LevelOne FGL-2870 User Manual
LevelOne
FGL-2870
Installation Guide
Installationsanleitung
24FE + 4GE Combo SFP
L2 SNMP Switch
User Manual
Version 1.0
Management Guide
Fast Ethernet Switch
Combo Layer 2 SNMP Switch
with 24 10/100BASE-T (RJ-45) Ports,
and 4 Combination Gigabit (RJ-45/SFP) Ports
FGL-2870
E122009-WM-R01
149100000059A
About This Guide
Purpose
This guide gives specific information on how to operate and use the management
functions of the switch.
Audience
The guide is intended for use by network administrators who are responsible for operating
and maintaining network equipment; consequently, it assumes a basic working
knowledge of general switch functions, the Internet Protocol (IP), and Simple Network
Management Protocol (SNMP).
Conventions
The following conventions are used throughout this guide to show information:
Note: Emphasizes important information or calls your attention to related features or
instructions.
Caution: Alerts you to a potential hazard that could cause loss of data, or damage the
system or equipment.
Warning: Alerts you to a potential hazard that could cause personal injury.
Related Publications
The following publication details the hardware features of the switch, including the
physical and performance-related characteristics, and how to install the switch:
The Installation Guide
Also, as part of the switch’s software, there is an online web-based help that describes all
management related features.
Revision History
This section summarizes the changes in each revision of this guide.
December 2009 Revision
This is the first revision of this guide.
v
vi
Contents
Chapter 1: Introduction 1-1
Key Features 1-1
Description of Software Features 1-2
System Defaults 1-6
Chapter 2: Initial Configuration 2-1
Connecting to the Switch 2-1
Configuration Options 2-1
Required Connections 2-2
Remote Connections 2-3
Basic Configuration 2-3
Console Connection 2-3
Setting Passwords 2-4
Setting an IP Address 2-4
Manual Configuration 2-4
Dynamic Configuration 2-5
Enabling SNMP Management Access 2-6
Community Strings (for SNMP version 1 and 2c clients) 2-6
Trap Receivers 2-7
Configuring Access for SNMP Version 3 Clients 2-8
Managing System Files 2-8
Saving Configuration Settings 2-9
Chapter 3: Configuring the Switch 3-1
Using the Web Interface 3-1
Navigating the Web Browser Interface 3-2
Home Page 3-2
Configuration Options 3-3
Panel Display 3-3
Main Menu 3-4
Basic Configuration 3-13
Displaying System Information 3-13
Displaying Switch Hardware/Software Versions 3-15
Displaying Bridge Extension Capabilities 3-17
Setting the Switch’s IP Address 3-18
Manual Configuration 3-19
Using DHCP/BOOTP 3-20
Enabling Jumbo Frames 3-21
Managing Firmware 3-22
Automatic Operation Code Upgrade 3-22
vii
Contents
Downloading System Software from a Server 3-26
Saving or Restoring Configuration Settings 3-28
Downloading Configuration Settings from a Server 3-29
Uploading and Downloading Files Using HTTP 3-30
Console Port Settings 3-32
Telnet Settings 3-34
Configuring Event Logging 3-36
System Log Configuration 3-36
Remote Log Configuration 3-37
Displaying Log Messages 3-39
Sending Simple Mail Transfer Protocol Alerts 3-39
Resetting the System 3-41
Setting the System Clock 3-42
Setting the Time Manually 3-43
Configuring SNTP 3-43
Configuring NTP 3-44
Setting the Time Zone 3-46
Configuring Summer Time 3-47
Simple Network Management Protocol 3-49
Enabling the SNMP Agent 3-51
Setting Community Access Strings 3-51
Specifying Trap Managers and Trap Types 3-52
Configuring SNMPv3 Management Access 3-55
Setting the Local Engine ID 3-55
Specifying a Remote Engine ID 3-56
Configuring SNMPv3 Users 3-57
Configuring Remote SNMPv3 Users 3-59
Configuring SNMPv3 Groups 3-61
Setting SNMPv3 Views 3-64
Sampling Traffic Flows 3-65
Configuring sFlow Global Parameters 3-66
Configuring sFlow Port Parameters 3-68
User Authentication 3-70
Configuring User Accounts 3-70
Configuring Local/Remote Logon Authentication 3-72
Configuring Encryption Keys 3-75
AAA Authorization and Accounting 3-76
Configuring AAA RADIUS Group Settings 3-77
Configuring AAA TACACS+ Group Settings 3-78
Configuring AAA Accounting 3-78
AAA Accounting Update 3-80
AAA Accounting 802.1X Port Settings 3-81
AAA Accounting Exec Command Privileges 3-82
AAA Accounting Exec Settings 3-83
AAA Accounting Summary 3-83
viii
Contents
Authorization Settings 3-85
Authorization EXEC Settings 3-86
Authorization Summary 3-87
Configuring HTTPS 3-88
Replacing the Default Secure-site Certificate 3-89
Configuring the Secure Shell 3-90
Generating the Host Key Pair 3-93
Importing User Public Keys 3-95
Configuring the SSH Server 3-97
Configuring 802.1X Port Authentication 3-99
Displaying 802.1X Global Settings 3-100
Configuring 802.1X Global Settings 3-101
Configuring Port Settings for 802.1X 3-101
Displaying 802.1X Statistics 3-105
Filtering IP Addresses for Management Access 3-107
General Security Measures 3-109
Configuring Port Security 3-110
Web Authentication 3-111
Configuring Web Authentication 3-112
Configuring Web Authentication for Ports 3-113
Displaying Web Authentication Port Information 3-114
Re-authenticating Web Authenticated Ports 3-114
Network Access (MAC Address Authentication) 3-115
Configuring the MAC Authentication Reauthentication Time 3-117
Configuring MAC Authentication for Ports 3-118
Configuring Port Link Detection 3-120
Displaying Secure MAC Address Information 3-121
MAC Filter Configuration 3-122
Access Control Lists 3-124
Setting the ACL Name and Type 3-125
Configuring a Standard IPv4 ACL 3-126
Configuring an Extended IPv4 ACL 3-127
Configuring a Standard IPv6 ACL 3-129
Configuring an Extended IPv6 ACL 3-130
Configuring a MAC ACL 3-131
Configuring an ARP ACL 3-133
Binding a Port to an Access Control List 3-135
ARP Inspection 3-136
Configuring ARP Inspection 3-136
Displaying ARP Inspection Port Information 3-141
DHCP Snooping 3-143
DHCP Snooping Configuration 3-144
DHCP Snooping VLAN Configuration 3-145
DHCP Snooping Information Option Configuration 3-146
Configuring Ports for DHCP Snooping 3-147
ix
Contents
Displaying DHCP Snooping Binding Information 3-149
IP Source Guard 3-150
Configuring Ports for IP Source Guard 3-150
Configuring Static Binding for IP Source Guard 3-152
Displaying Information for Dynamic IP Source Guard Bindings 3-154
Port Configuration 3-155
Displaying Connection Status 3-155
Configuring Interface Connections 3-157
Creating Trunk Groups 3-160
Statically Configuring a Trunk 3-161
Enabling LACP on Selected Ports 3-162
Configuring Parameters for LACP Group Members 3-164
Configuring Parameters for LACP Groups 3-166
Displaying LACP Port Counters 3-167
Displaying LACP Settings and Status for the Local Side 3-168
Displaying LACP Settings and Status for the Remote Side 3-170
Setting Broadcast Storm Thresholds 3-172
Setting Multicast Storm Thresholds 3-174
Setting Unknown Unicast Storm Thresholds 3-175
Configuring Port Mirroring 3-177
Configuring MAC Address Mirroring 3-178
Configuring Rate Limits 3-179
Rate Limit Configuration 3-179
Showing Port Statistics 3-180
Address Table Settings 3-185
Setting Static Addresses 3-185
Displaying the Address Table 3-186
Changing the Aging Time 3-187
Spanning Tree Algorithm Configuration 3-188
Configuring Port and Trunk Loopback Detection 3-190
Displaying Global Settings for STA 3-191
Configuring Global Settings for STA 3-194
Displaying Interface Settings for STA 3-198
Configuring Interface Settings for STA 3-201
Spanning Tree Edge Port Configuration 3-204
VLAN Configuration 3-206
IEEE 802.1Q VLANs 3-206
Enabling or Disabling GVRP (Global Setting) 3-209
Displaying Basic VLAN Information 3-210
Displaying Current VLANs 3-211
Creating VLANs 3-212
Adding Static Members to VLANs (VLAN Index) 3-214
Adding Static Members to VLANs (Port Index) 3-216
Configuring VLAN Behavior for Interfaces 3-217
Configuring IEEE 802.1Q Tunneling 3-219
x
Contents
Enabling QinQ Tunneling on the Switch 3-223
Adding an Interface to a QinQ Tunnel 3-224
Traffic Segmentation 3-226
Configuring Global Settings for Traffic Segmentation 3-226
Configuring Traffic Segmentation Sessions 3-227
Private VLANs 3-228
Displaying Current Private VLANs 3-228
Configuring Private VLANs 3-229
Associating VLANs 3-230
Displaying Private VLAN Interface Information 3-231
Configuring Private VLAN Interfaces 3-232
Protocol VLANs 3-233
Configuring Protocol VLAN Groups 3-234
Mapping Protocols to VLANs 3-235
Configuring VLAN Mirroring 3-236
Configuring IP Subnet VLANs 3-237
Configuring MAC-based VLANs 3-238
Link Layer Discovery Protocol 3-239
Setting LLDP Timing Attributes 3-239
Configuring LLDP Interface Attributes 3-241
Displaying LLDP Local Device Information 3-244
Displaying LLDP Remote Port Information 3-247
Displaying LLDP Remote Information Details 3-248
Displaying Device Statistics 3-250
Displaying Detailed Device Statistics 3-251
Class of Service Configuration 3-253
Layer 2 Queue Settings 3-253
Setting the Default Priority for Interfaces 3-253
Mapping CoS Values to Egress Queues 3-255
Selecting the Queue Mode 3-256
Displaying the Service Weight for Traffic Classes 3-257
Layer 3/4 Priority Settings 3-259
Mapping Layer 3/4 Priorities to CoS Values 3-259
Enabling IP DSCP Priority 3-259
Mapping DSCP Priority 3-260
Quality of Service 3-262
Configuring Quality of Service Parameters 3-262
Configuring a Class Map 3-263
Creating QoS Policies 3-265
Attaching a Policy Map to Ingress Queues 3-268
VoIP Traffic Configuration 3-269
Configuring VoIP Traffic 3-269
Configuring VoIP Traffic Ports 3-270
Configuring Telephony OUI 3-272
Multicast Filtering 3-274
xi
Contents
Layer 2 IGMP (Snooping and Query) 3-275
Configuring IGMP Snooping and Query Parameters 3-276
Enabling IGMP Immediate Leave 3-278
Displaying Interfaces Attached to a Multicast Router 3-280
Specifying Static Interfaces for a Multicast Router 3-281
Displaying Port Members of Multicast Services 3-282
Assigning Ports to Multicast Services 3-283
IGMP Filtering and Throttling 3-284
Enabling IGMP Filtering and Throttling 3-284
Configuring IGMP Filter Profiles 3-285
Configuring IGMP Filtering and Throttling for Interfaces 3-287
Multicast VLAN Registration 3-289
Configuring Global MVR Settings 3-290
Displaying MVR Interface Status 3-292
Displaying Port Members of Multicast Groups 3-293
Configuring MVR Interface Status 3-294
Assigning Static Multicast Groups to Interfaces 3-296
Configuring MVR Receiver VLAN and Group Addresses 3-297
Displaying MVR Receiver Groups 3-298
Configuring Static MVR Receiver Group Members 3-299
Domain Name Service 3-300
Configuring General DNS Service Parameters 3-300
Configuring Static DNS Host to Address Entries 3-302
Displaying the DNS Cache 3-304
Switch Clustering 3-305
Configuring General Settings for Clusters 3-305
Cluster Member Configuration 3-307
Displaying Information on Cluster Members 3-308
Cluster Candidate Information 3-309
UPnP 3-310
UPnP Configuration 3-311
Chapter 4: Command Line Interface 4-1
Using the Command Line Interface 4-1
Accessing the CLI 4-1
Console Connection 4-1
Telnet Connection 4-2
Entering Commands 4-3
Keywords and Arguments 4-3
Minimum Abbreviation 4-3
Command Completion 4-3
Getting Help on Commands 4-3
Showing Commands 4-4
Partial Keyword Lookup 4-5
xii
Contents
Negating the Effect of Commands 4-5
Using Command History 4-5
Understanding Command Modes 4-6
Exec Commands 4-6
Configuration Commands 4-7
Command Line Processing 4-9
Command Groups 4-10
General Commands 4-11
enable 4-12
disable 4-12
configure 4-13
show history 4-13
reload (Privileged Exec) 4-14
reload (Global Configuration) 4-14
show reload 4-16
prompt 4-16
end 4-16
exit 4-17
quit 4-17
System Management Commands 4-18
Device Designation Commands 4-18
hostname 4-18
Banner Information Commands 4-19
banner configure 4-20
banner configure company 4-21
banner configure dc-power-info 4-22
banner configure department 4-22
banner configure equipment-info 4-23
banner configure equipment-location 4-24
banner configure ip-lan 4-24
banner configure lp-number 4-25
banner configure manager-info 4-26
banner configure mux 4-26
banner configure note 4-27
show banner 4-28
System Status Commands 4-29
show startup-config 4-29
show running-config 4-30
show system 4-33
show users 4-33
show version 4-34
Frame Size Commands 4-35
jumbo frame 4-35
File Management Commands 4-36
copy 4-37
xiii
Contents
delete 4-40
dir 4-40
whichboot 4-41
boot system 4-42
upgrade opcode auto 4-42
upgrade opcode path 4-43
Line Commands 4-44
line 4-45
login 4-46
password 4-47
timeout login response 4-48
exec-timeout 4-48
password-thresh 4-49
silent-time 4-50
databits 4-50
parity 4-51
speed 4-52
stopbits 4-52
terminal length 4-53
terminal width 4-53
terminal escape-character 4-54
terminal terminal-type 4-54
terminal history 4-55
disconnect 4-55
show line 4-56
Event Logging Commands 4-57
logging on 4-57
logging history 4-58
logging host 4-59
logging facility 4-59
logging trap 4-60
clear log 4-60
show logging 4-61
show log 4-62
SMTP Alert Commands 4-63
logging sendmail host 4-63
logging sendmail level 4-64
logging sendmail source-email 4-64
logging sendmail destination-email 4-65
logging sendmail 4-65
show logging sendmail 4-65
Time Commands 4-67
sntp client 4-68
sntp server 4-69
sntp poll 4-69
xiv
Contents
show sntp 4-70
ntp client 4-70
ntp server 4-71
ntp authenticate 4-72
ntp authentication-key 4-73
show ntp 4-74
clock timezone-predefined 4-74
clock timezone 4-75
clock summer-time (date) 4-76
clock summer-time (predefined) 4-77
clock summer-time (recurring) 4-78
calendar set 4-79
show calendar 4-80
Switch Cluster Commands 4-80
cluster 4-81
cluster commander 4-81
cluster ip-pool 4-82
cluster member 4-83
rcommand 4-83
show cluster 4-84
show cluster members 4-84
show cluster candidates 4-84
UPnP Commands 4-84
upnp device 4-85
upnp device ttl 4-85
upnp device advertise duration 4-86
show upnp 4-86
SNMP Commands 4-87
snmp-server 4-88
show snmp 4-89
snmp-server community 4-90
snmp-server contact 4-90
snmp-server location 4-91
snmp-server host 4-92
snmp-server enable traps 4-94
snmp-server engine-id 4-95
show snmp engine-id 4-96
snmp-server view 4-96
show snmp view 4-97
snmp-server group 4-98
show snmp group 4-99
snmp-server user 4-100
show snmp user 4-101
Flow Sampling Commands 4-102
sflow 4-103
xv
Contents
sflow source 4-103
sflow sample 4-104
sflow polling-interval 4-104
sflow owner 4-105
sflow timeout 4-105
sflow destination 4-106
sflow max-header-size 4-106
sflow max-datagram-size 4-107
show sflow 4-107
Authentication Commands 4-108
User Account and Privilege Level Commands 4-109
username 4-109
enable password 4-110
privilege 4-111
privilege rerun 4-112
show privilege 4-112
Authentication Sequence 4-113
authentication login 4-113
authentication enable 4-114
RADIUS Client 4-115
radius-server host 4-115
radius-server acct-port 4-116
radius-server auth-port 4-116
radius-server key 4-117
radius-server retransmit 4-117
radius-server timeout 4-118
show radius-server 4-119
TACACS+ Client 4-119
tacacs-server host 4-120
tacacs-server port 4-120
tacacs-server key 4-121
tacacs-server retransmit 4-121
tacacs-server timeout 4-122
show tacacs-server 4-122
AAA Commands 4-123
aaa group server 4-123
server 4-124
aaa accounting dot1x 4-125
aaa accounting exec 4-126
aaa accounting commands 4-127
aaa accounting update 4-128
accounting dot1x 4-128
accounting exec 4-129
accounting commands 4-129
aaa authorization exec 4-130
xvi
Contents
authorization exec 4-131
show accounting 4-131
Web Server Commands 4-132
ip http port 4-132
ip http server 4-133
ip http secure-server 4-133
ip http secure-port 4-134
Telnet Server Commands 4-135
ip telnet server 4-135
Secure Shell Commands 4-136
ip ssh server 4-138
ip ssh timeout 4-139
ip ssh authentication-retries 4-139
ip ssh server-key size 4-140
delete public-key 4-140
ip ssh crypto host-key generate 4-141
ip ssh crypto zeroize 4-141
ip ssh save host-key 4-142
show ip ssh 4-142
show ssh 4-143
show public-key 4-144
802.1X Port Authentication 4-145
dot1x system-auth-control 4-145
dot1x default 4-146
dot1x max-req 4-146
dot1x port-control 4-146
dot1x operation-mode 4-147
dot1x re-authenticate 4-148
dot1x re-authentication 4-149
dot1x timeout quiet-period 4-149
dot1x timeout re-authperiod 4-150
dot1x timeout tx-period 4-150
dot1x timeout supp-timeout 4-151
dot1x intrusion-action 4-151
show dot1x 4-152
Management IP Filter Commands 4-155
management 4-155
show management 4-156
General Security Measures 4-157
Port Security Commands 4-158
port security 4-158
Network Access (MAC Address Authentication) 4-160
network-access aging 4-161
network-access mac-filter 4-161
network-access port-mac-filter 4-162
xvii
Contents
network-access max-mac-count 4-162
network-access mode 4-163
mac-authentication reauth-time 4-164
mac-authentication intrusion-action 4-165
mac-authentication max-mac-count 4-165
network-access dynamic-vlan 4-166
network-access guest-vlan 4-166
network-access dynamic-qos 4-167
network-access link-detection 4-168
network-access link-detection link-down 4-168
network-access link-detection link-up 4-169
network-access link-detection link-up-down 4-169
clear network-access 4-170
show network-access 4-170
show network-access mac-address-table 4-171
show network-access mac-filter 4-172
Web Authentication 4-173
web-auth login-attempts 4-173
web-auth quiet-period 4-174
web-auth session-timeout 4-174
web-auth system-auth-control 4-175
web-auth 4-175
web-auth re-authenticate (Port) 4-176
web-auth re-authenticate (IP) 4-176
show web-auth 4-177
show web-auth interface 4-177
show web-auth summary 4-178
DHCP Snooping Commands 4-178
ip dhcp snooping 4-179
ip dhcp snooping vlan 4-180
ip dhcp snooping trust 4-181
ip dhcp snooping verify mac-address 4-182
ip dhcp snooping information option 4-183
ip dhcp snooping information policy 4-184
ip dhcp snooping database flash 4-184
clear ip dhcp snooping database flash 4-185
show ip dhcp snooping 4-185
show ip dhcp snooping binding 4-185
IP Source Guard Commands 4-186
ip source-guard 4-186
ip source-guard binding 4-188
show ip source-guard 4-189
show ip source-guard binding 4-189
ARP Inspection Commands 4-190
ip arp inspection 4-190
xviii
Contents
ip arp inspection vlan 4-191
ip arp inspection filter 4-192
ip arp inspection validate 4-193
ip arp inspection log-buffer logs 4-194
ip arp inspection trust 4-195
ip arp inspection limit 4-195
show ip arp inspection configuration 4-196
show ip arp inspection interface 4-196
show ip arp inspection vlan 4-197
show ip arp inspection log 4-197
show ip arp inspection statistics 4-198
Access Control List Commands 4-198
IPv4 ACLs 4-199
access-list rule-mode 4-199
access-list ip 4-200
permit, deny (Standard IPv4 ACL) 4-201
permit, deny (Extended IPv4 ACL) 4-202
show ip access-list 4-204
ip access-group 4-204
show ip access-group 4-205
IPv6 ACLs 4-205
access-list ipv6 4-206
permit, deny (Standard IPv6 ACL) 4-207
permit, deny (Extended IPv6 ACL) 4-208
show ipv6 access-list 4-209
ipv6 access-group 4-209
show ipv6 access-group 4-210
ARP ACLs 4-210
access-list arp 4-211
permit, deny (ARP ACL) 4-212
show arp access-list 4-213
MAC ACLs 4-214
access-list mac 4-214
permit, deny (MAC ACL) 4-215
show mac access-list 4-216
mac access-group 4-217
show mac access-group 4-217
ACL Information 4-218
show access-list 4-218
show access-group 4-218
Interface Commands 4-219
interface 4-220
description 4-220
speed-duplex 4-221
negotiation 4-222
xix
Contents
capabilities 4-223
flowcontrol 4-224
media-type 4-225
giga-phy-mode 4-225
shutdown 4-226
switchport packet-rate 4-227
clear counters 4-228
show interfaces brief 4-228
show interfaces status 4-229
show interfaces counters 4-230
show interfaces switchport 4-231
Automatic Traffic Control Commands 4-233
auto-traffic-control apply-timer 4-236
auto-traffic-control release-timer 4-237
auto-traffic-control 4-238
auto-traffic-control alarm-fire-threshold 4-238
auto-traffic-control alarm-clear-threshold 4-239
auto-traffic-control action 4-240
auto-traffic-control control-release 4-241
auto-traffic-control auto-control-release 4-242
snmp-server enable port-traps atc broadcast-alarm-fire 4-242
snmp-server enable port-traps atc multicast-alarm-fire 4-243
snmp-server enable port-traps atc broadcast-alarm-clear 4-243
snmp-server enable port-traps atc multicast-alarm-clear 4-244
snmp-server enable port-traps atc broadcast-control-apply 4-244
snmp-server enable port-traps atc multicast-control-apply 4-245
snmp-server enable port-traps atc broadcast-control-release 4-245
snmp-server enable port-traps atc multicast-control-release 4-246
show auto-traffic-control 4-246
show auto-traffic-control interface 4-247
Link Aggregation Commands 4-248
channel-group 4-249
lacp 4-250
lacp system-priority 4-251
lacp admin-key (Ethernet Interface) 4-252
lacp admin-key (Port Channel) 4-253
lacp port-priority 4-254
lacp active/passive 4-255
show lacp 4-255
Mirror Port Commands 4-260
port monitor 4-260
show port monitor 4-261
Rate Limit Commands 4-263
rate-limit 4-263
Address Table Commands 4-264
xx
Contents
mac-address-table static 4-264
clear mac-address-table dynamic 4-265
show mac-address-table 4-266
mac-address-table aging-time 4-267
show mac-address-table aging-time 4-267
Spanning Tree Commands 4-268
spanning-tree 4-269
spanning-tree mode 4-270
spanning-tree forward-time 4-271
spanning-tree hello-time 4-271
spanning-tree max-age 4-272
spanning-tree priority 4-273
spanning-tree system-bpdu-flooding 4-273
spanning-tree pathcost method 4-274
spanning-tree transmission-limit 4-274
spanning-tree mst-configuration 4-275
mst vlan 4-275
mst priority 4-276
name 4-277
revision 4-277
max-hops 4-278
spanning-tree spanning-disabled 4-278
spanning-tree cost 4-279
spanning-tree port-priority 4-280
spanning-tree edge-port 4-281
spanning-tree portfast 4-282
spanning-tree bpdu-filter 4-283
spanning-tree bpdu-guard 4-284
spanning-tree port-bpdu-flooding 4-284
spanning-tree root-guard 4-285
spanning-tree link-type 4-286
spanning-tree loopback-detection 4-286
spanning-tree loopback-detection release-mode 4-287
spanning-tree loopback-detection trap 4-288
spanning-tree mst cost 4-288
spanning-tree mst port-priority 4-289
spanning-tree protocol-migration 4-290
show spanning-tree 4-291
show spanning-tree mst configuration 4-293
VLAN Commands 4-293
GVRP and Bridge Extension Commands 4-294
bridge-ext gvrp 4-294
show bridge-ext 4-295
switchport gvrp 4-295
show gvrp configuration 4-296
xxi
Contents
garp timer 4-296
show garp timer 4-297
Editing VLAN Groups 4-298
vlan database 4-298
vlan 4-299
Configuring VLAN Interfaces 4-300
interface vlan 4-300
switchport mode 4-301
switchport acceptable-frame-types 4-302
switchport ingress-filtering 4-302
switchport native vlan 4-303
switchport allowed vlan 4-304
switchport forbidden vlan 4-305
vlan-trunking 4-305
Displaying VLAN Information 4-307
show vlan 4-307
Configuring IEEE 802.1Q Tunneling 4-308
dot1q-tunnel system-tunnel-control 4-309
switchport dot1q-tunnel mode 4-309
switchport dot1q-tunnel tpid 4-310
show dot1q-tunnel 4-311
Configuring Port-based Traffic Segmentation 4-312
pvlan 4-312
pvlan uplink/downlink 4-313
pvlan session 4-314
pvlan up-to-up 4-315
show pvlan 4-315
Configuring Private VLANs 4-316
private-vlan 4-317
private vlan association 4-318
switchport mode private-vlan 4-318
switchport private-vlan host-association 4-319
switchport private-vlan mapping 4-320
show vlan private-vlan 4-320
Configuring Protocol-based VLANs 4-321
protocol-vlan protocol-group (Configuring Groups) 4-322
protocol-vlan protocol-group (Configuring VLANs) 4-322
show protocol-vlan protocol-group 4-323
show protocol-vlan protocol-group-vid 4-324
Configuring IP Subnet VLANs 4-324
subnet-vlan 4-325
show subnet-vlan 4-325
Configuring MAC Based VLANs 4-326
mac-vlan 4-326
show mac-vlan 4-327
xxii
Contents
Configuring Voice VLANs 4-328
voice vlan 4-328
voice vlan aging 4-329
voice vlan mac-address 4-330
switchport voice vlan 4-331
switchport voice vlan rule 4-331
switchport voice vlan security 4-332
switchport voice vlan priority 4-333
show voice vlan 4-333
LLDP Commands 4-335
lldp 4-337
lldp holdtime-multiplier 4-337
lldp medFastStartCount 4-338
lldp notification-interval 4-338
lldp refresh-interval 4-339
lldp reinit-delay 4-339
lldp tx-delay 4-340
lldp admin-status 4-341
lldp notification 4-341
lldp mednotification 4-342
lldp basic-tlv management-ip-address 4-343
lldp basic-tlv port-description 4-343
lldp basic-tlv system-capabilities 4-344
lldp basic-tlv system-description 4-344
lldp basic-tlv system-name 4-345
lldp dot1-tlv proto-ident 4-345
lldp dot1-tlv proto-vid 4-346
lldp dot1-tlv pvid 4-346
lldp dot1-tlv vlan-name 4-347
lldp dot3-tlv link-agg 4-347
lldp dot3-tlv mac-phy 4-348
lldp dot3-tlv max-frame 4-348
lldp dot3-tlv poe 4-349
lldp medtlv extpoe 4-349
lldp medtlv inventory 4-350
lldp medtlv location 4-350
lldp medtlv med-cap 4-351
lldp medtlv network-policy 4-351
show lldp config 4-352
show lldp info local-device 4-354
show lldp info remote-device 4-355
show lldp info statistics 4-356
Class of Service Commands 4-357
Priority Commands (Layer 2) 4-357
queue mode 4-357
xxiii
Contents
switchport priority default 4-358
queue cos-map 4-359
show queue mode 4-360
show queue bandwidth 4-360
show queue cos-map 4-361
Priority Commands (Layer 3 and 4) 4-362
map ip dscp (Global Configuration) 4-362
map ip dscp (Interface Configuration) 4-362
show map ip dscp 4-364
Quality of Service Commands 4-365
class-map 4-366
match 4-367
rename 4-368
description 4-368
policy-map 4-369
class 4-369
set 4-370
police 4-371
service-policy 4-372
show class-map 4-372
show policy-map 4-373
show policy-map interface 4-373
Multicast Filtering Commands 4-374
IGMP Snooping Commands 4-374
ip igmp snooping 4-375
ip igmp snooping vlan static 4-375
ip igmp snooping version 4-376
ip igmp snooping leave-proxy 4-377
ip igmp snooping immediate-leave 4-377
show ip igmp snooping 4-378
show mac-address-table multicast 4-379
IGMP Query Commands (Layer 2) 4-379
ip igmp snooping querier 4-380
ip igmp snooping query-count 4-380
ip igmp snooping query-interval 4-381
ip igmp snooping query-max-response-time 4-381
ip igmp snooping router-port-expire-time 4-382
Static Multicast Routing Commands 4-383
ip igmp snooping vlan mrouter 4-383
show ip igmp snooping mrouter 4-384
IGMP Filtering and Throttling Commands 4-385
ip igmp filter (Global Configuration) 4-385
ip igmp profile 4-386
permit, deny 4-386
range 4-387
xxiv
Contents
ip igmp filter (Interface Configuration) 4-387
ip igmp max-groups 4-388
ip igmp max-groups action 4-389
show ip igmp filter 4-389
show ip igmp profile 4-390
show ip igmp throttle interface 4-390
Multicast VLAN Registration Commands 4-391
mvr (Global Configuration) 4-392
mvr (Interface Configuration) 4-394
mvr immediate 4-395
show mvr 4-396
Domain Name Service Commands 4-399
ip host 4-399
clear host 4-400
ip domain-name 4-401
ip domain-list 4-401
ip name-server 4-402
ip domain-lookup 4-403
show hosts 4-404
show dns 4-404
show dns cache 4-405
clear dns cache 4-405
IP Interface Commands 4-406
ip address 4-406
ip default-gateway 4-407
ip dhcp restart 4-408
show ip interface 4-408
show ip redirects 4-409
show arp 4-409
ping 4-409
Appendix A: Software Specifications A-1
Software Features A-1
Management Features A-2
Standards A-2
Management Information Bases A-3
Appendix B: Troubleshooting B-1
Problems Accessing the Management Interface B-1
Using System Logs B-2
Glossary
Index
xxv
Contents
xxvi
Tables
Table 1-1 Key Features 1-1
Table 1-2 System Defaults 1-6
Table 3-1 Configuration Options 3-3
Table 3-2 Main Menu 3-4
Table 3-3 Logging Levels 3-36
Table 3-4 Supported Notification Messages 3-61
Table 3-5 HTTPS System Support 3-88
Table 3-6 802.1X Statistics 3-105
Table 3-7 Dynamic QoS Profiles 3-116
Table 3-8 LACP Port Counters 3-167
Table 3-9 LACP Internal Configuration Information 3-168
Table 3-10 LACP Neighbor Configuration Information 3-170
Table 3-11 Port Statistics 3-180
Table 3-12 Recommended STA Path Cost Range 3-202
Table 3-13 Recommended STA Path Costs 3-202
Table 3-14 Default STA Path Costs 3-203
Table 3-15 Chassis ID Subtype 3-244
Table 3-16 System Capabilities 3-245
Table 3-17 Port ID Subtype 3-248
Table 3-18 Mapping CoS Values to Egress Queues 3-255
Table 3-19 CoS Priority Levels 3-255
Table 3-20 Mapping DSCP Priority Values 3-260
Table 4-1 Command Modes 4-6
Table 4-2 Configuration Modes 4-8
Table 4-3 Command Line Processing 4-9
Table 4-4 Command Groups 4-10
Table 4-5 General Commands 4-11
Table 4-6 System Management Commands 4-18
Table 4-7 Device Designation Commands 4-18
Table 4-8 Banner Commands 4-19
Table 4-9 System Status Commands 4-29
Table 4-10 Frame Size Commands 4-35
Table 4-11 Flash/File Commands 4-36
Table 4-12 File Directory Information 4-41
Table 4-13 Line Commands 4-44
Table 4-14 Event Logging Commands 4-57
Table 4-15 Logging Levels 4-58
Table 4-16 show logging flash/ram - display description 4-61
Table 4-17 SMTP Alert Commands 4-63
Table 4-18 Time Commands 4-67
Table 4-19 Predefined Summer-Time Parameters 4-77
Table 4-20 Switch Cluster Commands 4-80
xxvii
Tables
Table 4-21 SNMP Commands 4-87
Table 4-22 show snmp engine-id - display description 4-96
Table 4-23 show snmp view - display description 4-97
Table 4-24 show snmp group - display description 4-100
Table 4-26 sFlow Commands 4-102
Table 4-25 show snmp user - display description 4-102
Table 4-27 Authentication Commands 4-108
Table 4-28 User Access Commands 4-109
Table 4-29 Default Login Settings 4-109
Table 4-30 Authentication Sequence 4-113
Table 4-31 RADIUS Client Commands 4-115
Table 4-32 TACACS Commands 4-119
Table 4-34 Web Server Commands 4-132
Table 4-35 HTTPS System Support 4-134
Table 4-36 Telnet Server Commands 4-135
Table 4-37 SSH Commands 4-136
Table 4-38 show ssh - display description 4-143
Table 4-39 802.1X Port Authentication 4-145
Table 4-40 IP Filter Commands 4-155
Table 4-41 General Security Commands 4-157
Table 4-42 Port Security Commands 4-158
Table 4-43 Network Access 4-160
Table 4-44 Dynamic QoS Profiles 4-167
Table 4-45 Web Authentication 4-173
Table 4-46 DHCP Snooping Commands 4-178
Table 4-47 IP Source Guard Commands 4-186
Table 4-48 ARP Inspection Commands 4-190
Table 4-49 Access Control Lists 4-198
Table 4-50 IPv4 ACL Commands 4-199
Table 4-52 ARP ACL Commands 4-210
Table 4-53 MAC ACL Commands 4-214
Table 4-54 ACL Information 4-218
Table 4-55 Interface Commands 4-219
Table 4-56 Interfaces Switchport Statistics 4-232
Table 4-57 ATC Commands 4-233
Table 4-58 Link Aggregation Commands 4-248
Table 4-59 show lacp counters - display description 4-256
Table 4-60 show lacp internal - display description 4-257
Table 4-61 show lacp neighbors - display description 4-258
Table 4-62 show lacp sysid - display description 4-259
Table 4-63 Mirror Port Commands 4-260
Table 4-64 Rate Limit Commands 4-263
Table 4-65 Address Table Commands 4-264
Table 4-66 Spanning Tree Commands 4-268
Table 4-69 Default STA Path Costs 4-280
xxviii
Ta bl e s
Table 4-70 VLAN Command Groups 4-293
Table 4-71 GVRP and Bridge Extension Commands 4-294
Table 4-72 Editing VLAN Groups 4-298
Table 4-73 Configuring VLAN Interfaces 4-300
Table 4-74 Show VLAN Commands 4-307
Table 4-75 IEEE 802.1Q Tunneling Commands 4-308
Table 4-76 Traffic Segmentation Commands 4-312
Table 4-77 Traffic Segmentation Forwarding 4-313
Table 4-78 Private VLAN Commands 4-316
Table 4-79 Protocol-based VLAN Commands 4-321
Table 4-80 IP Subnet VLAN Commands 4-324
Table 4-81 IP Subnet VLAN Commands 4-326
Table 4-82 Voice VLAN Commands 4-328
Table 4-83 LLDP Commands 4-335
Table 4-84 Priority Commands 4-357
Table 4-85 Priority Commands (Layer 2) 4-357
Table 4-86 Default CoS Values to Egress Queues 4-359
Table 4-87 Priority Commands (Layer 3 and 4) 4-362
Table 4-88 IP DSCP to CoS Vales 4-363
Table 4-89 Quality of Service Commands 4-365
Table 4-90 Multicast Filtering Commands 4-374
Table 4-91 IGMP Snooping Commands 4-374
Table 4-92 IGMP Query Commands (Layer 2) 4-379
Table 4-93 Static Multicast Routing Commands 4-383
Table 4-94 IGMP Filtering and Throttling Commands 4-385
Table 4-95 Multicast VLAN Registration Commands 4-391
Table 4-96 show mvr - display description 4-397
Table 4-97 show mvr interface - display description 4-397
Table 4-98 show mvr members - display description 4-398
Table 4-100 DNS Commands 4-399
Table 4-99 show mvr receiver members - display description 4-399
Table 4-101 show dns cache - display description 4-405
Table 4-102 IP Interface Commands 4-406
Table B-1 Troubleshooting Chart B-1
xxix
Tables
xxx
Loading...