Page 1
HP ProLiant BL p-Class GbE2 Interconnect Switch
Command Reference Guide
Part number: 331404-008
Eighth edition: March 2007
Page 2
Legal notices
© 2004, 2007 Hewlett-Packard Development Company, L.P.
The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express
warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP
shall not be liable for technical or editorial errors or omissions contained herein.
Microsoft®, Windows®, and Windows NT® are U.S. registered trademarks of Microsoft Corporation.
SunOS™ and Solaris™ are trademarks of Sun Microsystems, Inc. in the U.S. and other countries.
Cisco® is a registered trademark of Cisco Systems, Inc. and/or its affiliates in the U.S. and certain other countries.
Part number: 331404-008
Eighth edition: March 2007
2
Page 3
Contents
Command line interface
Introduction............................................................................................................................................. 9
Additional references ............................................................................................................................... 9
Connecting to the GbE2 Interconnect Switch ............................................................................................... 9
Establishing a console connection ......................................................................................................... 9
Setting an IP address......................................................................................................................... 10
Establishing a Telnet connection.......................................................................................................... 10
Establishing an SSH connection .......................................................................................................... 10
Accessing the GbE2 Interconnect Switch................................................................................................... 11
Idle timeout ........................................................................................................................................... 12
Typographical conventions...................................................................................................................... 13
Menu basics
Introduction........................................................................................................................................... 14
Main Menu........................................................................................................................................... 14
Menu summary...................................................................................................................................... 14
Global commands.................................................................................................................................. 15
Command line history and editing............................................................................................................ 16
Command line interface shortcuts............................................................................................................. 17
Command stacking ........................................................................................................................... 17
Command abbreviation ..................................................................................................................... 17
Tab completion................................................................................................................................. 17
First-time configuration
Introduction........................................................................................................................................... 18
Configure Simple Network Management Protocol support ...................................................................... 18
Setting passwords.................................................................................................................................. 19
Changing the default administrator password ....................................................................................... 19
Changing the default user password.................................................................................................... 20
Changing the default operator password ............................................................................................. 21
Information Menu
Introduction........................................................................................................................................... 22
Menu overview...................................................................................................................................... 22
System Information Menu........................................................................................................................ 23
SNMPv3 Information Menu ..................................................................................................................... 23
SNMPv3 USM User Table information ...................................................................................................... 24
SNMPv3 View Table information .............................................................................................................25
SNMPv3 Access Table information........................................................................................................... 25
SNMPv3 Group Table information ........................................................................................................... 26
SNMPv3 Community Table information..................................................................................................... 26
SNMPv3 Target Address Table information ............................................................................................... 27
SNMPv3 Target Parameters Table information ........................................................................................... 27
SNMPv3 Notify Table information............................................................................................................ 28
SNMPv3 dump...................................................................................................................................... 29
System information................................................................................................................................. 30
Show last 100 syslog messages............................................................................................................... 31
System user information .......................................................................................................................... 31
Layer 2 information................................................................................................................................ 32
FDB information menu ............................................................................................................................ 33
Show all FDB information................................................................................................................... 33
Link Aggregation Control Protocol information ........................................................................................... 34
LACP dump........................................................................................................................................... 34
Hot Links Trigger information................................................................................................................... 35
802.1p information................................................................................................................................ 35
Contents 3
Page 4
ACL information..................................................................................................................................... 36
802.1x information................................................................................................................................ 37
Spanning Tree information ...................................................................................................................... 38
Rapid Spanning Tree and Multiple Spanning Tree information..................................................................... 40
Common Internal Spanning Tree information ............................................................................................. 42
Trunk group information.......................................................................................................................... 43
VLAN information .................................................................................................................................. 44
Layer 2 general information .................................................................................................................... 44
Layer 3 information................................................................................................................................ 44
Route information................................................................................................................................... 45
Show all IP Route information .................................................................................................................. 46
ARP information..................................................................................................................................... 46
Show all ARP entry information........................................................................................................... 47
ARP address list information ............................................................................................................... 47
OSPF information................................................................................................................................... 48
OSPF general information ....................................................................................................................... 49
OSPF interface information...................................................................................................................... 49
OSPF Database information menu............................................................................................................ 49
OSPF route codes information ................................................................................................................. 51
Routing Information Protocol menu ........................................................................................................... 51
RIP Routes information ............................................................................................................................ 51
RIP user configuration ............................................................................................................................. 52
IP information ........................................................................................................................................ 52
IGMP multicast group information ............................................................................................................ 52
IGMP multicast router port information...................................................................................................... 53
VRRP information ................................................................................................................................... 53
RMON Information Menu ....................................................................................................................... 54
RMON history information ................................................................................................................. 54
RMON alarm information .................................................................................................................. 55
RMON event information ................................................................................................................... 56
Link status information ............................................................................................................................ 56
Port information ..................................................................................................................................... 57
Logical Port to GEA Port mapping ............................................................................................................ 58
Uplink Failure Detection information ......................................................................................................... 58
Information dump................................................................................................................................... 59
Statistics Menu
Introduction........................................................................................................................................... 60
Menu information .................................................................................................................................. 60
Port Statistics Menu ................................................................................................................................ 61
802.1x statistics ............................................................................................................................... 62
Bridging statistics .............................................................................................................................. 63
Ethernet statistics............................................................................................................................... 64
Interface statistics .............................................................................................................................. 66
Internet Protocol (IP) statistics .............................................................................................................. 67
Link statistics..................................................................................................................................... 67
Port RMON statistics.......................................................................................................................... 67
Layer 2 statistics..................................................................................................................................... 69
FDB statistics .................................................................................................................................... 69
LACP statistics........................................................................................................................................ 69
Hot Links statistics .................................................................................................................................. 70
Layer 3 statistics..................................................................................................................................... 70
GEA Layer 3 statistics menu ............................................................................................................... 71
GEA Layer 3 statistics........................................................................................................................ 71
IP statistics........................................................................................................................................ 71
Route statistics .................................................................................................................................. 72
ARP statistics .................................................................................................................................... 73
DNS statistics ................................................................................................................................... 73
Contents 4
Page 5
ICMP statistics .................................................................................................................................. 73
TCP statistics..................................................................................................................................... 75
UDP statistics .................................................................................................................................... 76
IGMP Multicast Group statistics........................................................................................................... 76
OSPF statistics menu.......................................................................................................................... 77
OSPF global statistics ........................................................................................................................ 77
VRRP statistics................................................................................................................................... 79
RIP statistics...................................................................................................................................... 80
Management Processor statistics .............................................................................................................. 80
TCP statistics..................................................................................................................................... 81
UDP statistics .................................................................................................................................... 81
CPU statistics.................................................................................................................................... 81
Access Control List (ACL) statistics menu............................................................................................... 82
ACL statistics .................................................................................................................................... 82
ACL meter statistics............................................................................................................................ 82
SNMP statistics................................................................................................................................. 82
NTP statistics .................................................................................................................................... 84
Link statistics..................................................................................................................................... 85
DNS statistics ................................................................................................................................... 85
Uplink Failure Detection statistics......................................................................................................... 86
Statistics dump.................................................................................................................................. 86
Configuration Menu
Introduction........................................................................................................................................... 87
Menu information .................................................................................................................................. 87
Viewing, applying, reverting, and saving changes ..................................................................................... 88
Viewing pending changes....................................................................................................................... 88
Applying pending changes ..................................................................................................................... 88
Reverting changes.................................................................................................................................. 88
Saving the configuration ......................................................................................................................... 88
Reminders............................................................................................................................................. 89
System configuration .............................................................................................................................. 89
System host log configuration ............................................................................................................. 91
Secure Shell Server configuration ........................................................................................................ 92
RADIUS server configuration............................................................................................................... 92
TACACS+ server configuration ........................................................................................................... 94
NTP server configuration.................................................................................................................... 95
System SNMP configuration ............................................................................................................... 96
SNMPv3 configuration ...................................................................................................................... 97
User Security Model configuration....................................................................................................... 98
SNMPv3 View configuration .............................................................................................................. 98
View-based Access Control Model configuration...................................................................................99
SNMPv3 Group configuration .......................................................................................................... 100
SNMPv3 Community Table configuration ........................................................................................... 100
SNMPv3 Target Address Table configuration...................................................................................... 101
SNMPv3 Target Parameters Table configuration.................................................................................. 102
SNMPv3 Notify Table configuration .................................................................................................. 102
System Access configuration............................................................................................................. 103
Management Networks configuration ................................................................................................ 104
User Access Control configuration..................................................................................................... 104
User ID configuration....................................................................................................................... 105
HTTPS Access configuration.............................................................................................................. 105
Port configuration................................................................................................................................. 106
Temporarily disabling a port ............................................................................................................ 107
Port link configuration...................................................................................................................... 107
Port fiber link control ....................................................................................................................... 108
ACL Port configuration..................................................................................................................... 108
ACL Port Metering configuration ....................................................................................................... 109
Contents 5
Page 6
ACL Port Re-Mark configuration ........................................................................................................ 109
ACL Port Re-Mark In-Profile configuration............................................................................................ 110
Re-Mark Update User Priority configuration ........................................................................................ 110
ACL Port Re-Mark Out-of-Profile configuration ..................................................................................... 110
Layer 2 configuration ........................................................................................................................... 111
802.1x configuration ........................................................................................................................... 111
802.1x Global configuration................................................................................................................. 112
802.1x Port configuration..................................................................................................................... 113
Rapid Spanning Tree Protocol / Multiple Spanning Tree Protocol configuration............................................ 114
Common Internal Spanning Tree configuration......................................................................................... 115
CIST bridge configuration ..................................................................................................................... 115
CIST port configuration......................................................................................................................... 116
Spanning Tree configuration.................................................................................................................. 117
Bridge Spanning Tree configuration .................................................................................................. 118
Spanning Tree port configuration ...................................................................................................... 119
Forwarding Database configuration ....................................................................................................... 120
Static FDB configuration................................................................................................................... 120
Trunk configuration .............................................................................................................................. 121
IP Trunk Hash configuration.............................................................................................................. 121
Layer 2 IP Trunk Hash configuration .................................................................................................. 122
Link Aggregation Control Protocol configuration.................................................................................. 122
LACP Port configuration ................................................................................................................... 123
Hot Links configuration .................................................................................................................... 123
Hot Links Trigger configuration.......................................................................................................... 124
Hot Links Master configuration.......................................................................................................... 124
Hot Links Backup configuration ......................................................................................................... 124
VLAN configuration......................................................................................................................... 125
Layer 3 configuration ........................................................................................................................... 126
IP interface configuration ................................................................................................................. 126
Default Gateway configuration ......................................................................................................... 127
IP Static Route configuration .................................................................................................................. 128
Address Resolution Protocol configuration ............................................................................................... 128
ARP Static configuration........................................................................................................................ 128
IP Forwarding configuration .................................................................................................................. 129
Network Filter configuration .................................................................................................................. 129
Route Map configuration....................................................................................................................... 129
IP Access List configuration.................................................................................................................... 131
Autonomous System Path configuration................................................................................................... 131
Routing Information Protocol configuration .............................................................................................. 132
RIP Interface configuration................................................................................................................ 132
RIP Route Redistribution configuration ................................................................................................ 133
Open Shortest Path First configuration .................................................................................................... 134
OSFP Area Index configuration......................................................................................................... 135
OSPF Summary Range configuration ................................................................................................. 136
OSPF Interface configuration ............................................................................................................ 136
OSPF Virtual Link configuration......................................................................................................... 137
OSPF Host Entry configuration .......................................................................................................... 137
OSPF Route Redistribution configuration............................................................................................. 138
OSPF MD5 Key configuration........................................................................................................... 139
IGMP configuration.............................................................................................................................. 139
IGMP snooping configuration ........................................................................................................... 140
IGMP static multicast router configuration........................................................................................... 141
IGMP filtering configuration.............................................................................................................. 141
IGMP filter definition ....................................................................................................................... 142
IGMP filtering port configuration ....................................................................................................... 142
Domain name system configuration ................................................................................................... 143
Bootstrap Protocol Relay configuration.................................................................................................... 143
Contents 6
Page 7
Virtual Router Redundancy Protocol configuration..................................................................................... 144
VRRP Virtual Router configuration ...................................................................................................... 144
VRRP Virtual Router Priority Tracking configuration .............................................................................. 146
VRRP Virtual Router Group configuration ............................................................................................ 146
VRRP Virtual Router Group Priority Tracking configuration .................................................................... 147
VRRP Interface configuration............................................................................................................. 148
VRRP Tracking configuration............................................................................................................. 148
Quality of Service configuration............................................................................................................. 149
QoS 802.1p configuration............................................................................................................... 149
Access Control configuration ................................................................................................................. 149
Access Control List configuration ....................................................................................................... 150
ACL Ethernet Filter configuration ....................................................................................................... 151
ACL IP Version 4 Filter configuration.................................................................................................. 151
ACL TCP/UDP Filter configuration ..................................................................................................... 152
ACL Packet Format configuration....................................................................................................... 153
ACL Block configuration................................................................................................................... 153
ACL Group configuration ................................................................................................................. 153
Remote Monitoring configuration ........................................................................................................... 154
RMON history configuration............................................................................................................. 154
RMON event configuration .............................................................................................................. 155
RMON alarm configuration.............................................................................................................. 155
Port mirroring ...................................................................................................................................... 156
Port-based port mirroring ................................................................................................................. 157
Uplink Failure Detection configuration..................................................................................................... 157
Failure Detection Pair configuration ................................................................................................... 158
Link to Monitor configuration ............................................................................................................ 158
Link to Disable configuration............................................................................................................. 159
Dump ................................................................................................................................................. 159
Saving the active GbE2 Interconnect Switch configuration......................................................................... 159
Restoring the active GbE2 Interconnect Switch configuration...................................................................... 160
Operations Menu
Introduction......................................................................................................................................... 161
Menu information ................................................................................................................................ 161
Operations-level port options ............................................................................................................ 161
Operations-level port 802.1x options ................................................................................................ 162
Operations-level VRRP options .......................................................................................................... 162
Boot Options Menu
Introduction......................................................................................................................................... 163
Menu information ................................................................................................................................ 163
Updating the GbE2 Interconnect Switch software image ........................................................................... 163
Downloading new software to your GbE2 Interconnect Switch.............................................................. 163
Selecting a software image to run .......................................................................................................... 165
Uploading a software image from your GbE2 Interconnect Switch ............................................................. 165
Selecting a configuration block.............................................................................................................. 166
Resetting the GbE2 Interconnect Switch................................................................................................... 166
Accessing the ISCLI .............................................................................................................................. 166
Maintenance Menu
Introduction......................................................................................................................................... 167
Menu information ................................................................................................................................ 167
System maintenance options............................................................................................................. 168
Forwarding Database options........................................................................................................... 168
Debugging options.......................................................................................................................... 168
ARP cache options .......................................................................................................................... 169
IP Route Manipulation options........................................................................................................... 170
IGMP Multicast Group options.......................................................................................................... 170
IGMP Snooping options................................................................................................................... 170
Contents 7
Page 8
IGMP Mrouter options ..................................................................................................................... 171
Uuencode flash dump...................................................................................................................... 171
FTP/TFTP system dump put ............................................................................................................... 172
Clearing dump information............................................................................................................... 172
Panic command.............................................................................................................................. 172
Unscheduled system dumps ................................................................................................................... 173
Index
Contents 8
Page 9
Command line interface
Introduction
Your HP ProLiant BL p-Class GbE2 Interconnect Switch is ready to perform basic switching functions right out of the
box. Some of the more advanced features, however, require some administrative configuration before they can be
used effectively.
The extensive switching software included in your GbE2 Interconnect Switch provides a variety of options for
accessing and configuring the GbE2 Interconnect Switch:
• A built-in, text-based command line interface (CLI) and menu system for access via a local terminal or remote
Telnet/Secure Shell (SSH) session
• Simple Network Management Protocol (SNMP) support for access through network management software such
as HP OpenView and HP Insight Manager 7
• A browser-based management interface for interactive network access through your Web browser
The command line interface is the most direct method for collecting GbE2 Interconnect Switch information and
performing switch configuration. Using a basic terminal, you are presented with a hierarchy of menus that enable you
to view information and statistics about the GbE2 Interconnect Switch, and to perform any necessary configuration.
This chapter explains how to access the CLI to the GbE2 Interconnect Switch.
Additional references
Additional information about installing and configuring the GbE2 Interconnect Switch is available in the following
guides, which are available at http://www.hp.com/support
• HP ProLiant BL p-Class GbE2 Interconnect Switch User Guide
• HP ProLiant BL p-Class GbE2 Interconnect Switch Application Guide
• HP ProLiant BL p-Class GbE2 Interconnect Switch Browser-based Interface Reference Guide
• HP ProLiant BL p-Class C-GbE2 Interconnect Kit Quick Setup Instructions
• HP ProLiant BL p-Class F-GbE2 Interconnect Kit Quick Setup Instructions
• HP BladeSystem p-Class SAN Connectivity Kit Quick Setup Instructions
.
Connecting to the GbE2 Interconnect Switch
You can access the command line interface in one of the following ways:
• Using a console connection via the console port
• Using a Telnet connection over the network
• Using a Secure Shell (SSH) connection to securely log in over a network
Establishing a console connection
To establish a console connection with the GbE2 Interconnect Switch, you need:
• A null modem cable with a female DB-9 connector (See the HP ProLiant BL p-Class GbE2 Interconnect Switch
User Guide for more information.)
• An ASCII terminal or a computer running terminal emulation software set to the parameters shown in the table
below
Table 1 Console configuration parameters
Parameter Value
Baud Rate 9600
Data Bits 8
Parity None
Stop Bits 1
Flow Control None
Command line interface 9
Page 10
To establish a console connection with the GbE2 Interconnect Switch:
1. Connect the terminal to the console port using the null modem cable.
2. Power on the terminal.
3. Press the Enter key a few times on your terminal to establish the connection.
4. You will be required to enter a password for access to the GbE2 Interconnect Switch. (For more information, see
the “Setting passwords” section in the “First-time configuration” chapter.)
Setting an IP address
To access the GbE2 Interconnect Switch via a Telnet or an SSH connection, you need to have an Internet Protocol (IP)
address set for the switch. The GbE2 Interconnect Switch can get its IP address in one of two ways:
• Using a Bootstrap Protocol (BOOTP) server—By default, the management interface is set up to request its IP
address from a BOOTP server. If you have a BOOTP server on your network, add the Media Access Control
(MAC) address of the GbE2 Interconnect Switch to the BOOTP configuration file located on the BOOTP server.
The MAC address can be found on a small white label on the back panel of the GbE2 Interconnect Switch. The
MAC address can also be found in the System Information menu (See the “System information” section in the
“Information Menu” chapter.) If you are using a DHCP server that also does BOOTP, you do not have to
configure the MAC address.
• Configuring manually—If your network does not support BOOTP, you must configure the management port with
an IP address.
Establishing a Telnet connection
A Telnet connection offers the convenience of accessing the GbE2 Interconnect Switch from any workstation
connected to the network. Telnet provides the same options for user, operator, and administrator access as those
available through the console port. By default, Telnet is enabled on the GbE2 Interconnect Switch. The GbE2
Interconnect Switch supports four concurrent Telnet connections.
Once the IP parameters are configured, you can access the CLI using a Telnet connection. To establish a Telnet
connection with the GbE2 Interconnect Switch, run the Telnet program on your workstation and enter the telnet
command, followed by the GbE2 Interconnect Switch IP address:
telnet <GbE2 Interconnect Switch IP address>
You will then be prompted to enter a password. The password entered determines the access level: administrator,
operator, or user. See the “Accessing the GbE2 Interconnect Switch” section later in this chapter for description of
default passwords.
Establishing an SSH connection
Although a remote network administrator can manage the configuration of a GbE2 Interconnect Switch via Telnet, this
method does not provide a secure connection. The Secure Shell (SSH) protocol enables you to securely log into the
GbE2 Interconnect Switch over the network.
As a secure alternative to using Telnet to manage GbE2 Interconnect Switch configuration, SSH ensures that all data
sent over the network is encrypted and secure. In order to use SSH, you must first configure it on the GbE2
Interconnect Switch. See the “Secure Shell Server configuration” section in the “Configuration Menu” chapter for
information on how to configure SSH.
The GbE2 Interconnect Switch can perform only one session of key/cipher generation at a time. Therefore, an
SSH/Secure Copy (SCP) client will not be able to log in if the GbE2 Interconnect Switch is performing key generation
at that time or if another client has just logged in before this client. Similarly, the system will fail to perform the key
generation if an SSH/SCP client is logging in at that time.
The supported SSH encryption and authentication methods are listed below.
• Server Host Authentication—Client RSA authenticates the GbE2 Interconnect Switch in the beginning of every
connection
• Key Exchange—RSA
Command line interface 10
Page 11
• Encryption:
• AES256-CBC
• AES192-CBC
• AES128-CBC
• 3DES-CBC
• 3DES
• ARCFOUR
• User Authentication—Local password authentication; Remote Authentication Dial-in User Service (RADIUS)
The following SSH clients are supported:
• SSH 3.0.1 for Linux (freeware)
• SecureCRT® 4.1.8 (VanDyke Technologies, Inc.)
• OpenSSH_3.9 for Linux (FC 3)
• FedoraCore 3 for SCP commands
• PuTTY Release 0.58 (Simon Tatham) for Windows
NOTE: The GbE2 Interconnect Switch implementation of SSH is based on versions 1.5 and 2.0, and supports
SSH clients from version 1.0 through version 2.0. SSH clients of other versions are not supported. You may
configure the client software to use protocol SSH version 1 or version 2.
By default, SSH service is not enabled on the GbE2 Interconnect Switch. Once the IP parameters are configured, you
can access the command line interface to enable SSH.
To establish an SSH connection with the GbE2 Interconnect Switch, run the SSH program on your workstation by
issuing the ssh command, followed by the user account name and the GbE2 Interconnect Switch IP address:
>> # ssh <user><GbE2 Interconnect Switch IP address>
You will then be prompted to enter your password.
NOTE: The first time you run SSH from your workstation, a warning message might appear. At the prompt,
enter yes to continue.
Accessing the GbE2 Interconnect Switch
To enable better switch management and user accountability, the GbE2 Interconnect Switch provides different levels
or classes of user access. Levels of access to the CLI and Web management functions and screens increase as needed
to perform various GbE2 Interconnect Switch management tasks. The three levels of access are:
• User—User interaction with the GbE2 Interconnect Switch is completely passive; nothing can be changed on the
GbE2 Interconnect Switch. Users may display information that has no security or privacy implications, such as
GbE2 Interconnect Switch statistics and current operational state information.
• Operator—Operators can only effect temporary changes on the GbE2 Interconnect Switch. These changes will
be lost when the GbE2 Interconnect Switch is rebooted/reset. Operators have access to the GbE2 Interconnect
Switch management features used for daily GbE2 Interconnect Switch operations. Because any changes an
operator makes are undone by a reset of the GbE2 Interconnect Switch, operators cannot severely impact
switch operation, but do have access to the Maintenance menu.
• Administrator—Only administrators can make permanent changes to the GbE2 Interconnect Switch
configuration, changes that are persistent across a reboot/reset of the GbE2 Interconnect Switch. Administrators
can access GbE2 Interconnect Switch functions to configure and troubleshoot problems on the switch. Because
administrators can also make temporary (operator-level) changes as well, they must be aware of the interactions
between temporary and permanent changes.
Access to GbE2 Interconnect Switch functions is controlled through the use of unique usernames and passwords.
Once you are connected to the GbE2 Interconnect Switch via the local console, Telnet, or SSH, you are prompted to
enter a password. The password entered determines the access level. The default user names/password for each
access level is listed in the following table.
NOTE: It is recommended that you change default GbE2 Interconnect Switch passwords after initial
configuration and as regularly as required under your network security policies. For more information, see the
“Setting passwords” section in the “First-time configuration” chapter.
Command line interface 11
Page 12
Table 2 User access levels
User account Description and tasks performed
User The user has no direct responsibility for GbE2 Interconnect Switch management. He or she can view
all GbE2 Interconnect Switch status information and statistics, but cannot make any configuration
changes to the GbE2 Interconnect Switch. The user account is enabled by default.
Operator The operator manages all functions of the GbE2 Interconnect Switch. The operator can reset ports or
the entire GbE2 Interconnect Switch. By default, the operator account is disabled and has no
password.
Administrator The super user administrator has complete access to all menus, information, and configuration
commands on the GbE2 Interconnect Switch, including the ability to change both the user and
administrator passwords.
NOTE: With the exception of the admin user, setting the password to an empty value can disable access to
each user level. By default, user and admin are enabled.
Once you enter the administrator password and it is verified, you are given complete access to the GbE2 Interconnect
Switch.
After logging in, the Main Menu of the CLI is displayed. See the “Menu basics” chapter for a summary of the Main
Menu options.
[Main Menu]
info - Information Menu
stats - Statistics Menu
cfg - Configuration Menu
oper - Operations Command Menu
boot - Boot Options Menu
maint - Maintenance Menu
diff - Show pending config changes [global command]
apply - Apply pending config changes [global command]
save - Save updated config to FLASH [global command]
revert - Revert pending or applied changes [global command]
exit - Exit [global command, always available]
>> Main#
Idle timeout
By default, the GbE2 Interconnect Switch will disconnect your console, Telnet, or SSH session after five minutes of
inactivity. This function is controlled by the idle timeout parameter, which can be set from 1 to 60 minutes. For
information on changing this parameter, see the “System configuration” section in the “Configuration Menu” chapter.
Command line interface 12
Page 13
Typographical conventions
The following table describes the typographic styles used in this guide:
Table 3 Typographic conventions
Typeface or symbol Meaning Example
AaBbCc123 This type depicts onscreen computer output and prompts. Main#
AaBbCc123 This type displays in command examples and shows text
that must be typed in exactly as shown.
<AaBbCc123> This italicized type displays in command examples as a
parameter placeholder. Replace the indicated text with
the appropriate real name or value when using the
command. Do not type the brackets.
This also shows guide titles, special terms, or words to be
emphasized.
[ ] Command items shown inside brackets are optional and
can be used or excluded as the situation demands. Do
not type the brackets.
Main# sys
To establish a Telnet session, enter:
host# telnet <IP address>
Read your user guide thoroughly.
host# ls [-a]
Command line interface 13
Page 14
Menu basics
Introduction
The HP ProLiant BL p-Class GbE2 Interconnect Switch CLI is used for viewing switch information and statistics. In
addition, the administrator can use the CLI for performing all levels of GbE2 Interconnect Switch configuration.
To make the CLI easy to use, the various commands have been logically grouped into a series of menus and
submenus. Each menu displays a list of commands and/or submenus that are available, along with a summary of
what each command will do. Below each menu is a prompt where you can enter any command appropriate to the
current menu.
This chapter describes the Main Menu commands, and provides a list of commands and shortcuts that are commonly
available from all the menus within the CLI.
Main Menu
The Main Menu displays after a successful connection and login. The following table shows the Main Menu for the
administrator login. Some features are not available under the user login.
[Main Menu]
info - Information Menu
stats - Statistics Menu
cfg - Configuration Menu
oper - Operations Command Menu
boot - Boot Options Menu
maint - Maintenance Menu
diff - Show pending config changes [global command]
apply - Apply pending config changes [global command]
save - Save updated config to FLASH [global command]
revert - Revert pending or applied changes [global command]
exit - Exit [global command, always available]
Menu summary
The Main Menu displays the following submenus:
• Information Menu
The Information Menu provides submenus for displaying information about the current status of the GbE2
Interconnect Switch: from basic system settings to VLANs, and more.
• Statistics Menu
This menu provides submenus for displaying GbE2 Interconnect Switch performance statistics. Included are port,
IF, IP, ICMP, TCP, UDP, SNMP, routing, ARP, and DNS.
• Configuration Menu
This menu is available only from an administrator login. It includes submenus for configuring every aspect of the
GbE2 Interconnect Switch. Changes to configuration are not active until explicitly applied. Changes can be
saved to non-volatile memory (NVRAM).
• Operations Command Menu
Operations-level commands are used for making immediate and temporary changes to GbE2 Interconnect
Switch configuration. This menu is used for bringing ports temporarily in and out of service. This menu is
available only from an administrator and operator login.
• Boot Options Menu
The Boot Options Menu is available only from an administrator login. This menu is used for upgrading GbE2
Interconnect Switch software, selecting configuration blocks, and for resetting the GbE2 Interconnect Switch
when necessary. This menu is also used to set the GbE2 Interconnect Switch back to factory settings.
• Maintenance Menu
This menu is used for debugging purposes, enabling you to generate a technical support dump of the critical
state information in the GbE2 Interconnect Switch, and to clear entries in the Forwarding Database and the
Address Resolution Protocol (ARP) and routing tables. This menu is available only from an administrator and
operator login.
Menu basics 14
Page 15
Global commands
Some basic commands are recognized throughout the menu hierarchy. These commands are useful for obtaining
online Help, navigating through menus, and for applying and saving configuration changes.
For help on a specific command, type help. The following screen displays:
Global Commands: [can be issued from any menu]
help up print pwd
lines verbose exit quit
diff apply save revert
ping traceroute telnet history
pushd popd who
The following are used to navigate the menu structure:
. Print current menu
.. Move up one menu level
/ Top menu if first, or command separator
! Execute command from history
The following table describes the global commands.
Table 4 Global commands
Command Action
? command or help Provides usage information about a specific command on the current menu. When used
. or print Displays the current menu.
.. or up Moves up one level in the menu structure.
/ If placed at the beginning of a command, displays the Main Menu. Otherwise, this is used
lines Sets the number of lines (n) that display on the screen at one time. The default is 24 lines.
diff Shows any pending configuration changes that have not been applied.
apply Applies pending configuration changes.
save Saves the active configuration to backup, and saves the current configuration as active.
revert Removes changes that have been made, but not applied.
exit or quit Exits from the command line interface and logs out.
ping Verifies station-to-station connectivity across the network. The format is:
traceroute Identifies the route used for station-to-station connectivity across the network. The format is:
pwd Displays the command path used to reach the current menu.
without the command parameter, a summary of the global commands is displayed.
to separate multiple commands placed on the same line.
When used without a value, the current setting is displayed.
diff flash displays all pending configuration changes that have been applied but not
saved to flash memory (NVRAM), as well as those that have not been applied.
save n saves the current configuration as active, without saving the active configuration
to backup.
revert apply removes all changes that have not been saved.
ping <host name> | <IP address> [ (number of tries)> [
msec delay ]]
IP address is the hostname or IP address of the device.
•
• number of tries (optional) is the number of attempts (1-32).
• msec delay (optional) is the number of milliseconds between attempts.
traceroute <host name> | <IP address> [<max-hops> [ msec
delay ]]
IP address is the hostname or IP address of the target station.
•
• max-hops (optional) is the maximum distance to trace (1-16 devices)
• msec delay (optional) is the number of milliseconds to wait for the response.
Menu basics 15
Page 16
Table 4 Global commands
Command Action
verbose n Sets the level of information displayed on the screen:
• 0 = Quiet: Nothing displays except errors, not even prompts.
• 1 = Normal: Prompts and requested output are shown, but no menus.
• 2 = Verbose: Everything is shown. This is the default.
• When used without a value, the current setting is displayed.
telnet This command is used to Telnet out of the GbE2 Interconnect Switch. The format is:
telnet <hostname> | <IP address> [port]
history Displays the history of the last ten commands.
pushd Remembers the current location in the directory of menu commands.
popd Returns to the last pushd location.
who Displays users who are logged in.
Command line history and editing
Using the command line interface, you can retrieve and modify previously entered commands with just a few
keystrokes. The following options are available globally at the command line:
Table 5 Command line history and editing options
Option Description
history Displays a numbered list of the last ten previously entered commands.
!! Repeats the last entered command.
!n Repeats the nth command shown on the history list.
<Ctrl-p> or
Up arrow key
<Ctrl-n> or
Down arrow key
<Ctrl-a> Moves the cursor to the beginning of the command line.
<Ctrl-e> Moves cursor to the end of the command line.
<Ctrl-b> or
Left arrow key
<Ctrl-f> or
Right arrow key
<Backspace> or Delete
key
<Ctrl-d> Deletes one character at the cursor position.
<Ctrl-k> Erases all characters from the cursor position to the end of the command line.
<Ctrl-l> Redisplays the current line.
<Ctrl-u> Clears the entire line.
Other keys Inserts new characters at the cursor position.
Recalls the previous command from the history list. This can be used multiple times to work
backward through the last ten commands. The recalled command can be entered as is, or
edited using the options below.
Recalls the next command from the history list. This can be used multiple times to work forward
through the last ten commands. The recalled command can be entered as is, or edited using the
options below.
Moves the cursor back one position to the left.
Moves the cursor forward one position to the right.
Erases one character to the left of the cursor position.
. Prints the current level menu list.
.. Moves to the previous directory level.
Menu basics 16
Page 17
Command line interface shortcuts
The following shortcuts allow you to enter commands quickly and easily.
Command stacking
As a shortcut, you can type multiple commands on a single line, separated by forward slashes (/). You can connect
as many commands as required to access the menu option that you want.
For example, the keyboard shortcut to access the Simple Network Management Protocol (SNMP) Configuration Menu
from the Main# prompt is:
Main# cfg/sys/ssnmp/name
Command abbreviation
Most commands can be abbreviated by entering the first characters that distinguish the command from the others in
the same menu or submenu.
For example, the command shown above could also be entered as:
Main# c/sn/n
Tab completion
By entering the first letter of a command at any menu prompt and pressing the Tab key, the CLI will display all
commands or options in that menu that begin with that letter. Entering additional letters will further refine the list of
commands or options displayed.
If only one command fits the input text when the Tab key is pressed, that command will be supplied on the command
line, waiting to be entered. If the Tab key is pressed without any input on the command line, the currently active menu
displays.
Menu basics 17
Page 18
First-time configuration
Introduction
This chapter describes how to perform first-time configuration and how to change system passwords.
To begin first-time configuration of the switch, perform the following steps.
1. Connect to the GbE2 Interconnect Switch console. After connecting, the login prompt displays.
HP ProLiant BL p-Class C-GbE2 Interconnect Switch A
Copyright(C)2003 Hewlett-Packard Development Company, L.P.
Password:
2. Enter admin as the default administrator password.
The system displays the Main Menu with administrator privileges.
[Main Menu]
info - Information Menu
stats - Statistics Menu
cfg - Configuration Menu
oper - Operations Command Menu
boot - Boot Options Menu
maint - Maintenance Menu
diff - Show pending config changes [global command]
apply - Apply pending config changes [global command]
save - Save updated config to FLASH [global command]
revert - Revert pending or applied changes [global command]
exit - Exit [global command, always available]
>> Main#
3. From the Main Menu, enter the following command to access the Configuration Menu:
Main# /cfg
The Configuration Menu is displayed.
[Configuration Menu]
sys - System-wide Parameter Menu
port - Port Menu
l2 - Layer 2 Menu
l3 - Layer 3 Menu
qos - QOS Menu
acl - Access Control List Menu
rmon - RMON Menu
pmirr - Port Mirroring Menu
ufd - Uplink Failure Detection Menu
dump - Dump current configuration to script file
ptcfg - Backup current configuration to FTP/TFTP server
gtcfg - Restore current configuration from FTP/TFTP server
cur - Display current configuration
Configure Simple Network Management Protocol support
NOTE: SNMP support is enabled by default.
1. Use the following command to enable SNMP:
>> # /cfg/sys/access/snmp disable|read only|read/write
2. Set SNMP read or write community string. By default, they are public and private respectively:
>> # /cfg/sys/ssnmp/rcomm|wcomm
3. When prompted, enter the proper community string.
First-time configuration 18
Page 19
4. Apply and save configuration if you are not configuring the GbE2 Interconnect Switch with Telnet support.
Otherwise apply and save after the performing the “Optional Setup for Telnet Support” steps.
>> System# apply
>> System# save
Setting passwords
HP recommends that you change all passwords after initial configuration and as regularly as required under your
network security policies. See the “Accessing the GbE2 Interconnect Switch” section in the “Command line interface”
chapter for a description of the user access levels.
To change the user, operator, or administrator password, you must log in using the administrator password.
Passwords cannot be modified from the user or operator command mode.
NOTE: If you forget your administrator password, call HP technical support for help using the password fix-up
mode.
Changing the default administrator password
The administrator has complete access to all menus, information, and configuration commands, including the ability
to change the user, operator, and administrator passwords.
The default password for the administrator account is admin. To change the default password:
1. Connect to the GbE2 Interconnect Switch and log in using the admin password.
2. From the Main Menu, use the following command to access the Configuration Menu:
Main# /cfg
The Configuration Menu is displayed.
[Configuration Menu]
sys - System-wide Parameter Menu
port - Port Menu
l2 - Layer 2 Menu
l3 - Layer 3 Menu
qos - QOS Menu
acl - Access Control List Menu
rmon - RMON Menu
pmirr - Port Mirroring Menu
ufd - Uplink Failure Detection Menu
dump - Dump current configuration to script file
ptcfg - Backup current configuration to FTP/TFTP server
gtcfg - Restore current configuration from FTP/TFTP server
cur - Display current configuration
3. From the Configuration Menu, use the following command to select the System Menu:
>> Configuration# sys
First-time configuration 19
Page 20
The System Menu is displayed.
[System Menu]
syslog - Syslog Menu
sshd - SSH Server Menu
radius - RADIUS Authentication Menu
tacacs+ - TACACS+ Authentication Menu
ntp - NTP Server Menu
ssnmp - System SNMP Menu
access - System Access Menu
date - Set system date
time - Set system time
timezone - Set system timezone (daylight savings)
idle - Set timeout for idle CLI sessions
notice - Set login notice
bannr - Set login banner
hprompt - Enable/disable display hostname (sysName) in CLI prompt
bootp - Enable/disable use of BOOTP
reminders - Enable/disable Reminders
cur - Display current system-wide parameters
4. Enter the following command to set the administrator password:
System# access/user/admpw
5. Enter the current administrator password at the prompt:
Changing ADMINISTRATOR password; validation required...
Enter current administrator password:
NOTE: If you forget your administrator password, call your technical support representative for help using the
password fix-up mode.
6. Enter the new administrator password at the prompt:
Enter new administrator password:
7. Enter the new administrator password, again, at the prompt:
Re-enter new administrator password:
8. Apply and save your change by entering the following commands:
System# apply
System# save
Changing the default user password
The user login has limited control of the GbE2 Interconnect Switch. Through a user account, you can view GbE2
Interconnect Switch information and statistics, but you cannot make configuration changes.
The default password for the user account is user. This password cannot be changed from the user account. Only the
administrator has the ability to change passwords, as shown in the following procedure.
1. Connect to the GbE2 Interconnect Switch and log in using the admin password.
2. From the Main Menu, use the following command to access the Configuration Menu:
Main# cfg
3. From the Configuration Menu, use the following command to select the System Menu:
>> Configuration# sys
4. Enter the following command to set the user password:
System# access/user/usrpw
First-time configuration 20
Page 21
5. Enter the current administrator password at the prompt.
Only the administrator can change the user password. Entering the administrator password confirms your
authority.
Changing USER password; validation required...
Enter current administrator password:
6. Enter the new user password at the prompt:
Enter new user password:
7. Enter the new user password, again, at the prompt:
Re-enter new user password:
8. Apply and save your changes:
System# apply
System# save
Changing the default operator password
The operator manages all functions of the GbE2 Interconnect Switch. The operator can reset ports or the entire GbE2
Interconnect Switch. Operators can only effect temporary changes on the GbE2 Interconnect Switch. These changes
will be lost when the GbE2 Interconnect Switch is rebooted/reset. Operators have access to the GbE2 Interconnect
Switch management features used for daily GbE2 Interconnect Switch operations. Because any changes an operator
makes are undone by a reset of the GbE2 Interconnect Switch, operators cannot severely impact GbE2 Interconnect
Switch operation.
By default, the operator account is disabled and has no password. This password cannot be changed from the
operator account. Only the administrator has the ability to change passwords, as shown in the following procedure.
1. Connect to the GbE2 Interconnect Switch and log in using the admin password.
2. From the Main Menu, use the following command to access the Configuration Menu:
Main# cfg
3. From the Configuration Menu, use the following command to select the System Menu:
>> Configuration# sys
4. Enter the following command to set the operator password:
System# access/user/opw
5. Enter the current administrator password at the prompt.
Only the administrator can change the user password. Entering the administrator password confirms your
authority.
Changing OPERATOR password; validation required...
Enter current administrator password:
6. Enter the new operator password at the prompt:
Enter new operator password:
7. Enter the new operator password, again, at the prompt:
Re-enter new operator password:
8. Apply and save your changes:
System# apply
System# save
First-time configuration 21
Page 22
Information Menu
Introduction
You can view configuration information for the GbE2 Interconnect Switch in the user, operator, and administrator
command modes. This chapter discusses how to use the CLI to display GbE2 Interconnect Switch information.
Menu overview
Command: /info
[Information Menu]
sys - System Information Menu
l2 - Layer 2 Information Menu
l3 - Layer 3 Information Menu
rmon - Show RMON information
link - Show link status
port - Show port information
geaport - Show system port and gea port mapping
ufd - Show Uplink Failure Detection information
dump - Dump all information
The following table describes the Information Menu options.
Table 6 Information Menu options
Command Usage
sys Displays system information.
l2 Displays the Layer 2 Information Menu.
l3 Displays the Layer 3 Information Menu.
rmon Displays the Remote Monitoring Information Menu.
link Displays configuration information about each port, including:
• Port number
• Port speed (10 Mb/s, 100 Mb/s, 1000 Mb/s, or any)
• Duplex mode (half, full, or any)
• Flow control for transmit and receive (no, yes, or any)
• Link status (up or down)
port Displays port status information, including:
• Port number
• Whether the port uses VLAN tagging or not
• Port VLAN ID (PVID)
• Port name
• VLAN membership
geaport Displays GEA port mapping information, used by service personnel.
ufd Displays Uplink Failure Detection information
dump Dumps all GbE2 Interconnect Switch information available from the Information Menu (10K or more,
depending on your configuration).
If you want to capture dump data to a file, set your communication software on your workstation to capture
session data prior to issuing the dump commands.
Information Menu 22
Page 23
System Information Menu
Command: /info/sys
[System Menu]
snmpv3 - SNMPv3 Information Menu
general - Show general system information
log - Show last 30 syslog messages
user - Show current user status
dump - Dump all system information
The following table describes the System Information Menu options.
Table 7 System Information Menu options
Command Usage
snmpv3 Displays the SNMP v3 Menu.
general Displays system information, including:
• System date and time
• Switch model name and number
• Switch name and location
• Time of last boot
• MAC address of the switch management processor
• IP address of IP interface #1
• Hardware version and part number
• Software image file and version number
• Configuration name
• Log-in banner, if one is configured
log Displays 100 most recent syslog messages.
user Displays the User Access Information Menu.
dump Dumps all switch information available from the Information Menu (10K or more, depending
on your configuration).
SNMPv3 Information Menu
Command: /info/sys/snmpv3
[SNMPv3 Information Menu]
usm - Show usmUser table information
view - Show vacmViewTreeFamily table information
access - Show vacmAccess table information
group - Show vacmSecurityToGroup table information
comm - Show community table information
taddr - Show targetAddr table information
tparam - Show targetParams table information
notify - Show notify table information
dump - Show all SNMPv3 information
SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 Framework by
supporting the following:
• a new SNMP message format
• security for messages
• access control
• remote configuration of SNMP parameters
For more details on the SNMPv3 architecture, see RFC2271 to RFC2275.
Information Menu 23
Page 24
The following table describes the SNMPv3 Information Menu options.
Table 8 SNMPv3 Information Menu options
Command Usage
usm Displays User Security Model (USM) table information.
view Displays information about view name, subtrees, mask and type of view.
access Displays View-based Access Control information.
group Displays information about the group that includes the security model, user name, and group name.
comm Displays information about the community table.
taddr Displays the Target Address table.
tparam Displays the Target parameters table.
notify Displays the Notify table.
dump Displays all the SNMPv3 information.
SNMPv3 USM User Table information
Command: /info/sys/snmpv3/usm
usmUser Table:
User Name Protocol
-------------------------------- -------------------------------adminmd5 HMAC_MD5, DES PRIVACY
adminsha HMAC_SHA, DES PRIVACY
v1v2only NO AUTH, NO PRIVACY
The User-based Security Model (USM) in SNMPv3 provides security services such as authentication and privacy of
messages. This security model makes use of a defined set of user identities displayed in the USM user table. The USM
user table contains information like:
• the user name
• a security name in the form of a string whose format is independent of the Security Model
• an authentication protocol, which is an indication that the messages sent on behalf of the user can be
authenticated
• the privacy protocol.
The following table describes the SNMPv3 User Table information.
Table 9 User Table parameters
Field Description
User Name This is a string that represents the name of the user that you can use to access the switch.
Protocol This indicates whether messages sent on behalf of this user are protected from disclosure using a
privacy protocol. GbE2 software supports DES algorithm for privacy. The software also supports
two authentication algorithms: MD5 and HMAC-SHA.
Information Menu 24
Page 25
SNMPv3 View Table information
Command: /info/sys/snmpv3/view
View Name Subtree Mask Type
------------------ ---------------------------- ------------- --------
iso 1 included
v1v2only 1 included
v1v2only 1.3.6.1.6.3.15 excluded
v1v2only 1.3.6.1.6.3.16 excluded
v1v2only 1.3.6.1.6.3.18 excluded
The user can control and restrict the access allowed to a group to only a subset of the management information in the
management domain that the group can access within each context by specifying the group’s rights in terms of a
particular MIB view for security reasons.
The following table describes the SNMPv3 View Table information.
Table 10 View Table parameters
Field Description
View Name Displays the name of the view.
Subtree Displays the MIB subtree as an OID string. A view subtree is the set of all MIB object instances which
have a common Object Identifier prefix to their names.
Mask Displays the bit mask.
Type Displays whether a family of view subtrees is included or excluded from the MIB view.
SNMPv3 Access Table information
Command: /info/sys/snmpv3/access
Group Name Prefix Model Level Match ReadV WriteV NotifyV
---------- ------ ------- ------------ ------ --------- -------- ------v1v2grp snmpv1 noAuthNoPriv exact iso iso v1v2only
admingrp usm authPriv exact iso iso iso
The access control sub system provides authorization services.
The vacmAccessTable maps a group name, security information, a context, and a message type, which could be the
read or write type of operation or notification into a MIB view.
The View-based Access Control Model defines a set of services that an application can use for checking access rights
of a group. This group’s access rights are determined by a read-view, a write-view, and a notify-view. The read-view
represents the set of object instances authorized for the group while reading the objects. The write-view represents the
set of object instances authorized for the group when writing objects. The notify-view represents the set of object
instances authorized for the group when sending a notification.
The following table describes the SNMPv3 Access Table information.
Table 11 Access Table parameters
Field Description
Group Name Displays the name of group.
Prefix Displays the prefix that is configured to match the values.
Model Displays the security model used, for example, SNMPv1, or SNMPv2 or USM.
Level Displays the minimum level of security required to gain rights of access. For example, noAuthNoPriv,
authNoPriv, or auth-Priv.
Match Displays the match for the contextName. The options are: exact and prefix.
Information Menu 25
Page 26
Table 11 Access Table parameters
Field Description
ReadV Displays the MIB view to which this entry authorizes the read access.
WriteV Displays the MIB view to which this entry authorizes the write access.
NotifyV Displays the Notify view to which this entry authorizes the notify access.
SNMPv3 Group Table information
Command: /info/sys/snmpv3/group
Sec Model User Name Group Name
---------- ----------------------------- ------------------------------snmpv1 v1v2only v1v2grp
usm adminmd5 admingrp
usm adminsha admingrp
A group is a combination of security model and security name that defines the access rights assigned to all the
security names belonging to that group. The group is identified by a group name.
The following table describes the SNMPv3 Group Table information.
Table 12 Group Table parameters
Field Description
Sec Model Displays the security model used, which is any one of: USM, SNMPv1, SNMPv2, and SNMPv3.
User Name Displays the name for the group.
Group Name Displays the access name of the group.
SNMPv3 Community Table information
Command: /info/sys/snmpv3/comm
Index Name User Name Tag
---------- ---------- -------------------- ---------trap1 public v1v2only v1v2trap
This command displays the community table information stored in the SNMP engine.
The following table describes the SNMPv3 Community Table information.
Table 13 Community Table Information parameters
Field Description
Index Displays the unique index value of a row in this table.
Name Displays the community string, which represents the configuration.
User Name Displays the User Security Model (USM) user name.
Tag Displays the community tag. This tag specifies a set of transport endpoints from which a
command responder application accepts management requests and to which a command
responder application sends an SNMP trap.
Information Menu 26
Page 27
SNMPv3 Target Address Table information
Command: /info/sys/snmpv3/taddr
Name Transport Addr Port Taglist Params
---------- --------------- ---- ---------- --------------trap1 47.81.25.66 162 v1v2trap v1v2param
This command displays the SNMPv3 target address table information, which is stored in the SNMP engine.
The following table describes the SNMPv3 Target Address Table information.
Table 14 Target Address Table Information parameters
Field Description
Name Displays the locally arbitrary, but unique identifier associated with this
Transport Addr Displays the transport addresses.
Port Displays the SNMP UDP port number.
Taglist This column contains a list of tag values which are used to select target addresses for a
Params The value of this object identifies an entry in the snmpTargetParamsTable. The identified
snmpTargetAddrEntry.
particular SNMP message.
entry contains SNMP parameters to be used when generating messages to be sent to this
transport address.
SNMPv3 Target Parameters Table information
Command: /info/sys/snmpv3/tparam
Name MP Model User Name Sec Model Sec Level
------------------- -------- -------------------- --------- ----------v1v2param snmpv2c v1v2only snmpv1 noAuthNoPriv
The following table describes the SNMPv3 Target Parameters Table information.
Table 15 Target Parameters Table
Field Description
Name Displays the locally arbitrary, but unique identifier associated with this snmpTargeParamsEntry.
MP Model Displays the Message Processing Model used when generating SNMP messages using this
User Name Displays the securityName, which identifies the entry on whose behalf SNMP messages will be
Sec Model Displays the security model used when generating SNMP messages using this entry. The system
Sec Level Displays the level of security used when generating SNMP messages using this entry.
entry.
generated using this entry.
may choose to return an inconsistentValue error if an attempt is made to set this variable to a
value for a security model which the system does not support.
Information Menu 27
Page 28
SNMPv3 Notify Table information
Command: /info/sys/snmpv3/notify
Name Tag
-------------------- -------------------v1v2trap v1v2trap
The following table describes the SNMPv3 Notify Table information.
Table 16 SNMPv3 Notify Table
Field Description
Name The locally arbitrary, but unique identifier associated with this snmpNotifyEntry.
Tag This represents a single tag value which is used to select entries in the snmpTargetAddrTable. Any
entry in the snmpTargetAddrTable that contains a tag value equal to the value of this entry is
selected. If this entry contains a value of zero length, no entries are selected.
Information Menu 28
Page 29
SNMPv3 dump
Command: /info/sys/snmpv3/dump
Engine ID = 80:00:07:50:03:00:0F:6A:F8:EF:00
usmUser Table:
User Name Protocol
-------------------------------- -------------------------------admin NO AUTH, NO PRIVACY
adminmd5 HMAC_MD5, DES PRIVACY
adminsha HMAC_SHA, DES PRIVACY
v1v2only NO AUTH, NO PRIVACY
vacmAccess Table:
Group Name Prefix Model Level Match ReadV WriteV NotifyV
---------- ------ ------- ---------- ------ ------- -------- -----admin usm noAuthNoPriv exact org org org
v1v2grp snmpv1 noAuthNoPriv exact org org v1v2only
admingrp usm authPriv exact org org org
vacmViewTreeFamily Table:
View Name Subtree Mask Type
-------------------- --------------- ------------ -------------org 1.3 included
v1v2only 1.3 included
v1v2only 1.3.6.1.6.3.15 excluded
v1v2only 1.3.6.1.6.3.16 excluded
v1v2only 1.3.6.1.6.3.18 excluded
vacmSecurityToGroup Table:
Sec Model User Name Group Name
---------- ------------------------------- ----------------------snmpv1 v1v2only v1v2grp
usm admin admin
usm adminsha admingrp
snmpCommunity Table:
Index Name User Name Tag
---------- ---------- -------------------- ----------
snmpNotify Table:
Name Tag
-------------------- --------------------
snmpTargetAddr Table:
Name Transport Addr Port Taglist Params
---------- --------------- ---- ---------- ---------------
snmpTargetParams Table:
Name MP Model User Name Sec Model Sec Level
-------------------- -------- ------------------ --------- -------
Information Menu 29
Page 30
System information
Command: /info/sys/gen
System Information at 17:29:18 Mon Feb 26, 2007
HP ProLiant BL p-Class C-GbE2 Interconnect Switch B
sysName: 2JUnit1
sysLocation: Houston
RackID: 3334KJP3D030
RackName: BkRm3
Enclosure: D304JTK7D013
EnclosureName: Enterprise
Slot: B
Switch is up 1 days, 2 hours, 3 minutes and 40 seconds.
Last boot: 17:25:38 Mon Feb 26, 2007 (software reset)
MAC address: 00:01:81:2e:ae:e0 IP (If 2) address: 10.30.52.193
Revision: 0A
Switch Serial No: K72550AQKP1863
Hardware Part No: 336181-001 Spare Part No: 321148-001
Interconnect Module Part Number : 283192-B21 Spare Part Number:
321147-001
OctalFC Interconnect Module not present
Software: Version 3.2.0 (FLASH image1), active configuration
System information includes:
• System date and time
• GbE2 Interconnect Switch model name and number
• GbE2 Interconnect Switch name and location
• Time of last boot
• MAC address of the GbE2 Interconnect Switch management processor
• IP address of the switch
• Hardware version and part number
• Software image file and version number
• Current configuration block (active, backup, or factory default)
• Login banner, if one is configured
Information Menu 30
Page 31
Show last 100 syslog messages
Command: /info/sys/log
Date Time Severity level Message
---- ---- ----------------- ------Jul 8 17:25:41 NOTICE system: link up on port 1
Jul 8 17:25:41 NOTICE system: link up on port 8
Jul 8 17:25:41 NOTICE system: link up on port 7
Jul 8 17:25:41 NOTICE system: link up on port 12
Jul 8 17:25:41 NOTICE system: link up on port 11
Jul 8 17:25:41 NOTICE system: link up on port 14
Jul 8 17:25:41 NOTICE system: link up on port 13
Jul 8 17:25:41 NOTICE system: link up on port 16
Jul 8 17:25:41 NOTICE system: link up on port 15
Jul 8 17:25:41 NOTICE system: link up on port 17
Jul 8 17:25:41 NOTICE system: link up on port 20
Jul 8 17:25:41 NOTICE system: link up on port 22
Jul 8 17:25:41 NOTICE system: link up on port 23
Jul 8 17:25:41 NOTICE system: link up on port 21
Jul 8 17:25:42 NOTICE system: link up on port 4
Jul 8 17:25:42 NOTICE system: link up on port 3
Jul 8 17:25:42 NOTICE system: link up on port 6
Jul 8 17:25:42 NOTICE system: link up on port 5
Jul 8 17:25:42 NOTICE system: link up on port 10
Jul 8 17:25:42 NOTICE system: link up on port 9
Each message contains a date and time field and has a severity level associated with it. One of eight different
prefixes is used to indicate the condition:
• EMERG—indicates the system is unusable
• ALERT—indicates action should be taken immediately
• CRIT—indicates critical conditions
• ERR—indicates error conditions or eroded operations
• WARNING—indicates warning conditions
• NOTICE—indicates a normal but significant condition
• INFO—indicates an information message
• DEBUG—indicates a debug-level message
System user information
Command: /info/sys/user
Usernames:
user - enabled
oper - disabled
admin - Always Enabled
Current User ID table:
1: name tech1 , ena, cos user , password valid, online
2: name tech2 , ena, cos user , password valid, offline
The following table describes the User Name information.
Table 17 User Name Information menu
Field Usage
user Displays the status of the user access level.
oper Displays the status of the oper (operator) access level.
admin Displays the status of the admin (administrator) access level.
Current User ID Table Displays the status of configured user IDs. To configure new user IDs, use the
/cfg/sys/access/user/uid command.
Information Menu 31
Page 32
Layer 2 information
Command: /info/l2
[Layer 2 Menu]
fdb - Forwarding Database Information Menu
lacp - Link Aggregation Control Protocol Menu
hotlink - Show Hot Links information
8021p - Show QOS 802.1p information
acl - Show ACL information
8021x - Show 802.1x information
stp - Show STP information
cist - Show CIST information
trunk - Show Trunk Group information
vlan - Show VLAN information
gen - Show general information
dump - Dump all layer 2 information
The following table describes the Layer 2 Information menu options.
Table 18 Layer 2 Information menu options
Command Usage
fdb Displays the Forwarding Database Information Menu.
lacp Displays the Link Aggregation Control Protocol Information Menu.
hotlink Displays Hot Links information.
8021p Displays the 802.1p Information Menu.
acl Displays Access Control List information.
8021x Displays the 802.1x Information Menu.
stp In addition to seeing if STP is enabled or disabled, you can view the following STP bridge
information:
• Priority
• Hello interval
• Maximum age value
• Forwarding delay
• Aging time
You can also refer to the following port-specific STP information:
• Port number and priority
• Cost
• State
cist Displays Common internal Spanning Tree (CIST) bridge information, including the following:
• Priority
• Hello interval
• Maximum age value
• Forwarding delay
You can also view port-specific CIST information, including the following:
• Port number and priority
• Cost
• State
trunk When trunk groups are configured, you can view the state of each port in the various trunk groups.
vlan Displays VLAN configuration information, including:
• VLAN Number
• VLAN Name
• Status
• Port membership of the VLAN
gen Displays general Layer 2 configuration information.
Information Menu 32
Page 33
Table 18 Layer 2 Information menu options
Command Usage
dump Dumps all switch information available from the Layer 2 menu (10K or more, depending on your
configuration).
If you want to capture dump data to a file, set your communication software on your workstation to
capture session data prior to issuing the dump commands.
FDB information menu
Command: /info/l2/fdb
[Forwarding Database Menu]
find - Show a single FDB entry by MAC address
port - Show FDB entries on a single port
vlan - Show FDB entries on a single VLAN
state - Show FDB entries by state
dump - Show all FDB entries
The forwarding database (FDB) contains information that maps the media access control (MAC) address of each
known device to the GbE2 Interconnect Switch port where the device address was learned. The FDB also shows
which other ports have seen frames destined for a particular MAC address.
NOTE: The master forwarding database supports up to 16K MAC address entries on the management
processor (MP) per GbE2 Interconnect Switch.
Table 19 FDB information menu /info/l2/fdb
Command Usage
find <MAC address> [<VLAN>] Displays a single database entry by its MAC address. You are prompted
port <port number> Displays all FDB entries for a particular port.
vlan <1-4095> Displays all FDB entries on a single VLAN.
state unknown|ignore|
forward|flood|trunk|ifmac
dump Displays all entries in the Forwarding Database.
Show all FDB information
Command: /info/l2/fdb/dump
MAC address VLAN Port State
----------------- ---- ---- -----
00:02:01:00:00:00 300 23 FWD
00:02:01:00:00:01 300 23 FWD
00:02:01:00:00:02 300 23 FWD
00:02:01:00:00:03 300 23 FWD
00:02:01:00:00:04 300 23 FWD
00:02:01:00:00:05 300 23 FWD
00:02:01:00:00:06 300 23 FWD
00:02:01:00:00:07 300 23 FWD
00:02:01:00:00:08 300 23 FWD
00:02:01:00:00:09 300 23 FWD
00:02:01:00:00:0a 300 23 FWD
00:02:01:00:00:0b 300 23 FWD
00:02:01:00:00:0c 300 23 FWD
An address that is in the forwarding (FWD) state indicates that the GbE2 Interconnect Switch has learned it. When in
the trunking (TRK) state, the port field represents the trunk group number. If the state for the port is listed as unknown
to enter the MAC address of the device.
Enter the MAC address using the format: xx:xx:xx:xx:xx:xx. (For
example: 08:00:20:12:34:56)
You can also enter the MAC address using the format: xxxxxxxxxxxx.
(For example: 080020123456)
Displays all FDB entries that match a particular state.
Information Menu 33
Page 34
(UNK), the MAC address has not yet been learned by the GbE2 Interconnect Switch, but has only been seen as a
destination address. When an address is in the unknown state, no outbound port is indicated.
Clearing entries from the forwarding database
To delete a MAC address from the forwarding database (FDB), see the “Static FDB configuration” section in the
“Configuration Menu” chapter. To clear the entire forwarding database (FDB), see the “Forwarding Database
options” section in the “Maintenance Menu” chapter.
Link Aggregation Control Protocol information
Command: /info/l2/lacp
[LACP Menu]
aggr - Show LACP aggregator information for the port
port - Show LACP port information
dump - Show all LACP ports information
The following table describes the Link Aggregation Control Protocol Menu options.
Table 20 LACP information
Command Usage
aggr Displays LACP aggregator information for the port.
port Displays LACP information for the port.
dump Displays all LACP information parameters.
LACP dump
Command: /info/l2/lacp/dump
>> LACP# dump
port lacp adminkey operkey selected prio attached trunk
aggr
--------------------------------------------------------------------- 1 off 1 1 n 32768 -- - 2 off 2 2 n 32768 -- - 3 off 3 3 n 32768 -- - 4 off 4 4 n 32768 -- - 5 off 5 5 n 32768 -- - 6 off 6 6 n 32768 -- - 7 off 7 7 n 32768 -- - 8 off 8 8 n 32768 -- --
LACP dump includes the following information for each port in the GbE2 Interconnect Switch:
• lacp—Displays the port’s LACP mode (active, passive, or off).
• adminkey—Displays the value of the port’s adminkey.
• operkey—Shows the value of the port’s operational key.
• selected—Indicates whether the port has been selected to be part of a Link Aggregation Group.
• prio—Shows the value of the port priority.
• attached aggr—Displays the aggregator associated with each port.
• trunk—This value represents the LACP trunk group number.
…
Information Menu 34
Page 35
Hot Links Trigger information
Command: /info/l2/hotlink/trigger
Hot Links Info: Trigger
Current global Hot Links setting: ON
sndfdb disabled
Current Trigger 1 setting: enabled
Name “Corporate Uplinks”, preempt disabled, fdelay 1 sec
Active state: None
Master settings:
port 20
Backup settings:
Hot Links Trigger information includes the following information:
• Operational status (on or off)
• FDB Update status (enabled or disabled)
• Trigger configuration
• Trigger state
port 21
802.1p information
Command: /info/l2/8021p
Current priority to COS queue information:
Priority COSq Weight
-------- ---- ----- 0 0 1
1 1 2
2 2 3
3 3 4
4 4 5
5 5 7
6 6 15
7 7 0
Current port priority information:
Port Priority COSq Weight
----- -------- ---- ----- 1 0 0 1
2 0 0 1
3 0 0 1
4 0 0 1
…
23 0 0 1
24 0 0 1
The following table describes the IEEE 802.1p priority to COS queue information.
Table 21 802.1p Priority to COS Queue information
Field Description
Priority Displays the 802.1p Priority level.
Cosq Displays the Class of Service queue.
Weight Displays the scheduling weight of the COS queue.
The following table describes the IEEE 802.1p port priority information.
Table 22 802.1p Port Priority information
Field Description
Information Menu 35
Page 36
Table 22 802.1p Port Priority information
Field Description
Port Displays the port number.
Priority Displays the 802.1p Priority level.
Cosq Displays the Class of Service queue.
Weight Displays the scheduling weight.
ACL information
Command: /info/l2/acl
Current ACL information:
----------------------- Filter 1 profile:
Ethernet
- VID : 1/0xfff
Actions : Set COS to 0
Filter 2 profile:
Ethernet
- VID : 1/0xfff
Actions : Permit
ACL block 1:
- ACL 1
- ACL 2
ACL information provides configuration parameters for each Access Control List. It also shows which ACLs are
included in each ACL Block, and which ACLs and ACL Blocks are included in each ACL Group.
No ACL groups configured.
Information Menu 36
Page 37
802.1x information
Command: /info/l2/8021x
System capability : Authenticator
System status : disabled
Protocol version : 1
Authenticator Backend
Port Auth Mode Auth Status PAE State Auth State
---- ------------ ------------ -------------- --------- 1 force-auth unauthorized initialize initialize
2 force-auth unauthorized initialize initialize
3 force-auth unauthorized initialize initialize
4 force-auth unauthorized initialize initialize
5 force-auth unauthorized initialize initialize
6 force-auth unauthorized initialize initialize
7 force-auth unauthorized initialize initialize
8 force-auth unauthorized initialize initialize
9 force-auth unauthorized initialize initialize
10 force-auth unauthorized initialize initialize
11 force-auth unauthorized initialize initialize
12 force-auth unauthorized initialize initialize
13 force-auth unauthorized initialize initialize
14 force-auth unauthorized initialize initialize
15 force-auth unauthorized initialize initialize
16 force-auth unauthorized initialize initialize
*17 force-auth unauthorized initialize initialize
*18 force-auth unauthorized initialize initialize
19 force-auth unauthorized initialize initialize
20 force-auth unauthorized initialize initialize
*21 force-auth unauthorized initialize initialize
22 force-auth unauthorized initialize initialize
*23 force-auth unauthorized initialize initialize
*24 force-auth unauthorized initialize initialize
-----------------------------------------------------------------* - Port down or disabled
The following table describes the IEEE 802.1x parameters.
Table 23 802.1x information
Field Description
Port Displays each port’s name.
Auth Mode Displays the Access Control authorization mode for the port. The Authorization
mode can be one of the following:
• force-unauth
• auto
• force-auth
Auth Status Displays the current authorization status of the port, either authorized or
unauthorized.
Authenticator PAE State Displays the Authenticator Port Access Entity State. The PAE state can be one of
the following:
• initialize
• disconnected
• connecting
• authenticating
• authenticated
• aborting
• held
• forceAuth
Backend Auth State Displays the Backend Authorization State. The Backend Authorization state can
be one of the following:
• request
• response
• success
• fail
• timeout
• idle
Information Menu 37
Page 38
The following table describes the IEEE 802.1p port priority information.
Table 24 802.1p Port Priority information
Command Usage
Port Displays the port number.
Priority Displays the 802.1p Priority level.
Cosq Displays the Class of Service queue.
Weight Displays the scheduling weight.
Spanning Tree information
Command: /info/l2/stp
Spanning Tree Group 1: On (STP/PVST)
VLANs: 1
Current Root: Path-Cost Port Hello MaxAge FwdDel Aging
8000 00:02:a5:d1:0f:ed 8 20 2 20 15 180
Parameters: Priority Hello MaxAge FwdDel Aging
32768 2 20 15 180
Port Priority Cost FastFwd State Designated Bridge Des Port
---- -------- ---- -------- ---------- --------------------- ------ 1 0 0 n FORWARDING *
2 0 0 n FORWARDING *
3 0 0 n FORWARDING *
The GbE2 Interconnect Switch software uses the IEEE 802.1d Spanning Tree Protocol (STP). If RSTP/MSTP is turned
on, see the “Rapid Spanning Tree information” section for Spanning Tree Group information. In addition to seeing if
STP is enabled or disabled, you can view the following STP bridge information:
• Current root MAC address
• Path-Cost
• Port
• Hello interval
• Maximum age value
• Forwarding delay
• Aging time
You can also refer to the following port-specific STP information:
• Port number and priority
• Cost
• State
• Port Fast Forwarding state
• Designated bridge
• Designated port
Information Menu 38
Page 39
The following table describes the STP parameters.
Table 25 STP parameters
Parameter Description
Current Root Shows information about the root bridge for the Spanning Tree. Information includes the
priority (hex) and MAC address of the root.
Path-Cost Path-cost is the total path cost to the root bridge. It is the summation of the path cost
between bridges (up to the root bridge).
Port The current root port refers to the port on the GbE2 Interconnect Switch that receives data
from the current root. Zero (0) indicates the root bridge of the STP.
Priority (bridge) The bridge priority parameter controls which bridge on the network will become the STP
root bridge.
Hello
MaxAge
FwdDel
Aging
Priority (port)
Cost
State
The hello time parameter specifies, in seconds, how often the root bridge transmits a
configuration bridge protocol data unit (BPDU). Any bridge that is not the root bridge
uses the root bridge hello value.
The maximum age parameter specifies, in seconds, the maximum time the bridge waits
without receiving a configuration bridge protocol data unit before it reconfigures the STP
network.
The forward delay parameter specifies, in seconds, the amount of time that a bridge port
has to wait before it changes from learning state to forwarding state.
The aging time parameter specifies, in seconds, the amount of time the bridge waits
without receiving a packet from a station before removing the station from the Forwarding
Database.
The port priority parameter helps determine which bridge port becomes the designated
port. In a network topology that has multiple bridge ports connected to a single segment,
the port with the lowest port priority becomes the designated port for the segment.
The port path cost parameter is used to help determine the designated port for a segment.
Generally speaking, the faster the port, the lower the path cost.
The State field shows the current state of the port. The State field can be one of the
following: BLOCKING, LISTENING, LEARNING, FORWARDING, or DISABLED.
Designated bridge Shows information about the bridge connected to each port, if applicable. Information
includes the priority (hex) and MAC address of the Designated Bridge.
Designated port The port ID of the port on the Designated Bridge to which this port is connected.
Information Menu 39
Page 40
Rapid Spanning Tree and Multiple Spanning Tree information
Command: /info/l2/stp
Spanning Tree Group 1: On (RSTP)
VLANs: 1
Current Root: Path-Cost Port Hello MaxAge FwdDel Aging
8000 00:00:01:00:19:00 0 0 9 20 15 300
Parameters: Priority Hello MaxAge FwdDel Aging
32768 9 20 15 300
Port Prio Cost State Role Designated Bridge Des Port Type
---- ---- ---- ------ ---- --------------------- -------- --- 1 0 0 DSB
2 0 0 DSB
3 0 0 DSB
4 0 0 DSB
5 0 0 DSB
6 0 0 DSB
7 0 0 DSB
8 0 0 DSB
9 0 0 DSB
10 0 0 DISC
11 0 0 FWD DESG 8000-00:00:01:00:19:00 8017 P2P2,Edge
12 0 0 FWD DESG 8000-00:00:01:00:19:00 8018 P2P
The switch software can be set to use the IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) or the IEEE 802.1s
Multiple Spanning Tree Protocol (MSTP). If RSTP/MSTP is turned on, you can view the following RSTP bridge
information for the Spanning Tree Group:
• Current root MAC address
• Path-Cost
• Port
• Hello interval
• Maximum age value
• Forwarding delay
• Aging time
You can also refer to the following port-specific RSTP information:
• Port number and priority
• Cost
• State
• Role
• Designated bridge and port
• Link type
The following table describes the STP parameters in RSTP or MSTP mode.
Table 26 Rapid Spanning Tree parameter descriptions
Parameter Description
Current Root Shows information about the root bridge for the Spanning Tree. Information includes the
priority (hex) and MAC address of the root.
Path-Cost Path-cost is the total path cost to the root bridge. It is the summation of the path cost
between bridges (up to the root bridge).
Port The current root port refers to the port on the GbE2 Interconnect Switch that receives data
from the current root. Zero (0) indicates the root bridge of the STP.
Priority (bridge) The bridge priority parameter controls which bridge on the network will become the STP
root bridge.
Hello
The hello time parameter specifies, in seconds, how often the root bridge transmits a
configurationbridge protocol data unit (BPDU). Any bridge that is not the root
bridge uses the root bridge hello value.
Information Menu 40
Page 41
Table 26 Rapid Spanning Tree parameter descriptions
Parameter Description
MaxAge
FwdDel
Aging
Priority (port)
Cost
The maximum age parameter specifies, in seconds, the maximum time the bridge waits
without receiving a configuration bridge protocol data unit before it reconfigures the STP
network.
The forward delay parameter specifies, in seconds, the amount of time that a bridge port
has to wait before it changes from learning state to forwarding state.
The aging time parameter specifies, in seconds, the amount of time the bridge waits
without receiving a packet from a station before removing the station from the Forwarding
Database.
The port priority parameter helps determine which bridge port becomes the designated
port. In a network topology that has multiple bridge ports connected to a single segment,
the port with the lowest port priority becomes the designated port for the segment.
The port path cost parameter is used to help determine the designated port for a segment.
Generally speaking, the faster the port, the lower the path cost. A setting of zero (0)
indicates that the cost will be set to the appropriate default after the link speed has been
auto-negotiated.
State Shows the current state of the port. The State field in RSTP/MSTP mode can be one of the
following: Discarding (DISC), Learning (LRN), Forwarding (FWD), or
Disabled (DSB).
Role Shows the current role of this port in the Spanning Tree. The port role can be one of the
following: Designated (DESG), Root (ROOT), Alternate (ALTN), Backup (BKUP), Master
(MAST), or Unknown (UNK).
Designated bridge Shows information about the bridge connected to each port, if applicable. Information
includes the priority (hex) and MAC address of the Designated Bridge.
Designated port The port ID of the port on the Designated Bridge to which this port is connected.
Type Type of link connected to the port, and whether the port is an edge port. Link type values
are AUTO, P2P, or SHARED.
MSTP: The Type field appears in /info/cist.
Information Menu 41
Page 42
Common Internal Spanning Tree information
Command: /info/l2/cist
Mstp Digest: 0xac36177f50283cd4b83821d8ab26de62
Common Internal Spanning Tree:
VLANs: 1 3-4094
Current Root: Path-Cost Port MaxAge FwdDel
8000 00:03:42:fa:3b:80 11 1 20 15
CIST Regional Root: Path-Cost
8000 00:03:42:fa:3b:80 11
Parameters: Priority MaxAge FwdDel Hops
32768 20 15 20
Port Prio Cost State Role Designated Bridge Des Port Hello Type
---- ---- ---- ------ ---- --------------------- -------- ----- --- 1 128 2000 FWD DESG 8000-00:03:42:fa:3b:80 8001 4 P2P, Edge
2 128 2000 FWD DESG 8000-00:03:42:fa:3b:80 8002
3 128 2000 DSB
4 128 2000 DSB
5 128 2000 DSB
6 128 2000 DSB
7 128 2000 DSB
8 128 2000 DSB
9 128 2000 DSB
10 128 0 DSB
11 128 2000 FWD DESG 8000-00:03:42:fa:3b:80
12 128 2000 DSB
In addition to seeing if Common Internal Spanning Tree (CIST) is enabled or disabled, you can view the following
CIST bridge information:
• CIST root
• CIST regional root
• Priority
• Maximum age value
• Forwarding delay
• Hops
You can also refer to the following port-specific CIST information:
• Port number and priority
• Cost
• State
• Role
• Designated bridge and port
• Hello interval
• Link type and port type
Information Menu 42
Page 43
The following table describes the CIST parameters.
Table 27 Common Internal Spanning Tree parameter descriptions
Parameter Description
CIST Root Shows information about the root bridge for the Common Internal Spanning Tree
(CIST). Values on this row of information refer to the CIST root.
CIST Regional Root Shows information about the root bridge for this MSTP region. Values on this row of
information refer to the regional root.
Priority (bridge) The bridge priority parameter controls which bridge on the network will become the
STP root bridge.
MaxAge
The maximum age parameter specifies, in seconds, the maximum time the bridge
waits without receiving a configuration bridge protocol data unit before it
reconfigures the STP network.
FwdDel The forward delay parameter specifies, in seconds, the amount of time that a bridge
port has to wait before it changes from learning state to forwarding state.
Hops Shows the maximum number of bridge hops allowed before a packet is dropped.
Priority (port)
Cost
State
The port priority parameter helps determine which bridge port becomes the
designated port. In a network topology that has multiple bridge ports connected to a
single segment, the port with the lowest port priority becomes the designated port for
the segment.
The port path cost parameter is used to help determine the designated port for a
segment. Generally speaking, the faster the port, the lower the path cost. A setting of
zero (0) indicates that the cost will be set to the appropriate default after the link
speed has been auto-negotiated.
Shows the current state of the port. The state field can be one of the following:
Discarding (DISC), Learning (LRN), Forwarding (FWD), or
Disabled (DSB).
Role Shows the current role of this port in the Spanning Tree. The port role can be one of
the following: Designated (DESG), Root (ROOT), Alternate (ALTN), Backup (BKUP),
Master (MAST), or Unknown (UNK).
Designated Bridge Shows information about the bridge connected to each port, if applicable.
Information includes the priority (hex) and MAC address of the Designated Bridge.
Designated Port The port ID of the port on the Designated Bridge to which this port is connected.
Hello
The hello time parameter specifies, in seconds, how often the root bridge transmits a
configuration bridge protocol data unit (BPDU). Any bridge that is not the root bridge
uses the root bridge hello value.
Type Type of link connected to the port, and whether the port is an edge port. Link type
values are AUTO, P2P, or SHARED.
Trunk group information
Command: /info/l2/trunk
Trunk group 1, port state:
1: STG 1 forwarding
2: STG 1 forwarding
When trunk groups are configured, you can view the state of each port in the various trunk groups.
NOTE: If Spanning Tree Protocol on any port in the trunk group is set to forwarding, the remaining ports in the
trunk group will also be set to forwarding.
Information Menu 43
Page 44
VLAN information
Command: /info/l2/vlan
VLAN Name Status Ports
---- -------------------------------- ------ ---------------1 Default VLAN ena 4 5
2 pc03p ena 2
7 pc07f ena 7
11 pc04u ena 11
14 8600-14 ena 14
15 8600-15 ena 15
16 8600-16 ena 16
17 8600-17 ena 17
18 35k-1 ena 18
19 35k-2 ena 19
20 35k-3 ena 20
21 35k-4 ena 21
22 pc07z ena 22
24 redlan ena 24
300 ixiaTraffic ena 1 12 13 23
4000 bpsports ena 3-6 8-10
This information display includes all configured VLANs and all member ports that have an active link state.
VLAN information includes:
• VLAN Number
• VLAN Name
• Status
• Port membership of the VLAN
Layer 2 general information
Command: /info/l2/gen
The following table describes the Layer 2 general information.
Table 28 L2 general information
Field Description
STP uplink fast mode Displays the status of STP Uplink Fast: enabled or disabled.
STP uplink fast mode : disabled
Layer 3 information
Command: /info/l3
[Layer 3 Menu]
route - IP Routing Information Menu
arp - ARP Information Menu
ospf - OSPF Routing Information Menu
rip - RIP Routing Information Menu
ip - Show IP information
igmp - Show IGMP Snooping Multicast Group information
vrrp - Show Virtual Router Redundancy Protocol information
dump - Dump all layer 3 information
Information Menu 44
Page 45
The following table describes the Layer 3 Information Menu options.
Table 29 Layer 3 information menu options
Command Usage
route Displays the IP Routing Menu. Using the options of this menu, the system displays the following for
each configured or learned route:
• Route destination IP address, subnet mask, and gateway address
• Type of route
• Tag indicating origin of route
• Metric for RIP tagged routes, specifying the number of hops to the destination (1-15 hops, or 16
for infinite hops)
• The IP interface that the route uses
arp Displays the Address Resolution Protocol (ARP) Information Menu.
ospf Displays OSPF routing Information Menu.
rip Displays Routing Information Protocol Menu.
ip Displays IP Information. IP information, includes:
• IP interface information: Interface number, IP address, subnet mask, VLAN number, and
operational status.
• Default gateway information: Metric for selecting which configured gateway to use, gateway
number, IP address, and health status
• IP forwarding information: Enable status, lnet and lmask
• Port status
igmp Displays IGMP Information Menu.
vrrp Displays the VRRP Information Menu.
dump Dumps all switch information available from the Layer 3 Menu (10K or more, depending on your
configuration).
If you want to capture dump data to a file, set your communication software on your workstation to
capture session data prior to issuing the dump commands.
Route information
Command: /info/l3/route
[IP Routing Menu]
find - Show a single route by destination IP address
gw - Show routes to a single gateway
type - Show routes of a single type
tag - Show routes of a single tag
if - Show routes on a single interface
dump - Show all routes
Using the commands listed below, you can display all or a portion of the IP routes currently held in the switch.
Table 30 Route Information menu options
Command Usage
find <IP address> Displays a single route by IP address.
gw <IP address> Displays routes to a single gateway.
type indirect|direct|local|
broadcast|martian|multicast
tag fixed|static|addr|rip|ospf|
broadcast|martian|multicast
if <IP address> Displays routes on a single interface.
dump Displays all routes configured in the switch.
For example, 100.10.1.1
For example, 100.10.1.2
Displays routes of a single type.
Displays routes of a single tag.
Information Menu 45
Page 46
Show all IP Route information
Command: /info/l3/route/dump
Status code: * - best
Destination Mask Gateway Type Tag Metr If
--------------- --------------- --------------- --------- --------- ---- -* 11.0.0.0 255.0.0.0 11.0.0.1 direct fixed 211
* 11.0.0.1 255.255.255.255 11.0.0.1 local addr 211
* 11.255.255.255 255.255.255.255 11.255.255.255 broadcast broadcast 211
* 12.0.0.0 255.0.0.0 12.0.0.1 direct fixed 12
* 12.0.0.1 255.255.255.255 12.0.0.1 local addr 12
* 12.255.255.255 255.255.255.255 12.255.255.255 broadcast broadcast 12
* 13.0.0.0 255.0.0.0 11.0.0.2 indirect ospf 2 211
* 47.0.0.0 255.0.0.0 47.133.88.1 indirect static 24
* 47.133.88.0 255.255.255.0 47.133.88.46 direct fixed 24
* 172.30.52.223 255.255.255.255 172.30.52.223 broadcast broadcast 2
* 224.0.0.0 224.0.0.0 0.0.0.0 martian martian
* 224.0.0.5 255.255.255.255 0.0.0.0 multicast addr
The following table describes the Type parameter.
Table 31 IP Routing Type information
Field Description
indirect The next hop to the host or subnet destination will be forwarded through a router at the
direct Packets will be delivered to a destination host or subnet attached to the switch.
local Indicates a route to one of the switch’s IP interfaces.
broadcast Indicates a broadcast route.
martian The destination belongs to a host or subnet which is filtered out. Packets to this
multicast Indicates a multicast route.
The following table describes the Tag parameter.
Gateway address.
destination are discarded.
Table 32 IP Routing Tag information
Field Description
fixed The address belongs to a host or subnet attached to the switch.
static The address is a static route which has been configured on the GbE2 Switch.
addr The address belongs to one of the switch’s IP interfaces.
rip The address was learned by the Routing Information Protocol (RIP).
ospf The address was learned by Open Shortest Path First (OSPF).
broadcast Indicates a broadcast address.
martian The address belongs to a filtered group.
ARP information
Command: /info/arp
[Address Resolution Protocol Menu]
find - Show a single ARP entry by IP address
port - Show ARP entries on a single port
vlan - Show ARP entries on a single VLAN
addr - Show ARP address list
The Address Resolution Protocol (ARP) information includes IP address and MAC address of each entry, address status
flags, VLAN, and port for the address, and port referencing information.
dump - Show all ARP entries
Information Menu 46
Page 47
The following table describes the Address Resolution Protocol Menu options.
Table 33 ARP information
Command Usage
find <IP address> Displays a single ARP entry by IP address.
For example, 100.10.1.1
port <port number> Displays the ARP entries on a single port.
vlan <1-4095> Displays the ARP entries on a single VLAN.
addr Displays the ARP address list: IP address, IP mask, MAC address, and VLAN flags.
dump Displays all ARP entries, including:
• IP address and MAC address of each entry
• Address status flag
• The VLAN and port to which the address belongs
The ports which have referenced the address (empty if no port has routed traffic to the
IP address shown)
Show all ARP entry information
Command: /info/arp/dump
IP address Flags MAC address VLAN Port
--------------- ----- ----------------- ---- ----
192.168.2.4 00:50:8b:b2:32:cb 1 18
192.168.2.19 00:0e:7f:25:89:b5 1 17
192.168.2.61 P 00:0f:6a:ed:46:00 1
The Flag field provides additional information about an entry. If no flag displays, the entry is normal.
Table 34 ARP dump flag parameters
Flag Description
P Permanent entry created for GbE2 Interconnect Switch IP interface.
R Indirect route entry.
U Unresolved ARP entry. The MAC address has not been learned.
ARP address list information
Command: /info/arp/addr
IP address IP mask MAC address VLAN Flags
--------------- --------------- ----------------- ---- -----
205.178.18.66 255.255.255.255 00:70:cf:03:20:04 P
205.178.50.1 255.255.255.255 00:70:cf:03:20:06 1
205.178.18.64 255.255.255.255 00:70:cf:03:20:05 1
This screen displays all entries in the ARP cache.
Information Menu 47
Page 48
OSPF information
Command: /info/l3/ospf
[OSPF Information Menu]
general - Show general information
aindex - Show area(s) information
if - Show interface(s) information
virtual - Show details of virtual links
nbr - Show neighbor(s) information
dbase - Database Menu
sumaddr - Show summary address list
nsumadd - Show NSSA summary address list
routes - Show OSPF routes
dump - Show OSPF information
The following table describes the OSPF Menu options.
Table 35 OSPF information
Command Usage
general Displays general OSPF information.
aindex <0-2>
if <1-255> Displays interface information for a particular interface. If no parameter
virtual Displays information about all the configured virtual links.
nbr <nbr router-id (A.B.C.D)> Displays the status of a neighbor with a particular router ID. If no router
dbase Displays OSPF database menu.
sumaddr <0-2> Displays the list of summary ranges belonging to non-NSSA areas.
nsumadd <0-2> Displays the list of summary ranges belonging to NSSA areas.
routes Displays OSPF routing table.
dump Displays all OSPF information.
Displays area information for a particular area index. If no parameter is
supplied, it displays area information for all the areas.
is supplied, it displays information for all the interfaces.
ID is supplied, it displays the information about all the current neighbors.
Information Menu 48
Page 49
OSPF general information
Command: /info/l3/ospf/general
OSPF Version 2
Router ID: 10.10.10.1
Started at 1663 and the process uptime is 4626
Area Border Router: yes, AS Boundary Router: no
LS types supported are 6
External LSA count 0
External LSA checksum sum 0x0
Number of interfaces in this router is 2
Number of virtual links in this router is 1
16 new lsa received and 34 lsa originated from this router
Total number of entries in the LSDB 10
Database checksum sum 0x0
Total neighbors are 1, of which
2 are >=INIT state,
2 are >=EXCH state,
2 are =FULL state
Number of areas is 2, of which 3-transit 0-nssa
Area Id : 0.0.0.0
Authentication : none
Import ASExtern : yes
Number of times SPF ran : 8
Area Border Router count : 2
AS Boundary Router count : 0
LSA count : 5
LSA Checksum sum : 0x2237B
Summary : noSummary
OSPF interface information
Command: /info/l3/ospf/if
Ip Address 10.10.12.1, Area 0.0.0.1, Admin Status UP
Router ID 10.10.10.1, State DR, Priority 1
Designated Router (ID) 10.10.10.1, Ip Address 10.10.12.1
Backup Designated Router (ID) 10.10.14.1, Ip Address 10.10.12.2
Timer intervals, Hello 10, Dead 40, Wait 1663, Retransmit 5,
Transit delay 1
Neighbor count is 1 If Events 4, Authentication type none
OSPF Database information menu
Command: /info/l3/ospf/dbase
[OSPF Database Menu]
advrtr - LS Database info for an Advertising Router
asbrsum - ASBR Summary LS Database info
dbsumm - LS Database summary
ext - External LS Database info
nw - Network LS Database info
nssa - NSSA External LS Database info
rtr - Router LS Database info
self - Self Originated LS Database info
summ - Network-Summary LS Database info
all - All
Information Menu 49
Page 50
The following table describes the OSPF Database information menu options.
Table 36 OSPF Database information
Command Usage
advrtr <router-id (A.B.C.D)> Takes advertising router as a parameter. Displays all the Link
State Advertisements (LSAs) in the LS database that have the
advertising router with the specified router ID, for example:
20.1.1.1.
asbrsum <adv-rtr (A.B.C.D)>|
<link_state_id (A.B.C.D>|<self>
dbsumm Displays the following information about the LS database in a
ext <adv-rtr (A.B.C.D)>| <link_state_id
(A.B.C.D)>|<self>
nw <adv-rtr (A.B.C.D)>| <link_state_id
(A.B.C.D)>|<self>
nssa <adv-rtr (A.B.C.D)>| <link_state_id
(A.B.C.D)>|<self>
rtr <adv-rtr (A.B.C.D)>| <link_state_id
(A.B.C.D)>|<self>
self Displays all the self-advertised LSAs. No parameters are
summ <adv-rtr (A.B.C.D)>| <link_state_id
(A.B.C.D)>|<self>
all Displays all the LSAs.
Displays ASBR summary LSAs. The usage of this command is
as follows:
a. asbrsum adv-rtr 20.1.1.1 displays ASBR summary
LSAs having the advertising router 20.1.1.1.
b. asbrsum link_state_id 10.1.1.1 displays ASBR
summary LSAs having the link state ID 10.1.1.1.
c. asbrsum self displays the self advertised ASBR
summary LSAs.
d. asbrsum with no parameters displays all the ASBR
summary LSAs.
table format:
a. The number of LSAs of each type in each area.
b. The total number of LSAs for each area.
c. The total number of LSAs for each LSA type for all
areas combined.
d. The total number of LSAs for all LSA types for all
areas combined.
No parameters are required.
Displays the AS-external (type 5) LSAs with detailed
information of each field of the LSAs. The usage of this
command is the same as the usage of the command
asbrsum.
Displays the network (type 2) LSAs with detailed information
of each field of the LSA.network LS database. The usage of
this command is the same as the usage of the command
asbrsum.
Displays the NSSA (type 7) LSAs with detailed information of
each field of the LSAs. The usage of this command is the same
as the usage of the command asbrsum.
Displays the router (type 1) LSAs with detailed information of
each field of the LSAs. The usage of this command is the same
as the usage of the command asbrsum.
required.
Displays the network summary (type 3) LSAs with detailed
information of each field of the LSAs.
The usage of this command is the same as the usage of the
command asbrsum.
Information Menu 50
Page 51
OSPF route codes information
Command: /info/l3/ospf/routes
Codes: IA - OSPF inter area,
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
IA 10.10.0.0/16 via 200.1.1.2
IA 40.1.1.0/28 via 20.1.1.2
IA 80.1.1.0/24 via 200.1.1.2
IA 100.1.1.0/24 via 20.1.1.2
IA 140.1.1.0/27 via 20.1.1.2
IA 150.1.1.0/28 via 200.1.1.2
E2 172.18.1.1/32 via 30.1.1.2
E2 172.18.1.2/32 via 30.1.1.2
E2 172.18.1.3/32 via 30.1.1.2
E2 172.18.1.4/32 via 30.1.1.2
E2 172.18.1.5/32 via 30.1.1.2
E2 172.18.1.6/32 via 30.1.1.2
E2 172.18.1.7/32 via 30.1.1.2
E2 172.18.1.8/32 via 30.1.1.2
Routing Information Protocol menu
Command: /info/l3/rip
[RIP Information Menu]
routes - Show RIP routes
dump - Show RIP user's configuration
The following table describes the Routing Information Protocol information menu options.
Table 37 RIP information
Command Usage
routes Displays information about RIP routes.
dump <0-255> Displays RIP user’s configuration. Enter 0 (zero) for all interfaces.
RIP Routes information
Command: /info/l3/rip/routes
>> IP Routing# /info/l3/rip/routes
3.0.0.0/8 via 30.1.1.11 metric 4
4.0.0.0/16 via 30.1.1.11 metric 16
10.0.0.0/8 via 30.1.1.2 metric 3
20.0.0.0/8 via 30.1.1.2 metric 2
This table contains all dynamic routes learned through RIP, including the routes that are undergoing garbage
collection with metric = 16. This table does not contain directly connected routes and locally configured static routes.
Information Menu 51
Page 52
RIP user configuration
Command: /info/l3/rip/dump <1-255>
RIP USER CONFIGURATION :
RIP on updat 30
RIP Interface 2 : 102.1.1.1, enabled
version 2, listen enabled, supply enabled, default none
poison disabled, trigg enabled, mcast enabled, metric 1
auth none,key none
RIP Interface 3 : 103.1.1.1, enabled
version 2, listen enabled, supply enabled, default none
poison disabled, trigg enabled, mcast enabled, metric 1
IP information
Command: /info/l3/ip
Interface information:
1: 47.80.23.243 255.255.254.0 47.80.23.255, up
Default gateway information:
1: 47.80.22.1, up
2: 47.80.225.2, up
Current BOOTP relay settings: OFF
0.0.0.0, 0.0.0.0
Current IP forwarding settings: OFF, dirbr disabled
Current network filter settings:
none
Current route map settings:
The following interface and default gateway information is displayed:
• Interface number
• IP address
• IP mask
• IP broadcast address
• Operational status
• BootP relay settings
• IP forwarding settings
• Network filter settings
• Route map settings
IGMP multicast group information
Command: /info/l3/igmp
[IGMP Multicast Group Menu]
mrouter - Show IGMP Snooping Multicast Router Port information
find - Show a single group by IP group address
vlan - Show groups on a single vlan
port - Show groups on a single port
trunk - Show groups on a single trunk
dump - Show all groups
Information Menu 52
Page 53
The following table describes the commands used to display information about IGMP groups learned by the switch.
Table 38 IGMP Multicast Group menu options
Command Usage
mrouter Displays the Multicast Router Menu.
find <IP address> Displays a single IGMP multicast group by its IP address. For example,
100.10.1.1
vlan <1-4095> Displays all IGMP multicast groups on a single VLAN.
port <port number> Displays all IGMP multicast groups on a single port.
trunk <1-12> Displays all IGMP multicast groups on a single trunk group.
dump Displays information for all multicast groups.
IGMP multicast router port information
Command: /info/l3/igmp/mrouter
[IGMP Multicast Router Menu]
vlan - Show all multicast router ports on a single vlan
dump - Show all learned multicast router ports
The following table describes the commands used to display information about multicast routers learned through
IGMP Snooping.
Table 39 IGMP Multicast Router menu options
Command Usage
vlan <1-4095> Displays information for all multicast groups learned on a single VLAN
dump Displays information for all multicast groups learned by the switch.
VRRP information
Virtual Router Redundancy Protocol (VRRP) support on GbE2 Interconnect Switch provides redundancy between
routers in a LAN. This is accomplished by configuring the same virtual router IP address and ID number on each
participating VRRP-capable routing device. One of the virtual routers is then elected as the master, based on a
number of priority criteria, and assumes control of the shared virtual router IP address. If the master fails, one of the
backup virtual routers will assume routing authority and take control of the virtual router IP address.
Command: /info/l3/vrrp
VRRP information:
1: vrid 2, 205.178.18.210, if 1, renter, prio 100, master, server
2: vrid 1, 205.178.18.202, if 1, renter, prio 100, backup
When virtual routers are configured, you can view the status of each virtual router using this command. VRRP
information includes:
• Virtual router number
• Virtual router ID and IP address
• Interface number
• Ownership status
• Priority value. During the election process, the virtual router with the highest priority becomes master.
3: vrid 3, 205.178.18.204, if 1, renter, prio 100, master, proxy
• owner identifies the preferred master virtual router. A virtual router is the owner when the IP address of the
virtual router and its IP interface are the same.
• renter identifies virtual routers which are not owned by this device
Information Menu 53
Page 54
• Activity status
• master identifies the elected master virtual router.
• backup identifies that the virtual router is in backup mode.
• init identifies that the virtual router is waiting for a startup event. Once it receives a startup event, it
transitions to master if its priority is 255, (the IP address owner), or transitions to backup if it is not the IP
address owner.
• Server status. The server state identifies virtual routers.
• Proxy status. The proxy state identifies virtual proxy routers, where the virtual router shares the same IP address
as a proxy IP address. The use of virtual proxy routers enables redundant switches to share the same IP address,
minimizing the number of unique IP addresses that must be configured.
RMON Information Menu
Command: /info/rmon
[RMON Information Menu]
hist - Show RMON History group information
alarm - Show RMON Alarm group information
event - Show RMON Event group information
dump - Show all RMON information
The following table describes the RMON Information parameters.
Table 40 RMON History Information Menu /info/rmon/hist
Command Usage
hist Displays RMON History Information.
alarm Displays RMON Alarm Information.
event Displays RMON Event Information.
dump Displays all RMON Information parameters.
RMON history information
Command: /info/rmon/hist
RMON History group configuration:
Index IFOID Interval Rbnum Gbnum
----- ------------------------------ -------- ----- ---- 1 1.3.6.1.2.1.2.2.1.1.24 30 5 5
2 1.3.6.1.2.1.2.2.1.1.24 30 5 5
3 1.3.6.1.2.1.2.2.1.1.18 30 5 5
4 1.3.6.1.2.1.2.2.1.1.19 30 5 5
5 1.3.6.1.2.1.2.2.1.1.24 1800 5 5
The following table describes the RMON History Information parameters.
Table 41 RMON History Information: /info/rmon/hist
Command Usage
Index Displays the index number that identifies each history instance.
IFOID Displays the MIB Object Identifier.
Interval Displays the time interval for each for each sampling bucket.
Rbnum Displays the number of requested buckets, which is the number of data slots into which data is to be
saved.
Gbnum Displays the number of granted buckets that may hold sampled data.
Information Menu 54
Page 55
RMON alarm information
Command: /info/rmon/alarm
RMON Alarm group configuration:
Index Interval Type rLimit fLimit rEvtIdx fEvtIdx last value
----- -------- ---- -------- -------- ------- ------- --------- 1 30 abs 10 0 1 0 0
2 900 abs 0 10 0 2 0
3 300 abs 10 20 0 0 0
4 1800 abs 10 0 1 0 0
5 1800 abs 10 0 1 0 0
8 1800 abs 10 0 1 0 56344540
10 1800 abs 10 0 1 0 0
11 1800 abs 10 0 1 0 0
15 1800 abs 10 0 1 0 0
18 1800 abs 10 0 1 0 0
100 1800 abs 10 0 1 0 0
Index OID
----- ----------------------------- 1 1.3.6.1.2.1.2.2.1.10.257
2 1.3.6.1.2.1.2.2.1.11.258
3 1.3.6.1.2.1.2.2.1.12.259
4 1.3.6.1.2.1.2.2.1.13.260
5 1.3.6.1.2.1.2.2.1.14.261
8 1.3.6.1.2.1.2.2.1.10.280
10 1.3.6.1.2.1.2.2.1.15.262
11 1.3.6.1.2.1.2.2.1.16.263
15 1.3.6.1.2.1.2.2.1.19.266
18 1.3.6.1.2.1.2.2.1.10.279
100 1.3.6.1.2.1.2.2.1.17.264
The following table describes the RMON Alarm Information parameters.
Table 42 RMON Alarm Information: /info/rmon/alarm
Command Usage
Index Displays the index number that identifies each alarm instance.
Interval Displays the time interval over which data is sampled and compared with the rising and falling
thresholds.
Type Displays the method of sampling the selected variable and calculating the value to be compared
against the thresholds, as follows:
abs: absolute value, the value of the selected variable is compared directly with the thresholds at
the end of the sampling interval.
delta: delta value, the value of the selected variable at the last sample is subtracted from the
current value, and the difference compared with the thresholds.
rLimit Displays the rising threshold for the sampled statistic.
fLimit Displays the falling threshold for the sampled statistic.
rEvtIdx Displays the rising alarm event index that is triggered when a rising threshold is crossed.
fEvtIdx Displays the falling alarm event index that is triggered when a falling threshold is crossed.
Last value Displays the last sampled value.
OID Displays the MIB Object Identifier for each alarm index.
Information Menu 55
Page 56
RMON event information
Command: /info/rmon/event
RMON Event group configuration:
Index Type Last Sent Description
----- ---- ---------------- -------------------------------- 1 both 0D: 0H: 1M:20S Event_1
2 none 0D: 0H: 0M: 0S Event_2
3 log 0D: 0H: 0M: 0S Event_3
4 trap 0D: 0H: 0M: 0S Event_4
5 both 0D: 0H: 0M: 0S Log and trap event for Link Down
10 both 0D: 0H: 0M: 0S Log and trap event for Link Up
11 both 0D: 0H: 0M: 0S Send log and trap for icmpInMsg
15 both 0D: 0H: 0M: 0S Send log and trap for icmpInEchos
100 both 0D: 0H: 0M: 0S Event_100
The following table describes the RMON Event Information parameters.
Table 43 RMON Event Information: /info/rmon/event
Command Usage
Index Displays the index number that identifies each event instance.
Type Displays the type of notification provided for this event, as follows: none, log, trap, both.
Last Sent Displays the time that passed since the last switch reboot, when the most recent event was triggered.
This value is cleared when the switch reboots.
Description Displays a text description of the event.
Link status information
Command: /info/link
-----------------------------------------------------------------Port Speed Duplex Flow Ctrl Link
---- ----- -------- --TX-----RX-- ----- 1 any any yes yes down
2 any any yes yes down
3 1000 full yes yes down
4 100 full yes yes down
5 any any yes yes down
6 any any yes yes down
7 any any yes yes down
8 1000 full no yes up
9 100 full yes yes down
10 100 full yes yes down
11 any any yes yes down
12 any any yes yes down
13 any any yes yes down
14 any any yes yes down
15 any any yes yes down
16 any any yes yes down
17 100 full yes yes down
18 100 full yes yes down
19 100 full yes yes down
20 100 full yes yes down
21 1000 full yes yes down
22 any any yes yes down
23 any any yes yes down
24 any any yes yes down
Information Menu 56
Page 57
Use this command to display link status information about each port on a GbE2 Interconnect Switch, including:
• Port number
• Port speed (10 Mb/s, 100 Mb/s, 1000 Mb/s, or any)
• Duplex mode (half, full, or any)
• Flow control for transmit and receive (no, yes, or any)
• Link status (up or down)
Port information
Command: /info/port
Port Tag RMON PVID NAME VLAN(s)
---- --- ---- ---- -------------- ------------------------------ 1 n d 1 Downlink1 1
2 n d 1 Downlink2 1
3 n d 1 Downlink3 1
4 n d 1 Downlink4 1
5 n d 1 Downlink5 1
6 n d 1 Downlink6 1
7 n d 1 Downlink7 1
8 n d 1 Downlink8 1
9 n d 1 Downlink9 1
10 n d 1 Downlink10 1
11 n d 1 Downlink11 1
12 n d 1 Downlink12 1
13 n d 1 Downlink13 1
14 n d 1 Downlink14 1
15 n d 1 Downlink15 1
16 n d 1 Downlink16 1
17 n d 1 Xconnect1 1
18 n d 1 Xconnect2 1
19 n d 3 Uplink1 3
20 n d 3 Uplink2 3
21 n d 1 Uplink3 1
22 n d 1 Uplink4 1
23 n d 1 FrontPanel1 1
Port information includes:
24 n d 1 FrontPanel2 1
• Port number
• Whether the port uses VLAN tagging or not (y or n)
• Whether Remote Monitoring (RMON) is enabled or disabled (e or d)
• Port VLAN ID (PVID)
• Port name
• VLAN membership
Information Menu 57
Page 58
Logical Port to GEA Port mapping
Command: /info/geaport
Logical Port GEA Port(0-based) GEA Unit
------------ ----------------- -------- 1 3 0
2 2 0
3 5 0
4 7 0
5 4 0
6 6 0
7 6 2
8 0 0
9 7 2
10 8 2
11 11 2
12 10 2
13 2 2
14 4 2
15 3 2
16 5 2
17 9 2
18 1 0
19 11 0
20 10 0
21 9 0
22 8 0
23 0 2
This display correlates the logical port number to the GEA unit on which each port resides.
24 1 2
Uplink Failure Detection information
Command: /info/ufd
Uplink Failure Detection: Enabled
LtM status: Down
Member STG STG State Link Status
--------- --- ------------ ---------- port 24 down
1 DISABLED
10 DISABLED *
16 DISABLED *
* = STP turned off for this port.
LtD status: Auto Disabled
Member Link Status
--------- ---------- port 1 disabled
port 2 disabled
port 3 disabled
port 4 disabled
Uplink Failure Detection (UFD) information includes:
• UFD status, either enabled or disabled
• LtM status and member ports
• Spanning Tree status for LtM ports
• LtD status and member ports
Information Menu 58
Page 59
Information dump
Command: /info/dump
Use the dump command to dump all GbE2 Interconnect Switch information available from the Information Menu (10K
or more, depending on your configuration). This data is useful for tuning and debugging GbE2 Interconnect Switch
performance.
If you want to capture dump data to a file, set the communication software on your workstation to capture session
data prior to issuing the dump commands.
Information Menu 59
Page 60
Statistics Menu
Introduction
You can view GbE2 Interconnect Switch performance statistics in the user, operator, and administrator command
modes. This chapter discusses how to use the CLI to display GbE2 Interconnect Switch statistics.
Menu information
Command: /stats
[Statistics Menu]
port - Port Stats Menu
l2 - Layer 2 Stats Menu
l3 - Layer 3 Stats Menu
mp - MP-specific Stats Menu
acl - ACL Stats Menu
snmp - Show SNMP stats
ntp - Show NTP stats
ufd - Show Uplink Failure Detection stats
clrmp - Clear all MP related stats
dump - Dump all stats
The following table describes the Statistics Menu options.
Table 44 Statistics Menu options
Command Usage
port <port number> Displays the Port Statistics Menu for the specified port. Use this command to display
traffic statistics on a port-by-port basis. Traffic statistics are included in SNMP
Management Information Base (MIB) objects.
l2 Displays the Layer 2 Statistics Menu.
l3 Displays the Layer 3 Statistics Menu.
mp Displays the Management Processor Statistics Menu. Use this command to view
information on how GbE2 Interconnect Switch management processes and resources
are currently being allocated.
acl Displays the Access Control List Statistics Menu.
snmp Displays SNMP statistics.
ntp <clear> Displays Network Time Protocol (NTP) Statistics.
You can execute the clear command option to delete all statistics.
ufd <clear> Displays Uplink Failure Detection statistics.
Add the argument,
clrmp Clear all MP-related statistics.
dump Dumps all GbE2 Interconnect Switch statistics. Use this command to gather data for
tuning and debugging GbE2 Interconnect Switch performance. If you want to capture
dump data to a file, set your communication software on your workstation to capture
session data prior to issuing the dump command.
clear, to clear UFD statistics.
Statistics Menu 60
Page 61
Port Statistics Menu
Command: /stats/port <port number>
[Port Statistics Menu]
8021x - Show 802.1x stats
brg - Show bridging ("dot1") stats
ether - Show Ethernet ("dot3") stats
if - Show interface ("if") stats
ip - Show Internet Protocol ("IP") stats
link - Show link stats
rmon - Show RMON stats
clear - Clear all port stats
This menu displays traffic statistics on a port-by-port basis.
The following table describes the Port Statistics Menu options:
Table 45 Port Statistics Menu options
Command Usage
8021x Displays IEEE 802.1x statistics
brg Displays bridging (“dot1”) statistics for the port.
ether Displays Ethernet (“dot3”) statistics for the port.
if Displays interface statistics for the port.
ip Displays Internet Protocol statistics for the port.
link Displays link statistics for the port.
rmon Displays Remote Monitoring (RMON) statistics for the port.
clear Clears all the statistics on the port.
Statistics Menu 61
Page 62
802.1x statistics
Command: /stats/port <port number>/8021x
Authenticator Statistics:
eapolFramesRx = 0
eapolFramesTx = 0
eapolStartFramesRx = 0
eapolLogoffFramesRx = 0
eapolRespIdFramesRx = 0
eapolRespFramesRx = 0
eapolReqIdFramesTx = 0
eapolReqFramesTx = 0
invalidEapolFramesRx = 0
eapLengthErrorFramesRx = 0
lastEapolFrameVersion = 0
lastEapolFrameSource = 00:00:00:00:00:00
Authenticator Diagnostics:
authEntersConnecting = 0
authEapLogoffsWhileConnecting = 0
authEntersAuthenticating = 0
authSuccessesWhileAuthenticating = 0
authTimeoutsWhileAuthenticating = 0
authFailWhileAuthenticating = 0
authReauthsWhileAuthenticating = 0
authEapStartsWhileAuthenticating = 0
authEapLogoffWhileAuthenticating = 0
authReauthsWhileAuthenticated = 0
authEapStartsWhileAuthenticated = 0
authEapLogoffWhileAuthenticated = 0
backendResponses = 0
backendAccessChallenges = 0
backendOtherRequestsToSupplicant = 0
backendNonNakResponsesFromSupplicant = 0
backendAuthSuccesses = 0
The following table describes the 802.1x authenticator diagnostics for a selected port:
backendAuthFails = 0
Table 46 802.1x statistics for port
Statistics Description
Authenticator Diagnostics
authEntersConnecting Total number of times that the state machine transitions to the
CONNECTING state from any other state.
authEapLogoffsWhileConnecting Total number of times that the state machine transitions from
CONNECTING to DISCONNECTED as a result of receiving an EAPOLLogoff message.
authEntersAuthenticating Total number of times that the state machine transitions from
CONNECTING to AUTHENTICATING, as a result of an EAPResponse/
Identity message being received from the Supplicant.
authSuccessesWhile
Authenticating
Total number of times that the state machine transitions from
AUTHENTICATING to AUTHENTICATED, as a result of the Backend
Authentication state machine indicating successful authentication of the
Supplicant.
authTimeoutsWhileAuthenticating Total number of times that the state machine transitions from
AUTHENTICATING to ABORTING, as a result of the Backend
Authentication state machine indicating authentication timeout.
authFailWhileAuthenticating Total number of times that the state machine transitions from
AUTHENTICATING to HELD, as a result of the Backend Authentication
state machine indicating authentication failure.
authReauthsWhileAuthenticating Total number of times that the state machine transitions from
AUTHENTICATING to ABORTING, as a result of a re-authentication
request
Statistics Menu 62
Page 63
Table 46 802.1x statistics for port
Statistics Description
authEapStartsWhileAuthenticating Total number of times that the state machine transitions from
AUTHENTICATING to ABORTING, as a result of an EAPOL-Start message
being received from the Supplicant.
authEapLogoffWhileAuthenticating Total number of times that the state machine transitions from
AUTHENTICATING to ABORTING, as a result of an EAPOL-Logoff
message being received from the Supplicant.
authReauthsWhileAuthenticated Total number of times that the state machine transitions from
AUTHENTICATED to CONNECTING, as a result of a re-authentication
request.
authEapStartsWhileAuthenticated Total number of times that the state machine transitions from
AUTHENTICATED to CONNECTING, as a result of an EAPOL-Start
message being received from the Supplicant.
authEapLogoffWhileAuthenticated Total number of times that the state machine transitions from
AUTHENTICATED to DISCONNECTED, as a result of an EAPOLLogoff
message being received from the Supplicant.
backendResponses Total number of times that the state machine sends an initial Access-
Request packet to the Authentication server. Indicates that the
Authenticator attempted communication with the Authentication Server.
backendAccessChallenges Total number of times that the state machine receives an initial Access-
Challenge packet from the Authentication server. Indicates that the
Authentication Server has communication with the Authenticator.
backendOtherRequestsToSupplicant Total number of times that the state machine sends an EAP-Request packet
(other than an Identity, Notification, Failure, or Success message) to the
Supplicant. Indicates that the Authenticator chose an EAP-method.
backendNonNakResponsesFrom
Supplicant
Total number of times that the state machine receives a response from the
Supplicant to an initial EAP-Request, and the response is something other
than EAP-NAK. Indicates that the Supplicant can respond to the
Authenticators chosen EAP-method.
backendAuthSuccesses Total number of times that the state machine receives an Accept message
from the Authentication Server. Indicates that the Supplicant has
successfully authenticated to the Authentication Server.
backendAuthFails
Total number of times tha
from the Authentication Server. Indicates that the Supplicant has not
authenticated to th
t the state machine receives a Reject message
e Authentication Server.
Bridging statistics
Command: /stats/port <port number>/brg
Bridging statistics for port 1:
dot1PortInFrames: 63242584
dot1PortOutFrames: 63277826
dot1PortInDiscards: 0
dot1TpLearnedEntryDiscards: 0
dot1StpPortForwardTransitions: 0
Statistics Menu 63
Page 64
The following table describes the bridging statistics for a selected port:
Table 47 Bridging statistics for port
Statistics Description
dot1PortInFrames The number of frames that have been received by this port from its segment.
A frame received on the interface corresponding to this port is counted by this
object, if and only if, it is for a protocol being processed by the local bridging
function, including bridge management frames.
dot1PortOutFrames The number of frames that have been transmitted by this port to its segment.
A frame transmitted on the interface corresponding to this port is counted by
this object, if and only if, it is for a protocol being processed by the local
bridging function, including bridge management frames.
dot1PortInDiscards Count of valid frames received which were discarded (that is, filtered) by the
forwarding process.
dot1TpLearnedEntryDiscards The total number of Forwarding Database entries, which have been or would
have been learned, but have been discarded due to a lack of space to store
them in the Forwarding Database.
If this counter is increasing, it indicates that the Forwarding Database is
regularly becoming full (a condition which has adverse performance effects
on the sub network).
If this counter has a significant value but is not presently increasing, it
indicates that the problem has been occurring but is not persistent.
dot1StpPortForwardTransitions The number of times this port has transitioned from the Learning state to the
Forwarding state.
Ethernet statistics
Command: /stats/port <port number>/ether
Ethernet statistics for port 1:
dot3StatsAlignmentErrors: 0
dot3StatsFCSErrors: 0
dot3StatsSingleCollisionFrames: 0
dot3StatsMultipleCollisionFrames: 0
dot3StatsLateCollisions: 0
dot3StatsExcessiveCollisions: 0
dot3StatsInternalMacTransmitErrors: NA
dot3StatsFrameTooLongs: 0
The following table describes the Ethernet statistics for a selected port:
Table 48 Ethernet statistics for port
Statistics Description
dot3StatsAlignmentErrors A count of frames received on a particular interface that are not an
dot3StatsInternalMacReceiveErrors: 0
integral number of octets in length and do not pass the Frame Check
Sequence (FCS) check.
The count represented by an instance of this object is incremented when
the
alignmentError status is returned by the MAC service to the
Logical Link Control (LLC) (or other MAC user).
Received frames for which multiple error conditions obtained are,
according to the conventions of IEEE 802.3 Layer Management,
counted exclusively according to the error status presented to the LLC.
Statistics Menu 64
Page 65
Table 48 Ethernet statistics for port
Statistics Description
dot3StatsFCSErrors A count of frames received on a particular interface that are an integral
number of octets in length but do not pass the Frame Check Sequence
(FCS) check.
The count represented by an instance of this object is incremented when
the frameCheckError status is returned by the MAC service to the
LLC (or other MAC user).
Received frames for which multiple error conditions obtained are,
according to the conventions of IEEE 802.3 Layer Management,
counted exclusively according to the error status presented to the LLC.
dot3StatsSingleCollisionFrames A count of successfully transmitted frames on a particular interface for
which transmission is inhibited by exactly one collision.
A frame that is counted by an instance of this object is also counted by
the corresponding instance of the ifOutUcastPkts, ifOutMulticastPkts, or
ifOutBroadcastPkts, and is not counted by the corresponding instance of
the dot3StatsMultipleCollisionFrame object.
dot3StatsMultipleCollisionFrames A count of successfully transmitted frames on a particular interface for
which transmission is inhibited by more than one collision.
A frame that is counted by an instance of this object is also counted by
the corresponding instance of the ifOutUcastPkts, ifOutMulticastPkts, or
ifOutBroadcastPkts, and is not counted by the corresponding instance of
the dot3StatsSingleCollisionFrames object.
dot3StatsLateCollisions The number of times that a collision is detected on a particular interface
later than 512 bit-times into the transmission of a packet.
Five hundred and twelve bit-times corresponds to 51.2 microseconds on
a 10 Mbit/s system. A (late) collision included in a count represented
by an instance of this object is also considered as a (generic) collision
for purposes of other
collision-related statistics.
dot3StatsExcessiveCollisions A count of frames for which transmission on a particular interface fails
due to excessive collisions.
dot3StatsInternalMacTransmitErrors A count of frames for which transmission on a particular interface fails
due to an internal MAC sublayer transmit error.
A frame is only counted by an instance of this object if it is not counted
by the corresponding instance of the dot3StatsLateCollisions object, the
dot3StatsExcessiveCollisions object, or the dot3StatsCarrierSenseErrors
object.
The precise meaning of the count represented by an instance of this
object is implementation specific. In particular, an instance of this object
may represent a count of transmission errors on a particular interface
that are not otherwise counted.
dot3StatsFrameTooLongs A count of frames received on a particular interface that exceeds the
maximum permitted frame size.
The count represented by an instance of this object is incremented when
the frameTooLong status is returned by the MAC service to the LLC (or
other MAC user).
Received frames for which multiple error conditions obtained are,
according to the conventions of IEEE 802.3 Layer Management,
counted exclusively according to the error status presented to the LLC.
dot3StatsInternalMacReceiveErrors A count of frames for which reception on a particular interface fails due
to an internal MAC sublayer receive error.
A frame is only counted by an instance of this object if it is not counted
by the corresponding instance of the dot3StatsFrameTooLongs object,
the dot3StatsAlignmentErrors object, or the dot3StatsFCSErrors object.
The precise meaning of the count represented by an instance of this
object is implementation specific. In particular, an instance of this object
may represent a count of received errors on a particular interface that
are not otherwise counted.
Statistics Menu 65
Page 66
Interface statistics
Command: /stats/port <port number>/if
Interface statistics for port 1:
ifHCIn Counters ifHCOut Counters
Octets: 51697080313 51721056808
UcastPkts: 65356399 65385714
BroadcastPkts: 0 6516
MulticastPkts: 0 0
Discards: 0 0
Errors: 0 21187
The following table describes the interface (IF) statistics for a selected port:
Table 49 Interface statistics for port
Statistics Description
Octets—IfHCIn The total number of octets received on the interface, including framing characters.
UcastPkts—IfHCIn The number of packets, delivered by this sublayer to a higher sublayer, which
BroadcastPkts—IfHCIn The number of packets, delivered by this sublayer to a higher sublayer, which
MulticastPkts—IfHCIn The total number of packets, delivered by this sublayer. These are the packets that
Discards—IfHCIn The number of inbound packets which were chosen to be discarded even though
Errors—IfHCIn For packet-oriented interfaces, the number of inbound packets that contained
Octets—IfHCOut The total number of octets transmitted out of the interface, including framing
UcastPkts—IfHCOut The total number of packets that higher-level protocols requested to be transmitted,
BroadcastPkts—IfHCOut The total number of packets that higher-level protocols requested to be transmitted,
MulticastPkts—IfHCOut The total number of packets that higher-level protocols requested to be transmitted,
Discards—IfHCOut The number of outbound packets that were chosen to be discarded even though
Errors—IfHCOut For packet-oriented interfaces, the number of outbound packets that could not be
were not addressed to a multicast or broadcast address at this sublayer.
were addressed to a broadcast address at this sublayer.
higher-level protocols requested to be transmitted, and which were addressed to a
multicast address at this sublayer, including those that were discarded or not sent.
For a MAC layer protocol, this includes both group and functional addresses.
no errors were detected to prevent their being delivered to a higher-layer
protocol. One possible reason for discarding such a packet could be to free up
buffer space.
errors preventing them from being delivered to a higher-layer protocol.
For character-oriented or fixed-length interfaces, the number of inbound
transmission units that contained errors preventing them from being deliverable to
a higher-layer protocol.
characters.
and which were not addressed to a multicast or broadcast address at this
sublayer, including those that were discarded or not sent.
and which were addressed to a broadcast address at this sublayer, including
those that were discarded or not sent. This object is a 64-bit version of
ifOutBroadcastPkts.
and which were addressed to a multicast address at this sublayer, including those
that were discarded or not sent.
For a MAC layer protocol, this includes both group and functional addresses. This
object is a 64-bit version of ifOutMulticastPkts.
no errors had been detected to prevent their being transmitted. One possible
reason for discarding such a packet could be to free up buffer space.
transmitted because of errors.
For character-oriented or fixed-length interfaces, the number of outbound
transmission units that could not be transmitted because of errors.
Statistics Menu 66
Page 67
Internet Protocol (IP) statistics
Command: /stats/port <port number>/ip
GEA IP statistics for port 1:
ipInReceives : 0
ipInHeaderError: 0
ipInDiscards : 0
The following table describes the Internet Protocol (IP) statistics for a selected port:
Table 50 IP statistics for port
Statistics Description
ipInReceives The total number of input datagrams received from interfaces, including those received in error.
ipInHeaderError The number of input datagrams discarded because the IP address in their IP header's destination
field was not a valid address to be received at this entity (the switch).
ipInDiscards The number of input IP datagrams for which no problems were encountered to prevent their
continued processing, but which were discarded (for example, for lack of buffer space). Note
that this counter does not include any datagrams discarded while awaiting re-assembly.
Link statistics
Command: /stats/port <port number>/link
Link statistics for port 1:
linkStateChange: 2
The following table describes the link statistics for a selected port:
Table 51 Link statistics for port
Statistic Description
linkStateChange The total number of link state changes.
Port RMON statistics
Command: /stats/port <port number>/rmon
RMON statistics for port 2:
etherStatsDropEvents: NA
etherStatsOctets: 0
etherStatsPkts: 0
etherStatsBroadcastPkts: 0
etherStatsMulticastPkts: 0
etherStatsCRCAlignErrors: 0
etherStatsUndersizePkts: 0
etherStatsOversizePkts: 0
etherStatsFragments: NA
etherStatsJabbers: 0
etherStatsCollisions: 0
etherStatsPkts64Octets: 0
etherStatsPkts65to127Octets: 0
etherStatsPkts128to255Octets: 0
etherStatsPkts256to511Octets: 0
etherStatsPkts64Octets: 0
etherStatsPkts1024to1518Octets: 0
Statistics Menu 67
Page 68
The following table describes the Remote Monitoring (RMON) statistics of the selected port:
Table 52 RMON Statistics
Statistic Description
etherStatsDropEvents The total number of packets received that were dropped because of system
resource constraints.
etherStatsOctets The total number of octets of data (including those in bad packets)
received on the network (excluding framing bits but including FCS octets).
etherStatsPkts The total number of packets (including bad packets, broadcast packets,
and multicast packets) received.
etherStatsBroadcastPkts The total number of good packets received that were directed to the
broadcast address.
etherStatsMulticastPkts The total number of good packets received that were directed to a
multicast address.
etherStatsCRCAlignErrors The total number of packets received that had a length (excluding framing
bits, but including FCS octets) of between 64 and 1518 octets, inclusive,
but had either a bad Frame Check Sequence (FCS) with an integral
number of octets (FCS Error) or a bad FCS with a non-integral number of
octets (Alignment Error).
etherStatsUndersizePkts The total number of packets received that were less than 64 octets long
(excluding framing bits but including FCS octets) and were otherwise well
formed.
etherStatsOversizePkts The total number of packets received that were longer than 1518 octets
(excluding framing bits but including FCS octets) and were otherwise well
formed.
etherStatsFragments The total number of packets received that were less than 64 octets in
length (excluding framing bits but including FCS octets) and had either a
bad Frame Check Sequence (FCS) with an integral number of octets (FCS
Error) or a bad FCS with a non-integral number of octets (Alignment Error).
etherStatsJabbers The total number of packets received that were longer than 1518 octets
(excluding framing bits, but including FCS octets), and had either a bad
Frame Check Sequence (FCS) with an integral number of octets (FCS Error)
or a bad FCS with a non-integral number of octets (Alignment Error).
Jabber is defined as the condition where any packet exceeds 20 ms. The
allowed range to detect jabber is between 20 ms and 150 ms.
etherStatsCollisions The best estimate of the total number of collisions on this Ethernet segment.
etherStatsPkts64
Octets
etherStatsPkts65to127
Octets
etherStatsPkts128to255
Octets
etherStatsPkts256to511
Octets
etherStatsPkts512to1023
Octets
etherStatsPkts1024to1518
Octets
The total number of packets (including bad packets) received that were
less than or equal to 64 octets in length (excluding framing bits but
including FCS octets).
The total number of packets (including bad packets) received that were
greater than 64 octets in length (excluding framing bits but including FCS
octets).
The total number of packets (including bad packets) received that were
greater than 127 octets in length (excluding framing bits but including FCS
octets).
The total number of packets (including bad packets) received that were
greater than 255 octets in length (excluding framing bits but including
FCSoctets).
The total number of packets (including bad packets) received that were
greater than 511 octets in length (excluding framing bits but including FCS
octets).
The total number of packets (including bad packets) received that were
greater than 1023 octets in length (excluding framing bits but including
FCS octets).
Statistics Menu 68
Page 69
Layer 2 statistics
Command: /stats/l2
[Layer 2 Statistics Menu]
fdb - Show FDB stats
lacp - Show LACP stats
hotlink - Show Hot Links stats
The following table describes the Layer 2 statistics menu options.
Table 53 Layer 2 statistics menu options
Command Usage
fdb Displays the Forwarding Database statistics menu.
lacp Displays the Link Aggregation Control Protocol statistics menu.
hotlink Displays Hot Links statistics.
FDB statistics
Command: /stats/l2/fdb
This menu option enables you to display statistics regarding the use of the forwarding database, including the number
of current entries and the maximum number of entries ever recorded.
The following table describes the Forwarding Database (FDB) statistics:
Table 54 Forwarding Database statistics
Statistic Description
current Current number of entries in the Forwarding Database.
hiwat Highest number of entries recorded at any given time in the Forwarding Database.
LACP statistics
Command: /stats/l2/lacp <port number>
Valid LACPDUs received - 0
Valid Marker PDUs received - 0
Valid Marker Rsp PDUs received - 0
Unknown version/TLV type - 0
Illegal subtype received - 0
LACPDUs transmitted - 0
Marker PDUs transmitted - 0
Marker Rsp PDUs transmitted - 0
Statistics Menu 69
Page 70
Hot Links statistics
Command: /stats/l2/hotlink
Hot Links Trigger Stats:
------------------------------------------------------------------
Trigger 1 statistics:
Trigger Name: Corporate Uplinks
Master active: 0
Backup active: 0
FDB update: 0 failed: 0
The following table describes the Hot Links statistics for each trigger:
Table 55 Hot Links trigger statistics
Statistics Description
Master active Total number of times the Master interface transitioned to the Active state.
Backup active Total number of times the Backup interface transitioned to the Active state.
FDB update Total number of FDB update requests sent.
failed Total number of FDB update requests that failed.
Layer 3 statistics
Command: /stats/l3
[Layer 3 Statistics Menu]
geal3 - GEA Layer 3 Stats Menu
ip - Show IP stats
route - Show route stats
arp - Show ARP stats
dns - Show DNS stats
icmp - Show ICMP stats
tcp - Show TCP stats
udp - Show UDP stats
igmp - Show IGMP stats
ospf - OSPF stats
vrrp - Show VRRP stats
rip - Show RIP stats
clrigmp - Clear IGMP stats
ipclear - Clear IP stats
geal3 -
dump - Dump layer 3 stats
The following table describes the Layer 3 statistics menu options.
Table 56 Layer 3 statistics menu options
Command Usage
geal3 Displays the GEA statistics menu.
ip Displays IP statistics.
route Displays route statistics.
arp <clear> Displays Address Resolution Protocol (ARP) statistics. Add the argument, clear, to
dns Displays Domain Name System (DNS) statistics.
icmp Displays ICMP statistics.
clear ARP statistics.
Statistics Menu 70
Page 71
Table 56 Layer 3 statistics menu options
Command Usage
tcp Displays Transmission Control Protocol (TCP) statistics. Add the argument, clear, to
udp Displays User Datagram Protocol (UDP) statistics. Add the argument, clear, to clear
igmp Displays IGMP statistics.
ospf Displays OSPF statistics menu.
vrrp When virtual routers are configured, you can display the following
rip Displays Routing Information Protocol (RIP) statistics
clrigmp <1-4095>|all Clears all IGMP statistics for the selected VLANs.
ipclear Clears IP statistics. Use this command with caution as it will delete all the IP statistics.
dump Displays all Layer 3 statistics.
GEA Layer 3 statistics menu
Command: /stats/l3/geal3
clear TCP statistics.
UDP statistics.
• Advertisements received (vrrpInAdvers)
• Advertisements transmitted (vrrpOutAdvers)
• Advertisements received, but ignored (vrrpBadAdvers)
[GEA Layer 3 Statistics Menu]
l3bucket - Show GEA L3 bucket for an IP address
dump - Dump GEA layer 3 stats counter
The following table describes the Layer 3 GEA statistics menu options.
Table 57 Layer 3 GEA statistics menu options
Command Usage
l3bucket Displays GEA statistics for a specific IP address.
dump Displays all GEA statistics.
GEA Layer 3 statistics
Command: /stats/l3/geal3/dump
GEA L3 statistics:
Max L3 table size : 4096
Number of L3 entries used : 9
Max LPM table size : 4097
Number of LPM entries used : 31
Max block in LPM table : 255
Number of blocks used in LPM table: 24
IP statistics
Command: /stats/l3/ip
The following table describes the IP statistics:
IP statistics:
ipInReceives: 36475 ipInHdrErrors: 0
ipInAddrErrors: 905
ipInUnknownProtos: 0 ipInDiscards: 0
ipInDelivers: 4103 ipOutRequests: 30974
ipOutDiscards: 0
ipDefaultTTL: 255
Statistics Menu 71
Page 72
Table 58 IP statistics
Statistics Description
ipInReceives The total number of input datagrams received from interfaces, including those received in
error.
ipInHdrErrors The number of input datagrams discarded due to errors in their IP headers, including bad
checksums, version number mismatch, other format errors, time-to-live exceeded, errors
discovered in processing their IP options, and so on.
ipInAddrErrors The number of input datagrams discarded because the IP address in their IP header destination
field was not a valid address to be received at this GbE2 Interconnect Switch. This count
includes invalid addresses (for example, 0.0.0.0) and addresses of unsupported classes (for
example, Class E).
For entities which are not IP gateways and therefore do not forward datagrams, this counter
includes datagrams discarded because the destination address was not a local address.
ipInUnknownProtos The number of locally addressed datagrams received successfully but discarded because of an
unknown or unsupported protocol.
ipInDiscards The number of input IP datagrams for which no problems were encountered to prevent their
continued processing, but which were discarded (for example, for lack of buffer space).
This counter does not include any datagrams discarded while awaiting re-assembly.
ipInDelivers The total number of input datagrams successfully delivered to IP user-protocols (including
ICMP).
ipOutRequests The total number of IP datagrams that local IP user-protocols (including ICMP) supplied to IP in
requests for transmission.
This counter does not include any datagrams counted in ipForwDatagrams.
ipOutDiscards The number of output IP datagrams for which no problem was encountered to prevent their
transmission to their destination, but which were discarded (for example, for lack of buffer
space).
This counter would include datagrams counted in ipForwDatagrams if any such packets met
this (discretionary) discard criterion.
ipDefaultTTL The default value inserted into the Time-To-Live (TTL) field of the IP header of datagrams
originated at this GbE2 Interconnect Switch, whenever a TTL value is not supplied by the
transport layer protocol.
Route statistics
Command: /stats/l3/route
Route statistics:
ipRoutesCur: 7 ipRoutesHighWater: 7
ipRoutesMax: 4096
The following table describes the Route statistics:
Table 59 Route statistics
Statistics Description
ipRoutesCur The total number of outstanding routes in the route table.
ipRoutesMax The maximum number of supported routes.
ipRoutesHighWater The highest number of routes ever recorded in the route table.
Statistics Menu 72
Page 73
ARP statistics
Command: /stats/l3/arp
The following table describes the Address Resolution Protocol (ARP) statistics:
Table 60 ARP statistics
Statistic Description
arpEntriesCur The total number of outstanding ARP entries in the ARP table.
arpEntriesHighWater The highest number of ARP entries ever recorded in the ARP table.
DNS statistics
Command: /stats/l3/dns
The following table describes the Domain Name System (DNS) statistics:
Table 61 DNS statistics
ARP statistics:
arpEntriesCur: 2 arpEntriesHighWater: 4
DNS statistics:
dnsInRequests: 0 dnsOutRequests: 0
dnsBadRequests: 0
Statistic Description
dnsInRequests The total number of DNS request packets that have been received.
dnsOutRequests The total number of DNS response packets that have been transmitted.
dnsBadRequests The total number of DNS request packets received that were dropped.
ICMP statistics
Command: /stats/l3/icmp
ICMP statistics:
icmpInMsgs: 245802 icmpInErrors: 1393
icmpInDestUnreachs: 41 icmpInTimeExcds: 0
icmpInParmProbs: 0 icmpInSrcQuenchs: 0
icmpInRedirects: 0 icmpInEchos: 18
icmpInEchoReps: 244350 icmpInTimestamps: 0
icmpInTimestampReps: 0 icmpInAddrMasks: 0
icmpInAddrMaskReps: 0 icmpOutMsgs: 253810
icmpOutErrors: 0 icmpOutDestUnreachs: 15
icmpOutTimeExcds: 0 icmpOutParmProbs: 0
icmpOutSrcQuenchs: 0 icmpOutRedirects: 0
icmpOutEchos: 253777 icmpOutEchoReps: 18
icmpOutTimestamps: 0 icmpOutTimestampReps: 0
icmpOutAddrMasks: 0 icmpOutAddrMaskReps: 0
The following table describes the Internet Control Messaging Protocol (ICMP) statistics:
Table 62 ICMP statistics
Statistics Description
icmpInMsgs The total number of ICMP messages which the GbE2 Interconnect Switch received.
Note that this counter includes all those counted by icmpInErrors.
icmpInErrors The number of ICMP messages which the GbE2 Interconnect Switch received but
determined as having ICMP specific errors (for example bad ICMP checksums and
bad length).
icmpInDestUnreachs The number of ICMP Destination Unreachable messages received.
icmpInTimeExcds The number of ICMP Time Exceeded messages received.
Statistics Menu 73
Page 74
Table 62 ICMP statistics
Statistics Description
icmpInParmProbs The number of ICMP Parameter Problem messages received.
icmpInSrcQuenchs The number of ICMP Source Quench (buffer almost full, stop sending data)
messages received.
icmpInRedirects The number of ICMP Redirect messages received.
icmpInEchos The number of ICMP Echo (request) messages received.
icmpInEchoReps The number of ICMP Echo Reply messages received.
icmpInTimestamps The number of ICMP Timestamp (request) messages received.
icmpInTimestampReps The number of ICMP Timestamp Reply messages received.
icmpInAddrMasks The number of ICMP Address Mask Request messages received.
icmpInAddrMaskReps The number of ICMP Address Mask Reply messages received.
icmpOutMsgs The total number of ICMP messages which this GbE2 Interconnect Switch
attempted to send. Note that this counter includes all those counted by
icmpOutErrors.
icmpOutErrors The number of ICMP messages that this GbE2 Interconnect Switch did not send
due to problems discovered within ICMP such as a lack of buffer. This value
should not include errors discovered outside the ICMP layer such as the inability of
IP to route the resultant datagram. In some implementations there may be no types
of errors that contribute to this counter's value.
icmpOutDestUnreachs The number of ICMP Destination Unreachable messages sent.
icmpOutTimeExcds The number of ICMP Time Exceeded messages sent.
icmpOutParmProbs The number of ICMP Parameter Problem messages sent.
icmpOutSrcQuenchs The number of ICMP Source Quench (buffer almost full, stop sending data)
messages sent.
icmpOutRedirects The number of ICMP Redirect messages sent.
icmpOutEchos The number of ICMP Echo (request) messages sent.
icmpOutEchoReps The number of ICMP Echo Reply messages sent.
icmpOutTimestamps The number of ICMP Timestamp (request) messages sent.
icmpOutTimestampReps The number of ICMP Timestamp Reply messages sent.
icmpOutAddrMasks The number of ICMP Address Mask Request messages sent.
icmpOutAddrMaskReps The number of ICMP Address Mask Reply messages sent.
Statistics Menu 74
Page 75
TCP statistics
Command: /stats/l3/tcp
The following table describes the Transmission Control Protocol (TCP) statistics:
Table 63 TCP statistics
Statistics Description
tcpRtoAlgorithm The algorithm used to determine the timeout value used for retransmitting
tcpRtoMin The minimum value permitted by a TCP implementation for the retransmission timeout,
tcpRtoMax The maximum value permitted by a TCP implementation for the retransmission timeout,
tcpMaxConn The limit on the total number of TCP connections the GbE2 Interconnect Switch can
tcpActiveOpens The number of times TCP connections have made a direct transition to the SYN-SENT
tcpPassiveOpens The number of times TCP connections have made a direct transition to the SYN-RCVD
tcpAttemptFails The number of times TCP connections have made a direct transition to the CLOSED state
tcpEstabResets The number of times TCP connections have made a direct transition to the CLOSED state
tcpInSegs The total number of segments received, including those received in error. This count
tcpOutSegs The total number of segments sent, including those on current connections but excluding
tcpRetransSegs The total number of segments retransmitted, that is, the number of TCP segments
tcpInErrs The total number of segments received in error (for example, bad TCP checksums).
tcpCurBuff The total number of outstanding memory allocations from heap by TCP protocol stack.
tcpCurConn The total number of outstanding TCP sessions that are currently opened.
tcpOutRsts The number of TCP segments sent containing the reset (RST) flag.
TCP statistics:
tcpRtoAlgorithm: 4 tcpRtoMin: 0
tcpRtoMax: 240000 tcpMaxConn: 512
tcpActiveOpens: 252214 tcpPassiveOpens: 7
tcpAttemptFails: 528 tcpEstabResets: 4
tcpInSegs: 756401 tcpOutSegs: 756655
tcpRetransSegs: 0 tcpInErrs: 0
tcpCurBuff: 0 tcpCurConn: 3
tcpOutRsts: 417
unacknowledged octets.
measured in milliseconds. More refined semantics for objects of this type depend upon
the algorithm used to determine the retransmission timeout. In particular, when the
timeout algorithm is rsre(3), an object of this type has the semantics of the LBOUND
quantity described in Request For Comments (RFC) 793.
measured in milliseconds. More refined semantics for objects of this type depend upon
the algorithm used to determine the retransmission timeout. In particular, when the
timeout algorithm is rsre(3), an object of this type has the semantics of the UBOUND
quantity described in RFC 793.
support. In entities where the maximum number of connections is dynamic, this object
should contain the value -1.
state from the CLOSED state.
state from the LISTEN state.
from either the SYN-SENT state or the SYN-RCVD state, plus the number of times TCP
connections have made a direct transition to the LISTEN state from the SYN-RCVD state.
from either the ESTABLISHED state or the CLOSE- WAIT state.
includes segments received on currently established connections.
those containing only retransmitted octets.
transmitted containing one or more previously transmitted octets.
Statistics Menu 75
Page 76
UDP statistics
Command: /stats/l3/udp
UDP statistics:
udpInDatagrams: 54 udpOutDatagrams: 43
udpInErrors: 0 udpNoPorts: 1578077
The following table describes the User Datagram Protocol (UDP) statistics:
Table 64 UDP statistics
Statistics Description
udpInDatagrams The total number of UDP datagrams delivered to the GbE2 Interconnect Switch.
udpOutDatagrams The total number of UDP datagrams sent from this GbE2 Interconnect Switch.
udpInErrors The number of received UDP datagrams that could not be delivered for reasons other than the
lack of an application at the destination port.
udpNoPorts The total number of received UDP datagrams for which there was no application at the
destination port.
IGMP Multicast Group statistics
Command: /stats/l3/igmp
Enter VLAN number: (1-4095) 1
-----------------------------------------------------------IGMP Snoop vlan 1 statistics:
-----------------------------------------------------------rxIgmpValidPkts: 0 rxIgmpInvalidPkts: 0
rxIgmpGenQueries: 0 rxIgmpGrpSpecificQueries: 0
rxIgmpLeaves: 0 rxIgmpReports: 0
txIgmpReports: 0 txIgmpGrpSpecificQueries: 0
txIgmpLeaves: 0
This menu option enables you to display statistics regarding the use of the IGMP Multicast Groups.
The following table describes the IGMP statistics:
Table 65 IGMP statistics
Statistic Description
rxIgmpValidPkts Total number of valid IGMP packets received
rxIgmpInvalidPkts Total number of invalid packets received
rxIgmpGenQueries Total number of General Membership Query packets received
rxIgmpGrpSpecificQueries Total number of Membership Query packets received from specific groups
rxIgmpLeaves Total number of Leave requests received
rxIgmpReports Total number of Membership Reports received
txIgmpReports Total number of Membership reports transmitted
txIgmpGrpSpecificQueries Total number of Membership Query packets transmitted to specific groups
txIgmpLeaves Total number of Leave messages transmitted
Statistics Menu 76
Page 77
OSPF statistics menu
Command: /stats/l3/ospf
[OSPF stats Menu]
general - Show global stats
aindex - Show area(s) stats
if - Show interface(s) stats
The following table describes the OSPF statistics menu options.
Table 66 OSPF statistics menu options
Command Usage
general Displays global statistics.
aindex <0-2> Displays area index statistics.
if <1-255> Displays interface statistics.
OSPF global statistics
Command: /stats/l3/ospf/general
OSPF stats
---------Rx/Tx Stats: Rx Tx
-------- -------Pkts 0 0
hello 23 518
database 4 12
ls requests 3 1
ls acks 7 7
ls updates 9 7
Nbr change stats: Intf change Stats:
hello 2 up 4
start 0 down 2
n2way 2 loop 0
adjoint ok 2 unloop 0
negotiation done 2 wait timer 2
exchange done 2 backup 0
bad requests 0 nbr change 5
bad sequence 0
loading done 2
n1way 0
rst_ad 0
down 1
Timers kickoff
hello 514
retransmit 1028
lsa lock 0
lsa ack 0
dbage 0
summary 0
ase export 0
The following table describes the OSPF global statistics:
Table 67 OSPF global statistics
Statistic Description
Rx Tx stats:
Rx Pkts The sum total of all OSPF packets received on all OSPF areas and interfaces.
Tx Pkts The sum total of all OSPF packets transmitted on all OSPF areas and interfaces.
Rx Hello The sum total of all Hello packets received on all OSPF areas and interfaces.
Tx Hello The sum total of all Hello packets transmitted on all OSPF areas and interfaces.
Rx Database The sum total of all Database Description packets received on all OSPF areas and
interfaces.
Statistics Menu 77
Page 78
Table 67 OSPF global statistics
Statistic Description
Tx Database The sum total of all Database Description packets transmitted on all OSPF areas and
interfaces.
Rx ls Requests The sum total of all Link State Request packets received on all OSPF
areas and interfaces.
Tx ls Requests The sum total of all Link State Request packets transmitted on all OSPF areas and interfaces.
Rx ls Acks The sum total of all Link State Acknowledgement packets received on all OSPF areas and
interfaces.
Tx ls Acks The sum total of all Link State Acknowledgement packets transmitted on all OSPF areas and
interfaces.
Rx ls Updates The sum total of all Link State Update packets received on all OSPF areas and interfaces.
Tx ls Updates The sum total of all Link State Update packets transmitted on all OSPF areas and interfaces.
Nbr change stats:
hello The sum total of all Hello packets received from neighbors on all OSPF areas and interfaces.
Start The sum total number of neighbors in this state (that is, an indication that Hello packets
should now be sent to the neighbor at intervals of HelloInterval seconds) across all
OSPF areas and interfaces.
n2way The sum total number of bidirectional communication establishment between this router and
other neighboring routers.
adjoint ok The sum total number of decisions to be made (again) as to whether an adjacency should
be established/maintained with the neighbor across all OSPF areas and interfaces.
negotiation done The sum total number of neighbors in this state wherein the Master/slave relationship has
been negotiated, and sequence numbers have been exchanged, across all OSPF areas and
interfaces.
exchange done The sum total number of neighbors in this state (that is, in an adjacency's final state) having
transmitted a full sequence of Database Description packets, across all OSPF areas and
interfaces.
bad requests The sum total number of Link State Requests which have been received for a link state
advertisement not contained in the database across all interfaces and OSPF areas.
bad sequence The sum total number of Database Description packets which have been received that
either:
• Has an unexpected DD sequence number
• Unexpectedly has the init bit set
• Has an options field differing from the last Options field received in a Database
Description packet.
Any of these conditions indicate that some error has occurred during adjacency
establishment for all OSPF areas and interfaces.
loading done The sum total number of link state updates received for all out-of-date portions of the
database across all OSPF areas and interfaces.
n1way The sum total number of Hello packets received from neighbors, in which this router is not
mentioned across all OSPF interfaces and areas.
rst_ad The sum total number of times the Neighbor adjacency has been reset across all OPSF
areas and interfaces.
down The total number of Neighboring routers down (that is, in the initial state of a neighbor
conversation) across all OSPF areas and interfaces.
Intf Change Stats:
up The sum total number of interfaces up in all OSPF areas.
down The sum total number of interfaces down in all OSPF areas.
loop The sum total of interfaces no longer connected to the attached network across all OSPF
areas and interfaces.
Statistics Menu 78
Page 79
Table 67 OSPF global statistics
Statistic Description
unloop The sum total number of interfaces, connected to the attached network in all OSPF areas.
wait timer The sum total number of times the Wait Timer has been fired, indicating the end of the
waiting period that is required before electing a (Backup) Designated Router across all
OSPF areas and interfaces.
backup The sum total number of Backup Designated Routers on the attached network for all OSPF
areas and interfaces.
nbr change The sum total number of changes in the set of bidirectional neighbors associated with any
interface across all OSPF areas.
Timers Kickoff:
hello The sum total number of times the Hello timer has been fired (which triggers the send of a
Hello packet) across all OPSF areas and interfaces.
retransmit The sum total number of times the Retransmit timer has been fired across all OPSF areas and
interfaces.
lsa lock The sum total number of times the Link State Advertisement (LSA) lock timer has been fired
across all OSPF areas and interfaces.
lsa ack The sum total number of times the LSA Ack timer has been fired across all OSPF areas and
interfaces.
dbage The total number of times the data base age (Dbage) has been fired.
summary The total number of times the Summary timer has been fired.
ase export The total number of times the Autonomous System Export (ASE) timer has been fired.
VRRP statistics
Virtual Router Redundancy Protocol (VRRP) support on the GbE2 Interconnect Switch provides redundancy between
routers in a LAN. This is accomplished by configuring the same virtual router IP address and ID number on each
participating VRRP-capable routing device.
One of the virtual routers is then elected as the master, based on a number of priority criteria, and assumes control of
the shared virtual router IP address. If the master fails, one of the backup virtual routers will assume routing authority
and take control of the virtual router IP address.
When virtual routers are configured, you can display the following protocol statistics for VRRP:
• Advertisements received (vrrpInAdvers)
• Advertisements transmitted (vrrpOutAdvers)
• Advertisements received, but ignored (vrrpBadAdvers)
Command: /stats/l3/vrrp
>> Layer 3 Statistics# vrrp
VRRP statistics:
vrrpInAdvers: 0 vrrpBadAdvers: 0
vrrpOutAdvers: 0
vrrpBadVersion: 0 vrrpBadVrid: 0
vrrpBadAddress: 0 vrrpBadData: 0
vrrpBadPassword: 0 vrrpBadInterval: 0
Statistics Menu 79
Page 80
The following table describes the VRRP statistics.
Table 68 VRRP statistics
Field Description
vrrpInAdvers The total number of VRRP advertisements that have been received.
vrrpOutAdvers The total number of VRRP advertisements that have been sent.
vrrpBadVersion The total number of VRRP advertisements that had a bad version number.
vrrpBadAddress The total number of VRRP advertisements that had a bad address.
vrrpBadPassword The total number of VRRP advertisements that had a bad password.
vrrpBadAdvers The total number of VRRP advertisements received that were dropped.
vrrpBadVrid The total number of VRRP advertisements that had a bad virtual router ID.
vrrpBadData The total number of VRRP advertisements that had bad data.
vrrpBadInterval The total number of VRRP advertisements that had a bad interval.
RIP statistics
Command: /stats/l3/rip
RIP ALL STATS INFORMATION:
RIP packets received = 12
RIP packets sent = 75
RIP request received = 0
RIP response received = 12
RIP request sent = 3
RIP response sent = 72
RIP route timeout = 0
RIP bad size packet received = 0
RIP bad version received = 0
RIP bad zeros received = 0
RIP bad src port received = 0
RIP bad src IP received = 0
RIP packets from self received = 0
Management Processor statistics
Command: /stats/mp
[MP-specific Statistics Menu]
tcb - Show All TCP control blocks in use
ucb - Show All UDP control blocks in use
cpu - Show CPU utilization
The following table describes the MP-specific Statistics Menu options:
Table 69 MP-specific Statistics Menu
Command Usage
tcb Displays all Transmission Control Protocol (TCP) control blocks (TCB) that are in use.
ucb Displays all User Datagram Protocol (UDP) control blocks (UCB) that are in use.
cpu Displays CPU utilization for periods of up to 1, 4, and 64 seconds.
Statistics Menu 80
Page 81
TCP statistics
Command: /stats/mp/tcb
The following table describes the Transmission Control Protocol (TCP) control block (TCB) statistics shown in this
example:
Table 70 MP specified TCP statistics
Description Example statistic
Memory 10ad41e8/10ad5790
Destination IP address 0.0.0.0/47.81.27.5
Destination port 0/1171
Source IP 0.0.0.0/47.80.23.243
Source port 80/23
State listen/established
UDP statistics
Command: /stats/mp/ucb
All TCP allocated control blocks:
10ad41e8: 0.0.0.0 0 <=> 0.0.0.0 80 listen
10ad5790: 47.81.27.5 1171 <=> 47.80.23.243 23 established
The following table describes the User Datagram Protocol (UDP) control block (UCB) statistics shown in this example:
Table 71 UDP statistics
Description Example Statistic
Control block 161
State listen
CPU statistics
Command: /stats/mp/cpu
The following table describes the management port CPU utilization statistics:
Table 72 CPU statistics
Statistics Description
cpuUtil1Second The utilization of MP CPU over 1 second. This is shown as a percentage.
cpuUtil4Seconds The utilization of MP CPU over 4 seconds. This is shown as a percentage.
cpuUtil64Seconds The utilization of MP CPU over 64 seconds. This is shown as a percentage.
All UDP allocated control blocks:
161: listen
CPU utilization:
cpuUtil1Second: 8%
cpuUtil4Seconds: 9%
cpuUtil64Seconds: 8%
Statistics Menu 81
Page 82
Access Control List (ACL) statistics menu
Command: /stats/acl
[ACL Menu]
acl - Display ACL stats
meter - Display ACL metering stats
dump - Display all available ACL stats
clracl - Clear ACL stats
clrmeter - Clear ACL metering stats
The following table describes the Access Control List (ACL) Statistics menu options:
Table 73 ACL statistics menu options
Command Usage
acl <1-4096> Displays the Access Control List Statistics for a specific ACL.
meter <1-63> Displays statistics for a specific ACL Meter.
dump Displays all ACL statistics.
clracl Clear all ACL statistics.
clrmeter Clears all ACL metering statistics.
ACL statistics
Command: /stats/acl/acl <1-4096>
Hits for ACL 1, port 20: 26057515
Hits for ACL 2, port 21: 26057497
ACL meter statistics
Command: /stats/acl/meter <1-63>
Meters for ACL Group 1, Port 22: Out of profile: 0
Meters for ACL Group 2, Port 23: Out of profile: 0
SNMP statistics
Command: /stats/snmp
SNMP statistics:
snmpInPkts: 54 snmpInBadVersions: 0
snmpInBadC'tyNames: 0 snmpInBadC'tyUses: 0
snmpInASNParseErrs: 0 snmpEnableAuthTraps: 0
snmpOutPkts: 54 snmpInBadTypes: 0
snmpInTooBigs: 0 snmpInNoSuchNames: 0
snmpInBadValues: 0 snmpInReadOnlys: 0
snmpInGenErrs: 0 snmpInTotalReqVars: 105
snmpInTotalSetVars: 0 snmpInGetRequests: 2
snmpInGetNexts: 52 snmpInSetRequests: 0
snmpInGetResponses: 0 snmpInTraps: 0
snmpOutTooBigs: 0 snmpOutNoSuchNames: 2
snmpOutBadValues: 0 snmpOutReadOnlys: 0
snmpOutGenErrs: 0 snmpOutGetRequests: 0
snmpOutGetNexts: 0 snmpOutSetRequests: 0
snmpOutGetResponses: 54 snmpOutTraps: 0
snmpSilentDrops: 0 snmpProxyDrops: 0
Statistics Menu 82
Page 83
The following table describes the Simple Network Management Protocol (SNMP) statistics:
Table 74 SNMP statistics
Statistics Description
snmpInPkts The total number of messages delivered to the SNMP entity from the transport
service.
snmpInBadVersions The total number of SNMP messages, which were delivered to the SNMP protocol
entity and were for an unsupported SNMP version.
snmpInBadC'tyNames The total number of SNMP messages delivered to the SNMP entity that used an
SNMP community name not known to the GbE2 Interconnect Switch.
snmpInBadC'tyUses The total number of SNMP messages delivered to the SNMP protocol entity that
represented an SNMP operation which was not allowed by the SNMP community
named in the message.
snmpInASNParseErrs The total number of ASN.1 (Abstract Syntax Notation One) or BER (Basic Encoding
Rules), errors encountered by the SNMP protocol entity when decoding SNMP
messages received.
The Open Systems Interconnection (OSI) method of specifying abstract objects is
called ASN.1 (Abstract Syntax Notation One, defined in X.208), and one set of
rules for representing such objects as strings of ones and zeros is called the BER
(Basic Encoding Rules, defined in X.209).
ASN.1 is a flexible notation that allows one to define a variety of data types, from
simple types such as integers and bit strings to structured types such as sets and
sequences.
BER describes how to represent or encode values of each ASN.1 type as a string of
eight-bit octets.
snmpEnableAuthTraps An object to enable or disable the authentication traps generated by this GbE2
Interconnect Switch.
snmpOutPkts The total number of SNMP messages which were passed from the SNMP protocol
entity to the transport service.
snmpInBadTypes The total number of SNMP messages which failed ASN.1 parsing.
snmpInTooBigs The total number of SNMP Protocol Data Units (PDUs) that were delivered to the
SNMP protocol entity and for which the value of the error-status field is too big.
snmpInNoSuchNames The total number of SNMP Protocol Data Units (PDUs) that were delivered to the
SNMP protocol entity and for which the value of the error-status field is
noSuchName.
snmpInBadValues The total number of SNMP Protocol Data Units (PDUs) that were delivered to the
SNMP protocol entity and for which the value of the error-status field is badValue.
snmpInReadOnlys The total number of valid SNMP Protocol Data Units (PDUs), which were delivered
to the SNMP protocol entity and for which the value of the error-status field is readonly.
It should be noted that it is a protocol error to generate an SNMP PDU, which
contains the value read-only in the error-status field. As such, this object is provided
as a means of detecting incorrect implementations of the SNMP.
snmpInGenErrs The total number of SNMP Protocol Data Units (PDUs), which were delivered to the
SNMP protocol entity and for which the value of the error-status field is genErr.
snmpInTotalReqVars The total number of MIB objects which have been retrieved successfully by the
SNMP protocol entity as a result of receiving valid SNMP Get-Request and Get-Next
Protocol Data Units (PDUs).
snmpInTotalSetVars The total number of MIB objects, which have been altered successfully by the SNMP
protocol entity as a result of receiving valid SNMP Set-Request Protocol Data Units
(PDUs).
snmpInGetRequests The total number of SNMP Get-Request Protocol Data Units (PDUs), which have
been accepted and processed by the SNMP protocol entity.
snmpInGetNexts The total number of SNMP Get-Next Protocol Data Units (PDUs), which have been
accepted and processed by the SNMP protocol entity.
Statistics Menu 83
Page 84
Table 74 SNMP statistics
Statistics Description
snmpInSetRequests The total number of SNMP Set-Request Protocol Data Units (PDUs), which have been
accepted and processed by the SNMP protocol entity.
snmpInGetResponses The total number of SNMP Get-Response Protocol Data Units (PDUs), which have
been accepted and processed by the SNMP protocol entity.
snmpInTraps The total number of SNMP Trap Protocol Data Units (PDUs), which have been
accepted and processed by the SNMP protocol entity.
snmpOutTooBigs The total number of SNMP Protocol Data Units (PDUs), which were generated by
the SNMP protocol entity and for which the value of the error-status field is too big.
snmpOutNoSuchNames The total number of SNMP Protocol Data Units (PDUs), which were generated by
the SNMP protocol entity and for which the value of the error-status is
noSuchName.
snmpOutBadValues The total number of SNMP Protocol Data Units (PDUs), which were generated by
the SNMP protocol entity and for which the value of the error-status field is
badValue.
snmpOutReadOnlys Not in use.
snmpOutGenErrs The total number of SNMP Protocol Data Units (PDUs), which were generated by
the SNMP protocol entity and for which the value of the error-status field is genErr.
snmpOutGetRequests The total number of SNMP Get-Request Protocol Data Units (PDUs), which have
been generated by the SNMP protocol entity.
snmpOutGetNexts The total number of SNMP Get-Next Protocol Data Units (PDUs), which have been
generated by the SNMP protocol entity.
snmpOutSetRequests The total number of SNMP Set-Request Protocol Data Units (PDUs), which have been
generated by the SNMP protocol entity.
snmpOutGetResponses The total number of SNMP Get-Response Protocol Data Units (PDUs), which have
been generated by the SNMP protocol entity.
snmpOutTraps The total number of SNMP Trap Protocol Data Units (PDUs), which have been
generated by the SNMP protocol entity.
snmpSilentDrops The total number of GetRequest-PDUs, GetNextRequest-PDUs,GetBulkRequest-PDUs,
SetRequest-PDUs, and InformRequest-PDUs delivered to the SNMP entity which were
silently dropped because the size of a reply containing an alternate Response-PDU
with an empty variable-bindings field was too large.
snmpProxyDrops The total number of GetRequest-PDUs, GetNextRequest-PDUs,GetBulkRequest-PDUs,
SetRequest-PDUs, and InformRequest-PDUs delivered to the SNMP entity which were
silently dropped because the transmission of the message to a proxy target failed in
a manner (other than a time-out) such that no Response-PDU could be returned.
NTP statistics
Command: /stats/ntp
The GbE2 Interconnect Switch uses NTP (Network Timing Protocol) version 3 to synchronize the switch’s internal clock
with an atomic time-calibrated NTP server. With NTP enabled, the switch can accurately update its internal clock to
be consistent with other devices on the network and generates accurate syslogs.
NTP statistics:
Primary Server:
Requests Sent: 17
Responses Received: 17
Updates: 1
Secondary Server:
Requests Sent: 0
Responses Received: 0
Updates: 0
Last update based on response from primary server.
Last update time: 18:04:16 Tue Feb 27, 2007
Current system time: 18:55:49 Tue Feb 27, 2007
Statistics Menu 84
Page 85
The following table describes the NTP statistics:
Table 75 NTP statistics
Statistics Description
Primary Server Requests Sent: The total number of NTP requests the switch sent to the primary NTP
Secondary Server Requests Sent: The total number of NTP requests the switch sent to the secondary NTP
Last update based on
response from primary
server
Last update time The time stamp showing the time when the switch was last updated.
Current system time The switch system time when the command /stats/ntp was issued.
Link statistics
server to synchronize time.
Responses Received: The total number of NTP responses received from the primary
NTP server.
Updates: The total number of times the switch updated its time based on the NTP
responses received from the primary NTP server.
server to synchronize time.
Responses Received: The total number of NTP responses received from the secondary
NTP server.
Updates: The total number of times the switch updated its time based on the NTP
responses received from the secondary NTP server.
Last update of time on the switch based on either primary or secondary NTP response
received.
Command: /stats/port <port number>/link
The following table describes the link statistics for a port:
Table 76 Link statistics
Statistics Description
linkStateChange The total number of link state changes.
DNS statistics
This menu option enables you to display Domain Name system statistics.
Command: /stats/dns
The following table describes the Domain Name System (DNS) statistics:
Table 77 DNS statistics
Statistic Description
Link statistics for port 1:
linkStateChange: 1
DNS statistics:
dnsInRequests: 0 dnsOutRequests: 0
dnsBadRequests: 0
dnsInRequests The total number of DNS request packets that have been received.
dnsOutRequests The total number of DNS response packets that have been transmitted.
dnsBadRequests The total number of DNS request packets received that were dropped.
Statistics Menu 85
Page 86
Uplink Failure Detection statistics
This menu option allows you to display Uplink Failure Detection (UFD) statistics. To reset UFD statistics, follow the
command /cfg/ufd with the following argument: clear.
Command: /stats/ufd
Uplink Failure Detection statistics:
Number of times LtM link failure: 1
Number of times LtM link in Blocking State: 0
Number of times LtD got auto disabled: 1
The following table describes the Uplink Failure Detection (UFD) statistics:
Table 78 Uplink Failure Detection statistics
Statistic Description
Number of times LtM link failure The total numbers of times that link failures were detected on the
Number of times LtM link in Blocking
State
Number of times LtD got auto
disabled
uplink ports in the Link to Monitor group.
The total number of times that Spanning Tree Blocking state was
detected on the uplink ports in the Link to Monitor group.
The total numbers of times that downlink ports in the Link to Disable
group were automatically disabled because of a failure in the Link
to Monitor group.
Statistics dump
Command: /stats/dump
Use the dump command to dump all GbE2 Interconnect Switch statistics available from the Statistics Menu (40K or
more, depending on your configuration). This data can be used to tune or debug GbE2 Interconnect Switch
performance.
If you want to capture dump data to a file, set your communication software on your workstation to capture session
data prior to issuing the dump commands.
Statistics Menu 86
Page 87
Configuration Menu
Introduction
The Configuration Menu is only available from an administrator login. It includes submenus for configuring every
aspect of the GbE2 Interconnect Switch. Changes to configuration are not active until explicitly applied. Changes can
be saved to non-volatile memory (NVRAM).
Menu information
Command: /cfg
[Configuration Menu]
sys - System-wide Parameter Menu
port - Port Menu
l2 - Layer 2 Menu
l3 - Layer 3 Menu
qos - QOS Menu
acl - Access Control List Menu
rmon - RMON Menu
pmirr - Port Mirroring Menu
ufd - Uplink Failure Detection Menu
dump - Dump current configuration to script file
ptcfg - Backup current configuration to FTP/TFTP server
gtcfg - Restore current configuration from FTP/TFTP server
The following table describes the Configuration Menu options.
cur - Display current configuration
Table 79 Configuration Menu options
Command Usage
sys Displays the System Configuration Menu.
port <port number> Displays the Port Configuration Menu.
l2 Displays the Layer 2 Configuration Menu.
l3 Displays the Layer 3 Configuration Menu.
qos Displays the Quality of Service Configuration Menu.
acl Displays the Access Control List Configuration Menu.
rmon Displays the RMON Configuration Menu.
pmirr Displays the Mirroring Configuration Menu.
ufd Displays the Uplink Failure Detection Configuration Menu.
dump Dumps current configuration to a script file.
ptcfg <host name or IP address of TFTP
server> <filename on host>
gtcfg <host name or IP address of TFTP
server> <filename on host>
cur Displays current configuration parameters of the GbE2.
Backs up current configuration to TFTP server.
Restores current configuration from TFTP server.
Configuration Menu 87
Page 88
Viewing, applying, reverting, and saving changes
As you use the configuration menus to set GbE2 Interconnect Switch parameters, the changes you make do not take
effect immediately. All changes are considered pending until you explicitly apply them. Also, any changes are lost the
next time the GbE2 Interconnect Switch boots unless the changes are explicitly saved.
While configuration changes are in the pending state, you can:
• View the pending changes
• Apply the pending changes
• Revert to restore configuration parameters set with the last apply command
• Save the changes to flash memory
Viewing pending changes
You can view all pending configuration changes by entering diff at any CLI prompt:
# diff
You can view all pending configuration changes that have been applied but not saved to flash memory by entering
diff flash at any CLI prompt:
# diff flash
Applying pending changes
To make your configuration changes active, you must apply them. To apply configuration changes, enter the
following command at any prompt:
# apply
NOTE: All configuration changes take effect immediately when applied.
Reverting changes
The revert command removes configuration changes that have been made, but not applied. Enter revert apply to
remove all changes that have not been saved:
# revert
Saving the configuration
In addition to applying the configuration changes, you can save them to flash memory on the GbE2 Interconnect
Switch.
IMPORTANT: If you do not save the changes, they will be lost the next time the system is rebooted.
To save the new configuration, enter the following command at any prompt:
# save
When you save configuration changes, the changes are saved to the active configuration block. The configuration
being replaced by the save is first copied to the backup configuration block. If you do not want the previous
configuration block copied to the backup configuration block, enter the following instead:
# save n
Configuration Menu 88
Page 89
You can decide which configuration you want to run the next time you reset the GbE2 Interconnect Switch. Your
options include:
• The active configuration block
• The backup configuration block
• Factory default configuration block
You can view all pending configuration changes that have been applied but not saved to flash memory using the diff
flash command. It is a global command that can be executed from any prompt.
For instructions on selecting the configuration to run at the next system reset, see the “Selecting a configuration block”
section in the “Boot Options Menu” chapter.
Reminders
CLI reminders prompt users to complete configuration tasks that require multiple steps. The default setting for CLI
reminders is enabled. Use the following command to disable CLI reminders: /cfg/sys/reminders dis
The following is an example of a configuration task performed with CLI reminders enabled.
>> Layer 2# vlan 5
VLAN number 5 with name "VLAN 5" created.
Reminder: VLAN 5 needs to be enabled.
>> VLAN 5# add 9
Port 9 is an UNTAGGED port and its current PVID is 1.
Confirm changing PVID from 1 to 5 [y/n]: y
Current ports for VLAN 5: empty
Pending new ports for VLAN 5: 9
Reminder: Port 9 needs to be enabled.
Reminder: VLAN 5 needs to be enabled.
System configuration
Command: /cfg/sys
[System Menu]
syslog - Syslog Menu
sshd - SSH Server Menu
radius - RADIUS Authentication Menu
tacacs+ - TACACS+ Authentication Menu
ntp - NTP Server Menu
ssnmp - System SNMP Menu
access - System Access Menu
date - Set system date
time - Set system time
timezone - Set system timezone (daylight savings)
olddst - Set system DST for US
idle - Set timeout for idle CLI sessions
notice - Set login notice
bannr - Set login banner
hprompt - Enable/disable display hostname (sysName) in CLI prompt
bootp - Enable/disable use of BOOTP
reminders - Enable/disable Reminders
This menu provides configuration of GbE2 Interconnect Switch management parameters such as user and
administrator privilege mode passwords, browser-based management settings, and management access list.
cur - Display current system-wide parameters
Configuration Menu 89
Page 90
The following table describes the System Configuration Menu options.
Table 80 System Configuration Menu options
Command Usage
syslog Displays the Syslog Menu.
sshd Displays the SSH Server Menu.
radius Displays the RADIUS Authentication Menu.
tacacs+ Displays the TACACS+ Menu.
ntp Displays the Network Time Protocol (NTP) Server Menu.
ssnmp Displays the System SNMP Menu.
access Displays the System Access Menu.
date Prompts the user for the system date.
time Configures the system time using a 24-hour clock format.
timezone Configures the time zone where the switch resides. You are prompted
to select your location (continent, country, region) by the timezone
wizard. Once a region is selected, the switch updates the time to
reflect local changes to Daylight Savings Time, etc.
olddst
Enables or disables use of the Daylight Saving Time (DST) rules in
effect prior to the year 2007. The default value is
idle <1-60> Sets the idle timeout for CLI sessions, from 1 to 60 minutes. The default
is 5 minutes.
notice <1-1024 character multiline> <'-' to end>
bannr <1-80 characters>
Displays login notice immediately before the “Enter password:”
prompt. This notice can contain up to 1024 characters and new lines.
Configures a login banner of up to 80 characters. When a user or
administrator logs into the GbE2 Interconnect Switch, the login banner
is displayed. It is also displayed as part of the output from the
/info/sys/gen command.
hprompt disable|enable Enables or disables displaying of the host name (system administrator’s
name) in the command line interface.
bootp disable|enable Enables or disables the use of BOOTP. If you enable BOOTP, the
GbE2 Interconnect Switch will query its BOOTP server for all of the
GbE2 Interconnect Switch IP parameters. The default is enable.
reminders disable|enable Enables or disables reminder messages in the CLI. The default value is
enabled.
cur Displays the current system parameters.
disabled.
Configuration Menu 90
Page 91
System host log configuration
Command: /cfg/sys/syslog
[Syslog Menu]
host - Set IP address of first syslog host
host2 - Set IP address of second syslog host
sever - Set the severity of first syslog host
sever2 - Set the severity of second syslog host
facil - Set facility of first syslog host
facil2 - Set facility of second syslog host
console - Enable/disable console output of syslog messages
log - Enable/disable syslogging of features
The following table describes the Syslog Configuration Menu options.
Table 81 Syslog Configuration Menu options
Command Description
host <IP address> Sets the IP address of the first syslog host. For example,
host2 <IP address> Sets the IP address of the second syslog host. For example,
sever <1-7> Sets the severity level of the first syslog host displayed. The
sever2 <1-7> Sets the severity level of the second syslog host displayed. The
facil <1-7> This option sets the facility level of the first syslog host
facil2 <1-7> This option sets the facility level of the second syslog host
console disable|enable Enables or disables delivering syslog messages to the console.
log <feature|all> enable|disable Displays a list of features for which syslog messages can be
cur Displays the current syslog settings.
cur - Display current syslog settings
100.10.1.1
100.10.1.2
default is 7, which means log all the seven severity levels.
default is 7, which means log all the seven severity levels.
displayed. The default is 0.
displayed. The default is 0.
When necessary, disabling console ensures the GbE2
Interconnect Switch is not affected by syslog messages. It is
enabled by default.
generated. You can choose to enable/disable specific
features or enable/disable syslog on all available features.
Features include:
• console
• system
• mgmt
• cli
• stg
• vlan
• ssh
• vrrp
• ntp
• hotlink
• ip
• web
• ospf
• rmon
• ufd
• 802.1x
• cfg
Configuration Menu 91
Page 92
Secure Shell Server configuration
Command: /cfg/sys/sshd
[SSHD Menu]
interval– Set Interval for generating the RSA server key
scpadm – Set SCP-only admin password
hkeygen - Generate the RSA host key
skeygen - Generate the RSA server key
sshport - Set SSH server port number
ena - Enable the SCP apply and save
dis - Disable the SCP apply and save
on - Turn SSH server ON
off - Turn SSH server OFF
cur - Display current SSH server configuration
Telnet traffic on the network is not secure. This menu enables Secure Shell (SSH) access from any SSH client. The SSH
program securely logs into another computer over a network and executes commands in a secure environment. All
data using SSH is encrypted.
Secure Shell can be configured on the GbE2 Interconnect Switch using the console port only. Several of the above
menu options do not display if you access the GbE2 Interconnect Switch using Telnet or the Browser-Based Interface
(BBI).
NOTE: See the HP ProLiant BL p-Class GbE2 Interconnect Switch Application Guide for information on SSH.
The following table describes the SSHD Configuration Menu options.
Table 82 SSHD Configuration Menu options
Command Description
intrval <0-24> Defines interval for auto-generating the RSA server key. The switch will auto-
generate the RSA server key at the interval defined in this command. The value
of zero (0) means the RSA server key auto-generation is disabled. If the switch
has been busy performing any other key generation and the assigned time of
interval expires, the RSA server will skip generating the key.
scpadm Defines the administrator password that is for Secure Copy (SCP) only. The
username for this SCP administrator is scpadmin.
Typically, SCP is used to copy files securely from one machine to another. In the
GbE2 Interconnect Switch, SCP is used to download and upload the switch
configuration using secure channels.
hkeygen Generates the RSA host keys manually. The GbE2 Interconnect Switch creates
this key automatically while configuring the switch with Secure Shell (SSH). But
you can generate the key manually by using this command if you need to
overwrite the key for security reasons. The command will take effect immediately
without executing the apply command.
skeygen Generates the RSA server key. The GbE2 Interconnect Switch creates this key
automatically while configuring the switch with Secure Shell (SSH). You can
generate the key manually by using this command if you need to overwrite the
key for security reasons. The command will take effect immediately without
executing the apply command.
sshport <TCP port number> Sets the SSH server port number.
ena Enables the SCP apply and save.
dis Disables the SCP apply and save. This is the default for SCP.
on Enables the SSH server.
off Disables the SSH server. This is the default for the SSH server.
cur Displays the current SSH server configuration.
RADIUS server configuration
Command: /cfg/sys/radius
Configuration Menu 92
Page 93
[RADIUS Server Menu]
prisrv - Set primary RADIUS server address
secsrv - Set secondary RADIUS server address
secret - Set primary RADIUS server secret
secret2 - Set secondary RADIUS server secret
port - Set RADIUS port
retries - Set RADIUS server retries
timeout - Set RADIUS server timeout
telnet - Enable/disable RADIUS backdoor for telnet/ssh/http
secbd - Enable/disable RADIUS secure backdoor for telnet/ssh/http
on - Turn RADIUS authentication ON
off - Turn RADIUS authentication OFF
NOTE: See the HP ProLiant BL p-Class GbE2 Interconnect Switch Application Guide for information on
cur - Display current RADIUS configuration
RADIUS.
The following table describes the RADIUS Server Configuration Menu options.
Table 83 RADIUS Server Configuration Menu options
Command Description
prisrv <IP address> Sets the primary RADIUS server address.
For example, 100.10.1.1
secsrv <IP address> Sets the secondary RADIUS server address.
For example, 100.10.1.2
secret <1-32 characters> This is the shared secret between the GbE2 Interconnect Switch and the
RADIUS server(s).
secret2 <1-32 characters> This is the secondary shared secret between the switch and the RADIUS
server(s).
port <UDP port number> Enter the number of the User Datagram Protocol (UDP) port to be
configured, between 1500-3000. The default is 1645.
retries <1-3> Sets the number of failed authentication requests before switching to a
different RADIUS server. The default is 3 requests.
timeout <1-10> Sets the amount of time, in seconds, before a RADIUS server
authentication attempt is considered to have failed. The default is 3
seconds.
telnet Enables or disables the RADIUS back door for telnet/SSH/ HTTP/HTTPS.
This command does not apply when secure backdoor (
enabled.
secbd) is
secbd enable|disable Enables or disables the RADIUS back door using secure password for
telnet/SSH/ HTTP/HTTPS.
on Enables the RADIUS server.
off Disables the RADIUS server. This is the default.
cur Displays the current RADIUS server parameters.
IMPORTANT: If RADIUS is enabled, you are required to login using RADIUS when using Telnet. If a RADIUS
server is not available and the Telnet backdoor is enabled, type in noradius as a backdoor to bypass
RADIUS checking, and use the administrator password to log into the GbE2 Interconnect Switch. Using
noradius is only allowed if the RADIUS server is not available.
Configuration Menu 93
Page 94
TACACS+ server configuration
Command: /cfg/sys/tacacs+
[TACACS+ Server Menu]
prisrv - Set IP address of primary TACACS+ server
secsrv - Set IP address of secondary TACACS+ server
secret - Set secret for primary TACACS+ server
secret2 - Set secret for secondary TACACS+ server
port - Set TACACS+ port number
retries - Set number of TACACS+ server retries
timeout - Set timeout value of TACACS+ server retries
telnet - Enable/disable TACACS+ back door for telnet/ssh/http/https
secbd - Enable/disable TACACS+ secure backdoor for telnet/ssh/http/https
cmap - Enable/disable TACACS+ new privilege level mapping
usermap - Set user privilege mappings
on - Enable TACACS+ authentication
off - Disable TACACS+ authentication
cur - Display current TACACS+ settings
TACACS+ (Terminal Access Controller Access Control System) is an authentication protocol that allows a remote
access server to forward a user's logon password to an authentication server to determine whether access can be
allowed to a given system. TACACS+ and Remote Authentication Dial-In User Service (RADIUS) protocols are more
secure than the TACACS encryption protocol. TACACS+ is described in RFC 1492.
TACACS+ protocol is more reliable than RADIUS, as TACACS+ uses the Transmission Control Protocol (TCP) whereas
RADIUS uses the User Datagram Protocol (UDP). Also, RADIUS combines authentication and authorization in a user
profile, whereas TACACS+ separates the two operations.
TACACS+ offers the following advantages over RADIUS as the authentication device:
• TACACS+ is TCP-based, so it facilitates connection-oriented traffic.
• It supports full-packet encryption, as opposed to password-only in authentication requests.
• It supports decoupled authentication, authorization, and accounting.
The following table describes the TACACS+ Server Configuration Menu options.
Table 84 TACACS+ Server Configuration Menu options
Command Description
prisrv <IP address> Defines the primary TACACS+ server address. For example,
100.10.1.1
secsrv <IP address> Defines the secondary TACACS+ server address. For example,
100.10.1.2
secret <1-32 characters> This is the shared secret between the switch and the TACACS+ server(s).
secret2 <1-32 characters> This is the secondary shared secret between the switch and the TACACS+
server(s).
port <TCP port number> Enter the number of the TCP port to be configured, between 1 - 65000.
The default is 49.
retries <1-3> Sets the number of failed authentication requests before switching to a
different TACACS+ server. The range is 1-3 requests. The default is 3
requests.
timeout <4-15> Sets the amount of time, in seconds, before a TACACS+ server
authentication attempt is considered to have failed. The range is 4-15
seconds. The default is 5 seconds.
telnet enable|disable Enables or disables the TACACS+ back door for telnet. The telnet
command also applies to SSH/SCP connections and the Browser-based
Interface (BBI). This command does not apply when secure backdoor
(
secbd) is enabled.
secbd enable|disable Enables or disables the TACACS+ back door using secure password for
telnet/SSH/ HTTP/HTTPS. This command does not apply when backdoor
(telnet) is enabled.
cmap enable|disable Enables or disables TACACS+ privilege-level mapping.
The default value is disabled.
Configuration Menu 94
Page 95
Table 84 TACACS+ Server Configuration Menu options
Command Description
usermap <0-15>
user|oper|admin|none
on Enables the TACACS+ server.
off Disables the TACACS+ server.
cur Displays current TACACS+ configuration parameters.
IMPORTANT: If TACACS+ is enabled, you are required to login using TACACS+ when doing Telnet. If a
TACACS+ server is not available and the Telnet backdoor is enabled, type in notacacs as a backdoor to
bypass TACACS+ checking, and use the administrator password to log into the GbE2 Interconnect Switch.
NTP server configuration
Command: /cfg/sys/ntp
[NTP Server Menu]
prisrv - Set primary NTP server address
secsrv - Set secondary NTP server address
intrval - Set NTP server resync interval
tzone - Set NTP timezone offset from GMT
dlight - Enable/Disable daylight savings time
on - Turn NTP service ON
off - Turn NTP service OFF
This menu enables you to synchronize the GbE2 Interconnect Switch clock to a Network Time Protocol (NTP) server.
By default, this option is disabled.
The following table describes the NTP Server Configuration Menu options.
cur - Display current NTP configuration
Maps a TACACS+ privilege level to a GbE2 user level. Enter a TACACS+
privilege level (0-15), followed by the corresponding GbE2 user level.
Table 85 NTP Server Configuration Menu options
Command Description
prisrv <IP address> Prompts for the IP addresses of the primary NTP server to which you want to
synchronize the GbE2 Interconnect Switch clock.
For example, 100.10.1.1
secsrv <IP address> Prompts for the IP addresses of the secondary NTP server to which you want to
synchronize the GbE2 Interconnect Switch clock.
For example, 100.10.1.2
intrval <1-44640> Specifies the interval, that is, how often, in minutes (1-44640), to
resynchronize the switch clock with the NTP server. The default is 1440
seconds.
tzone <hh:mm> Prompts for the NTP time zone offset from Greenwich Mean Time (GMT), in
hours and minutes. The offset format is HH:MM
dlight disable|enable Disables or enables daylight saving time in the system clock. When enabled,
the GbE2 Interconnect Switch will add an extra hour to the system clock so that
it is consistent with the local clock. By default, this option is disabled.
on Enables the NTP synchronization service.
off Disables the NTP synchronization service. This is the default.
cur Displays the current NTP service settings.
Configuration Menu 95
Page 96
System SNMP configuration
Command: /cfg/sys/ssnmp
[SNMP Menu]
snmpv3 - SNMPv3 Menu
name - Set SNMP "sysName"
locn - Set SNMP "sysLocation"
cont - Set SNMP "sysContact"
rcomm - Set SNMP read community string
wcomm - Set SNMP write community string
timeout - Set timeout for the SNMP state machine
auth - Enable/disable SNMP "sysAuthenTrap"
linkt - Enable/disable SNMP link up/down trap
ufd - Enable/disable SNMP Uplink Failure Detection trap
cur - Display current SNMP configuration
GbE2 software supports SNMP-based network management. In SNMP model of network management, a
management station (client/manager) accesses a set of variables known as MIBs (Management Information Base)
provided by the managed device (agent). If you are running an SNMP network management station on your network,
you can manage the switch using the following standard SNMP MIBs:
• MIB II (RFC 1213)
• Ethernet MIB (RFC 1643)
• Bridge MIB (RFC 1493)
An SNMP agent is a software process on the managed device that listens on UDP port 161 for SNMP messages.
Each SNMP message sent to the agent contains a list of management objects to retrieve or to modify.
• SNMP parameters that can be modified include:
• System name
• System location
• System contact
• Use of the SNMP system authentication trap function
• Read community string
• Write community string
The following table describes the System SNMP Configuration Menu options.
Table 86 System SNMP Configuration Menu options
Command Description
snmpv3 Displays SNMPv3 menu.
name <1-64 characters> Configures the name for the system. The name can have a maximum of 64 characters.
locn <1-64 characters> Configures the name of the system location. The location can have a maximum of 64
characters.
cont <1-64 characters> Configures the name of the system contact. The contact can have a maximum of 64
characters.
rcomm <1-32 characters> Configures the SNMP read community string. The read community string controls SNMP
“get” access to the switch. It can have a maximum of 32 characters. The default read
community string is public.
wcomm <1-32 characters> Configures the SNMP write community string. The write community string controls SNMP
“set” and “get” access to the switch. It can have a maximum of 32 characters. The
default write community string is private.
timeout <1-30> Sets the timeout value for the SNMP state machine. The range is 1-30 minutes. The
default value is 5 minutes.
auth disable|enable Enables or disables the use of the system authentication trap facility. The default setting
linkt <port>
[disable|enable]
is disabled.
Enables or disables the sending of SNMP link up and link down traps. The default
setting is enabled.
ufd Enables or disables the sending of Uplink Failure Detection traps. The default setting is
disabled.
Configuration Menu 96
Page 97
Table 86 System SNMP Configuration Menu options
Command Description
cur Displays the current SNMP configuration.
SNMPv3 configuration
Command: /cfg/sys/ssnmp/snmpv3
[SNMPv3 Menu]
usm - usmUser Table Menu
view - vacmViewTreeFamily Table Menu
access - vacmAccess Table Menu
group - vacmSecurityToGroup Table Menu
comm - community Table Menu
taddr - targetAddr Table Menu
tparam - targetParams Table Menu
notify - notify Table Menu
v1v2 - Enable/disable V1/V2 access
cur - Display current SNMPv3 configuration
SNMP version 3 (SNMPv3) is an extensible SNMP Framework that supplements the SNMPv2 Framework by
supporting the following:
• a new SNMP message format
• security for messages
• access control
• remote configuration of SNMP parameters
For more details on the SNMPv3 architecture please see RFC2271 to RFC2275.
The following table describes the SNMPv3 Configuration Menu options.
Table 87 SNMPv3 Configuration Menu options
Command Description
usm <1-16> Configures a user security model (USM) entry for an authorized user. You can also
configure this entry through SNMP. The range is 1-16.
view <1-128> Configures different MIB views. The range is 1-128.
access <1-32> Configures access rights. The View-based Access Control Model defines a set of services
that an application can use for checking access rights of the user. You need access control
when you have to process retrieval or modification request from an SNMP entity. The range
is 1-32.
group <1-16> Configures an SNMP group. A group maps the user name to the access group names and
their access rights needed to access SNMP management objects. A group defines the
access rights assigned to all names that belong to a particular group. The range is 1-16.
comm <1-16> Configures a community table entry. The community table contains objects for mapping
community strings and version-independent SNMP message parameters.
The range is 1-16.
taddr <1-16> Configures the destination address and user security levels for outgoing notifications. This is
also called the transport endpoint. The range is 1-16.
tparam <1-16> Configures SNMP parameters, consisting of message processing model, security model,
security level, and security name information. There may be multiple transport endpoints
associated with a particular set of SNMP parameters, or a particular transport endpoint
may be associated with several sets of SNMP parameters.
notify <1-16> Configures a notification index. A notification application typically monitors a system for
particular events or conditions, and generates Notification-Class messages based on these
events or conditions. The range is 1-16.
v1v2 disable|enable This command allows you to enable or disable the access to SNMP version 1 and version
2. This command is enabled by default.
cur Displays the current SNMPv3 configuration.
Configuration Menu 97
Page 98
User Security Model configuration
Command: /cfg/sys/ssnmp/snmpv3/usm
[SNMPv3 usmUser 1 Menu]
name - Set USM user name
auth - Set authentication protocol
authpw - Set authentication password
priv - Set privacy protocol
privpw - Set privacy password
del - Delete usmUser entry
cur - Display current usmUser configuration
You can make use of a defined set of user identities using this Security Model. An SNMP engine must have the
knowledge of applicable attributes of a user.
This menu helps you create a user security model entry for an authorized user. You need to provide a security name
to create the USM entry.
The following table describes the User Security Model Configuration Menu options.
Table 88 User Security Model Configuration Menu options
Command Description
name <1-32
characters>
Configures a string up to 32 characters long that represents the name of the user. This is the
login name that you need in order to access the switch.
auth md5|sha|none Configures the authentication protocol between HMAC-MD5-96 or HMAC-SHA-96. The
default algorithm is none.
authpw Configures your password for authentication. If you selected an authentication algorithm using
the above command, you need to provide a password; otherwise you will get an error
message during validation.
priv des|none Configures the type of privacy protocol on the switch. The privacy protocol protects messages
from disclosure. The options are
you specify
authentication protocols (MD5 or HMAC-SHA-96). If you select
protocol, you will get an error message.
privpw This command allows you to create or change the privacy password.
del Deletes the USM user entries.
cur Displays the USM user entries.
SNMPv3 View configuration
Command: /cfg/sys/ssnmp/snmpv3/view
[SNMPv3 vacmViewTreeFamily 1 Menu]
name - Set view name
tree - Set MIB subtree(OID) which defines a family of view subtrees
mask - Set view mask
type - Set view type
del - Delete vacmViewTreeFamily entry
cur - Display current vacmViewTreeFamily configuration
des (CBC-DES Symmetric Encryption Protocol) or none. If
des as the privacy protocol, then be sure that you have selected one of the
none as the authentication
Configuration Menu 98
Page 99
The following table describes the SNMPv3 View Configuration Menu options.
Table 89 SNMPv3 View Configuration Menu options
Command Description
name <1-32 characters> Defines the name for a family of view subtrees up to a maximum of 32
characters.
tree <1-32 characters> Defines the Object Identifier (OID), a string of maximum 32 characters, which
when combined with the corresponding mask defines a family of view subtrees.
An example of an OID is
mask <1-32 characters> Defines the bit mask, which in combination with the corresponding tree defines
a family of view subtrees. The mask can have a maximum of 32 characters.
type included|excluded Selects whether the corresponding instances of
vacmViewTreeFamilySubtree and
vacmViewTreeFamilyMask define a family of view subtrees, which is
included in or excluded from the MIB view.
del Deletes the vacmViewTreeFamily group entry.
cur Displays the current vacmViewTreeFamily configuration.
View-based Access Control Model configuration
Command: /cfg/sys/ssnmp/snmpv3/access
[SNMPv3 vacmAccess 1 Menu]
name - Set group name
prefix - Set context prefix
model - Set security model
level - Set minimum level of security
match - Set prefix only or exact match
rview - Set read view index
wview - Set write view index
nview - Set notify view index
del - Delete vacmAccess entry
cur - Display current vacmAccess configuration
The view-based Access Control Model defines a set of services that an application can use for checking access rights
of the user. Access control is needed when the user has to process SNMP retrieval or modification request from an
SNMP entity.
The following table describes the User Access Control Configuration Menu options.
1.3.6.1.2.1.1.1.0
Table 90 View-based Access Control Configuration Menu options
Command Description
name <1-32
Defines the name of the group, up to a maximum of 32 characters.
characters>
model
Selects the security model to be used.
usm|snmpv1|snmpv2
level
noAuthNoPriv|authNo
Priv|authPriv
rview <1-32
characters>
wview <1-32
characters>
nview <1-32
Defines the minimum level of security required to gain access rights. The level
noAuthNoPriv means that the SNMP message will be sent without authentication and
without using a privacy protocol. The level
will be sent with authentication but without using a privacy protocol. The
that the SNMP message will be sent both with authentication and using a privacy protocol.
Defines a 32 character long read view name that allows you read access to a particular MIB
view. If the value is empty or if there is no active MIB view having this value then no access is
granted.
Defines a 32 character long write view name that allows you write access to the MIB view. If
the value is empty or if there is no active MIB view having this value then no access is
granted.
Defines a 32 character long notify view name that allows you notify access to the MIB view.
characters>
authNoPriv means that the SNMP message
authPriv means
Configuration Menu 99
Page 100
Table 90 View-based Access Control Configuration Menu options
Command Description
name <1-32
Defines the name of the group, up to a maximum of 32 characters.
characters>
model
Selects the security model to be used.
usm|snmpv1|snmpv2
del Deletes the View-based Access Control entry.
cur Displays the View-based Access Control configuration.
SNMPv3 Group configuration
Command: /cfg/sys/ssnmp/snmpv3/group
[SNMPv3 vacmSecurityToGroup 1 Menu]
model - Set security model
uname - Set USM user name
gname - Set group name
del - Delete vacmSecurityToGroup entry
cur - Display current vacmSecurityToGroup configuration
The following table describes the SNMPv3 Group Configuration Menu options.
Table 91 SNMPv3 Group Configuration Menu options
Command Description
model
Defines the security model.
usm|snmpv1|snmpv2
uname <1-32
characters>
gname <1-32
characters>
Sets the user name as defined in /cfg/sys/ssnmp/snmpv3/usm/name. The user
name can have a maximum of 32 characters.
Configures the name for the access group as defined in
/cfg/sys/ssnmp/snmpv3/access/name. The group name can have a maximum
of 32 characters.
del Deletes the vacmSecurityToGroup entry.
cur Displays the current vacmSecurityToGroup configuration.
SNMPv3 Community Table configuration
Command: /cfg/sys/ssnmp/snmpv3/comm
[SNMPv3 snmpCommunityTable 1 Menu]
index - Set community index
name - Set community string
uname - Set USM user name
tag - Set community tag
del - Delete communityTable entry
cur - Display current communityTable configuration
This command is used for configuring the community table entry. The configured entry is stored in the community table
list in the SNMP engine. This table is used to configure community strings in the Local Configuration Datastore (LCD)
of SNMP engine.
Configuration Menu 100
Loading...