Setting The default cost value is 10.
  • Page 580 Open Shortest Path First (OSPF) Commands Command Reference 7.20.2.30 ip ospf hello -interval This command sets the OSPF hello interval for the specified interface. Syntax ip ospf hello-interval <1-65535> no ip ospf hello-interval < 1-65535 > - Is a valid positive integer, which represents the length of time in seconds. The value for the length of time must be the same for all routers attached to a network.
  • Page 581 Open Shortest Path First (OSPF) Commands Command Reference Command Mode Interface Config 7.20.2.32 ip ospf retransmit-interval This command sets the OSPF retransmit Interval for the specified interface. The retransmit interval is specified in seconds. Syntax ip ospf retransmit-interval <0-3600> no ip ospf retransmit-interval <...
  • Page 582 Open Shortest Path First (OSPF) Commands Command Reference < 1-3600 > - The range of transmit delay is 1 to 3600. <no> - This command sets the default OSPF Transit Delay for the specified interface. Default Setting The default transmit delay is 1 second. Command Mode Interface Config 7.20.2.34 ip ospf mtu-ignore...
  • Page 583 Open Shortest Path First (OSPF) Commands Command Reference Syntax router-id <ipaddress> < ipaddress > - IP Address. Default Setting None. Command Mode Router OSPF Config 7.20.2.36 redistribute This command configures OSPF protocol to redistribute routes from the specified source protocol/routers. Syntax redistribute {rip | static | connected} [metric <0-16777215>] [metric-type {1 | 2}] [tag <0-4294967295>] [subnets]...

  • Page 584: Bootp/Dhcp Relay Commands

    Bootp/DHCP Relay Commands Command Reference 7.20.2.38 This command sets the number of paths that OSPF can report for a given destination where <maxpaths> is platform dependent. Syntax maximum-paths <1-1> no maximum-paths < 1-1 > - The maximum number of paths that OSPF can report for a given destination. The range of the value is 1 to 1.

  • Page 585: Bootpdhcprelay Cidoptmode

    Bootp/DHCP Relay Commands Command Reference Circuit Id Option Mode Is the DHCP circuit Id option which may be enabled or disabled. Requests Received Is the number of requests received. Requests Relayed Is the number of requests relayed. Packets Discarded Is the number of packets discarded. 7.21.2 bootpdhcprelay cidoptmode This command enables the circuit ID option mode for BootP/DHCP Relay on the system.

  • Page 586: Bootpdhcprelay Minwaittime

    Bootp/DHCP Relay Commands Command Reference Syntax bootpdhcprelay maxhopcount <1-16> no bootpdhcprelay maxhopcount <count> - The range of maximum hop count is 1 to 16. no - Set the maximum hop count to 4. Default Setting The default value is 4. Command Mode Global Config 7.21.5...

  • Page 587: Ip Dhcp Restart

    Bootp/DHCP Relay Commands Command Reference <ipaddr> - The IP address of the BootP/DHCP server. no - Clear the IP address of the BootP/DHCP server. Default Setting None Command Mode Global Config 7.21.7 ip dhcp restart Submit a BootP or DHCP client request. Syntax ip dhcp restart Default Setting...

  • Page 588: Domain Name Server Relay Commands

    Domain Name Server Relay Commands Command Reference 7.22 Domain Name Server Relay Commands 7.22.1 Show Commands 7.22.1.1 show hosts This command displays the static host name-to-address mapping table. Syntax show hosts Default Setting None Command Mode Privileged Exec Display Message Domain Name List: Domain Name.

  • Page 589: Configuration Commands

    Domain Name Server Relay Commands Command Reference Domain Lookup Status: Enable or disable the IP Domain Naming System (DNS)-based host name-to-address translation function. Default Domain Name: The default domain name that will be used for querying the IP address of a host. Domain Name List: A list of domain names that will be used for querying the IP address of a host.
  • Page 590 Domain Name Server Relay Commands Command Reference Syntax ip host <name> <ipaddr> no ip host <name> <name> - Host name. <ipaddr> - IP address of the host. <no> - Remove the corresponding name to IP address mapping entry. Default Setting None Command Mode Privileged Exec...
  • Page 591 Domain Name Server Relay Commands Command Reference ip domain-name <name> no ip domain-name <name> <name> - Default domain name used to complete unqualified host names. Do not include the initial period that separates an unqualified name from the domain name. (Range: 1-64 characters) Default Setting None...
  • Page 592 Domain Name Server Relay Commands Command Reference name-to-address resolution. There are maximum 6 entries in the Domain Name Server Table. Syntax ip name-server <ipaddr> no ip name-server <ipaddr> < ipaddr > - IP address of the Domain Name Servers. <no> - Remove the corresponding Domain Name Server entry from the table. Note - The listed name servers are queried in the specified sequence until a response is received, or the end of the list is reached with no response.
  • Page 593 Domain Name Server Relay Commands Command Reference 7.22.2.7 clear domain-list This command clears all entries in the domain name list table. Syntax clear domain-list Default Setting None Command Mode Privileged Exec 7.22.2.8 clear dns This command sets the DNS configuration to default value. Syntax clear dns Default Setting...

  • Page 594: Routing Information Protocol (Rip) Commands

    Routing Information Protocol (RIP) Commands Command Reference Syntax clear dns cache Default Setting None Command Mode Privileged Exec 7.22.2.10 clear dns counter This command clears the statistics of all entries in the DNS cache table. Syntax clear dns cache Default Setting None Command Mode Privileged Exec...
  • Page 595 Routing Information Protocol (RIP) Commands Command Reference Default Setting None Command Mode Privileged Exec Display Message RIP Admin Mode: Select enable or disable from the pulldown menu. If you select enable RIP will be enabled for the switch. The default is disabled. Split Horizon Mode: Select none, simple or poison reverse from the pulldown menu.
  • Page 596 Routing Information Protocol (RIP) Commands Command Reference Privileged Exec Display Message Interface: Valid slot and port number separated by forward slashes. This is a configured value. IP Address: The IP source address used by the specified RIP interface. This is a configured value.

  • Page 597: Configuration Commands

    Routing Information Protocol (RIP) Commands Command Reference Receive Version: The RIP version(s) allowed when receiving updates from the specified interface. The types are none, RIP-1, RIP-2, Both RIP Mode: RIP administrative mode of router RIP operation; enable, disable it. Link State: The mode of the interface (up or down). 7.23.2 Configuration Commands 7.23.2.1 enable rip This command resets the default administrative mode of RIP in the router (active).
  • Page 598 Routing Information Protocol (RIP) Commands Command Reference Disabled Command Mode Interface Config 7.23.2.3 auto-summary This command enables the RIP auto-summarization mode. Syntax auto-summary no auto-summary no - This command disables the RIP auto-summarization mode. Default Setting Disable Command Mode Router RIP Config 7.23.2.4 default-information originate This command is used to set the advertisement of default routes.
  • Page 599 Routing Information Protocol (RIP) Commands Command Reference Router RIP Config 7.23.2.5 default-metric This command is used to set a default for the metric of distributed routes. Syntax default-metric <1-15> no default-metric <1 - 15> - a value for default-metric. no - This command is used to reset the default metric of distributed routes to its default value.
  • Page 600 Routing Information Protocol (RIP) Commands Command Reference Command Mode Router RIP Config 7.23.2.7 hostrouteaccept This command enables the RIP hostroutesaccept mode. Syntax hostrouteaccept no hostrouteaccept no - This command disables the RIP hostroutesaccept mode. Default Setting Enable Command Mode Router RIP Config 7.23.2.8 split-horizon This command sets the RIP split horizon mode.
  • Page 601 Routing Information Protocol (RIP) Commands Command Reference Default Setting Simple Command Mode Router RIP Config 7.23.2.9 distribute-list This command is used to specify the access list to filter routes received from the source protocol. Source protocols have OSPF, Static, and Connected. Syntax distribute-list <1-199>...
  • Page 602 Routing Information Protocol (RIP) Commands Command Reference Format for OSPF as source protocol: redistribute ospf [metric <1-15>] [match [internal] [external 1] [external 2] [nssa-external 1] [nssa-external 2]] Format for other source protocols: redistribute {static | connected} [metric <1-15>] no redistribute {ospf | static | connected} [metric] [match [internal] [external 1] [external 2] [nssa-external 1] [nssa-external 2]] <1 - 15>...
  • Page 603 Routing Information Protocol (RIP) Commands Command Reference Default Setting None Command Mode Interface Config 7.23.2.12 ip rip receive version This command configures the interface to allow RIP control packets of the specified version(s) to be received. The value for <mode> is one of: rip1 to receive only RIP version 1 formatted packets, rip2 for RIP version 2, both to receive packets from either format, or none to not allow any RIP control packets to be received Syntax...

  • Page 604: Router Discovery Protocol Commands

    Router Discovery Protocol Commands Command Reference Syntax ip rip send version {rip1 | rip1c | rip2 | none} no ip rip send version no - This command configures the interface to allow RIP control packets of the default version to be sent. Default Setting Rip2 Command Mode...

  • Page 605: Ip Irdp

    Router Discovery Protocol Commands Command Reference Preferences Displays the preference of the address as a default router address, relative to other router addresses on the same subnet. 7.24.2 ip irdp This command enables Router Discovery on an interface. Syntax ip irdp no ip irdp <no>...

  • Page 606: Ip Irdp Maxadvertinterval

    Router Discovery Protocol Commands Command Reference advertisement sent from this interface. Syntax ip irdp holdtime < maxadvertinterval-9000 > no ip irdp holdtime < maxadvertinterval-9000 > The range is the maxadvertinterval to 9000 seconds. no - This command configures the default value, in seconds, of the holdtime field of the router advertisement sent from this interface.

  • Page 607: Ip Irdp Preference

    VLAN Routing Commands Command Reference Syntax ip irdp minadvertinterval < 3-maxadvertinterval> no ip irdp minadvertinterval < 3-maxadvertinterval> - The range is 3 to maxadvertinterval seconds. no - This command sets the minimum time to 450. Default Setting The default value is 450. Command Mode Global Config 7.24.7...

  • Page 608: Vlan Routing

    VLAN Routing Commands Command Reference Syntax show ip vlan Default Setting None Command Mode Privileged Exec, User Exec Display Message MAC Address used by Routing VLANs Is the MAC Address associated with the internal bridgerouter interface (IBRI). The same MAC Address is used by all VLAN routing interfaces. It will be displayed above the per-VLAN information.

  • Page 609: Virtual Router Redundancy Protocol (Vrrp) Commands

    Virtual Router Redundancy Protocol (VRRP) Commands Command Reference 7.26 Virtual Router Redundancy Protocol (VRRP) Commands 7.26.1 Show Commands 7.26.1.1 show ip vrrp This command displays whether VRRP functionality is enabled or disabled. It also displays some global parameters which are required for monitoring. Syntax show ip vrrp Default Setting...
  • Page 610 Virtual Router Redundancy Protocol (VRRP) Commands Command Reference Display Message Interface Valid slot and port number separated by forward slashes. VRID Represents the router ID of the virtual router. IP Address Is the IP Address that was configured on the virtual router Mode Represents whether the virtual router is enabled or disabled.

  • Page 611: Configuration Commands

    Virtual Router Redundancy Protocol (VRRP) Commands Command Reference <vrid> - Virtual router ID. Default Setting None Command Mode Privileged Exec, User Exec Display Message VRID Represents the router ID of the virtual router. Uptime Is the time that the virtual router has been up, in days, hours, minutes and seconds. Protocol Represents the protocol configured on the interface.
  • Page 612 Virtual Router Redundancy Protocol (VRRP) Commands Command Reference Default Setting Disabled Command Mode Global Config This command sets the virtual router ID on an interface for Virtual Router configuration in the router. Syntax ip vrrp <1-255> no ip vrrp <1-255> <1-255>...
  • Page 613 Virtual Router Redundancy Protocol (VRRP) Commands Command Reference Default Setting None Command Mode Interface Config 7.26.2.3 ip vrrp mode This command enables the virtual router configured on the specified interface. Enabling the status field starts a virtual router. Syntax ip vrrp <1-255> mode no ip vrrp <1-255>...
  • Page 614 Virtual Router Redundancy Protocol (VRRP) Commands Command Reference Default Setting no authentication Command Mode Interface Config 7.26.2.5 ip vrrp preempt This command sets the preemption mode value for the virtual router configured on a specified interface. Syntax ip vrrp <1-255> preempt no ip vrrp <1-255>...

  • Page 615: Distance Vector Multicast Routing Protocol (Dvmrp) Commands

    Distance Vector Multicast Routing Protocol (DVMRP) Commands Command Reference The default priority value is 100. Command Mode Interface Config 7.26.2.7 ip vrrp timers advertise This command sets the advertisement value for a virtual router in seconds. Syntax ip vrrp <1-255> timers advertise <1-255> ip vrrp <1-255>...
  • Page 616 Distance Vector Multicast Routing Protocol (DVMRP) Commands Command Reference Syntax show ip dvmrp Default Setting None Command Mode Privileged Exec User EXEC Admin Mode This field indicates whether DVMRP is enabled or disabled. This is a configured value. Display Message Admin Mode Enable or disable DVMRP function.
  • Page 617 Distance Vector Multicast Routing Protocol (DVMRP) Commands Command Reference Generation ID This is the Generation ID value for the interface. This is used by the neighboring routers to detect that the DVMRP table should be resent. The following fields are displayed only if DVMRP is enabled on this interface. Received Bad Packets This is the number of invalid packets received.
  • Page 618 Distance Vector Multicast Routing Protocol (DVMRP) Commands Command Reference Default Setting None Command Mode Privileged Exec User EXEC Display Message Source IP This field displays the sources for which this entry specifies a next hop on an outgoing interface. Source Mask This field displays the IP Mask for the sources for which this entry specifies a next hop on an outgoing interface.

  • Page 619: Configuration Commands

    Distance Vector Multicast Routing Protocol (DVMRP) Commands Command Reference None Command Mode Privileged Exec User EXEC Display Message Source Address This field displays the multicast address of the source group. Source Mask This field displays the IP Mask for the source group. Upstream Neighbor This field indicates the IP Address of the neighbor which is the source for the packets for a specified multicast address.

  • Page 620: Internet Group Management Protocol (Igmp) Commands

    Internet Group Management Protocol (IGMP) Commands Command Reference Syntax ip dvmrp metric <value> no ip dvmrp metric <value> <value> - This field has a range of 1 to 63. no - This command resets the metric for an interface to the default value. This value is used in the DVMRP messages as the cost to reach this network.
  • Page 621 Internet Group Management Protocol (IGMP) Commands Command Reference IGMP Admin Mode This field displays the administrative status of IGMP. This is a configured value. Interface Valid slot and port number separated by forward slashes. Interface Mode This field indicates whether IGMP is enabled or disabled on the interface. This is a configured value.
  • Page 622 Internet Group Management Protocol (IGMP) Commands Command Reference specified interface. 7.28.1.3 show ip igmp interface This command displays the IGMP information for the interface. Syntax show ip igmp interface <slot/port> Default Setting None Command Mode Privileged Exec User EXEC Display Message Slot/port Valid slot and port number separated by forward slashes.
  • Page 623 Internet Group Management Protocol (IGMP) Commands Command Reference Syntax show ip igmp interface membership <multiipaddr> [detail] Default Setting None Command Mode Privileged Exec User EXEC Display Message IInterface Valid slot and port number separated by forward slashes. Interface IP This displays the IP address of the interface participating in the multicast group. State This displays whether the interface has IGMP in Querier mode or Non-Querier mode.

  • Page 624: Configuration Commands

    Internet Group Management Protocol (IGMP) Commands Command Reference Display Message Querier Status This field indicates the status of the IGMP router, whether it is running in Querier mode or Non-Querier mode. Querier IP Address This field displays the IP Address of the IGMP Querier on the IP subnet which this interface is attached.
  • Page 625 Internet Group Management Protocol (IGMP) Commands Command Reference Syntax ip igmp version {1 | 2 | 3} no ip igmp version no - This command resets the version of IGMP for this interface. The version is reset to the default value. Default Setting Command Mode Interface Config...
  • Page 626 Internet Group Management Protocol (IGMP) Commands Command Reference ip igmp last-member-query-interval <0-255> no ip igmp last-member-query-interval <0-255> - The range for <0-255> is 0 to 255 tenths of a second. no - This command resets the Maximum Response Time being inserted into Group-Specific Queries sent in response to Leave Group messages on the interface to the default value.
  • Page 627 Internet Group Management Protocol (IGMP) Commands Command Reference no ip igmp query-max-response-time <0-255> - The range for <0-255> is 0 to 255 tenths of a second. no - This command resets the maximum response time interval for the specified interface, which is the maximum query response time advertised in IGMPv2 queries on this interface to the default value.
  • Page 628 Internet Group Management Protocol (IGMP) Commands Command Reference Syntax ip igmp startup-query-count <1-20> no ip igmp startup-query-count <1-20> - The range for <1-20> is 1 to 20. no - This command resets the number of Queries sent out on startup, separated by the Startup Query Interval on the interface to the default value Default Setting Command Mode...

  • Page 629: Multicast Commands

    Multicast Commands Command Reference 7.29 Multicast Commands 7.29.1 Show Commands 7.29.1.1 show ip mcast This command displays the system-wide multicast information Syntax show ip mcast Default Setting None Command Mode Privileged Exec Display Message Admin Mode: This field displays the administrative status of multicast. This is a configured value.
  • Page 630 Multicast Commands Command Reference show ip mcast boundary {<slot/port> | all} < slot/port > - Interface number. all - This command represents all interfaces. Default Setting None Command Mode Privileged Exec Display Message Interface: Valid slot and port number separated by forward slashes. Group IP: The group IP address.
  • Page 631 Multicast Commands Command Reference This command displays a summary or all the details of the multicast table. Syntax show ip mcast mroute {detail | summary} detail - displays the multicast routing table details. summary - displays the multicast routing table summary. Default Setting None Command Mode...
  • Page 632 Multicast Commands Command Reference Default Setting None Command Mode Privileged Exec Display Message If the detail parameter is specified the follow fields are displayed: Source IP: This field displays the IP address of the multicast data source. Group IP: This field displays the IP address of the destination of the multicast packet. Expiry Time (secs): This field displays the time of expiry of this entry in seconds.
  • Page 633 Multicast Commands Command Reference Up Time (secs): This field displays the time elapsed since the entry was created in seconds. RPF Neighbor: This field displays the IP address of the RPF neighbor. Flags: This field displays the flags associated with this entry. If the summary parameter is specified the follow fields are displayed: Source IP: This field displays the IP address of the multicast data source.
  • Page 634 Multicast Commands Command Reference [ipaddr]" command. The results subsequent to the completion of the latest "mrinfo" will be available in the buffer pool after a maximum duration of two minutes after the completion of the ‘show mrinfo’ command. A subsequent issue ‘mrinfo’ will overwrite the contents of the buffer pool with fresh results.

  • Page 635: Configuration Commands

    Multicast Commands Command Reference 7.29.1.7 show mtrace This command is used to display results of multicast trace path from the results buffer pool of the router, subsequent to the execution/completion of a "mtrace <source> [group] [receiver]" command. The results subsequent to the completion of the "mtrace" will be available in the buffer pool within 2 minutes and thereafter.
  • Page 636 Multicast Commands Command Reference no - This command sets the administrative mode of the IP multicast forwarder in the router to inactive . For multicast routing to become operational, IGMP must be currently enabled. An error message will be displayed on the CLI if multicast routing is enabled while IGMP is disabled.
  • Page 637 Multicast Commands Command Reference Global Config 7.29.2.3 no ip mcast mroute This command is used to clear entries in the mroute table. The all parameters is used to clear all entries. The source parameter is used to clear the routes in the mroute table entries containing the specified <sourceipaddr>...
  • Page 638 Multicast Commands Command Reference no ip mcast boundary <groupipaddr> <mask> < groupipaddr > - the multicast group address for the start of the range of addresses to be excluded. The address must be in the range of 239.0.0.0 through 239.255.255.255. <...
  • Page 639 Multicast Commands Command Reference This command is used to query the neighbor information of a multicast-capable router specified by [<ipaddr>]. The default value is the IP address of the system at which the command is issued. The mrinfo command can take up to 2 minutes to complete. Only one mrinfo command may be in process at a time.
  • Page 640 Multicast Commands Command Reference None Command Mode Privileged Exec 7.29.2.8 mtrace This command is used to find the multicast path from a source to a receiver (unicast router ID of the host running mtrace). A trace query is passed hop-by-hop along the reverse path from the receiver to the source, collecting hop addresses, packet counts, and routing error conditions along the path, and then the response is returned to the requestor.

  • Page 641: Protocol Independent Multicast – Dense Mode (Pim-Dm) Commands

    Protocol Independent Multicast – Dense Mode (PIM-DM) Commands Command Reference queries it receives from other router devices. Syntax disable ip multicast mdebug mtrace no disable ip multicast mdebug mtrace no - This command is used to enable the processing capability of mtrace query on this router.
  • Page 642 Protocol Independent Multicast – Dense Mode (PIM-DM) Commands Command Reference This is a configured value. Protocol State: This field indicates the current state of PIM-DM on this interface. Possible values are Operational or Non-Operational. 7.30.1.2 show ip pimdm interface This command displays the interface information for PIM-DM on the specified interface. Syntax show ip pimdm interface <slot/port>...

  • Page 643: Configuration Commands

    Protocol Independent Multicast – Dense Mode (PIM-DM) Commands Command Reference None Command Mode Privileged Exec Display Message Interface: Valid slot and port number separated by forward slashes. IP Address: This field indicates the IP Address that represents the PIM-DM interface. Nbr Count: This field displays the neighbor count for the PIM-DM interface.
  • Page 644 Protocol Independent Multicast – Dense Mode (PIM-DM) Commands Command Reference This command enables the administrative mode of PIM-DM in the router. Syntax ip pimdm no ip pimdm no - This command disables the administrative mode of PIM-DM in the router. IGMP must be enabled before PIM-DM can be enabled.

  • Page 645: Protocol Independent Multicast – Sparse Mode (Pim-Sm) Commands

    Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands Command Reference Syntax ip pimdm query-interval <10 - 3600> no ip pimdm query-interval <10 - 3600> - This is time interval in seconds. no - This command resets the transmission frequency of hello messages between PIM enabled neighbors to the default value.
  • Page 646 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands Command Reference Register Threshold Rate (Kbps): This field indicates the threshold rate for the RP router to switch to the shortest path. This is a configured value. Interface: Valid slot and port number separated by forward slashes. Interface Mode: This field indicates whether PIM-SM is enabled or disabled on the interface.
  • Page 647 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands Command Reference Default Setting None Command Mode Privileged Exec Display Message Slot/port: Valid slot and port number separated by forward slashes. IP Address: This field indicates the IP address of the specified interface. Subnet Mask: This field indicates the Subnet Mask for the IP address of the PIM interface.
  • Page 648 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands Command Reference interface. Neighbor Count: This field displays the number of neighbors on the PIM-SM interface. 7.31.1.5 show ip pimsm neighbor This command displays the neighbor information for PIM-SM on the specified interface. Syntax show ip pimsm neighbor [<slot/port>...
  • Page 649 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands Command Reference candidate - this command display PIM-SM candidate-RP table information. all - this command display all group addresses. Default Setting None Command Mode Privileged Exec Display Message Group Address: This field specifies the IP multicast group address. Group Mask: This field specifies the multicast group address subnet mask.

  • Page 650: Configuration Commands

    Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands Command Reference 7.31.1.8 show ip pimsm staticrp This command displays the static RP information for the PIM-SM router. Syntax show ip pimsm staticrp Default Setting None Command Mode Privileged Exec Display Message Address: This field displays the IP address of the RP.
  • Page 651 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands Command Reference 7.31.2.2 ip pimsm message-interval This command is used to configure the global join/prune interval for PIM-SM router. The join/prune interval is specified in seconds. This parameter can be configured to a value from 10 to 3600.
  • Page 652 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands Command Reference Command Mode Global Config 7.31.2.4 ip pimsm spt-threshold This command is used to configure the Threshold rate for the last-hop router to switch to the shortest path. The rate is specified in Kilobytes per second. The possible values are 0 to 2000. Syntax ip pimsm spt-threshold <0 - 2000>...
  • Page 653 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands Command Reference <rp-address> is the IP address of the RP. The parameter <group-address> is the group address supported by the RP. The parameter <group-mask> is the group mask for the group address. Default Setting Disabled Command Mode...
  • Page 654 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands Command Reference <10 - 3600> - This is time interval in seconds. no - This command resets the transmission frequency of hello messages between PIM enabled neighbors to the default value. Default Setting Command Mode Interface Config 7.31.2.8 ip pimsm cbsrpreference...
  • Page 655 Protocol Independent Multicast – Sparse Mode (PIM-SM) Commands Command Reference no ip pimsm cbsrhashmasklength <0 - 32> - The CBSR hash mask length. no - This command is used to reset the CBSR hash mask length for a particular PIM-SM interface to the default value.

  • Page 656: Using Snmp

    Using SNMP 8 Using SNMP SNMP (Simple Network Management Protocol) is a communication protocol designed specifically for managing devices or other elements on a network. Equipment commonly managed with SNMP includes switches, routers and host computers. SNMP is typically used to configure these devices for proper operation in a network environment, as well as to monitor them to evaluate performance or detect potential problems.

  • Page 657: Supported Mibs

    Supported MIBs Using SNMP 8.1 Supported MIBs The standard MIBs are listed in the following table. Public MIB NAME MIB FIles Specifications IEEE 802.1x IEEE8021-PAE-MIB dot1x.my IEEE 802.3ad LAG-MIB dot3ad.my RFC 1213 RFC1213-MIB mib-2.my RFC 2011 RFC2011 ip-icmp.my IP-MIB RFC 1493 BRIDGE-MIB bridge.my RFC 1643...
  • Page 658 Supported MIBs Using SNMP RFC 2932 IPMROUTE-STD-MIB ipmroute.my RFC 1354 IP-FORWARD-MIB ipforward.my RFC 2213 INTEGRATED-SERVICES-MIB intserv.my RFC 3291 INET-ADDRESS-MIB inetaddress.my RFC 2933 and RFC 3019 MGMD-STD-MIB igmp.my RFC 1573 IANAifType-MIB iftype.my RFC 2677 IANA-ADDRESS-FAMILY-NUMBERS-MIB ianaaddr.my The private enterprise MIB is listed below. MIB files Private MIB names FSC-SWITCH-MIB...

  • Page 659: Accessing Mib Objects

    Accessing MIB Objects Using SNMP 8.2 Accessing MIB Objects MIB objects represent features of the switch that an SNMP application can control and manage. One example is the RFC-2233 IF-MIB group which you can use to get or set the port configuration by reading or writing to different variables in this MIB group.
  • Page 660 Supported Traps Using SNMP ifOutOctets ifOutUcastPkts ifOutNUcastPkts ifOutDiscards ifOutErrors ifOutQLen ifSpecific ifXTable Index: ifIndex ifName ifInMulticastPkts ifInBroadcastPkts ifOutMulticastPkts ifOutBroadcastPkts ifHCInOctets ifHCInUcastPkts ifHCInMulticastPkts ifHCInBroadcastPkts ifHCOutOctets ifHCOutUcastPkts ifHCOutMulticastPkts ifHCOutBroadcastPkts ifLinkUpDownTrapEnable ifHighSpeed ifPromiscuousMode ifConnectorPresent ifAlias ifCounterDiscontinuityTime Lan Switch and Router Blade...
  • Page 661 Supported Traps Using SNMP ifStackTable Indicies: ifStackHigherLayer ifStackLowerLayer ifStackStatus ifRcvAddressTable Indicies: ifIndex ifRcvAddressAddress ifRcvAddressStatus ifRcvAddressType ifTestTable Index: ifTestId ifTestStatus ifTestType ifTestResult ifTestCode ifTestOwner Lan Switch and Router Blade...

  • Page 662: Supported Traps

    Supported Traps Using SNMP 8.3 Supported Traps SNMP traps supported include the following items: RFC No. Title RFC 1215 coldStart warmStart linkDown linkUp F il RFC 1493 newRoot topologyChange RFC 2819 risingAlarm fallingAlarm Lan Switch and Router Blade...

  • Page 663: Default Settings

    Default Settings 9 Default Settings The overview default settings for the system module are shown in the following table. Manageme serial port / telnet / ssh HTTP Java Applet / SSL3.0 , TLS 1.0 SNMP v1/v2c/v3 Enterprise MIBs / Standard MIBs / RMON System Management VLAN WEB Management...
  • Page 664 Default Settings Administrative Mode: ......Disabled Protocol Levels: ......Versions 1 and 2 HTTP Mode (Secure): Disabled Secure Port: 443 Secure Protocol Level(s): TLS1 SSL3 Switching GARP disable GVRP disable GMRP disable 802.1X Port Authent. disable RADIUS Client disable IGMP Snooping disable Port Mirroring disable...
  • Page 665 Default Settings The default settings for all the configuration commands are shown in the following table. SB9 DEFAULT CONFIG sntp unicast client poll-interval 6 sntp unicast client poll-timeout 5 sntp unicast client poll-retry 1 sntp broadcast client poll-interval 6 sntp client port 123 sntp clock timezone Taipei 8 0 before-utc logging buffered logging buffered...
  • Page 666 Default Settings arp dynamicrenew arp timeout 1200 arp resptime 1 arp retries 4 arp cachesize 1664 bootpdhcprelay no bootpdhcprelay enable bootpdhcprelay maxhopcount 4 bootpdhcprelay minwaittime 0 bootpdhcprelay serverip 0.0.0.0 no bootpdhcprelay cidoptmode username username defaultlogin defaultList dot1x no dot1x system-auth-control dot1x default-login defaultList radius no radius accounting mode...
  • Page 667 Default Settings tacacs no tacacs tacacs port 1 49 no tacacs key 1 no tacacs server-ip 1 tacacs timeout 1 3 tacacs retry 1 5 no tacacs mode 1 tacacs port 2 49 no tacacs key 2 no tacacs server-ip 2 tacacs timeout 2 3 tacacs retry 2 5 no tacacs mode 2...
  • Page 668 Default Settings queue queue ip-dscp-mapping 0 1 queue ip-dscp-mapping 1 1 queue ip-dscp-mapping 2 1 queue ip-dscp-mapping 3 1 queue ip-dscp-mapping 4 1 queue ip-dscp-mapping 5 1 queue ip-dscp-mapping 6 1 queue ip-dscp-mapping 7 1 queue ip-dscp-mapping 8 0 queue ip-dscp-mapping 9 0 queue ip-dscp-mapping 10 0 queue ip-dscp-mapping 11 0 queue ip-dscp-mapping 12 0...
  • Page 669 Default Settings exec-timeout 5 baudrate 9600 password-threshold 3 silent-time 0 line vty mode line vty sessions exec-timeout 5 maxsessions 5 password-threshold 3 router ospf mode router ospf enable 1583compatibility no maximum-paths exit-overflow-interval 0 area 0.0.0.0 default-cost 1 area 0.0.0.0 stub summarylsa no external-lsdb-limit no redistribute connected no redistribute static...
  • Page 670 Default Settings ip pimsm crppreference 0 ip pimsm cbsrhashmasklength 30 ip ipv6 no ip igmp snooping interfacemode ip igmp snooping groupmembershipinterval 260 ip igmp snooping max-response-time 10 ip igmp snooping mcrtrexpiretime 0 no ip igmp snooping immediate-leave no ip directed-broadcast no ip ospf ip ospf areaid 0.0.0.0 ip ospf priority 1...
  • Page 671 Default Settings storm-control no storm-control broadcast switchport broadcast packet-rate 4 no storm-control multicast switchport multicast packet-rate 4 no storm-control unicast switchport unicast packet-rate 4 no storm-control flowcontrol queue trust dot1p queue ip-precedence-mapping 0 1 queue ip-precedence-mapping 1 0 queue ip-precedence-mapping 2 0 queue ip-precedence-mapping 3 1 queue ip-precedence-mapping 4 2 queue ip-precedence-mapping 5 2...
  • Page 672 Default Settings port-security no port-security port-security max-dynamic 600 port-security max-static 20 snmp-server no snmp-server enable traps violation routing no routing encapsulation encapsulation ethernet mtu 1518 SSL & SSH key SSH DSA Key SSH RSA1 Key SSH RSA2 Key Secure DH Strong PEM Secure DH Weak PEM Secure Root PEM Secure Server PEM...

  • Page 673: Troubleshooting And Tips

    Accessing the Management Interface Troubleshooting and Tips 10 Troubleshooting and Tips If you are having problems connecting to the network, check your network cabling to ensure that the device in question is properly connected to the network. Then refer to verify that the corresponding port on the switch is functioning properly.
  • Page 674 Accessing the Management Interface Troubleshooting and Tips Symptom Action Cannot connect to the switch • Be sure you have configured the agent with a valid IP address, subnet mask and using Telnet, Web browser, default gateway. or SNMP software • If you are trying to connect to the agent via the IP address for a tagged VLAN group, your management station must include the appropriate tag in its transmitted frames.

This manual is also suitable for:

Primergy bx600

Table of Contents