Digisol DG-FS4528P Management Manual

TM

DG-FS4528P

Layer 2 Fast Ethernet Managed POE Switch

Management Guide

V1.0

2011-12-12

MUSTANG 4000 Managed Switch Series

As our product undergoes continuous development the specifications are subject to change without prior notice

Management Guide

M

ANAGEMENT

G

UIDE

FAST ETHERNET SWITCH

DG-FS4528P
Layer 2 Workgroup Switch
with Power over Ethernet,
24 10/100BASE-TX (RJ-45) Ports,
2 10/100/1000BASE-T (RJ-45) Ports
and 2 Gigabit Combination Ports (RJ-45/SFP)

DG-FS4528P

ABOUT THIS GUIDE

PURPOSE This guide gives specific information on how to operate and use the

management functions of the switch.

AUDIENCE The guide is intended for use by network administrators who are

responsible for operating and maintaining network equipment;
consequently, it assumes a basic working knowledge of general switch
functions, the Internet Protocol (IP), and Simple Network Management
Protocol (SNMP).

CONVENTIONS The following conventions are used throughout this guide to show

information:

N

OTE

:

Emphasizes important information or calls your attention to related

features or instructions.

C

AUTION

damage the system or equipment.

W

ARNING

:

Alerts you to a potential hazard that could cause loss of data, or

:

Alerts you to a potential hazard that could cause personal injury.

RELATED PUBLICATIONS The following publication details the hardware features of the switch,

including the physical and performance-related characteristics, and how to
install the switch:

The Installation Guide

Also, as part of the switch’s software, there is an online web-based help
that describes all management related features.

DECEMBER 2010 REVISION

This is the first revision of this guide.

– 5 –

CONTENTS

ABOUT THIS GUIDE 5

C

ONTENTS 6

IGURES 34

F

T

ABLES 41

SECTION I GETTING STARTED 46

1INTRODUCTION 47

Key Features 47

Description of Software Features 48

System Defaults 53

2INITIAL SWITCH CONFIGURATION 56

Connecting to the Switch 56

Configuration Options 56

Required Connections 57

Remote Connections 58

Basic Configuration 59

Console Connection 59

Setting Passwords 59

Setting an IP Address 60

Manual Configuration 60

Dynamic Configuration 61

Downloading a Configuration File Referenced by a DHCP Server 62

Enabling SNMP Management Access 64

Community Strings (for SNMP version 1 and 2c clients) 65

Trap Receivers 65

Configuring Access for SNMP Version 3 Clients 66

Managing System Files 66

Saving or Restoring Configuration Settings 67

Configuring Power over Ethernet 68

– 6 –

C

ONTENTS

SECTION II WEB CONFIGURATION 70

3USING THE WEB INTERFACE 71

Connecting to the Web Interface 71

Navigating the Web Browser Interface 72

Home Page 72

Configuration Options 73

Panel Display 73

Main Menu 74

4BASIC MANAGEMENT TASKS 83

Displaying System Information 84

Displaying Switch Hardware/Software Versions 85

Displaying Bridge Extension Capabilities 87

Setting the Switch’s IP Address 88

Configuring Support for Jumbo Frames 93

Displaying CPU Utilization 94

Displaying Memory Utilization 95

Managing System Files 96

Automatic Operation Code Upgrade 96

Copying Operation Code via FTP or TFTP 100

Saving or Restoring Configuration Settings 102

Copying Files Using HTTP 104

Deleting Files 106

Setting The Start-Up File 106

Console Port Settings 107

Telnet Settings 109

Configuring Event Logging 110

System Log Configuration 110

Remote Log Configuration 112

Sending Simple Mail Transfer Protocol Alerts 114

Resetting the System 115

Setting the System Clock 117

Setting the Time Manually 117

Configuring SNTP 118

Configuring NTP 119

Setting the Time Zone 121

– 7 –

C

ONTENTS

Configuring Summer Time 122

UPnP 124

UPnP Configuration 125

Switch Clustering 126

Configuring General Settings for Clusters 127

Cluster Member Configuration 128

Displaying Information on Cluster Members 129

Cluster Candidate Information 130

5SIMPLE NETWORK MANAGEMENT PROTOCOL 131

Overview 131

Setting Community Access Strings 133

Specifying Trap Managers and Trap Types 135

Configuring MAC Notification Traps for Interfaces 138

Enabling the SNMP Agent 139

Setting the Local Engine ID 140

Specifying a Remote Engine ID 141

Configuring Local SNMPv3 Users 142

Configuring Remote SNMPv3 Users 143

Configuring SNMPv3 Groups 146

Setting SNMPv3 Views 149

6SAMPLING TRAFFIC FLOWS 151

Overview 151

Configuring sFlow Global Parameters 152

Configuring sFlow Port Parameters 153

7SECURITY MEASURES 155

Configuring User Accounts 156

Configuring Local/Remote Logon Authentication 157

Configuring Encryption Keys 161

AAA Authorization and Accounting 162

Configuring AAA RADIUS Group Settings 163

Configuring AAA TACACS+ Group Settings 164

Configuring AAA Accounting Settings 165

Configuring AAA Accounting Update Time 167

AAA Accounting 802.1X Port Settings 167

Configuring AAA Accounting Exec Command Privileges 168

Configuring AAA Accounting Exec Settings 169

– 8 –

C

ONTENTS

Displaying the AAA Accounting Summary 170

Configuring Authorization Settings 171

Configuring Authorization EXEC Settings 172

Authorization Summary 173

Configuring HTTPS 174

Configuring Global Settings for HTTPS 174

Replacing the Default Secure-site Certificate 175

Configuring the Secure Shell 177

Configuring the SSH Server 180

Generating the Host Key Pair 181

Importing User Public Keys 183

Configuring Port Security 185

Configuring 802.1X Port Authentication 187

Displaying 802.1X Global Settings 188

Configuring 802.1X Global Settings 189

Configuring Authenticator Port Settings for 802.1X 190

Configuring Supplicant Port Settings for 802.1X 192

Displaying 802.1X Authenticator Statistics 194

Displaying 802.1X Supplicant Statistics 196

Web Authentication 197

Configuring Global Settings for Web Authentication 198

Configuring Interface Settings for Web Authentication 199

Displaying Web Authentication Port Information 199

Re-authenticating Web Authenticated Ports 200

Network Access (MAC Address Authentication) 201

Configuring Global Settings for Network Access 204

Configuring Network Access for Ports 205

Configuring Port Link Detection 206

Displaying Secure MAC Address Information 207

Configuring a MAC Address Filter 209

Access Control Lists 210

Setting the ACL Name and Type 211

Configuring a Standard IPv4 ACL 212

Configuring an Extended IPv4 ACL 213

Configuring a Standard IPv6 ACL 216

Configuring an Extended IPv6 ACL 217

– 9 –

C

ONTENTS

Configuring a MAC ACL 218

Configuring an ARP ACL 220

Binding a Port to an Access Control List 222

Showing TCAM Utilization 223

ARP Inspection 224

Configuring Global Settings for ARP Inspection 225

Configuring VLAN Settings for ARP Inspection 227

Configuring Interface Settings for ARP Inspection 229

Displaying the ARP Inspection Log 230

Displaying ARP Inspection Statistics 231

Filtering IP Addresses for Management Access 232

DHCP Snooping 234

DHCP Snooping Configuration 236

DHCP Snooping VLAN Configuration 236

DHCP Snooping Information Option Configuration 237

Configuring Ports for DHCP Snooping 240

Displaying DHCP Snooping Binding Information 241

IP Source Guard 242

Configuring Ports for IP Source Guard 242

Configuring Static Bindings for IP Source Guard 244

Displaying Information for Dynamic IP Source Guard Bindings 246

8INTERFACE CONFIGURATION 248

Port Configuration 248

Displaying Connection Status 248

Configuring Interface Connections 249

Trunk Configuration 252

Configuring a Static Trunk 253

Enabling LACP on Selected Ports 255

Configuring Parameters for LACP Group Members 256

Configuring Parameters for LACP Groups 258

Displaying LACP Port Counters 259

Displaying LACP Settings and Status for the Local Side 260

Displaying LACP Settings and Status for the Remote Side 262

Storm Control Configuration 263

Setting Broadcast Storm Thresholds 264

Setting Multicast Storm Thresholds 265

– 10 –

C

ONTENTS

Setting Unknown Unicast Storm Thresholds 266

Mirror Configuration 268

Configuring Port Mirroring 268

Configuring MAC Address Mirroring 269

Configuring Rate Limits 271

VLAN Trunking 272

Performing Cable Diagnostics 274

Showing Port or Trunk Statistics 275

9POWER OVER ETHERNET SETTINGS 280

Overview 280

Switch Power Status 281

Setting a Switch Power Budget 281

Displaying Port Power Status 282

Configuring Port PoE Power 283

10 ADDRESS TABLE SETTINGS 285

Setting Static Addresses 285

Displaying the Dynamic Address Table 287

Changing the Aging Time 288

11 SPANNING TREE ALGORITHM 290

Overview 290

Configuring Loopback Detection 293

Displaying Global Settings for STA 294

Configuring Global Settings for STA 296

Displaying Interface Settings for STA 300

Configuring Interface Settings for STA 303

Spanning Tree Edge Port Configuration 306

Configuring Multiple Spanning Trees 308

Displaying Interface Settings for MSTP 310

Configuring Interface Settings for MSTP 311

12 LAYER 2 PROTOCOL TUNNELING 313

Overview 313

Configuring the Tunnel Address for Uplink Traffic 313

Enabling Tunneling for Interfaces 314

13 VLAN CONFIGURATION 318

IEEE 802.1Q VLANs 318

Configuring Global Settings for Dynamic VLAN Registration 322

– 11 –

C

ONTENTS

Displaying Basic VLAN Information 322

Displaying Current VLANs 323

Configuring VLAN Groups 324

Adding Static Members to VLANs 325

Adding VLAN Groups to Interfaces 327

Configuring VLAN Attributes for Interfaces 328

IEEE 802.1Q Tunneling 330

Enabling QinQ Tunneling on the Switch 334

Adding an Interface to a QinQ Tunnel 335

Traffic Segmentation 336

Configuring Global Settings 336

Configuring Uplink and Downlink Ports 337

Private VLANs 338

Displaying Private VLANs 339

Creating Private VLANs 340

Associating Private VLANs 341

Displaying Private VLAN Interface Information 341

Configuring Private VLAN Interfaces 343

Protocol VLANs 344

Configuring Protocol VLAN Groups 345

Mapping Protocol Groups to VLANs 346

Configuring VLAN Mirroring 347

Configuring IP Subnet VLANs 349

Configuring MAC-based VLANs 350

14 LINK LAYER DISCOVERY PROTOCOL 352

Overview 352

Setting LLDP Timing Attributes 353

Configuring LLDP Interface Attributes 355

Displaying LLDP Local Device Information 358

Displaying LLDP Remote Port Information 360

Displaying LLDP Remote Information Details 361

Displaying Device Statistics 363

Displaying Detailed Device Statistics 364

15 CLASS OF SERVICE 366

Layer 2 Queue Settings 366

Setting the Default Priority for Interfaces 366

– 12 –

C

ONTENTS

Mapping CoS Values to Egress Queues 367

Selecting the Queue Mode 369

Displaying the Service Weight for Traffic Classes 370

Layer 3/4 Priority Settings 371

Enabling IP DSCP Priority 371

Mapping DSCP Priority 372

16 QUALITY OF SERVICE 374

Overview 374

Configuring a Class Map 375

Creating QoS Policies 378

Attaching a Policy Map to a Port 382

17 VOIP TRAFFIC CONFIGURATION 384

Overview 384

Configuring VoIP Traffic 385

Configuring VoIP Traffic Ports 386

Configuring Telephony OUI 388

18 MULTICAST FILTERING 390

Overview 390

Layer 2 IGMP (Snooping and Query) 391

Configuring IGMP Snooping and Query Parameters 392

Enabling IGMP Immediate Leave 394

Displaying Interfaces Attached to a Multicast Router 396

Specifying Static Interfaces for a Multicast Router 396

Displaying Port Members of Multicast Services 397

Assigning Interfaces to Multicast Services 398

Filtering and Throttling IGMP Groups 399

Enabling IGMP Filtering and Throttling 400

Configuring IGMP Filter Profiles 401

Configuring IGMP Filtering and Throttling for Interfaces 402

Multicast VLAN Registration 404

Configuring Global MVR Settings 405

Displaying MVR Interface Status 406

Displaying Port Members of Multicast Groups 407

Configuring MVR Interface Status 408

Assigning Static Multicast Groups to Interfaces 410

Configuring MVR Receiver VLAN and Group Addresses 411

– 13 –

C

ONTENTS

Displaying MVR Receiver Groups 412

Configuring Static MVR Receiver Group Members 413

19 DOMAIN NAME SERVICE 415

Configuring General DNS Service Parameters 415

Configuring Static DNS Host to Address Entries 417

Displaying the DNS Cache 418

SECTION III COMMAND LINE INTERFACE 420

20 USING THE COMMAND LINE INTERFACE 422

Accessing the CLI 422

Console Connection 422

Telnet Connection 423

Entering Commands 424

Keywords and Arguments 424

Minimum Abbreviation 424

Command Completion 424

Getting Help on Commands 425

Showing Commands 425

Partial Keyword Lookup 426

Negating the Effect of Commands 427

Using Command History 427

Understanding Command Modes 427

Exec Commands 427

Configuration Commands 428

Command Line Processing 430

Output Modifiers and Redirection 431

CLI Command Groups 431

21 GENERAL COMMANDS 434

prompt 434

reload (Global Configuration) 435

enable 436

quit 437

show history 437

configure 438

disable 439

– 14 –

C

ONTENTS

reload (Privileged Exec) 439

show reload 440

end 440

exit 440

22 SYSTEM MANAGEMENT COMMANDS 442

Device Designation 442

hostname 443

Banner Information 443

banner configure 444

banner configure company 445

banner configure dc-power-info 446

banner configure department 446

banner configure equipment-info 447

banner configure equipment-location 448

banner configure ip-lan 448

banner configure lp-number 449

banner configure manager-info 450

banner configure mux 450

banner configure note 451

show banner 452

System Status 452

show access-list tcam-utilization 453

show memory 453

show process cpu 453

show running-config 454

show startup-config 455

show system 456

show tech-support 457

show users 457

show version 458

Frame Size 459

jumbo frame 459

File Management 460

boot system 461

copy 462

delete 465

– 15 –

C

ONTENTS

delete non-active 465

dir 466

whichboot 467

upgrade opcode auto 467

upgrade opcode path 469

show upgrade 470

Line 470

line 471

databits 472

exec-timeout 472

login 473

parity 474

password 475

password-thresh 476

silent-time 476

speed 477

stopbits 478

timeout login response 478

disconnect 479

show line 479

Event Logging 480

logging facility 481

logging history 481

logging host 482

logging on 483

logging trap 483

clear log 484

show log 485

show logging 485

SMTP Alerts 487

logging sendmail 487

logging sendmail destination-email 487

logging sendmail host 488

logging sendmail level 489

logging sendmail source-email 489

show logging sendmail 490

– 16 –

C

ONTENTS

Time 490

sntp client 491

sntp poll 492

sntp server 492

show sntp 493

ntp authenticate 494

ntp authentication-key 494

ntp client 495

ntp server 496

show ntp 497

clock summer-time (date) 498

clock summer-time (predefined) 499

clock summer-time (recurring) 500

clock timezone 502

clock timezone-predefined 502

calendar set 503

show calendar 504

Time Range 504

time-range 504

absolute 505

periodic 506

show time-range 507

Switch Clustering 507

cluster 508

cluster commander 509

cluster ip-pool 509

cluster member 510

rcommand 511

show cluster 511

show cluster members 512

show cluster candidates 512

UPnP 512

upnp device 513

upnp device ttl 513

upnp device advertise duration 514

show upnp 514

– 17 –

C

ONTENTS

23 SNMP COMMANDS 516

snmp-server 517

snmp-server community 518

snmp-server contact 518

snmp-server location 519

show snmp 519

snmp-server engine-id 520

snmp-server group 522

snmp-server user 523

snmp-server view 524

show snmp engine-id 525

show snmp group 526

show snmp user 527

show snmp view 528

snmp-server enable traps 528

snmp-server host 530

snmp-server enable traps mac-notification 532

snmp-server enable port-traps mac-notification 533

show snmp-server enable port-traps interface 534

24 FLOW SAMPLING COMMANDS 535

sflow 535

sflow source 536

sflow sample 537

sflow polling-interval 537

sflow owner 538

sflow timeout 538

sflow destination 539

sflow max-header-size 539

sflow max-datagram-size 540

show sflow 540

25 AUTHENTICATION COMMANDS 542

User Accounts 543

enable password 543

username 544

Authentication Sequence 545

authentication enable 545

– 18 –

C

ONTENTS

authentication login 546

RADIUS Client 547

radius-server acct-port 547

radius-server auth-port 548

radius-server host 548

radius-server key 549

radius-server retransmit 550

radius-server timeout 550

show radius-server 551

TACACS+ Client 551

tacacs-server 552

tacacs-server host 552

tacacs-server key 553

tacacs-server port 553

tacacs-server retransmit 554

tacacs-server timeout 554

show tacacs-server 555

AAA 555

aaa accounting commands 556

aaa accounting dot1x 557

aaa accounting exec 558

aaa accounting update 559

aaa authorization exec 559

aaa group server 560

server 561

accounting dot1x 561

accounting commands 562

accounting exec 562

authorization exec 563

show accounting 564

Web Server 565

ip http port 565

ip http secure-port 566

ip http secure-server 566

ip http server 568

Telnet Server 568

– 19 –

C

ONTENTS

ip telnet server 569

Secure Shell 569

ip ssh authentication-retries 572

ip ssh server 573

ip ssh server-key size 573

ip ssh timeout 574

delete public-key 575

ip ssh crypto host-key generate 575

ip ssh crypto zeroize 576

ip ssh save host-key 577

show ip ssh 577

show public-key 577

show ssh 578

802.1X Port Authentication 579

dot1x default 580

dot1x eapol-pass-through 580

dot1x system-auth-control 581

dot1x intrusion-action 581

dot1x max-req 582

dot1x operation-mode 582

dot1x port-control 583

dot1x re-authentication 584

dot1x timeout quiet-period 584

dot1x timeout re-authperiod 585

dot1x timeout supp-timeout 585

dot1x timeout tx-period 586

dot1x re-authenticate 586

dot1x identity profile 587

dot1x max-start 588

dot1x pae supplicant 588

dot1x timeout auth-period 589

dot1x timeout held-period 589

dot1x timeout start-period 590

show dot1x 590

Management IP Filter 593

management 593

– 20 –

C

ONTENTS

show management 594

PPPoE Intermediate Agent 595

pppoe intermediate-agent 596

pppoe intermediate-agent format-type 596

pppoe intermediate-agent port-enable 597

pppoe intermediate-agent port-format-type 598

pppoe intermediate-agent trust 599

pppoe intermediate-agent vendor-tag strip 599

clear pppoe intermediate-agent statistics 600

show pppoe intermediate-agent info 600

show pppoe intermediate-agent statistics 601

26 GENERAL SECURITY MEASURES 602

Port Security 603

port security 603

Network Access (MAC Address Authentication) 605

network-access aging 606

network-access mac-filter 606

mac-authentication reauth-time 607

network-access dynamic-qos 608

network-access dynamic-vlan 609

network-access guest-vlan 609

network-access link-detection 610

network-access link-detection link-down 611

network-access link-detection link-up 611

network-access link-detection link-up-down 612

network-access max-mac-count 612

network-access mode mac-authentication 613

network-access port-mac-filter 614

mac-authentication intrusion-action 615

mac-authentication max-mac-count 615

clear network-access mac-address-table 616

show network-access 616

show network-access mac-address-table 617

show network-access mac-filter 618

Web Authentication 618

web-auth login-attempts 619

– 21 –

C

ONTENTS

web-auth quiet-period 620

web-auth session-timeout 620

web-auth system-auth-control 621

web-auth 621

web-auth re-authenticate (Port) 622

web-auth re-authenticate (IP) 622

show web-auth 623

show web-auth interface 623

show web-auth summary 624

DHCP Snooping 624

ip dhcp snooping 625

ip dhcp snooping information option 627

ip dhcp snooping information policy 628

ip dhcp snooping verify mac-address 629

ip dhcp snooping vlan 630

ip dhcp snooping information option circuit-id string 631

ip dhcp snooping trust 631

clear ip dhcp snooping database flash 632

ip dhcp snooping database flash 632

show ip dhcp snooping 633

show ip dhcp snooping binding 633

IP Source Guard 634

ip source-guard binding 634

ip source-guard 636

ip source-guard max-binding 637

show ip source-guard 638

show ip source-guard binding 638

ARP Inspection 639

ip arp inspection 640

ip arp inspection filter 641

ip arp inspection log-buffer logs 642

ip arp inspection validate 643

ip arp inspection vlan 643

ip arp inspection limit 644

ip arp inspection trust 645

show ip arp inspection configuration 646

– 22 –

C

ONTENTS

show ip arp inspection interface 646

show ip arp inspection log 647

show ip arp inspection statistics 647

show ip arp inspection vlan 647

27 ACCESS CONTROL LISTS 649

IPv4 ACLs 649

access-list ip 650

access-list rule-mode 651

permit, deny (Standard IP ACL) 652

permit, deny (Extended IPv4 ACL) 653

ip access-group 655

show ip access-group 656

show ip access-list 656

IPv6 ACLs 657

access-list ipv6 657

permit, deny (Standard IPv6 ACL) 658

permit, deny (Extended IPv6 ACL) 659

show ipv6 access-list 660

ipv6 access-group 661

show ipv6 access-group 662

MAC ACLs 662

access-list mac 662

permit, deny
(MAC ACL) 663

mac access-group 665

show mac access-group 666

show mac access-list 666

ARP ACLs 667

access-list arp 667

permit, deny (ARP ACL) 668

show arp access-list 669

ACL Information 670

show access-group 670

show access-list 670

28 INTERFACE COMMANDS 671

interface 672

capabilities 672

– 23 –

C

ONTENTS

description 673

flowcontrol 674

giga-phy-mode 675

mdix 676

media-type 677

negotiation 678

shutdown 678

speed-duplex 679

switchport packet-rate 680

clear counters 681

show interfaces brief 682

show interfaces counters 682

show interfaces status 684

show interfaces switchport 685

show interfaces transceiver 687

test cable-diagnostics tdr interface 688

show cable-diagnostics 689

29 LINK AGGREGATION COMMANDS 690

channel-group 691

lacp 692

lacp admin-key (Ethernet Interface) 693

lacp mode 694

lacp port-priority 695

lacp system-priority 696

lacp admin-key (Port Channel) 696

show lacp 697

30 POWER OVER ETHERNET COMMANDS 701

power mainpower maximum allocation 701

power inline compatible 702

power inline 703

power inline maximum allocation 704

power inline overload-auto-recover 704

power inline priority 705

show power inline status 706

show power mainpower 707

31 PORT MIRRORING COMMANDS 708

– 24 –

C

ONTENTS

port monitor 708

show port monitor 709

32 RATE LIMIT COMMANDS 711

rate-limit 711

33 AUTOMATIC TRAFFIC CONTROL COMMANDS 713

auto-traffic-control apply-timer 715

auto-traffic-control release-timer 716

auto-traffic-control 717

auto-traffic-control action 718

auto-traffic-control alarm-clear-threshold 719

auto-traffic-control alarm-fire-threshold 720

auto-traffic-control control-release 720

auto-traffic-control auto-control-release 721

snmp-server enable port-traps atc broadcast-alarm-clear 721

snmp-server enable port-traps atc broadcast-alarm-fire 722

snmp-server enable port-traps atc broadcast-control-apply 722

snmp-server enable port-traps atc broadcast-control-release 723

snmp-server enable port-traps atc multicast-alarm-clear 723

snmp-server enable port-traps atc multicast-alarm-fire 724

snmp-server enable port-traps atc multicast-control-apply 724

snmp-server enable port-traps atc multicast-control-release 725

show auto-traffic-control 725

show auto-traffic-control interface 726

34 LOOPBACK DETECTION COMMANDS 727

loopback-detection 728

loopback-detection mode 728

loopback-detection recover-time 729

loopback-detection transmit-interval 730

loopback-detection release 730

show loopback-detection 730

35 ADDRESS TABLE COMMANDS 732

mac-address-table aging-time 732

mac-address-table static 733

clear mac-address-table dynamic 734

show mac-address-table 734

show mac-address-table aging-time 735

– 25 –

C

ONTENTS

36 SPANNING TREE COMMANDS 736

spanning-tree 737

spanning-tree cisco-prestandard 738

spanning-tree forward-time 738

spanning-tree hello-time 739

spanning-tree max-age 740

spanning-tree mode 740

spanning-tree pathcost method 742

spanning-tree priority 742

spanning-tree mst configuration 743

spanning-tree system-bpdu-flooding 744

spanning-tree transmission-limit 744

max-hops 745

mst priority 745

mst vlan 746

name 747

revision 747

spanning-tree bpdu-filter 748

spanning-tree bpdu-guard 749

spanning-tree cost 750

spanning-tree edge-port 751

spanning-tree link-type 752

spanning-tree loopback-detection 753

spanning-tree loopback-detection release-mode 754

spanning-tree loopback-detection trap 755

spanning-tree mst cost 755

spanning-tree mst port-priority 756

spanning-tree portfast 757

spanning-tree port-bpdu-flooding 758

spanning-tree port-priority 758

spanning-tree root-guard 759

spanning-tree spanning-disabled 760

spanning-tree loopback-detection release 760

spanning-tree protocol-migration 761

show spanning-tree 762

show spanning-tree mst configuration 764

– 26 –

C

ONTENTS

37 EAPS COMMANDS 765

eaps 770

eaps domain 771

control-vlan 771

enable 772

failtime 772

hellotime 773

mode 774

port 775

protect-vlan 776

show eaps 776

38 ERPS COMMANDS 779

erps 782

erps domain 783

control-vlan 783

enable 784

guard-timer 785

holdoff-timer 785

meg-level 786

node-id 787

ring-port 787

rpl owner 788

wtr-timer 788

show erps 789

39 VLAN COMMANDS 792

GVRP and Bridge Extension Commands 793

bridge-ext gvrp 793

garp timer 794

switchport forbidden vlan 795

switchport gvrp 795

show bridge-ext 796

show garp timer 796

show gvrp configuration 797

Editing VLAN Groups 797

vlan database 798

vlan 798

– 27 –

C

ONTENTS

Configuring VLAN Interfaces 799

interface vlan 800

switchport acceptable-frame-types 800

switchport allowed vlan 801

switchport ingress-filtering 802

switchport mode 803

switchport native vlan 804

vlan-trunking 804

Displaying VLAN Information 806

show vlan 806

Configuring IEEE 802.1Q Tunneling 807

dot1q-tunnel system-tunnel-control 808

switchport dot1q-tunnel mode 809

switchport dot1q-tunnel service match cvid 810

switchport dot1q-tunnel tpid 811

show dot1q-tunnel 811

Configuring L2CP Tunneling 812

l2protocol-tunnel tunnel-dmac 812

switchport l2protocol-tunnel 813

show l2protocol-tunnel 816

Configuring Port-based Traffic Segmentation 816

pvlan 816

pvlan uplink/downlink 817

pvlan session 818

pvlan up-to-up 819

show pvlan 819

Configuring Private VLANs 820

private-vlan 821

private vlan association 822

switchport mode private-vlan 823

switchport private-vlan host-association 823

switchport private-vlan mapping 824

show vlan private-vlan 825

Configuring Protocol-based VLANs 825

protocol-vlan protocol-group (Configuring Groups) 826

protocol-vlan protocol-group (Configuring Interfaces) 827

– 28 –

C

ONTENTS

show protocol-vlan protocol-group 828

show protocol-vlan protocol-group-vid 829

Configuring IP Subnet VLANs 829

subnet-vlan 830

show subnet-vlan 831

Configuring MAC Based VLANs 831

mac-vlan 832

show mac-vlan 832

Configuring Voice VLANs 833

voice vlan 833

voice vlan aging 834

voice vlan mac-address 835

switchport voice vlan 836

switchport voice vlan priority 836

switchport voice vlan rule 837

switchport voice vlan security 838

show voice vlan 838

40 CLASS OF SERVICE COMMANDS 840

Priority Commands (Layer 2) 840

queue mode 841

queue cos-map 842

switchport priority default 843

show queue bandwidth 844

show queue cos-map 844

show queue mode 845

Priority Commands (Layer 3 and 4) 845

map ip dscp (Global Configuration) 845

map ip dscp (Interface Configuration) 846

show map ip dscp 847

41 QUALITY OF SERVICE COMMANDS 848

class-map 849

description 850

match 850

rename 852

policy-map 852

class 853

– 29 –

C

ONTENTS

police 854

set 855

service-policy 855

show class-map 856

show policy-map 857

show policy-map interface 857

42 MULTICAST FILTERING COMMANDS 859

IGMP Snooping 859

ip igmp snooping 860

ip igmp snooping leave-proxy 860

ip igmp snooping priority 861

ip igmp snooping version 862

ip igmp snooping vlan static 862

ip igmp snooping immediate-leave 863

show ip igmp snooping 864

show ip igmp snooping groups 864

show mac-address-table multicast 865

IGMP Query Commands 866

ip igmp snooping querier 866

ip igmp snooping query-count 867

ip igmp snooping query-interval 867

ip igmp snooping query-max-response-time 868

ip igmp snooping router-port-expire-time 869

Static Multicast Routing 869

ip igmp snooping vlan mrouter 870

show ip igmp snooping mrouter 870

IGMP Filtering and Throttling 871

ip igmp filter (Global Configuration) 872

ip igmp profile 872

permit, deny 873

range 873

ip igmp filter (Interface Configuration) 874

ip igmp max-groups 875

ip igmp max-groups action 875

show ip igmp filter 876

show ip igmp profile 877

– 30 –