HP 445942-001 User Manual

HP 10Gb Ethernet BL-c Switch
ISCLI Reference Guide
Part number: 445942-001
Third Edition: June 2007
© 2007 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set
forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Microsoft®, Windows®, and Windows NT® are U.S. registered trademarks of Microsoft Corporation. SunOS™ and Solaris™ are trademarks of Sun Microsystems, Inc. in the U.S. and other countries. Cisco® is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
2
Contents

Contents

ISCLI reference
Introduction........................................................................................................................................... 9
Additional references ............................................................................................................................. 9
Connecting to the switch......................................................................................................................... 9
Establishing a console connection ..................................................................................................... 10
Setting an IP address ....................................................................................................................... 10
Establishing a Telnet connection........................................................................................................ 11
Establishing an SSH connection ........................................................................................................ 11
Accessing the switch............................................................................................................................. 12
Idle timeout ......................................................................................................................................... 13
Typographical conventions.................................................................................................................... 14
ISCLI basics
Introduction......................................................................................................................................... 15
Accessing the ISCLI .............................................................................................................................. 15
ISCLI Command Modes ........................................................................................................................ 15
Global commands................................................................................................................................ 17
Command line interface shortcuts........................................................................................................... 18
Command abbreviation ................................................................................................................... 18
Tab completion............................................................................................................................... 18
Information Commands
Introduction......................................................................................................................................... 19
System Information commands............................................................................................................... 20
SNMPv3 Information commands ....................................................................................................... 21
SNMPv3 USM User Table information .......................................................................................... 22
SNMPv3 View Table information ................................................................................................. 22
SNMPv3 Access Table information............................................................................................... 23
SNMPv3 Group Table information ............................................................................................... 24
SNMPv3 Community Table information......................................................................................... 24
SNMPv3 Target Address Table information ................................................................................... 25
SNMPv3 Target Parameters Table information ............................................................................... 25
SNMPv3 Notify Table information................................................................................................ 26
SNMPv3 dump ............................................................................................................................... 27
System information............................................................................................................................... 28
Show recent syslog messages ................................................................................................................ 29
System user information ........................................................................................................................ 30
Layer 2 information .............................................................................................................................. 31
FDB information commands .............................................................................................................. 32
Show all FDB information............................................................................................................ 33
Clearing entries from the forwarding database .............................................................................. 33
Link Aggregation Control Protocol information .................................................................................... 33
LACP dump .................................................................................................................................... 34
802.1x information ......................................................................................................................... 35
Spanning Tree information ............................................................................................................... 37
Rapid Spanning Tree and Multiple Spanning Tree information .............................................................. 39
3
Contents
Common Internal Spanning Tree information ...................................................................................... 41
Trunk group information................................................................................................................... 43
VLAN information ........................................................................................................................... 44
Layer 3 information .............................................................................................................................. 45
Route information............................................................................................................................ 46
Show all IP Route information ........................................................................................................... 46
ARP information.............................................................................................................................. 48
Show all ARP entry information.................................................................................................... 48
ARP address list information ........................................................................................................ 49
OSPF information............................................................................................................................ 49
OSPF general information ........................................................................................................... 50
OSPF interface information.......................................................................................................... 50
OSPF Database information ........................................................................................................ 51
OSPF route codes information ..................................................................................................... 52
Routing Information Protocol ............................................................................................................. 53
RIP Routes information ................................................................................................................ 53
RIP user configuration ................................................................................................................. 53
IP information ................................................................................................................................. 54
IGMP multicast group information ..................................................................................................... 55
IGMP group information ............................................................................................................. 55
IGMP multicast router information ................................................................................................ 56
VRRP information ............................................................................................................................ 57
802.1p information.............................................................................................................................. 58
ACL information................................................................................................................................... 59
RMON Information .............................................................................................................................. 60
RMON history information ............................................................................................................... 60
RMON alarm information ................................................................................................................ 61
RMON event information ................................................................................................................. 62
Link status information........................................................................................................................... 63
Port information ................................................................................................................................... 64
Logical Port to GEA Port mapping .......................................................................................................... 65
Fiber Port SFP status ............................................................................................................................. 65
Uplink Failure Detection information ....................................................................................................... 66
Information dump................................................................................................................................. 66
Statistics Commands
Introduction......................................................................................................................................... 67
Port Statistics ....................................................................................................................................... 68
802.1x statistics.............................................................................................................................. 69
Bridging statistics ............................................................................................................................ 71
Ethernet statistics ............................................................................................................................. 72
Interface statistics ............................................................................................................................ 74
Internet Protocol (IP) statistics ............................................................................................................ 76
Link statistics................................................................................................................................... 76
Layer 2 statistics................................................................................................................................... 77
FDB statistics................................................................................................................................... 77
LACP statistics................................................................................................................................. 78
Layer 3 statistics................................................................................................................................... 79
IP statistics...................................................................................................................................... 80
Route statistics ................................................................................................................................ 81
ARP statistics .................................................................................................................................. 82
DNS statistics ................................................................................................................................. 82
4
Contents
ICMP statistics ................................................................................................................................ 83
TCP statistics................................................................................................................................... 84
UDP statistics .................................................................................................................................. 86
IGMP Multicast Group statistics......................................................................................................... 86
OSPF statistics ..................................................................................................................................... 87
OSPF global statistics ...................................................................................................................... 88
VRRP statistics...................................................................................................................................... 91
RIP statistics .................................................................................................................................... 92
GEA Layer 3 statistics ...................................................................................................................... 92
GEA Layer 3 statistics ...................................................................................................................... 92
Management Processor statistics ............................................................................................................ 93
Packet statistics ............................................................................................................................... 93
TCP statistics................................................................................................................................... 94
UDP statistics .................................................................................................................................. 95
CPU statistics .................................................................................................................................. 95
ACL statistics .................................................................................................................................. 95
SNMP statistics ............................................................................................................................... 96
NTP statistics .................................................................................................................................. 98
Uplink Failure Detection statistics....................................................................................................... 99
Statistics dump.............................................................................................................................. 100
Configuration Commands
Introduction....................................................................................................................................... 101
Viewing and saving changes............................................................................................................... 101
Saving the configuration ..................................................................................................................... 101
System configuration .......................................................................................................................... 102
System host log configuration ......................................................................................................... 103
Secure Shell Server configuration .................................................................................................... 105
RADIUS server configuration........................................................................................................... 106
TACACS+ server configuration ....................................................................................................... 107
NTP server configuration................................................................................................................ 109
System SNMP configuration ........................................................................................................... 110
SNMPv3 configuration .................................................................................................................. 111
User Security Model configuration................................................................................................... 113
SNMPv3 View configuration .......................................................................................................... 114
View-based Access Control Model configuration............................................................................... 114
SNMPv3 Group configuration ........................................................................................................ 115
SNMPv3 Community Table configuration ......................................................................................... 116
SNMPv3 Target Address Table configuration.................................................................................... 116
SNMPv3 Target Parameters Table configuration................................................................................ 117
SNMPv3 Notify Table configuration ................................................................................................ 118
System Access configuration........................................................................................................... 119
Management Networks configuration .............................................................................................. 119
User Access Control configuration................................................................................................... 120
User ID configuration..................................................................................................................... 120
HTTPS Access configuration............................................................................................................ 122
Port configuration............................................................................................................................... 123
Temporarily disabling a port........................................................................................................... 124
Port link configuration.................................................................................................................... 124
ACL Port configuration................................................................................................................... 125
Layer 2 configuration ......................................................................................................................... 126
802.1x configuration .................................................................................................................... 126
802.1x Global configuration.....................................................................................................127
5
Contents
802.1x Port configuration ......................................................................................................... 128
Rapid Spanning Tree Protocol / Multiple Spanning Tree Protocol configuration.................................... 129
Common Internal Spanning Tree configuration.................................................................................. 131
CIST bridge configuration ......................................................................................................... 131
CIST port configuration............................................................................................................. 132
Spanning Tree configuration........................................................................................................... 134
Bridge Spanning Tree configuration ........................................................................................... 135
Spanning Tree port configuration ............................................................................................... 136
Forwarding Database configuration ................................................................................................ 137
Static FDB configuration............................................................................................................ 137
Trunk configuration........................................................................................................................ 138
Layer 2 IP Trunk Hash configuration................................................................................................. 139
Link Aggregation Control Protocol configuration................................................................................ 140
LACP Port configuration ............................................................................................................ 140
VLAN configuration....................................................................................................................... 141
Layer 3 configuration ......................................................................................................................... 142
IP interface configuration................................................................................................................ 142
Default Gateway configuration ....................................................................................................... 143
IP Static Route configuration ........................................................................................................... 144
Address Resolution Protocol configuration ........................................................................................ 144
Static ARP configuration............................................................................................................ 145
IP Forwarding configuration ........................................................................................................... 146
Network Filter configuration ........................................................................................................... 146
Route Map configuration................................................................................................................ 147
IP Access List configuration............................................................................................................. 148
Routing Information Protocol configuration........................................................................................ 148
RIP Interface configuration......................................................................................................... 149
RIP Route Redistribution configuration ......................................................................................... 150
Open Shortest Path First configuration.............................................................................................. 151
OSFP Area Index configuration.................................................................................................. 152
OSPF Summary Range configuration .......................................................................................... 153
OSPF Interface configuration ..................................................................................................... 154
OSPF Virtual Link configuration.................................................................................................. 155
OSPF Host Entry configuration ...................................................................................................156
OSPF Route Redistribution configuration...................................................................................... 156
OSPF MD5 Key configuration.................................................................................................... 157
IGMP configuration ....................................................................................................................... 157
IGMP Snooping configuration ................................................................................................... 157
IGMPv3 Snooping configuration ................................................................................................ 158
IGMP static multicast router configuration.................................................................................... 160
IGMP filtering configuration ...................................................................................................... 160
IGMP filter definition ................................................................................................................ 161
IGMP filtering port configuration ................................................................................................ 161
Domain Name System configuration................................................................................................162
Bootstrap Protocol Relay configuration ............................................................................................. 162
Virtual Router Redundancy Protocol configuration.............................................................................. 163
VRRP Virtual Router configuration ...............................................................................................164
VRRP Virtual Router Priority Tracking configuration ....................................................................... 165
VRRP Virtual Router Group configuration..................................................................................... 166
VRRP Virtual Router Group Priority Tracking configuration ............................................................. 167
VRRP Interface configuration...................................................................................................... 168
VRRP Tracking configuration...................................................................................................... 168
Quality of Service configuration........................................................................................................... 170
QoS 802.1p configuration............................................................................................................. 170
6
Contents
Access Control configuration ............................................................................................................... 171
Access Control List configuration ..................................................................................................... 171
ACL Ethernet Filter configuration ..................................................................................................... 171
ACL IP Version 4 Filter configuration................................................................................................ 172
ACL TCP/UDP Filter configuration ................................................................................................... 173
ACL Packet Format configuration..................................................................................................... 174
ACL Metering configuration............................................................................................................ 174
ACL Re-mark configuration ............................................................................................................. 175
ACL Re-mark In-Profile configuration ................................................................................................ 175
Re-Mark Update User Priority configuration ......................................................................................176
ACL Re-mark Out-of-Profile configuration .......................................................................................... 176
ACL Group configuration ............................................................................................................... 177
Remote Monitoring configuration ......................................................................................................... 178
RMON history configuration........................................................................................................... 178
RMON event configuration............................................................................................................. 179
RMON alarm configuration............................................................................................................ 180
Port mirroring .................................................................................................................................... 181
Port-based port mirroring................................................................................................................ 182
Uplink Failure Detection configuration................................................................................................... 182
Failure Detection Pair configuration ................................................................................................. 183
Link to Monitor configuration .......................................................................................................... 183
Link to Disable configuration........................................................................................................... 184
Configuration Dump........................................................................................................................... 184
Saving the active switch configuration .................................................................................................. 185
Restoring the active switch configuration ............................................................................................... 185
Operations Commands
Introduction....................................................................................................................................... 186
Operations-level port options ............................................................................................................... 186
Operations-level port 802.1x options .............................................................................................. 187
Operations-level VRRP options ............................................................................................................. 187
Boot Options
Introduction....................................................................................................................................... 188
Updating the switch software image..................................................................................................... 188
Downloading new software to the switch ......................................................................................... 188
Selecting a software image to run ........................................................................................................ 190
Uploading a software image from the switch ......................................................................................... 190
Selecting a configuration block ............................................................................................................ 191
Resetting the switch ............................................................................................................................ 191
Accessing the AOS CLI .................................................................................................................. 191
Maintenance Commands
Introduction....................................................................................................................................... 192
System maintenance...................................................................................................................... 192
Forwarding Database maintenance .................................................................................................193
Debugging options........................................................................................................................ 193
ARP cache maintenance................................................................................................................. 194
IGMP Snooping maintenance ......................................................................................................... 194
IGMP Mrouter maintenance............................................................................................................ 195
Uuencode flash dump.................................................................................................................... 195
FTP/TFTP system dump put ............................................................................................................. 196
Clearing dump information............................................................................................................. 196
7
Contents
Panic command ............................................................................................................................ 197
Unscheduled system dumps ................................................................................................................. 197
Index
8
ISCLI reference

ISCLI reference

Introduction
The HP 10Gb Ethernet BL-c Switch is ready to perform basic switching functions right out of the box. Some of the more advanced features, however, require some administrative configuration before they can be used effectively. This guide provides a command reference for the HP 10GbE switch.
The extensive switching software included in the switch provides a variety of options for accessing and configuring the switch:
Text-based command line interfaces (AOS CLI and ISCLI) for access via a local terminal or remote
Telnet/Secure Shell (SSH) session
Simple Network Management Protocol (SNMP) support for access through network management
software such as HP Systems Insight Manager
A browser-based management interface for interactive network access through a Web browser
The ISCLI provides a direct method for collecting switch information and performing switch configuration. Use a basic terminal to view information and statistics about the switch, and to perform any necessary configuration.
This chapter explains how to access the ISCLI to the switch.
Additional references
Additional information about installing and configuring the switch is available in the following guides, which are available at http://www.hp.com/go/bladesystem/documentation
HP 10Gb Ethernet BL-c Switch User Guide
HP 10Gb Ethernet BL-c Switch Command Reference
HP 10Gb Ethernet BL-c Switch Application Guide
HP 10Gb Ethernet BL-c Switch Browser-based Interface Reference
HP 10Gb Ethernet BL-c Switch Quick Setup Instructions
Connecting to the switch
You can access the command line interface in one of the following ways:
Using a console connection via the console port
Using a Telnet connection over the network
Using a Secure Shell (SSH) connection to securely log in over a network
.
9
ISCLI reference

Establishing a console connection

To establish a console connection with the switch, you need:
A null modem cable with a female DB-9 connector (See the HP 10Gb Ethernet BL-c Switch User
Guide for more information.)
An ASCII terminal or a computer running terminal emulation software set to the parameters shown in
the table below.
Table 1 Console configuration parameters
Parameter Value
Baud Rate 9600
Data Bits 8
Parity None
Stop Bits 1
Flow Control None
To establish a console connection with the switch:
1. Connect the terminal to the console port using the null modem cable.
2. Power on the terminal.
3. Press the Enter key a few times on the terminal to establish the connection.
4. You will be required to enter a password for access to the switch.

Setting an IP address

To access the switch via a Telnet or an SSH connection, you need to have an Internet Protocol (IP) address set for the switch. The switch can get its IP address in one of the following ways:
Management port access:
Using a Dynamic Host Control Protocol (DHCP) server—When the /cfg/sys/dhcp command
is enabled, the management interface (interface 250) requests its IP address from a DHCP server. The default value for the /cfg/sys/dhcp command is enabled.
Configuring manually—If the network does not support DHCP, you must configure the
management interface (interface 250) with an IP address. If you want to access the switch from a remote network, you also must configure the management gateway (gateway 254).
Uplink port access:
Using a Bootstrap Protocol (BOOTP) server—By default, the management interface is set up to
request its IP address from a BOOTP server. If you have a BOOTP server on the network, add the Media Access Control (MAC) address of the switch to the BOOTP configuration file located on the BOOTP server. The MAC address can be found in the System Information (See the “System information” section in the “Information Commands” chapter.) If you are using a DHCP server that also does BOOTP, you do not have to configure the MAC address.
Configuring manually—If the network does not support BOOTP, you must configure the
management port with an IP address.
10
ISCLI reference

Establishing a Telnet connection

A Telnet connection offers the convenience of accessing the HP 10GbE switch from any workstation connected to the network. Telnet provides the same options for user, operator, and administrator access as those available through the console port. By default, Telnet is enabled on the switch. The switch supports four concurrent Telnet connections.
Once the IP parameters are configured, you can access the ISCLI using a Telnet connection. To establish a Telnet connection with the switch, run the Telnet program on the workstation and enter the telnet command, followed by the switch IP address:
telnet <10GbE switch IP address>
You will then be prompted to enter a password. The password determines the access level: administrator, operator, or user. See the “Accessing the switch” section later in this chapter for description of default passwords.

Establishing an SSH connection

Although a remote network administrator can manage the configuration of a switch via Telnet, this method does not provide a secure connection. The Secure Shell (SSH) protocol enables you to securely log into the switch over the network.
As a secure alternative to using Telnet to manage switch configuration, SSH ensures that all data sent over the network is encrypted and secure. In order to use SSH, you must first configure it on the switch. See the “Secure Shell Server configuration” section in the “Configuration Commands” chapter for information on how to configure SSH.
The switch can perform only one session of key/cipher generation at a time. Therefore, an SSH/Secure Copy (SCP) client will not be able to log in if the switch is performing key generation at that time or if another client has just logged in before this client. Similarly, the system will fail to perform the key generation if an SSH/SCP client is logging in at that time.
The supported SSH encryption and authentication methods are listed below.
Server Host Authentication—Client RSA authenticates the switch in the beginning of every connection
Key Exchange—RSA
Encryption:
AES256-CBC AES192-CBC AES128-CBC 3DES-CBC 3DES ARCFOUR
User Authentication—Local password authentication; Remote Authentication Dial-in User Service
(RADIUS)
11
ISCLI reference
The following SSH clients are supported:
SSH 3.0.1 for Linux (freeware)
SecureCRT® 4.1.8 (VanDyke Technologies, Inc.)
OpenSSH_3.9 for Linux (FC 3)
FedoraCore 3 for SCP commands
PuTTY Release 0.58 (Simon Tatham) for Windows
NOTE: The HP 10GbE switch implementation of SSH is based on versions 1.5 and 2.0, and
supports SSH clients from version 1.0 through version 2.0. SSH clients of other versions are not supported. You may configure the client software to use protocol SSH version 1 or version 2.
By default, SSH service is not enabled on the switch. Once the IP parameters are configured, you can access the ISCLI to enable SSH.
To establish an SSH connection with the switch, run the SSH program on the workstation by issuing the
ssh command, followed by the user account name and the switch IP address:
>> # ssh <user>@<10GbE switch IP address>
You will then be prompted to enter your password.
NOTE: The first time you run SSH from the workstation, a warning message might appear. At the
prompt, enter yes to continue.
Accessing the switch
To enable better switch management and user accountability, the HP 10GbE switch provides different levels or classes of user access. Levels of access to the CLI and Web management functions and screens increase as needed to perform various switch management tasks. The three levels of access are:
User—Interaction with the switch is completely passive—nothing can be changed on the switch.
Users may display information that has no security or privacy implications, such as switch statistics and current operational state information.
Operator—Interaction with the switch is completely passive—nothing can be changed on the switch.
Users may display information that has no security or privacy implications, such as switch statistics and current operational state information.
Administrator—Administrators are the only ones that may make permanent changes to the switch
configuration—changes that are persistent across a reload/reset of the switch. Administrators can access switch functions to configure and troubleshoot problems on the switch. Because administrators can also make temporary (operator-level) changes as well, they must be aware of the interactions between temporary and permanent changes.
Access to switch functions is controlled through the use of unique usernames and passwords. Once you are connected to the switch via the local console, Telnet, or SSH, you are prompted to enter a password. The password entered determines the access level. The default user names/password for each access level is listed in the following table.
NOTE: It is recommended that you change default switch passwords after initial configuration and
as regularly as required under your network security policies. For more information, see the “Setting passwords” section in the “First-time configuration” chapter.
12
ISCLI reference
Table 2 User access levels
User account Description and tasks performed
User The User has no direct responsibility for switch management. He or she can view all switch
status information and statistics, but cannot make any configuration changes to the switch. The user account is enabled by default, and the default password is user.
Oper The Operator has no direct responsibility for switch management. He or she can view all switch
status information and statistics, but cannot make any configuration changes to the switch. By default, the operator account is disabled and has no password.
Admin The super user administrator has complete access to all command modes on the switch,
including the ability to change both the user and administrator passwords. The admin account is enabled by default, and the default password is admin.
NOTE: With the exception of the admin user, access to each user level can be disabled by setting
the password to an empty value.
Once you enter the administrator password and it is verified, you are given complete access to the HP 10GbE switch.
Idle timeout
By default, the HP 10GbE switch disconnects the console, Telnet, or SSH session after five minutes of inactivity. This function is controlled by the idle timeout parameter, which can be set from 1 to 60 minutes. To change this parameter, see the “System configuration” section in the “Configuration Commands” chapter.
13
ISCLI reference
Typographical conventions
The following table describes the typographic styles used in this guide:
Table 3 Typographical conventions
Typeface or symbol Meaning
angle brackets < >
bold body text Indicates user-interface objects, such as buttons and tabs.
plain Courier text Indicates command syntax and system output (for example: prompts and system
braces { }
Indicate a variable to enter based on the description inside the brackets. Do not type the brackets as you enter the command.
Example: If the command syntax is
ping <IP address>
Enter: ping 192.32.10.12
messages). Example:
configure terminal
Indicate required elements in syntax descriptions where there is more than one option. You must choose only one of the options. Do not type the braces when entering the command.
Example: If the command syntax is:
show portchannel {<1-12>|hash|information}
Enter one of the following:
show portchannel <1-12>
show portchannel hash
show portchannel information
brackets [ ]
Indicate optional elements in syntax descriptions. Do not type the brackets when entering the command.
Example: If the command syntax is:
show ip interface [<1-250>]
Enter one of the following:
show ip interface
show ip interface 1
italic text Indicates variables in command syntax descriptions. Also indicates new terms and
book titles. Example: If the command syntax is:
show spanning-tree stp <1-128>
Then, <1-128> represents a number between 1 and 128.
vertical line |
Separates choices for command keywords and arguments. Enter only one of the choices. Do not type the vertical line when entering the command.
Example: If the command syntax is:
show portchannel {<1-12>|hash|information}
Enter one of the following:
show portchannel <1-12>
show portchannel hash
show portchannel information
14
ISCLI basics

ISCLI basics

Introduction
The ISCLI is used for viewing switch information and statistics. In addition, the administrator can use the CLI for performing all levels of switch configuration.
This chapter describes the ISCLI Command Modes, and provides a list of commands and shortcuts that typically are from all the command modes within the ISCLI.
Accessing the ISCLI
The first time you start the HP 10GbE switch, it boots into the AOS CLI. To access the ISCLI, enter the following command and reset the switch:
Main# boot/mode iscli
To access the AOS CLI, enter the following command from the ISCLI and reload the switch:
Switch(config)# boot cli-mode aos
The switch retains your CLI selection, even when you reset the configuration to factory defaults. The CLI boot mode is not part of the configuration settings.
ISCLI Command Modes
The ISCLI has three major command modes, listed in order of increasing privileges, as follows:
User EXEC mode: This is the initial mode of access. By default, password checking is disabled for this mode.
Privileged EXEC mode: The mode is accessed from User EXEC mode. If the Privileged EXEC password is enabled, you must enter a password to access Privileged EXEC mode.
Global Configuration mode: This mode allows you to make changes to the running configuration of the switch. If you save the configuration, the settings survive a reload of the HP 10GbE switch. Several submodes are available within the Global Configuration mode (the following table for more information.
Each command mode provides a specific set of commands. The command set of each higher-privilege mode is a superset of the lower-privilege mode(s). All commands available in lower-lower-privilege modes are available in the higher-privilege modes.
15
ISCLI basics
The following table describes the ISCLI command modes.
Table 4 ISCLI Command Modes
Command Mode/Prompt Command used to enter or exit.
User EXEC
Switch>
Privileged EXEC
Switch#
Global configuration
Switch(config)#
Interface port
Switch(config-if)#
VLAN configuration
Switch(config-vlan)#
Interface IP configuration
Switch(config-ip-if)#
Default mode, entered automatically
exit—Exit
logout—Exit
enable—Enter Privileged EXEC mode, from User EXEC mode
disable—Exit to User EXEC mode
exit or logout—Quit ISCLI
configure terminal—Enter Global Configuration mode, from
Privileged EXEC mode
end or exit—Exit to Privileged EXEC mode
interface port <port number>—Enter Interface port mode, from
Global Configuration mode
exit—Exit to Global Configuration mode
end—Exit to Privileged EXEC mode
vlan <1-4095>—Enter VLAN Configuration mode, from Global
Configuration mode
exit—Exit to Global Configuration mode
end—Exit to Privileged EXEC mode
interface ip <1-250>—Enter Interface IP Configuration mode, from
Global Configuration mode
exit—Exit to Global Configuration mode
end—Exit to Privileged EXEC mode
16
ISCLI basics
Global commands
Some basic commands are recognized throughout the ISCLI hierarchy. These commands are useful for obtaining online Help, navigating through the interface, and saving configuration changes. To get help about a specific command, type the command, followed by help.
The following table describes the global commands.
Table 5 Global commands
Command Action
?
exit
copy running-config startup-config
exit or quit
ping
traceroute
Provides more information about a specific command or lists commands available at the current level.
Go up one level in the command-mode structure.
Write configuration changes to non-volatile flash memory.
Exit from the command line interface and log out.
Verifies station-to-station connectivity across the network. The format is:
ping <host name>|<IP address> [attempts (1-32)> [msec delay]] [-m|-mgt|-d|-data]
IP address is the hostname or IP address of the device.
number of tries (optional) is the number of attempts (1-32).
msec delay (optional) is the number of milliseconds between attempts.
By default, the -m or -mgt option for the management port is used. To use data
ports, specify the -d or –data option.
Identifies the route used for station-to-station connectivity across the network. The format is:
traceroute <host name>|<IP address> [<max-hops> [ msec delay ]]
IP address is the hostname or IP address of the target station.
max-hops (optional) is the maximum distance to trace (1-32 devices).
msec delay (optional) is the number of milliseconds to wait for the response.
telnet
show history
console-log
who
Allows you to Telnet out of the switch. The format is as follows:
telnet <host name> | <IP address> [<port number>]
Displays the 10 most recent commands.
Enables or disables console logs for the current session.
Displays a list of users who are currently logged in.
17
ISCLI basics
Command line interface shortcuts
The following shortcuts allow you to enter commands quickly and easily.

Command abbreviation

Most commands can be abbreviated by entering the first characters that distinguish the command from the others in the same mode. For example, consider the following full command:
Switch(config)# spanning-tree stp 1 bridge hello 2
The command shown above could also be entered as:
Switch(config)# sp stp 1 br h 2

Tab completion

Enter the first letter of a command at any prompt and press the Tab key to display all available commands or options that begin with that letter. Enter additional letters to further refine the list of commands or options displayed.
If only one command fits the input text when you press the Tab key, that command is supplied on the command line, waiting to be entered.
18
Information Commands

Information Commands

Introduction
You can view configuration information for the switch in the ISCLI. This chapter discusses how to use the ISCLI to display switch information.
The following table describes general information commands.
Table 6 Information commands
Command Usage
show sys-info
show layer2 information
show layer3 information
show rmon
show interface link
show interface information
Displays system information. Command mode: All
Displays Layer 2 information. Command mode: All
Displays Layer 3 information. Command mode: All
Displays Remote Monitoring Information. Command mode: All
Displays configuration information about each port, including:
Port number
Port speed (10 Mb/s, 100 Mb/s, 1000 Mb/s, or any)
Duplex mode (half, full, or any)
Flow control for transmit and receive (no, yes, or any)
Link status (up or down)
Command mode: All except User EXEC
Displays port status information, including:
Port number
Whether the port uses VLAN tagging or not
Port VLAN ID (PVID)
Port name
VLAN membership
Command mode: All except User EXEC
show geaport
show sfp
show ufd
Displays GEA port mapping information, used by service personnel. Command mode: All
Displays the status of the Small Form Pluggable (SFP) module on each Fiber External Port.
Command mode: All
Displays Uplink Failure Detection information. Command mode: All
19
Information Commands
Table 6 Information commands
Command Usage
show information-dump
Dumps all switch information available (10K or more, depending on your configuration).
If you want to capture dump data to a file, set your communication software on your workstation to capture session data prior to issuing the dump commands.
Command mode: All
System Information commands
The following table describes the System Information commands.
Table 7 System Information commands
Command Usage
show snmp-server v3
show sys-info
Displays SNMP v3 information. Command mode: All
Displays system information, including: System date and time Switch model name and number Switch name and location Time of last boot MAC address of the switch management processor IP address of IP interface #1 Hardware version and part number Software image file and version number Configuration name Log-in banner, if one is configured Command mode: All
show logging messages
show access user
Displays most recent syslog messages. Command mode: All
Displays User Access information. Command mode: All except User EXEC
20
Information Commands

SNMPv3 Information commands

SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 Framework by supporting the following:
a new SNMP message format
security for messages
access control
remote configuration of SNMP parameters
For more details on the SNMPv3 architecture, see RFC2271 to RFC2276.
The following table describes the SNMPv3 Information commands.
Table 8 SNMPv3 Information commands
Command Usage
show snmp-server v3 user
show snmp-server v3 view
show snmp-server v3 access
show snmp-server v3 group
show snmp-server v3 community
show snmp-server v3 target-address
show snmp-server v3 target-parameters
show snmp-server v3 notify
Displays User Security Model (USM) table information. Command mode: All
Displays information about view name, subtrees, mask and type of view.
Command mode: All
Displays View-based Access Control information. Command mode: All
Displays information about the group that includes the security model, user name, and group name.
Command mode: All
Displays information about the community table. Command mode: All
Displays the Target Address table. Command mode: All
Displays the Target parameters table. Command mode: All
Displays the Notify table. Command mode: All
show snmp-server v3
Displays all the SNMPv3 information. Command mode: All
21
Information Commands

SNMPv3 USM User Table information

The following command displays SNMPv3 user information:
show snmp-server v3 user
Command mode: All
The User-based Security Model (USM) in SNMPv3 provides security services such as authentication and privacy of messages. This security model makes use of a defined set of user identities displayed in the USM user table. The USM user table contains information like:
the user name
a security name in the form of a string whose format is independent of the Security Model
an authentication protocol, which is an indication that the messages sent on behalf of the user can
be authenticated
the privacy protocol.
The following table describes the SNMPv3 User Table information.
Table 9 User Table parameters
Field Description
User Name
Protocol
This is a string that represents the name of the user that you can use to access the switch.
This indicates whether messages sent on behalf of this user are protected from disclosure using a privacy protocol. Switch software supports DES algorithm for privacy. The software also supports two authentication algorithms: MD5 and HMAC-SHA.
SNMPv3 View Table information
The following command displays the SNMPv3 View Table:
show snmp-server v3 view
Command mode: All
View Name Subtree Mask Type
------------------ ---------------------------- ------------- --------
iso 1 included
v1v2only 1 included
v1v2only 1.3.6.1.6.3.15 excluded
v1v2only 1.3.6.1.6.3.16 excluded
v1v2only 1.3.6.1.6.3.18 excluded
The user can control and restrict the access allowed to a group to only a subset of the management information in the management domain that the group can access within each context by specifying the group’s rights in terms of a particular MIB view for security reasons.
22
Information Commands
The following table describes the SNMPv3 View Table information.
Table 10 View Table parameters
Field Description
View Name
Subtree
Mask
Type
Displays the name of the view.
Displays the MIB subtree as an OID string. A view subtree is the set of all MIB object instances which have a common Object Identifier prefix to their names.
Displays the bit mask.
Displays whether a family of view subtrees is included or excluded from the MIB view.
SNMPv3 Access Table information
The following command displays SNMPv3 access information:
show snmp-server v3 access
Command mode: All
Group Name Model Level ReadV WriteV NotifyV
---------- ------- ------------ --------- -------- ------­v1v2grp snmpv1 noAuthNoPriv iso iso v1v2only admingrp usm authPriv iso iso iso
The access control sub system provides authorization services.
The vacmAccessTable maps a group name, security information, a context, and a message type, which could be the read or write type of operation or notification into a MIB view.
The View-based Access Control Model defines a set of services that an application can use for checking access rights of a group. This group’s access rights are determined by a read-view, a write-view, and a notify-view. The read-view represents the set of object instances authorized for the group while reading the objects. The write-view represents the set of object instances authorized for the group when writing objects. The notify-view represents the set of object instances authorized for the group when sending a notification.
The following table describes the SNMPv3 Access Table information.
Table 11 Access Table parameters
Field Description
Group Name
Prefix
Model
Level
ReadV
WriteV
NotifyV
Displays the name of group.
Displays the prefix that is configured to match the values.
Displays the security model used, for example, SNMPv1, or SNMPv2 or USM.
Displays the minimum level of security required to gain rights of access. For example, noAuthNoPriv, authNoPriv, or auth-Priv.
Displays the MIB view to which this entry authorizes the read access.
Displays the MIB view to which this entry authorizes the write access.
Displays the Notify view to which this entry authorizes the notify access.
23
Information Commands
SNMPv3 Group Table information
The following command displays SNMPv3 group information:
show snmp-server v3 group
Command mode: All
Sec Model User Name Group Name
---------- ----------------------------- ------------------------------­snmpv1 v1v2only v1v2grp usm adminmd5 admingrp usm adminsha admingrp
A group is a combination of security model and security name that defines the access rights assigned to all the security names belonging to that group. The group is identified by a group name.
The following table describes the SNMPv3 Group Table information.
Table 12 Group Table parameters
Field Description
Sec Model
User Name
Group Name
Displays the security model used, which is any one of: USM, SNMPv1, SNMPv2, and SNMPv3.
Displays the name for the group.
Displays the access name of the group.
SNMPv3 Community Table information
The following command displays SNMPv3 community information:
show snmp-server v3 community
Command mode: All
Index Name User Name Tag
---------- ---------- -------------------- ---------­trap1 public v1v2only v1v2trap
This command displays the community table information stored in the SNMP engine.
The following table describes the SNMPv3 Community Table information.
Table 13 Community Table information
Field Description
Index
Displays the unique index value of a row in this table.
Name
User Name
Tag
Displays the community string, which represents the configuration.
Displays the User Security Model (USM) user name.
Displays the community tag. This tag specifies a set of transport endpoints from which a command responder application accepts management requests and to which a command responder application sends an SNMP trap.
24
Information Commands
SNMPv3 Target Address Table information
The following command displays SNMPv3 target address information:
show snmp-server v3 target-address
Command mode: All
Name Transport Addr Port Taglist Params
---------- --------------- ---- ---------- --------------­trap1 47.81.25.66 162 v1v2trap v1v2param
This command displays the SNMPv3 target address table information, which is stored in the SNMP engine.
The following table describes the SNMPv3 Target Address Table information.
Table 14 Target Address Table information
Field Description
Name
Transport Addr
Port
Taglist
Params
Displays the locally arbitrary, but unique identifier associated with this snmpTargetAddrEntry.
Displays the transport addresses.
Displays the SNMP UDP port number.
This column contains a list of tag values which are used to select target addresses for a particular SNMP message.
The value of this object identifies an entry in the snmpTargetParamsTable. The identified entry contains SNMP parameters to be used when generating messages to be sent to this transport address.
SNMPv3 Target Parameters Table information
The following command displays SNMPv3 target parameters information:
show snmp-server v3 target-parameters
Command mode: All
Name MP Model User Name Sec Model Sec Level
------------------- -------- -------------------- --------- ----------­v1v2param snmpv2c v1v2only snmpv1 noAuthNoPriv
The following table describes the SNMPv3 Target Parameters Table information.
Table 15 Target Parameters Table information
Field Description
Name
MP Model
User Name
Displays the locally arbitrary, but unique identifier associated with this snmpTargeParamsEntry.
Displays the Message Processing Model used when generating SNMP messages using this entry.
Displays the securityName, which identifies the entry on whose behalf SNMP messages will be generated using this entry.
25
Information Commands
Table 15 Target Parameters Table information
Field Description
Sec Model
Sec Level
Displays the security model used when generating SNMP messages using this entry. The system may choose to return an inconsistentValue error if an attempt is made to set this variable to a value for a security model which the system does not support.
Displays the level of security used when generating SNMP messages using this entry.
SNMPv3 Notify Table information
The following command displays the SNMPv3 Notify Table:
show snmp-server v3 notify
Command mode: All
Name Tag
-------------------- -------------------­v1v2trap v1v2trap
The following table describes the SNMPv3 Notify Table information.
Table 16 SNMPv3 Notify Table information
Field Description
Name
Tag
The locally arbitrary, but unique identifier associated with this snmpNotifyEntry.
This represents a single tag value which is used to select entries in the snmpTargetAddrTable. Any entry in the snmpTargetAddrTable that contains a tag value equal to the value of this entry is selected. If this entry contains a value of zero length, no entries are selected.
26
Information Commands

SNMPv3 dump

The following command displays SNMPv3 information:
show snmp-server v3
Command mode: All
Engine ID = 80:00:07:50:03:00:0F:6A:F8:EF:00 usmUser Table: User Name Protocol
-------------------------------- -------------------------------­admin NO AUTH, NO PRIVACY adminmd5 HMAC_MD5, DES PRIVACY adminsha HMAC_SHA, DES PRIVACY v1v2only NO AUTH, NO PRIVACY
vacmAccess Table: Group Name Prefix Model Level Match ReadV WriteV NotifyV
---------- ------ ------- ------------ ------ ------- -------- -----­admin usm noAuthNoPriv exact org org org v1v2grp snmpv1 noAuthNoPriv exact org org v1v2only admingrp usm authPriv exact org org org
vacmViewTreeFamily Table: View Name Subtree Mask Type
-------------------- --------------- ------------ -------------­org 1.3 included v1v2only 1.3 included v1v2only 1.3.6.1.6.3.15 excluded v1v2only 1.3.6.1.6.3.16 excluded v1v2only 1.3.6.1.6.3.18 excluded
vacmSecurityToGroup Table: Sec Model User Name Group Name
---------- ------------------------------- ----------------------­snmpv1 v1v2only v1v2grp usm admin admin usm adminsha admingrp
snmpCommunity Table: Index Name User Name Tag
---------- ---------- -------------------- ----------
snmpNotify Table: Name Tag
-------------------- --------------------
snmpTargetAddr Table: Name Transport Addr Port Taglist Params
---------- --------------- ---- ---------- ---------------
snmpTargetParams Table: Name MP Model User Name Sec Model Sec Level
-------------------- -------- ------------------ --------- -------
27
Information Commands
System information
The following command displays system information:
show sys-info
Command mode: All
System Information at 6:56:22 Thu Jan 11, 2007 Time zone: America/US/Pacific
HP 10 Gb Ethernet Blade Switch sysName: sysLocation: RackId: Default RUID RackName: Default Rack Name EnclosureSerialNumber: -none­EnclosureName: Default Chassis Name BayNumber: 1
Switch has been up for 3 days, 14 hours, 56 minutes and 22 seconds. Last boot: 17:25:38 Mon Jan 8, 2007 (software reset)
MAC address: 00:10:00:01:00:01 IP (If 1) address: 10.14.4.16 Revision: Switch Serial No: Hardware Part No: Spare Part No: Software Version 1.0.0 (FLASH image2), active configuration.
System information includes:
System date and time
Switch model name and number
HP c-Class Rack name and location
Time of last boot
MAC address of the switch management processor
IP address of the switch
Software image file and version number
Current configuration block (active, backup, or factory default)
Login banner, if one is configured
28
Information Commands
Show recent syslog messages
The following command displays system log messages:
show logging messages
Command mode: All
Date Time Severity level Message
---- ---- ----------------- ------­Jul 8 17:25:41 NOTICE system: link up on port 1 Jul 8 17:25:41 NOTICE system: link up on port 8 Jul 8 17:25:41 NOTICE system: link up on port 7 Jul 8 17:25:41 NOTICE system: link up on port 12 Jul 8 17:25:41 NOTICE system: link up on port 11 Jul 8 17:25:41 NOTICE system: link up on port 14 Jul 8 17:25:41 NOTICE system: link up on port 13 Jul 8 17:25:41 NOTICE system: link up on port 16 Jul 8 17:25:41 NOTICE system: link up on port 15 Jul 8 17:25:41 NOTICE system: link up on port 17 Jul 8 17:25:41 NOTICE system: link up on port 20 Jul 8 17:25:41 NOTICE system: link up on port 18 Jul 8 17:25:41 NOTICE system: link up on port 19 Jul 8 17:25:41 NOTICE system: link up on port 21 Jul 8 17:25:42 NOTICE system: link up on port 4 Jul 8 17:25:42 NOTICE system: link up on port 3 Jul 8 17:25:42 NOTICE system: link up on port 6 Jul 8 17:25:42 NOTICE system: link up on port 5 Jul 8 17:25:42 NOTICE system: link up on port 10 Jul 8 17:25:42 NOTICE system: link up on port 9
Each message contains a date and time field and has a severity level associated with it. One of eight different prefixes is used to indicate the condition:
EMERG—indicates the system is unusable
ALERT—indicates action should be taken immediately
CRIT—indicates critical conditions
ERR—indicates error conditions or eroded operations
WARNING—indicates warning conditions
NOTICE—indicates a normal but significant condition
INFO—indicates an information message
DEBUG—indicates a debug-level message
29
Information Commands
System user information
The following command displays user status information:
show access user
Command mode: All except User EXEC
Usernames: user - enabled oper - disabled admin - Always Enabled
Current User ID table: 1: name tech1 , ena, cos user , password valid, online 2: name tech2 , ena, cos user , password valid, offline
The following table describes the User Name information.
Table 17 User Name Information
Field Usage
user
oper
admin
Current User ID Table
Displays the status of the user access level.
Displays the status of the oper (operator) access level.
Displays the status of the admin (administrator) access level.
Displays the status of configured user IDs. To configure new user IDs, use the following command: access user x
30
Loading...
+ 169 hidden pages