Digitus DN-80233 User Manual

Download

Page 1

User Manual

Dynamic 24-PORT MANAGED GIGABIT SWITCH

(DN-80233)

Page 2

Contents

1.0 Introduction 23

1.1 Package Contents 23

1.2 How to Use this Guide 23

2.0 Installation 25

2.1 Product Description 25

2.1.1 Overview 25

2.1.2 Features of Layer 2 & Layer 3 Switches 25

2.2 Installing the Switch 31

2.2.1 Pre-Installation Considerations 31

2.2.2 Desktop or Shelf Mounting 31

2.2.3 Rack-Mounting 32

2.2.4 Power-On Self Test (POST) 32

3.0 Configuration 34

3.1 Management Access Overview 34

3.1.1 Administration Console 35

3.1.2 Direct Access 35

3.2 Web Management 36

3.3 SNMP-Based Network Management 36

3.4 Protocols 36

3.4.1 V irtual Terminal Protocols 36

3.4.2 SNMP Protocol 36

3.4.3 Management Architecture 37

4.0 Command Structure 38

4.1 Format 38

4.1.1 Command 38

4.1.2 Parameters 38

4.1.3 Values 39

4.1.4 Conventions 40

4.1.5 Annotations 40

5.0 Quick Start up 42

5.1 Quick Starting the Networking Device 42

5.2 System Info and System Setup 42

6.0 Mode-based Command Line Interface 47

6.1 Mode-based Topology 49

Page 3

6.2 Mode-based Command Hierarchy 50

6.3 Flow of Operation 54

6.4 “No” Form of a Command 54

6.4.1 Support for “No” Form 54

7.0 Switching Commands 56

7.1 System Information and Statistics Commands 56

7.1.1 show arp switch 56

7.1.2 show eventlog 57

7.1.3 show hardware 57

7.1.4 show interface 57

7.1.5 show interface ethernet 58

7.1.6 show logging 64

7.1.7 show mac-addr-table 64

7.1.8 show running-config 65

7.1.9 show sysinfo 65

7.1.10 snmp-server 65

7.2 System Management Commands 66

7.2.1 telnet 66

7.2.2 transport input telnet 66

7.2.3 transport output telnet 66

7.2.4 session-limit 67

7.2.5 session-timeout 67

7.2.6 bridge aging-time 67

7.2.7 mtu 68

7.2.8 network javamode 68

7.2.9 network mac-address 69

7.2.10 network mac-type 69

7.2.11 network parms 69

7.2.12 network protocol 70

7.2.13 telnetcon maxsessions 70

7.2.14 telnetcon timeout 70

7.2.15 serial baudrate 71

7.2.16 serial timeout 71

7.2.17 set prompt 71

7.2.18 show telnet 72

7.2.19 show forwardingdb agetime 72

7.2.20 show network 72

7.2.21 show telnetcon 73

7.2.22 show serial 73

Page 4

7.2.23 single_ip_mgmt enable (only for Layer 2 Series) 74

7.2.24 single_ip_mgmt groupid (only for Layer 2 Series) 74

7.2.25 single_ip_mgmt mastered (only for Layer 2 Series) 74

7.2.26 single_ip_mgmt network_parms (only for Layer 2 Series) 74

7.2.27 single_ip_mgmt switched (only for Layer 2 Series) 74

7.2.28 show single_ip_mgmt (only for Layer 2 Series) 75

7.3 SNMP Community Commands 76

7.3.1 show snmpcommunity 76

7.3.2 show snmptrap 76

7.3.3 show trapflags 77

7.3.4 snmp-server community 77

7.3.5 snmp-server community ipaddr 78

7.3.6 snmp-server community ipmask 78

7.3.7 snmp-server community mode 79

7.3.8 snmp-server community ro 79

7.3.9 snmp-server community rw 79

7.3.10 snmp-server enable traps 79

7.3.11 snmp-server enable traps bcaststorm 80

7.3.12 snmp-server enable traps linkmode 80

7.3.13 snmp-server enable traps multiusers 81

7.3.14 snmp-server enable traps stpmode 81

5.3.15 snmptrap 81

7.3.16 snmptrap ipaddr 82

7.3.17 snmptrap mode 82

7.3.18 snmp trap link-status 82

7.3.19 snmp trap link-status all 83

7.3.20 snmptrap snmpversion 83

7.4 Management VLAN Command 84

7.4.1 network mgmt_vlan 84

7.5 System Configuration Commands 85

7.5.1 addport 85

7.5.2 cablestatus 85

7.5.3 auto-negotiate 85

7.5.4 auto-negotiate all 85

7.5.5 deleteport (Interface Config) 86

7.5.6 deleteport (Global Config) 86

7.5.7 monitor session mode 86

7.5.8 monitor session 1 source interface 87

7.5.9 shutdown 87

Page 5

7.5.10 shutdown all 88

7.5.11 speed 88

7.5.12 speed all 88

7.5.13 switchport protected all 89

7.5.14 switchport protected 89

7.5.15 storm-control broadcast 89

7.5.16 storm-control flowcontrol 90

7.5.17 storm-control action shotdown 90

7.5.18 storm-control action trap 91

7.5.19 storm-control action trap-shotdown 91

7.5.20 storm-control mode broadcast 91

7.5.21 storm-control mode multicast 91

7.5.22 storm-control mode unicast 91

7.5.23 storm-control level 92

7.5.24 storm-control recovery-time 92

7.5.25 show mac-address-table multicast 92

7.5.26 show mac-address-table static 93

7.5.27 show mac-address-table stats 93

7.5.28 show monitor session 93

7.5.29 show port 94

7.5.30 show port protocol 95

7.5.31 show storm-control 95

7.5.32 show interface protected 95

7.6 Virtual LAN (VLAN) Commands 96

7.6.1 vlanset 96

7.6.2 vlan 96

7.6.3 vlan acceptframe 96

7.6.4 vlan ingressfilter 97

7.6.5 vlan makestatic 97

7.6.6 vlan name 98

7.6.7 vlan participation 98

7.6.8 vlan participation all 98

7.6.9 vlan port acceptframe all 99

7.6.10 vlan port ingressfilter all 99

7.6.11 vlan port pvid all 100

7.6.12 vlan port tagging all 100

7.6.13 vlan protocol group 100

7.6.14 vlan protocol group add protocol 100

7.6.15 vlan protocol group remove 101

7.6.16 protocol group 101

Page 6

7.6.17 protocol vlan group 102

7.6.18 protocol vlan group all 102

7.6.19 vlan pvid 102

7.6.20 vlan tagging 103

7.6.21 show vlan 103

7.6.22 show vlan brief 104

7.6.23 show vlan port 105

7.6.24 vtrunk set 105

7.6.25 vtrunk clear 105

7.7 System Utility Commands 107

7.7.1 traceroute 107

7.7.2 clear config 107

7.7.3 clear counters 107

7.7.4 clear igmpsnooping 107

7.7.5 clear pass 108

7.7.6 enable passwd 108

7.7.7 clear port-channel 108

7.7.8 clear traplog 108

7.7.9 clear vlan 108

7.7.10 logout 108

7.7.11 ping 109

7.7.12 reload 109

7.7.13 copy 109

7.7.14 autosave 110

7.7.15 cpu-port-security 1 10

7.7.16 cpu-port-security max-entries 111

7.7.17 cpu-port-security allow 111

7.7.18 cpu-port-security allow 111

7.7.19 cpu-port-security deny 111

7.7.20 cpu-port-security deny 112

7.7.21 show cpu statistics 112

7.7.22 show cpu-port-security 112

7.8 Pre-login Banner Command 114

7.8.1 copy 114

7.9 CLI Command Logging Command 115

7.9.1 logging cli-command 115

7.10 Configuration Scripting Commands 116

7.10.1 script apply 116

7.10.2 script delete 116

Page 7

7.10.3 script list 116

7.10.4 script show 117

7.10.5 script validate 117

7.11 System Log (Syslog) Commands 118

7.11.1 logging buffered 118

7.11.2 logging buffered wrap 11 8

7.11.3 logging console 119

7.11.4 logging persistent 119

7.11.5 logging host 119

7.11.6 logging syslog 120

7.11.7 logging syslog port 120

7.11.8 show logging 120

7.11.9 show logging persistent 121

7.11.10 show logging buffered 121

7.11.11 show logging hosts 122

7.11.12 show logging traplogs 122

7.12 User Account Commands 123

7.12.1 disconnect 123

7.12.2 show loginsession 123

7.12.3 show users 123

7.12.4 users name 124

7.12.5 users passwd 124

7.12.6 users snmpv3 accessmode 125

7.12.7 users snmpv3 authentication 125

7.12.8 users snmpv3 encryption 126

7.13 Simple Network Time Protocol (SNTP) Commands127

7.13.1 sntp broadcast client poll-interval 127

7.13.2 sntp client mode 127

7.13.3 sntp client port 128

7.13.4 sntp unicast client poll-interval 128

7.13.5 sntp unicast client poll-timeout 128

7.13.6 sntp unicast client poll-retry 129

7.13.7 sntp server 129

7.13.8 show sntp 129

7.13.9 show sntp client 130

7.13.10 show sntp server 130

7.14 DHCP Server Commands 132

7.14.1 client-identifier 132

7.14.2 client-name 132

Page 8

7.14.3 default-router 133

7.14.4 dns-server 133

7.14.5 hardware-address 133

7.14.6 host 134

7.14.7 ip dhcp excluded-address 134

7.14.8 ip dhcp ping packets 135

7.14.9 ip dhcp pool 135

7.14.10 lease 136

7.14.11 networ k 136

7.14.12 service dhcp 136

7.14.13 bootfile 137

7.14.14 domain-name 137

7.14.15 ip dhcp bootp automatic 138

7.14.16 ip dhcp conflict logging 138

7.14.17 netbios-name-server 138

7.14.18 netbios-node-type 139

7.14.19 next-server 139

7.14.20 option 140

7.14.21 show ip dhcp binding 140

7.14.22 show ip dhcp global configuration 140

7.14.23 show ip dhcp pool configuration 141

7.14.24 show ip dhcp server statistics 141

7.14.25 show ip dhcp conflict 142

7.14.26 clear ip dhcp binding 143

7.14.27 clear ip dhcp server statistics 143

7.14.28 clear ip dhcp conflict 143

7.15 Double VLAN Commands 144

7.15.1 dvlan-tunnel customer -id 144

7.15.2 dvlan-tunnel etherType 144

7.15.3 mode dot1q-tunnel 145

7.15.4 mode dvlan-tunnel 145

7.15.5 show dot1q-tunnel 145

7.15.6 show dot1q-tunnel interface 146

7.15.7 show dvlan-tunnel 146

7.15.8 show dvlan-tunnel interface 146

7.16 Provisioning (IEEE 802.1p) Commands 147

7.16.1 classofservice dot1pmapping 147

7.16.2 show classofservice dot1pmapping 147

7.16.3 vlan port priority all 147

Page 9

7.16.4 vlan priority 147

7.17 GARP Commands 149

7.17.1 set garp timer join 149

7.17.2 set garp timer leave 149

7.17.3 set garp timer leaveall 150

7.17.4 show garp 150

7.18 GARP VLAN Registration Protocol (GVRP) Commands 151

7.18.1 set gvrp 151

7.18.2 set gvrp adminmode 151

7.18.3 set gvrp interfacemode 151

7.18.4 show gvrp configuration 152

7.19 GARP Multicast Registration Protocol (GMRP) Commands 153

7.19.1 set gmrp adminmode 153

7.19.2 set gmrp interfacemode 153

7.19.3 show gmrp configuration 154

7.19.4 show mac-address-table gmrp 154

7.20 IGMP Snooping Commands 155

7.20.1 set igmp 155

7.20.2 set igmp fast-leave 156

7.20.3 show igmpsnooping 156

7.20.4 show igmpsnooping mrouter interface 157

7.20.5 show mac-address-table igmpsnooping 157

7.21 Link Aggregation (LAG)/Port-Channel (802.3AD) Commands 158

7.21.1 port-channel staticcapability 158

7.21.2 port lacpmode all 158

7.21.3 port-channel 159

7.21.4 port-channel adminmode all 159

7.21.5 port-channel linktrap 159

7.21.6 port-channel name 160

7.21.7 show port-channel brief 160

7.21.8 show port-channel 161

7.21.9 show port-channel summary 161

7.22 Spanning Tree (STP) Commands 163

7.22.1 spanning-tree 163

7.22.2 spanning-tree 163

Page 10

7.22.3 spanning-tree bpdumigrationcheck 164

7.22.4 spanning-tree configuration name 164

7.22.5 spanning-tree configuration revision 164

7.22.6 spanning-tree edgeport 165

7.22.7 spanning-tree forceversion 165

7.22.8 spanning-tree forward-time 166

7.22.9 spanning-tree hello-time 166

7.22.10 spanning-tree max-age 166

7.22.11 spanning-tree max-hops 167

7.22.12 spanning-tree mst instance 167

7.22.13 spanning-tree mst priority 168

7.22.14 spanning-tree mst vlan 168

7.22.15 spanning-tree port mode 169

7.22.16 spanning-tree port mode all 169

7.22.17 show spanning-tree 169

7.22.18 show spanning-tree summary 171

7.22.19 show spanning-tree interface 171

7.22.20 show spanning-tree mst port detailed 172

7.22.21 show spanning-tree mst port summary 173

7.22.22 show spanning-tree mst summary 174

7.22.23 show spanning-tree vlan 174

7.23 Bootp/DHCP Relay Commands 175

7.23.1 bootpdhcprelay cidoptmode 175

7.23.2 bootpdhcprelay enable 175

7.23.3 bootpdhcprelay maxhopcount 175

7.23.4 bootpdhcprelay minwaittime 176

7.23.5 bootpdhcprelay serverip 176

7.23.6 show bootpdhcprelay 177

7.24 Loopback Detection Commands 178

7.24.1 loopback-detection enable all 178

7.24.2 loopback-detection enable 178

7.24.3 loopback-detection interval <5-60> 178

7.24.4 show loopback-detection 179

8.0 Security Commands 180

8.1 Port Security Commands 180

8.1.1 port-security 180

8.1.2 port-security deny 180

8.1.3 port-security allow 181

8.1.4 port-security cpu-multicast-rate-limit 181

Page 11

8.1.5 port-security max-dynamic 181

8.1.6 port-security max-static 181

8.1.7 port-security max-static allow 182

8.1.8 port-security max-static deny 182

8.1.9 port-security mac-address 182

8.1.10 port-security mac-address move 183

8.1.11 snmp-server enable traps violation 183

8.1.12 show port-security 183

8.1.13 show port-security <interface | all> 183

8.1.14 show port-security allow 184

8.1.15 show port-security deny 184

8.1.16 show port-security dynamic 184

8.1.17 show port-security static 185

8.1.18 show port-security static allow 185

8.1.19 show port-security static deny 185

8.1.20 show port-security violation 185

8.1.21 show port-security cpu-multicast-rate-limit 186

8.2 Port Based Network Access Control (IEEE 802.1X) Commands 187

8.2.1 authentication login 187

8.2.2 clear dot1x statistics 187

8.2.3 clear radius statistics 188

8.2.4 dot1x defaultlogin 188

8.2.5 dot1x initialize 188

8.2.6 dot1x login 188

8.2.7 dot1x max-req 188

8.2.8 dot1x port-control 189

8.2.9 dot1x port-control All 189

8.2.10 dot1x re-authenticate 190

8.2.11 dot1x re-authentication 190

8.2.12 dot1x system-auth-control 190

8.2.13 dot1x timeout 190

8.2.14 dot1x user 191

8.2.15 dot1x port-method macbased 191

8.2.16 dot1x port-method portbased 192

8.2.17 show radius accounting 192

8.2.18 show authentication 193

8.2.19 show authentication users 193

8.2.20 show dot1x 194

Page 12

8.2.21 show dot1x users 195

8.2.22 show users authentication 196

8.2.23 users defaultlogin 196

8.2.24 users login 196

8.3 Remote Authenti cation Dial In User Service (RADIUS) Commands 197

8.3.1 radius accounting mode 197

8.3.2 radius server host 197

8.3.3 radius server key 198

8.3.4 radius server msgauth 198

8.3.5 radius server primary 198

8.3.6 radius server retransmit 198

8.3.7 radius server timeout 199

8.3.8 tacacs-server host 199

8.3.9 tacacs-server key 200

8.3.10 tacacs-server timeout 200

8.3.11 show radius 200

8.3.12 show radius statistics 201

8.3.13 show tacacs-server 202

8.4 Secure Shell (SSH) Commands 203

8.4.1 ip ssh 203

8.4.2 ip ssh protocol 203

8.4.3 sshcon maxsessions 203

8.4.4 sshcon timeout 204

8.4.5 show ip ssh 204

8.5 Hypertext Transfer Protocol (HTTP) Commands 205

8.5.1 ip http secure-port 205

8.5.2 ip http secure-protocol 205

8.5.3 ip http secure-server 205

8.5.4 ip http server 206

8.5.5 show ip http 206

9.0 Quality of Service (QoS) Commands 207

9.1 MAC Access Control List (ACL) Commands 207

9.1.1 mac access-list extended 207

9.1.2 mac access-list extended rename 208

9.1.3 {deny|permit} 208

9.1.4 mac access-group 209

9.1.5 show mac access-lists 210

9.1.6 show mac acl-counters 210

Page 13

9.2 IP Access Control List (ACL) Commands 211

9.2.1 access-list 211

9.2.2 ip access-group 212

9.2.3 show ip access-lists 212

9.2.4 show access-list interface 213

9.2.5 show ip acl-counters (only for Layer 2 Series) 213

9.3 Differentiated Services (DiffServ) Commands 214

9.3.1 diffserv 215

9.4 Class Commands 216

9.4.1 class-map 216

9.4.2 class-map rename 217

9.4.3 match ethertype 217

9.4.4 match any 217

9.4.5 match class-map 218

9.4.6 match cos 218

9.4.7 match destination-address mac 219

9.4.8 match dstip 219

9.4.9 match dstl4port 219

9.4.10 match ip dscp 220

9.4.11 match ip precedence 220

9.4.12 match ip tos 220

9.4.13 match protocol 221

9.4.14 match source-address mac 221

9.4.15 match srcip 222

9.4.16 match srcl4port 222

9.4.17 match vlan 222

9.5 Policy Commands 224

9.5.1 assign-queue 224

9.5.2 drop 224

9.5.3 redirect 224

9.5.4 conform-color 225

9.5.5 class 225

9.5.6 mark cos 225

9.5.7 mark ip-dscp 226

9.5.8 mark ip-precedence 226

9.5.9 police-simple 226

9.5.10 policy-map 227

9.5.11 policy-map rename 227

9.6 Service Commands 228

Page 14

9.6.1 service-policy 228

9.7 Show Commands 229

9.7.1 show class-map 229

9.7.2 show diffserv 230

9.7.3 show policy-map 230

9.7.4 show diffserv service 232

9.7.5 show diffserv service brief 232

9.7.6 show policy-map interface 233

9.7.7 show service-policy 234

9.8 Class of Service (CoS) Commands 235

9.8.1 classofservice dot1p-mapping 235

9.8.2 classofservice ip-dscp-mapping 235

9.8.3 classofservice ip-precedence-mapping 235

9.8.4 classofservice trust 235

9.8.5 cos-queue wfq min-bandwidth 236

9.8.6 cos-queue wrr wrr-weights 236

9.8.7 cos-queue strict 236

9.8.8 show classofservice dot1p-mapping 237

9.8.9 show classofservice ip-dscp-mapping 237

9.8.10 show classofservice ip-precedence-mapping 237

9.8.11 show classofservice trust 238

9.8.12 show interfaces cos-queue 238

9.9 Rate-Limiting Commands 240

9.9.1 rate-limiting 240

9.9.2 show rate-limiting 240

10.0 Stacking Commands 241

10.1 Dedicated-port Stacking 241

10.1.1 show supported switchtype 241

10.1.2 member 242

10.1.3 switch priority 242

10.1.4 switch renumber 242

10.1.5 movemanagement 242

10.1.6 archive copy-sw 243

10.1.7 archive download-sw 243

10.1.8 slot 243

10.1.9 set slot disable 244

10.1.10 set slot power 244

10.1.11 show slot 245

10.1.12 show supported cardtype 246

Page 15

10.1.13 reload 246

10.2 Front Panel Stacking 247

10.2.1 stack-port 247

10.2.2 qos-mode 247

11.0 Routing Commands 248

11.1 Address Resolution Protocol (ARP) Commands 248

11.1.1 arp 248

11.1.2 ip proxy-arp 248

11.1.3 arp purge 249

11.1.4 arp dynamicrenew 249

11.1.5 arp resptime 249

11.1.6 arp retries 250

11.1.7 arp timeout 250

11.1.8 clear arp-cache 250

11.1.9 show arp 251

11.1.10 show arp brief 251

11.2 IP Routing 253

11.2.1 routing 253

11.2.2 ip routing 253

11.2.3 ip address 253

11.2.4 ip route 254

11.2.5 ip route default 254

11.2.6 ip route distance 255

11.2.7 ip forwarding 255

11.2.8 ip netdirbcast 255

11.2.9 ip mtu 256

11.2.10 show ip brief 256

11.2.11 show ip interface 257

11.2.12 show ip interface brief 257

11.2.13 show ip route 258

11.2.14 show ip route bestroutes 258

11.2.15 show ip route entry 258

11.2.16 show ip route preferences 259

11.2.17 show ip stats 259

11.2.18 encapsulat ion 259

11.3 Router Discovery Protocol Commands 260

11.3.1 ip irdp 260

11.3.2 ip irdp address 260

11.3.3 ip irdp holdtime 260

Page 16

11.3.4 ip irdp maxadvertinterval 261

11.3.5 ip irdp minadvertinterval 261

11.3.6 ip irdp preference 261

11.3.7 show ip irdp 262

11.4 Virtual LAN Routing Commands 263

11.4.1 vlan routing 263

11.4.2 show ip vlan 263

11.5 Virtual Router Redundancy Protocol (VRRP) Commands 264

11.5.1 ip vrrp 264

11.5.2 ip vrrp 264

11.5.3 ip vrrp mode 265

11.5.4 ip vrrp ip 265

11.5.5 ip vrrp authentication 265

11.5.6 ip vrrp preempt 266

11.5.7 ip vrrp priority 266

11.5.8 ip vrrp timers advertise 267

11.5.9 show ip vrrp interface stats 267

11.5.10 show ip vrrp 268

11.5.11 show ip vrrp interface 268

11.5.12 show ip vrrp interf ace brief 268

11.6 Open Shortest Path First (OSPF) Commands 270

11.6.1 enable (OSPF) 270

11.6.2 ip ospf 270

11.6.3 1583compatibility 270

11.6.4 area authentication 271

11.6.5 area default-cost 271

11.6.6 area nssa 2 7 1

11.6.7 area nssa default-info-originate 272

11.6.8 area nssa no-redistribute (OSPF) 272

11.6.9 area nssa no-summary (OSPF) 272

11.6.10 area nssa translator-role (OSPF) 272

11.6.11 area nssa translator-stab-intv 273

11.6.12 area ra nge 273

11.6.13 area stub 273

11.6.14 area stub summarylsa 274

11.6.15 area virt ual-link 274

11.6.16 area virtual-link authentication 274

11.6.17 area virt ual-link dead-interval 275

Page 17

11.6.18 area virt ual-link hello-interval 275

11.6.19 area virt ual-link retransmit-interval 276

11.6.20 area virtual-link transmit-delay 276

11.6.21 default-information originate (OSPF) 277

11.6.22 default-metric (OSPF) 277

11.6.23 distance ospf 277

11.6.24 distribute-list out 278

11.6.25 exit-overf low-interval 278

11.6.26 extern al-lsdb-limit 278

11.6.27 ip ospf areaid 279

11.6.28 ip ospf authentication 279

11.6.29 ip ospf cost 279

11.6.30 ip ospf dead-interval 280

11.6.31 ip ospf hello-interval 280

11.6.32 ip ospf priority 281

11.6.33 ip ospf retransmit-interval 281

11.6.34 ip ospf transmit-delay 282

11.6.35 ip ospf mtu-ignore 282

11.6.36 router-id 282

11.6.37 redistribute 283

11.6.38 maximum-paths 283

11.6.39 show ip ospf 283

11.6.40 show ip ospf area 285

11.6.41 show ip ospf database 285

11.6.42 show ip ospf interface 286

11.6.43 show ip ospf interface brief 287

11.6.44 show ip ospf interface stats 288

11.6.45 show ip ospf neighbor 288

11.6.46 show ip ospf neighbor brief 289

11.6.47 show ip ospf range 290

11.6.48 show ip ospf stub table 290

11.6.49 show ip ospf virtual-link 291

11.6.50 show ip ospf virtual-link brief 291

11.6.51 trapflags 291

11.7 Routing Information Protocol (RIP) Commands 293

11.7.1 enable (RIP) 293

11.7.2 ip rip 293

11.7.3 auto-summary 294

11.7.4 default-information originate (RIP) 294

11.7.5 default-metric (RIP) 294

Page 18

11.7.6 distance rip 294

11.7.7 distribute-list out 295

11.7.8 ip rip authentication 295

11.7.9 ip rip receive version 296

11.7.10 ip rip send version 296

11.7.11 hostroutesaccept 297

11.7.12 split-horizon 297

11.7.13 redistribute 297

11.7.14 show ip rip 298

11.7.15 show ip rip interface brief 298

12.0 Border Gateway Protocol (BGP) Commands 300

12.1 BGP Commands 300

12.1.1 aggregate-address 300

12.1.2 bgp addrfamily create 300

12.1.3 bgp autorestart 301

12.1.4 bgp calcmedmode 301

12.1.5 bgp cluster-id 301

12.1.6 bgp community 302

12.1.7 bgp confederation identifier 302

12.1.8 bgp default local-preference 303

12.1.9 bgp flapdamping dampfactor 303

12.1.10 bgp flapdamping flapmaxtime 303

12.1.11 bgp flapdamping mode 304

12.1.12 bgp flapdamping penaltyinc 304

12.1.13 bgp flapdamping reuselimit 304

12.1.14 bgp flapdamping reusemaxsize 305

12.1.15 bgp flapdamping suppresslimit 305

12.1.16 bgp flapdamping timerresolution 306

12.1.17 bgp interval minasorigin 306

12.1.18 bgp interval minrouteadvint 306

12.1.19 bgp localmed 307

12.1.20 bgp optionalcap 307

12.1.21 bgp origin 307

12.1.22 bgp policy 308

12.1.23 bgp policy action addint 308

12.1.24 bgp policy action addip 309

12.1.25 bgp policy action remove 310

12.1.26 bgp policy range address 310

12.1.27 bgp policy range between 310

Page 19

12.1.28 bgp policy range equal 310

12.1.29 bgp policy range greaterthan 311

12.1.30 bgp policy range lessthan 311

12.1.31 bgp policy range match 311

12.1.32 bgp policy range remove 311

12.1.33 bgp propmedmode 311

12.1.34 bgp router-id 312

12.1.35 bgp snpa 312

12.1.36 bgp suppressmode 313

12.1.37 clear bgp 313

12.1.38 default-information originate (BGP) 313

12.1.39 default-metric (BGP) 313

12.1.40 distance bgp 314

12.1.41 distribute-list out 314

12.1.42 enable (BGP) 314

12.1.43 neighbor <peeripaddr> addrfamily 315

12.1.44 neighbor <peeripaddr> authentication none 315

12.1.45 neighbor <peeripaddr> authentication simple 315

12.1.46 neighbor <peeripaddr> confedmember 316

12.1.47 neighbor <peeripaddr> connretry 316

12.1.48 neighbor <peeripaddr> msgsendlimit 317

12.1.49 neighbor <peeripaddr> next-hop-self 317

12.1.50 neighbor <peeripaddr> optionalcap 317

12.1.51 neighbor <peeripaddr> remote-as 318

12.1.52 neighbor <peeripaddr> maximum-prefix 318

12.1.53 neighbor <peeripaddr> route-reflector-client 319

12.1.54 neighbor <peeripaddr> shutdown 319

12.1.55 neighbor <peeripaddr> timers <keepalive> <holdtime> 320

12.1.56 neighbor <peeripaddr> txdelayint 320

12.1.57 network 320

12.1.58 redistribute 321

12.1.59 route-aggregation 321

12.1.60 route-reflect 322

12.1.61 trapflags 322

12.1.62 show ip bgp 322

12.1.63 show ip bgp addrfamilyinfo 323

12.1.64 show ip bgp aggregate-address 323

12.1.65 show ip bgp brief 323

12.1.66 show ip bgp damping 325

12.1.67 show ip bgp local 326

Page 20

12.1.68 show ip bgp mplslabels 326

12.1.69 show ip bgp neighbors 327

12.1.70 show ip bgp neighbors addrfamilyinfo 328

12.1.71 show ip bgp neighbors stats 328

12.1.72 show ip bgp nlrilist 328

12.1.73 show ip bgp pathattrtable 329

12.1.74 show ip bgp peer-list 330

12.1.75 show ip bgp policy brief 330

12.1.76 show ip bgp policy detailed 330

12.1.77 show ip bgp snpalist 331

12.1.78 show ip bgp trapflags 331

13.0 IP Multicast Commands 332

13.1 Multicast Commands 332

13.1.1 ip mcast boundary 332

13.1.2 ip multicast 332

13.1.3 ip multicast staticroute 333

13.1.4 ip multicast ttl-threshold 333

13.1.5 mrinfo 333

13.1.6 mstat 334

13.1.7 mtrace 334

13.1.8 show ip mcast 334

13.1.9 show ip mcast boundary 335

13.1.10 show ip mcast interface 335

13.1.11 show ip mcast mroute 336

13.1.12 show ip mcast mroute group 336

13.1.13 show ip mcast mroute source 337

13.1.14 show ip mcast mroute static 337

13.1.15 show mrinfo 338

13.1.16 show mstat 338

13.1.17 show mtrace 338

13.2 Distance Vector Multicast Routing Protocol (DVMRP) Commands 340

13.2.1 ip dvmrp 340

13.2.2 ip dvmrp metric 340

13.2.3 ip dvmrp trapflags 340

13.2.4 show ip dvmrp 341

13.2.5 show ip dvmrp interface 341

13.2.6 show ip dvmrp neighbor 342

13.2.7 show ip dvmrp nexthop 342

Page 21

13.2.8 show ip dvmrp prune 343

13.2.9 show ip dvmrp route 343

13.3 Internet Group Management Protocol (IGMP) Commands 344

13.3.1 ip igmp 344

13.3.2 ip igmp version 344

13.3.3 set igmp mcrtrexpiretime 344

13.3.4 ip igmp last-member-query-count 345

13.3.5 ip igmp last-member-query-interval 345

13.3.6 ip igmp query-interval 346

13.3.7 ip igmp query-max-response-time 346

13.3.8 ip igmp robustness 346

13.3.9 ip igmp startup-query-count 347

13.3.10 ip igmp startup-query-interval 347

13.3.11 set igmp groupmembershipinterval 348

13.3.12 set igmp maxresponse 348

13.3.13 set igmp mrouter interface 348

13.3.14 set igmp mrouter 349

13.3.15 show ip igmp 349

13.3.16 show ip igmp groups 350

13.3.17 show ip igmp interface 351

13.3.18 show ip igmp interface membership 351

13.3.19 show ip igmp interface stats 352

13.4 Protocol Independent Multicast - Dense Mode (PIM-DM) Commands 353

13.4.1 ip pimdm 353

13.4.2 ip pimdm mode 353

13.4.3 ip pimdm query-interval 354

13.4.4 show ip pimdm 354

13.4.5 show ip pimdm interface 354

13.4.6 show ip pimdm interface stats 355

13.4.7 show ip pimdm neighbor 355

13.4.8 show ip pimdm componenttable 355

13.5 Protocol Independent Multicast - Sparse Mode(PIM-SM) Commands 356

13.5.1 ip pimsm cbsrpreference 356

13.5.2 ip pimsm cbsrhashmasklength 356

13.5.3 ip pimsm crppreference 357

13.5.4 ip pimsm message-interval 357

Page 22

13.5.5 ip pimsm 358

13.5.6 ip pimsm mode 358

13.5.7 ip pimsm query-interval 358

13.5.8 ip pimsm spt-threshold 359

13.5.9 ip pim-trapflags 359

13.5.10 ip pimsm staticrp 360

13.5.11 ip pimsm register-rate-limit 360

13.5.12 show ip pimsm rphash 360

13.5.13 show ip pimsm staticrp 360

13.5.14 show ip pimsm 361

13.5.15 show ip pimsm componenttable 361

13.5.16 show ip pimsm interface 362

13.5.17 show ip pimsm interface stats 362

13.5.18 show ip pimsm neighbor 363

13.5.19 show ip pimsm rp 363

13.5.20 show ip pimsm rphash 363

14.0 Using the Web Interface 365

14.1 Configuring for Web Access 365

14.1.1 Web Page Layout 365

14.1.2 Starting the Web Interface 366

14.1.3 Command Buttons 366

Glossary 367

Page 23

The information in this guide may change without notice. The manufacturer assumes no responsibility for any errors, which may appear in this guide.

Ethernet is a trademark of XEROX Corporation. Microsoft, Windows and Windows logo are trademarks of Microsoft Corporation.

Copyright 2006. All right reserved. No Part of the contents of this guide maybe transmitted or reproduced in any form or by any means without the written permission of the manufacturer. Printed in Taiwan.

The revision date for this guide is Mar. 16

, 2006

Version 1.00

FCC Statement

This product has been tested and found to comply with the limits for a Class B digital device pursuant to Part 15 of FCC Rules. These limits are designed to provide reasonable protection against such interference when operating in a commercial environment. This equipment generates, uses and can radiate radio frequency energy, and if not installed and used according to the instructions, may cause harmful interference to radio communications.

Operation of this equipment in a residential area is likely to cause interference in which case the user, at his or her own expense will be required to take whatever measures may be required to correct the interference.

CE Mark Warning

This is a Class B product. In a domestic environment, this product may cause radio interference in which case the user may be required to take adequate measures.

Page 24

1.0 Introduction

This manual will apply to the following name of Gigabit Ethernet Management Switch: Throughout this guide, the Layer2 SNMP Managed Switch will be referred to as the

Managed Switch or the Switch.

Designed as the SNMP managed switch, these series of Switches provide dominant ability of management and multiple ports. Strictly adhering to the network standards, these SNMP Managed Switches can easily fit in your network configuration and can be executed for its management functions through the console and the web browser.

1.1 Package Contents

The package contains the following:

 A Managed Switch (According the Model)  One Power Cord  Mounting Brackets  One Serial/Console Cable  CD - User Guide

If any of the listed items is missing or damaged, please contact the place of purchase.

1.2 How to Use this Guide

This user guide is structured as follows:

 Chapter 2, Product Description explains the features of the switch and the front/rear

panel indicates

 Chapter 3, Installing the Switch explains how to physically install it.  Chapter 4,Command Stucture explains the command’s general format.  Chapter 5, Quick Start up details procedures to quickly become acquainted with the

switch.

 Chapter 6, Mode-based Command Line Interface (CLI) groups all the commands in

appropriate modes according to the nature of the commands.

 Chapter 7-Chapter 13 lists the format and usage of all commands.

 Chapter 14, Using the Web Interface introduces the web screen structure.

Page 25

Page 26

2.0 Installation

This Chapter describes the function of the managed switch components and shows how to install it on the desktop or shelf. Basic knowledge of networking is assumed. Read this chapter completely before continuing.

2.1 Product Description

2.1.1 Overview

The SNMP Managed Switches are with powerful network management function and flexible connectivity combination. Diversified management access windows and user-friendly interface, Console, Telnet, and Web, facilitate administrators' job, reducing the management effort to the minimum.

2.1.2 Features of Layer 2 & Layer 3 Switches

Half/full duplex mode for ports in 10/100M speed and full duplex mode in 1000Mbps speed

Non-blocking switching architecture.

Flow control mechanism to ensure zero packet loss. Uses IEEE802.3x for full duplex operation and collision-like backpressure for half duplex operation.

Store-and-forward forwarding scheme.

Port-mirroring function / Multiple Port-mirroring function

Link Aggregation function (2, 3 or 4 ports per link).

Up to 8 trunk group

802.3ad LACP

Broadcast Storm Control

Multicast-filtering. (IGMP snooping)

GVRP protocol for VLAN management.

4092 802.1q Tagged VLAN

Protected port

Rate limit control for both Egress and Ingress (64 Kbps granularity)

802.1x and Radius 802.1x

Layer-4 Access Control List

Spanning Tree protocol (IEEE 802.1D)

802.1w Fast STP

802.1s Multi-STP

Up to 8 units Stacking supported(for Layer 2 switch only)

Class of Service(IEEE 802.1P/802.1Q)

8-level priority for switching

CoS-based Head Of Line (HOL) blocking prevention

Differentiated Service (DiffServ)

Comand line interface from the console port using a VT-100 terminal.

RMON (group 1,2,3 and 9)

MIB II, Ethernet MIB, Bridge MIB and GR-5500 private MIB

WEB-based management

Page 27

TELNET console interface

BOOTP for IP address assignment

Firmware upgrade by TFTP file transfer protocol through Ethernet network.

Redundant power supply(optional)

(Layer 3 switch series only)

• Built-in DHCP Server

• DHCP Relay Agent

• L3 IP packets wired-speed Forwarding.

• RIP v1/v2, OSPF v2 for backward co mp atible with traditional router

• 4K IPv4,address, 16K Routing table

• Layer 3 wired-speed routing among all ports(IPV4)

• Fully compatible with existing routing protocol: RIP V1/V2, OSPF V2, PIM, DVMRP.

1 Male DB9 RS-232C console interface configured as DTE for operation, diagnostics, status, and configuration information.

z IEEE 802.3ac frame extension for VLAN tagging.

Page 28

Page 29

Page 30

Page 31

Page 32

2.2 Installing the Switch

The switch is designed for office use, where it can be free standing, desktop-mounted, or mounted in most standard 19-inch equipment racks. If you prefer, you can rack-mount the switch in a wiring closet or equipment room using two mounting brackets and six screws.

When choosing a location for the switch, observe the following guidelines:

z Make sure the switch is accessible and that the cables can be connected easily. z Keep cabling away from sources of electrical noise such as radios, transmitters, and

broadband amplifiers as well as power lines and fluorescent lighting fixtures.

z Prevent water or moisture from entering the switch case. z Make sure there are no obstructions to restrict airflow around the switch. We

recommend that you provide a minimum of 50 millimeter (2-inch) clearance.

z Do not place liquids or other objects on top of the switch. z If the switches are freestanding, do not stack more than four switches on top of one

another.

2.2.1 Pre-Installation Considerations

Fast Ethernet Topology Considerations

If you will be using the switch for Fast Ethernet (100 Mbps) operation, observe the following guidelines:

z The maximum unshielded twisted-pair (UTP) cable length is 100 meters (328 feet) over

Category 5 cable.

z Single-repeater topologies permit a total network span of 325 meters (1066 feet).

Full-Duplex Considerations

The switch provides full-duplex support for its Fast Ethernet ports. Full-duplex operation allows frames to be sent and received simultaneously, doubling a link’s potential data throughput. If you will be using the switch in full-duplex mode, the maximum UTP cable length is 100 meters (328 feet) over Category 5 cable.

2.2.2 Desktop or Shelf Mounting

To install the switch on a desktop or shelf, simply complete the following steps:

Step 1 Place the switch on a desktop or shelf near an AC power source. Step 2 Keep enough ventilation space between the switch and the surrounding objects. Step 3 Connect the switch to network devices.

A. Connect one end of a standard network cable to the 10/100 RJ-45 ports

on the front of the switch. B. Connect the other end of the cable to the network devices such as printer servers, workstations or routers.

Note: It is strongly recommended to use the UTP Category 5 network cabling with RJ-45 tips for the network connection.

Page 33

Step 4 Supply power to the switch.

A. Connect one end of the power cable to the switch. B. Connect the power cube end of the power cable to a standard wall outlet.

When the switch receives power, the Power LED should remain solid Green.

2.2.3 Rack-Mounting

The following procedure describes how to install the switch in a standard 19-inch rack.

z Disconnect all cables from the switch. z Remove all adhesive pads from the bottom of the switch.

Step 1 Place the switch right side up on a hard flat surface, with the front panel facing you. Step 2 Locate a mounting bracket over the mounting holes on one side of the switch Step 3 Insert three screws and use a screwdriver to secure. Step 4 Repeat the two previous steps for the other side of the switch. Step 5 Insert the switch into the 19-inch rack and secure with suitable screws. Make sure

the ventilation holes on the switch are not obstructed.

Step 6 Connect the network cable and supply power to the switch.

Figure 1

Locating a Mounting Bracket

2.2.4 Power-On Self Test (POST)

When you power-on the switch, it performs its Power-On Self Test (POST). During the POST, the switch CPU:

z Performs a series of diagnostic procedures to make sure the basic system is functioning

Page 34

with integrity.

z Decompresses the main switching software run-time image from the flash ROM into

DRAM area.

z Begins executing the main switching software.

Page 35

3.0 Configuration

This chapter explains the methods that you can use to configure management access to the switch. It describes the types of management applications and the communication and management protocols that deliver data between your management device (work-station or personal computer) and the system. It also contains information about port connection options.

This chapter covers the following topics:

z Management Access Overview z Key Concepts z Key Guidelines for Implementation z Administration Console Access z Web Management Access z SNMP Access z Standards, Protocols, and Related Reading

3.1 Management Access Overview

The switch gives you the flexibility to access and manage the switch using any or all of the following methods:

z An administration console z Web browser interface z An external SNMP-based network management application

The administration console and Web browser interface support are embedded in the switch software and are available for immediate use. Each of these management methods has their own advantages. Table 4 compares the three management methods.

Table 1 Comparisons of Three Management Methods

Management Method

Advantages Disadvantages

Administration

console

z No IP address or subnet

needed

z Text-based z Telnet functionality and

HyperTerminal built into Windows 95/98/NT/2000/ME/XP operating systems

z Secure

z Must be near switch or use

dial-up connection

z Not convenient for remote users z Modem connection may prove to

be unreliable or slow

Web browser

z Ideal for configuring the

switch remotely

z Compatible with all

z Security can be compromised

(hackers need only know the IP address and subnet mask)

Page 36

popular browsers

z Can be accessed from

any location

z Most visually appealing

z May encounter lag times on poor

connections

SNMP Agent

z Communicates with

switch functions at the MIB level

z Based on open standards

z Requires SNMP manager

software

z Least visually appealing of all

three methods

z Some settings require

calculations

z Security can be compromised

(hackers need only know the community name)

3.1.1 Administration Console

The administration console is an internal, character-oriented, and command line user interface for performing system administration such as displaying statistics or changing option settings. Using this method, you can view the administration console from a terminal, personal computer, Apple Macintosh, or workstation connected to the switch’s console (serial) port.

There are two ways to use this management method: via direct access or modem port access. The following sections describe these methods. For more information about using the console, refer to Chapter 4 Command Line Interface Console Management.

3.1.2 Direct Access

Direct access to the administration console is achieved by directly connecting a terminal or a PC equipped with a terminal-emulation program (such as HyperTerminal) to the switch console (serial) port.

When using this management method, a null-modem cable is required to connect the switch to the PC. After making this connection, configure the terminal-emulation program to use the following parameters:

The default parameters are:

z 115,200 bps

z 8 data bits

z No parity

z 1 stop bit

You can change these settings, if desired, after you log on. This management method is often preferred because you can remain connected and monitor the system during system reboots. Also, certain error messages are sent to the serial port, regardless of the interface through which the associated action was initiated. A Macintosh or PC attachment can use any terminal-emulation program for connecting to the terminal serial port. A workstation

Page 37

attachment under UNIX can use an emulator such as TIP.

3.2 Web Management

The switch provides a browser interface that lets you configure and manage the switch remotely. After you set up your IP address for the switch, you can access the switch’s Web interface applications directly in your Web browser by entering the IP address of the switch. You can then use your Web browser to list and manage switch configuration parameters from one central location, just as if you were directly connected to the switch’s console port.

Web Management requires either Microsoft Internet Explorer 4.01 or later or Netscape Navigator 4.03 or later.

3.3 SNMP-Based Network Management

You can use an external SNMP-based application to configure and manage the switch. This management method requires the SNMP agent on the switch and the SNMP Network Management Station to use the same community string. This management method, in fact, uses two community strings: the get community string and the set community string. If the SNMP Net-work management Station only knows the set community string, it can read and write to the MIBs. However, if it only knows the get community string, it can only read MIBs. The default gets and sets community strings for the switch are public.

3.4 Protocols

The switch supports the following protocols:

z Virtual terminal protocols, such as Telnet z Simple Network Management Protocol (SNMP)

3.4.1 Virtual Terminal Protocols

A virtual terminal protocol is a software program, such as Telnet, that allows you to establish a management session from a Macintosh, a PC, or a UNIX workstation. Because Telnet runs over TCP/IP, you must have at least one IP address configured on the switch before you can establish access to it with a virtual terminal protocol.

Note: Terminal emulation differs from a virtual terminal protocol in that you must connect a

terminal directly to the console (serial) port.

3.4.2 SNMP Protocol

Simple Network Management Protocol (SNMP) is the standard management protocol for multi-vendor IP networks. SNMP supports transaction-based queries that allow the protocol to format messages and to transmit information between reporting devices and data-collection programs. SNMP runs on top of the User Datagram Protocol (UDP), offering a connectionless-mode service.

Page 38

3.4.3 Management Architecture

All of the management application modules use the same Messaging Application Programming Interface (MAPI). By unifying management methods with a single MAPI, configuration parameters set using one method (console port, for example) are immediately displayable by the other management methods (for example, SNMP agent of Web browser).

The management architecture of the switch adheres to the IEEE open standard. This compliance assures customers that the switch is compatible with, and will interoperate with other solutions that adhere to the same open standard.

Page 39

4.0 Command Structure

The Command Line Interface (CLI) syntax, conventions and terminology are described in this section. Each CLI command referenced in this document is illustrated using the structure outlined below.

4.1 Format

Some commands, such as

show inventory or clear vlan,do not require parameters. Other

commands, such as

network parms , have parameters for which you must supply a value.

Parameters are positional — you must type the values in the correct order. Optional parameters will follow required parameters. For example:

Example 1 network parms <ipaddr> <netmask> [gateway]

 network parms is the command name.  <ipaddr> <netmask> are the required values for the command.  [gateway] is the optional value for the command.

Example 2 snmp-server location <loc>

 snmp-server location is the command name.  <loc> is the required parameter for the command.

Example 3 clear vlan

 clea r vlan is the command name.

4.1.1 Command

The following conventions apply to the command name:

 The command name is displayed in this document in bold font and must be typed

exactly as shown.

 Once you have entered enough letters of a command name to uniquely identify the

command, hitting the space bar or Tab key will cause the system to complete the word.

 Entering Ctrl-Z will return you to the root level command prompt.

4.1.2 Parameters

 Parameters are order dependent.

Page 40

 Parameters are displayed in this document in bold italic font, which must be

replaced with a name or number. To use spaces as part of a name parameter, enclose it in double quotes. For example, the expression "System Name with Spaces" forces the system to accept the spaces.

 Parameters may be mandatory values, optional values, choices, or a combination.

 <parameter>. The <> angle brackets indicate that a mandatory parameter must

be entered in place of the brackets and text inside them.

 [parameter]. The [] square brackets indicate that an optional parameter may be

entered in place of the brackets and text inside them.

 choice1 | choice2. The | indicates that only one of the parameters should be

entered.

 The {} curly braces indicate that a parameter must be chosen from the list

of choices.

4.1.3 Values

ipaddr This parameter is a valid IP address. Presently the IP address can

be entered in following formats:

a (32 bits) a.b (8.24 bits) a.b.c (8.8.16 bits) a.b.c.d (8.8.8.8)

In addition to these formats, decimal, hexidecimal and octal formats are supported through the following input formats (where n is any valid hexidecimal, octal or decimal number):

0xn (CLI assumes hexidecimal format) 0n (CLI assumes octal format with leading zeros) n

(CLI assumes decimal format)

macaddr The MAC address format is six hexadecimal numbers separated by

colons, for example 00:06:29:32:81:40.

areaid Area IDs may be entered in dotted-decimal notation (for example,

0.0.0.1). An area ID of 0.0.0.0 is reserved for the backbone. Area IDs have the same form as IP addresses, but are distinct from IP addresses. The IP network number of the sub-netted network may be used for the area ID.

routerid The value of <router id> must be entered in 4-digit

dotted-decimal notation (for example, 0.0.0.1). A router ID of

0.0.0.0 is invalid.

unit/slot/port Valid unit, slot and port number separated by forward slashes.

For example, 1/0/1 represents unit number 1, slot number 0 and port number 1.

logical unit/slot/port Logical unit, slot and port number. This is applicable

in the case of a port-channel (LAG). The operator can use the logical unit/slot/port to configure the port-channel.

Page 41

character strings Use double quotation marks to identify character strings,

for example, “System Name with Spaces”. An empty string (“”) is not valid.

4.1.4 Conventions

 Network addresses are used to define a link to a remote host, workstation or

network. Network addresses are shown using the following syntax:

Table 1. Network Address Syntax

Address Type Format Range

ipaddr

192.165.11.110 0.0.0.0 to 255.255.255.255 (decimal)

macaddr

A7:C9:89:DD:A9:B3 hexidecimal digit pairs

 Double quotation marks such as "System Name with Spaces" set off user defined

strings. If the operator wishes to use spaces as part of a name parameter then it must be enclosed in double quotation marks.

 Empty strings (““) are not valid user defined strings.  Command completion finishes spelling the command when enough letters of a com-

mand are typed to uniquely identify the command word. The command may be executed by typing <enter> (command abbreviation) or the command word may be completed by typing the <tab> or <space bar> (command completion). The value 'Err' designates that the requested value was not internally accessible. This should never happen and indicates that there is a case in the software that is not handled correctly.

 The value of '-----' designates that the value is unknown.

4.1.5 Annotations

The CLI allows the user to type single-line annotations at the command prompt for use when writing test or configuration scripts and for better readability. The exclamation point (‘!’) character flags the beginning of a comment. The comment flag character can begin a word anywhere on the command line and all input following this character is ignored. Any command line that begins with the character ‘!’ is recognized as a comment line and ignored by the parser.

Some examples are provided below:

! Script file for displaying the ip interface

! Display information about interfaces

Page 42

show ip interface 1/0/1 !Displays the information about the first interface

! Display information about the next interface

show ip interface 1/0/2

! End of the script file

4.1.6 Special Characters

Certain special key combinations speed up use of the CLI. They are listed in this section. Also, help is available for the CLI by typing HELP.

DEL, BS delete previous character Ctrl-A go to beginning of line Ctrl-E go to end of line Ctrl-F go forward one character Ctrl-B go backward one character Ctrl-D delete current character Ctrl-H display command history or retrieve a command Ctrl-U, X delete to beginning of line Ctrl-K delete to end of line Ctrl-W delete previous word Ctrl-T transpose previous character Ctrl-P go to previous line in history buffer Ctrl-N go to next line in history buffer Ctrl-Z return to root command prompt Tab, <SPACE> command-line completion Exit to exit from the mode to the upper lower command prompt

Page 43

5.0 Quick Start up

The CLI Quick Start up details procedures to quickly become acquainted with the the switch’s managed commands.

5.1 Quick Starting the Networking Device

1. Read the Chapter 2.0 for the connectivity procedure. In-band connectivity allows access to the Web and CLI command interface locally or from a remote workstation. The device must be configured with IP information (IP address, subnet mask, and default gateway).

2. Turn the Power ON.

3. Allow the device to load the software until the login prompt appears. The device initial state is called the default mode

4. When the prompt asks for operator login, execute the following steps:

Type the word admin in the login area. Since a number of the Quick Setup commands require administrator account rights, we suggests logging into an administrator account. Do not enter a password because there is no password in the default mode.  Press the enter key two times.  The CLI User EXEC prompt will be displayed.  Use “enable” to networking device to the Privileged EXEC mode from User EXEC. Use “configure” to switch to the Global Config mode from Privileged EXEC. Use “exit” to return to the previous mode.

5.2 System Info and System Setup

Quick Start up Software Version Information

Table 2 Quick Start up Software Version Information

Command

Details

show hardware (in Privileged EXEC)

Allows the user to see the software version the device contains

Machine Model (The type and number of ports the device provides.) For example: Machine Model………….

24+2G

24 = 24 10/100 ports 02 = 2 Uplink ports on back of switch

Page 44

Quick Start up Physical Port Data

Table 3

Quick Start up Physical Port Data

Command Details

show port all (in Privileged EXEC)

Displays the Ports

slot/port

Type - Indicates if the port is a special type of port

Admin Mode - Selects the Port Control Administration State Physical Mode - Selects the desired port speed and duplex mode Physical Status - Indicates the port speed and duplex mode

Link Status - Indicates whether the link is up or down Link Trap - Determines whether or not to send a trap when link

status changes LACP Mode - Displays whether LACP is enabled or disabled on this port.

Quick Start up User Account Management

Table 4 Quick Start up User Account Management

Command Details

show users (in Privileged EXEC)

Displays all of the users that are allowed to access the switch Access Mode - Shows whether the user is able to change parameters on the switch (Read/Write) or is only able to view then (Read Only). As a factory default, the ‘admin’ user has Read/Write access and the ‘guest’ user has Read Only access. There can only be one Read/Write user and up to five Read Only users.

show loginsession (in User EXEC)

Displays all of the login session information

users passwd <username> (in Global Config)

Allows the user to set passwords or change passwords needed to login A prompt will appear after the command is entered requesting the users old password. In the absence of an old password leave the area blank. The operator must press enter to execute the command. The system then prompts the user for a new password then a prompt to confirm the new password. If the new password and the confirmed password match a message will be displayed. User password should not be more than eight characters in length.

copy system:running-config nvram:startup-config (in Privileged EXEC)

This will save passwords and all other changes to the device. If you do not save the configuration by doing this command, all configurations will be lost when a power cycle is performed on the switch or when the switch is reset

logout (in User EXEC and Privileged EXEC)

Logs the user out of the switch

Page 45

Quick Start up IP Address

To view the network parameters the operator can access the device by the following three methods.

 Simple Network Management Protocol - SNMP  Telnet  Web Browser

Note:

Helpful Hint: The user should do a ‘copy system:running-config nvram:startup-config’

after configuring the network parameters so that the configurations are not lost

Table 5 Quick Start up IP Address

Command Details

show network (in User EXEC)

Displays the Network Configurations

IP Address - IP Address of the interface Default IP is 0.0.0.0 Subnet Mask - IP Subnet Mask for the interface Default is 0.0.0.0 Default Gateway - The default Gateway for this interface Default value is 0.0.0.0 Burned in MAC Address - The Burned in MAC Address used for in-band connectivity

Locally Administered MAC Address - Can be configured to allow a locally administered MAC address MAC Address Type - Specifies which MAC address should be used for in-band connectivity Network Configurations Protocol Current - Indicates which network protocol is being used Default is none Management VLAN Id - Specifies VLAN id Web Mode - Indicates whether HTTP/Web is enabled. Java Mode - Indicates whether java mode is enabled.

network parms (in Privileged EXEC)

network parms <ipaddr> <netmask> [<gateway>]

IP Address range from 0.0.0.0 to 255.255.255.255 Subnet Mask range from 0.0.0.0 to 255.255.255.255 Gateway Address range from 0.0.0.0 to 255.255.255.255

Page 46

Quick Start up Uploading from Switch to Out-of-Band PC (Only XMODEM)

Table 6 Quick Start up Uploading from Switch to Out-of-Band PC (XMODEM)

Command

Details

copy { nvram:startup-config | nvram:errorlog | nvram:msglog | nvram:traplog} <url>

The types are:

config - configuration file errorlog - error log system trace - system trace traplog - trap log

The URL must be specified as:

xmodem:filepath/fileName

This starts the upload and also displays the mode of uploading and the type of upload it is and confirms the upload is taking place. For example: If the user is using HyperTerminal, the user must specify where the file is going to be received by the PC.

Quick Start up Downloading from Out-of-Band PC to Switch (Only XMODEM)

Table 7 Quick Start up Downloading from Out-of-Band PC to Switch (Only XMODEM)

Command

Details

copy <url> {nvram:startup-config | system: image}

Sets the destination (download) data type to be an image (system:image) or a configuration file (nvram:startup-config). The URL must be specified as: xmodem:filepath/fileName For example: If the user is using HyperTerminal, the user must specify which file is to be sent to the switch. The Switch will restart automatically once the code has been downloaded.

Quick Start up Downloading from TFTP Server

Before starting a TFTP server download, the operator must complete the Quick Start up for the IP Address.

Table 8 Quick Start up Downloading from TFTP Server

Command Details

copy <url> {nvram:startup-config | system: image}

Sets the destination (download) data type to be an image (system:image) or a configuration file (nvram:startup-config). The URL must be specified as: tftp://ipAddr/filepath/fileName. The nvram:startup-config option downloads the configuration file using tftp and system:image option downloads the code file.

Page 47

Quick Start up Factory Defaults

Table 9 Quick Start up Factory Defaults

Command Details

clear config Enter yes when the prompt pops up to clear all the

configurations made to the switch.

copy system:running-config nvram:startup-config

Enter yes when the prompt pops up that asks if you want to save the configurations made to the switch.

reload OR Cold Boot the Switch

Enter yes when the prompt pops up that asks if you want to reset the system. This is the users choice either reset the switch or cold boot the switch, both work effectively.

Page 48

6.0 Mode-based Command Line Interface

The Command Line Interface (CLI) groups all the commands in appropriate modes according to the nature of the commands. Sample of the CLI command modes are described below. Each of the command modes supports specific switch’s commands.

The CLI Command Modes table captures the command modes, the prompts visible in that mode and the exit method from that mode.

Table 10. CLI Command Modes

Command Mode

Access Method Prompt

Exit or Access Previous Mode

User Exec Mode

This is the first level of access. Perform basic tasks and list system information.

Switch> Enter Logout

command

Privileged Exec Mode

From the User Exec mode, enter the

enable com-

mand.

Switch# To exit to the

User Exec mode, enter exit or press Ctrl-Z.

VLAN Mode From the Privi-

leged Exec mode, enter the

vlan

database

com-

mand.

Switch (Vlan) # To exit to the

Privileged Exec mode, enter the exit command, or press Ctrl-Z to switch to the User Exec

mode. Global Config Mode

From the Privileged Exec mode, enter the

con-figure

command.

Switch (Config)# To exit to the

Privileged Exec

mode, enter the

exit command,

or press Ctrl-Z

to switch to the

User Exec

mode. Interface Config Mode

From the Global Config mode, enter the

inter-face

unit/slot/ port>

command.

Switch (Interface "if number")# To exit to the

Global Config

mode, enter

exit. To return to

the User Exec

mode, enter

ctrl-Z. Line Config Mode

From the Global Config mode, enter the

lineconfigcommand

Switch (line) # To exit to the

Global Config

mode, enter

exit. To return to

the User Exec

mode, enter

ctrl-Z.

Page 49

Command Mode

Access Method Prompt

Exit or Access Previous Mode

Policy Map Con-fig Mode

From the Global Config mode, enter the

pol-icy-map

command

Switch (Config-policy-map)# To exit to the

Global Config mode, enter exit. To return to the User Exec mode,

enter ctrl-Z. Policy Class Config Mode

From the Policy Map mode enter the

class com-

mand

Switch (Config-policy-classmap)#

To exit to the

Policy Map

mode, enter

exit. To return

to the User

Exec mode,

enter ctrl-Z. Class Map Con-fig Mode(only for Layer 3 Series)

From the Global Config mode, enter the

class-map

command

Switch (Config-classmap)# To exit to the

Global Config

mode, enter

exit. To return

to the User

Exec mode,

enter ctrl-Z. Router OSPF Config Mode (only for Layer 3 Series)

From the Global Config mode, enter the

router

ospf

command

Switch (Config-router)# To exit to the

Global Config

mode, enter

exit. To return

to the User

Exec mode,

enter ctrl-Z. Router RIP Config Mode(only for Layer 3 Series)

From the Global Config mode, enter the

router

rip

command

Switch (Config-router)# To exit to the

Global Config

mode, enter

exit. To return

to the User

Exec mode,

enter ctrl-Z. Router BGP Config Mode (only for Layer 3 Series)

From the Global Config mode, enter the

router bgp <

asnum-ber>

command

Switch (Config-router)# To exit to the

Global Config mode, enter exit. To return to the User Exec mode,

enter ctrl-Z. Bwprovisioning Config Mode

From the Global Config mode, enter the

bwpro-visioning

command.

Switch (Config-bwp)# To exit to the

Global Config

mode, enter

exit. To return

to the User

Exec mode,

enter ctrl-Z.

Page 50

Command Mode

Access Method Prompt

Exit or Access

Previous Mode

Bwprovisioning

- Trafficclass Con-fig Mode

From the Bwprovisioning mode, enter the

traf-fic-class com-

mand.

Switch (Config-bwp-trafficclass)#

To exit to the

Bwprovisioning

Config mode,

enter exit. To

return to the

User Exec

mode, enter

ctrl-Z. Bwprovisioning

- bwallocation Config Mode

From the Bwprovisioning mode, enter the

bwal-location

command.

Switch (Config-bwp-bwallocation)#

To exit to the

Bwprovisioning

mode, enter

exit. To return

to the User

Exec mode,

enter ctrl-Z. MAC Access-list Config Mode

From the Global Config mode enter the

mac access-list extended <name>

command

Switch (Config-mac-access-list)#

To exit to the Global Config mode, enter exit. To return to the User Exec mode, enter ctrl-Z.

DHCP Pool Con-fig Mode

From the Global Config mode, enter the

ipdhcp pool

<pool-name>

command.

Switch (Config-dhcp-pool)# To exit to the

Global Config mode, enter exit. To return to the User Exec mode,

enter ctrl-Z Stack Global Config Mode

From the Global Config mode, enter the

stack

command.

Switch (Config-stack )#

To exit to the

Global Config

mode, enter

exit. To return

to the User

Exec mode,

enter ctrl-Z

6.1 Mode-based Topology

The CLI tree is built on a mode concept where the commands are available according to the interface. Some of the modes are depicted in the mode-based CLI Figure 1.

Page 51

Figure 1. Mode-based CLI

Access to all commands in the Privileged Exec mode and below are restricted through a password.

6.2 Mode-based Command Hierarchy

The CLI is divided into various modes. The Commands in one mode are not available until the operator switches to that particular mode, with the exception of the User Exec mode commands. The User Exec mode commands may also be executed in the Privileged Exec mode. The commands available to the operator at any point in time depend upon the mode. Entering a question mark (?) at the CLI prompt, displays a list of the available commands and descriptions of the commands.

Page 52

The CLI provides the following modes:

User Exec Mode

When the operator logs into the CLI, the User Exec mode is the initial mode. The User Exec mode contains a limited set of commands. The command prompt shown at this level is:

Command Prompt: $>

Privileged Exec Mode

To have access to the full suite of commands, the operator must enter the Privileged Exec mode. The Privileged Exec mode requires password authentication. From Privileged Exec mode, the operator can issue any Exec command, enter the VLAN mode or enter the Global Configuration mode . The command prompt shown at this level is:

Command Prompt: $#

VLAN Mode

This mode groups all the commands pertaining to VLANs. The command prompt shown at this level is:

Command Prompt: $(VLAN)#

Global Config Mode

This mode permits the operator to make modifications to the running configuration. General setup commands are grouped in this mode. From the Global Configuration mode, the operator can enter the System Configuration mode, the Physical Port Configuration mode, the Interface Configuration mode, or the Protocol Specific modes specified below. The command prompt at this level is:

Command Prompt: $(Config)#

From the Global Config mode, the operator may enter the following configuration modes:

Interface Config Mode

Many features are enabled for a particular interface. The Interface commands enable or modify

the operation of an interface.In this mode, a physical port is set up for a specific logical connection operation. The Interface Config mode provides access to the router interface configuration commands. The command prompt at this level is: Command Prompt: $(Interface <unit/slot/port>)#

The resulting prompt for the interface configuration command entered in the Global Configuration mode is shown below:

$(Config)# interface 1/2/1 $(Interface 1/2/1)#+

Page 53

Line Config Mode

This mode allows the operator to configure the console interface. The operator may configure the interface from the directly connected console or the virtual terminal used with Telnet. The command prompt at this level is:

Command Prompt: $(Line)#

Policy Map Mode

Use the policy-map <policy-name>command to access the QoS policy map configuration mode to configure the QoS policy map.

$(Config)# policy map <policy name> Command Prompt: $(Config-policy-map)#

Policy Class Mode

Use the class <class-name> command to access the QoS policy-classmap mode to attach/ remove a diffserv class to a policy and to configure the QoS policy class.

$(Config policy-map)# clas s <class name> Command Prompt: $(Config-policy-classmap)#

Class Map Mode:

This mode consists of class creation/deletion and matching commands. The class match commands specify Layer 2, Layer 3 and general match criteria. Use the class-map class-map-name commands to access the QoS class map configuration mode to configure QoS class maps.

$(Config)# class-map <class-map-name> Command Prompt: $(Config class-map)#

Router OSPF Config Mode:

In this mode, the operator is allowed to access the router OSPF configuration commands. The command prompt at this level is:

$(Config)# router ospf Command Prompt: $(Config router)#

Router RIP Config Mode:

In this mode, the operator is allowed to access the router RIP configuration commands. The command prompt at this level is:

$(Config)# router rip Command Prompt: $(Config router)#

Router BGP Config Mode:

In this mode, the operator is allowed to access the router BGP4 configuration commands. The command prompt at this level is:

$(Config)# router bgp <1-65535> Command

Page 54

Prompt: $(Config-routerbgp)#

Bwprovisioning Config Mode

Use the bwprovisioning command to access the Bandwidth provisioning Config Mode to configure bandwidth provisioning.

$(Config)# bwprovisioning Command Prompt: $(Config-bwp)#

Bwprovisioning Trafficclass Mode

Use the traffic-class command to access the Bandwidth provisioning Config Mode to configure bandwidth traffic class.

$(Config bwp)# traffic-classCommand Prompt: $(Config-bwp-trafficclass)#

Bwprovisioning bwallocation Mode

Use the bwallocation command to access the Bandwidth provisioning Config Mode to configure bandwidth allocation.

$(Config bwp)# bwallocation Command Prompt: $(Config bwp-bwallocation)#

MAC Access-List Config Mode

Use the MAC Access-List Config mode to create a MAC access-List and to enter the mode containing mac access-list configuration commands.

$(Config)#mac-access-list extended <name> Command Prompt: $(Config-mac-access-list)#

DHCP Pool Config Mode

Use the ip dhcp pool <pool-name> command to access the DHCP Pool Config . $(Config)# ip dhcp pool <pool-name> Command Prompt: (Config-dhcp-pool)#

Stack Global Config Mode

Use the stack command to access the Stack Config Mode.

$(Config)# stack Command Prompt: (Config-stack)#

Page 55

6.3 Flow of Operation

This section captures the flow of operation for the CLI:

1. The operator logs into the CLI session and enters the User Exec mode. In the User Exec mode the $(exec)> prompt is displayed on the screen.

The parsing process is initiated whenever the operator types a command and presses <ENTER>. The command tree is searched for the command of interest. If the command is not found, the output message indicates where the offending entry begins. For instance, command node A has the command

"show arp brief" but the operator attempts to execute the command "show arpp brief"

then the output message would be $(exec)> show arpp brief^. $%Invalid input detected at '^' marker. If the operator has given an invalid input parameter in the command, then the message

conveys to the operator an invalid input was detected. The layout of the output is depicted below:

Syntax Error Message:

(exec) #show arpp brief

%Invalid input detected at ‘^’ marker.

After all the mandatory parameters are entered, any additional parameters entered are treated as optional parameters. If any of the parameters are not recognized a syntax error message will be displayed.

2. After the command is successfully parsed and validated, the control of execution goes to the corresponding CLI callback function.

3. For mandatory parameters, the command tree extends till the mandatory parameters make the leaf of the branch. The callback function is only invoked when all the mandatory parameters are provided. For optional parameters, the command tree extends till the mandatory parameters and the optional parameters make the leaf of the branch. However, the call back function is associated with the node where the mandatory parameters are fetched. The call back function then takes care of the optional parameters.

4. Once the control has reached the callback function, the callback function has complete information about the parameters entered by the operator.

6.4 “No” Form of a Command

“No” is a specific form of an existing command and does not represent a new or distinct command. Only the configuration commands are available in the “no” form. The behavior and the support details of the “no” form is captured as part of the mapping sheets.

6.4.1 Support for “No” Form

Page 56

Almost every configuration command has a “no” form. In general, use the no form to reverse the action of a command or reset a value back to the default. For example, the

no shutdown interface

configuration command reverses the shutdown of an interface. Use the command without the keyword no to re-enable a disabled feature or to enable a feature that is disabled by default.

Page 57

7.0 Switching Commands

This chapter provides detailed explanation of the Switching commands. The commands are divided into five functional groups:

 Show commands display switch settings, statistics, and other information.



 Configuration commands configure features and options of the switch. For every

configuration command, there is a show command that displays the configuration setting.

 Copy commands transfer or save configuration and informational files to and from the switch.  Clear commands clear some or all of the settings to factory defaults.

This chapter includes the following configuration types:

 System information and statistics commands



 System Management commands



 Device configuration commands



 User account management commands



 Security commands



 System utilities

7.1 System Information and Statistics Commands

This chapter provides a detailed explanation of the CLI commands. The commands are divided into five functional groups:

 Show commands display switch settings, statistics, and other information.



 Configuration commands configure features and options of the switch. For every

configuration command, there is a show command that displays the configuration setting.

 Copy commands transfer or save configuration and informational files to and from the

switch.



 Clear commands clear some or all of the settings to factory defaults.

7.1.1 show arp switch

This command displays connectivity between the switch and other devices. The Address

Resolution Protocol (ARP) cache identifies the MAC addresses of the IP stations communicating with the switch.

Format

show arp switch

Mode Privileged EXEC MAC Address A unicast MAC address for which the switch has forwarding and/or filtering

information. The format is 6 two-digit hexadecimal numbers that are separated by colons, for

example 01:23:45:67:89:AB IP Address The IP address assigned to each interface

unit/slot/port

Valid unit, slot and port number separated by forward slashes.

Page 58

7.1.2 show eventlog

This command displays the event log, which contains error messages from the system. The event log is not cleared on a system reset.

Format show eventlog Mode Privileged EXEC

File The file in which the event originated. Line The line number of the event. Task Id The task ID of the event. Code The event code. Time The time this event occurred.

Note: Event log information is retained across a switch reset.

7.1.3 show hardware

This command displays inventory information for the switch.

Format show hardware Mode Privileged EXEC Switch Description Text used to identify the product name of this switch. Machine Type Specifies the machine model as defined by the Vital Product Data. Machine Model Specifies the machine model as defined by the Vital Product Data. Serial Number The unique box serial number for this switch. FRU Number The field replaceable unit number. Part Number Manufacturing part number. Maintenance Level Indicates hardware changes that are significant to software. Manufacturer Manufacture descriptor field. Burned in MAC Address Universally assigned network address. Software Version The release version revision number of the code currently running on the

switch.

Operating System The operating system currently running on the switch. Network Processing Element The type of the processor micro-code.

Additional Packages This displays the additional packages that are incorporated into this

system, such as BGP-4, or Multicast.

7.1.4 show interface

This command displays a summary of statistics for a specific port or a count of all CPU traffic based upon the argument.

Page 59

Format

show interface {<unit/slot/port> | switchport}

Mode Privileged EXEC

The display parameters, when the argument is ' <unit/slot/port>', is as follows :

Packets Received Without Error The total number of packets (including broadcast packets

and multicast packets) received by the processor.

Packets Received With Error The number of inbound packets that contained errors

preventing them from being deliverable to a higher-layer protocol.

Broadcast Packets Received The total number of packets received that were directed to the

broadcast address. Note that this does not include multicast packets.

Packets Transmitted Without Error The total number of packets transmitted out of the

interface.

Transmit Packets Errors The number of outbound packets that could not be transmitted

because of errors.

Collisions Frames The best estimate of the total number of collisions on this Ethernet segment. Time Since Counters Last Cleared The elapsed time, in days, hours, minutes, and seconds

since the statistics for this port were last cleared.

The display parameters, when the argument is 'switchport', is as follows :

Packets Received Without Error The total number of packets (including broadcast packets

and multicast packets) received by the processor.

Broadcast Packets Received The total number of packets received that were directed to the

broadcast address. Note that this does not include multicast packets.

Packets Received With Error The number of inbound packets that contained errors

preventing them from being deliverable to a higher-layer protocol.

Packets Transmitted Without Error The total number of packets transmitted out of the

interface.

Broadcast Packets Transmitted The total number of packets that higher-level protocols

requested to be transmitted to the Broadcast address, including those that were discarded or not sent.

Transmit Packet Errors The number of outbound packets that could not be transmitted

because of errors.

Address Entries Currently In Use The total number of Forwarding Database Address Table

entries now active on the switch, including learned and static entries.

VLAN Entries Currently In Use The number of VLAN entries presently occupying the VLAN

table.

Time Since Counters Last Cleared The elapsed time, in days, hours, minutes, and seconds

since the statistics for this switch were last cleared.

7.1.5 show interface ethernet

This command displays detailed statistics for a specific port or for all CPU traffic based upon the argument.

Page 60

Format

show interface ethernet {<unit/slot/port> | switchport}

Mode Privileged EXEC

The display parameters, when the argument is '<unit/slot/port>', are as follows :

Packets Received

Octets Received - The total number of octets of data (including those in bad packets)

received on the network (excluding framing bits but including Frame Check Sequence (FCS) octets). This object can be used as a reasonable estimate of ethernet utilization. If greater precision is desired, the etherStatsPkts and etherStatsOctets objects should be sampled before and after a common interval. ----- The result of this equation is the value Utilization which is the percent utilization of the ethernet segment on a scale of 0 to 100 percent.Packets Received < 64 Octets - The total number of packets (including bad packets) received that were < 64 octets in length (excluding framing bits but including FCS octets).

Packets Received 64 Octets - The total number of packets (including bad packets) received that were 64 octets in length (excluding framing bits but including FCS octets). Packets Received 65-127 Octets - The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 128-255 Octets - The total number of packets (including bad packets) received that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 256-511 Octets - The total number of packets (including bad packets) received that were between 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 512-1023 Octets - The total number of packets (including bad packets) received that were between 512 and 1023 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 1024-1518 Octets - The total number of packets (including bad packets) received that were between 1024 and 1518 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received 1519-1522 Octets - The total number of packets (including bad packets) received that were between 1519 and 1522 octets in length inclusive (excluding framing bits but including FCS octets). Packets Received > 1522 Octets - The total number of packets received that were longer than 1522 octets (excluding framing bits, but including FCS octets) and were otherwise well formed.

Packets Received Successfully

Total - The total number of packets received that were without errors. Unicast Packets Received - The number of subnetwork-unicast packets delivered to

a higher-layer protocol. Multicast Packets Received - The total number of good packets received that were

directed to a multicast address. Note that this number does not include packetsdirected to the broadcast address. Broadcast Packets Received - The total number of good packets received that were directed to the broadcast address. Note that this does not include multicast packets.

Packets Received with MAC Errors

Page 61

Total - The total number of inbound packets that contained errors preventing them from being deliverable to a higher-layer protocol. Jabbers Received - The total number of packets received that were longer than 1518 octets (excluding framing bits, but including FCS octets), and had either a bad Frame Check Sequence (FCS) with an integral number of octets (FCS Error) or a bad FCS with a non-integral number of octets (Alignment Error). Note that this definition of jabber is different than the definition in IEEE-802.3 section 8.2.1.5 (10BASE5) and section 10.3.1.4 (10BASE2). These documents define jabber as the condition where any packet exceeds 20 ms. The allowed range to detect jabber is between 20 ms and 150 ms. Fragments/Undersize Received - The total number of packets received that were less than 64 octets in length (excluding framing bits but including FCS octets). Alignment Errors - The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad Frame Check Sequence (FCS) with a non-integral number of octets. Rx FCS Errors - The total number of packets received that had a length (excluding framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad Frame Check Sequence (FCS) with an integral number of octets Overruns - The total number of frames discarded as this port was overloaded with incoming packets, and could not keep up with the inflow.

Received Packets not forwarded

Total - A count of valid frames received which were discarded (i.e. filtered) by the

forwarding process. Local Traffic Frames - The total number of frames dropped in the forwarding process because the destination address was located off of this port.

802.3x Pause Frames Received - A count of MAC Control frames received on this interface with an op-code indicating the PAUSE operation. This counter does not increment when the interface is operating in half-duplex mode. Unacceptable Frame Type - The number of frames discarded from this port due to being an unacceptable frame type. VLAN Membership Mismatch - The number of frames discarded on this port due to ingress filtering. VLAN Viable Discards - The number of frames discarded on this port when a lookup on a particular VLAN occurs while that entry in the VLAN table is being modified, or if the VLAN has not been configured. Multicast Tree Viable Discards - The number of frames discarded when a lookup in the multicast tree for a VLAN occurs while that tree is being modified. Reserved Address D iscards - The number of frames discarded that are destined to an IEEE 802.1 reserved address and are not supported by the system. Broadcast Storm Recovery - The number of frames discarded that are destined for FF:FF:FF:FF:FF:FF when Broadcast Storm Recovery is enabled. CFI Discards - The number of frames discarded that have CFI bit set and the addresses in RIF are in non-canonical format. Upstream Threshold - The number of frames discarded due to lack of cell descriptors available for that packet's priority level.

Packets Transmitted Octets

Total Bytes - The total number of octets of data (including those in bad packets)

received on the network (excluding framing bits but including FCS octets). This object can be used as a reasonable estimate of ethernet utilization. If greater precision is desired, the etherStatsPkts and etherStatsOctets objects should be sampled before and

Page 62

after a common interval. Packets Transmitted 64 Octets - The total number of packets (including bad packets) received that were 64 octets in length (excluding framing bits but including FCS octets). Packets Transmitted 65-127 Octets - The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits but including FCS octets). Packets Transmitted 128-255 Octets - The total number of packets (including bad packets) received that were between 128 and 255 octets in length inclusive (excluding framing bits but including FCS octets). Packets Transmitted 256-511 Octets - The total number of packets (including bad packets) received that were between 256 and 511 octets in length inclusive (excluding framing bits but including FCS octets). Packets Transmitted 512-1023 Octets - The total number of packets (including bad packets) received that were between 512 and 1023 octets in length inclusive (excluding framing bits but including FCS octets). Packets Transmitted 1024-1518 Octets - The total number of packets (including bad packets) received that were between 1024 and 1518 octets in length inclusive (excluding framing bits but including FCS octets). Packets Transmitted 1519-1522 Octets - The total number of packets (including bad packets) received that were between 1519 and 1522 octets in length inclusive (excluding framing bits but including FCS octets). Max Info - The maximum size of the Info (non-MAC) field that this port will receive or transmit.

Packets Transmitted Successfully

Total - The number of frames that have been transmitted by this port to its segment. Unicast Packets Transmitted - The total number of packets that higher-level proto

cols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent. Multicast Packets Transmitted - The total number of packets that higher-level protocols requested be transmitted to a Multicast address, including those that were discarded or not sent. Broadcast Packets Transmitted - The total number of packets that higher-level protocols requested be transmitted to the Broadcast address, including those that were discarded or not sent.

Transmit Errors

Total Errors - The sum of Single, Multiple, and Excessive Collisions. Tx FCS Errors - The total number of packets transmitted that had a length (excluding

framing bits, but including FCS octets) of between 64 and 1518 octets, inclusive, but had a bad Frame Check Sequence (FCS) with an integral number of octets.

Oversized - The total number of frames that exceeded the max permitted frame size. This counter has a max increment rate of 815 counts per sec. at 10 Mb/s. Underrun Errors - The total number of frames discarded because the transmit FIFO buffer became empty during frame transmission.

Transmit Discards

Total Discards - The sum of single collision frames discarded, multiple collision

frames discarded, and excessive frames discarded.

Page 63

Single Collision Frames - A count of the number of successfully transmitted frames on a particular interface for which transmission is inhibited by exactly one collision. Multiple Collision Frames - A count of the number of successfully transmitted frames on a particular interface for which transmission is inhibited by more than one collision. Excessive Collisions - A count of frames for which transmission on a particular inter face fails due to excessive collisions. Port Membership - The number of frames discarded on egress for this port due to egress filtering being enabled. VLAN Viable Discards - The number of frames discarded on this port when a lookup on a particular VLAN occurs while that entry in the VLAN table is being modified, or if the VLAN has not been configured.

Protocol Statistics

BPDU's received - The count of BPDU's (Bridge Protocol Data Units) received in

the spanning tree layer. BPDU's Transmitted - The count of BPDU's (Bridge Protocol Data Units) transmitted from the spanning tree layer.

802.3x Pause Frames Received - A count of MAC Control frames received on this interface with an opcode indicating the PAUSE operation. This counter does not increment when the interface is operating in half-duplex mode.

GVRP PDU's Received - The count of GVRP PDU's received in the GARP layer. GVRP PDU's Transmitted - The count of GVRP PDU's transmitted from the GARP

layer. GVRP Failed Registrations - The number of times attempted GVRP registrations

could not be completed.

GMRP PDU's received - The count of GMRP PDU's received in the GARP layer. GMRP PDU's Transmitted - The count of GMRP PDU's transmitted from the

GARP layer. GMRP Failed Registrations - The number of times attempted GMRP registrations could not be completed.

STP BPDUs Transmitted - Spanning Tree Protocol Bridge Protocol Data Units sent. STP BPDUs Received - Spanning Tree Protocol Bridge Protocol Data Units received. RST BPDUs Transmitted - Rapid Spanning Tree Protocol Bridge Protocol Data Units

sent. RSTP BPDUs Received - Rapid Spanning Tree Protocol Bridge Protocol Data Units received. MSTP BPDUs Transmitted - Multiple Spanning Tree Protocol Bridge Protocol Data Units sent. MSTP BPDUs Received - Multiple Spanning Tree Protocol Bridge Protocol Data Units received

Dot1x Statistics

EAPOL Frames Received - The number of valid EAPOL frames of any type that have

been received by this authenticator. EAPOL Frames Transmitted - The number of EAPOL frames of any type that have been transmitted by this authenticator.

Time Since Counters Last Cleared The elapsed time, in days, hours, minutes,

and seconds since the statistics for this port were last cleared.

Page 64

The display parameters, when the argument is ‘switchport’, are as follows :

Octets Received - The total number of octets of data received by the processor (excluding framing bits but including FCS octets). Total Packets Received Without Error- The total number of packets (including broadcast packets and multicast packets) received by the processor. Unicast Packets Received - The number of subnetwork-unicast packets delivered to a higher-layer protocol. Multicast Packets Received - The total number of packets received that were directed to a multicast address. Note that this number does not include packets directed to the broadcast address. Broadcast Packets Received - The total number of packets received that were directed to the broadcast address. Note that this does not include multicast packets.

Receive Packets Discarded - The number of inbound packets which were chosen to be discarded even though no errors had been detected to prevent their being deliverable to a higher-layer protocol. A possible reason for discarding a packet could be to free up buffer space.

Octets Transmitted - The total number of octets transmitted out of the interface, including framing characters. Packets Transmitted without Errors - The total number of packets transmitted out of the interface. Unicast Packets Transmitted - The total number of packets that higher-level protocols requested be transmitted to a subnetwork-unicast address, including those that were discarded or not sent. Multicast Packets Transmitted - The total number of packets that higher-level protocols requested be transmitted to a Multicast address, including those that were discarded or not sent. Broadcast Packets Transmitted - The total number of packets that higher-level protocols requested be transmitted to the Broadcast address, including those that were discarded or not sent. Transmit Packets Discarded - The number of outbound packets which were chosen to be discarded even though no errors had been detected to prevent their being deliverable to a higher-layer protocol. A possible reason for discarding a packet could be to free up buffer space. Most Address Entries Ever Used - The highest number of Forwarding Database Address Table entries that have been learned by this switch since the most recent reboot. Address Entries in Use - The number of Learned and static entries in the Forwarding Database Address Table for this switch. Maximum VLAN Entries - The maximum number of Virtual LANs (VLANs) allowed on this switch. Most VLAN Entries Ever Used - The largest number of VLANs that have been active on this switch since the last reboot. Static VLAN Entries - The number of presently active VLAN entries on this switch that have been created statically. Dynamic VLAN Entries - The number of presently active VLAN entries on this switch that have been created by GVRP registration. VLAN Deletes - The number of VLANs on this switch that have been created and then deleted since the last reboot.

Time Since Counters Last Cleared The elapsed time, in days, hours, minutes, and

seconds, since the statistics for this switch were last cleared.

Page 65

7.1.6 show logging

This command displays the trap log maintained by the switch. The trap log contains a maximum of 256 entries that wrap.

Format show logging Mode Privileged EXEC Number of Traps since last reset The number of traps that have occurred since the last

reset of this device.

Number of Traps since log last displayed The number of traps that have occurred since

the traps were last displayed. Getting the traps by any method (terminal interface display, Web display, upload file from switch etc.) will result in this counter being cleared to 0.

Log The sequence number of this trap. System Up Time The relative time since the last reboot of the switch at which this trap occurred. Trap The relevant information of this trap.

Note: Trap log information is not retained across a switch reset.

7.1.7 show mac-addr-table

This command displays the forwarding database entries. If the command is entered with no

parameter, the entire table is displayed. This is the same as entering the optional all parameter.

Alternatively, the administrator can enter a MAC Address to display the table entry for the requested MAC address and all entries following the requested MAC address.

Format show mac-addr-table [<macaddr> | all] Mode Privileged EXEC

Mac Address A unicast MAC address for which the switch has forwarding and or filtering informa-

tion. The format is 6 or 8 two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB. In an IVL system the MAC address will be displayed as 8 bytes.

Unit/Slot/Port The port which this address was learned. if Index This object indicates the if Index of the interface table entry associated with this port. Status The status of this entry. The meanings of the values are. Static The value of the corresponding instance was added by the system or a user when a static

MAC filter was defined. It cannot be relearned. Learned The value of the corresponding instance was learned by observing the source MAC addresses of incoming traffic, and is currently in use.

Management The value of the corresponding instance (system MAC address) is also the value of an existing instance of dot1dStaticAddress. It is identified with interface 0/1 and is currently used when enabling VLANs for routing.

Self The value of the corresponding instance is the address of one of the switch’s physical interfaces (the system’s own MAC address).

GMRP Learned The value of the corresponding was learned via GMRP and applies to Multicast.

Page 66

Other The value of the corresponding instance does not fall into one of the other categories.

7.1.8 show running-config

This command is used to display/capture the current setting of different protocol packages supported on the switch. This command displays/captures only commands with settings/configurations with values that differ from the default value. The output is displayed in script format, which can be used to configure another switch with the same configuration. If the optional <scriptname> is provided with a filename extension of “.scr”, the output will be redirected to a script file.

The option [all] will also enable the display/capture of all commands with settings/configurations that include values that are the same as the default values. The <scriptname> option cannot be used with the [all] option.

Format show running-config [all | <scriptname>]

Mode Privileged EXEC

7.1.9 show sysinfo

This command displays switch information.

Format show sysinfo Mode Privileged EXEC Switch Description Text used to identify this switch. System Name Name used to identify the switch. System Location Text used to identify the location of the switch. May be up to 31

alpha-numeric characters. The factory default is blank.

System Contact Text used to identify a contact person for this switch. May be up to 31 alpha-

numeric characters. The factory default is blank.

System ObjectID The base object ID for the switch’s enterprise MIB. System Up Time The time in days, hours and minutes since the last switch reboot. MIBs Supported A list of MIBs supported by this agent.

7.1.10 snmp-server

This command sets the name and the physical location of the switch, and the organization

responsible for the network.The range for name, location and contact is from 1 to 31 alphanumeric

characters.

Default none Format snmp-server {sysname <name> | location <loc> | contact <con>} Mode Global Config

Page 67

7.2 System Management Commands

These commands manage the switch and show current management settings. The commands are divided into two functional groups:

 Show commands display switch settings, statistics, and other information.  Configuration commands configure features and options of the switch. For every

configuration command, there is a show command that displays the configuration setting.

7.2.1 telnet

This command establishes a new outbound telnet connection to a remote host. The host value must be a valid IP address. Valid values for port should be a valid decimal integer in the range of 0 to 65535, where the default value is 23. If [debug] is used, the current telnet options enabled is displayed. The optional line parameter sets the outbound telnet operational mode as ‘linemode’, where by default, the operational mode is ‘character mode’. The noecho option disables local echo.

Format telnet <host> [port] [debug] [line] [noecho]

Modes Privileged EXEC User EXEC

7.2.2 transport input telnet

This command regulates new telnet sessions. If sessions are enabled, new telnet sessions can be established until there are no more sessions available. If sessions are disabled, no new telnet sessions are established. An established session remains active until the session is ended or an abnormal network error ends the session.

Default enabled Format transport input telnet Mode Line Config

7.2.2.1 no transport input telnet

This command disables telnet sessions. If sessions are disabled, no new telnet sessions are established.

Format no transport input telnetMode Line Config

7.2.3 transport output telnet

This command regulates new outbound telnet connections. If enabled, new outbound telnet sessions can be established until it reaches the maximum number of simultaneous outbound telnet sessions allowed. If disabled, no new outbound telnet session can be established. An established session remains active until the session is ended or an abnormal network error ends it.

Default enabled Format transport output telnet

Page 68

Mode Line Config

7.2.3.1 no transport output telnet

This command disables new outbound telnet connections. If disabled, no new outbound telnet connection can be established.

Format no transport output telnet

Mode Line Config

7.2.4 session-limit

This command specifies the maximum number of simultaneous outbound telnet sessions. A value

of 0 indicates that no outbound telnet session can be established.

Default 5

Format session-limit <0-5>

Mode Line Config

7.2.4.1 no session-limit

This command sets the maximum number of simultaneous outbound telnet sessions to the default value.

Format no session-limitMode Line Config

7.2.5 session-timeout

This command sets the outbound telnet session timeout value.The timeout value unit of time is minutes. A value of 0 indicates that a session remains active indefinitely.

Default 0 Format session-timeout <0-160>

Mode Line Config

7.2.5.1 no session-timeout

This command sets the outbound telnet session timeout value to the default. The timeout value unit of time is minutes.

Format no session-timeout

Mode Line Config

7.2.6 bridge aging-time

This command configures the forwarding database address aging timeout in seconds. In an IVL

system, the [fdbid | all] parameter is required.

Default 300

Page 69

Format

bridge aging-time <10-1,000,000> [fdbid | all]

Mode Global ConfigSeconds The <seconds> parameter must be within the range of 10 to

1,000,000 seconds.

Forwarding Database ID Fdbid (Forwarding database ID) indicates which forwarding

database's aging timeout is being configured. The All option is used to configure all forwarding database's aging time.

7.2.6.1 no bridge aging-time

This command sets the forwarding database address aging timeout to 300 seconds. In an IVL system, the [fdbid | all] parameter is required.

Format no bridge aging-time [fdbid | all]

Mode Global Config Forwarding Database ID

Fdbid (Forwarding database ID) indicates which forwarding database's aging timeout is being

configured. All is used to configure all forwarding database's aging time.

7.2.7 mtu

This command sets the maximum transmission unit (MTU) size (in bytes) for physical and port-channel (LAG) interfaces. For the standard implementation, the range of <mtusize> is a valid integer between 1522 - 9216 for tagged packets and a valid interger between 1518 - 1926 for untagged packets.

Note: To receive and process packets, the Ethernet MTU must include any extra bytes that may be required for Layer-2 headers. Whereaa, the IP MTU size (See “ip mtu” on page 183.) refers to the maximum size of the IP packet (IP Header + IP payload).

Default 1522 (tagged)

1518 (untagged)

Format mtu <1522-9216>

Mode Interface Config

7.2.7.1 no mtu

This command sets the default maximum transmission unit (MTU) size (in bytes) for the interface.

Format no mtu

Mode Interface Config

7.2.8 network javamode

This command specifies whether or not the switch should allow access to the Java applet in the header frame of the Web interface. When access is enabled, the Java applet can be viewed from the Web interface. When access is disabled, the user cannot view the Java applet.

Default enabled

Format network javamode

Mode Privileged EXEC

Page 70

7.2.8.1 no network javamode

This command disallows access to the Java applet in the header frame of the Web interface. When access is disabled, the user cannot view the Java applet.

Format no network javamode Mode Privileged EXEC

7.2.9 network mac-address

This command sets locally administered MAC addresses. The following rules apply:

 Bit 6 of byte 0 (called the U/L bit) indicates whether the address is universally administered

(b'0') or locally administered (b'1').



Bit 7 of byte 0 (called the I/G bit) indicates whether the destination address is an individual

address (b'0') or a group address (b'1').



The second character, of the twelve character macaddr, must be 2, 6, A or E.

A locally administered address must have bit 6 On (b'1') and bit 7 Off (b'0').

Format network mac-address <macaddr>

Mode Privileged EXEC

7.2.10 network mac-type

This command specifies whether the burned in MAC address or the locally-administered MAC address is used.

Default burned-in Format network mac-type {local | burnedin} Mode Privileged EXEC

7.2.10.1 no network mac-type

This command resets the value of MAC address to its default.

Format no network mac-type

Mode Privileged EXEC

7.2.11 network parms

This command sets the IP Address, subnet mask and gateway of the router. The IP Address and the gateway must be on the same subnet.

Format network parms <ipaddr> <netmask> [<gateway>]

Mode Privileged EXEC

Page 71

7.2.12 network protocol

This command specifies the network configuration protocol to be used. If you modify this value change is effective immediately. The parameter

bootpindicates that the switch periodically sends

requests to a Bootstrap Protocol (BootP) server or a dhcp server until a response is received.

none

indicates that the switch should be manually configured with IP information.

Default none Format network protocol {none | bootp | dhcp}

Mode Privileged EXEC

7.2.13 telnetcon maxsessions

This command specifies the maximum number of telnet connection sessions that can be established. A value of 0 indicates that no telnet connection can be established. The range is 0 to

Default 5

Format telnetcon maxsessions <0-5>

Mode Privileged EXEC

7.2.13.1 no telnetcon maxsessions

This command sets the maximum number of telnet connection sessions that can be established to the default value.

Format no telnetcon maxsessions

Mode Privileged EXEC

7.2.14 telnetcon timeout

This command sets the telnet connection session timeout value, in minutes. A session is active as long as the session has not been idle for the value set. The time is a decimal value from 1 to 160.

Note:Changing the timeout value for active sessions does not become effective until the session is reaccessed. Also, any keystroke activates the new timeout duration.

Default 5 Format

telnetcon timeout <1-160>

Mode Privileged EXEC

7.2.14.1 no telnetcon timeout

This command sets the telnet connection session timeout value to the default. Note:Changing the timeout value for active sessions does not become effective until the

session is reaccessed. Also, any keystroke activates the new timeout duration.

Page 72

Format

no telnetcon timeout

Mode Privileged EXEC

7.2.15 serial baudrate

This command specifies the communication rate of the terminal interface. The supported rates are 1200, 2400, 4800, 9600, 19200, 38400, 57600, 115200.

Default 9600 Format serial baudrate {1200 | 2400 | 4800 | 9600 | 19200 | 38400 | 57600 | 115200} Mode Line Config

7.2.15.1 no serial baudrate

This command sets the communication rate of the terminal interface.

Format no serial baudrate Mode Line Config

7.2.16 serial timeout

This command specifies the maximum connect time (in minutes) without console activity. A value of

0 indicates that a console can be connected indefinitely. The time range is 0 to 160.

Default 5

Format serial timeout <0-160>

Mode Line Config

7.2.16.1 no serial timeout

This command sets the maximum connect time (in minutes) without console activity.

Format no serial timeout

Mode Line Config

7.2.17 set prompt

This command changes the name of the prompt. The length of name may be up to 64 alphanumeric characters.

Format set prompt <prompt string>

Mode Privileged EXEC

Page 73

7.2.18 show telnet

This command displays the current outbound telnet settings.

Format show telnet Modes

Privileged EXEC User EXEC

Outbound Telnet Login Timeout (in minutes) Indicates the number of minutes an outbound

telnet session is allowed to remain inactive before being logged off. A value of 0, which is the default, results in no timeout.

Maximum Number of Outbound Telnet Sessions Indicates the number of simultaneous

outbound telnet connections allowed.

Allow New Outbound Telnet Sessions Indicates whether outbound telnet sessions will be

allowed.

7.2.19 show forwardingdb agetime

This command displays the timeout for address aging. In an IVL system, the [fdbid | all] parameter is required.

Default all Format

show forwardingdb agetime [fdbid | all]

Mode Privileged EXEC

Forwarding DB ID

Fdbid (Forwarding database ID) indicates the forwarding database whose aging timeout is to be shown. The all option is used to display the aging timeouts associated with all forwarding databases. This field displays the forwarding database ID in an IVL system.

Agetime In an IVL system, this parameter displays the address aging timeout for the associated

forwarding database.

7.2.20 show network

This command displays configuration settings associated with the switch's network interface. The network interface is the logical interface used for in-band connectivity with the switch via any of the switch's front panel ports. The configuration parameters associated with the switch's network interface do not affect the configuration of the front panel ports through which traffic is switched or routed.

Format show network Mode Privileged EXEC and User EXEC

IP Address The IP address of the interface. The factory default value is 0.0.0.0 Subnet Mask The IP subnet mask for this interface. The factory default value is 0.0.0.0 Default Gateway The default gateway for this IP interface. The factory default value is 0.0.0.0 Burned In MAC Address The burned in MAC address used for in-band connectivity. Locally Administered MAC Address If desired, a locally administered MAC address can be

configured for in-band connectivity. To take effect, 'MAC Address Type' must be set to 'Locally

Page 74

Administered'. Enter the address as twelve hexadecimal digits (6 bytes) with a colon between each byte. Bit 1 of byte 0 must be set to a 1 and bit 0 to a 0, i.e. byte 0 should have the following mask 'xxxx xx10'. The MAC address used by this bridge when it must be referred to in a unique fashion. It is recommended that this be the numerically smallest MAC address of all ports that belong to this bridge. However it is only required to be unique. When concatenated with dot1dStpPriority a unique Bridge Identifier is formed which is used in the Spanning Tree Protocol.

MAC Address Type Specifies which MAC address should be used for in-band connectivity. The

choices are the burned in or the Locally Administered address. The factory default is to use the burned in MAC address.

Network Configuration Protocol Current Indicates which network protocol is being used.

The options are bootp | dhcp | none.

Java Mode Specifies if the switch should allow access to the Java applet in the header frame.

Enabled means the applet can be viewed. The factory default is disabled.

Management VLAN ID Specifies the management VLAN ID.

7.2.21 show telnetcon

This command displays telnet settings.

Format show telnetcon Mode Privileged EXEC and User EXEC

Remote Connection Login Timeout (minutes)

This object indicates the number of minutes a remote connection session is allowed to remain inactive before being logged off. A zero means there will be no timeout. May be specified as a number from 0 to 160. The factory default is 5.

Maximum Number of Remote Connection Sessions This object indicates the number of

simultaneous remote connection sessions allowed. The factory default is 5.

Allow New Telnet Sessions Indicates that new telnet sessions will not be allowed when set

to no. The factory default value is yes.

7.2.22 show serial

This command displays serial communication settings for the switch.

Format show serial Mode Privileged EXEC and User EXEC

Serial Port Login Timeout (minutes)

Specifies the time, in minutes, of inactivity on a Serial

port connection, after which the Switch will close the connection. Any numeric value between 0 and

160 is allowed, the factory default is 5. A value of 0 disables the time-out.

Baud Rate The default baud rate at which the serial port will try to connect. The available

values are 1200, 2400, 4800, 9600, 19200, 38400,57600, and 115200 baud. The factory Default is 9600 baud.

Page 75

Character Size

The number of bits in a character. The number of bits is always 8.

Flow Control Whether Hardware Flow-Control is enabled or disabled. Hardware Flow Control is

always disabled.

Stop Bits The number of Stop bits per character. The number of Stop bits is always 1. Parity Type The Parity Method used on the Serial Port. The Parity Method is always None.

7.2.23 single_ip_mgmt enable (only for Layer 2 Series)

This command enables the single IP management function. It allows the network administrator to configure multiple switch using the same IP address, while use the group-id and switch-id to identify for each of them.

Format single_ip_mgmt enable Mode Privileged EXEC

7.2.24 single_ip_mgmt groupid (only for Layer 2 Series)

This command sets the group ID for single IP management function.

Format single_ip_mgmt groupid <1-250> Mode Privileged EXEC

7.2.25 single_ip_mgmt mastered (only for Layer 2 Series)

This command sets the master ID for single IP management function.

Format single_ip_mgmt master <1-250> Mode Privileged EXEC

7.2.26 single_ip_mgmt network_parms (only for Layer 2 Series)

This command sets the network parameters for single IP management function.

Format single_ip_mgmt network_parms <ipaddr> <netmask> [<gateway>] Mode Privileged EXEC

7.2.27 single_ip_mgmt switched (only for Layer 2 Series)

This command sets the swith id for single IP management function.

Format single_ip_mgmt switchid Mode Privileged EXEC

Page 76

7.2.28 show single_ip_mgmt (only for Layer 2 Series)

This command displays the single ip management configuration information. This function allows you to use the same IP to configure multiple switches, while identify the different devices with the configurable group ID and switch ID.

Format show single_ip_mgmt Mode Privileged EXEC

Single Ip Management Enable/Disable this function. Single Ip Mgmt Group Id

The group ID of the switch.

Single Ip Mgmt Switch Id The ID of the switch. Single Ip Mgmt Ip Address

The IP of the switch.

Single Ip Mgmt Networkmask

The network mask of the switch.

Single Ip Mgmt Gateway

The default gateway of the switch.

Single Ip Mgmt Group Members

List the member of the group.

This switch is a master switch

Describe if the switch is a master or not.

Client Switch Id(s)

Describe the Client Switch IDs.

Page 77

7.3 SNMP Community Commands

7.3.1 show snmpcommunity

This command displays SNMP community information. Six communities are supported. You can add, change, or delete communities. The switch does not have to be reset for changes to take effect.

The SNMP agent of the switch complies with SNMP Version 1 (for more about the SNMP specification, see the SNMP RFCs). The SNMP agent sends traps through TCP/IP to an external SNMP manager based on the SNMP configuration (the trap receiver and other SNMP community parameters).

Format show snmpcommunity Mode Privileged EXEC SNMP Community Name The community string to which this entry grants access. A valid

entry is a case-sensitive alphanumeric string of up to 16 characters. Each row of this table must contain a unique community name.

Client IP Address - An IP address (or portion thereof) from which this device will accept SNMP

packets with the associated community. The requesting entity's IP address is ANDed with the Subnet Mask before being compared to the IP Address.Note: that if the Sub-net Mask is set to 0.0.0.0, an IP Address of 0.0.0.0 matches all IP addresses. The default value is 0.0.0.0

Client IP Mask -A mask to be ANDed with the requesting entity's IP address before comparison

with IP Address. If the result matches with IP Address then the address is an authenticated IP address. For example, if the IP Address = 9.47.128.0 and the corresponding Subnet Mask = 255.255.255.0 a range of incoming IP addresses would match, i.e. the incoming IP Address could equal 9.47.128.0 - 9.47.128.255.

The default value is 0.0.0.0

Access Mode The access level for this community string.

Status The status of this community access entry.

7.3.2 show snmptrap

This command displays SNMP trap receivers. Trap messages are sent across a network to an SNMP Network Manager. These messages alert the manager to events occurring within the switch or on the network. Six trap receivers are simultaneously supported.

Format show snmptrap Mode Privileged EXEC SNMP Trap Name The community string of the SNMP trap packet sent to the trap manager. This

may be up to 16 alphanumeric characters. This string is case sensitive.

IP Address The IP address to receive SNMP traps from this device. Enter four numbers between

0 and 255 separated by periods.

Page 78

Status Indicates the receiver's status (enabled or disabled).

7.3.3 show trapflags

This command displays trap conditions. Configure which traps the switch should generate by enabling or disabling the trap condition. If a trap condition is enabled and the condition is detected, the switch's SNMP agent sends the trap to all enabled trap receivers. The switch does not have to be reset to implement the changes. Cold and warm start traps are always generated and cannot be disabled.

Format show trapflags Mode Privileged EXEC Authentication Flag

May be enabled or disabled. The factory default is enabled. Indicates

whether authentication failure traps will be sent.

Link Up/Down Flag May be enabled or disabled. The factory default is enabled. Indicates

whether link status traps will be sent.

Multiple Users Flag May be enabled or disabled. The factory default is enabled. Indicates

whether a trap will be sent when the same user ID is logged into the switch more than once at the same time (either via telnet or serial port).

Spanning Tree Flag May be enabled or disabled. The factory default is enabled. Indicates

whether spanning tree traps will be sent.

Broadcast Storm Flag May be enabled or disabled. The factory default is enabled.

Indicates whether broadcast storm traps will be sent.

DVMRP Traps May be enabled or disabled. The factory default is disabled. Indicates

whether DVMRP traps will be sent.

OSPF Traps May be enabled or disabled. The factory default is disabled. Indicates whether

OSPF traps will be sent.

PIM Traps May be enabled or disabled. The factory default is disabled. Indicates whether PIM

traps will be sent.

7.3.4 snmp-server community

This command adds (and names) a new SNMP community. A community name is a name associated with the switch and with a set of SNMP managers that manage it with a specified privileged level. The length of name can be up to 16 case-sensitive characters.

Note: Community names in the SNMP community table must be unique. When making multiple entries using the same community name, the first entry is kept and processed and all duplicate entries are ignored.

Default

Two default community names: Public and Private. You can replace these default

community names with unique identifiers for each community. The default values for the remaining four community names are blank.

Format

snmp-server community <name>

Page 79

Mode

Global Config

7.3.4.1 no snmp-server community

This command removes this community name from the table. The name is the community name to be deleted.

Format no snmp-server community <name>

Mode Global Config

7.3.5 snmp-server community ipaddr

This command sets a client IP address for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP mask value to denote a range of IP addresses from which SNMP clients may use that community to access the device. A value of 0.0.0.0 allows access from any IP address. Otherwise, this value is ANDed with the mask to determine the range of allowed client IP addresses. The name is the applicable community name.

Default 0.0.0.0

Format snmp-server community ipaddr <ipaddr> <name>

Mode Global Config

7.3.5.1 no snmp-server community ipaddr

This command sets a client IP address for an SNMP community to 0.0.0.0. The name is the applicable community name.

Format no snmp-server community ipaddr <name>

Mode Global Config

7.3.6 snmp-server community ipmask

This command sets a client IP mask for an SNMP community. The address is the associated community SNMP packet sending address and is used along with the client IP address value to denote a range of IP addresses from which SNMP clients may use that community to access the device. A value of 255.255.255.255 will allow access from only one station, and will use that machine's IP address for the client IP Address. A value of 0.0.0.0 will allow access from any IP address. The name is the applicable community name.

Default 0.0.0.0

Format snmp-server community ipmask <ipmask> <name>

Mode Global Config

7.3.6.1 no snmp-server community ipmask

This command sets a client IP mask for an SNMP community to 0.0.0.0. The name is the

Page 80

applicable community name. The community name may be up to 16 alphanumeric characters.

Format no snmp-server community ipmask <name>

Mode Global Config

7.3.7 snmp-server community mode

This command activates an SNMP community. If a community is enabled, an SNMP manager associated with this community manages the switch according to its access right. If the community is disabled, no SNMP requests using this community are accepted. In this case the SNMP manager associated with this community cannot manage the switch until the Status is changed back to Enable.

Default The default private and public communities are enabled by default. The four undefined

communities are disabled by default.

Format

snmp-server community mode <name>

Mode Global Config

7.3.7.1 no snmp-server community mode

This command deactivates an SNMP community. If the community is disabled, no SNMP requests using this community are accepted. In this case the SNMP manager associated with this community cannot manage the switch until the Status is changed back to Enable.

Format no snmp-server community mode <name>

Mode Global Config

7.3.8 snmp-server community ro

This command restricts access to switch information. The access mode is read-only (also called public).

Format snmp-server community ro <name>

Mode Global Config

7.3.9 snmp-server community rw

This command restricts access to switch information. The access mode is read/write (also called private).

Format snmp-server community rw <name>

Mode Global Config

7.3.10 snmp-server enable traps

This command enables the Authentication Flag.

Page 81

Default

enabled

Format snmp-server enable traps

Mode Global Config

7.3.10.1 no snmp-server enable traps

This command disables the Authentication Flag.

Format no snmp-server enable traps

Mode Global Config

7.3.11 snmp-server enable traps bcaststorm

This command enables the broadcast storm trap. When enabled, broadcast storm traps are sent

only if the broadcast storm recovery mode setting associated with the port is enabled.

Default enabled

Format snmp-server enable traps bcaststorm

Mode Global Config

7.3.11.1 no snmp-server enable traps bcaststorm

This command disables the broadcast storm trap. When enabled, broadcast storm traps are sent only if the broadcast storm recovery mode setting associated with the port is enabled .

Format no snmp-server enable traps bcas tstorm Mode Global Config

7.3.12 snmp-server enable traps linkmode

This command enables Link Up/Down traps for the entire switch. When enabled, link traps are sent only if the Link Trap flag setting associated with the port is enabled (see ‘snmp trap link-status’ command).

Default enabled

Format snmp-server enable traps linkmode

Mode Global Config

7.3.12.1 no snmp-server enable traps linkmode

This command disables Link Up/Down traps for the entire switch.

Format no snmp-server enable traps linkmode

Page 82

Mode

Global Config

7.3.13 snmp-server enable traps multiusers

This command enables Multiple User traps. When the traps are enabled, a Multiple User Trap is sent when a user logs in to the terminal interface (EIA 232 or telnet) and there is an existing terminal interface session.

Default enabled

Format snmp-server enable traps multiusers

Mode Global Config

7.3.13.1 no snmp-server enable traps multiusers

This command disables Multiple User traps.

Format no snmp-server en able traps multiusers

Mode Global Config

7.3.14 snmp-server enable traps stpmode

This command enables the sending of new root traps and topology change notification traps.

Default enabled

Format snmp-server enable traps stpmode

Mode Global Config

7.3.14.1 no snmp-server enable traps stpmode

This command disables the sending of new root traps and topology change notification traps.

Format no snmp-server enable traps stp mode

Mode Global Config

5.3.15 snmptrap

This command adds an SNMP trap name. The maximum length of name is 16 case-sensitive alphanumeric characters.

Default The default name for the six undefined community names is Delete.

Format snmptrap <name> <ipaddr>

Mode Global Config

7.3.15.1 no snmptrap

Page 83

This command deletes trap receivers for a community.

Format no snmptrap <name> <ipaddr>

Mode Global Config

7.3.16 snmptrap ipaddr

This command assigns an IP address to a specified community name. The maximum length of name is 16 case-sensitive alphanumeric characters.

Note: IP addresses in the SNMP trap receiver table must be unique. If you make multiple entries using the same IP address, the first entry is retained and processed. All duplicate entries are ignored.

Format snmptrap ipaddr <name> <ipaddrold> <ipaddrnew>

Mode Global Config

7.3.17 snmptrap mode

This command activates or deactivates an SNMP trap. Enabled trap receivers are active (able to receive traps). Disabled trap receivers are inactive (not able to receive traps).

Format snmptrap mode <name> <ipaddr>

Mode Global Config

7.3.17.1 no snmptrap mode

This command deactivates an SNMP trap. Disabled trap receivers are inactive (not able to receive traps).

Format no snmptrap mode <name> <ipaddr>

Mode Global Config

7.3.18 snmp trap link-status

This command enables link status traps by interface.

Note:This command is valid only when the Link Up/Down Flag is enabled. See ‘snmp-server enable traps linkmode’ command.

Format snmp trap link-status

Mode Interface Config

7.3.18.1 no snmp trap link-status

This command disables link status traps by interface.

Note:This command is valid only when the Link Up/Down Flag is enabled. See ‘snmp-server enable traps lin km ode’ command).

Format no snmp trap link-status

Page 84

Mode

Interface Config

7.3.19 snmp trap link-status all

This command enables link status traps for all interfaces.

Note:This command is valid only when the Link Up/Down Flag is enabled (see “snmp-server enable traps linkmode” ).

Format snmp trap link-status all Mode Global Config

7.3.19.1 no snmp trap link-status all

This command disables link status traps for all interfaces.

Note:This command is valid only when the Link Up/Down Flag is enabled (see “snmp-server enable traps linkmode” )

Format no snmp trap link-status all Mode Global Config

7.3.20 snmptrap snmpversion

This command configures SNMP trapversion for a specified community.

Format snmptrap snmpversion Mode Global Config

Page 85

7.4 Management VLAN Command

This command is used to set the Management VLAN.

7.4.1 network mgmt_vlan

This command configures the Management VLAN ID.

Default 1 Format network mgmt_vlan <1-4094> Mode Privileged EXEC

Page 86

7.5 System Configuration Commands

This chapter provides a detailed explanation of the System configuration commands. The commands are divided into two functional groups:

 Show commands display switch settings, statistics, and other information.  Configuration commands configure features and options of the switch. For every

configuration command, there is a show command that displays the configuration setting.

7.5.1 addport

This command adds one port to the port-channel (LAG). The first interface is a logical unit, slot and port number of a configured port-channel.

Note: Before adding a port to a port-channel, set the physical mode of the port. See ‘speed’ command.

Format addport <logical unit/slot/port> Mode Interface Config

7.5.2 cablestatus

This command tests the status of the cable attached to an interface.

Format cablestatus <unit/slot/port>

Mode Privileged EXEC

7.5.3 auto-negotiate

This command enables automatic negotiation on a port. The default value is enable.

Format auto-negotiate

Mode Interface Config

7.5.3.1 no auto-negotiate

This command disables automatic negotiation on a port.

Note: Automatic sensing is disabled when automatic negotiation is disabled.

Format no auto-negotiate

Mode Interface Config

7.5.4 auto-negotiate all

This command enables automatic negotiation on all ports. The default value is enable.

Page 87

Format

auto-negotiate al

Mode Global Config

7.5.4.1 no auto-negotiate all

This command disables automatic negotiation on all ports.

Format no auto-negotiate all

Mode Global Config

7.5.5 deleteport (Interface Config)

This command deletes the port from the port-channel (LAG). The interface is a logical unit, slot and port slot and port number of a configured port-channel.

Format deleteport <logical unit/slot/port> Mode Interface Config

7.5.6 deleteport (Global Config)

This command deletes all configured ports from the port-channel (LAG). The interface is a logical unit, slot and port slot and port number of a configured port-channel.

Format deleteport {<logical unit/slot/port> | all}

Mode Global Config

7.5.7 monitor session mode

This command configures the monitor session (port monitoring) mode to enable. The probe and monitored ports must be configured before monitor session (port monitoring) can be enabled. If enabled, the probe port will monitor all traffic received and transmitted on the physical monitored port. It is not necessary to disable port monitoring before modifying the probe and monitored ports.

A session is operationally active if and only if both a destination port and at least one source port is configured. If neither is true, the session is inactive.

A port configured as a destination port acts as a mirroring port when the session is operationally active. If it is not, the port acts as a normal port and participates in all normal operation with respect to transmitting traffic.

Default disabled Format monitor session mode Mode Global Config

7.5.7.1 no monitor session mode

Page 88

This command sets the monitor session (port monitoring) mode to disable.

Format no monitor session mode

Mode Global Config

7.5.8 monitor session 1 source interface

This command adds a mirrored port (source port) to a session identified with <session-id>. Note: The <session-id> parameter is an integer value used to identify the session. In the current

version of the software, the <session-id> parameter is always 1.

Default None Format monitor session <session-id> source interface <unit/slot/port> Mode Global config

7.5.8.1 no monitor session 1 source interface

This command removes the specified mirrored port (source port) from the session. Note: The <session-id> parameter is an integer value used to identify the session. In the current

version of the software, the <session-id> parameter is always 1.

Format no monitor session <session-id> source interface <unit/slot/port> Mode Global config

7.5.9 shutdown

This command disables a port.

Default enabled

Format shutdown

Mode Interface Config

7.5.9.1 no shutdown

This command enables a port.

Format no shutdown

Mode Interface Config

Page 89

7.5.10 shutdown all

This command disables all ports.

Default enabled

Format

shutdown all

Mode Global Config

7.5.10.1 no shutdown all

This command enables all ports.

Format no shutdown all

Mode Global Config

7.5.11 speed

This command sets the speed and duplex setting for the interface.

Format speed {<100 | 10> <half-duplex | full-duplex>} Mode Interface Config

Acceptable values are:

100h 100BASE-T half duplex

100f 100BASE-T full duplex 10h 10BASE-T half duplex 10f 10BASE-T full duplex

7.5.12 speed all

This command sets the speed and duplex setting for all interfaces.

Format speed all {<100 | 10> <half-duplex | full-duplex>} Mode Global Config

Acceptable values are:

100h 100BASE-T half-duplex 100f 100BASE-T full duplex 10h

10BASE-T half duplex

10f

10BASE-T full duplex

Page 90

7.5.13 switchport protected all

This command sets protected mode for all interfaces.

Format switch protected all

Mode Global Config

7.5.13.1 no switchport protected all

This command disables the protect mode for all interfaces.

Format no switchport protected all Mode Global Config

7.5.14 switchport protected

This command enables protected mode for the interface.

Format switchport protected Modes

Interface Config

7.5.14.1 no switchport protected

This command disables protected mode for the interface.

Format no switchport protected Modes

Interface Config

7.5.15 storm-control broadcast

This command enables broadcast storm recovery mode. If the mode is enabled, broadcast storm recovery with high and low thresholds is implemented.

The threshold implementation follows a percentage pattern. If the broadcast traffic on any Ethernet port exceeds the high threshold percentage (as represented in “Broadcast Storm Recovery Thresholds” table) of the link speed, the switch discards the broadcasts traffic until the broadcast traffic returns to the low threshold percentage or less. The full implementation is depicted in the “Broadcast Storm Recovery Thresholds” table.

Table 11. Broadcast Storm Recovery Thresholds

Link Speed

High

Low

10M

100M

1000M 5 2

Format storm-control broadcast

Mode Global Config

Page 91

7.5.15.1 no storm-control broadcast

This command disables broadcast storm recovery mode.

Table 12. Broadcast Storm Recovery Thresholds

Link Speed

High

Low

10M

100M 5 2

1000M

Format no storm-control broadcast

Mode Global Config

7.5.16 storm-control flowcontrol

This command enables 802.3x flow control for the switch.

Note: 802.3x flow control works by pausing a port when the port becomes oversubscribed

and dropping all traffic for small bursts of time during the congestion condition. This can lead to high-priority and/or network control traffic loss.

Note: This command only applies to full-duplex mode ports.

Default disabled Format storm-control flowcontrol Mode Global Config

7.5.16.1 no storm-control flowcontrol

This command disables 802.3x flow control for the switch.

Note: This command only applies to full-duplex mode ports.

Format no storm-control flowcontrol Mode Global Config

7.5.17 storm-control action shotdown

This command shotdowns the interface.

Format storm-control action shotdown Mode interface config

Page 92

7.5.18 storm-control action trap

This command generates a trap when storm occurs.

Format storm-control action trap Mode interface config

7.5.19 storm-control action trap-shotdown

This command shotdowns and generates a trap when storm occurs.

Format storm-control action trap-shotdown Mode interface config

7.5.20 storm-control mode broadcast

This command enables broadcast storm-control feature.

Format storm-control mode broadcast Mode interface config

7.5.20.1 no storm-control mode broadcast

This command disables broadcast storm-control feature.

Format no storm-control mode broadcast Mode interface config

7.5.21 storm-control mode multicast

This command enables multicast storm-control feature.

Format storm-control mode multicast Mode interface config

7.5.21.1 no storm-control mode multicast

This command disables multicast storm-control feature.

Format no storm-control mode multicast Mode interface config

7.5.22 storm-control mode unicast

This command enables unicast storm-control feature.

Format storm-control mode unicast Mode interface config

7.5.22.1 no storm-control mode unicast

Page 93

This command disables unicast storm-control feature.

Format no storm-control mode unicast Mode interface config

7.5.23 storm-control level

This command configures the threshold level.

Format storm-control level <level> Mode interface config

7.5.24 storm-control recovery-time

This command sets the recovery time for storm control.

Format storm control recovery-time <time> Mode Privileged EXEC

7.5.25 show mac-address-table multicast

This command displays the Multicast Forwarding Database (MFDB) information. If the command is entered with no parameter, the entire table is displayed. This is the same as entering the optional

all parameter. The user can display the table entry for one MAC Address by specifying the MAC

address as an optional parameter.

Format show mac-address-table multicast <macaddr | all> Mode Privileged EXEC

Mac Address

A multicast MAC address for which the switch has forwarding and or filtering information. The format is two-digit hexadecimal numbers that are separated by colons, for example 01:23:45:67:89:AB. In an IVL system the MAC address will be displayed as a MAC address and VLAN ID combination of 8 bytes.

Type This displays the type of the entry. Static entries are those that are configured by the end user.

Dynamic entries are added to the table as a result of a learning process or protocol.

Component The component that is responsible for this entry in the Multicast Forwarding Database.

Possible values are IGMP Snooping, GMRP, and Static Filtering.

Description The text description of this multicast table entry.

Interfaces The list of interfaces that are designated for forwarding (Fwd:) and filtering (Flt:).

Forwarding Interfaces The resultant forwarding list is derived from combining all the component’s for-

warding interfaces and removing the interfaces that are listed as the static filtering interfaces.

Page 94

7.5.26 show mac-address-table static

This command displays the Static MAC Filtering information for all Static MAC Filters. If <all> is selected, all the Static MAC Filters in the system are displayed. If a macaddr is entered, a vlan must also be entered and the Static MAC Filter information will be displayed only for that MAC address and VLAN.

Format show mac-address-table static {<macaddr> <vlanid> | all}

Mode Privileged EXEC

MAC Address Is the MAC Address of the static MAC filter entry.

VLAN ID Is the VLAN ID of the static MAC filter entry.

Source Port(s) Indicates the source port filter set's slot and port(s).

Destination Port(s) Indicates the destination port filter set's slot and port(s).

7.5.27 show mac-address-table stats

This command displays the Multicast Forwarding Database (MFDB) statistics.

Format show mac-address-table stats Mode Privileged EXEC

Total Entries This displays the total number of entries that can possibly be in the Multicast Forwarding

Database table.

Most MFDB Entries Ever Used This displays the largest number of entries that have been present

in the Multicast Forwarding Database table. This value is also known as the MFDB high-water mark.

Current Entries This displays the current number of entries in the Multicast Forwarding Database table.

7.5.28 show monitor session

This command displays the Port monitoring information for a particular mirroring session. Note: The <session-id> parameter is an integer value used to identify the session. In the current

version of the software, the <session-id> parameter is always 1.

Format show monitor session <session-id> Mode Privileged EXEC

The following is the explanation of the output parameters for this command:

Page 95

Session ID It is an integer value used to identify the session. Its value can be anything

between 1 and L7_MIRRORING_MAX_SESSIONS. Monitor Session Mode It indicates whether the Port Mirroring feature is enabled or disabled for

the session identified with <session-id>. The possible values are Enabled

and Disabled. Probe Port It is the probe port (destination port) for the session identified with <session-

id>. If probe port is not set then this field is blank. List of source Ports It is the list of ports, which are configured as mirrored ports (source ports)

for the session identified with <session-id>. If no source port is configured

for the session then this field is blank.

7.5.29 show port

This command displays port information.

Format show port {<unit/slot/port> | all}

Mode Privileged EXEC

Unit/Slot/Port Valid unit, slot and port number separated by forward slashes. Type If not blank, this field indicates that this port is a special type of port. The possible values

are:

Mon - this port is a monitoring port. Look at the Port Monitoring screens to find out more information.

Lag - this port is a member of a port-channel (LAG). Probe - this port is a probe port.

Admin Mode Selects the Port control administration state. The port must be

enabled in order for it to be allowed into the network. - May be enabled or disabled. The factory default is enabled.

Physical Mode Selects the desired port speed and duplex mode. If auto-negotiation support is selected, then the duplex mode and speed will be set from the auto-negotiation process. Note that the port's maximum capability (full duplex -100M) will be advertised. Otherwise, this object will determine the port's duplex mode and transmission rate. The factory default is Auto.

Physical Status Indicates the port speed and duplex mode. Link Status Indicates whether the Link is up or down.

Link Trap This object determines whether or not to send a trap when link status changes. The

factory default is enabled.

Page 96

LACP Mode Displays whether LACP is enabled or disabled on this port.

7.5.30 show port protocol

This command displays the Protocol-Based VLAN information for either the entire system, or for the

indicated Group.

Format show port protocol <groupid | all> Mode Privileged EXEC

Group Name This field displays the group name of an entry in the Protocol-based VLAN table. Group ID This field displays the group identifier of the protocol group. Protocol(s) This field indicates the type of protocol(s) for this group. VLAN This field indicates the VLAN associated with this Protocol Group. Interface(s)

This field lists the unit/slot/port interface(s) that are associated with this Protocol Group.

7.5.31 show storm-control

This command displays switch configuration information.

Format show storm-control Mode Privileged EXEC

Broadcast Storm Recovery Mode May be enabled or disabled. The factory default is

disabled.

802.3x Flow Contr o l Mo de May be enabled or disabled. The factory default is disabled.

7.5.32 show interface protected

This command displays the protected port configuration.

Format port-security allow Modes Privileged EXEC

Page 97

7.6 Virtual LAN (VLAN) Commands

7.6.1 vlanset

This command is a batch command to set VLAN for multi-ports. For example, we have command executed below, vlanset 0/1 - 0/9 tagged basevid 3 vlantrunk 0/5

it means, totol have 9 vlans been created, and starts from vid 3, each vlan has two tagged member ports, please see below,

vid 3 = 0/1, 0/5 (both ports are tagged ports, 0/5 is vlantrunk port) vid 4 = 0/2, 0/5 (both ports are tagged ports, 0/5 is vlantrunk port) vid 5 = 0/3, 0/5 (both ports are tagged ports, 0/5 is vlantrunk port) vid 6 = 0/4, 0/5 (both ports are tagged ports, 0/5 is vlantrunk port) vid 7 = 0/5, 0/5 (both ports are tagged ports, 0/5 is vlantrunk port) vid 8 = 0/6, 0/5 (both ports are tagged ports, 0/5 is vlantrunk port) vid 9 = 0/7, 0/5 (both ports are tagged ports, 0/5 is vlantrunk port) vid 10 = 0/8, 0/5 (both ports are tagged ports, 0/5 is vlantrunk port) vid 11 = 0/9, 0/5 (both ports are tagged ports, 0/5 is vlantrunk port)

Format vlanset <slot/port> - <slot/port> {tagged|untagged} basepvid <1-4093> vlantrunk <slot/port>

Mode Global Config

7.6.2 vlan

This command creates a new VLAN and assigns it an ID. The ID is a valid VLAN identification number (ID 1 is reserved for the default VLAN). VLAN range is 2-4094.

Format vlan <2-4094> Mode VLAN database

7.6.2.1 no vlan

This command deletes an existing VLAN. The ID is a valid VLAN identification number (ID 1 is reserved for the default VLAN). VLAN range is 2-4094.

Format no vlan <2-4094> Mode VLAN database

7.6.3 vlan acceptframe

This command sets the frame acceptance mode per interface. For VLAN Only mode, untagged frames or priority frames received on this interface are discarded. For Admit All mode, untagged frames or priority frames received on this interface are accepted and assigned the value of the

Page 98

interface VLAN ID for this port. With either option, VLAN tagged frames are forwarded in accordance with the IEEE 802.1Q VLAN Specification.

Default admit all Format vlan acceptframe <vlanonly | all> Mode Interface Config

7.6.3.1 no vlan acceptframe

This command sets the frame acceptance mode per interface to Admit All. For Admit All mode, untagged frames or priority frames received on this interface are accepted and assigned the value of the interface VLAN ID for this port. With either option, VLAN tagged frames are forwarded in accordance with the IEEE 802.1Q VLAN Specification.

Format vlan acceptframe <vlanonly | all> Mode Interface Config

7.6.4 vlan ingressfilter

This command enables ingress filtering. If ingress filtering is disabled, frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN.

Default disabled Format vlan ingressfilter Mode Interface Config

7.6.4.1 no vlan ingressfilter

This command disables ingress filtering. If ingress filtering is disabled, frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN.

Format no vlan ingressfilter Mode Interface Config

7.6.5 vlan makestatic

This command changes a dynamically created VLAN (one that is created by GVRP registration) to a static VLAN (one that is permanently configured and defined). The ID is a valid VLAN identification number. VLAN range is 2-4094.

Format vlan makestatic <2-4094>

Mode VLAN database

Page 99

7.6.6 vlan name

This command changes the name of a VLAN. The name is an alphanumeric string of up to 32 characters, and the ID is a valid VLAN identification number. ID range is 14094.

Default The name for VLAN ID 1 is always Default. The name for other VLANs is defaulted to a

blank string.

Format vlan name <2-4094> <name>

Mode VLAN data base

7.6.6.1 no vlan name

This command sets the name of a VLAN to a blank string. The VLAN ID is a valid VLAN identification number. ID range is 1-4094.

Format no vlan name <2-4094> Mode VLAN database

7.6.7 vlan participation

This command configures the degree of participation for a specific interface in a VLAN. The ID is a valid VLAN identification number, and the interface is a valid interface number

Format vlan participation <exclude | include | auto> <1-4094> Mode Interface Config

Participation options are:

include The interface is always a member of this VLAN. This is equivalent to registration fixed. exclude The interface is never a member of this VLAN. This is equivalent to registration for-

bidden.

auto

The interface is dynamically registered in this VLAN by GVRP. The interface will not participate in this VLAN unless a join request is received on this interface. This is equivalent to registration normal.

7.6.8 vlan participation all

This command configures the degree of participation for all interfaces in a VLAN. The ID is a valid VLAN identification number

Format vlan participation all <exclude | include | auto> <1-4094> Mode Global Config

Participation options are:

include The interface is always a member of this VLAN. This is equivalent to registration fixed. exclude

The interface is never a member of this VLAN. This is equivalent to registration for-

bidden.

Page 100

auto

7.6.9 vlan port acceptframe all

This command sets the frame acceptance mode for all interfaces. For VLAN Only mode, untagged frames or priority frames received on this interface are discarded. For Admit All mode, untagged frames or priority frames received on this interface are accepted and assigned the value of the interface VLAN ID for this port. With either option, VLAN tagged frames are forwarded in accordance with the IEEE 802.1Q VLAN Specification.

Default admit all Format vlan port acceptframe all <vlanonly | all> Mode Global Config

7.6.9.1 no vlan port acceptframe all

This command sets the frame acceptance mode for all interfaces to Admit All. For Admit All mode, untagged frames or priority frames received on this interface are accepted and assigned the value of the interface VLAN ID for this port. With either option, VLAN tagged frames are forwarded in accordance with the IEEE 802.1Q VLAN Specification.

Format no vlan port acceptframe all Mode Global Config

7.6.10 vlan port ingressfilter all

This command enables ingress filtering for all ports. If ingress filtering is disabled, frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN.

Default disabled Format vlan port ingressfilter all Mode Global Config

7.6.10.1 no vlan port ingressfilter all

This command disables ingress filtering for all ports. If ingress filtering is disabled, frames received with VLAN IDs that do not match the VLAN membership of the receiving interface are admitted and forwarded to ports that are members of that VLAN.

Format no vlan port ingressfilter all Mode Global Config

Digitus DN-80233 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual