DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
1. |
|
Introduction...................................................................................................................................................................... |
1 |
2. |
|
Basic CLI Commands ................................................................................................................................................... |
10 |
3. |
|
802.1X Commands........................................................................................................................................................ |
24 |
4. |
Access Control List (ACL) Commands.......................................................................................................................... |
38 |
|
5. |
|
Access Management Commands ................................................................................................................................. |
68 |
6. |
ARP Spoofing Prevention Commands.......................................................................................................................... |
85 |
|
7. |
|
Asymmetric VLAN Commands...................................................................................................................................... |
87 |
8. |
Authentication, Authorization, and Accounting (AAA) Commands ............................................................................... |
88 |
|
9. |
|
Basic IPv4 Commands................................................................................................................................................ |
113 |
10. |
Basic IPv6 Commands ............................................................................................................................................. |
120 |
|
11. |
Cable Diagnostics Commands................................................................................................................................. |
129 |
|
12. |
Command Logging Commands ............................................................................................................................... |
132 |
|
13. |
Debug Commands ................................................................................................................................................... |
133 |
|
14. |
DHCP Auto-Configuration Commands..................................................................................................................... |
145 |
|
15. |
DHCP Client Commands.......................................................................................................................................... |
147 |
|
16. |
DHCP Relay Commands.......................................................................................................................................... |
151 |
|
17. |
DHCP Snooping Commands ................................................................................................................................... |
172 |
|
18. |
DHCPv6 Client Commands...................................................................................................................................... |
191 |
|
19. |
DHCPv6 Guard Commands..................................................................................................................................... |
194 |
|
20. |
DHCPv6 Relay Commands...................................................................................................................................... |
198 |
|
21. |
Digital Diagnostics Monitoring (DDM) Commands................................................................................................... |
204 |
|
22. |
D-Link Discovery Protocol (DDP) Client Commands ............................................................................................... |
213 |
|
23. |
Domain Name System (DNS) Commands............................................................................................................... |
216 |
|
24. |
DoS Prevention Commands..................................................................................................................................... |
223 |
|
25. |
Dynamic ARP Inspection Commands ...................................................................................................................... |
227 |
|
26. |
Error Recovery Commands...................................................................................................................................... |
241 |
|
27. |
File System Commands ........................................................................................................................................... |
245 |
|
28. |
Filter Database (FDB) Commands........................................................................................................................... |
251 |
|
29. |
GARP VLAN Registration Protocol (GVRP) Commands ......................................................................................... |
264 |
|
30. |
Gratuitous ARP Commands..................................................................................................................................... |
272 |
|
31. |
IGMP Snooping Commands .................................................................................................................................... |
275 |
|
32. |
Interface Commands ................................................................................................................................................ |
291 |
|
33. |
IP Source Guard Commands ................................................................................................................................... |
305 |
|
34. |
IP Utility Commands................................................................................................................................................. |
311 |
|
35. |
IP-MAC-Port Binding (IMPB) Commands ................................................................................................................ |
313 |
|
36. |
IPv6 Snooping Commands....................................................................................................................................... |
317 |
|
37. |
IPv6 Source Guard Commands ............................................................................................................................... |
322 |
|
38. |
Japanese Web-based Access Control (JWAC) Commands.................................................................................... |
328 |
ii
|
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide |
|
39. |
Jumbo Frame Commands........................................................................................................................................ |
340 |
40. |
Link Aggregation Control Protocol (LACP) Commands ........................................................................................... |
341 |
41. |
Link Layer Discovery Protocol (LLDP) Commands.................................................................................................. |
348 |
42. |
Loopback Detection (LBD) Commands.................................................................................................................... |
378 |
43. |
MAC Authentication Commands .............................................................................................................................. |
384 |
44. |
Mirror Commands..................................................................................................................................................... |
388 |
45. |
MLD Snooping Commands ...................................................................................................................................... |
392 |
46. |
Multiple Spanning Tree Protocol (MSTP) Commands ............................................................................................. |
409 |
47. |
Neighbor Discovery (ND) Inspection Commands .................................................................................................... |
418 |
48. |
Network Access Authentication Commands ............................................................................................................ |
422 |
49. |
Port Security Commands ......................................................................................................................................... |
436 |
50. |
Power over Ethernet (PoE) Commands................................................................................................................... |
443 |
51. |
Power Saving Commands........................................................................................................................................ |
456 |
52. |
Protocol Independent Commands............................................................................................................................ |
462 |
53. |
Quality of Service (QoS) Commands ....................................................................................................................... |
468 |
54. |
Remote Network MONitoring (RMON) Commands ................................................................................................. |
502 |
55. |
Router Advertisement (RA) Guard Commands........................................................................................................ |
510 |
56. |
Safeguard Engine Commands ................................................................................................................................. |
514 |
57. |
Secure Shell (SSH) Commands............................................................................................................................... |
521 |
58. |
Secure Sockets Layer (SSL) Commands ................................................................................................................ |
529 |
59. |
Simple Network Management Protocol (SNMP) Commands .................................................................................. |
537 |
60. |
Single IP Management (SIM) Commands................................................................................................................ |
559 |
61. |
Spanning Tree Protocol (STP) Commands.............................................................................................................. |
570 |
62. |
Stacking Commands ................................................................................................................................................ |
583 |
63. |
Storm Control Commands........................................................................................................................................ |
588 |
64. |
Surveillance VLAN Commands................................................................................................................................ |
594 |
65. |
Switch Port Commands............................................................................................................................................ |
600 |
66. |
System File Management Commands ..................................................................................................................... |
605 |
67. |
System Log Commands........................................................................................................................................... |
616 |
68. |
Time and SNTP Commands .................................................................................................................................... |
625 |
69. |
Time Range Commands .......................................................................................................................................... |
632 |
70. |
Traffic Segmentation Commands............................................................................................................................. |
635 |
71. |
Virtual LAN (VLAN) Commands............................................................................................................................... |
637 |
72. |
Voice VLAN Commands........................................................................................................................................... |
648 |
73. |
Web Authentication Commands............................................................................................................................... |
656 |
Appendix A - System Log Entries ....................................................................................................................................... |
661 |
|
Appendix B - Trap Entries ................................................................................................................................................... |
685 |
|
Appendix C - RADIUS Attributes Assignment..................................................................................................................... |
695 |
|
Appendix D - IETF RADIUS Attributes Support .................................................................................................................. |
698 |
iii
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
This manual’s command descriptions are based on the software release 1.00. The commands listed here are the subset of commands that are supported by the DGS-1510 Series SmartPro Switch.
This CLI Reference Guide is intended for network administrators and other IT networking professionals responsible for managing the switch by using the Command Line Interface (CLI). The CLI is the primary management interface to the DGS-1510 Series SmartPro Switch, which will be generally be referred to simply as “the Switch” within this manual. This manual is written in a way that assumes that you already have the experience and knowledge of Ethernet and modern networking principles for Local Area Networks.
The documents below are a further source of information in regards to configuring and troubleshooting the Switch. All the documents are available from the CD bundled with this switch, or from the D-Link website. Other documents related to the Switch are:
•DGS-1510 Series Gigabit Ethernet SmartPro Switch Hardware Installation Guide
•DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide
|
Convention |
Description |
|
|
|
|
Boldface Font |
Commands, command options and keywords are printed in boldface. |
|
|
Keywords, in the command line, are to be entered exactly as they are |
|
|
displayed. |
|
|
|
|
UPPERCASE ITALICS Font |
Parameters or values that must be specified are printed in |
|
|
UPPERCASE ITALICS. Parameters in the command line are to be |
|
|
replaced with the actual values that are desired to be used with the |
|
|
command. |
|
|
|
|
Square Brackets [ ] |
Square brackets enclose an optional value or set of optional |
|
|
arguments. |
|
|
|
|
Braces { } |
Braces enclose alternative keywords separated by vertical bars. |
|
|
Generally, one of the keywords in the separated list can be chosen. |
|
Vertical Bar | |
Optional values or arguments are enclosed in square brackets and |
|
|
separated by vertical bars. Generally, one or more of the vales or |
|
|
arguments in the separated list can be chosen. |
|
|
|
|
|
This convention is used to represent an example of a screen console |
|
Blue Courier Font |
|
|
|
display including example entries of CLI command input with the |
|
|
corresponding output. All examples used in this manual are based on |
|
|
the DGS-1510-28P switch. |
|
|
|
|
|
|
Below are examples of the three types of indicators used in this manual. When administering your switch using the information in this document, you should pay special attention to these indicators. Each example below provides an explanatory remark regarding each type of indicator.
1
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
NOTE: A note indicates important information that helps you make better use of your device.
NOTICE: A notice indicates either potential damage to hardware or loss of data and tells you how to avoid the problem.
CAUTION: A caution indicates a potential for property damage, personal injury, or death.
The information pertaining to each command in this reference guide is presented using a number of template fields. The fields are:
•Description - This is a short and concise statement describing the commands functionality.
•Syntax - The precise form to use when entering and issuing the command.
•Parameters - A table where each row describes the optional or required parameters, and their use, that can be issued with the command.
•Default - If the command sets a configuration value or administrative state of the Switch then any default settings (i.e. without issuing the command) of the configuration is shown here.
•Command Mode - The mode in which the command can be issued. These modes are described in the section titled “Command Modes” below.
•Command Default Level – The user privilege level in which the command can be issued.
•Usage Guideline - If necessary, a detailed description of the command and its various utilization scenarios is given here.
•Example(s) - Each command is accompanied by a practical example of the command being issued in a suitable scenario.
There are several command modes available in the command-line interface (CLI). The set of commands available to the user depends on both the mode the user is currently in and their privilege level. For each case, the user can see all the commands that are available in a particular command mode by entering a question mark (?) at the system prompt.
The command-line interface has five pre-defined privilege levels:
•Basic User - Privilege Level 1. This user account level has the lowest priority of the user accounts. The purpose of this type of user account level is for basic system checking.
•Advanced User - Privilege Level 3. This user account level is allowed to configure the terminal control setting. This user account can only show limited information that is not related to security.
•Power User - Privilege 8. This user account level can execute fewer commands than operator, including configuration commands other than the operator level and administrator level commands.
•Operator - Privilege Level 12. This user account level is used to grant system configuration rights for users who need to change or monitor system configuration, except for security related information such as user accounts and SNMP account settings, etc.
2
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
•Administrator - Privilege Level 15. This administrator user account level can monitor all system information and change any of the system configuration settings expressed in this configuration guide.
The command-line interface has a number of command modes. There are three basic command modes:
•User EXEC Mode
•Privileged EXEC Mode
•Global Configuration Mode
All other sub-configuration modes can be accessed via the Global Configuration Mode.
When a user logs in to the Switch, the privilege level of the user determines the command mode the user will enter after initially logging in. The user will either log into User EXEC Mode or the Privileged EXEC Mode.
•Users with a basic user level will log into the Switch in the User EXEC Mode.
•Users with advanced user, power-user, operator or administrator level accounts will log into the Switch in the Privileged EXEC Mode.
Therefore, the User EXEC Mode can operate at a basic user level and the Privileged EXEC Mode can operate at the advanced user, power-user, operator, or administrator levels. The user can only enter the Global Configuration Mode from the Privileged EXEC Mode. The Global Configuration Mode can be accessed by users who have operator or administrator level user accounts.
As for sub-configuration modes, a subset of those can only be accessed by users who have the highest secure administrator level privileges.
The following table briefly lists the available command modes. Only the basic command modes and some of the sub-configuration modes are enumerated. The basic command modes and basic sub-configuration modes are further described in the following chapters. Descriptions for the rest of the sub-configuration modes are not provided in this section. For more information on the additional sub-configuration modes, the user should refer to the chapters relating to these functions.
The available command modes and privilege levels are described below:
Command Mode/ |
Purpose |
Privilege Level |
|
|
|
User EXEC Mode / |
This level has the lowest priority of the user accounts. It is provided only |
Basic User level |
to check basic system settings. |
|
|
Privileged EXEC Mode / |
This level is allowed to configure the terminal control setting. This user |
Advanced User level |
account can only show limited information that is not related to security. |
|
|
Privileged EXEC Mode / |
This level can execute less commands than operator, include the |
Power User level |
configure commands other than the operator level and administrator |
|
level commands. |
Privileged EXEC Mode / Operator level
For changing both local and global terminal settings, monitoring, and performing certain system administration tasks. The system administration tasks that can be performed at this level except for any security related information.
|
Privileged EXEC Mode / |
This level is identical to privileged EXEC mode at the operator level, |
|
|
|
|
|
|
|
|
|
|
|
|
|
3
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
|
|
Administrator level |
except that a user at the administrator level can monitor and clear |
|
security related settings. |
Global Configuration Mode / Operator level
For applying global settings, except for security related settings, on the entire switch. In addition to applying global settings on the entire switch, the user can access other sub-configuration modes from global configuration mode.
Global Configuration Mode / |
For applying global settings on the entire switch. In addition to applying |
Administrator level |
global settings on the entire switch, the user can access other sub- |
|
configuration modes from global configuration mode. |
Interface Configuration Mode |
For applying interface related settings. |
/ Administrator level |
|
VLAN Interface Configuration |
For applying VLAN interface related settings. |
Mode |
|
|
|
VLAN Configuration Mode |
For applying settings to a VLAN. |
|
|
IP Access-List Configuration |
For specifying filtering criteria for an IP access list. |
Mode |
|
|
|
This command mode is mainly designed for checking basic system settings. This command mode can be entered by logging in as a basic user.
This command mode is mainly designed for checking basic system settings, allowing users to change the local terminal session settings and carrying out basic network connectivity verification. One limitation of this command mode is that it cannot be used to display information related to security. This command mode can be entered by logging in as an advanced user.
User logged into the Switch in privileged EXEC mode at this level can execute fewer commands than operator, including the configuration commands other than the operator level and administrator level commands. The method to enter privileged EXEC mode at power user level is to login to the Switch with a user account that has a privileged level of 8.
Users logged into the Switch in privileged EXEC mode at this level can change both local and global terminal settings, monitor, and perform system administration tasks (except for security related information). The method to enter privileged EXEC mode at operator level is to login to the Switch with a user account that has a privilege level of 12.
This command mode has a privilege level of 15. Users logged in with this command mode can monitor all system information and change any system configuration settings mentioned in this Configuration Guide. The method to enter privileged EXEC mode at administrator level is to login to the Switch with a user account that has a privilege level of 15.
The primary purpose of the global configuration mode is to apply global settings on the entire switch. Global configuration mode can be accessed at operator or administrator level user accounts. However, security related settings are not accessible at operator user account. In addition to applying global settings on the entire switch, the user can also access other sub-configuration modes. In order to access the global configuration mode, the user must be logged in with the corresponding account level and use the configure terminal command in the privileged EXEC mode.
In the following example, the user is logged in as an Administrator in the Privileged EXEC Mode and uses the configure terminal command to access the Global Configuration Mode:
4
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
Switch# configure terminal
Switch(config)#
The exit command is used to exit the global configuration mode and return to the privileged EXEC mode.
Switch(config)# exit Switch#
The procedures to enter the different sub-configuration modes can be found in the related chapters in this Configuration Guide. The command modes are used to configure the individual functions.
Interface configuration mode is used to configure the parameters for an interface or a range of interfaces. An interface can be a physical port, VLAN, or other virtual interface. Thus, interface configuration mode is distinguished further according to the type of interface. The command prompt for each type of interface is slightly different.
VLAN interface configuration mode is one of the available interface modes and is used to configure the parameters of a VLAN interface.
To access VLAN interface configuration mode, use the following command in global configuration mode:
Switch(config)# interface vlan 1 Switch(config-if)#
By default, there is no user account created on this switch. For security reasons, it is highly recommended to create user accounts to manage and control access to this switch’s interface. This section will assist a user with creating a user account by means of the Command Line Interface.
Observe the following example.
Switch>enable
Switch#configure terminal
Switch(config)#username admin password admin
Switch(config)#username admin privilege 15
Switch(config)#line console
Switch(config-line)#login local
Switch(config-line)#
In the above example we had to navigate and access the username command.
•Starting in the User EXEC Mode we enter the command enable to access the Privileged EXEC Mode.
•After accessing the Privileged EXEC Mode, we entered the command configure terminal to access the Global Configuration Mode. The username command can be used in the Global Configuration Mode.
•The command username admin password admin creates a user account with the username of admin and a password of admin.
•The command username admin privilege 15 assigns a privilege level value of 15 to the user account admin.
•The command line console allows us to access the console interface’s Line Configuration Mode.
5
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
•The command login local tell the Switch that users need to enter locally configured login credentials to access the console interface.
Save the running configuration to the start-up configuration. This means to save the changes made so that when the Switch is rebooted, the configuration will not be lost. The following example shows how to save the running configuration to the start-up configuration.
Switch#copy running-config startup-config Destination filename startup-config? [y/n]: y Saving all configurations to NV-RAM.......... Done. Switch#
After the Switch was rebooted, or when the users logs out and back in, the newly created username and password must be entered to access the CLI interface again, as seen below.
DGS-1510-28P Gigabit Ethernet SmartPro Switch
Command Line Interface
Firmware: Build 1.00.016
Copyright(C) 2014 D-Link Corporation. All rights reserved.
User Access Verification
Username:admin
Password:*****
Switch#
When configuration the physical ports available on this switch, a specific interface notation is used. The following will explain the layout, terminology and use of this notation.
In the following example, we’ll enter the Global Configuration Mode and then enter the Interface Configuration Mode, using the notation 1/0/1. After entering the Interface Configuration Mode for port 1, we’ll change the speed to 1 Gbps, using the speed 1000 command.
Switch# configure terminal Switch(config)# interface Ethernet 1/0/1 Switch(config-if)# speed 1000 Switch(config-if)#
In the above example the notation 1/0/1 was used. The terminology for each parameter is as follows:
•Interface Unit’s ID / Open Slot’s ID / Port’s ID
The Interface Unit’s ID is the ID of the stacking unit without the physical stack. If stacking is disabled or this unit is a stand-alone unit, then this parameter is irrelevant. The Open Slot’s ID is the ID of the module plugged into the open module slot of the Switch. The DGS-1510 Series doesn’t support any open
6
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
modules slots, thus this parameters will always by zero for this switch series. Lastly, the Port’s ID is the physical port number of the port being configured.
In summary the above example will configure the stacked switch with the ID of 1, with the open slot ID of 0, and the physical port number 1.
When the users issue a command that the Switch does not recognize, error messages will be generated to assist users with basic information about the mistake that was made. A list of possible error messages are found in the table below.
Error Message |
Meaning |
|
|
Ambiguous command |
Not enough keywords were entered for the Switch to recognize the |
|
command. |
|
|
Incomplete command |
The command was not entered with all the required keyword. |
|
|
Invalid input detected at |
The command was entered incorrectly. |
^marker |
|
|
|
The following example shows how an ambiguous command error message is generated.
Switch# show v
Ambiguous command
Switch#
The following example shows how an incomplete command error message is generated.
Switch# show
Incomplete command
Switch#
The following example shows how an invalid input error message is generated.
Switch# show verb
^
Invalid input detected at ^marker Switch#
The command line interface of this switch supports to following keyboard keystroke editing features.
|
Keystroke |
Description |
|
|
|
|
|
|
Delete |
Deletes the character under the cursor and shifts the remainder of the |
|
|
|
line to the left. |
|
|
Backspace |
Deletes the character to the left of the cursor and shifts the remainder |
|
|
|
of the line to the left. |
|
|
|
|
|
|
Left Arrow |
Moves the cursor to the left. |
|
|
|
|
|
|
Right Arrow |
Moves the cursor to the right. |
|
|
|
|
|
|
|
|
|
|
|
|
|
7
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
CTRL+R |
Toggles the insert text function on and off. When on, text can be |
|
inserted in the line and the remainder of the text will be shifted to the |
|
right. When off, text can be inserted in the line and old text will |
|
automatically be replaced with the new text. |
Return |
Scrolls down to display the next line or used to issue a command. |
|
|
Space |
Scrolls down to display the next page. |
|
|
ESC |
Escapes from the displaying page. |
|
|
|
|
Results displayed by show commands can be filtered using the following parameters:
•begin FILTER-STRING - This parameter is used to start the display with the first line that matches the filter string.
•include FILTER-STRING - This parameter is used to display all the lines that match the filter string.
•exclude FILTER-STRING - This parameter is used to exclude the lines that match the filter string from the display.
The example below shows how to use the begin FILTER-STRING parameter in a show command.
Switch#show running-config | begin # AAA
# AAA
configure terminal
# AAA START
no aaa new-model
#AAA END end
#PRIVMGMT configure terminal
#COMMAND LEVEL START
#COMMAND LEVEL END
#LEVEL START
#LEVEL END
#ACCOUNT START
#ACCOUNT END
#LOGIN START
#LOGIN END
end
#CLI
#BASIC
CTRL+C ESC q Quit SPACE n Next Page ENTER Next Entry a All
The example below shows how to use the include FILTER-STRING parameter in a show command.
8
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
Switch#show running-config | include # DEVICE
# DEVICE
Switch#
The example below shows how to use the exclude FILTER-STRING parameter in a show command.
Switch#show running-config | exclude # DEVICE Building configuration...
Current configuration : 34703 bytes
#------------------------------------------------------------------------------- |
|
# |
DGS-1510-28P Gigabit Ethernet SmartPro Switch |
# |
Configuration |
# |
|
# |
Firmware: Build 1.00.013 |
# |
Copyright(C) 2014 D-Link Corporation. All rights reserved. |
#------------------------------------------------------------------------------- |
|
# STACK |
|
end |
|
end |
|
configure terminal end
# AAA
CTRL+C ESC q Quit SPACE n Next Page ENTER Next Entry a All
9
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
This command is used to display a brief description of the help system. Use the help command in any command mode.
help
None.
None.
EXEC Mode or Any Configuration Mode.
Level: 1.
The help command provides a brief description for the help system, which includes the following functions:
•To list all commands available for a particular command mode, enter a question mark (?) at the system prompt.
•To obtain a list of commands that begin with a particular character string, enter the abbreviated command entry immediately followed by a question mark (?). This form of help is called word help, because it lists only the keywords or arguments that begin with the abbreviation entered.
•To list the keywords and arguments associated with a command, enter a question mark (?) in place of a keyword or argument on the command line. This form of help is called the command syntax help, because it lists the keywords or arguments that apply based on the command, keywords, and arguments already entered.
This example shows how the help command is used to display a brief description of the help system.
10
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
Switch#help
The switch CLI provides advanced help feature.
1.Help is available when you are ready to enter a command argument (e.g. 'show ?') and want to know each possible available options.
2.Help is provided when an abbreviated argument is entered
and you want to know what arguments match the input(e.g. 'show ve?'.). If nothing matches, the help list will be empty and you must backup until entering a '?' shows the available options.
3.For completing a partial command name could enter the abbreviated command name immediately followed by a <Tab> key.
Note:
Since the character '#' is used for help purpose, to enter
the character '?' in a string argument, press ctrl+v immediately followed by the character '?'.
Switch#
The following example shows how to use the word help to display all the Privileged EXEC Mode commands that begin with the letters “re”. The letters entered before the question mark (?) are reprinted on the next command line to allow the user to continue entering the command.
|
|
|
|
Switch#re? |
|
|
|
reboot |
rename |
renew |
reset |
Switch#re |
|
|
|
The following example shows how to use the command syntax help to display the next argument of a partially complete IP access-list standard command. The characters entered before the question mark (?) is reprinted on the next command line to allow the user to continue entering the command.
Switch(config)#ip access-list standard ?
<1-1999> Standard IP access-list number <cr>
Switch(config)#ip access-list standard
This command is used to enter the Privileged EXEC Mode.
enable [PRIVILEGE-LEVEL]
|
PRIVILEGE-LEVEL |
(Optional) Specifies to set the privilege level for the user. The privilege |
|
|
level is between 1 and 15. If not specified, level 15 will be used. |
|
|
|
Default |
|
11
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
None.
User EXEC Mode.
Privilege EXEC Mode.
Level: 1.
Execute this command if the current level is lower than the command level. If the privileged level requires
a password, enter it in the field provided. However, only three attempts are allowed. Failure to access this
level returns the user to the current level.
This example shows how to enter the Privileged EXEC Mode.
Switch# enable 15
password:***
Switch#
This command is used to downgrade to a level lower user level than the privileged level.
disable [PRIVILEGE-LEVEL]
PRIVILEGE LEVEL |
Specifies the privilege level to enter. If not specified, level 1 is used. |
|
|
|
|
None.
User EXEC Mode.
Privilege EXEC Mode.
Level: 1.
Use this command to enter the privilege level, which is lower than the current level. When using this
command to enter the privilege level, that has a password configured, no password is needed.
This example shows how to logout.
Switch# disable
Switch# logout
12
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
This command is used to enter the Global Configuration Mode.
configure terminal
None.
None
Privilege EXEC Mode.
Level: 12.
This command is used to enter the Global Configuration Mode.
This example shows how to enter into Global Configuration Mode.
Switch# configure terminal
Switch(config)#
This command is used to configure a login username.
login
None.
None.
User EXEC Mode.
Privileged EXEC Mode.
Level: 1.
Use this command to change the login account. Three attempts are allowed to login to the Switch’s
interface. When using Telnet, if all attempts fail, access will return to the command prompt. If no
information is entered within 60 seconds, the session will return to the state when logged out.
13
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
This example shows how to login with username “user1”.
Switch# login
Username: user1
Password: xxxxx
Switch#
This command is used to set the line login method. Use the no form of the command to disable the login.
login [local] no login
login |
Specifies that the line login method will be login. |
|
|
local |
Specifies that the line login method will be local. |
|
|
|
|
By default, there is no login details configured for the console line.
By default, there is a login method (by password) configured for the Telnet line.
By default, there is a login local method (by username and password) configured for the SSH line.
Line Configuration Mode.
Level: 15.
For Console and Telnet access, when AAA is enabled, the line uses rules configured by the AAA module. When AAA is disabled, the line uses the following authentication rules:
•When login is disabled, the user can enter the line at Level 1.
•When the by password option is selected, after inputting the same password as the command password, the user enter the line at level 1. If the password wasn’t previously configured an error message will be displayed and the session will be closed.
•When the username and password option is selected, enter the username and password configured by the username command.
For SSH access, there are three authentication types:
•SSH public key,
•Host-based authentication, and
•Password authentication.
The SSH public key and host-based authentication types are independent from the login command in the line mode. If the authentication type is password, the following rules apply:
14
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
•When AAA is enabled, the AAA module is used.
•When AAA is disabled, the following rules are used:
o When login is disabled, the username and password is ignored. Enter the details at Level 1.
o When the username and password option is selected, use the username and password setup by the username command.
oWhen the password option is selected, the username is ignored but a password is required using the password command to enter the line at level 1.
This example shows how to enter the Line Configuration Mode and to create a password for the line user. This password only takes effect once the corresponding line is set to login.
Switch# configure terminal Switch(config)# line console
Switch(config-line)# password loginpassword Switch(config-line)#
This example shows how to configure the line console login method as “login”.
Switch# configure terminal
Switch(config)# line console
Switch(config-line)# login
Switch(config-line)#
This example shows how to enter the login command. The device will check the validity of the user from the password create command. If correct, the user will have access at the particular level.
Switch#login
Password:*************
Switch#
This example shows how to create a username “useraccount” with the password of “pass123” and use Privilege 12.
Switch# configure terminal
Switch(config)# username useraccount privilege 12 password 0 pass123 Switch(config)#
This example shows how to configure the login method as login local.
Switch# configure terminal
Switch(config)# line console
Switch(config-line)# login local
Switch(config-line)#
This command is used to close an active terminal session by logging off the Switch.
logout
15
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
None.
None.
User EXEC Mode.
Privilege EXEC Mode.
Level:1.
Use this command to close an active terminal session by logging out of the device.
This example shows how to logout
Switch# disable
Switch# logout
2-8 end
This command is used to end the current configuration mode and return to the highest mode in the CLI mode hierarchy which is either the User EXEC Mode or the Privileged EXEC Mode.
end
None.
None.
EXEC Mode or Any Configuration Mode.
Level: 1.
Executing this command will return access to the highest mode in the CLI hierarchy regardless of what
configuration mode or configuration sub-mode currently located at.
This example shows how to end the Interface Configuration Mode and go back to the Privileged EXEC
Mode.
16
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
Switch# configure terminal
Switch(config)# interface eth1/0/1
Switch(config-if)#end
Switch#
This command is used to end the configuration mode and go back to the last mode. If the current mode is the User EXEC Mode or the Privilege EXEC Mode, executing the exit command logs you out of the current session.
exit
None.
None.
EXEC Mode or Any Configuration Mode.
Level: 1.
Use this command to exit the current configuration mode and go back to the last mode. When the user is in the User EXEC Mode or the Privilege EXEC Mode, this command will logout the session.
This example shows how to exit from the Interface Configuration Mode and return to the Global Configuration Mode.
Switch# configure terminal Switch(config) interface eth1/0/1 Switch(config-if)#exit Switch(config)#
This command is used to list the commands entered in the current EXEC Mode session.
show history
None.
None.
17
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
EXEC Mode or Any Configuration Mode.
Level: 1.
Commands entered are recorded by the system. A recorded command can be recalled by pressing CTRL+P or the Up Arrow key which will recall previous commands in sequence. The history buffer size is fixed at 20 commands.
The function key instructions, below, displays how to navigate the command in the history buffer.
•CTRL+P or the Up Arrow key - Recalls commands in the history buffer, beginning with the most recent command. Repeat the key sequence to recall successively older commands.
•CTRL+N or the Down Arrow key - Returns to more recent commands in the history buffer after recalling commands with Ctrl-P or the Up Arrow key. Repeat the key sequence to recall successively more recent commands.
This example shows how to display the command buffer history.
Switch# show history
help history
Switch#
This command is used to display fan, temperature, power availability and status information.
show environment [fan | power | temperature]
fan |
(Optional) Specifies to display the Switch fan detailed status. |
|
|
power |
(Optional) Specifies to display the Switch power detailed status. |
|
|
temperature |
(Optional) Specifies to display the Switch temperature detailed status. |
|
|
|
|
None.
EXEC Mode or Any Configuration Mode.
Level: 1.
If a specific type is not specified, all types of environment information will be displayed.
18
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
This example shows how to display fan, temperature, power availability and status information.
Switch#show environment
Detail Temperature Status: |
|
|
Unit |
Temperature Descr/ID |
Current/Threshold Range |
-----------------------------------------------------------
1 Central Temperature/1 27C/11~79C Status code: * temperature is out of threshold range
Detail Fan Status:
--------------------------------------------------------------
Right Fan 1 |
(OK) |
Right Fan 2 (OK) |
|
Detail Power Status: |
|
||
Unit |
Power |
Module |
Power Status |
--------------------- -------------
1 |
Power 1 |
in-operation |
Switch#
|
Power status |
in-operation: The power rectifier is in normal operation. |
|
|
|
failed: The power rectifier not working normally. |
|
|
|
empty: The power rectifier is not installed. |
|
|
|
|
|
|
|
|
|
|
|
|
|
This command is used to display information about system units.
show unit [UNIT-ID]
UNIT-ID |
(Optional) Specify the unit to display. |
|
|
|
|
None.
EXEC Mode or Any Configuration Mode.
Level: 1.
This command displays information about the system modules. If no option is specified, then all of units’
information will be displayed.
19
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
This example shows how to display the information about units on a system.
Switch#show unit
Unit |
Model Descr |
Model Name |
----------------------------------------------- ------------------
1 |
No module description |
|
|
|
|
DGS-1510-28P |
||
Unit |
Serial-Number |
|
|
Status |
Up Time |
|||
---- |
--------------------------------- |
--------- |
----------------- |
|||||
1 |
|
|
|
|
|
ok |
|
0DT6H32M18S |
Unit |
Memory |
Total |
|
Used |
|
Free |
|
|
---- |
-------- |
---------- |
---------- |
---------- |
|
|||
1 |
DRAM |
131072 |
K |
66567 |
K |
64505 |
K |
|
1 |
FLASH |
29937 |
K |
7799 |
K |
22138 |
K |
|
Switch#
This command is used to display the CPU utilization information.
show cpu utilization
None.
None.
EXEC Mode or Any Configuration Mode.
Level: 1.
This command displays the system’s CPU utilization information in 5 second, 1 minute, and 5 minute
intervals.
This example shows how to display the information about CPU utilization.
20
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
Switch#show cpu utilization |
|
|
|
|
CPU Utilization |
|
|
|
|
Five seconds - 8 % |
One minute - |
7 % |
Five minutes - |
7 % |
Switch#
This command is used to display the Switch’s software version information.
show version
None.
None.
EXEC Mode or Any Configuration Mode.
Level: 1.
This command displays version information about the Switch.
This example shows how to displays version information about the Switch.
Switch#show version
System MAC Address: 00-01-02-03-04-00
Unit ID |
Module Name |
Versions |
------- |
------------------ |
--------------------- |
1 |
DGS-1510-28P |
H/W:A1 |
|
|
Bootloader:1.00.006 |
|
|
Runtime:1.00.016 |
Switch# |
|
|
|
|
|
This command is used to enable the power, temperature and fan trap state.
21
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
snmp-server enable traps environment [fan] [power] [temperature] no snmp-server enable traps environment [fan] [power] [temperature]
fan |
(Optional) Specifies to enable the fan trap state for warning fan event |
|
(fan failed or fan recover). |
power |
(Optional) Specifies to enable the power trap state for warning power |
|
event (power failed or power recover). |
temperature |
(Optional) Specifies to enable the temperature trap state for warning |
|
temperature event (temperature exceeds the thresholds or |
|
temperature recover). |
|
|
|
|
None.
Global Configuration Mode.
Level: 12.
This command is used to configure the environment temperature threshold which corresponds to the normal range of the temperature defined for the sensor. The low threshold must be smaller than the high threshold. The configured range must fall within the operational range which corresponds to the minimum and maximum allowed temperatures defined for the sensor. When the configured threshold is crossed, a notification will be sent.
This example shows how to configure the environment temperature thresholds for thermal sensor ID 1 on unit 1.
Switch# configure terminal
Switch(config)# environment temperature threshold unit 1 thermal 1 high 100 low 20 Switch(config)#
This command is used to configure the environment temperature thresholds. Use the no form of the command to reset to the default setting.
environment temperature threshold unit UNIT-ID thermal THREMAL-ID [high VALUE] [low
VALUE]
no environment temperature threshold unit UNIT-ID thermal THREMAL-ID [high] [low]
unit UNIT-ID |
Specifies the unit ID. |
|
|
thermal THERMAL-ID |
Specifies the thermal sensor’s ID. |
|
|
|
|
22
|
|
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide |
|
|
|
|
|
|
|
|
|
|
high |
(Optional) Specifies the high threshold of the temperature in Celsius. |
|
|
|
The range is from -100 to 200. |
|
|
low |
(Optional) Specifies the low threshold of the temperature in Celsius. |
|
|
|
The range is from -100 to 200. The low threshold must be smaller than |
|
|
|
the high threshold. |
|
|
|
|
|
None.
Global Configuration Mode.
Level: 12.
This command is used to configure the environment temperature threshold which corresponds to the normal range of the temperature defined for the sensor. The low threshold must be smaller than the high threshold. The configured range must fall within the operational range which corresponds to the minimum and maximum allowed temperatures defined for the sensor. When the configured threshold is crossed, a notification will be sent.
This example shows how to configure the environment temperature thresholds for thermal sensor ID 1 on unit 1.
Switch# configure terminal
Switch(config)# environment temperature threshold unit 1 thermal 1 high 100 low 20 Switch(config)#
23
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
This command is used to clear 802.1X counters (diagnostics, statistics and session statistics).
clear dot1x counters {all | interface INTERFACE-ID [, | -]}
all |
Specifies to clear 802.1X counters (diagnostics, statistics and session |
|
statistics) on all interfaces. |
interface INTERFACE-ID |
Specifies to clear 802.1X counters (diagnostics, statistics and session |
|
statistics) on the specified interface. Valid interfaces are physical ports |
|
(including type, stack member, and port number). |
|
|
, |
(Optional) Specifies a series of interfaces, or separate a range of |
|
interfaces from a previous range. No space is allowed before and after |
|
the comma. |
|
|
- |
(Optional) Specifies a range of interfaces. No space is allowed before |
|
and after the hyphen. |
|
|
None.
Privileged EXEC Mode.
Level: 12.
This command is used to clear 802.1X counters (diagnostics, statistics and session statistics).
This example shows how to clear 802.1X counters (diagnostics, statistics and session statistics) on the
Ethernet port 1/0/1.
Switch# clear dot1x counters interface eth1/0/1
Switch#
This command is used to configure the direction of the traffic on a controlled port as unidirectional (in) or bidirectional (both). Use the no form of the command to reset to the default setting.
dot1x control-direction {both | in} no dot1x control-direction
24
|
|
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide |
|
|
|
|
|
|
|
|
|
|
both |
Specifies to enable bidirectional control for the port. |
|
|
|
|
|
|
in |
Specifies to enable in direction control for the port. |
|
|
|
|
|
|
|
|
|
By default, this option is bidirectional mode.
Interface Configuration Mode.
Level: 12.
This command is only available for physical port interface configuration. If the port control is set to forceauthorized, then the port is not controlled in both directions. If the port control is set to auto, then the access to the port for the controlled direction needs to be authenticated. If the port control is set to forceunauthorized, then the access to the port for the controlled direction is blocked.
Suppose that port control is set to auto. If the control direction is set to both, then the port can receive and transmit EAPOL packets only. All user traffic is blocked before authentication. If the control direction is set to in, then in addition to receiving and transmitting EAPOL packets, the port can transmit user traffic but not receive user traffic before authentication.
This example shows how to configure the controlled direction of the traffic through Ethernet eth1/0/1 as unidirectional.
Switch# configure terminal Switch(config)# interface eth1/0/1
Switch(config-if)# dot1x control-direction in Switch(config-if)#
This command is used to reset the IEEE 802.1X parameters on a specific port to their default settings.
dot1x default
None.
IEEE 802.1X authentication is disabled.
Control direction is bidirectional (both).
Port control is auto.
Forward PDU on port is disabled.
Maximum request is 2 times.
Server timer is 30 seconds.
Supplicant timer is 30 seconds.
Transmit interval is 30 seconds.
25
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
Interface Configuration Mode.
Level: 12.
This command is used to reset all the IEEE 802.1X parameters on a specific port to their default settings.
This example shows how to reset the 802.1X parameters on port 1/0/1.
Switch# configure terminal
Switch(config)# interface eth1/0/1
Switch(config-if)# dot1x default
Switch(config-if)#
This command is used to control the authorization state of a port. Use the no command to revert to the default setting.
dot1x port-control {auto | force-authorized | force-unauthorized} no dot1x port-control
auto |
Specifies to enable IEEE 802.1X authentication for the port. |
|
|
force-authorized |
Specifies the port to the force authorized state. |
|
|
force-unauthorized |
Specifies the port to the force unauthorized state. |
|
|
|
|
By default, this option is set as auto.
Interface Configuration Mode.
Level: 12.
This command takes effect only when IEEE 802.1X PAE authenticator is globally enabled by the dot1x system-auth-control command and is enabled for a specific port by using the dot1x PAE authenticator.
This command is only available for physical port interface configuration.
If the port control is set to force-authorized, then the port is not controlled in both directions. If the port control is set to auto, then the access to the port for the controlled direction needs to be authenticated. If the port control is set to force-unauthorized, then the access to the port for the controlled direction is blocked.
This example shows how to deny all access on Ethernet port 1/0/1.
26
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
Switch# configure terminal
Switch(config)# interface eth1/0/1
Switch(config-if)# dot1x port-control force-unauthorized
Switch(config-if)#
This command is used to enable the forwarding of the dot1x PDU. Use the no form of the command to disable the forwarding of the dot1x PDU.
dot1x forward-pdu no dot1x forward-pdu
None.
By default, this option is disabled.
Interface Configuration Mode.
Level: 12.
This command is only available for physical port interface configuration. This command only takes effect
when the dot1x authentication function is disabled on the receipt port. The received PDU will be
forwarded in either the tagged or untagged form based on the VLAN setting.
This example shows how to configure the forwarding of the dot1x PDU.
Switch# configure terminal
Switch(config)# interface eth1/0/1
Switch(config-if)# dot1x forward-pdu
Switch(config-if)#
This command is used to initialize the authenticator state machine on a specific port or associated with a specific MAC address.
dot1x initialize {interface INTERFACE-ID [, | -] | mac-address MAC-ADDRESS}
|
interface INTERFACE-ID |
Specifies the port on which the authenticator state machine will be |
|
|
|
initialized. Valid interfaces are physical ports. |
|
|
|
|
|
|
|
|
|
27