Enterasys Networks 1H582-xx, E1, 1G58x-09 User Manual

Matrix E1 Series

(1G58x-09 and 1H582-xx)

Configuration Guide

Firmware Version 3.07.xx

P/N 9033755-22

NOTICE

Enterasys Networks reserves the right to make changes in specifications and other information contained in this document and its web site without prior notice. The reader should in all cases consult Enterasys Networks to determine whether any such changes have been made.

The hardware, firmware, or software described in this document is subject to change without notice. IN NO EVENT SHALL ENTERASYS NETWORKS BE LIABLE FOR ANY INCIDENTAL, INDIRECT, SPECIAL,

OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUT NOT LIMITED TO LOST PROFITS) ARISING OUT OF OR RELATED TO THIS DOCUMENT, WEB SITE, OR THE INFORMATION CONTAINED IN THEM, EVEN IF ENTERASYS NETWORKS HAS BEEN ADVISED OF, KNEW OF, OR SHOULD HAVE KNOWN OF , THE POSSIBILITY OF SUCH DAMAGES.

Enterasys Networks, Inc. 50 Minuteman Road Andover, MA 01810

Part Number: 9033755-22 September 2008

ENTERASYS, ENTERASYS NETWORKS, ENTERASYS MATRIX, ENTERASYS NETSIGHT, LANVIEW, WEBVIEW , and any logos associated therewith, are trademarks or registered trademarks of Enterasys Networks, Inc., in the United States and other countries.

All other product names mentioned in this manual may be trademarks or registered trademarks of their respective companies.

Documentation URL: http://www.enterasys.com/support/manuals Documentacion URL: http://www.enterasys.com/support/manuals Dokumentation im Internet: http://www.enterasys.com/support/manuals

Version: Information in this guide refers to Matrix E1 Series (1G58x-09 and

1H582-xx) firmware version 3.07.xx.

ENTERASYS NETWORKS, INC. FIRMWARE LICENSE AGREEMENT

BEFORE OPENING OR UTILIZING THE ENCLOSED PRODUCT,

CAREFULLY READ THIS LICENSE AGREEMENT.

This document is an agreement (“Agreement”) between the end user (“You”) and Enterasys Networks, Inc., on behalf of itself and its Affiliates (as hereinafter defined) (“Enterasys”) that sets forth Your rights and obligations with respect to the Enterasys software program/firmware (including any accompanying documentation, hardware or media) (“Program”) in the package and prevails over any additional, conflicting or inconsistent terms and conditions appearing on any purchase order or other document submitted by You. “Affiliate” me ans a ny person, partn ership, corpo ration, limited liability company, other form of enterprise that directly or indirectly through one or more intermediaries, controls, or is controlled by, or is under common control with the party specified. This Agreement constitutes the entire understanding between the parties, with respect to the subject matter of this Agreement. The Program may be contained in firmware, chips or other media.

BY INSTALLING OR OTHERWISE USING THE PROGRAM, YOU REPRESENT THAT YOU ARE AUTHORIZED TO ACCEPT THESE TERMS ON BEHALF OF THE END USER (IF THE END USER IS AN ENTITY ON WHOSE BEHALF YOU ARE AUTHORIZED TO ACT, “YOU” AND “YOUR” SHALL BE DEEMED TO REFER TO SUCH ENTITY) AND THAT YOU AGREE THAT YOU ARE BOUND BY THE TERMS OF THIS AGREEMENT, WHICH INCLUDES, AMONG OTHER PROVISIONS, THE LICENSE, THE DISCLAIMER OF WARRANTY AND THE LIMITATION OF LIABILITY. IF YOU DO NOT AGREE TO THE TERMS OF THIS AGREEMENT OR ARE NOT AUTHORIZED TO ENTER INTO THIS AGREEMENT, ENTERASYS IS UNWILLING TO LICENSE THE PROGRAM TO YOU AND YOU AGREE TO RETURN THE UNOPENED PRODUCT TO ENTERASYS OR YOUR DEALER, IF ANY, WITHIN TEN (10) DAYS FOLLOWING THE DATE OF RECEIPT FOR A FULL REFUND.

IF YOU HAVE ANY QUESTIONS ABOUT THIS AGREEMENT, CONTACT ENTERASYS NETWORKS, LEGAL DEPARTMENT AT (978) 684-1000.

You and Enterasys agree as follows:

1. LICENSE. You have the non-exclusive and non-transferable right to use only the one (1) copy of the Program

provided in this package subject to the terms and conditions of this Agreement.

2. RESTRICTIONS. Except as otherwise authorized in writing by Enterasys, You may not, nor may You permit any third party to:

(a) Reverse engineer, decompile, disassemble or modify the Program, in whole or in part, including for reasons of

error correction or interoperability , except to the extent expressly permitted by applicable law and to the extent the parties shall not be permitted by that applicable law, such rights are expressly excluded. Information necessary to achieve interoperability or correct errors is available from Enterasys upon request and upon payment of Enterasys’ applicable fee.

(b) Incorporate the Program in whole or in part, in any other product or create der ivative works based on the

Program, in whole or in part. (c) Publish, disclose, copy reproduce or transmit the Program, in whole or in part. (d) Assign, sell, license, sublicense, rent, lease, encumber by way of security interest, pledge or otherwise transfer

the Program, in whole or in part. (e) Remove any copyright, trademark, proprietary rights, disclaimer or warnin g notice included on or embedded in

any part of the Program.

3. APPLICABLE LAW. This Agreement shall be interpreted and governed under the laws and in the state and federal courts of the Commonwealth of Massachusetts without regard to its conflicts of laws provisions. You accept the personal jurisdiction and venue of the Commonwealth of Massachusetts courts. None of the 1980 United Nations Convention on the Limitation Period in the International Sale of Goods, and the Uniform Computer Information Transactions Act shall apply to this Agreement.

4. EXPORT RESTRICTIONS. You understand that Enterasys and its Affiliates are subject to regulation by agencies of the U.S. Government, including the U.S. Department of Commerce, which prohibit export or diversion of certain technical products to certain countries, unless a license to export the product is obtained from the U.S. Government or an exception from obtaining such license may be relied upon by the exporting party.

If the Program is exported from the United States pursuant to the License Exception CIV under the U.S. Export Administration Regulations, You agree that You are a civil end user of the Program and agree that You will use the Program for civil end uses only and not for military purposes.

If the Program is exported from the United States pursuant to the License Exception TSR under the U.S. Export Administration Regulations, in addition to the restriction on transfer set forth in Section 1 or 2 of this Agreement, You agree not to (i) reexport or release the Program, the source code for the Program or technology to a national of a country in Country Groups D:1 or E:2 (Albania, Armenia, Azerbaijan, Belarus, Cambodia, Cuba, Georgia, Iraq, Kazakhstan, Laos, Libya, Macau, Moldova, Mongolia, North Korea, the People’s Republic of China, Russia, Tajikistan, Turkmenistan, Ukraine, Uzbekistan, Vietnam, or such other countries as may be designated by the United States Government), (ii) export to Country Groups D:1 or E:2 (as defined herein) the direct product of the Program or the technology, if such foreign produced direct product is subject to national security controls as identified on the U.S. Commerce Control List, or (iii) if the direct product of the technology is a complete plant or any major component of a plant, export to Country Groups D:1 or E:2 the direct product of the plant or a major component thereof, if such foreign produced direct product is subject to national security controls as identified on the U.S. Commerce Control List or is subject to State Department controls under the U.S. Munitions List.

5. UNITED STATES GOVERNMENT RESTRICTED RIGHTS. The enclosed Program (i) was developed solely at private expense; (ii) contains “restricted computer software” submitted with restricted rights in accordance with section

52.227-19 (a) through (d) of the Commercial Computer Software-Restricted Rights Clause and its successors, and (iii) in all respects is proprietary data belonging to Enterasys and/or its suppliers. For Department of Defense units, the Program is considered commercial computer software in accordance with DFARS section 227.7202-3 and its successors, and use, duplication, or disclosure by the U.S. Government is subject to restrictions set forth herein.

6. DISCLAIMER OF WARRANTY. EXCEPT FOR THOSE WARRANTIES EXPRESSLY PROVIDED TO YOU IN WRITING BY ENTERASYS, ENTERASYS DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, SATISFACTORY QUALITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT WITH RESPECT TO THE PROGRAM. IF IMPLIED WARRANTIES MAY NOT BE DISCLAIMED BY APPLICABLE LAW, THEN ANY IMPLIED WARRANTIES ARE LIMITED IN DURATION TO THIRTY (30) DAYS AFTER DELIVERY OF THE PROGRAM TO YOU.

7. LIMITATION OF LIABILITY. IN NO EVENT SHALL ENTERASYS OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF BUSINESS, PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, SPECIAL, INCIDENTAL, CONSEQUENTIAL, OR RELIANCE DAMAGES, OR OTHER LOSS) ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM, EVEN IF ENTERASYS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THIS FOREGOING LIMITATION SHALL APPLY REGARDLESS OF THE CAUSE OF ACTION UNDER WHICH DAMAGES ARE SOUGHT.

THE CUMULATIVE LIABILITY OF ENTERASYS TO YOU FOR ALL CLAIMS RELATING TO THE PROGRAM, IN CONTRACT, TORT OR OTHERWISE, SHALL NOT EXCEED THE TOTAL AMOUNT OF FEES PAID TO ENTERASYS BY YOU FOR THE RIGHTS GRANTED HEREIN.

8. AUDIT RIGHTS. You hereby acknowledge that the intellectual property rights associated with the Program are of critical value to Enterasys, and, accordingly, You hereby agree to maintain complete books, records and accounts showing (i) license fees due and paid, and (ii) the use, copying and deployment of the Program. You also grant to Enterasys and its authorized representatives, upon reasonable notice, the right to audit and examine during Your normal business hours, Your books, records, accounts and hardware devices upon which the Program may be deployed to verify compliance with this Agreement, including the verification of the license fees due and paid Enterasys and the use, copying and deployment of the Program. Enterasys’ right of examination shall be exercised reasonably, in good faith and in a manner calculated to not unreasonably interfere with Your business. In the event such audit discovers non-compliance with this Agreement, including copies of the Program made, used or deployed in breach of this Agreement, You shall promptly pay to Enterasys the appropriate license fees. Enterasys reserves the right, to be exercised in its sole discretion and without prior notice, to terminate this license, effective immediately, for failure to comply with this Agreement. Upon any such termination, You shall immediately cease all use of the Program and shall return to Enterasys the Program and all copies of the Program.

9. OWNERSHIP. This is a license agreement and not an agreement for sale. You acknowledge and agree that the Program constitutes trade secrets and/or copyrighted material of Enterasys and/or its suppliers. You agree to implement reasonable security measures to protect such trade secrets and copyrighted material. All right, title and interest in and to the Program shall remain with Enterasys and/or its suppliers. All rights not specifically granted to You shall be reserved to Enterasys.

10. ENFORCEMENT. You acknowledge and agree that any breach of Sections 2, 4, or 9 of this Agreement by You may cause Enterasys irreparable damage for which recovery of money damages would be inadequate, and that Enterasys may be entitled to seek timely injunctive relief to protect Enterasys’ rights under this Agreement in addition to any and all remedies available at law.

11. ASSIGNMENT. You may not assign, transfer or sublicense this Agreement or any of Your rights or obligations under this Agreement, except that You may assign this Agreement to any person or entity which acquires substantially all of Your stock assets. Enterasys may assign this Agreement in its sole discretion. This Agreement shall be binding upon and inure to the benefit of the parties, their legal representatives, permitted transferees, successors and assigns as permitted by this Agreement. Any attempted assignment, transfer or sublicense in violation of the term s of this Agreement shall be void and a breach of this Agreement.

12. WAIVER. A waiver by Enterasys of a breach of any of the terms and conditions of this Agreement must be in writing and will not be construed as a waiver of any subsequent breach of such term or condition. Enterasys’ failure to enforce a term upon Your breach of such term shall not be construed as a waiver of Your breach or prevent enforcement on any other occasion.

13. SEVERABILITY. In the event any provision of this Agreement is found to be invalid, illegal or unenforceable, the validity, legality and enforceability of any of the remaining provisions shall not in any way be affected or impaired thereby, and that provision shall be reformed, construed and enforced to the maximum extent permissible. Any such invalidity, illegality, or unenforceability in any jurisdiction shall not invalidate or render illegal or unenforceable such provision in any other jurisdiction.

14. TERMINATION. Enterasys may terminate this Agreement immediately upon Your breach of any of the terms and conditions of this Agreement. Upon any such termination, You shall immediately cease all use of the Program and shall return to Enterasys the Program and all copies of the Program.

Figures .........................................................................................................................................xxv

Tables......................................................................................................................................... xxvii

ABOUT THIS GUIDE

Using This Guide......................................................................................................... xxix

Structure of This Guide ................................................................................................xxx

Related Documents..................................................................................................... xxxi

Document Conventions.............................................................................................. xxxii

Typographical and Keystroke Conventions................................................................ xxxii

INTRODUCTION

1.1 Overview ......................................................................................................... 1-1

1.2 Getting Help .................................................................................................... 1-3

MANAGEMENT TERMINAL AND MODEM SETUP REQUIREMENTS

2.1 Connecting to a Console Port for Local Management .................................... 2-1

2.1.1 What Is Needed .............................................................................. 2-1

2.1.2 Connecting to an IBM or Compatible Device .................................. 2-2

2.1.3 Connecting to a VT Series Terminal ............................................... 2-3

2.1.4 Connecting to a Modem .................................................................. 2-4

2.1.4.1 Configuring the Modem to Not Send Login Requests . 2-5

2.1.5 Adapter Wiring and Signal Assignments......................................... 2-7

STARTUP AND GENERAL CONFIGURATION

3.1 Startup and General Configuration Summary ................................................. 3-1

3.1.1 Factory Default Settings.................................................................. 3-1

3.1.2 Command Defaults Descriptions .................................................. 3-10

3.1.3 CLI Command Modes ................................................................... 3-11

3.1.4 Using WebView............................................................................. 3-12

3.1.5 Process Overview: CLI Startup and General Configuration.......... 3-13

3.1.6 Starting and Navigating the Command Line Interface (CLI) ......... 3-14

3.1.6.1 Using a Console Port Connection ............................. 3-14

3.1.6.2 Logging in with a Default User Account..................... 3-14

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide v

Contents

3.1.6.3 Logging in With an Administratively Configured

User Account ............................................................. 3-16

3.1.6.4 Using a Telnet Connection ........................................ 3-16

3.1.7 Getting Help with CLI Syntax ........................................................ 3-18

3.1.8 Displaying Scrolling Screens ........................................................ 3-19

3.1.9 Basic Line Editing Commands ...................................................... 3-20

3.2 General Configuration Command Set ........................................................... 3-21

3.2.1 Setting User Accounts and Passwords......................................... 3-21

3.2.1.1 show system login ..................................................... 3-21

3.2.1.2 set system login......................................................... 3-23

3.2.1.3 clear system login...................................................... 3-24

3.2.1.4 set password ............................................................. 3-25

3.2.1.5 set system password length ...................................... 3-26

3.2.1.6 set system password aging ....................................... 3-27

3.2.1.7 set system password history ..................................... 3-27

3.2.1.8 set system lockout attempts ...................................... 3-28

3.2.1.9 set system lockout ..................................................... 3-29

3.2.2 Setting Basic Device Properties.................................................... 3-30

3.2.2.1 show system resources ............................................. 3-31

3.2.2.2 show system.............................................................. 3-32

3.2.2.3 show time .................................................................. 3-33

3.2.2.4 set time ...................................................................... 3-33

3.2.2.5 set prompt.................................................................. 3-34

3.2.2.6 show banner motd ..................................................... 3-35

3.2.2.7 set banner motd......................................................... 3-35

3.2.2.8 clear banner motd...................................................... 3-36

3.2.2.9 show version.............................................................. 3-37

3.2.2.10 set system name ....................................................... 3-38

3.2.2.11 set system location .................................................... 3-39

3.2.2.12 set system contact..................................................... 3-40

3.2.2.13 show terminal ............................................................ 3-40

3.2.2.14 set terminal ................................................................ 3-41

3.2.2.15 set system timeout..................................................... 3-42

3.2.2.16 show summertime ..................................................... 3-42

3.2.2.17 set summertime ......................................................... 3-43

3.2.2.18 set summertime date ................................................. 3-44

3.2.2.19 set summertime recurring .......................................... 3-45

3.2.2.20 clear summertime ...................................................... 3-47

3.2.2.21 set console baud ....................................................... 3-47

3.2.2.22 show ip address......................................................... 3-48

3.2.2.23 set ip address ............................................................ 3-49

vi Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Contents

3.2.3 Downloading a Firmware Image ................................................... 3-50

3.2.3.1 Downloading via the Serial Port ................................ 3-50

3.2.3.2 Downloading via TFTP ..............................................3-51

3.2.4 Configuring Telnet......................................................................... 3-54

3.2.4.1 show telnet ................................................................ 3-54

3.2.4.2 set telnet .................................................................... 3-55

3.2.5 Managing Switch Configuration Files............................................ 3-57

3.2.5.1 dir............................................................................... 3-57

3.2.5.2 show config................................................................ 3-58

3.2.5.3 configure.................................................................... 3-60

3.2.5.4 summaryconfig .......................................................... 3-62

3.2.5.5 copy ........................................................................... 3-64

3.2.5.6 set system bootconfig................................................ 3-66

3.2.5.7 delete......................................................................... 3-67

3.2.6 Configuring Enterasys and Cisco Discovery Protocols................. 3-68

3.2.6.1 show cdp ................................................................... 3-69

3.2.6.2 set cdp ....................................................................... 3-70

3.2.6.3 set cdp interval .......................................................... 3-72

3.2.6.4 show ciscodp ............................................................. 3-72

3.2.6.5 set ciscodp status ...................................................... 3-74

3.2.6.6 set ciscodp timer........................................................ 3-74

3.2.6.7 set ciscodp holdtime .................................................. 3-75

3.2.6.8 set ciscodp populatecdp ............................................ 3-76

3.2.6.9 show port ciscodp info ............................................... 3-76

3.2.6.10 show port ciscodp neighborinfo ................................. 3-78

3.2.6.11 set port ciscodp status............................................... 3-79

3.2.6.12 set port ciscodp trust-ext ........................................... 3-80

3.2.6.13 set port ciscodp cos-ext............................................. 3-81

3.2.6.14 set port ciscodp vvid .................................................. 3-82

3.2.7 Pausing, Clearing and Closing the CLI ......................................... 3-84

3.2.7.1 wait ............................................................................ 3-84

3.2.7.2 cls (clear screen) ....................................................... 3-85

3.2.7.3 exit ............................................................................. 3-85

3.2.8 Resetting the Device..................................................................... 3-87

3.2.8.1 show reset ................................................................. 3-87

3.2.8.2 reset........................................................................... 3-88

3.2.8.3 reset at....................................................................... 3-89

3.2.8.4 reset in....................................................................... 3-90

3.2.8.5 clear config ................................................................ 3-90

3.3 Preparing the Device for Router Mode.......................................................... 3-92

3.3.1 Pre-Routing Configuration Tasks.................................................. 3-92

3.3.2 Configuring VLANs for IP Routing ................................................ 3-93

3.3.3 Enabling Router Configuration Modes .......................................... 3-96

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide vii

Contents

PORT CONFIGURATION

4.1 Port Configuration Summary ........................................................................... 4-1

4.1.1 Port Assignment Scheme ............................................................... 4-1

4.1.2 Port String Syntax Used in the CLI ................................................. 4-4

4.2 Process Overview: Port Configuration ............................................................ 4-6

4.3 Port Configuration Command Set ................................................................... 4-7

4.3.1 Reviewing Port Status..................................................................... 4-7

4.3.1.1 show port status .......................................................... 4-7

4.3.1.2 show port counters ...................................................... 4-9

4.3.1.3 clear port counters..................................................... 4-11

4.3.2 Disabling / Enabling Ports............................................................. 4-12

4.3.2.1 set port disable .......................................................... 4-12

4.3.2.2 set port enable........................................................... 4-13

4.3.3 Setting Speed and Duplex Mode .................................................. 4-13

4.3.3.1 show port speed ........................................................ 4-14

4.3.3.2 set port speed............................................................ 4-15

4.3.3.3 show port duplex ....................................................... 4-16

4.3.3.4 set port duplex ........................................................... 4-17

4.3.4 Enabling / Disabling Jumbo Frame Support ................................. 4-18

4.3.4.1 show port jumbo ........................................................ 4-18

4.3.4.2 set port jumbo............................................................ 4-19

4.3.5 Setting Port Auto-Negotiation and Advertised Ability .................... 4-20

4.3.5.1 show port negotiation ................................................ 4-21

4.3.5.2 set port negotiation .................................................... 4-22

4.3.5.3 show port advertised ability ....................................... 4-23

4.3.5.4 set port advertised ability........................................... 4-26

4.3.6 Setting Flow Control and Thesholds ............................................. 4-27

4.3.6.1 show port flowcontrol................................................. 4-28

4.3.6.2 set port flowcontrol .................................................... 4-29

4.3.6.3 show port buffer threshold ......................................... 4-30

4.3.6.4 set port buffer threshold............................................. 4-31

4.3.6.5 show flow agetime ..................................................... 4-34

4.3.6.6 set flow agetime......................................................... 4-35

4.3.6.7 clear flow agetime...................................................... 4-35

4.3.6.8 show port holbp ......................................................... 4-36

4.3.6.9 set port holbp............................................................. 4-37

4.3.7 Setting Port Traps ......................................................................... 4-39

4.3.7.1 show port trap............................................................ 4-39

4.3.7.2 set port trap ............................................................... 4-41

4.3.8 Overview: Port Mirroring ............................................................... 4-42

viii Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Contents

4.3.9 Setting Port Mirroring .................................................................... 4-43

4.3.9.1 show port mirroring.................................................... 4-43

4.3.9.2 set port mirroring ....................................................... 4-44

4.3.9.3 clear port mirroring .................................................... 4-45

4.3.10 Configuring Link Aggregation........................................................ 4-46

4.3.10.1 Matrix E1 Trunk and LAG Usage Considerations......4-46

4.3.10.2 Port Grouping Considerations ................................... 4-47

4.3.11 Configuring Static Port Trunking ................................................... 4-50

4.3.11.1 show trunk ................................................................. 4-51

4.3.11.2 set trunkmode............................................................ 4-54

4.3.11.3 set trunk..................................................................... 4-54

4.3.11.4 clear trunk.................................................................. 4-55

4.3.11.5 set trunk port.............................................................. 4-56

4.3.11.6 clear trunk port........................................................... 4-56

4.3.11.7 set trunk algorithm ..................................................... 4-57

4.3.12 Link Aggregation Control Protocol (LACP) ................................... 4-59

4.3.12.1 LACP Operation ........................................................ 4-59

4.3.12.2 LACP Terminology .................................................... 4-60

4.3.12.3 Matrix E1 LAG Usage Considerations ....................... 4-61

4.3.13 Configuring Link Aggregation........................................................ 4-63

4.3.13.1 set lacp ...................................................................... 4-63

4.3.13.2 set lacp static............................................................. 4-64

4.3.13.3 clear lacp static.......................................................... 4-65

4.3.13.4 show port lacp ........................................................... 4-66

4.3.13.5 set port lacp ............................................................... 4-68

4.3.14 Configuring Port Broadcast Suppression...................................... 4-70

4.3.14.1 show port broadcast .................................................. 4-70

4.3.14.2 set port broadcast...................................................... 4-71

4.3.15 Configuring Unknown Destination Address Suppression ............. 4-73

4.3.15.1 show port unknowndestsuppress .............................. 4-73

4.3.15.2 set port unknowndestsuppress.................................. 4-74

4.3.15.3 clear port unknowndestsuppress............................... 4-75

SNMP CONFIGURATION

5.1 SNMP Configuration Summary ....................................................................... 5-1

5.1.1 SNMPv1 and SNMPv2.................................................................... 5-1

5.1.2 SNMPv3.......................................................................................... 5-2

5.1.3 About SNMP Security Models and Levels ...................................... 5-2

5.1.4 Process Overview: SNMP Configuration ........................................ 5-3

5.2 SNMP Command Set...................................................................................... 5-5

5.2.1 Disabling / Enabling and Reviewing SNMP Statistics..................... 5-5

5.2.1.1 show snmp .................................................................. 5-5

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide ix

Contents

5.2.1.2 set snmp ...................................................................... 5-6

5.2.1.3 show snmp engineid.................................................... 5-6

5.2.1.4 show snmp counters.................................................... 5-7

5.2.2 Configuring SNMP Users, Groups and Communities ................... 5-14

5.2.2.1 show snmp user ........................................................ 5-15

5.2.2.2 set snmp user ............................................................ 5-16

5.2.2.3 clear snmp user ......................................................... 5-17

5.2.2.4 show snmp group ...................................................... 5-18

5.2.2.5 set snmp group.......................................................... 5-20

5.2.2.6 clear snmp group....................................................... 5-21

5.2.2.7 show community........................................................ 5-22

5.2.2.8 set community ........................................................... 5-23

5.2.2.9 clear community ........................................................ 5-24

5.2.2.10 show snmp community .............................................. 5-24

5.2.2.11 set snmp community.................................................. 5-25

5.2.2.12 clear snmp community............................................... 5-26

5.2.3 Configuring SNMP Access Rights ................................................ 5-27

5.2.3.1 show snmp access .................................................... 5-27

5.2.3.2 set snmp access........................................................ 5-29

5.2.3.3 clear snmp access..................................................... 5-31

5.2.3.4 show snmp authenticationtrap ................................... 5-31

5.2.3.5 set snmp authentication trap ..................................... 5-32

5.2.4 Configuring SNMP MIB Views ...................................................... 5-33

5.2.4.1 show snmp view ........................................................ 5-33

5.2.4.2 set snmp view............................................................ 5-35

5.2.4.3 clear snmp view......................................................... 5-35

5.2.5 Configuring SNMP Target Parameters ......................................... 5-37

5.2.5.1 show snmp targetparams .......................................... 5-37

5.2.5.2 set snmp targetparams .............................................. 5-39

5.2.5.3 clear snmp targetparams ........................................... 5-41

5.2.6 Configuring SNMP Target Addresses ........................................... 5-42

5.2.6.1 show snmp targetaddr ............................................... 5-42

5.2.6.2 set snmp targetaddr................................................... 5-44

5.2.6.3 clear snmp targetaddr................................................ 5-46

5.2.7 Configuring SNMP Notification Parameters.................................. 5-47

5.2.7.1 show trap ................................................................... 5-48

5.2.7.2 set trap....................................................................... 5-49

5.2.7.3 clear trap.................................................................... 5-49

5.2.7.4 show newaddrtrap ..................................................... 5-50

5.2.7.5 set newaddrtrap......................................................... 5-51

5.2.7.6 show snmp notify....................................................... 5-52

5.2.7.7 set snmp notify .......................................................... 5-54

5.2.7.8 clear snmp notify ....................................................... 5-55

x Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Contents

5.2.7.9 show snmp notifyfilter ................................................ 5-56

5.2.7.10 set snmp notifyfilter.................................................... 5-57

5.2.7.11 clear snmp notifyfilter................................................. 5-58

5.2.7.12 show snmp notifyprofile ............................................. 5-59

5.2.7.13 set snmp notifyprofile................................................. 5-60

5.2.7.14 clear snmp notifyprofile.............................................. 5-60

5.2.8 Basic SNMP Trap Configuration ................................................... 5-62

SPANNING TREE CONFIGURATION

6.1 Spanning Tree Configuration Summary .......................................................... 6-1

6.1.1 Overview: Single, Rapid and Multiple Spanning Tree Protocols..... 6-1

6.1.2 Spanning Tree Features ................................................................. 6-2

6.1.3 Process Overview: Spanning Tree Configuration ........................... 6-3

6.2 Spanning Tree Configuration Command Set .................................................. 6-4

6.2.1 Reviewing and Setting Spanning Tree Bridge Parameters............. 6-4

6.2.1.1 show spantree stats..................................................... 6-6

6.2.1.2 set spantree................................................................. 6-9

6.2.1.3 show spantree version............................................... 6-10

6.2.1.4 set spantree version .................................................. 6-11

6.2.1.5 clear spantree version ............................................... 6-11

6.2.1.6 show spantree mstilist ............................................... 6-12

6.2.1.7 set spantree msti ....................................................... 6-13

6.2.1.8 clear spantree msti .................................................... 6-13

6.2.1.9 show spantree mstmap ............................................. 6-14

6.2.1.10 set spantree mstmap ................................................. 6-15

6.2.1.11 clear spantree mstmap .............................................. 6-16

6.2.1.12 show spantree vlanlist ............................................... 6-16

6.2.1.13 show spantree mstcfgid ............................................. 6-17

6.2.1.14 set spantree mstcfgid ................................................ 6-18

6.2.1.15 clear spantree mstcfgid ............................................. 6-19

6.2.1.16 set spantree priority ................................................... 6-19

6.2.1.17 clear spantree priority ................................................ 6-20

6.2.1.18 show spantree bridgehellomode................................ 6-21

6.2.1.19 set spantree bridgehellomode ................................... 6-21

6.2.1.20 clear spantree bridgehellomode ................................ 6-22

6.2.1.21 set spantree hello ...................................................... 6-22

6.2.1.22 clear spantree hello ................................................... 6-23

6.2.1.23 set spantree maxage ................................................. 6-24

6.2.1.24 clear spantree maxage .............................................. 6-25

6.2.1.25 set spantree fwddelay................................................ 6-26

6.2.1.26 clear spantree fwddelay............................................. 6-26

6.2.1.27 show spantree autoedge ........................................... 6-27

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide xi

Contents

6.2.1.28 set spantree autoedge............................................... 6-28

6.2.1.29 clear spantree autoedge ............................................ 6-28

6.2.1.30 show spantree legacypathcost .................................. 6-29

6.2.1.31 set spantree legacypathcost ...................................... 6-29

6.2.1.32 clear spantree legacypathcost ................................... 6-30

6.2.1.33 show spantree tctrapsuppress................................... 6-30

6.2.1.34 set spantree tctrapsuppress ...................................... 6-31

6.2.1.35 clear spantree tctrapsuppress ................................... 6-32

6.2.1.36 show spantree txholdcount........................................ 6-32

6.2.1.37 set spantree txholdcount ........................................... 6-33

6.2.1.38 clear spantree txholdcount ........................................ 6-34

6.2.1.39 set spantree maxhops ............................................... 6-34

6.2.1.40 clear spantree maxhops ............................................ 6-35

6.2.2 Reviewing and Setting Spanning Tree Port Parameters .............. 6-36

6.2.2.1 show spantree portadmin .......................................... 6-37

6.2.2.2 set spantree portadmin .............................................. 6-38

6.2.2.3 clear spantree portadmin ........................................... 6-39

6.2.2.4 show spantree blocked ports..................................... 6-39

6.2.2.5 show spantree portpri ................................................ 6-40

6.2.2.6 set spantree portpri.................................................... 6-41

6.2.2.7 clear spantree portpri................................................. 6-42

6.2.2.8 show spantree portcost ............................................. 6-43

6.2.2.9 set spantree portcost ................................................. 6-43

6.2.2.10 clear spantree portcost .............................................. 6-45

6.2.2.11 show spantree adminedge ........................................ 6-45

6.2.2.12 set spantree adminedge ............................................ 6-46

6.2.2.13 clear spantree adminedge ......................................... 6-47

6.2.2.14 show spantree spanguard ......................................... 6-47

6.2.2.15 set spantree spanguard ............................................. 6-48

6.2.2.16 clear spantree spanguard .......................................... 6-49

6.2.2.17 show spantree spanguardtimeout ............................. 6-49

6.2.2.18 set spantree spanguardtimeout ................................. 6-50

6.2.2.19 clear spantree spanguardtimeout .............................. 6-50

6.2.2.20 show spantree spanguardlock ................................... 6-51

6.2.2.21 clear spantree spanguardlock ................................... 6-52

6.2.2.22 show spantree spanguardtrapenable ........................ 6-52

6.2.2.23 set spantree spanguardtrapenable............................ 6-53

6.2.2.24 clear spantree spanguardtrapenable......................... 6-54

6.2.2.25 show spantree adminpoint......................................... 6-54

6.2.2.26 set spantree adminpoint ............................................ 6-55

6.2.2.27 clear spantree adminpoint ......................................... 6-56

xii Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Contents

802.1Q VLAN CONFIGURATION

7.1 VLAN Configuration Summary ........................................................................ 7-1

7.1.1 Port Assignment Scheme ............................................................... 7-1

7.1.2 Port String Syntax Used in the CLI ................................................. 7-1

7.2 Process Overview: 802.1Q VLAN Configuration............................................. 7-2

7.3 VLAN Configuration Command Set ................................................................ 7-3

7.3.1 Reviewing Existing VLANs.............................................................. 7-3

7.3.1.1 show vlan..................................................................... 7-3

7.3.1.2 show vlan static ........................................................... 7-6

7.3.1.3 show vlan portinfo........................................................ 7-7

7.3.2 Creating and Naming Static VLANs ................................................ 7-9

7.3.2.1 set vlan ........................................................................ 7-9

7.3.2.2 set vlan name ............................................................ 7-10

7.3.2.3 clear vlan ................................................................... 7-11

7.3.2.4 clear vlan name ......................................................... 7-12

7.3.3 Assigning Port VLAN IDs (PVIDs) and Ingress Filtering............... 7-13

7.3.3.1 show port vlan ........................................................... 7-13

7.3.3.2 set port vlan ............................................................... 7-14

7.3.3.3 clear port vlan ............................................................ 7-15

7.3.3.4 show port ingress filter............................................... 7-16

7.3.3.5 set port ingress filter .................................................. 7-17

7.3.4 Configuring the VLAN Egress List ................................................ 7-18

7.3.4.1 set vlan forbidden ...................................................... 7-18

7.3.4.2 show port egress ....................................................... 7-19

7.3.4.3 set vlan egress .......................................................... 7-20

7.3.4.4 clear vlan egress ....................................................... 7-21

7.3.4.5 show vlan dynamic egress ........................................ 7-22

7.3.4.6 set vlan dynamicegress ............................................. 7-23

7.3.5 Assigning VLANs According to Classification Rules..................... 7-24

7.3.5.1 show vlan classification ............................................. 7-24

7.3.5.2 set vlan classification................................................. 7-25

7.3.5.3 Valid Values for VLAN Classification and Frame

Filtering...................................................................... 7-28

7.3.5.4 Classification Precedence Rules ............................... 7-32

7.3.5.5 clear vlan classification.............................................. 7-34

7.3.5.6 set vlan classification ingress .................................... 7-35

7.3.5.7 clear vlan classification ingress ................................. 7-36

7.3.6 Setting the Host VLAN .................................................................. 7-38

7.3.6.1 show host vlan........................................................... 7-38

7.3.6.2 set port vlan host ...................................................... 7-39

7.3.6.3 clear host vlan ........................................................... 7-40

7.3.7 Creating a Secure Management VLAN......................................... 7-41

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide xiii

Contents

7.3.8 Enabling/Disabling GVRP (GARP VLAN Registration Protocol)... 7-42

7.3.8.1 show gvrp .................................................................. 7-44

7.3.8.2 show garp timer ......................................................... 7-45

7.3.8.3 set gvrp...................................................................... 7-47

7.3.8.4 set garp timer............................................................. 7-48

POLICY CLASSIFICATION CONFIGURATION

8.1 Policy Classification Configuration Summary.................................................. 8-1

8.2 Process Overview: Policy Classification Configuration ................................... 8-1

8.3 Policy Classification Configuration Command Set .......................................... 8-2

8.3.1 Configuring Policy Profiles .............................................................. 8-2

8.3.1.1 show policy profile ....................................................... 8-2

8.3.1.2 set policy profile........................................................... 8-4

8.3.1.3 clear policy profile........................................................ 8-5

8.3.1.4 show policy invalid action ............................................ 8-5

8.3.1.5 set policy invalid action................................................ 8-6

8.3.1.6 clear policy invalid action ............................................. 8-7

8.3.2 Assigning Classification Rules to Policy Profiles ............................ 8-8

8.3.2.1 show policy class......................................................... 8-8

8.3.2.2 set policy classify......................................................... 8-9

8.3.2.3 Classification Precedence Rules ............................... 8-15

8.3.2.4 clear policy class ....................................................... 8-16

8.3.2.5 show policy maptable ................................................ 8-17

8.3.2.6 show vlanauthorization .............................................. 8-18

8.3.2.7 set vlanauthorization.................................................. 8-19

8.3.2.8 set policy maptable response .................................... 8-20

8.3.2.9 clear policy maptable response ................................. 8-20

8.3.2.10 set policy maptable.................................................... 8-21

8.3.2.11 clear policy maptable................................................. 8-22

8.3.3 Assigning Ports to Policy Profiles ................................................. 8-23

8.3.3.1 show policy port......................................................... 8-23

8.3.3.2 set policy port ............................................................ 8-24

8.3.3.3 clear policy port ......................................................... 8-25

xiv Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

PORT PRIORITY AND CLASSIFICATION CONFIGURATION

9.1 Port Priority and Classification Configuration Summary ................................. 9-1

9.1.1 Priority............................................................................................. 9-1

9.1.2 Priority Queueing Modes (Algorithms) ............................................ 9-2

9.1.3 Port Classification ........................................................................... 9-3

9.2 Process Overview: Priority, Classification,

And Rate Limiting Configuration ..................................................................... 9-4

Contents

9.3 Port Priority and Classification Configuration Commands .............................. 9-4

9.3.1 Configuring Port Priority .................................................................. 9-4

9.3.1.1 show port priority ......................................................... 9-5

9.3.1.2 set port priority............................................................. 9-5

9.3.1.3 clear port priority.......................................................... 9-6

9.3.2 Configuring Priority to Transmit Queue Mapping............................ 9-7

9.3.2.1 show priority queue ..................................................... 9-7

9.3.2.2 set priority queue ......................................................... 9-9

9.3.3 Configuring Quality of Service (QoS)............................................ 9-11

9.3.3.1 show port qos ............................................................ 9-11

9.3.3.2 set port qos sp ........................................................... 9-12

9.3.3.3 set port qos wrr.......................................................... 9-13

9.3.3.4 set port qos hybrid ..................................................... 9-14

9.3.4 Configuring Priority Classification ................................................. 9-16

9.3.4.1 show priority classification ......................................... 9-17

9.3.4.2 set priority classification............................................. 9-18

9.3.4.3 Valid Values for Priority Classification ....................... 9-19

9.3.4.4 clear priority classification.......................................... 9-23

9.3.4.5 set priority classification tosvalue .............................. 9-24

9.3.4.6 set priority classification tosstatus ............................. 9-26

9.3.4.7 show priority classification qtagoverride .................... 9-27

9.3.4.8 set priority classification qtagoverride........................ 9-27

9.3.5 Classification Precedence Rules .................................................. 9-28

9.3.5.1 set priority classification ingress ................................ 9-31

9.3.5.2 clear priority classification ingress ............................. 9-32

9.3.6 Configuring Port Traffic Rate Limiting ........................................... 9-34

9.3.6.1 show port ratelimit ..................................................... 9-34

9.3.6.2 set port ratelimit ......................................................... 9-36

9.3.6.3 clear port ratelimit ...................................................... 9-37

IGMP CONFIGURATION

10.1 IGMP Configuration Summary ...................................................................... 10-1

10.1.1 Process Overview: IGMP Configuration ....................................... 10-1

10.2 IGMP Configuration Command Set............................................................... 10-2

10.2.1 Enabling / Disabling IGMP ............................................................ 10-2

10.2.1.1 show igmp ................................................................. 10-2

10.2.1.2 set igmp ..................................................................... 10-3

10.2.2 Setting IGMP Query Interval and Response Time........................ 10-4

10.2.2.1 show igmp query-interval........................................... 10-4

10.2.2.2 set igmp query-interval .............................................. 10-5

10.2.2.3 show igmp response-time.......................................... 10-5

10.2.2.4 set igmp response-time ............................................. 10-6

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide xv

Contents

10.2.3 Reviewing IGMP Groups .............................................................. 10-7

10.2.3.1 show igmp groups ..................................................... 10-7

10.2.4 Configuring IGMP VLAN Registration ........................................... 10-9

10.2.4.1 show igmp mode ....................................................... 10-9

10.2.4.2 set igmp mode vlan ................................................. 10-10

10.2.4.3 set igmp mode ipaddress ........................................ 10-11

10.2.4.4 set igmp mode ......................................................... 10-12

10.3 About IGMP................................................................................................. 10-13

10.3.1 IGMP VLAN Registration ............................................................ 10-13

LOGGING AND SWITCH NETWORK MANAGEMENT

11.1 Process Overview: Logging and Network Management ............................... 11-1

11.2 Logging and Network Management Command Set ...................................... 11-2

11.2.1 Configuring System Logging ......................................................... 11-2

11.2.1.1 set logging ................................................................. 11-3

11.2.1.2 show logging all ......................................................... 11-3

11.2.1.3 show logging console ................................................ 11-7

11.2.1.4 set logging console.................................................... 11-8

11.2.1.5 show logging server................................................... 11-8

11.2.1.6 set logging server .................................................... 11-10

11.2.1.7 clear logging server ................................................. 11-11

11.2.1.8 show logging default................................................ 11-11

11.2.1.9 set logging default ................................................... 11-12

11.2.1.10 clear logging default ................................................ 11-14

11.2.1.11 show logging application ......................................... 11-14

11.2.1.12 set logging application ............................................. 11-16

11.2.1.13 clear logging application .......................................... 11-20

11.2.1.14 show logging audit-trail............................................ 11-20

11.2.1.15 copy audit-trail ......................................................... 11-21

11.2.2 Monitoring Switch Network Events and Status ...........................11-22

11.2.2.1 show eventlog.......................................................... 11-22

11.2.2.2 clear eventlog .......................................................... 11-23

11.2.2.3 history ...................................................................... 11-24

11.2.2.4 repeat ...................................................................... 11-24

11.2.2.5 show history............................................................. 11-26

11.2.2.6 set history ................................................................ 11-26

11.2.2.7 show netstat ............................................................ 11-27

11.2.2.8 show rmon stats ...................................................... 11-28

11.2.2.9 show users .............................................................. 11-31

11.2.2.10 disconnect ............................................................... 11-33

11.2.3 Managing Switch Network Addresses ........................................ 11-33

11.2.3.1 show arp .................................................................. 11-35

xvi Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Contents

11.2.3.2 set arp...................................................................... 11-35

11.2.3.3 clear arp................................................................... 11-36

11.2.3.4 show rad .................................................................. 11-37

11.2.3.5 set rad...................................................................... 11-38

11.2.3.6 show mac ................................................................ 11-38

11.2.3.7 set mac .................................................................... 11-41

11.2.3.8 clear mac ................................................................. 11-42

11.2.3.9 show mac agingtime................................................ 11-43

11.2.3.10 set mac agingtime ................................................... 11-44

11.2.3.11 clear mac agingtime ................................................ 11-44

11.2.3.12 show port stopaging ................................................ 11-45

11.2.3.13 set port stopaging .................................................... 11-46

11.2.3.14 clear port stopaging ................................................. 11-47

11.2.3.15 set mac algorithm .................................................... 11-47

11.2.3.16 show dns ................................................................. 11-49

11.2.3.17 set dns domain ........................................................ 11-49

11.2.3.18 clear dns domain ..................................................... 11-50

11.2.3.19 set dns server .......................................................... 11-51

11.2.3.20 clear dns server ....................................................... 11-51

11.2.3.21 clear dns .................................................................. 11-52

11.2.3.22 ping.......................................................................... 11-53

11.2.3.23 traceroute ................................................................ 11-55

11.2.3.24 set mac multicast..................................................... 11-57

11.2.3.25 show mac multicast ................................................. 11-59

11.2.4 Configuring Simple Network Time Protocol (SNTP) ................... 11-60

11.2.4.1 show sntp ................................................................ 11-60

11.2.4.2 set sntp client........................................................... 11-61

11.2.4.3 set sntp broadcastdelay........................................... 11-62

11.2.4.4 set sntp poll-interval................................................. 11-62

11.2.4.5 set sntp server ......................................................... 11-63

11.2.4.6 clear sntp server ...................................................... 11-64

11.2.4.7 set timezone ............................................................ 11-65

11.2.4.8 clear timezone ......................................................... 11-65

11.2.5 Configuring Node Aliases ........................................................... 11-67

11.2.5.1 show nodealias........................................................ 11-67

11.2.5.2 show nodealias config ............................................. 11-69

11.2.5.3 set nodealias ........................................................... 11-70

11.2.5.4 set nodealias maxentries ......................................... 11-71

11.2.5.5 clear nodealias ........................................................ 11-72

11.2.5.6 clear nodealias config.............................................. 11-73

11.2.6 Configuring Convergence End Points (CEP) Phone Detection ..11-74

11.2.6.1 show cep ................................................................. 11-75

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide xvii

Contents

11.2.6.2 set cep ..................................................................... 11-76

11.2.6.3 set cep port.............................................................. 11-77

11.2.6.4 set cep policy........................................................... 11-77

11.2.6.5 set cep detection ..................................................... 11-78

11.2.6.6 set cep detection type.............................................. 11-79

11.2.6.7 set cep detection address........................................ 11-80

11.2.6.8 set cep detection protocol........................................ 11-81

11.2.6.9 set cep detection porthigh ....................................... 11-82

11.2.6.10 set cep initialize ....................................................... 11-83

11.2.6.11 clear cep .................................................................. 11-84

IP CONFIGURATION

12.1 Process Overview: Internet Protocol (IP) Configuration................................ 12-1

12.2 IP Configuration Command Set .................................................................... 12-2

12.2.1 Configuring Routing Interface Settings ......................................... 12-2

12.2.1.1 show interface ........................................................... 12-3

12.2.1.2 interface..................................................................... 12-6

12.2.1.3 show ip interface........................................................ 12-7

12.2.1.4 ip address .................................................................. 12-8

12.2.1.5 no shutdown .............................................................. 12-8

12.2.2 Reviewing and Saving the Routing Configuration......................... 12-9

12.2.2.1 show running-config ................................................ 12-10

12.2.2.2 write ......................................................................... 12-11

12.2.2.3 no ip routing............................................................. 12-13

12.2.3 Reviewing and Configuring the ARP Table................................. 12-14

12.2.3.1 show ip arp .............................................................. 12-14

12.2.3.2 arp ........................................................................... 12-17

12.2.3.3 ip gratuitous-arp-learning......................................... 12-17

12.2.3.4 ip proxy-arp.............................................................. 12-18

12.2.3.5 ip mac-address ........................................................ 12-19

12.2.3.6 arp timeout............................................................... 12-20

12.2.3.7 clear arp-cache........................................................ 12-20

12.2.4 Configuring Broadcast Settings .................................................. 12-22

12.2.4.1 ip directed-broadcast ............................................... 12-22

12.2.4.2 ip forward-protocol................................................... 12-23

12.2.4.3 ip helper-address..................................................... 12-25

12.2.5 Reviewing IP Traffic and Configuring Routes .............................12-27

12.2.5.1 show ip protocols..................................................... 12-27

12.2.5.2 show limits ............................................................... 12-28

12.2.5.3 show ip traffic........................................................... 12-29

12.2.5.4 clear ip stats ............................................................ 12-31

12.2.5.5 show ip route ........................................................... 12-31

xviii Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Contents

12.2.5.6 ip route..................................................................... 12-33

12.2.5.7 ip icmp ..................................................................... 12-34

12.2.5.8 ping.......................................................................... 12-35

12.2.5.9 traceroute ................................................................ 12-36

ROUTING PROTOCOL CONFIGURATION

13.1 Process Overview: Routing Protocol Configuration ...................................... 13-1

13.1.1 Configuring RIP............................................................................. 13-2

13.1.1.1 router rip .................................................................... 13-3

13.1.1.2 network ...................................................................... 13-4

13.1.1.3 neighbor..................................................................... 13-5

13.1.1.4 distance ..................................................................... 13-6

13.1.1.5 ip rip offset ................................................................. 13-7

13.1.1.6 timers......................................................................... 13-8

13.1.1.7 ip rip send version ..................................................... 13-9

13.1.1.8 ip rip receive version................................................ 13-10

13.1.1.9 key chain ................................................................. 13-11

13.1.1.10 key ........................................................................... 13-12

13.1.1.11 key-string ................................................................. 13-13

13.1.1.12 accept-lifetime ......................................................... 13-14

13.1.1.13 send-lifetime ............................................................ 13-15

13.1.1.14 ip rip authentication keychain .................................. 13-17

13.1.1.15 ip rip authentication mode ....................................... 13-18

13.1.1.16 no auto-summary..................................................... 13-19

13.1.1.17 ip rip disable-triggered-updates ............................... 13-20

13.1.1.18 ip split-horizon ......................................................... 13-20

13.1.1.19 passive-interface ..................................................... 13-21

13.1.1.20 receive-interface ...................................................... 13-22

13.1.1.21 distribute-list ............................................................ 13-23

13.1.1.22 redistribute............................................................... 13-24

13.1.2 Configuring OSPF....................................................................... 13-26

13.1.2.1 router ospf ............................................................... 13-28

13.1.2.2 network .................................................................... 13-29

13.1.2.3 router id ................................................................... 13-30

13.1.2.4 ip ospf cost .............................................................. 13-31

13.1.2.5 ip ospf priority .......................................................... 13-31

13.1.2.6 timers spf ................................................................. 13-32

13.1.2.7 ip ospf retransmit-interval ........................................ 13-33

13.1.2.8 ip ospf transmit-delay .............................................. 13-34

13.1.2.9 ip ospf hello-interval................................................. 13-35

13.1.2.10 ip ospf dead-interval ................................................ 13-36

13.1.2.11 ip ospf authentication-key ........................................ 13-37

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide xix

Contents

13.1.2.12 ip ospf message digest key md5 ............................. 13-38

13.1.2.13 distance ospf ........................................................... 13-39

13.1.2.14 area range ............................................................... 13-40

13.1.2.15 area authentication .................................................. 13-41

13.1.2.16 area stub.................................................................. 13-42

13.1.2.17 area default cost ...................................................... 13-43

13.1.2.18 area nssa................................................................. 13-44

13.1.2.19 area virtual-link ........................................................ 13-45

13.1.2.20 passive-ospf ............................................................ 13-47

13.1.2.21 redistribute............................................................... 13-48

13.1.2.22 database-overflow ................................................... 13-50

13.1.2.23 show ip ospf............................................................. 13-51

13.1.2.24 show ip ospf database............................................. 13-53

13.1.2.25 show ip ospf border-routers ..................................... 13-55

13.1.2.26 show ip ospf interface.............................................. 13-56

13.1.2.27 show ip ospf neighbor.............................................. 13-58

13.1.2.28 show ip ospf virtual-links.......................................... 13-60

13.1.2.29 clear ip ospf process................................................ 13-61

13.1.3 Configuring DVMRP.................................................................... 13-63

13.1.3.1 ip dvmrp................................................................... 13-63

13.1.3.2 ip dvmrp metric ........................................................ 13-64

13.1.3.3 show ip dvmrp route ................................................ 13-65

13.1.3.4 show ip mroute ........................................................ 13-66

13.1.4 Configuring IRDP ........................................................................ 13-68

13.1.4.1 ip irdp....................................................................... 13-68

13.1.4.2 ip irdp maxadvertinterval ......................................... 13-69

13.1.4.3 ip irdp minadvertinterval .......................................... 13-70

13.1.4.4 ip irdp holdtime ........................................................ 13-71

13.1.4.5 ip irdp preference..................................................... 13-72

13.1.4.6 ip irdp address ......................................................... 13-73

13.1.4.7 no ip irdp multicast................................................... 13-73

13.1.4.8 show ip irdp ............................................................. 13-74

13.1.5 Configuring VRRP....................................................................... 13-76

13.1.5.1 router vrrp ................................................................ 13-76

13.1.5.2 create....................................................................... 13-77

13.1.5.3 address.................................................................... 13-78

13.1.5.4 priority...................................................................... 13-79

13.1.5.5 advertise-interval ..................................................... 13-81

13.1.5.6 critical-ip .................................................................. 13-82

13.1.5.7 preempt ................................................................... 13-83

13.1.5.8 enable...................................................................... 13-84

13.1.5.9 ip vrrp authentication-key ........................................ 13-85

13.1.5.10 ip vrrp message-digest-key ..................................... 13-85

13.1.5.11 show ip vrrp ............................................................. 13-86

xx Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Contents

SECURITY CONFIGURATION

14.1 Overview of Security Methods ...................................................................... 14-1

14.2 Process Overview: Security Configuration.................................................... 14-2

14.3 Security Configuration Command Set........................................................... 14-3

14.3.1 Configuring RADIUS ..................................................................... 14-3

14.3.1.1 show radius ............................................................... 14-4

14.3.1.2 set radius ................................................................... 14-6

14.3.1.3 clear radius ................................................................ 14-8

14.3.1.4 show radius accounting ........................................... 14-10

14.3.1.5 set radius accounting............................................... 14-12

14.3.1.6 clear radius accounting............................................ 14-14

14.3.2 Configuring 802.1X Authentication ............................................. 14-15

14.3.2.1 show dot1x .............................................................. 14-16

14.3.2.2 show dot1x auth-config............................................ 14-19

14.3.2.3 set dot1x .................................................................. 14-20

14.3.2.4 set dot1x auth-config ............................................... 14-21

14.3.2.5 set dot1x port........................................................... 14-23

14.3.2.6 clear dot1x auth-config ............................................ 14-24

14.3.2.7 show eapol .............................................................. 14-25

14.3.2.8 set eapol .................................................................. 14-29

14.3.3 Configuring MAC Authentication ................................................. 14-30

14.3.3.1 show macauthentication .......................................... 14-31

14.3.3.2 show macauthentication session ............................. 14-34

14.3.3.3 set macauthentication.............................................. 14-35

14.3.3.4 set macauthentication password ............................. 14-36

14.3.3.5 set macauthentication port ...................................... 14-37

14.3.3.6 set macauthentication portinitialize.......................... 14-38

14.3.3.7 set macauthentication macinitialize ......................... 14-38

14.3.3.8 set macauthentication reauthentication ................... 14-39

14.3.3.9 set macauthentication portreauthenticate................ 14-40

14.3.3.10 set macauthentication macreauthenticate ............... 14-40

14.3.3.11 set macauthentication reauthperiod ........................ 14-41

14.3.3.12 set macauthentication quietperiod........................... 14-42

14.3.4 Configuring MAC Locking ........................................................... 14-43

14.3.4.1 show maclock .......................................................... 14-44

14.3.4.2 show maclock stations............................................. 14-46

14.3.4.3 set maclock enable.................................................. 14-48

14.3.4.4 set maclock disable ................................................. 14-49

14.3.4.5 set maclock.............................................................. 14-50

14.3.4.6 set maclock firstarrival ............................................. 14-51

14.3.4.7 set maclock static .................................................... 14-52

14.3.4.8 set maclock move.................................................... 14-53

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide xxi

Contents

14.3.4.9 clear maclock static ................................................. 14-53

14.3.4.10 show maclock autostatic.......................................... 14-54

14.3.4.11 set maclock autostatic ............................................. 14-55

14.3.4.12 set maclock autostatic isl......................................... 14-56

14.3.4.13 set maclock autostatic publicvlan ............................ 14-57

14.3.4.14 set maclock autostatic publicmac ............................ 14-58

14.3.4.15 set maclock autostatic passthroughmac.................. 14-59

14.3.4.16 clear maclock autostatic .......................................... 14-60

14.3.4.17 set maclock trap ...................................................... 14-61

14.3.4.18 clear maclock........................................................... 14-62

14.3.5 Configuring Port Web Authentication (PWA) .............................. 14-63

14.3.5.1 show pwa................................................................. 14-64

14.3.5.2 set pwa .................................................................... 14-67

14.3.5.3 set pwa hostname ................................................... 14-68

14.3.5.4 set pwa displaylogo ................................................. 14-68

14.3.5.5 set pwa refreshtime ................................................. 14-69

14.3.5.6 set pwa nameservices ............................................. 14-70

14.3.5.7 set pwa ipaddress.................................................... 14-70

14.3.5.8 set pwa protocol ...................................................... 14-71

14.3.5.9 set pwa enhancedmode .......................................... 14-72

14.3.5.10 set pwa guestname ................................................. 14-73

14.3.5.11 set pwa guestpassword ........................................... 14-73

14.3.5.12 set pwa gueststatus................................................. 14-74

14.3.5.13 set pwa initialize ...................................................... 14-75

14.3.5.14 set pwa quietperiod ................................................. 14-75

14.3.5.15 set pwa maxrequests............................................... 14-76

14.3.5.16 set pwa portcontrol .................................................. 14-77

14.3.6 Configuring Secure Shell (SSH) ................................................. 14-78

14.3.6.1 show ssh.................................................................. 14-79

14.3.6.2 set ssh ..................................................................... 14-80

14.3.6.3 ssh ........................................................................... 14-81

14.3.6.4 set ssh ciphers......................................................... 14-82

14.3.6.5 clear ssh ciphers...................................................... 14-83

14.3.6.6 set ssh port .............................................................. 14-83

14.3.6.7 set ssh mac ............................................................. 14-84

14.3.6.8 clear ssh mac .......................................................... 14-85

14.3.6.9 set ssh rekeyintervalseconds .................................. 14-86

14.3.6.10 set ssh passwordguesses ....................................... 14-86

14.3.6.11 set ssh logingracetime............................................. 14-87

14.3.6.12 clear ssh keys.......................................................... 14-87

14.3.6.13 clear ssh config........................................................ 14-88

xxii Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Contents

14.3.7 Configuring Access Lists............................................................. 14-89

14.3.7.1 show access-lists..................................................... 14-89

14.3.7.2 access-list (standard) .............................................. 14-90

14.3.7.3 access-list (extended).............................................. 14-92

14.3.7.4 ip access-group ....................................................... 14-96

14.3.8 Configuring Denial of Service Prevention ................................... 14-97

14.3.8.1 show HostDos ......................................................... 14-98

14.3.8.2 HostDos................................................................... 14-99

14.3.8.3 clear hostdos-counters .......................................... 14-101

14.3.9 Configuring Flow Setup Throttling (FST) .................................. 14-102

14.3.9.1 show flowlimit ........................................................ 14-103

14.3.9.2 set flowlimit ............................................................ 14-105

14.3.9.3 set flowlimit limit..................................................... 14-106

14.3.9.4 set flowlimit class................................................... 14-108

14.3.9.5 clear flowlimit action .............................................. 14-109

14.3.9.6 set flowlimit shutdown............................................ 14-110

14.3.9.7 set flowlimit notification.......................................... 14-111

14.3.9.8 set flowlimit clearstats............................................ 14-111

14.4 Working with Security Configurations ....................................................... 14-113

14.4.1 Host Access Control Authentication (HACA) ............................ 14-113

14.4.2 802.1X Port Based Network Access Control Overview ............ 14-114

14.4.3 MAC Authentication Overview .................................................. 14-114

14.4.3.1 Authentication Method Sequence.......................... 14-115

14.4.3.2 Concurrent Operation of 802.1X and MAC

Authentication........................................................ 14-115

14.4.4 MAC Authentication Control...................................................... 14-119

14.4.5 RADIUS Filter-ID Attribute and Dynamic Policy Profile Assignment....

14-119

INDEX

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide xxiii

Contents

xxiv Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Figures

2-1 Connecting an IBM PC or Compatible Device........................................................................2-3

2-2 Connecting a VT Series Terminal.............................................................................................2-4

2-3 Connecting to a Modem..............................................................................................................2-6

3-1 Sample Command Default Description..................................................................................3-10

3-2 Console Port Initial Startup Screen Before User Authorization..........................................3-15

3-3 Startup Screen After User Authorization................................................................................3-17

3-4 Performing a Key Word Lookup ..............................................................................................3-18

3-5 Performing a Partial Keyword Lookup....................................................................................3-18

3-6 Scrolling Screen Output............................................................................................................3-19

3-7 Configuring Two VLANs for IP Routing..................................................................................3-95

4-1 1H582-51 Expansion Module and Fixed Front Panel Port Numbering Scheme ...............4-2

4-2 Optional Ethernet Expansion Modules.....................................................................................4-3

4-3 Port Grouping Designations for the Matrix E1 1H582-51 ...................................................4-48

4-4 Port Grouping Designations for the Matrix E1 1H582-25....................................................4-48

5-1 Creating a Basic SNMP Trap Configuration..........................................................................5-63

7-1 Example of VLAN Propagation via GVRP .............................................................................7-43

9-1 Datagram, Layer 2 and Layer 3 ...............................................................................................9-24

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide xxv

Figures

xxvi Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Tables

Ta bl e Page

3-1 Default Device Settings for Basic and Switch Mode Operation ........................................3-1

3-2 Default Device Settings for Router Mode Operation...........................................................3-6

3-3 Basic Line Editing Commands..............................................................................................3-20

3-4 show system login Output Details........................................................................................3-22

3-5 show version Output Details ................................................................................................. 3-38

3-6 show cdp Output Details........................................................................................................3-70

3-7 show ciscodp Output Details.................................................................................................3-73

3-8 show port ciscodp info Output Details.................................................................................3-77

3-9 Command Set for Configuring VLANs for IP Routing .......................................................3-93

3-10 Router CLI Configuration Modes..........................................................................................3-96

4-1 Ethernet Expansion Module Interface Types and Port Numbering .................................4-3

4-2 show port status Output Details..............................................................................................4-8

4-3 show port counters Output Details.......................................................................................4-11

4-4 VerboseOutput Details...........................................................................................................4-24

4-5 Port Grouping IDs for the Matrix E1 1H582-xx Fixed Front Panel..................................4-48

4-6 Port Grouping IDs for the 1H-16TX and 1H-8FX Expansion Modules...........................4-49

4-7 show trunk Output Details .....................................................................................................4-52

4-8 LACP Terms and Definitions.................................................................................................4-60

5-1 SNMP Security Levels .............................................................................................................5-3

5-2 show snmp engineid Output Details ......................................................................................5-7

5-3 show snmp counters Output Details....................................................................................5-10

5-4 show snmp user Output Details............................................................................................5-16

5-5 show snmp group Output Details .........................................................................................5-19

5-6 show community Output Details...........................................................................................5-22

5-7 show snmp access Output Details.......................................................................................5-28

5-8 show snmp view Output Details ...........................................................................................5-34

5-9 show snmp targetparams Output Details............................................................................5-38

5-10 show snmp targetaddr Output Details .................................................................................5-43

5-11 show trap Output Details .......................................................................................................5-48

5-12 show snmp notify Output Details ..........................................................................................5-53

5-13 Basic SNMP Trap Configuration Command Set................................................................5-62

6-1 show spantree stats Output Details .......................................................................................6-7

7-1 Valid Values for VLAN Classification ...................................................................................7-29

7-2 Valid Values for VLAN Frame Filtering................................................................................7-29

7-3 Classification Precedence .....................................................................................................7-33

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide xxvii

Ta bl e s

7-4 Command Set for Creating a Secure Management VLAN ..............................................7-41

7-5 show gvrp configuration Output Details..............................................................................7-46

8-1 show policy profile Output Details.......................................................................................... 8-3

8-2 Valid Values for Policy Classification ..................................................................................8-12

8-3 Classification Precedence ..................................................................................................... 8-15

9-1 Valid Values for Priority Classification.................................................................................9-20

9-2 Classification Precedence ..................................................................................................... 9-29

10-1 show igmp groups Output Details ........................................................................................10-8

10-2 show igmp mode Output Details ........................................................................................10-10

11-1 show logging all Output Details............................................................................................ 11-6

11-2 show logging application Output Details...........................................................................11-16

11-3 Mnemonic Values for Logging Applications .....................................................................11-18

11-4 show netstat Output Details................................................................................................11-28

11-5 show rmon stats Output Details ......................................................................................... 11-30

11-6 show mac Output Details ....................................................................................................11-40

11-7 show nodealias Output Details...........................................................................................11-68

11-8 show nodealias config Output Details ............................................................................... 11-70

12-1 VLAN and Loopback Interface Configuration Modes ....................................................... 12-3

12-2 show running-config Output Details...................................................................................12-11

12-3 show ip arp Output Details .................................................................................................. 12-16

13-1 RIP Configuration Task List and Commands.....................................................................13-2

13-2 OSPF Configuration Task List and Commands...............................................................13-26

13-3 show ip ospf database Output Details...............................................................................13-55

13-4 show ip ospf interface Output Details................................................................................ 13-57

13-5 show ip ospf neighbor Output Details ...............................................................................13-60

13-6 show ip ospf virtual links Output Details ...........................................................................13-61

14-1 show radius Output Details ...................................................................................................14-5

14-2 show eapol Output Details .................................................................................................. 14-26

14-3 show macauthentication Output Details ...........................................................................14-32

14-4 show macauthentication session Output Details............................................................. 14-34

14-5 show maclock Output Details ............................................................................................. 14-46

14-6 show maclock stations Output Details ..............................................................................14-48

14-7 show pwa Output Details..................................................................................................... 14-65

14-8 show flowlimit Output Details............................................................................................ 14-104

14-9 MAC / 802.1X Precedence States ...................................................................................14-116

xxviii Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

+ 778 hidden pages

Enterasys Networks 1H582-xx, E1, 1G58x-09 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

NOTICE

ENTERASYS NETWORKS, INC. FIRMWARE LICENSE AGREEMENT

Contents

Figures

Tables