Advantech EKI-7000 User Manual
User Manual
EKI-7000 Series
Command Line Interface
Copyright
The documentation and the software included with this product are copyrighted 2016
by Advantech Co., Ltd. All rights are reserved. Advantech Co., Ltd. reserves the right
to make improvements in the products described in this manual at any time without
notice. No part of this manual may be reproduced, copied, translated or transmitted
in any form or by any means without the prior written permission of Advantech Co.,
Ltd. Information provided in this manual is intended to be accurate and reliable. However, Advantech Co., Ltd. assumes no responsibility for its use, nor for any infringements of the rights of third parties, which may result from its use.
Acknowledgements
Intel and Pentium are trademarks of Intel Corporation.
Microsoft Windows and MS-DOS are registered trademarks of Microsoft Corp.
All other product names or trademarks are properties of their respective owners.
Technical Support and Assistance
1. Visit the Advantech web site at www.advantech.com/support where you can find
the latest information about the product.
2. Contact your distributor, sales representative, or Advantech's customer service
center for technical support if you need additional assistance. Please have the
following information ready before you call:
– Product name and serial number
– Description of your peripheral attachments
– Description of your software (operating system, version, application software,
etc.)
– A complete description of the problem
– The exact wording of any error messages
Firmware Compatibility
This document contains references to information regarding the CLI interface. The
intent of this document is to provide guidance on identifying the CLI functions for the
following firmware version.
Firmware version: 1.01.xx
Printed in Taiwan Edition1
January 2021
EKI-7000 Series User Manual ii
Warnings, Cautions and Notes
Warning! Warnings indicate conditions, which if not observed, can cause personal
injury!
Caution! Cautions are included to help you avoid damaging hardware or losing
data. e.g.
There is a danger of a new battery exploding if it is incorrectly installed.
Do not attempt to recharge, force open, or heat the battery. Replace the
battery only with the same or equivalent type recommended by the manufacturer. Discard used batteries according to the manufacturer's
instructions.
Note! Notes provide optional additional information.
Document Feedback
To assist us in making improvements to this manual, we would welcome comments
and constructive criticism. Please send all such - in writing to: support@advantech.com
iii EKI-7000 Series User Manual
Contents
Chapter 1 Command Line Interface.....................1
1.1 Using the Command-Line Interface .......................................................... 2
1.1.1 Initially Configuring a Device......................................................... 2
1.1.2 Understanding Command Syntax ................................................. 2
1.1.3 Understanding Enable and Enable Secret Passwords ................. 2
1.1.4 Abbreviating Commands............................................................... 3
1.2 L2 Features ............................................................................................... 3
1.2.1 Port Configuration ......................................................................... 3
1.2.2 MAC Address Table...................................................................... 4
1.2.3 Jumbo Frame................................................................................ 5
1.2.4 Flow Control.................................................................................. 5
1.2.5 Spanning Tree .............................................................................. 5
1.2.6 VLAN............................................................................................. 9
1.2.7 Q-in-Q ......................................................................................... 11
1.2.8 Link Aggregation ......................................................................... 11
1.2.9 GARP.......................................................................................... 13
1.2.10 GVRP.......................................................................................... 13
1.2.11 Port Mirror ................................................................................... 13
1.2.12 LLDP ........................................................................................... 14
1.3 Multicast .................................................................................................. 16
1.3.1 IGMP Snooping........................................................................... 16
1.3.2 MLD Snooping ............................................................................ 19
1.4 Redundancy ............................................................................................ 22
1.4.1 X-Ring ......................................................................................... 22
1.5 QoS ......................................................................................................... 23
1.5.1 Rate Limit.................................................................................... 23
1.5.2 QoS............................................................................................. 23
1.6 Security ................................................................................................... 25
1.6.1 Loop Detection / Prevention........................................................ 25
1.6.2 Storm Control.............................................................................. 25
1.6.3 Port Security ............................................................................... 26
1.6.4 802.1X......................................................................................... 26
1.6.5 Remote Authentication................................................................ 27
1.6.6 One Time Password ................................................................... 28
1.6.7 Account Manager........................................................................ 28
1.6.8 DoS Attack Prevention................................................................ 29
1.6.9 IP Security................................................................................... 29
1.6.10 Access Control List ..................................................................... 30
1.7 Management ........................................................................................... 33
1.7.1 IP Management........................................................................... 33
1.7.2 SNMP.......................................................................................... 34
1.7.3 Configuration Management......................................................... 34
1.7.4 Firmware Management ............................................................... 35
1.7.5 DHCP Server .............................................................................. 36
1.7.6 DHCP Client................................................................................ 37
1.7.7 System Log (SYSLOG)............................................................... 37
1.7.8 System Time ............................................................................... 38
1.7.9 SMTP .......................................................................................... 39
1.7.10 NTP Server ................................................................................. 40
1.7.11 RMON ......................................................................................... 41
1.7.12 IP Configuration .......................................................................... 43
1.7.13 TELNET ...................................................................................... 43
1.7.14 SSH............................................................................................. 43
1.7.15 HTTP........................................................................................... 43
EKI-7720 Series User Manual iv
1.7.16 Modbus TCP ............................................................................... 44
1.7.17 IXM.............................................................................................. 44
1.8 Diagnostic ............................................................................................... 45
1.8.1 Cable Diagnostic......................................................................... 45
1.8.2 DMI ............................................................................................. 45
1.8.3 IP-based Diagnostic.................................................................... 46
1.8.4 PoE ............................................................................................. 46
1.8.5 LED ............................................................................................. 47
1.8.6 System ........................................................................................ 48
v EKI-7720 Series User Manual
Chapter 1
1Command Line
Interface
1.1 Using the Command-Line Interface
The Advantech IOS command-line interface (CLI) is the primary user interface used
to configure, monitor, and maintain Advantech devices. The user interface allows you
to directly execute CLI commands.
This chapter describes the basic features of the Advantech IOS CLI and how to use
them. Topics covered include the following:
Layer 2 features
Multicast
IGMP Snooping
MLD Snooping
Redundancy
QoS
Security
Management
Diagnostic
1.1.1 Initially Configuring a Device
The initial configuration of a device varies by platform. This document provides configuration information for the listed devices.
After initially configuring and connecting the device to the network, you can configure
the device by using the remote access method, such as Telnet or Secure Shell
(SSH), to access the CLI or by using the configuration method provided on the
device, such as Security Device Manager.
1.1.2 Understanding Command Syntax
The command syntax is the format used for entering CLI commands. The commands
are derived from the use of the command, keywords, and arguments. The keywords
are alphanumeric strings used literally, while arguments are used as placeholders for
required values.
1.1.3 Understanding Enable and Enable Secret Passwords
Some privileged EXEC commands are used for actions that impact the system, and it
is recommended that you set a password for these commands to prevent unauthorized use. Two types of passwords, enable (not encrypted) and enable secret
(encrypted), can be set.
The following commands set these passwords and are issued in global configuration
mode:
enable password
enable secret password
2 EKI-7000 Series User Manual
1.1.4 Abbreviating Commands
The CLI commands can be used in an abbreviated form to execute. The CLI recognizes the abbreviates uniquely identifying the command. In the following example the
show version command is used to illustrate the correct usage:
Full command: show version
Correct abbreviation: sh ver
However, attempting to execute the show command by using the single letter s
would be invalid as s may refer to the commands show or save. For the same reason the variable version cannot be abbreviated to a single v as it may represent
the variable vlan, etc.
Full command: show version
Incorrect abbreviation: s version, s ver, sh v
1.2 L2 Features
1.2.1 Port Configuration
Table 1.1: Port Configuration
Function Privilege Description Example
[no] shutdown Admin EXEC Use "shutdown" command
to disable port and use "no
shutdown" to enable port. If
port is error disabled for any
reason, use "no shutdown"
command to recover the
port manually.
speed (10|100) Admin EXEC Use "speed" command to
speed (1000|) Admin EXEC
speed auto
[(10|100|10/100)]
speed auto
[(1000|)]
duplex
(auto|full|half)
description
WORD<1-"
SYS_STR_CONST(SYS_
PORTDESC_STR_LEN)
">
no description Admin EXEC Use no form to restore
Admin EXEC
Admin EXEC
Admin EXEC Use "duplex" command to
Admin EXEC Use "description" command
change port speed
configuration. The speed is
only able to configure to the
physical maximum speed.
For example, in fast
Ethernet port, speed 1000
is not available.
change port duplex
configuration.
to give the port a name to
identify it easily.
If description includes
space character, please use
double quotes to wrap it.
description to empty string.
This example shows how to
modify port duplex
configuration.
switch (config)# interface fa1
switch (config-if)# shutdown"
This example shows how to
modify port speed
configuration.
switch (config)# interface fa2
switch (config-if)# speed auto
10/100
This example shows how to
modify port duplex
configuration.
switch (config)# interface fa1
switch (config-if)# duplex full
switch (config-if)# exit
switch (config)# interface fa2
switch (config-if)# duplex half
This example shows how to
modify port descriptions.
switch (config)# interface fa2
switch (config-if)# description
"uplink port"
EKI-7000 Series User Manual 3
Table 1.1: Port Configuration (Continued)
Function Privilege Description Example
[no] protected Admin EXEC Use "protected" command
to protect port. Protected
port is only allowed to
communicate with
unprotected port. In other
words, protected port is not
allowed to communicate
with another protected port.
Use no form to make port
unprotected
This example shows how to
configure ports fa1 and fa2 as
protected ports.
switch (config)# interface
range fa1-2
switch (config-if-range)#
protected
1.2.2 MAC Address Table
Table 1.2: MAC Address Table
Function Privilege Description Example
show mac addresstable aging-time
show mac addresstable A:B:C:D:E:F
[vlan <1-4094>]
show mac addresstable [vlan <14094>] [interfaces
IF_PORTS]
show mac addresstable static [vlan
<1-4094>]
[interfaces
IF_PORTS]
show mac addresstable dynamic
[vlan <1-4094>]
[interfaces
IF_PORTS]
show mac addresstable counters
clear mac addresstable dynamic
[interfaces
IF_PORTS]
clear mac addresstable dynamic vlan
<1-4094>
mac address-table
aging-time <10630>
mac address-table
static A:B:C:D:E:F
vlan <1-4094>
interfaces
IF_PORTS
User EXEC View the aging time of the
address table.
User EXEC Displays entries for a
specific MAC address (for
all or VLAN).
User EXEC View MAC entry on
specified interface or VLAN
or all dynamic MAC entries
in MAC address table.
User EXEC View static MAC entry on
specified interface or VLAN
or all dynamic MAC entries
in MAC address table.
User EXEC View dynamic MACentry on
specified interface or VLAN
or all dynamic MAC entries
in MAC address table.
User EXEC Display the number of
addresses present in MAC
address table.
Admin EXEC Delete dynamic MAC entry
on specified interface or all
dynamic MAC entries in
MAC address table.
Admin EXEC Delete dynamic MAC entry
on specified VLAN dynamic
MAC entry in MAC address
table.
Admin EXEC Set the aging time of the
address table.
Admin EXEC Add static addresses to the
MAC address table.
switch# show mac addresstable aging-time
switch# show mac addresstable 0:1:2:3:4:5 vlan 1
switch# show mac addresstable vlan 1 interface fa5
switch# show mac addresstable static vlan 1 interface fa5
switch# show mac addresstable dynamic vlan 1 interface
fa5
switch# show mac addresstable counters
switch (config)# clear mac
address-table dynamic
interfaces fa5
switch (config)# clear mac
address-table dynamic vlan 1
switch (config)# mac addresstable aging-time 300
switch (config)# mac addresstable static 0:1:2:3:4:5 vlan 1
interfaces fa5
4 EKI-7000 Series User Manual
Table 1.2: MAC Address Table (Continued)
Function Privilege Description Example
no mac addresstable static
A:B:C:D:E:F vlan
<1-4094>
Admin EXEC Delete static addresses
from the MAC address
table.
switch (config)# no mac
address-table static 0:1:2:3:4:5
vlan 1 interfaces fa5
1.2.3 Jumbo Frame
Table 1.3: Jumbo Frame
Function Privilege Description Example
jumbo-frame <15189216>
no jumbo-frame Admin EXEC Use no form to disable
Admin EXEC Use "jumbo-frame"
command to modify
maximum frame size.
The only way to show this
configuration is by using
"show running-config"
command.
jumbo-frame.
This example shows how to
modify maximum frame size to
9216 bytes.
switch (config)# jumbo-frame
9216
switch (config)# no jumboframe
1.2.4 Flow Control
Table 1.4: Flow Control
Function Privilege Description Example
[no] back-pressure Admin EXEC Use "back-pressure"
command to change port
back-pressure
configuration.
Use no form to restore
back-pressure to default
(off) configuration.
flowcontrol
(off|on)
Admin EXEC Use "flow-control"
command to change port
flow control configuration.
Use off form to restore flow
control to default (off)
configuration.
This example shows how to
modify port duplex
configuration.
switch (config)# interface fa1
switch (config-if)# backpressure
switch (config-if)# no backpressure
This example shows how to
modify port duplex
configuration.
switch (config)# interface fa1
switch (config-if)# flow-control
on
switch (config-if)# flow-control
off
1.2.5 Spanning Tree
Table 1.5: Spanning Tree
Function Privilege Description Example
show spanning-tree
[instance <0-15>]
show spanning-tree
interfaces
IF_PORTS [instance
<0-15>]
EKI-7000 Series User Manual 5
User EXEC Show spanning-tree
instance information.
User EXEC Show spanning-tree
instance information per
port.
switch# show spanning-tree
instance 10
switch# show spanning-tree
interface gi1 instance 10
Table 1.5: Spanning Tree (Continued)
Function Privilege Description Example
show spanning-tree User EXEC Show spanning-tree
information.
show spanning-tree
interfaces
IF_PORTS
show spanning-tree
interfaces
IF_PORTS statistic
[no] spanning-tree Admin EXEC Enable or Disable
spanning-tree bpdu
(filtering|floodin
g)
no spanning-tree
bpdu
spanning-tree mode
(stp|rstp|mstp)
no spanning-tree
force-version
spanning-tree
priority <0-61440>
no spanning-tree
priority
spanning-tree
hello-time <1-10>
no spanning-tree
hello-time
spanning-tree
forward-delay <430>
no spanning-tree
forward-delay
User EXEC Show spanning-tree state of
one port.
User EXEC Show spanning-tree
statistics of one port.
Spanning-Tree Protocol.
Admin EXEC Specify the forwarding
action of BPDU to filtering
or flooding.
Admin EXEC Restore to default BPDU
action. Default action is
flooding.
Admin EXEC Specify the mode to
Spanning Tree Protocol.
Specify the mode to Rapid
Spanning Tree Protocol.
Specify the mode to
Multiple Spanning Tree
Protocol.
Admin EXEC Restore to default stp
version. Default stp version
is rstp.
Admin EXEC Specify the bridge priority;
must use multiples of 4096.
Admin EXEC Restore to default priority.
Default priority is 32768.
Admin EXEC Specify the hello-time
interval (seconds).
Admin EXEC Restore to default hello-
time. Default hello-time is 2.
Admin EXEC Specify the forward-delay
interval (seconds).
Admin EXEC Restore to default forward-
delay. Default forward-delay
is 15.
switch# show spanning-tree
switch# show spanning-tree
interface gi1
switch# show spanning-tree
interface gi1 statistic
switch# configure
switch (config)# spanning-tree
switch (config)# exit
switch# configure
switch (config)# spanning-tree
bpdu filtering
switch (config)# exit
switch# configure
switch (config)# no spanningtree bpdu
switch (config)# exit"
switch# configure
switch (config)# spanning-tree
mode stp
switch (config)# exit
switch# configure
switch (config)# no spanningtree force-version
switch (config)# exit
switch# configure
switch (config)# spanning-tree
priority 16384
switch (config)# exit
switch# configure
switch (config)# no spanningtree priority
switch (config)# exit
switch# configure
switch (config)# spanning-tree
hello-time 5
switch (config)# exit
switch# configure
switch (config)# no spanningtree hello-time
switch (config)# exit
switch# configure
switch (config)# spanning-tree
forward-delay 30
switch (config)# exit
switch# configure
switch (config)# no spanningtree forward-delay
switch (config)# exit
6 EKI-7000 Series User Manual
Table 1.5: Spanning Tree (Continued)
Function Privilege Description Example
spanning-tree
maximum-age <6-40>
no spanning-tree
maximum-age
spanning-tree txhold-count <1-10>
no spanning-tree
tx-hold-count
spanning-tree
pathcost method
(long|short)
[no] spanning-tree Admin EXEC Enable or Disable
spanning-tree
port-priority <0240>
no spanning-tree
port-priority
spanning-tree cost
long <0-200000000>
spanning-tree cost
short <0-65535>
Admin EXEC Specify the maximum-age
time (seconds).
Admin EXEC Restore to default
maximum-age. Default
maximum-age is 20.
Admin EXEC Specify the tx-hold-count
value.
Admin EXEC Restore to default tx-hold-
count. Default tx-hold-count
is 6.
Admin EXEC Specify the type of pathcost
value as 32 bits (long).
Specify the type of pathcost
value as 16 bits (short).
Spanning-Tree Protocol per
port.
Admin EXEC Specify the STP port
priority; must use multiples
of 16.
Admin EXEC Restore to default port-
priority. Default port-priority
is 128.
Admin EXEC Specify the STP port cost.
In long pathcost method,
the range is from 0 to
20000000. (0 = Auto)
Admin EXEC Specify the STP port cost.
In short pathcost method,
the range is from 0 to
65535. (0 = Auto).
switch# configure
switch (config)# spanning-tree
maximum-age 10
switch (config)# exit
switch# configure
switch (config)# no spanningtree maximum-age
switch (config)# exit
switch# configure
switch (config)# spanning-tree
tx-hold-count 10
switch (config)# exit
switch# configure
switch (config)# no spanningtree tx-hold-count
switch (config)# exit
switch# configure
switch (config)# spanning-tree
pathcost method short
switch (config)# exit
switch# configure
switch (config)# interface gi1
switch (config-if)# spanningtree
switch (config-if)# exit
switch (config)# exit
switch# configure
switch (config)# interface gi1
switch (config-if)# spanningtree port-priority 64
switch (config-if)# exit
switch (config)# exit
switch# configure
switch (config)# interface gi1
switch (config-if)# no spanningtree port-priority
switch (config-if)# exit
switch (config)# exit
switch# configure
switch (config)# interface gi1
switch (config-if)# spanningtree cost long 200000
switch (config-if)# exit
switch (config)# exit
switch# configure
switch (config)# interface gi1
switch (config-if)# spanningtree cost short 1000
switch (config-if)# exit
switch (config)# exit
EKI-7000 Series User Manual 7
Table 1.5: Spanning Tree (Continued)
Function Privilege Description Example
no spanning-tree
cost
[no] spanning-tree
edge
spanning-tree
link-type pointto-point
no spanning-tree
link-type pointto-point
spanning-tree
mcheck
spanning-tree mstconfig-id
revision-level
LEVEL<0-65535>
spanning-tree mstconfig-id name
NAME<32>
[no] spanning-tree
instance-id
INST<1-15>
spanning-tree
instance-id
INST<1-15> vlan
(add|remove) VLANLIST
spanning-tree
instance-id
INST<1-15>
priority VALUE<061440>
Admin EXEC Restore to default cost per
port. Default cost is 0.
Admin EXEC Enable or Disable
Spanning-Tree edge.
Admin EXEC Specify the STP port link-
type to point-to-point.
Admin EXEC Disable the STP port link-
type from point-to-point.
Admin EXEC Specify the STP port to
migrate port.
Admin EXEC Specify the MSTP mst-
config-id revision level.
Admin EXEC Specify the MSTP mst-
config-id name.
Admin EXEC Create or delete MSTP
instance ID.
Admin EXEC Add or remove VLAN from
instance.
Admin EXEC Specify the instance priority. switch# configure
switch# configure
switch (config)# interface gi1
switch (config-if)# no spanningtree cost
switch (config-if)# exit
switch (config)# exit
switch# configure
switch (config)# interface gi1
switch (config-if)# spanningtree edge
switch (config-if)# exit
switch (config)# exit
switch# configure
switch (config)# interface gi1
switch (config-if)# spanningtree link-type point-to-point
switch (config-if)# exit
switch (config)# exit
switch# configure
switch (config)# interface gi1
switch (config-if)# no spanningtree link-type point-to-point
switch (config-if)# exit
switch (config)# exit
switch# configure
switch (config)# interface gi1
switch (config-if)# spanningtree mcheck
switch (config-if)# exit
switch (config)# exit
switch# configure
switch (config)# spanning-tree
mst-config-id revision-level 100
switch (config)# exit
switch# configure
switch (config)# spanning-tree
mst-config-id name MST1
switch (config)# exit
switch# configure
switch (config)# spanning-tree
instance-id 10
switch (config)# exit
switch# configure
switch (config)# spanning-tree
instance-id 10 vlan add 10-20
switch (config)# exit
switch (config)# spanning-tree
instance-id 10 priority 1000
switch (config)# exit
8 EKI-7000 Series User Manual
1.2.6 VLAN
Table 1.6: VLAN
Function Privilege Description Example
show vlan defaultvlan
show vlan VLANLIST interfaces
IF_PORTS
membership
show vlan [(VLANLIST|dynamic|stati
c)]
show interfaces
IF_PORTS
show interfaces
IF_PORTS status
show interfaces
IF_PORTS protected
show interfaces
switchport
IF_PORTS
[no] vlan VLANLIST
name NAME Admin EXEC Configure the name of a
switchport mode
hybrid
show managementvlan
switchport hybrid
pvid <1-4094>
[no] switchport
hybrid ingressfiltering
User EXEC Display information about
default VLAN.
User EXEC Display information about
VLAN list.
User EXEC Display information about
VLAN list or dynamic or
static.
User EXEC Use "show interface"
command to show port
counters, parameters and
status.
User EXEC Use "show interface"
command to show port
status.
User EXEC Use "show interface"
command to show port
protected status.
User EXEC Use "show interface
switchport" command to
show port VLAN status.
Admin EXEC Create or remove a VLAN
entry. Using “vlan”
command to enter the
VLAN configuration mode.
VLAN entry.
Admin EXEC Hybrid port: Support all
functions as defined in
IEEE 802.1Q specification.
User EXEC Display information about
management VLAN.
Admin EXEC This command configures
the hybrid port’s PVID. Use
"show interface switchport"
command to show
configuration.
Admin EXEC This command per port
configures the ingressfiltering status. This filtering
is used to filter the frames
come from the non-member
ingress port. Use "show
interface switchport"
command to show
configuration.
switch# show vlan default-vlan
switch# show vlan 1 interfaces
GigabitEthernet 10
membership
switch# show vlan 1
switch# show vlan dynamic
switch# show vlan static
show interfaces
GigabitEthernet 1
show interfaces
GigabitEthernet 1 status
show interfaces
GigabitEthernet 1 protected
switch# show interfaces
switchport GigabitEthernet 1
switch (config)# vlan 100
switch (config)# no vlan 100
switch (config)# vlan 100
switch (config-vlan)# name
VLAN-one-hundred
switch (config-if)# switchport
mode hybrid
switch (config)# show
management-vlan
switch (config)# interface
GigabitEthernet 1
switch (config-if)# switchport
mode hybrid
switch (config-if)# switchport
hybrid pvid 100
switch (config)# interface
GigabitEthernet 1
switch (config-if)# switchport
mode hybrid
switch (config-if)# switchport
hybrid ingress-filtering
EKI-7000 Series User Manual 9
Table 1.6: VLAN (Continued)
Function Privilege Description Example
switchport hybrid
acceptable-frametype (all|taggedonly|untaggedonly)
switchport hybrid
allowed vlan add
VLAN-LIST
[(tagged|untagged)
]
switchport hybrid
allowed vlan
remove VLAN-LIST
[no] switchport
default-vlan
tagged
[no] switchport
forbidden defaultvlan
switchport
forbidden vlan
(add|remove) VLANLIST
management-vlan
vlan <1-4094>
no management-vlan
Admin EXEC This command per port
configures the acceptableframe-type. Use "show
interface switchport"
command to show
configuration.
Admin EXEC This command per hybrid
port configures adds the
allowed VLAN list. Use
"show interface switchport"
command to show
configuration.
Admin EXEC This command per hybrid
port configures removes the
allowed VLAN list. Use
"show interface switchport"
command to show
configuration.
Admin EXEC This command perport
configures the membership
of the default VLAN to
tagged. Use "show
interface switchport"
command to show
configuration.
Admin EXEC This command perport
configures the membership
of the default VLAN to
forbidden. Use "show
interface switchport"
command to show
configuration.
Admin EXEC This command perport
configures the membership
of the specfied VLANs to
forbidden. Use "show
interface switchport"
command to show
configuration.
Admin EXEC (1) Set <1-4094> as
management VLAN ID; it is
recommended to first
create the VLAN and then
assign the port to it.
(2) When using no
command, restore
management VLAN to
default VLAN.
(3) To view the created
management VLAN, use
"show management-vlan".
switch (config)# interface
GigabitEthernet 1
switch (config-if)# switchport
mode hybrid
switch (config-if)# switchport
hybrid acceptable-frame-type
tagged-only
switch (config)# interface
GigabitEthernet 1
switch (config-if)# switchport
mode hybrid
switch (config-if)# switchport
hybrid allowed vlan add 1
tagged
switch (config)# interface
GigabitEthernet 1
switch (config-if)# switchport
mode hybrid
switch (config-if)# switchport
hybrid allowed vlan remove
100
switch (config)# interface
GigabitEthernet 1
switch (config-if)# switchport
mode hybrid
switch (config-if)# switchport
default-vlan tagged
switch (config)# interface
GigabitEthernet 1
switch (config-if)# switchport
mode hybrid
switch (config-if)# switchport
forbidden default-vlan
switch (config)# interface
GigabitEthernet 1
switch (config-if)# switchport
mode hybrid
switch (config-if)# switchport
forbidden vlan 100
(1) The following example
specifies that management
VLAN 2 is created.
switch (config)# managementvlan vlan 2
(2) The following example
specifies that managementVLAN is restored to be default
VLAN.
switch (config)# no
management-vlan
10 EKI-7000 Series User Manual
1.2.7 Q-in-Q
Table 1.7: Q-in-Q
Function Privilege Description Example
switchport
outerpvid <1-4094>
switchport
qinqmode (nni|uni)
vlan outertpid
<0x0000-0xFFFF>
Admin EXEC This command configures
the hybrid port’s Outer
PVID. Use "show interface
switchport" command to
show configuration.
Admin EXEC The qinqmode is used to
configure the hybrid port for
different port roles.
Nni: transfer frame will be
add outer tag Vlan-Identifier
Uni: transfer frame will not
be add outer tag VlanIdentifier.
Admin EXEC Use "vlan outertpid"
command to change outer
VLAN's Tag Protocol
Identifier(tpid)
configuration.
This example sets gi2's Outer
PVID to 1024.
switch (config)# interface
GigabitEthernet 2
switch (config-if)# switchport
outerpvid 1024
This example shows how to
change gi1 to nni mode and
gi2 to uni mode.
switch (config)# interface
GigabitEthernet 1
switch (config-if)# switchport
qinqmode nni
switch (config-if)# exit
switch (config)# interface
GigabitEthernet 2
switch (config-if)# switchport
qinqmode uni
This example shows how to
modify Tag Protocol Identifier
configuration.
switch (config)# vlan outertpid
0x9100
1.2.8 Link Aggregation
Table 1.8: Link Aggregation
Function Privilege Description Example
show lag User EXEC Use "show lag" command
to show current LAG load
balance algorithm and
members active/inactive
status.
lag load-balance
(src-dst-mac|srcdst-mac-ip|srcport)
no lag loadbalance
Admin EXEC Link aggregation group port
should transmit packets
spread to all ports to
balance traffic loading. Two
algorithms are supported;
use this command to select
the required algorithm.
Admin EXEC Use no form to disable
load-blance.
This example shows how to
show current LAG status.
switch# show lag
This example shows how to
change load balance algorithm
to src-dst-mac-ip.
switch (config)# lag loadbalance src-dst-mac-ip
This example shows how to
disable load balance algorithm.
switch (config)# no lag loadbalance
EKI-7000 Series User Manual 11
Table 1.8: Link Aggregation (Continued)
Function Privilege Description Example
lag <1-8> mode
(static | active |
passive)
no lag Admin EXEC Use "no lag" to leave the
lacp systempriority <1-65535>
no lacp systempriority
lacp port-priority
<1-65535>
no lacp portpriority
lacp timeout
(long|short)
no lacp timeout Admin EXEC
Admin EXEC Link aggregation group
function aggregates
multiple physical ports into
one logic port to increase
bandwidth. This command
makes normal port joins a
normal port to a specific
LAG logic port in static or
dynamic mode.
LAG logic port.
Admin EXEC LACP system priority is
used for two connected
DUT to select master
switch. Lower system
priority value has higher
priority. The DUT with
higher priority can decide
which ports are able to join
the LAG.
Admin EXEC Use "no lacp system-
priority" to restore to the
default priority value. Use
"show running-config"
command to show
configuration.
Admin EXEC LACP port priority is used
for two connected DUT to
select aggregation ports.
Lower port priority value
has higher priority. The port
with higher priority will be
selected into LAG first.
Use "show running-config"
command to show
configuration.
Admin EXEC Use no form to restore port-
priority to default value.
Admin EXEC LACP must send LACP
packet to partner switch to
check the link status. This
command configures the
LACP packet sending
interval.
This example shows how to
create a dynamic LAG and join
fa1-fa3 to this LAG.
switch (config)# interface
range fa1-3
switch (config-if)# lag 1 mode
active
This example shows how to
remove gi1 from LAG.
switch (config)# interface
GigabitEthernet 1
switch (config-if)# no lag
This example shows how to
configure lacp system priority
to 1000.
switch (config)# lacp systempriority 1000
This example shows how to
restore lacp system priority to
default value.
switch (config)# no lacp
system-priority
This example shows how to
configure interface fa1 lacp
port priority to 100.
switch (config)# interface fa1
switch (config-if)# lacp portpriority 100
This example shows how to
configure interface fa1 lacp
timeout to short.
switch (config)# interface fa1
switch (config-if)# lacp timeout
short
12 EKI-7000 Series User Manual
Loading...