Fujitsu XG2000 Series User Manual

P3N1-E202-01ENZ0

XG2000 series

User's Guide

XG2000 series User's Guide

2/315

Preface

You have purchased the XG2000 series, a compact, 20-port 10 Gigabit Ethernet layer 2 switch that achieves unsurpassed standards of high throughput and low-latency performance. This guide describes the XG2000 series (XG2000 / XG2000R / XG2000C / XG2000CR) functions, installation procedures, configuration operations, and maintenance procedures and should be read and understood before you start using your XG2000 series.

March, 2009

Linux is a registered trademark or trademark of Linus Torvalds in the United States and/or other countries.

XG2000 series User's Guide

3/315

About this Manual

This section describes target readers, contents, notations, etc. of this guide.

Target Readers and Required Knowledge

This guide was written for administrators, who are in charge of network construction, maintenance, and management. To use this guide, the following knowledge is required.

z Basic knowledge of networks, the Internet, and intranets z Basic knowledge of system security

This guide omits explanations of network protocol terms.

Contents

This guide to the XG2000 series is composed of the following chapters.

Chapter 1. Features and Functions

Describes the features and functions.

Chapter 2. Using the CLI

Describes operating environment of CLI and how to operate CLI.

Chapter 3. Installation

Describes the necessary installation procedures.

Chapter 4. Functions and Procedures for Setting Functions

Describes how to use the console screen.

Chapter 5. Command References

Describes how to use the commands.

Chapter 6. Managing the Device

Describes the management of the device.

Chapter 7. Troubleshooting

Describes how to solve problems in the device.

Appendix A. Event Logs

Describes the contents of messages reported by the device and actions to be taken for each message.

Appendix B. SNMP Traps

Describes message format of SNMP traps.

Appendix C. List of MIBs

Describes the list of MIBs supported by the SNMP agent

Related Manuals

The following are XG2000 series related manuals. Use these manuals as necessary.

z XG2000 Series Hardware Guide

Describes the hardware of the XG2000 series.

Symbols Used in This Guide

The symbols used in this guide have the following meanings.

indicates useful information related to using the XG2000 series.

indicates precautions to take when using the XG2000 series.

indicates supplementary information.

indicates related matters such as operation procedures, etc.

XG2000 series User's Guide

4/315

Contents

Preface .........................................................................................................................................................................2

About this Manual.......................................................................................................................................................3

Contents ......................................................................................................................................................................4

Chapter 1 Features and Functions ....................................................................................................................10

1.1 Features ............................................................................................................................................................11

Chapter 2 Using the CLI......................................................................................................................................12

2.1 Overview of the CLI...........................................................................................................................................13

2.1.1 Operating Environment for the CLI .............................................................................................................13

2.1.2 Command Modes and Mode Switching ......................................................................................................14

2.1.3 startup-config and running-config................................................................................................................16

2.2 Using the CLI.....................................................................................................................................................17

2.2.1 How to Enter Commands ............................................................................................................................17

2.2.2 Context-Sensitive Help................................................................................................................................17

2.2.3 Command Completion.................................................................................................................................18

2.2.4 Command Abbreviation...............................................................................................................................18

2.2.5 Command-Line Error Messages .................................................................................................................18

2.2.6 Scrolling Down or Up a Line or a Page .......................................................................................................18

2.2.7 Command History........................................................................................................................................19

2.2.8 Aborting Command .....................................................................................................................................19

2.2.9 No Form of Commands...............................................................................................................................19

2.2.10 Filtering show Command Output...............................................................................................................20

2.2.11 Redirecting show Command Output .........................................................................................................20

2.2.12 Using the monitor Command ....................................................................................................................21

Chapter 3 Installation..........................................................................................................................................22

3.1 Workflow for Initial Setup of the Device.............................................................................................................23

3.1.1 Setting Up the Serial Interface ....................................................................................................................23

3.1.2 Configure Management LAN Interface........................................................................................................24

3.1.3 Telnet Connection via the Management LAN Interface (Optional)..............................................................24

3.1.4 SSH Connection via the Management LAN Interface (Optional)................................................................25

3.1.5 SNMP Configuration (Optional)...................................................................................................................25

Chapter 4 Switch Functions and their Configuration......................................................................................26

4.1 Basic Switch Functions......................................................................................................................................27

4.1.1 Switching Mode ...........................................................................................................................................27

4.1.2 MAC Address Table Management...............................................................................................................27

4.1.3 Jumbo Frame Support ................................................................................................................................28

4.1.4 Flow Control ................................................................................................................................................28

4.1.5 Storm Control ..............................................................................................................................................29

4.1.6 Port Security................................................................................................................................................29

4.1.7 Ingress Rate Control ...................................................................................................................................29

4.2 Port Mirroring.....................................................................................................................................................30

4.3 Link Pass Through.............................................................................................................................................31

4.4 Link Aggregation................................................................................................................................................32

4.4.1 Configuring Link Aggregation ......................................................................................................................33

4.4.2 Frame Distribution Methods in Link Aggregation ........................................................................................34

4.4.3 The Number of Ports That Require Linkup .................................................................................................34

4.4.4 Notes on Link Aggregation ..........................................................................................................................35

4.5 Uplink Filter........................................................................................................................................................36

4.6 Spanning Tree Protocol (STP)...........................................................................................................................39

4.6.1 Port Roles Based on Spanning Tree ...........................................................................................................40

4.6.2 Spanning Tree Protocol Port States ............................................................................................................40

4.6.3 Configuring Spanning Tree..........................................................................................................................40

XG2000 series User's Guide

5/315

4.7 VLAN .................................................................................................................................................................41

4.7.1 Port-Based VLAN........................................................................................................................................41

4.7.2 Tag-Based (IEEE802.1Q) VLAN .................................................................................................................42

4.7.3 Multiple VLAN..............................................................................................................................................43

4.8 Quality of Service (QoS)....................................................................................................................................46

4.9 IGMP Snooping .................................................................................................................................................47

4.9.1 Registering Group Members .......................................................................................................................48

4.9.2 Removing Group Members .........................................................................................................................49

4.9.3 Managing Group Members .........................................................................................................................50

4.9.4 IGMP Querier ..............................................................................................................................................51

4.9.5 Configuring IGMP Snooping........................................................................................................................52

4.10 Network Management .....................................................................................................................................53

4.10.1 Traffic Statistics..........................................................................................................................................53

4.10.2 SNMP Agent..............................................................................................................................................54

4.10.3 RMON .......................................................................................................................................................54

4.11 RADIUS/TACACS+ authentication ..................................................................................................................55

4.11.1 RADIUS Attributes .....................................................................................................................................55

4.11.2 TACACS+ Attributes ..................................................................................................................................55

4.11.3 Configuring RADIUS/TACACS+ ................................................................................................................56

Chapter 5 Command Reference.........................................................................................................................57

5.1 About Command Reference ..............................................................................................................................58

5.1.1 Command System.......................................................................................................................................58

5.1.2 Configuration of Command Reference........................................................................................................59

5.2 Management LAN Interface Configuration Commands ....................................................................................60

5.2.1 show remote-host........................................................................................................................................60

5.2.2 management-lan ip......................................................................................................................................61

5.2.3 management-lan dns-server .......................................................................................................................62

5.2.4 management-lan domain ............................................................................................................................63

5.2.5 hostname.....................................................................................................................................................64

5.2.6 remote-host .................................................................................................................................................65

5.3 Serial/Telnet/SSH Configuration Commands ....................................................................................................67

5.3.1 terminal pager .............................................................................................................................................67

5.3.2 line...............................................................................................................................................................67

5.3.3 baud-rate .....................................................................................................................................................68

5.3.4 terminal timeout...........................................................................................................................................68

5.3.5 telnet-server ................................................................................................................................................69

5.3.6 ssh-server....................................................................................................................................................69

5.3.7 ssh-auto-key-generation .............................................................................................................................69

5.3.8 show ssh-host-key.......................................................................................................................................70

5.3.9 show ssh-rhost-key .....................................................................................................................................70

5.3.10 clear ssh-rhost-key ....................................................................................................................................71

5.3.11 generate ssh-host-key...............................................................................................................................71

5.3.12 terminal window.........................................................................................................................................72

5.4 System Basic Operation Commands ................................................................................................................73

5.4.1 enable..........................................................................................................................................................73

5.4.2 show history ................................................................................................................................................74

5.4.3 disable .........................................................................................................................................................74

5.4.4 configure terminal........................................................................................................................................75

5.4.5 exit...............................................................................................................................................................75

5.4.6 logout / quit..................................................................................................................................................76

5.4.7 do.................................................................................................................................................................76

5.4.8 help..............................................................................................................................................................77

5.4.9 show account ..............................................................................................................................................77

5.4.10 account......................................................................................................................................................78

5.4.11 password (Operator EXEC mode).............................................................................................................79

5.4.12 password (Administrator EXEC mode) .....................................................................................................80

5.4.13 reset ..........................................................................................................................................................81

5.4.14 system shutdown.......................................................................................................................................81

5.4.15 date ...........................................................................................................................................................82

5.4.16 date set......................................................................................................................................................82

5.4.17 date timezone............................................................................................................................................83

5.4.18 date summer-time .....................................................................................................................................84

5.4.19 ping............................................................................................................................................................86

XG2000 series User's Guide

6/315

5.4.20 enable password .......................................................................................................................................87

5.4.21 banner .......................................................................................................................................................88

5.4.22 ntp-server ..................................................................................................................................................89

5.5 RADIUS/TACACS+............................................................................................................................................90

5.5.1 show authentication.....................................................................................................................................90

5.5.2 aaa authentication login ..............................................................................................................................91

5.5.3 show radius .................................................................................................................................................92

5.5.4 radius-server host........................................................................................................................................93

5.5.5 radius-server key.........................................................................................................................................94

5.5.6 radius-server timeout...................................................................................................................................95

5.5.7 show tacacs.................................................................................................................................................96

5.5.8 tacacs-server host .......................................................................................................................................97

5.5.9 tacacs-server key ........................................................................................................................................98

5.6 Configuration File Operation Commands..........................................................................................................99

5.6.1 copy running-config startup-config ..............................................................................................................99

5.6.2 show running-config ....................................................................................................................................99

5.6.3 show running-config (redirect)...................................................................................................................100

5.6.4 show startup-config ...................................................................................................................................103

5.6.5 show startup-config (redirect)....................................................................................................................104

5.6.6 copy    startup-config.............................................................................................................................107

5.6.7 dir/ls...........................................................................................................................................................110

5.6.8 delete......................................................................................................................................................... 111

5.6.9 rename ......................................................................................................................................................11 2

5.6.10 tftp get......................................................................................................................................................113

5.6.11 scp get.....................................................................................................................................................115

5.6.12 tftp put......................................................................................................................................................117

5.6.13 scp put.....................................................................................................................................................118

5.7 Switch Basic Configuration Commands ..........................................................................................................120

5.7.1 clear bridge mac-address-table.................................................................................................................120

5.7.2 show bridge ...............................................................................................................................................121

5.7.3 show bridge mac-address-table ................................................................................................................122

5.7.4 bridge forward-mode .................................................................................................................................123

5.7.5 bridge jumbo-frame ...................................................................................................................................124

5.7.6 bridge learn-mode .....................................................................................................................................125

5.7.7 bridge mac-address-table..........................................................................................................................126

5.7.8 bridge mac-address-table filter..................................................................................................................128

5.7.9 bridge aging-time.......................................................................................................................................129

5.8 Link Aggregation Configuration Commands....................................................................................................130

5.8.1 show link-aggregation ...............................................................................................................................130

5.8.2 link-aggregation.........................................................................................................................................134

5.8.3 lacp system-priority ...................................................................................................................................136

5.8.4 lacp port-priority.........................................................................................................................................137

5.8.5 link-aggregation load-balance ip-hash-selection.......................................................................................137

5.9 Uplink Filter Commands ..................................................................................................................................138

5.9.1 show uplink................................................................................................................................................138

5.9.2 uplink-domain ............................................................................................................................................139

5.9.3 downlink allowed uplink-domain................................................................................................................141

5.10 Switch Port Configuration Commands ..........................................................................................................142

5.10.1 show interface .........................................................................................................................................142

5.10.2 show port-description ..............................................................................................................................145

5.10.3 shutdown (Administrator exec mode)......................................................................................................146

5.10.4 clear violation ..........................................................................................................................................146

5.10.5 interface port ...........................................................................................................................................147

5.10.6 description ...............................................................................................................................................148

5.10.7 flowcontrol ...............................................................................................................................................149

5.10.8 storm-control ...........................................................................................................................................150

5.10.9 suppress-address-learning......................................................................................................................150

5.10.10 shutdown (Interface edit mode).............................................................................................................151

5.10.11 shutdown (Global configuration mode)..................................................................................................151

5.10.12 port-security...........................................................................................................................................152

5.10.13 link-pass-through...................................................................................................................................153

5.10.14 ingress-bandwidth .................................................................................................................................154

5.10.15 multicast-forwarding ..............................................................................................................................155

XG2000 series User's Guide

7/315

5.11 Spanning Tree Protocol (STP) Configuration Commands.............................................................................156

5.11.1 show spanning-tree .................................................................................................................................156

5.11.2 spanning-tree...........................................................................................................................................161

5.11.3 spanning-tree priority...............................................................................................................................162

5.11.4 spanning-tree hello-time ..........................................................................................................................163

5.11.5 spanning-tree max-age............................................................................................................................164

5.11.6 spanning-tree forward-time......................................................................................................................165

5.11.7 spanning-tree port-priority .......................................................................................................................166

5.11.8 spanning-tree port-path-cost ...................................................................................................................166

5.11.9 spanning-tree path-cost-default...............................................................................................................167

5.11.10 spanning-tree portfast............................................................................................................................168

5.11.11 spanning-tree portfast bpdu-guard ........................................................................................................169

5.11.12 spanning-tree portfast errdisable-timeout..............................................................................................169

5.11.13 spanning-tree portfast bpdu-filter...........................................................................................................170

5.12 Virtual LAN (VLAN) Setup Commands..........................................................................................................171

5.12.1 show vlan ................................................................................................................................................171

5.12.2 vlan..........................................................................................................................................................172

5.12.3 Interface vlan...........................................................................................................................................173

5.12.4 egress......................................................................................................................................................174

5.12.5 port-vlan-id ..............................................................................................................................................175

5.12.6 vlan-member allowed ..............................................................................................................................176

5.12.7 user-vlan-protocol-id................................................................................................................................177

5.12.8 ingress-filter no-vlan-member-frame .......................................................................................................177

5.12.9 ingress-filter tagged-frame ......................................................................................................................178

5.12.10 ingress-filter untagged-frame ................................................................................................................178

5.12.11 vlan-statistics collection.........................................................................................................................179

5.13 QoS Setup Commands..................................................................................................................................180

5.13.1 show qos .................................................................................................................................................180

5.13.2 qos default-priority...................................................................................................................................181

5.13.3 qos-map priority.......................................................................................................................................181

5.13.4 bridge diffserv-tos....................................................................................................................................182

5.13.5 qos egress-scheduling ............................................................................................................................183

5.13.6 qos bandwidth .........................................................................................................................................184

5.14 Port Mirroring Setup Commands...................................................................................................................185

5.14.1 show mirror..............................................................................................................................................185

5.14.2 mirror .......................................................................................................................................................186

5.15 IGMP Snooping Setup Commands ...............................................................................................................187

5.15.1 show ip snooping.....................................................................................................................................187

5.15.2 ip snooping protocol ................................................................................................................................189

5.15.3 ip snooping vlan ......................................................................................................................................190

5.15.4 ip snooping vlan max-group ....................................................................................................................191

5.15.5 ip snooping vlan mrouter.........................................................................................................................192

5.15.6 ip snooping vlan group-member-interval.................................................................................................193

5.15.7 ip snooping vlan fast-leave......................................................................................................................194

5.15.8 ip snooping vlan last-member-query-interval ..........................................................................................195

5.15.9 ip snooping vlan send-query-count .........................................................................................................196

5.15.10 ip snooping vlan querier ........................................................................................................................197

5.15.11 ip snoop.................................................................................................................................................198

5.15.12 ip snooping max-group..........................................................................................................................199

5.15.13 ip snooping mrouter...............................................................................................................................200

5.15.14 ip snooping group-member-interval ......................................................................................................201

5.15.15 ip snooping fast-leave ...........................................................................................................................202

5.15.16 ip snooping last-member-interval..........................................................................................................203

5.15.17 ip snooping send-query-count...............................................................................................................204

5.15.18 ip snooping querier................................................................................................................................205

5.16 Statistics Commands.....................................................................................................................................206

5.16.1 monitor traffic-bytes.................................................................................................................................207

5.16.2 monitor traffic-counts...............................................................................................................................209

5.16.3 monitor framesize-traffic-counts..............................................................................................................211

5.16.4 monitor qos-priority-traffic-bytes..............................................................................................................213

5.16.5 monitor qos-priority-traffic-counts............................................................................................................215

5.16.6 monitor vlan-traffic-bytes.........................................................................................................................217

5.16.7 monitor vlan-traffic-counts.......................................................................................................................218

5.16.8 monitor dataflow ......................................................................................................................................219

XG2000 series User's Guide

8/315

5.16.9 monitor error............................................................................................................................................221

5.16.10 show statistics traffic-bytes....................................................................................................................223

5.16.11 show statistics traffic-counts..................................................................................................................224

5.16.12 show statistics framesize-traffic-counts.................................................................................................225

5.16.13 show statistics qos-priority-traffic-bytes ................................................................................................226

5.16.14 show statistics qos-priority-traffic-counts ..............................................................................................227

5.16.15 show statistics vlan-traffic-bytes............................................................................................................228

5.16.16 show statistics vlan-traffic-counts..........................................................................................................229

5.16.17 show statistics dataflow.........................................................................................................................230

5.16.18 show statistics error...............................................................................................................................231

5.16.19 clear statistics........................................................................................................................................232

5.17 SNMP Setup Commands ..............................................................................................................................233

5.17.1 show snmp-server ...................................................................................................................................233

5.17.2 snmp-server location ...............................................................................................................................234

5.17.3 snmp-server contact................................................................................................................................235

5.17.4 snmp-server access ................................................................................................................................236

5.17.5 snmp-server trap .....................................................................................................................................237

5.18 RMON Setup Commands..............................................................................................................................238

5.18.1 show rmon...............................................................................................................................................238

5.18.2 rmon collection history ............................................................................................................................240

5.18.3 rmon alarm ..............................................................................................................................................241

5.18.4 rmon event ..............................................................................................................................................243

5.19 System Operation Display Commands .........................................................................................................245

5.19.1 show system status .................................................................................................................................245

5.19.2 show system information.........................................................................................................................247

5.19.3 show optical-module sensor....................................................................................................................249

5.20 System Maintenance Commands .................................................................................................................250

5.20.1 clear log...................................................................................................................................................250

5.20.2 show log ..................................................................................................................................................251

5.20.3 log send...................................................................................................................................................252

5.20.4 save maintenance ...................................................................................................................................253

5.20.5 show maintenance ..................................................................................................................................253

5.20.6 tftp put-maintenance................................................................................................................................254

5.20.7 scp put-maintenance...............................................................................................................................256

5.20.8 clear maintenance...................................................................................................................................258

5.20.9 update-system.........................................................................................................................................259

5.20.10 boot-system...........................................................................................................................................263

Chapter 6 Managing the Device.......................................................................................................................264

6.1 Verifying the Device Operations......................................................................................................................265

6.1.1 Verifying Hardware Status.........................................................................................................................265

6.1.2 Verifying System Status ............................................................................................................................268

6.1.3 Reviewing Log Messages .........................................................................................................................268

6.2 Uploading/Downloading a Configuration File ..................................................................................................271

6.2.1 Preparing the remote Server.....................................................................................................................271

6.2.2 Uploading a Configuration File..................................................................................................................271

6.2.3 Downloading a Configuration File .............................................................................................................271

6.3 Updating Firmware ..........................................................................................................................................272

6.3.1 Updating Firmware....................................................................................................................................272

6.3.2 Selecting Firmware....................................................................................................................................273

6.4 Extracting of Maintenance Information............................................................................................................274

6.4.1 Procedure for Extracting Maintenance Information when a System /Subsystem Failure Occurred.........274

6.4.2 Procedure for Extracting Maintenance Information when an endless System Loop Occurred ................275

6.4.3 Procedure for Extracting Maintenance Information when a Malfunction Occurs......................................275

Chapter 7 Troubleshooting...............................................................................................................................276

7.1 Restoring Factory Defaults..............................................................................................................................277

7.1.1 Resetting startup-config to Factory Defaults.............................................................................................277

7.1.2 Selecting the Alternate Firmware Image...................................................................................................277

7.1.3 Restoring Factory Defaults........................................................................................................................278

XG2000 series User's Guide

9/315

Appendix A Event Logs.......................................................................................................................................280

A.1 Overview of Event Logs .............................................................................................................................280

A.2 List of Event Logs.......................................................................................................................................281

A.2.1 env (Health Monitoring: 0-999).............................................................................................................281

A.2.2 kernel (Basic Control: 1000-1999)........................................................................................................283

A.2.3 swc (Layer 2 Basic Control: 2000-2999) ..............................................................................................284

A.2.4 npm (Network Protocol Control: 3000-3299)........................................................................................288

A.2.5 clim (Basic CLI Control: 3300-3999) ....................................................................................................292

A.2.6 xgsh (CLI Command History: 4000-4499)............................................................................................293

A.2.7 rstp (Rapid Spanning Tree Control: 4500-4999) ..................................................................................293

A.2.8 lacp (LACP Control: 5000-5499) ..........................................................................................................294

A.2.9 sys (Maintenance Support Function: 7400-7499) ................................................................................294

A.2.10 update (Firmware Update: 7500-7999) .............................................................................................295

A.2.11 snmp (SNMP Control: 8500-8599) ....................................................................................................298

A.2.12 ntp (NTP Control: 8600-8699) ...........................................................................................................299

A.3 Message Format for Forwarding syslog.....................................................................................................300

Appendix B SNMP Traps .....................................................................................................................................301

Appendix C List of MIBs......................................................................................................................................302

Index.........................................................................................................................................................................312

XG2000 series User's Guide

10/315

Chapter 1 Features and Functions

This chapter describes the features and functions of the device.

XG2000 series User's Guide

11/315

1.1 Features

The XG2000 series is a compact, 20-port 10 Gigabit Ethernet Layer 2 switch. Special features of the XG2000 series are shown below:

Item Function Features

Throughput 400Gbit/s Latency 350ns (Exclude latency of XFPs) Switching mode Either store-and-forward or cut-through is selectable. MAC address learning table size

16384 entries

MAC address learning SVL (Shared VLAN Learning), IVL (Independent VLAN Learning),

user selectable. Jumbo frame support Up to 16KB (16128 bytes). Flow control IEEE802.3x compliant pause frame control. Possible to specify flow

control options for each port. Storm control Detects the broadcast storm status to prevent the traffic from

overflowing the network and avoid degrading overall system

performance. Port security Possible to restrict port access based on a source MAC address. Ingress rate control Supports by-port ingress rate control. Port mirroring Possible to monitor the incoming/outgoing traffic by port mirroring.

Basic Switch Functions

Link pass through Possible to synchronize the link state of a monitored port with the

link state of a single or multiple ports. Link aggregation (Static and LACP)

Possible to increase bandwidth and redundancy. (Up to 10 ports for

each link).

Also supports IEE802.3ad LACP.

Scalability

Uplink Filter Filtering multicast, broadcast and unlearned unicast frames from

leaf nodes to uplink. Possible to configure fat tree using several XG

series.

Redundancy IEEE802.1D STP,

IEEE802.1w RSTP

Possible to make a redundant and loop-free network using Rapid

Spanning Tree Protocol (upward compatible with Spanning Tree

Protocol). IEEE802.1Q VLAN Max. 128 groups. Filtering Ingress/egress filtering

VLAN support

Multiple VLAN Possible to create multiple tag-based VLAN, with user VLAN tag

identifier. IEEE802.1p QoS DiffServ

Supports 4 traffic classes based on VLAN priority or DSCP

(DiffServ Code Point) of IPv4/IPv6.

QoS

Scheduling Strict, DRR(Deficit Round Robin), Strict+DRR

Multi-cast support IGMP snooping Prevents unnecessary forwarding of multicast traffic to ports to

reduce unnecessary multicast traffic. Traffic statistics Possible to analyze traffic and errors, using traffic statistics. Network Management SNMP agent Can be used in conjunction with an SNMP manager, supporting

MIBs, including Standard MIB, Bridge MIB, and RMON MIB. Console by serial/management LAN

Dedicated management LAN is isolated from the serial interface

and 10 Gigabit ports to secure the device. CLI Allows the user to provide environment settings and operation

management using command line interface (CLI).

Operation management

Remote authentication RADIUS and TACACS+

XG2000 series User's Guide

12/315

Chapter 2 Using the CLI

This chapter describes how to use the command line interface (CLI) to operate the device.

XG2000 series User's Guide

13/315

2.1 Overview of the CLI

This section describes how to use the command line interface (CLI) for the XG Series.

2.1.1 Operating Environment for the CLI

There are two ways to access the device to run commands. Up to 5 terminal sessions can access the device concurrently.

z Serial connection

Connect to the serial port of the device using RS232C cable. The available terminal emulation type is VT100. When initially connecting a terminal to the device, configure the serial port on the client side as shown below.

Item Setting value

Baud rate 9600 bps (can be changed) Character size 8 bit Parity None Stop bits 1 bit Flow control None Emulation VT100 Character set ASCII Line feed code Transmission: CR (carriage return) only

Reception: LF is added

The baud rate can be changed to one of 9600, 19200, 38400 and 57600 (bps) using the "baud-rate" command.

z Remote connection via management LAN port

Connect a terminal using a telnet or SSH. The following tables list the factory defaults.

Management LAN Interface initial settings

Item Setting value

IP address 192.168.0.2 Subnet mask 255.255.255.0

Telnet server initial settings

Item Setting value

Use telnet Disable (can be changed) Port number 23 (TCP) Emulation VT100/VT200/xterm BackSpace key Delete Character set ASCII

SSH server initial settings

Item Setting value

Use SSH Disable (can be changed) Port number 22 (TCP) Emulation VT100/VT200/xterm BackSpace key Delete Character set ASCII SSH Protocol Version 2 (not support version 1)

To use the remote connection via the management LAN port, use the "management-lan ip" command to configure the management LAN port for the device and use the "telnet-server" or “ssh-server” command to enable the telnet or SSH service. A VT100, VT200, or xterm can be used as a terminal.

XG2000 series User's Guide

14/315

2.1.2 Command Modes and Mode Switching

The following table shows a hierarchy of command modes and mode switching.

Command Modes and Prompt Text

(host name for the device: xg)

Outline

Operator class The initial-level operating mode entered upon logging into the

system.

Operator EXEC mode

Prompt: xg>

Allows access to commands that have no effect on the switch operations. With the device, this mode is mainly used to view its status. The prompt changes to "xg>".

Administrator class To enter this level, use the "enable" command in the operator class

or type the administrator's authentication password.

Administrator EXEC mode Prompt: xg#

Allows users to perform operations that are related to the system management of the device, such as date/time setting and firmware update, in addition to those operations that are performed in the operator EXEC mode. The prompt changes to "xg#".

Global configuration mode

Prompt: xg(config)#

To switch to the global configuration mode, enter the "configure terminal" command in the administrator EXEC mode. This mode allows the user to define the environment settings for the device that are to be saved in a configuration file. The prompt changes to "xg(config)#".

Interface edit mode

Prompt: xg(config-if)# xg(config-agg)# or xg(config-vlan)#

To enter the interface edit mode, enter the "interface" command in the global configuration mode. This mode allows the user to configure each port or VLAN of the switch. The interface edit mode is represented by prompt "xg(config-if)#", while the edit mode for a port that is created with link aggregation function is represented by prompt "xg(config-agg)#". Also, The edit mode for VLAN is represented by prompt “xg(config-vlan)#”.

Terminal edit mode

Prompt: xg(config-line)#

To enter the serial terminal edit mode, enter the "line console" command in the global configuration mode. The prompt changes to "xg(config-line)#". Baud rate of the serial terminal and screen display size can be set.

XG2000 series User's Guide

15/315

Entering a specific command allows switching from one mode to another. Entering the "exit" command returns program control to the previous mode. Entering "end" command or pressing [Ctrl] and [Z], or [C] simultaneously in the global configuration, interface edit or terminal edit mode transfers program control to the administrator EXEC mode.

An example is given below.

xg> enable

xg# configure terminal

xg(config)# interface port 1

xg(config-if)# exit

xg(config)# exit

xg# copy running-config startup-config

xg# exit

Switch to operator EXEC mode by performing a login operation. By default, the login username is "admin" and password "password".

Use the "enable" command to switch to administrator EXEC mode.

Use the "configure terminal" command to switch to global configuration mode. Use the "interface" command to switch to interface edit mode.

Use the "exit" command to return to global configuration mode.

Use the "exit" command to return to administrator EXEC mode.

Copy the current configuration file in memory to the startup-config in the nonvolatile memory. User is logged out and session is disconnected.

z Multiple users can use the operator and administrator EXEC modes concurrently. (Up to 5 terminals) z Only one terminal can switch to global configuration, interface edit or terminal edit modes at a time. It is not possible for

multiple terminals to simultaneously switch to global configuration mode.

z Pressing [Ctrl] and [C] simultaneously in the global configuration, interface edit or terminal edit mode transfers program

control to the administrator EXEC mode when “- -more- -“ is displayed in the last line in the console screen. (“- -more- -“ is displayed when display command, such as “show”, is executed and information exceed the console screen)

XG2000 series User's Guide

16/315

2.1.3 startup-config and running-config

The configuration information is saved to startup-config and running-config files. This section describes the functions of the startup-config and running-config files.

z startup-config

Startup-config is the configuration file that stores the environment settings that are enabled upon device startup. The startup-config is saved in non-volatile memory and read the next time the device is reset or power cycled.

z running-config

Running-config is a file stored in volatile memory that represents the operating environment of the current running system. The information stored in the running-config file will be lost when the system is restarted. To assure the system configuration that is active in the current running-config file is enabled the next time the system is started, use the "copy" command to save it to the startup-config file.

xg# copy running-config startup-config

The contents of the startup-config and running-config match immediately after the device is started.

z How to upload and save the startup-config and running-config files

To upload the configuration information to the remote server, run the "show" command.

Syntax (upload the file on a TFTP server:)

xg# show running-config | tftp HOST REMOTE-FILE

xg# show startup-config | tftp HOST REMOTE-FILE

Syntax (upload the file on a SSH server:)

xg# show running-config | scp USERNAME HOST REMOTE-FILE

xg# show startup-config | scp USERNAME HOST REMOTE-FILE

z How to download startup-config

To download the configuration information that was uploaded to the remote server as startup-config, run the "copy" command.

Syntax (download a file from a TFTP server:)

xg# copy tftp HOST REMOTE-FILE startup-config

Syntax (download a file from a SSH server:)

xg# copy scp USERNAME HOST REMOTE-FILE startup-config

To enable the settings downloaded to the startup-config file, restart the device using the "reset" command.

z Be sure to upload the contents of the startup-config file to a remote server because the contents

could be lost if the startup-config file is accidentally overwritten.

z Refer to "Uploading/Downloading a Configuration File

" for details on uploading and downloading

configurations.

z “scp” supports only password authentication, and this device can register up to 10 public keys of SSH

servers.

z Execute “clear ssh-rhost-key” command to delete a registered public key.

XG2000 series User's Guide

17/315

2.2 Using the CLI

2.2.1 How to Enter Commands

z Command Entry Format

Separate each command, subcommand and argument with a single space.

<command> <subcommand> <argument 1> <argument 2> ... (" " indicates a space.)

xg(config)# management-interface ip 192.168.1.10/24 default-gw 192.168.1.150 xg(config)# management-interface dns-server 192.168.1.150

z Characters that can be entered:

− Any letter (A-Z, a-z) and digit (0-9)

− Space (ASCII code: 0x20)

− Symbols: !, ". #, $, %, `, ', (, ), _, -, ~, ^, ¥, {, }, :, +, ,, ., @, =, [, ], &, *, ;, /, ?, |, >

Command and option separators are recognized as one or more space characters (ASCII code: 0x20). Enclose a parameter in quotes if it contains a blank space. The commands are not case-sensitive. Note that some entries (password, etc.) are case-sensitive.

2.2.2 Context-Sensitive Help

Entering a question mark "?" at the command prompt displays a list of commands available for each command mode. A list of command's associated with the keywords and parameters will be displayed.

z A list of commands that are available in the current mode

Entering a question mark "?" at the system prompt displays a list of commands and brief descriptions available for the current command mode.

xg # ? Exec commands: boot-system Change firmware to boot clear Reset functions configure Enter configuration mode copy Copy from one file to another date Manage the system date and time delete Delete files on current system dir List files on current system :

(The rest is omitted.)

xg# _

z Word help

Entering a question mark "?" in the middle of a command name, will list the possible command options required to complete the command. The prompt will show the letters previously typed. Enter the rest of the letters to complete the command entry.

xg # co? Exec commands: configure Enter configuration mode copy Copy from one file to another xg# co_

The CLI lists all possible commands that begin with "co".

z A list of options that are available in the current entry position

Entering a question mark "?" followed by a space after typing a command name, will cause the CLI to list the possible commands or keywords that may be entered at the current option position. For option 2 and 3 positions, the CLI also lists options that can be entered at these positions. The prompt will show the letters previously typed. Enter the rest of the letters to complete the command entry.

xg# configure ? terminal Configure from the terminal

xg# configure _

CLI lists possible options that follow the "configure" command.

The <cr> symbol may appear in the list to indicate that the command can be executed without entering any subsequent options. Parameters enclosed in square brackets can be omitted and, therefore, the <cr> symbol does not appear.

XG2000 series User's Guide

18/315

2.2.3 Command Completion

Entering part of a command or option and pressing the [Tab] key, causes the CLI to display the remaining command or option characters.

xg# con<TAB> ↓

xg# configure _

For example, the only command that begins with "con" is "configure", so the CLI completes the command name as "configure". Pressing the [Tab] key, causes the CLI to list all possible commands or option names.

xg# co<TAB> configure copy xg# co_

Since there are two commands that begin with "co" - "configure" and "copy" - the CLI lists both commands.

2.2.4 Command Abbreviation

Commands and options can be abbreviated to the minimum number of characters as long as command or option names are unique and forward-match the entered letters.

xg# con t

For example, the "configure" command may be abbreviated to "con" because "configure" is the only command that begins with "con", and "terminal" may be abbreviated to "t" because "terminal" is the only command that begins with "t".

2.2.5 Command-Line Error Messages

The table below shows error messages that appear when a command is incorrectly entered. The "configure terminal" command is used as an example below:

Error Message Explanation

xg# co t % Ambiguous command: "co t"

Insufficient characters were entered for the CLI to recognize the command. Re-enter the correct command string.

xg# configure % Incomplete command.

All of the options or values required by this command were not entered. Enter all necessary options and values.

xg# configure aerminal ^ % Invalid input detected at '^' marker

The command incorrectly entered. A caret symbol (^) indicates the incorrect entry. Correct the entries and execute the command again.

xg# coc? % Unrecognized command

Part of the command was incorrectly entered. Re-enter the correct command string.

2.2.6 Scrolling Down or Up a Line or a Page

When the information displayed by a command contains more lines than the console screen will display, a "--More--" prompt is displayed at the bottom of the screen and the CLI waits for a user entry.

xg# show running-config ! interface port 1

: :

(The rest is omitted.)

--More--

z Scrolling Up a Line

To scroll up one line, press the [Enter] key.

z Scrolling Up a Page

To scroll up one page, press the [Space] bar.

z Finishing Displaying

To finish displaying, press the [q] or [Q] key.

The following table shows the combinations of shortcut keys, function keys and the [Ctrl] key used to edit commands.

XG2000 series User's Guide

19/315

Combinations of keys Description

"↑" or [Ctrl] + [P]

Recalls the previous command.

"↓" or [Ctrl] + [N]

Recalls the next command.

"←" or [Ctrl] + [B]

Moves the cursor back one character.

"→" or [Ctrl] + [F]

Moves the cursor forward one character. [Home] or [Ctrl] + [A] Moves the cursor to the first character in line. [End] or [Ctrl] + [E] Moves the cursor to the last character in line. [Esc] + [B] Moves the cursor back one word (to the beginning of a

parameter). [Esc] + [F] Moves the cursor forward one word (to the beginning of a

parameter). [Backspace] Erases the character to the left of the cursor and moves the

cursor back one character. [Delete] or [Ctrl] + [D] Deletes the character to the right of the cursor. [Ctrl] + [W] Records the character to the left of the cursor before

deleting. [Ctrl] + [U] Records the command line before deleting. [Ctrl] + [K] Records all characters to the left of the cursor before

deleting. [Ctrl] + [Y] Pastes a string recorded by [Ctrl]+[W], [U] or [K]. [Ctrl] + [L] Erases the current screen. [Ctrl] + [C] Runs command result and aborts output. [Enter], [Ctrl] + [J], or [Ctrl] + [M] Completes a command entry. [Ctrl] + [T] Transposes the character located at the cursor with the

character to the left of the cursor.

If any of the above key combinations or command completion displays using the [Tab] key do not work correctly, the correct VT100, VT200 or xterm terminal emulation type may not be selected.

2.2.7 Command History

Command history is a function that records command lines previously entered so they can be reused. It is useful for repeatedly entering the same command line or for entering a similar command.

z To display the previous command line in the history:

Press the up arrow key or [Ctrl]+[P] to recall the previous command in the history to the prompt. Repeat the key sequence to recall successively older commands.

z To display a more recent command line:

Press the down arrow key or [Ctrl]+[N] to bring up the next line from the command history to the prompt. Repeat the key sequence to bring up successively more recent commands.

z To list the command history:

Use the "show history" command to view the list of commands saved in the history: For each login up to 100 lines of command history can be registered.

2.2.8 Aborting Command

An executing command can be aborted by pressing [Ctrl]+[C]. Note that this key sequence may not be effective for some commands.

2.2.9 No Form of Commands

Almost every configuration command has a no form. In general, the no form is used to cancel the settings of a configuration command or restore default values. Type "no" before entering a command name. For details on using the no form, refer to the "Command Reference

XG2000 series User's Guide

20/315

2.2.10 Filtering show Command Output

This function allows filtering the show command output so lines that only satisfy specific conditions (filter for strings) are displayed. This function is useful in excluding unnecessary information from a large amount of output. To use it, a "show" command must be followed by a keyword (pipe (|), begin, include or exclude) and a regular expression (filtering condition).

Syntax

show       | {begin | include | exclude} regular-expression

Keyword for filtering output Meaning

begin

Begins output starting at the first line that contains matches to given regular expression parameters.

exclude

Does not display output lines that contain matches to given regular expression parameters.

include

Displays output lines that contain matches to given regular expression parameters.

xg# show history | begin 2 ...skipping 2 configure terminal 3 show running-config 4 show history 5 show history | begin 2

xg# show history | exclude 2 1 enable 3 show running-config 4 show history

xg# show history | include 2 2 configure terminal 5 show history | begin 2

Regular expressions are case sensitive. For example, if "| exclude strings" is entered, lines that include "String" are output, but those that include "strings" are not.

2.2.11 Redirecting show Command Output

Redirect the output of "show" commands to a file in volatile memory using ">" (pipe) or "|” (redirect).

Syntax (To redirect the output of a show command to a file in volatile memory:)

show       > FILE-NAME show       | FILE-NAME

z FILE-NAME

Specifies the file name in volatile memory that the output of the command is piped or redirected.

"| tftp" or "| scp" redirects the output of the show command to a file on a remote server.

Syntax (Redirect the output of a show command to a file on a TFTP server:)

show       | tftp HOST REMOTE-FILE

Syntax (Redirect the output of a show command to a file on a SSH server:)

show       | scp USERNAME HOST REMOTE-FILE

z | tftp

Redirects the copy to a file on the TFTP server.

z | scp

Redirects the copy to a file on the SSH server.

z USERNAME

Specifies the username of the SSH server.

z HOST

Specifies the host name or IP address of the TFTP server or SSH server.

z REMOTE-FILE

Specifies the file name in the TFTP server or SSH server that the output of the command is redirected.

In the following example, the current startup-config is redirected as filename "startup_09302005", the running-config file is redirected as filename "running_09302005", and system information is redirected as filename "system_09302005". The results of the redirection are confirmed with the "ls" command. Then, using the "tftp" command, each of these files are moved to the TFTP server.

xg# show startup-config > startup_09302005 xg# show running-config > running_09302005 xg# show system information > system_09302005 xg# ls

(ls command output)

Update-time File-size File-name

- 2005/09/30 11:57:27 872 system_09302005

- 2005/09/30 11:54:01 2,310 startup_09302005

- 2005/09/30 11:55:58 2,437 running_09302005 xg# tftp put remote-host1 startup_09302005 restore_startup_09302005

xg# tftp put remote-host1 running_09302005 restore_running_09302005 xg# tftp put remote-host1 system_09302005 restore_system_09302005

XG2000 series User's Guide

21/315

In the following example, show command output is redirected to TFTP server "remote-host1" using "| tftp".

xg# show startup-config | tftp remote-host1 restore_ startup_09302005 xg# show running-config | tftp remote-host1 restore_running_09302005 xg# show system information | tftp remote-host1 restore_system_09302005

In the following example, show command output is redirected to SSH server "remote-host2" using "| scp".

xg# show startup-config | scp foo remote-host2 restore_ startup_07012008 remote-host2's password: xg# show running-config | scp foo remote-host2 restore_running_07012008 remote-host2's password: xg# show system information | scp foo remote-host2 restore_system_07012008 remote-host2's password:

z “scp” supports only password authentication, and this device can register up to 10 public keys of SSH

servers.

z Execute “clear ssh-rhost-key” command to delete a registered public key.

2.2.12 Using the monitor Command

The monitor command provides additional key commands to perform screen navigation. The following table shows the keys used to perform screen-related operations.

Displayed item Meaning

ESC:exit Press the [Esc] key to close the monitor screen. F:refresh Press the [F] or [f] key to refresh the screen. U:page up Press the [U] or [u] key to scroll up to the previous page.

If the current page is the first page of the display nothing occurs.

D:page down Press the [D] or [d] key to scroll down to the next page.

If the current page is the last page of the display, nothing occurs.

L:page left Press the [L] or [l] key to scroll the screen to the left.

If there are no additional columns of data to the left to display, nothing occurs.

R:page right Press the [R] or [r] key to scroll the screen to the right.

If there are no additional columns of data to the right of the display, nothing occurs.

XG2000 series User's Guide

22/315

Chapter 3 Installation

This chapter describes the installation procedures for the device. Refer to "Using the CLI

" for details on using the CLI.

Refer to "Command Reference

" for details on commands.

XG2000 series User's Guide

23/315

3.1 Workflow for Initial Setup of the Device

This section describes the procedures to setup the device.

1. Prepare a terminal

Prepare a terminal for the initial configuration.

2. Setting Up the Serial Interface

Connect the device and terminal with an RS232C cable. The initial baud rate setting is 9,600 bps.

3. Turn on the device to start the system.

Turn on the terminal and the device to start the system.

4. Configure Management LAN Interface

The initial setting of the management LAN interface is disabled. To use the following functions, set up the management LAN interface:

− Telnet connection

− SSH connection

− SNMP manager connection

− System log transmission

− Time synchronization using an NTP server

− Configuration file upload/download

− Firmware update

− Collection of maintenance information

5. Telnet Connection via Management LAN Interface (Optional)

The initial setting of the Telnet connection via the management LAN interface is disabled. (IP address: 192.168.0.2, subnet address: 255.255.255.0)

6. SSH Connection via Management LAN Interface (Optional)

The initial setting of the SSH connection via the management LAN interface is disabled.

7. SNMP Configuration (Optional)

Initially, the SNMP agent configuration is not set. Set the SNMP configuration as needed.

8. This is the end of the preparation procedure

Proceed with configuring the switch.

3.1.1 Setting Up the Serial Interface

Connect the device and terminal with an RS232C cable. The initial setting of baud rate setting is 9,600 bps. Refer to "Operating Environment for the CLI

" for details on settings.

For serial interfaces, only the baud rate can be changed. To change the serial interface settings, carry out the following procedure.

Command Task

xg login: admin Password: ********

xg> enable

Switch to administrator EXEC mode.

xg# configure terminal

Switch to global configuration mode.

xg(config)# line console

Switch to serial terminal edit mode.

xg(config-line)# baud-rate {9600 | 19200 | 38400 | 57600}

Change serial baud rate. The baud rate is changed after the logout.

xg(config-line)# exit

Exit to global configuration mode.

xg(config)# terminal timeout console MINUTES

(Optional) If the terminal is idle after the timeout period (in minutes) expires the serial connection is terminated. The default is 10 minutes.

xg(config)# exit

Exit to administrator EXEC mode.

XG2000 series User's Guide

24/315

3.1.2 Configure Management LAN Interface

The management LAN interface is initially enabled.

(IP address: 192.168.0.2, subnet address: 255.255.255.0)

To use the following functions, configure the management LAN interface.

− Telnet connection (enabled by default)

− SSH connection (disabled by default)

− SNMP manager connection

− System log transmission

− Time synchronization using an NTP server

− Configuration file upload/download

− Firmware update

− Collection of maintenance information

To configure the management LAN interface, carry out the following procedure.

Command Task

xg login: admin Password: ********

xg> enable

Switch to administrator EXEC mode.

xg# configure terminal

Switch to global configuration mode.

xg(config)# management-lan ip A.B.C.D/M [ default-gw A.B.C.D]

Change the IP address and subnet, and set the default gateway of the management LAN interface.

xg(config)# management-lan dns-server A.B.C.D

(Optional) Set up DNS servers. Up to 4 DNS servers can be set up. Priority is assigned to DNS servers in the order they are defined. To change their order, delete them using the no command before doing so.

xg(config)# management-lan domain DOMAIN-NAME

(Optional) Set the name of the network domain.

xg(config)# remote-host A.B.C.D HOST-NAME

(Optional) Associate a remote host name with an IP address. This allows referencing a remote IP address with a host name without relying on a DNS server.

xg(config)# exit

Exit to administrator EXEC mode.

3.1.3 Telnet Connection via the Management LAN Interface (Optional)

The "Telnet server function" via the management LAN interface is initially disabled. To change the monitoring time for the telnet connection, carry out the following procedure in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# telnet-server

Enable Telnet connection,

xg(config)# terminal timeout vty <0-60>

(Optional) If the Telnet session timeout period (in minutes) expires the telnet connection is terminated.

xg(config)# exit

Exit to administrator EXEC mode.

XG2000 series User's Guide

25/315

3.1.4 SSH Connection via the Management LAN Interface (Optional)

This device supports the “SSH server function”. This function is remote connection like “Telnet server function”. After executing “ssh-server” command, the “SSH-server” is enabled and authentication key is generated (It takes some time to generate authentication key). The following shows the “SSH-server function” supported by this device.

Function Support

Protocol Version v2 Method of authentication Password Authentication key RSA(2048bits, fixed), DSA(1024bits, fixed) Method to generate authentication key

Automatically generated, CLI

Method of coding aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,ar

cfour256,arcfour,aes192-cbc,aes256-cbc,aes128-ctr,aes192-c tr,aes256-ctr

Terminal sessions Maximum 4

(including Telnet connection) Message authentication code

hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd

160,hmac-sha1-96,hmac-md5-96

The "SSH server function" via the management LAN interface is initially disabled. To change the monitoring time for the SSH connection, carry out the following procedure in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# ssh-server

Enable SSH connection

xg(config)# terminal timeout vty <0-60>

(Optional) If the SSH session timeout period (in minutes) expires the SSH connection is terminated.

xg(config)# exit

Exit to administrator EXEC mode.

The “SSH-server function” supported by this device uses Open SSH free software that is published based on BSD licence. Please refer to the following URL for more details.

http://www.openssh.com/

3.1.5 SNMP Configuration (Optional)

To operate in conjunction with an SNMP manager, the SNMP agent must be configured. To configure the SNMP agent, carry out the following procedures in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# hostname HOST-NAME xg(config)# snmp-server location SYSTEM-LOCATION xg(config)# snmp-server contact SYSTEM-CONTACT

Set the switch name (HOST-NAME), switch's location (SYSTEM-LOCATION), and contact (SYSTEM-CONTACT).

xg(config)# snmp-server access host {A.B.C.D|HOSTNAME} community COMMUNITY-NAME

Set the IP address (host name) of the SNMP manager and the community name.

xg(config)# snmp-server trap host {A.B.C.D|HOSTNAME} community COMMUNITY-NAME [protocol {v1|v2c}]

Set the IP address (host name) of the host that is notified of SNMP traps and community name, if the SNMP trap notification is enabled.

xg(config)# exit

Exit to administrator EXEC mode.

XG2000 series User's Guide

26/315

Chapter 4 Switch Functions and their

Configuration

This chapter describes the functions of the device and how to configure them. Refer to "Operating Environment for the CLI

" for details on using the CLI.

Refer to "Command Reference

" for details on commands.

XG2000 series User's Guide

27/315

4.1 Basic Switch Functions

This section describes the basic switch functions.

4.1.1 Switching Mode

The device provides the following two switching modes.

z Store-and-forward switching mode

After the device finishes receiving a frame, it checks the FCS (Frame Check Sequence) and performs a validity check (on packet size, etc.) before forwarding the frame. If the switch receives a frame with an error frame, it discards it.

z Cut-through switching mode

The device transmits the frame to the destination as soon as the first 64 bytes of the frame are received with no errors. Since the device starts transmitting the frame before it receives the entire frame, this mode allows forwarding at low latency.

To change the switching modes, carry out the following procedures in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# bridge forward-mode {cut-through | store-and-forward }

xg(config)# no bridge forward-mode

Select the cut-through (or store-and-forward) for the switching mode.

xg(config)# exit

Exit to administrator EXEC mode.

4.1.2 MAC Address Table Management

The MAC address table is a database used for managing the association between address information and destination ports. The device can learn up to 16384 entries of MAC addresses.

z MAC address table management

The device has two methods for MAC address table management.

− SVL(Shared VLAN Learning)

The device learns MAC addresses common to all VLANs. Different VLANs with identical MAC addresses are treated as identical entries.

− IVL(Independent VLAN Learning)

The device learns MAC addresses separately for each VLAN. Identical MAC addresses with

different VLANs are treated as separate entries. To change the MAC address table management modes, carry out the following procedures in the management EXEC mode.

Command Task

xg# configure terminal

Switch to the global configuration mode.

xg(config)# bridge learn-mode { ivl | svl }

xg(config)# no bridge learn-mode

Select IVL or SVL for the MAC address table management mode.

xg(config)# exit

Exit to administrator EXEC mode.

xg# copy running-config startup-config

Save the current settings of the device to nonvolatile memory.

xg# reset

If the MAC address table management mode is changed, the new setting becomes enabled after the device is restarted.

z Dynamic MAC address learning

The device dynamically learns MAC addresses from received frames. If MAC addresses are not refreshed before the aging time expires, they will be removed from the MAC address table. To disable the dynamic learning, carry out the following procedures in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# interface port 1 2 3

xg(config)# interface port range 1 3

Switch to the interface edit mode to specify the port(s) to be configured. In this example, the global interface configuration mode is selected for ports 1 through 3.

xg(config-if)# suppress-address-learning

xg(config-if)# no suppress-address-learning

Enable (or disable) the dynamic MAC address learning.

xg(config-if)# exit

Exit to global configuration mode.

xg(config)# exit

Exit to administrator EXEC mode.

XG2000 series User's Guide

28/315

z Static unicast address

By registering a unicast MAC address with the MAC address table, unicast frames are forwarded to a specified port. Static unicast addresses are not subject to MAC address removal controlled by the aging function. To register, change or delete a static unicast address, carry out the following procedures in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# bridge mac-address-table static MAC [vlan <1-4094>] {[port <1-20>] | [agg-port <1-10>]}

xg(config)# no bridge mac-address-table static MAC [vlan <1-4094>]

xg(config)# exit

Exit to administrator EXEC mode.

z Static multicast address

By registering a multicast MAC address with the MAC address table, a specific multicast frame will be forwarded to a designated port. To register, change or delete a multicast address, carry out the following procedures in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# bridge mac-address-table static MAC [vlan <1-4094>] [port <1-20> [<1-20>    ]] [agg-port <1-10> [<1-10>   ]]

xg(config)# no bridge mac-address-table static MAC [vlan <1-4094>]

Register (or remove) a static multicast address table and destination port. For a multicast MAC address, multiple ports can be specified.

xg(config)# exit

Exit to administrator EXEC mode.

4.1.3 Jumbo Frame Support

The device can transmit jumbo frames of up to 16KB (16128 bytes). To configure jumbo frame support, carry out the following procedure in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# bridge jumbo-frame [{9216 | 12288 | 15360 | 16128}]

xg(config)# no bridge jumbo-frame

Enable (or disable) jumbo frame support.

xg(config)# exit

Exit to administrator EXEC mode.

4.1.4 Flow Control

Flow control is a function that prevents frame loss when the receive buffer in the switch overflows due to temporary traffic overload by using a PAUSE frame. When the device receives a PAUSE frame, it temporarily stops sending frames at the receive port. If the receive buffer overflows, it is possible to restrict frame transmission from the connected device by sending a PAUSE frame. For each port, it is possible to select whether or not to send/recive a PAUSE frame. To change the flow control mode, carry out the following procedures in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# interface port 1 2 3

xg(config)# interface port range 1 3

Switch to the interface edit mode to specify the port(s) to be configured for flow control. In this example, the global interface configuration mode is selected for ports 1 through 3.

xg(config-if)# flowcontrol { disable | only-receive | only-send | send-receive }

Set the flow control mode.

xg(config-if)# exit

Exit to global configuration mode.

xg(config)# exit

Exit to administrator EXEC mode.

XG2000 series User's Guide

29/315

4.1.5 Storm Control

The device discards broadcast frames when the number of received broadcast frames are over a given threshold to prevent unnecessary waste of bandwidth due to retained broadcast frames on the network. This function is called "Storm Control". For each port, it is possible to configure storm control. When broadcast frames are discarded by storm control, error logs are output, and storm control logging is disabled. To re-enabled logging, these violations must be cleared with "clear violation". To configure storm control, carry out the following procedures in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# interface port 1 2 3

xg(config)# interface port range 1 3

Switch to the interface edit mode to specify the port(s) to be configured for storm control. In this example, the global interface configuration mode is selected for ports 1 though 3.

xg(config-if)# storm-control

Enable storm control.

xg(config-if)# exit

Exit to global configuration mode.

xg(config)# exit

Exit to administrator EXEC mode.

4.1.6 Port Security

Port security blocks connections attempted by unregistered hosts. When a host MAC address is registered, the device receives only those frames that use registered source addresses. For each port, it is possible to configure port security. To register a MAC address for a host, use the "bridge mac-address-table static" command. The port that the host is connected must be registered as a member port. In Independent VLAN Learning mode, this must be done for all VLANs that permit transmission. Either of the following two modes can be specified for a security-violating (unregistered) frame the device receives.

− Restrict mode

Filters violating frames only, forwarding permitted frames.

− Shutdown mode

Filters all frames upon reception of a violating frame, and the port goes link down.

Once a security violation is detected, an error log is recorded. No further detection of a violating frame will cause an error log to be recorded until security violations are reset by "clear violation". To configure port security, carry out the following procedures in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# interface port 1 2 3

xg(config)# interface port range 1 3

Switch to the interface edit mode to specify the port(s) to be configured for port security. In this example, the global interface configuration mode is selected for ports 1 though 3.

xg(config-if)# port-security violation {restrict | shutdown}

Enable Port Security.

xg(config-if)# exit

Exit to global configuration mode.

xg(config)# exit

Exit to administrator EXEC mode.

xg# clear violation all

Clear security violations

4.1.7 Ingress Rate Control

It is possible to set an ingress rate-limiting value for each port in approximately 40Mbps increments. To set an ingress rate-limiting value, carry out the following procedures in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# interface port 1 2 3

xg(config)# interface port range 1 3

Switch to the interface edit mode to specify the port(s) to be configured for ingress rate control. In this example, the global interface configuration mode is selected for ports 1 though 3.

xg(config-if)# ingress-bandwidth <40-10000>

Specify an ingress rate limiting value.

xg(config-if)# exit

Exit to global configuration mode.

xg(config)# exit

Exit to administrator EXEC mode.

z The ingress rate is measured at 100us time intervals. Should burst transfers take place at intervals of 100us or over,

the ingress rate the device actually allows may be less than the specified value.

XG2000 series User's Guide

30/315

4.2 Port Mirroring

It is possible to monitor the traffic by mirroring the frames sent or received by a port to another port. To configure port mirroring, carry out the following procedure in the administrator EXEC mode.

Command Task

xg# configure terminal

Switch to global configuration mode.

xg(config)# mirror monitored-port <1-20> [rx-mirroring-port <1-20>] [tx-mirroring-port <1-20>]

Configure the port to be monitored and its mirror port to be mirrored.

xg(config)# exit

Exit to administrator EXEC mode.

xg# show mirror

View the status of port mirroring.

+ 285 hidden pages

Fujitsu XG2000 Series User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual